Individuals have a right to to be informed in a clear and transparent way on how their personal data is processed
Individuals have a right to access the personal data that is being processed.
Individuals have the right to ensure that data is correct.
Right to restrict processing
Individuals may have the right to restrict the processing of their personal data where they have a particular reason, according to law, for wanting the restriction.
Individuals have the right to object to processing of their personal data in certain circumstances.
Where data is no longer necessary for the purpose which it originally was collected, or the processing is based on consent that is withdrawn, individuals may have the right to erasure.
Right to data portability
If processing is based on individuals consent or contract, individuals have right to obtain and reuse personal data for their own purpose
These individual rights can be brought towards the controller. Meaning that if an employee at a firm that uses Visma Expence wants to exercise the right to access data stored in Expence, the employee must be brought to his/her employer as controller, not Visma as processor.