DPDPA is now in force in India. Run a free privacy scan on your site. Scan now

Rights & evidence

What is Data Subject Access Request?

Also known as DSAR.

In short
A DSAR is a request by an individual to access, correct, delete or port the personal data an organisation holds about them, which must be answered within a statutory deadline.

Most privacy laws give people rights over their data and set response deadlines, for example 30 days under the GDPR and 45 days under the CCPA. Handling DSARs manually is slow and risky. ConsentX provides a request intake, identity verification, SLA timers and a fulfilment workflow with overdue alerts so deadlines are not missed.

In ConsentX

DSAR & grievance

Related terms

Data Principal

Under India's DPDPA, a Data Principal is the individual whose personal data is being processed, equivalent to a 'data subject' under the GDPR.

General Data Protection Regulation

The GDPR is the European Union's data-protection law, requiring a lawful basis (often consent) to process personal data, with fines up to €20 million or 4% of global turnover.

California Consumer Privacy Act

The CCPA, expanded by the CPRA, is California's privacy law giving consumers the right to opt out of the sale or sharing of their personal data and to access and delete it.

Put Data Subject Access Request into practice

ConsentX turns these requirements into enforced, provable consent. Free to start.

Start free Back to glossary