Subject access request self serve

Yes. To avoid personal data about one individual being sent to another, either accidentally or as a result of deception, you need to be satisfied that:

• you know the identity of the requester (or the person the request is made on behalf of); and
• the data you hold relates to the individual in question (eg when an individual has similar identifying details to another person).

You must review our detailed guidance which explains what you need to consider when you are making an ID request.