Overview

Under the EU General Data Protection Regulation (GDPR) which became enforcable May 25th 2018, you have the right to find out if an organisation is using or storing your personal data. This is called the 'Right of Access'. You exercise this right by asking for a copy of the data, which is commonly known as making a ‘Subject Access Request’.

Erasure, or 'the right to be forgotten'

Not forgetting this aspect of GDPR, there are instances where you may request an organisation to erase or delete your data. For example,

  • Where the data is no longer needed to satisfy the purpose for which it was collected in the first place.
  • Where an individual has withdrawn the consent initially given for collection of the data.
  • Where the individual has successfully raised an objection to the processing.
  • If the data is being processed unlawfully.

You can make a Subject Access Request to find out what data is held and how it is used. You may also make a Subject Access Request before exercising your other information rights.

1. How Much Does It Cost?

Please note that there may well be instances where we might charge a fee for copies of records, especially where the requests are excessive or incur significant administrative costs to IS Know How.

After you submit your request to us, we’ll get in touch directly with you to progress your Subject Access Request, using the contact details that you’ve provided and including whether or not there will be a request for a SAR Administration Fee.

2. What Kind of Information Can Be Disclosed?

The 'Right of Access' extends to Personal Data which could include your name, identification number, contact details, bank details, race, gender, age, health status, email address, location, online identifier etc.

Any information held on an individual, is likely to be collected, stored and processed via digital or paper filing, database records, interview notes and / or e-mails referring to the individual board member, employees, customers, 3rd party suppliers and research subjects to name but a few.

IS Know How actively advise anybody considering submitting a Subject Access Request, to consult the great resource from the Information Commissioner's Office (ICO) which you can find here:

https://ico.org.uk/your-data-matters/

3. What Are The Timescales?

IS Know How as a Data Controller has 30 days to respond to your request. In certain circumstances we may need extra time to consider your request and can reasonably take up to an extra two months. If we are going to do this, we will let you know within the first 30 days, that we need more time and explain transparently why this is the case.

4. How Do I Submit A Subject Access Request?

To assist IS Know How in complying with the statutory timescales within GDPR, we require such Subject Access Requests to made in writing and accompanied by the required and relevant formal identification.

Should you wish to submit a request, you should do so by completing the form below:

This form will provide ISKH with the necessary information that we need to deal with your request. Upon receipt of your submitted SAR form, ISKH will create a new 'Subject Access Request Received' ticket via our HelpDesk.

Then simply proceed with the dialogue between us. If you create an enquiry ticket, please select;

Guest Data Protection Enquiries > Data Protection Subject Access Request' then 'Open New Ticket'.

Finally, make sure to also attach and upload the required proof of identity, as outlined in the Subject Access Request form.

5. Changes to this Subject Access Request

5.1 We may alter this Subject Access Request at any time. If We do so, details of the changes will be highlighted at the top of this page and Any such changes will become binding.  You are therefore advised to check this page from time to time.

5.2 This Policy has been approved and authorised by:

Name:

Mr Robert Stones

Position:

Doc Version:

Data Protection Officer

1.0

Date:

25th May 2018

Due for Review by:

25th May 2019

6. Further Information

6.1 If you would like to know more about how IS Know How deals with Subject Access Requests, please contact Us at , by telephone on 02921-679-021, or by post at Britannia House, Caerphilly Business Park, Van Road, Caerphilly, Wales, UK CF83 3GG.

6.2 For more details of the personal data that We Collect, Store and Process, the measures we have in place to protect personal data, your legal rights, and our legal obligations, please refer to our;

6.2.1 Privacy Policy

6.2.2 Website Terms & Conditions

Submit Your 'Subject Access Request' Form Below

REQUEST FOR ACCESS TO RECORD OF A PRIVATE BODY

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016

Article 15
The Data Subject shall have the right to obtain from the Controller, confirmation as to whether or not Personal Data concerning him or her are being processed, and, where that is the case, access to that Personal Data. See Information Commissioner's Office 'Your Right of Access':
Make sure to hover your mouse over any of the 'Heading Titles', which will reveal further explanatory information for your perusal.
A. Particulars of the Controller from whom you are Requesting Access.
Company Name: Information Security Know How Ltd.
Address: Britannia House, Caerphilly Business Park, Van Road, Caerphilly, Mid Glamorgan, CF83 3GG
Telephone: +44 (0)2921-679-021
Email: HelpDesk@ISKnow.How
B. Particulars of the Living Person making the Subject Access Request.
Invalid Input, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Input, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Input, Please Correct.
C. Particulars of the person on whose behalf the request is being made.?
This section must ONLY be completed, if a request is being made on behalf of another living individual.
Invalid Input, Please Correct.
Invalid Input, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
Invalid Entry, Please Correct.
D. Particulars of the Record(s) being Requested?
Please provide full particulars of the record or records to which Access is requested, including any Reference Number or such other is known to you, to enable the Record(s) being requested to be located. Examples include your Personnel File, Emails between 'A' and 'B' (between certain dates), Registered Member data (Not Passwords), Copies of Statements, or any other that you feel will be assistive to your Subject Access Request.
Invalid Input, Please Correct.
Invalid Entry, Please Correct.
E. Preferred Choice of Our Response(s) to your Access Request?
Invalid Input, Please Correct.
F. Details of the Right(s) that you Wish to Exercise?
Individuals have the Right to Request Access to Information about them that we hold. They also have the Right to Object to Processing of Personal Data that is likely to Cause, or is Causing, Damage or Distress, the Right to Prevent Processing for the Purpose of Direct Marketing, the Right to Object to Decisions being taken by Automated means and, in certain circumstances, have Inaccurate Personal Data Rectified, Blocked, Erased or Destroyed. They also have the Right to Lodge a Complaint with a Supervisory Authority.
Invalid Input, Please Correct.
Invalid Input, Please Correct.
Invalid Input, Please Correct.
Invalid Input, Please Correct.
Invalid Input, Please Correct.
G. Fee's Statement
Dependant upon the type of Request and the Total Number of Records Requested, we may Charge Certain Fees to be in a position to Service the Request. Please Contact Us Directly should you have any query with Regards to Fees by Emailing Data-Protection@ISKnow.How Where requests from a Data Subject are Manifestly Unfounded or Excessive, in particular because of their Repetitive Character, the Controller may either Charge a Reasonable Fee; taking into Account the Administrative Costs of Providing the Requested Information, or Communication, or Taking the Action as Requested; or Refuse to Act on the Request. The Controller shall bear the Burden of Demonstrating the Manifestly Unfounded or Excessive Character of the Request.
In order to submit this Enquiry, you are asked to positively consent - or we cannot process your request. Please consider your choice and amend as necessary.
Invalid Input
In order to submit this Enquiry, you are asked to positively consent - or we cannot process your request. Please consider your choice and amend as necessary.

To Begin Reducing Your Risks and Securing Your Reputation!

Sentinel5

24x7x365 Managed Security Monitoring and Mitigation For Your Organisations Endpoint & Server Devices.

Increase Your Third Sector Cyber Security Resilience & Mitigation

WebSentinel

24x7x365 Managed DDoS Multi-Layer Threat Monitoring Service For Your Third Sector Organisations Website(s).

Increase Your Third Sector Cyber Security Resilience & Mitigation

MCRS

24x7x365 Combined Best-of-Breed Managed Cyber Resilience Service (MCRS) For Your Organisations Devices.

Increase Your Third Sector Cyber Security Resilience & Mitigation

Contact Us

Phone
02921-679-021 (Sales ONLY)
Address
Britannia House, Caerphilly Business Park, Van Road, Caerphilly, Wales, UK. CF83 3GG
Legal Reg Info
Information Security Know How Ltd. is a Limited Company, Registered in England & Wales.

Company No: 09648503
VAT No: GB 232 2137 53

ISKH Site Newsletter

Sharpen your Third Sector Data & Cyber Security Mitigation Knowledge, by Subscribing to Our 'Mitigation Bits & Bytes'. Sharing a Myriad of Sector and Security Focused News, Infrequent Updates about IS Know How's Managed Cyber Security Service(s) Offers, Surveys, Research, Discussions and more...

Third Sector Organisation Personnel?

captcha 




By selecting 'Yes, Sign Me Up!' above, You Consent that we may Collect, Store and Process your Personal Data in accordance with Our Privacy Policy, Cookies Policy & Website Terms & Conditions.
All Newsletter Emails include an Unsubscribe / Modify Subscription link, where you may Opt-Out or Amend your Preferences at any time. You can also do the same from the 'My Account' menu, if you Register for a full FREE IS Know How Account.

Proud Members Of:

IS Know How is a Proud Member of Cyber Exchange

Our CEO & Founder, Robert Stones is also a ‘Member of the Fraud Advisory Panel’ See more information about them here: About the Fraud Advisory Panel

Payments By:

Powered by Stripe Logo
Stripe Subscription Accepted Payment Cards

Subscribe to the IS Know How 'Mitigation Bits & Bytes' Newsletter.

ISKHIcon100x100Instantly begin your Third Sector Data & Cyber Security Mitigation Journey Today!ISKHIcon100x100

Sharpen your Third Sector Data & Cyber Security Mitigation Knowledge, by Subscribing to Our 'Mitigation Bits & Bytes'. Sharing a Myriad of Sector and Security Focused News, Infrequent Updates about IS Know How's Managed Cyber Security Service(s) Offers, Surveys, Research, Discussions and more...

Third Sector Organisation Personnel?

captcha 




By selecting 'Yes, Sign Me Up!' above, You Consent that we may Collect, Store and Process your Personal Data in accordance with Our Privacy Policy, Cookies Policy & Website Terms & Conditions.
All Newsletter Emails include an Unsubscribe / Modify Subscription link, where you may Opt-Out or Amend your Preferences at any time. You can also do the same from the 'My Account' menu, if you Register for a full FREE IS Know How Account.