The Guide was made available yesterday, the date on which International Data Protection Day was marked, and explains each of the rights enshrined in the General Data Protection Regulation, also indicating what type of text to use when addressing the entity responsible for data processing, be it a company with whom you have a relationship or a public entity.
The right of access to data, realizing the purpose for which the information is processed, and which categories of data, but also its origin and to which other entities were communicated, or whether they are transferred outside the European Union, one of the most relevant under the GDPR. But there is also an explanation aboutRight to rectify data and the Right to erase data, often referred to as the right to be forgotten.
A new right also included in this Guide is the right to limit processing, which "allows for a certain period of time, the processing of data is limited in its use, that is, frozen, and data cannot be communicated to third parties, transferred internationally, or deleted ". Here too, CNPD explains when it can be used and how.
There is also reference to the Data Portability Right and the Opposition Right, which allow, respectively, to request that the information be transmitted, in a structured format to another entity (for example the electricity service provider), or, in the case of the opposition right. , oppose the treatment of data.
The document also refers to how you can exercise your rights with the entity responsible for data processing, and when you should contact the National Data Protection Commission.
Note also for some special situations contemplated in the Guide, especially related to children and deceased people.