An article from: Steve Henderson, Communicator Corp, March 24th 2016
“Controllers should give individuals, free of charge, at reasonable intervals, electronic means of exercising their rights to access, rectify or delete their data, and their right to object to processing and to be able to verify the lawfulness of the processing
Individuals have the right to have personal data erased where:
• The data are no longer necessary for the purposes for which they were collected;
• They withdraw consent and you have is no other legal basis to use the data;
• They object and there is no overriding legitimate basis for the processing;
• The data have been unlawfully processed
Marketers need to understand and accept that they can no longer collect data “just in case” or because it’s there.” – Steve Henderson, Communicator Corp, March 24th 2016
Steve’s informative article looks into the implications of the Right to be Forgotten clause of GDPR. At first glance it doesn’t seem like a major deal: if asked a company simply deletes the data from their system.
Yet on a practical level this is a huge challenge, some companies could be using 6 or 7 different systems and ensuring a person’s data is wiped off them all if requested is nothing short of a logistical nightmare.
Understanding the precise details of this clause is hugely important and the implications for overlooking it are severe. In this light, Steve’s article takes on a new level of relevance for marketing teams.