A few days ago I sent a GDPR request to some company to delete my personal data. They said to install their app and send a ticket from the app. The email was sent from the email address to which the account is registered. Is this even legal?

  • sab@kbin.social
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    It would be complete bullshit, but clearly the people on the other end would be too stupid to recognize it as such. So there’s really no reason not to do it as long as you’re aware that it’s an empty threat.

    I think you could achieve the same without bullshitting by simply saying “Please delete my data within 30 days or I will report you to the relevant authorities”, but each to their own.