eBook download

The art of saying no to DSARs

Access requests are routine, but refusals are not. While most privacy teams know how to comply, fewer are trained to refuse. Data Protection Officers (DPOs) often encounter requests that require careful scrutiny, such as unclear identities, repetitive demands, or requests for documents exposing third parties.

This guide outlines when refusals are legally justified and how to structure your reasoning. You’ll learn to assess identity, evaluate excessive requests, protect third-party rights, and document your decisions confidently.

Bart van Buitenen

Founder & Host of DasPrive podcast ・ Independent advisor & educator in Privacy & Security

Kalle Nummelin

Group DPO at FinTraffic ・ Klarity Consulting

  • Product
  • Solutions
  • Company
  • Resources
  • Pricing