← Back to Glossary

DSR (Data Subject Request)

A formal request from an individual exercising their privacy rights, such as access, deletion, or correction of personal data.

A Data Subject Request (DSR) is a request made by an individual (data subject) to an organization exercising their rights under privacy regulations. Under GDPR, this includes: right of access (SAR), right to rectification, right to erasure, right to restrict processing, right to data portability, right to object, and rights related to automated decision-making. Under CCPA, this includes: right to know, right to delete, right to opt-out, and right to correct. Organizations must respond within strict deadlines: 30 days under GDPR (extendable to 90), 45 days under CCPA (extendable to 90). As request volumes grow, organizations increasingly turn to automated DSR processing to ensure timely, accurate, and cost-effective responses.

Related Terms

GDPR (General Data Protection Regulation)CCPA (California Consumer Privacy Act)Right to Access (Subject Access Request)Right to Erasure (Right to be Forgotten)Data Portability

Related Guides

Guide to Automating Data Subject Requests (DSRs)

Learn how to automate data subject requests (DSRs) under GDPR, CCPA, and other privacy laws. Reduce response time, cut costs, and ensure compliance.

Ready to Simplify Your Compliance?

Start automating your privacy compliance today. No credit card required.

Start Free