For Media Group

GDPR – Dealing effectively with subject access requests

GDPR – Dealing effectively with subject access requests
Watch with Premium Plan

In partnership with

Premium
Ask a Question

The right to make a subject access request is one of the most important rights that data subjects have under the UK GDPR. However, from a controller’s point of view, dealing with such a request can involve considerable time, effort and resources for which they cannot charge.

Unsurprisingly disputes are common and more than 40% of annual complaints made to the ICO are in respect of this area.

This webinar sets out a summary of the key rules (including recent changes made by the Data (Use and Access) Act 2025) and provides guidance about the most effective way to deal with such a request in a compliant manner.

Keith will also discuss:

Formalities

  • In what format should a request be made?
  • What are the applicable time periods?
  • When can a fee be charged?
  • Can a controller ask a data subject for further clarification?

Extent of search

  • What is the meaning of ‘personal data’?
  • How do the courts interpret the requirement to make a ‘reasonable and proportionate search’?

Exemptions

  • What exemptions can be relied upon by a controller?
  • What is meant by the phrase ‘manifestly unfounded or excessive’?

Third party rights

  • To what extent should the rights of third parties be considered?
  • When will the courts order disclosure of the identity of a third party?

Provision of information

  • What information needs to be provided to the data subject?
  • Is the data subject entitled to receive documents, data or both

Top 3 Things Facts From the Webinar:

  • Understand the changes made by the Data (Use and Access) Act 2025
  • Adapt existing practices to ensure ongoing compliance
  • Be aware of other developments in this area of law

Who This Is For:

Lawyers and non-lawyers with an interest in data protection

Level of Expertise:

Intermediate - Some previous knowledge or awareness required

CPD Hours:

This live webinar provides you with 1 hour of learning.

Attendees will receive a CPD certificate upon completion of this course.

Learning Objectives

  • To understand the key concepts relating to subject access requests
  • To consider how to carry out a reasonable and proportionate search and identify personal data
  • To disclose personal data to the data subject in a compliant fashion
  • To comprehend the latest thinking of the courts when interpreting the rules relating to subject access requests

Downloads

Your CPD Certificate can be found in your Account.

Keith Markham

Solicitor (non-practising), Author and Lecturer • Keith Markham Limited

Keith Markham qualified as a Solicitor in 2001 and now works as a freelance consultant.

View Full Profile

Have a question?

Recommended for you

Premium
Accessible Will Writing
Private Client

Accessible Will Writing

Amy Wallhead and Rebecca Mansell
In partnership with Remember A Charity
Premium
GDPR - Data Use, Access and Enforcement
Regulation and Compliance

GDPR - Data Use, Access and Enforcement

Keith Markham
In partnership with Net-Defence Limited
Premium
Effective Cross Examination of a Witness
Business and Employment

Effective Cross Examination of a Witness

Alastair Hodge
Premium
Dealing with Life Interest Trusts
Private Client

Dealing with Life Interest Trusts

Professor Lesley King
How a charity will approach a request to make an ex-gratia payment
Private Client

How a charity will approach a request to make an ex-gratia payment

Helen Hoare and Lucy Gill
In partnership with The Institute of Legacy Management
The SQE: The assessments and qualifying work experience
Management

The SQE: The assessments and qualifying work experience

Shane Robson
Premium
Removal of Travellers – Quick and Effective Action
Commercial Property

Removal of Travellers – Quick and Effective Action

Mark Shelton
Premium
A lighter look at GDPR
Regulation and Compliance

A lighter look at GDPR

Alastair Hodge
Premium
Dealing with Life Interest Trusts
Private Client

Dealing with Life Interest Trusts

Professor Lesley King
How a charity will approach a request to make an ex-gratia payment
Private Client

How a charity will approach a request to make an ex-gratia payment

Helen Hoare and Lucy Gill
In partnership with The Institute of Legacy Management

In partnership with

For Media Group Logo

CPD by Sector

Can we help?

Discover

Useful links

Sign up - get notified first of new content releases

Social Channels

© 2025 All rights reserved For Media Group Registered in England No. 13063455 VAT Registration Number GB367031995