Created
May 12, 2021 19:04
-
-
Save aleohl/b97354bf22f3ef54e1b6d6691325dbf9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Used for signature | |
| $name = 'Test Smith'; | |
| // As much data about your account as possible | |
| $data = [ | |
| 'Full Name: Test Smith', | |
| 'Citizenship: Sweden', | |
| ]; | |
| // Thank you Datenanfragen.de e. V. for providing this sample letter. | |
| // Source: https://www.datarequests.org/blog/sample-letter-gdpr-access-request/ | |
| // Released under CC0 (https://creativecommons.org/publicdomain/zero/1.0/) | |
| $msg = <<<EOF | |
| To Whom It May Concern: | |
| I am hereby requesting access according to Article 15 GDPR. Please confirm whether or not you are processing personal data (as defined by Article 4(1) and (2) GDPR) concerning me. | |
| In case you are, I am hereby requesting access to the following information pursuant to Article 15 GDPR: | |
| 1. all personal data concerning me that you have stored, including any potential pseudonymised data on me as per Article 4(5) GDPR; | |
| 2. the purposes of the processing; | |
| 3. the categories of personal data concerned; | |
| 4. the recipients or categories of recipient to whom the personal data have been or will be disclosed; | |
| 5. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; | |
| 6. where the personal data are not collected from the data subject, any available information as to their source; | |
| 7. the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for me. | |
| In case you are processing anonymised data concerning me, please not only inform me about that but also explain the procedure used in an easily understandable way. | |
| If you are transferring my personal data to a third country or an international organisation, I request to be informed about the appropriate safeguards according to Article 46 GDPR concerning the transfer. | |
| [Please make the personal data concerning me, which I have provided to you, available to me in a structured, commonly used and machine-readable format as laid down in Article 20(1) GDPR.] | |
| My request explicitly includes any other services and companies for which you are the controller as defined by Article 4(7) GDPR. | |
| As laid down in Article 12(3) GDPR, you have to provide the requested information to me without undue delay and in any event within one month of receipt of the request. According to Article 15(3) GDPR, you have to answer this request without cost to me. | |
| I am including the following information necessary to identify me: | |
| #DATA# | |
| If you do not answer my request within the stated period, I am reserving the right to take legal action against you and to lodge a complaint with the responsible supervisory authority. | |
| Thank you in advance. | |
| Yours sincerely, | |
| #NAME# | |
| EOF; | |
| $output = str_replace(['#DATA#', '#NAME#'], [implode(PHP_EOL, $data), $name], $msg); | |
| echo $output; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment