Den registrerte skal ha rett til å få uriktige personopplysninger om seg selv rettet av den behandlingsansvarlige uten ugrunnet opphold. Idet det tas hensyn til formålene med behandlingen skal den registrerte ha rett til å få ufullstendige personopplysninger komplettert, herunder ved å framlegge en supplerende erklæring.
(EN) ISO/IEC 27701, adopted in 2019, added additional ISO/IEC 27002 guidance for PII controllers.
Here is the relevant paragraph to article 16 GDPR:
7.3.6 Access, correction and/or erasure
Control
The organization should implement policies, procedures and/or mechanisms to meet their obligations to PII principals to access, correct and/or erase their PII.
Implementation guidance
The organization should implement policies, procedures and/or mechanisms for enabling PII principals to obtain access to, correct and erase of their PII, if requested and without undue delay.
…
Logg inn
for å få tilgang til hele teksten
(EN) The Council of Europe recommended, in 1973, that “inaccurate information” should be corrected in the context of data compiled in electronic data banks (Resolution on the Protection of the Privacy of Individuals vis-a-vis Electronic Data Banks in the Private Sector). So, it is not surprising that the European Union 2016 General Data Protection Regulation provides for a “right to rectification”. The surprise comes from the absence of guidance regarding the rights and responsibilities related to the exercise of that right.
…
Logg inn
for å få tilgang til hele teksten
(EN)
Data Subject Request Letter Sample
Concern: Request to rectify inaccurate personal data
Dear Madam, Dear Sir,
You have data concerning me that are inaccurate…
…
Logg inn
for å få tilgang til hele teksten
(EN)
Data Subject Request Letter Sample
Concern: Request to rectify incomplete personal data
Dear Madam, Dear Sir,
You have data concerning me that are incomplete…
…
Logg inn
for å få tilgang til hele teksten
(EN)