Validate Erasure Requests
While the GDPR allows for the right to be forgotten, this right does have limitations, so before we starting purging you from our database, we ensure the request is valid.
Purpose. A user can request erasure if the personal data is no longer required to meet its original purpose. For example, an online store often collects personal data for the purpose of delivering a product. Once the product is delivered and legal requirements are met, that personal data is no longer serving its purpose, and a shopper covered by the GDPR can ask for it to be erased.
Consent. If personal data was collected with consent (cookies for example), and the user withdraws that consent he or she can also ask for the data collected to be erased.
Objection. A user can simply object to your company collecting his or her personal information. If your business cannot demonstrate “overriding legitimate grounds for the processing,” the data subject can request deletion.
Compliance. Erasure may be required to comply with laws from individual nations in the E.U.
Legality. To state the obvious, Article 17, section 1, paragraph d, notes that a data subject can request erasure, if personal data was collected illegally.
If a request to be forgotten falls into one of these categories, our business will need to comply.
Erase Customer Data
We will then take the steps necessary to remove any of the customer’s personal data from our production, development, and backup systems to ensure all of your personal information has been removed.
To request your data to be removed please email our privacy officer at email@example.com