I recently requested a deletion of my data on a platform using the GDPR, but instead of them deleting my data they replied to the request with instructions on how to delete my account using their profile tools.

Is this the same privacy-wise in terms of deleting my data?

  • Great Blue@infosec.pub
    link
    fedilink
    arrow-up
    31
    ·
    1 year ago

    It should be the same. But depending on the organization behind the platform, they might play dumb if you only request the deletion through the profile tools.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    Depends on their implementation. However you should keep a record that you requested the account deletion and if you find in the future that they still hold your data sue them.

    • VonReposti@feddit.dk
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Don’t sue them, we’re not the US. Make a complaint to your local DPA. If the offender needs to be pulled to court, the DPA will do so.

      Difference is who’s paying for the court case.

      • koper@feddit.nl
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        DPAs don’t have the resources to take action on every single complaints. You can sue the controller or processor directly under article 79 if you want to be sure that an issue gets dealt with quickly.

  • dsemy@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    I’m assuming that if they sent you these instructions, at least on their service specifically your data will actually be deleted along with your account.

    However, I don’t know enough about the GDPR to know whether an account deletion request is equivalent to a request for data deletion in general.