Data Subject Rights Policy

1. Introduction

This Data Subject Rights Policy outlines how AppCan Ltd handles requests from individuals (data subjects) regarding their personal data. It explains the rights of data subjects under applicable data protection laws, including the General Data Protection Regulation (GDPR).

2. Data Subject Rights

2.1 Right to Access

Data subjects have the right to obtain confirmation as to whether or not their personal data is being processed and, if so, access to that data. We will respond to access requests within 10 days and provide relevant information, including:

  • The purposes of processing
  • Categories of personal data
  • Recipients of the data
  • Retention periods
  • The right to rectification or erasure

2.2 Right to Rectification

Data subjects have the right to request the correction of inaccurate or incomplete personal data. We will promptly update any incorrect information upon receiving a valid request.

2.3 Right to Erasure (Right to Be Forgotten)

Data subjects can request the deletion of their personal data under certain circumstances, such as when the data is no longer necessary for the original purpose or when consent is withdrawn. We will assess each request and comply if legally permissible.

2.4 Right to Restrict Processing

Data subjects can request the restriction of processing in specific situations, such as during a dispute over data accuracy or while evaluating an erasure request. We will limit processing during the assessment period.

2.5 Right to Data Portability

Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format. We will provide this data upon request, allowing data subjects to transfer it to another controller.

2.6 Right to Object

Data subjects can object to the processing of their personal data for specific reasons, including direct marketing. We will cease processing unless we have compelling legitimate grounds.

3. How to Exercise Rights

Data subjects can exercise their rights by contacting our Data Protection Officer (DPO) (boyd.neal@appcan.co.uk).

We will verify their identity before responding to requests.

4. Timelines and Fees

We will respond to data subject requests within 10 days. In most cases, there is no fee for exercising these rights. However, excessive or repetitive requests may incur a reasonable administrative fee.

Scroll to Top