Nomination

Nomination in data protection is a mechanism that allows an individual or data subject to formally appoint a person to exercise certain privacy rights on their behalf in specific future circumstances, primarily death or incapacity. It functions as a privacy-specific authorization that can help a representative manage personal information when the individual cannot do so themselves.

Appointing a nominee can help ensure continuity in managing accounts and personal information after death or incapacity. It can reduce delays and uncertainty for families and trusted contacts, and it helps align post-event account handling with the individual's preferences, subject to the organization's verification steps and applicable requirements.

A nominee may be permitted to request access to relevant information, request corrections, update account preferences, or request deletion, depending on what the organization supports and what is allowed under applicable requirements. The nominee's authority is typically limited to what is necessary for the purpose and may be restricted by the account type, the organization's policies, and any legal constraints.

A nomination typically comes into effect only upon the occurrence of the event for which it was registered, such as the death of the individual or verified incapacity. Until that event occurs and is confirmed through the organization's process, the nominee generally has no authority to access or manage the data.

Yes, an individual typically retains the ability to withdraw a nomination or change the appointed nominee at any time while they are capable. Organizations should provide an accessible method for individuals to review and modify nominee choices to reflect changes in relationships or preferences.

To register a nominee, the individual should use the nomination or authorized representative options provided by the organization, often found in account settings or privacy dashboards. The process commonly involves providing the nominee's contact details and completing basic verification steps, which the organization stores securely until activation is needed. Organizations can standardize and govern these steps using WatchDog's Policy Management module to maintain a version-controlled procedure for nominee verification, required documentation, and internal handling.

Generally, nomination applies to the personal data held by the specific organization where the nomination is registered. The scope is typically limited to that account or service and may vary based on the organization's capabilities, the nature of the data, and any applicable constraints for certain records.

If no nominee is appointed, access and account handling are typically addressed through the organization's standard process for deceased or incapacitated users, which may require documentation from legal heirs or authorized representatives. This can involve additional verification steps and may take longer than a pre-registered nomination.