[ge0rg]

As said in other comments there is no obligation for any company to store personal information, and without such information the request can be easily dealt with by a simple form letter.

Companies storing and losing PII have a huge negative impact on the affected users, like e.g. credit card fraud or tax refund scams. This bears a huge actual cost to the victims, either because they never get back the stolen money, or because they need to invest significant time and expenses to fight for it.

A company trying to make money of my PII should better be prepared to handle it securely and to delete it upon request. Handling of GDPR requests must be calculated by them as part of the data handling expenses.