Which regulations reference Right to Data Portability?

Right to Data Portability is referenced in or relevant to: gdpr, lgpd, pdpa-singapore.

Compliance

What is Right to Data Portability?

The right to data portability allows individuals to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another organization.

The right to data portability, established under Article 20 of the GDPR, allows data subjects to receive the personal data they have provided to a controller in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance. This right applies when the processing is based on consent or a contract and is carried out by automated means.

The data subject may also request that the controller transmit the data directly to another controller where technically feasible. This right is distinct from the right of access in that it only covers data provided by the data subject (including observed data) and only applies to processing based on consent or contract. It does not extend to inferred or derived data. Common machine-readable formats include CSV, JSON, and XML.

IQWorks supports data portability requests through SearchIQ for locating all data provided by the individual, automated data extraction in standard formats, and ComplyIQ for tracking request fulfillment timelines. DiscoverIQ helps identify which data qualifies for portability by mapping the lawful basis for each processing activity.

Relevant Regulations

GDPR (General Data Protection Regulation)LGPD (Lei Geral de Protecao de Dados)PDPA (Personal Data Protection Act - Singapore)

How IQWorks Helps

SearchIQ

Enterprise Data Search

DiscoverIQ

Know Your Data

ComplyIQ

Privacy Compliance, Simplified

Related Terms

Data Subject Rights (DSR)

Data Subject Rights are the legal rights granted to individuals under data protection laws, enabling them to control how their personal data is collected, used, stored, and shared by organizations.

Right of Access

The right of access grants individuals the ability to obtain from an organization confirmation of whether their personal data is being processed and to receive a copy of that data along with key details about the processing.

Data Subject

A data subject is an identified or identifiable natural person whose personal data is being collected, held, or processed by an organization.

Consent Management

Consent management is the systematic process of obtaining, recording, tracking, and managing individuals' consent for the collection and processing of their personal data in compliance with privacy regulations.

Explore More Terms

Browse our complete data protection glossary with 107+ terms.

View Full Glossary