Ireland’s data protection authority – the Data Protection Commission (DPC) – has published frequently asked questions (‘FAQs’) on data subject access requests (SARs). The FAQs highlight the circumstances in which an individual is entitled to make a SAR, the information an individual is entitled to when making a SAR, and the method an individual should follow in order to make a valid SAR. FAQs also outline when controllers who receive a valid SAR must respond, how this time can be extended, and when a controller may refuse to act on the request.
EDPB guidelines on processing personal data through blockchains
These guidelines aim to clarify how data protection laws, particularly the GDPR, apply to blockchain systems.