Arrange a Consultation

What does “right to data portability” really mean in GDPR?

Mar 21 - Brian Siney

Featured in JEP’s Expert Panel – 21st March 2018


The idea of data portability is to give data subjects the ability to get their personal data easily transferred from one data controller to another or receive the data themselves. Some examples might be when moving bank, utility company, email provider, or to move all your favourite music lists and preferences from one music website to another.

The information that you recorded within the data controller website is yours but not the “inferred or derived” data which the data controller produced as a result of analysing your information e.g. creating specific user profile of you based on your data and activity. Safeguards are in place to protect intellectual property rights and trade secrets of the data controller applications used.

Data provided by you to the data controller and processed using either the lawful bases of (a) consent or (b) in the performance of a contract is in scope for data portability. However the data processing activity must have been carried out by automated means –i.e. it does not cover paper files.

Data portability only relates to personal data and not pseudonymous data or data not concerning the data subject.

Ensure Your Business is GDPR Compliant Today!

Contact me today and arrange a consultation…

Be Secure is a Jersey-based data consultancy business specialising in GDPR data protection, data privacy and cyber security. Leveraging extensive experience of founder Brian Siney, Be Secure offers a unique business focus and perspective for managing GDPR.

Send me a message

Call me on 07797 738743

More from the blog

Back to Blog home