NOTE: The information provided in this article does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only
DSAR stands for Data Subject Access Requests. In short, DSARs are a means of protecting personal data rights under the GDPR (General Data Protection Regulation).
A DSAR gives an individual the right to request information about the way companies handle their personal information. It helps individuals to understand how and why organisations are using their personal data, and check if they are doing it in a lawful manner.
The requirements in respect of DSARs are set out in Article 15 of the GDPR. Individuals have the right to obtain:
- confirmation that an organisation is processing their personal data;
- together with a copy of this personal data; and
- other supplementary, or transparency information (which largely corresponds to the information that organisations usually provide in a privacy notice).
You can use Everlaw to help find documents pertaining to the person who submits the DSAR. You can also conduct necessary review, such as redacting person information and withholding certain documents. While the exact practices of DSAR review and litigation differ, much of the functionality of Everlaw can be leveraged to support both workflows.
To handle DSAR review on Everlaw, you should reference the relevant help articles below.
Managing your DSAR reviews
Everlaw makes it easy to get started with your DSAR review, whether it is using a previous review as a template for your new project or easily uploading and processing all your data from various sources, you can be up and running in a matter of minutes. Once you are complete, you can easily archive the data in the event it is ever needed again.
Recommended help articles
Searching for disclosable data
DSARs are often costly and time consuming review workflows that require incredible attention to detail. Everlaw’s search functions can help tailor the review experience through identifying documents for review through search term reports (STRs), using the Parties field to find all documents relating to the requestor, finding documents that contain PII, and more.
Recommended help articles
- Persistent Highlights
- Search using Regular Expressions (RegEx)
- Using Search Settings to Group, Remove hits, Deduplicate, and Sample your search
Reviewing and preparing data
Once you’ve found your documents, you may need to review them to protect other sensitive information. You can utilise built-in personal data regular expressions, or craft custom search terms or homebrewed regular expressions to identify and batch redact personal data at not only document level, but also across documents in a subset, or even across all documents at project level
Recommended help articles
Responding to the requestor
Once your data is ready you can share the end product through exporting to PDF, providing a zipped deliverable through a trackable secure link, or giving the data subject limited access to the platform.
Collaborate seamlessly on DSAR responses both internally and with your external stakeholders in Storybuilder.
Incorporate both documents and transparency information in Storybuilder, giving greater structure and clarity to the process.
Recommended help articles
0 Comments