GDPR rights give you control over what information organisations hold about you. Any person in the UK & EU can exercise these rights. While this is not an exhaustive list, it should give you the need to knows.
1. Right of Access (SAR)
You can request access to any personal data a company or organisation holds about you.
Relevant if you suspect discrimination based on information they have about you (e.g., employment records, applications, HR notes).
You can read more about what a SAR is here.
2. Right of Rectification (Right of Correction)
You can ask for inaccurate or incomplete personal data to be corrected.
Important if discriminatory decisions are based on incorrect information about you.
3. Right of Erasure (Right to be forgotten)
You can request deletion of personal data in certain circumstances.
Useful if discriminatory data is being retained unnecessarily or unlawfully.
4. Right to Restriction of Processing
You can request that your personal data isn’t processed in certain ways.
Relevant if data is being used to make discriminatory decisions.
5. Right to Object
You can object to processing of your personal data on grounds including automated decision-making or profiling.
Important if discriminatory decisions are being made automatically (e.g., algorithmic selection in hiring).
Other rights include Right to be informed and Rights related to automated decision making. You can read more about your rights in the UK on the ICO’s website.