Rights of the data subjects

The General Data Protection Regulation (GDPR)  includes rules which give individual data subjects a number of rights in relation to processors of their data. Read about the rights here. 


The purpose of the rules is to strengthen the individual person’s legal status, among other things by creating openness about the processing of data, and by giving data subjects access to object to specifically defined types of data processing.

The most important rights are:

  • The right to receive information about the processing of one’s personal data (duty of disclosure).
  • The right to access one’s personal data (right of access).
  • The right to have inaccurate personal data rectified (right to rectification).
  • The right to have one’s personal data deleted (right to be forgotten).
  • The right to object to the use of personal data for direct marketing.
  • The right to object to automatic individual decisions, including profiling.
  • The right to move one’s personal data (data portability). 

Source: The Danish Data Protection Agency

The rules concerning access to data in research projects

Research project participants are not entitled to access the data concerning themselves (or concerning other parties) that is included in the project. If the participant has consented to participate in the project, the consent to participate may always be withdrawn. However, participants may not require the information about themselves to be issued or deleted, unless this has been agreed in advance with the researcher.