IED01P07 – Subject Access Request Policy
This policy outlines how an organisation deals with personal data and explains the organisation’s approach to making a subject access request, and how the organisation ensures compliance with General Data Protection Regulation (GDPR) in relation to the handling of personal data in this regard.