
























As of June 19, 2026, organizations subject to UK data protection law are required to implement a mechanism or procedure whereby individuals can make complaints relating to their personal data. The new requirements were introduced by the Data (Use and Access) Act 2025. Individuals must first raise their complaint with the relevant organization before taking the matter to the UK Information Commissioner’s Office.
To comply with the new requirements, organizations must make available a clear and accessible mechanism for individuals to submit data protection complaints. The mechanism used to submit data protection complaints may vary, but such mechanism must be properly publicized and described in clear language. In addition, the new requirements contain obligations for how to handle a complaint. For example, organizations must acknowledge a complaint within 30 days of receiving it and must provide a substantive response without undue delay.
For a more detailed overview of the new obligations, please see our article here.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。