Recital 64
EU GDPR

(64) The controller should use all reasonable measures to verify the identity of a data subject who requests access, in particular in the context of online services and online identifiers.

A controller should not retain personal data for the sole purpose of being able to react to potential requests.

The DPO Centre is a leading provider of Outsourced Data Protection Officer, EU Representation and Consultancy services. If your organisation needs advice about any aspect of Data Protection or Privacy, then please

 

Contact Us