Contents
Introduction
With the entry into force of Brazil’s LGPD and the European GDPR, the rights of data subjects have become central to every privacy strategy. One of these rights is the DSAR (Data Subject Access Request), the formal request to find out what data a company holds, why it uses it, who it shares it with, how long it keeps it and how to correct or erase personal information.
Technical view: how a DSAR works
An effective DSAR workflow usually follows these stages:
- Request intake: received via form, email or a dedicated channel.
- Identity verification: secure checks to ensure the requester is the data subject.
- Discovery and collection: locating data across systems, databases and different purposes.
- Structured response: presenting data, sources, uses, sharing and legal basis.
- Deadlines: meeting legal time limits (for example up to one month under the GDPR) and updating the data subject on progress.
Without automation this process quickly becomes a bottleneck. This is why tracking, data minimisation and standardised reports are essential to provide consistent and auditable responses.
Non-technical view: what this means in practice
Think about everyday situations: “Does retailer X still store my tax ID?”, “Has app Y shared my email with partners?”, “I want to stop receiving a campaign from bank Z”. A DSAR is the tool you use to exercise these rights with transparency and a clear record.
Benefits for data subjects
- Transparency: clarity about how and why data is used and shared.
- Security: prevention of misuse and abuse.
- Control: ability to request correction, erasure or portability.
- Trust: a healthier relationship with organisations.
Benefits for organisations
- Compliance: reduced risk of sanctions under LGPD and GDPR.
- Reputation: a brand aligned with privacy by design and by default.
- Efficiency: standardisation and automation that avoid rework.
- Competitive advantage: trust that accelerates business.
How Unova Digital supports DSAR processes
Unova is designed to simplify the handling of data subject requests, with a strong focus on security and data minimisation.
Centralisation and traceability
Monitored data (single document ID, multiple email addresses and phone numbers) linked to each data subject, with history and audit trails.
Consent and deletion management
Records of consent, legal bases and flows for erasure or withdrawal in line with LGPD and GDPR requirements.
Ready to use reports for data subjects
Clear, standardised exports that reduce response times and errors.
Deadlines and automated alerts
SLA alerts and pending task tracking, helping to avoid missed deadlines and improving governance.
All of this is built around the principle of data minimisation. Only essential data is stored, which avoids unnecessary exposure.
Conclusion and next steps
DSARs are a cornerstone of modern privacy. With Unova your organisation can respond to requests quickly and transparently, in full compliance with the law and with stronger trust from customers and partners.
