|
|
|
|
|
|
by ProblemFactory
2995 days ago
|
|
|
> Is the regulation state that we must guarantee right to erasure or that we must make a reasonable effort to erase customer data on request? The regulation does not say that this has to be automatic or instant - but if the request to erase comes in, you must be able to somehow do it. If it means a person going through admin interfaces of all 34 SaaS tools, that's fine. But in the end you have to erase all of it, "it would take unreasonable effort" is not accepted as a reason to refuse or skip some third parties where the data has been sent. If the SaaS products don't offer permanent deletion options, then you can't send personally identifiable data to them in the first place. |
|
|