DSAR (Data Subject Access Request)
A formal request by an individual to a company to exercise their privacy rights — including accessing, correcting, deleting, or exporting their personal data — as provided by CCPA, CPRA, GDPR, and U.S. state privacy laws.
Overview
A Data Subject Access Request (DSAR) — sometimes called a "privacy request" or "consumer request" — is a formal mechanism through which individuals exercise their statutory data rights under applicable privacy law.
Types of DSARs
| Type | Right | Laws |
|---|---|---|
| Access | Know what data is held and how it's used | CCPA, GDPR, VA CDPA, CO CPA |
| Delete | Erase personal data (subject to exceptions) | CCPA §1798.105, GDPR Art. 17 |
| Correct | Fix inaccurate information | CPRA, GDPR Art. 16, VA CDPA |
| Portability | Receive data in structured, machine-readable format | GDPR Art. 20, CPRA |
| Opt-Out | Stop sale or sharing of personal information | CCPA §1798.120 |
Response Timelines
| Law | Response Window | Extension |
|---|---|---|
| CCPA/CPRA | 45 calendar days | +45 days (once, with notice) |
| GDPR | 1 calendar month | +2 months (complex requests) |
| VA CDPA | 45 days | +45 days |
| CO CPA | 45 days | +45 days |
| CT CTDPA | 45 days | +45 days |
Inori's internal target: 30 days for all request types (CPRA tighter target).
How to Submit a DSAR to Inori
- Authenticated users: Settings → Privacy — self-service form with instant acknowledgment and reference ID.
- Unauthenticated data subjects (vendors, third parties whose data is tracked): email ask@askinori.com with subject "Privacy Request — [type]".
- Appeal a denial: email ask@askinori.com with subject "Privacy Request Appeal" within 30 days of denial.
What Happens After Submission
- Request is logged in Inori's system with a unique reference ID and SLA due date.
- Identity verification step (manual, pending Resend email integration for automated tokens).
- Inori team reviews and fulfills within 30 days.
- If the 30-day SLA is breached, the request is automatically escalated.
See how Inori handles dsar (data subject access request)
Try our free COI checker first, or start a free trial of the full platform.