What Is Data Subject Rights?
Data Subject Rights is the set of rights the GDPR grants individuals over their personal data, including access, rectification, erasure, restriction, portability, objection, and rights relating to automated decision-making.
Data Subject Rights — the set of rights the GDPR grants individuals over their personal data, including access, rectification, erasure, restriction, portability, objection, and rights relating to automated decision-making.
For AI systems the most consequential of these are the right of access (which can extend to meaningful information about the logic of automated processing), the right to object, and the Article 22 right not to be subject to solely automated decisions with legal or similarly significant effects. Honouring erasure and explanation in complex AI pipelines is a recurring governance challenge.
Source: GDPR (Regulation (EU) 2016/679), Articles 12–22
Plain-language explanation
For AI systems the most consequential of these are the right of access (which can extend to meaningful information about the logic of automated processing), the right to object, and the Article 22 right not to be subject to solely automated decisions with legal or similarly significant effects. Honouring erasure and explanation in complex AI pipelines is a recurring governance challenge.
Related terms
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment — 3 minutes →