What is a Data Subject Access Request? (DSAR)

Data Subject Access Request (DSARs) are requests made by customers or users of an organization to gain access to personal information the organization has collected on them.

If you're an organization that collects data about its customers and/or users, it's important to know how to process a data subject access request (DSAR) as it’s legally required.

💡 Privacy Tip: Want to learn how Enzuzo can help you streamline DSARs for your business? Read our article, Getting Started with DSARs to get learn more.

There are many ways that customers or users might submit a Data Subject Access Request. For example, by filling out a form on your website, by phone or email, or even contact you through one of your business's social media platforms.

DSARs can also be submitted verbally or in written form. It's important to complete the request as required by different privacy laws like the GDPR and CPRA.

There are many ways customers can submit DSARs to a business or organization.

A Data Subject Access Request (DSAR) enables customers to request their personal data, why it was collected and used, and request erasure, correction or deletion of that data.

Enzuzo has four types of data subject access requests:

The time frame for your response depends on where the customer or user is located. Most laws require you to respond within 30 days of receiving the request. However, California Privacy Rights Act (CPRA) allows for a 45-day response time.

If you don’t respond before the deadline, you may be subject to possible fines and penalties (or even worse a tarnished reputation).

We’ve made it really easy to automate data subject access requests, making them less of a burden for small, medium and even enterprise-level businesses.

With Enzuzo, you can quickly and easily collect and respond to DSARs, helping you minimize your risk of expensive fines while maintaining your customers' trust.