A few days ago I sent a GDPR request to some company to delete my personal data. They said to install their app and send a ticket from the app. The email was sent from the email address to which the account is registered. Is this even legal?

  • el_abuelo@lemmy.ml
    link
    fedilink
    arrow-up
    11
    arrow-down
    4
    ·
    1 year ago

    You’re right, but sometimes a bit of undue courtesy repays in dividends. Not every minor infraction is nefarious and not every minor infraction deserves reporting. A simple courteous reminder of their obligations may save both parties some undue hassle.

    I can imagine this company doing this to ensure only authenticated users can have their data removed. There are other ways…but this was probably what they considered reasonable and painless for all, admittedly they (wrongly) didn’t consider the audience of this community in that decision.

    • Rodeo@lemmy.ca
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      A simple courteous reminder of their obligations may save both parties some undue hassle.

      Actually, the customer is already getting undue hassle, while the company is just breaking the law. Why can’t we just expect better?

      • vsis@feddit.cl
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        11
        ·
        1 year ago

        Nobody broke the law lol.

        I believe they have like a month to comply.

        The just asked for a ticket in the app, to make their lifes easier. If OP doesn’t want to, they still have to comply though.

        Now I remember why I hate working directly with customers.