A few days ago I sent a GDPR request to some company to delete my personal data. They said to install their app and send a ticket from the app. The email was sent from the email address to which the account is registered. Is this even legal?

  • Etterra@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    I don’t know, maybe? If they have a process, no matter how laborious and roundabout, they can always claim that they have a process and that you have nothing to complain about, legally speaking. Their wagering that people will not go through all the bullshit, and they’re unfortunately right. That’s literally why they do it. The only correct response is to hound them relentlessly, going to Twitter (or something else idk these days, and I’m not calling it X), the press if necessary, and pestering as many government bodies and officials as you have to in order to make them get their fucking shit together. And then they’ll make your particular situation of priority because now you’re being more of a pain in the ass than actually doing their job is. They won’t change the broken system, because one exception in a thousand isn’t worth it to them to be bothered with.

    Tldr, maybe but it probably won’t help you, so make it as big of a headache for them as possible.

    • promitheas@iusearchlinux.fyi
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      In the EU you don’t need to follow their process. Any GDPR request can be made to them through any channel and they must comply. If they don’t, then the next step is to file a complaint with your local data protection office, or the data protection office of the European country where the offending company is represented.