diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e69de29
diff --git a/data-access/en/GDPR data access.docx b/data-access/en/GDPR data access.docx
new file mode 100644
index 0000000..0210263
Binary files /dev/null and b/data-access/en/GDPR data access.docx differ
diff --git a/data-access/en/GDPR data access.md b/data-access/en/GDPR data access.md
new file mode 100644
index 0000000..6313fc6
--- /dev/null
+++ b/data-access/en/GDPR data access.md	
@@ -0,0 +1,140 @@
+**Company name**
+**Street/Address**
+**ZIP, City**
+**Country**
+
+**Your name**
+**Street/Address**
+**ZIP, City**
+**Country**
+**Your email**
+**Your phone number**
+
+In​ **City**, **Day** of ​**Month** **This year**
+
+**Requesting access to personal data**
+
+To Whom It May Concern,
+I am writing to you in your capacity as data protection officer for your company and I am making
+this request for access to my personal data pursuant to Article 15 of the ​Regulation (EU)
+2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of
+natural persons with regard to the processing of personal data and on the free movement of such
+data, and repealing Directive 95/46/EC​ (the “GDPR”).
+I am including a copy of documentation necessary to verify my identity.
+Please advise as to the following:
+
+1. Please confirm whether or not any of my personal data is being processed. If any of
+   my personal data is being processed, please provide me with the information of which
+   categories of personal data are being processed.
+   a. In particular, please tell me what you know about me in your information
+   systems, whether or not contained in databases, and including e-mail, documents on
+   your networks, or voice or other media that you may store.
+   b. Additionally, please advise me in which countries my personal data is stored,
+   or accessible from. In case you make use of cloud services to store or process my data,
+   please include the countries in which the servers are located where my data are or were
+   (in the past 12 months) stored. Should the personal data be stored on servers outside
+   the EEA, please provide such information.
+   c. Please provide me with a copy of, or access to, my personal data that you
+   have or are processing and if possible with information regarding the exact date you
+   obtained that particular data.
+
+2) Please provide me with a detailed list of the specific purposes of processing of my
+   personal data.
+3) Please provide a list of all third parties with whom you have (or may have) shared my
+   personal data. Should these third parties further provided my personal data to another subject,
+   please provide who these subjects are/were.
+   a. If you cannot identify with certainty the specific third parties to whom you
+   have disclosed my personal data, please provide a list of third parties to whom you may
+   have disclosed my personal data.
+   b. Please also identify in which jurisdictions do the third parties that you have
+   identified in 1(a) above that these third parties with whom you have or may have shared
+   my personal data, from which these third parties have store or can access my personal
+   data or from which jurisdictions are my personal data accessed. Please also provide
+   insight in the legal grounds for transferring my personal data to these jurisdictions.
+   Where you have done so, or are doing so, on the basis of appropriate safeguards,
+   please provide a copy.
+   c. Additionally, I would like to know what appropriate safeguards pursuant to
+   article 46 of GDPR that have been put in place in relation to these third parties that you
+   have identified in relation to the transfer of my personal data.
+4) Please advise how long you store my personal data, and if retention is based upon
+   the category of personal data, please identify how long each category is retained.
+5) If you are additionally collecting personal data about me from any source other than
+   myself, please provide me with all information about their source, as referred to in Article 14 of
+   the GDPR.
+6) If you are making any automated decisions about me, including profiling, whether or
+   not on the basis of Article 22 of the GDPR, please provide me with information concerning the
+   basis for the logic in making such automated decisions, and the significance and consequences
+   of such processing.
+7) I would like to know whether or not my personal data has been disclosed
+   inadvertently by your company in the past, or as a result of a security or privacy breach.
+   a. If so, please advise as to the following details of each and any such breach:
+   i. a general description of what occurred;
+   ii. the date and time of the breach (or the best possible estimate);
+   iii. the date and time the breach was discovered;
+   iv. the source of the breach (either your own organization, or a third
+   party to whom you have transferred my personal data);
+   v. details of my personal data that was disclosed;
+   vi. your company’s assessment of the risk of harm to myself, as a result
+   of the breach;
+
+vii. a description of the measures taken or that will be taken to prevent
+further unauthorized access to my personal data;
+viii. contact information so that I can obtain more information and
+assistance in relation to such a breach, and
+ix. information and advice on what I can do to protect myself against
+any harms, including identity theft and fraud.
+b. If you are not able to state with any certainty whether such an exposure has
+taken place, through the use of appropriate technologies, please advise what mitigating
+steps you have taken, such as
+i. Encryption of my personal data;
+ii. Data minimization strategies; or,
+iii. Anonymization or pseudonymization;
+iv. Any other means
+
+8. I would like to know your information policies and standards that you follow in relation
+   to the safeguarding of my personal data, such as whether you adhere to ISO27001 for
+   information security, and more particularly, your practices in relation to the following:
+   a. Please inform me whether you have backed up my personal data to tape,
+   disk or other media, and where it is stored and how it is secured, including what steps
+   you have taken to protect my personal data from loss or theft, and whether this includes
+   encryption.
+   b. Please also advise whether you have in place any technology which allows
+   you with reasonable certainty to know whether or not my personal data has been
+   disclosed, including but not limited to the following:
+   i. Intrusion detection systems;
+   ii. Firewall technologies;
+   iii. Access and identity management technologies;
+   iv. Database audit and/or security tools; or,
+   v. Behavioural analysis tools, log analysis tools, or audit tools;
+9. In regards to employees and contractors, please advise as to the following:
+   a. What technologies or business procedures do you have to ensure that
+   individuals within your organization will be monitored to ensure that they do not
+   deliberately or inadvertently disclose personal data outside your company, through
+   e-mail, web-mail or instant messaging, or otherwise.
+   b. Have you had had any circumstances in which employees or contractors
+   have been dismissed, and/or been charged under criminal laws for accessing my
+   personal data inappropriately, or if you are unable to determine this, of any customers, in
+   the past twelve months.
+   c. Please advise as to what training and awareness measures you have taken
+   in order to ensure that employees and contractors are accessing and processing my
+   personal data in conformity with the General Data Protection Regulation.
+
+Finally, I would like you to be aware at the outset, that I anticipate reply to my request within one
+month as required under Article 12 GDPR, failing which I will be forwarding my inquiry with a
+letter of complaint to the relevant data protection authorities. In case you will not be able to
+respond to my request within specified date and will, under the GDPR provided measures, be
+aiming to prolong such term because of the complexity of my request, please respond to my
+questions in the maximum possible extent during the original one month term. Should you
+require any additional information from myself in order identify me as the subject of data being
+processed by you, please contact me immediately.
+
+Yours Sincerely,
+..............................
+
+**Personal identification information**
+Temporary residence: **fill the information \*optional**
+Permanent residence: **fill the information \*optional**
+Personal identification number (Birth number):​ **fill the information \*optional**
+Date of birth: **fill the information \*optional**
+ID number: **fill the information \*optional**
+Passport number: **fill the information \*optional**
diff --git a/data-access/en/GDPR data access.odt b/data-access/en/GDPR data access.odt
new file mode 100644
index 0000000..2f553ca
Binary files /dev/null and b/data-access/en/GDPR data access.odt differ
diff --git a/data-access/en/GDPR data access.pdf b/data-access/en/GDPR data access.pdf
new file mode 100644
index 0000000..376955b
Binary files /dev/null and b/data-access/en/GDPR data access.pdf differ