Customers or data subjects are, by law, granted with specific rights concerning their personal information. Through these rights, data subjects can make a specific requests and be assured that personal data is not being misused for purposes other than the legitimate purpose for which it was originally provided.
This largely depends on the jurisdiction of the customer, as different jurisdictions grant different rights to your customers. For example, General Data Protection Regulation (GDPR) applicable in EU and EEA countries, assumes the following rights:
The right to be informed
The right of access
The right to rectification
The right to erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling.