You have a range of data protection rights in relation to the information we hold about you. You can exercise any of these
rights by contacting us. Note that not all of the rights are absolute – some of them depend on which lawful basis we are
using to process your information.
Right of access
You can ask us to provide you with a copy of the information we hold about you by making a ‘Data Subject Access Request’.
You can download and print a form from nsandi.com/data-request or contact us with all information asked for on the form.
Right to data portability
Where we process your personal information by automated means for contractual purposes, or with your consent, you can ask
us to provide the information we hold about you in a structured, machine readable format (for example a CSV file).
Right to rectification
If the information we hold about you is incorrect, out of date or incomplete, please let us know and we will put it right.
Right to restrict processing
If you think the information we hold about you isn’t accurate, you can ask us not to process it until we have corrected
any errors or verified that the information is accurate.
Right to erasure
You can ask us to delete your personal information when:
we no longer need it
you have given us consent and you later withdraw it
you have objected to us processing your information and we have no lawful basis to do so
we are legally obliged to delete it
Right to object
Where we have a legitimate interest or a public interest in processing your personal information (see Lawful bases), you
can object to this.
Right not to be subject to automated decision-making
Some of our processes are partly or wholly automated, but we don’t make decisions that have a significant or legal effect
without human involvement. For example, we may check your evidence of identity electronically, but if this is unsuccessful
we will write to you to ask for documentary evidence instead.
Right to lodge a complaint with a supervisory authority
If you have a complaint about the way we have used your information, please contact us first and we will do our best to
put things right for you. If you’re not happy with our response, you can escalate your complaint to the Information Commissioner’s
Office (ICO) – see Useful contacts for their contact details.