HomeFix guides → Data-subject rights mentioned

gdpr

How to fix: Data-subject rights mentioned

GDPR Art. 13(2)(b)

Why this matters

Visitors have rights to access, rectify, erase, port, and object to processing of their data. Your privacy policy must list these rights and explain how to exercise them — naming them is half the requirement.

Background

The privacy policy must tell users which rights they have: access, rectification, erasure ('right to be forgotten'), restriction, portability, objection, withdraw consent. Plus the right to lodge a complaint with the supervisory authority. Skipping any of these is a direct GDPR Art. 13 failure.

References

GDPR Art. 13(2)(b) — data subject rights notice

How to fix

Code snippet for each stack we cover. Pick the one matching your server / framework.

nginx
No server config — content edit.
apache
Same.
cloudflare
Same.
wordpress
Edit Privacy Policy. Add a 'Your rights' section listing all 7 GDPR rights + how to exercise each (email link, form).
flask
Same.
express
Same.
rails
Same.

Verify it's working

Search privacy policy for 'access', 'rectification', 'erasure', 'portability', 'objection', 'withdraw consent', 'lodge a complaint'. Should find each.

Want to know if your site has this issue?

Run a free 53-check audit — security, GDPR, NIS2, and technical SEO.

Audit my site →