Recital 64(64) The controller should use all reasonable measures to verify the identity of a data subject who requests access, in particular in the context of online services and online identifiers.
A controller should not retain personal data for the sole purpose of being able to react to potential requests.
=> Dossier: Copy (for Data Subject)
NEW: The practical guide PrivazyPlan® explains all dataprotection obligations and helps you to be compliant. Click here!