Back to all glossary articles

Data subject access request

A data subject access request (DSAR) is a request submitted by an individual (data subject) to an organization to acquire the information collected and stored about them to verify the lawfulness of the processing.

A data subject can also ask for specific actions to be taken with regard to that data. For instance, they may request the deletion or correction of information, receive information on the data safeguards provided by the organization or opt out of future data collection.

Data subject access requests are a part of the data subject rights provided by the EU’s GDPR, California’s CCPA and many other privacy laws around the world.

DSARs give consumers unprecedented control over the personal information that organizations store. An organization served with a DSAR is legally obligated to fulfill these requests within a limited timeframe to avoid non-compliance.

  • Five things every marketer should know about web analytics in 2026

    Web analytics is changing fast. AI is moving from buzzword to actual business impact, privacy rules keep shifting on both sides of the Atlantic, and marketing teams are rethinking their tool stacks. What does this mean for analytics strategy in 2026? We asked industry experts to share their predictions.

  • first party data

    First-party analytics without consent: Your Digital Omnibus compliance guide

    The Digital Omnibus is the European Commission’s simplification initiative to modernize the EU’s digital rulebook and reduce consent fatigue. The framework would enable first-party analytics without consent when specific criteria are met, ending years of uncertainty about the use of legitimate interest for web statistics.

Other definitions

Recent posts from Piwik PRO blog