How to comply with GDPR Right to Erasure Article 17

In accordance with GDPR legislation, all data subjects have the right to the erasure of personal data without undue delay (the right is not absolute and only applies in certain circumstances).

This is covered by the "Right to Erasure" and described in article 17. In short, this means that any user can request their personal data to be deleted. This is also known as ‘the right to be forgotten’.

The data subject shall have the right to obtain from the controller the erasure of personal data concerning them without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

1. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2. the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
3. the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
4. the personal data have been unlawfully processed;
5. the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
6. the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).

To erase you data, contact Fotoware Support.