GDPR and The Right To Be Forgotten

Home / TitanHQ Blog / GDPR and The Right To Be Forgotten

Posted by Geraldine Hunt on Wed, May 16th, 2018

How can you forget me, when you can't even find me? Strange question? Well, definitely not when we speak in the context of GDPR. By now I’m sure you’re aware of the approaching GDPR May 25th. A key tenet of GDPR is the ‘right to be forgotten’ – so to my earlier question…it’s not possible to forget me (delete all my data) if you can’t even find me!

Extension of rights

The ‘right to erasure’ or ‘right to be forgotten’ is represented in Article 17 of the GDPR.

The GDPR has expanded and developed this 'right to erasure' to include all data held by any organization, whether publicly available or not. Under the GDPR any EU citizen can request all personal information be deleted by an organization:

Where the data is no longer necessary in relation to the purpose for which it was originally collected
Where the citizen withdraws consent and there are no legal or other overriding legitimate interest for continuing to hold the data
Where the data was illegally processed
When the personal data is processed in relation to the offer of information society services to a child

Burden of proof

The GDPR also flips the burden of proof from the citizen to the 'data controller' i.e. the organization. Previously the data subject/citizen would have to prove they had the right to have their data destroyed.

What this means

The GDPR states that data controllers must communicate with data subjects “in a concise, transparent, intelligible and easily accessible form, using clear and plain language.” Where an EU citizen wants to exercise one of their rights the 'data controller' has to comply “without undue delay” or within a month of the request.

Responding to ‘Right to Erasure requests’

A key feature of ArcTitan our email archiving solution is the ‘privileged & delete user’ feature which helps customers to comply with this ‘Right to be Forgotten’. The Audited delete process regulates the destruction of emails in a controlled manner. Emails can be easily found and deleted.

This is an important element in achieving GDPR compliance. Since Q3 2017 we’ve seen a surge in businesses looking for robust email archiving to meet the demand of the GDPR. FIND OUT MORE at TitanHQ.com/ArcTitan

28 Nov

Cy-BOO!-Security Awareness Month Competition Winning Entries

Selina Coen

Explore the chilling tale that won our Cy-BOO! Security Awareness Month Competition, revealing the eerie truths of cybersecurity in a hair-raising narrative.

1 Nov

Employees Password Sharing Policies

Selina Coen

On how many times have you received a phone call or an email from a manager in your group requesting he password of an employee to allow them to log...

19 Oct

Cyber Horror Stories of 2023: Unmasking Terrifying Breaches

Selina Coen

Step into the spine-chilling world of cybersecurity horrors this Halloween season. Uncover hair-raising tales of data breaches and cyber threats haunting major companies in 2023.

Get Your 14 Day Free Trial

Talk to Our Email and DNS Security Team

Call us on USA +1 813 304 2544 or IRL +353 91 545555

GDPR and The Right To Be Forgotten

Extension of rights

Burden of proof

Responding to ‘Right to Erasure requests’

Products

Latest Articles

Categories

Blog Archive

Our Products

Related Articles

Cy-BOO!-Security Awareness Month Competition Winning Entries

Employees Password Sharing Policies

Cyber Horror Stories of 2023: Unmasking Terrifying Breaches

Talk to Our Email and DNS Security Team

GDPR and The Right To Be Forgotten

Extension of rights

Burden of proof

Responding to ‘Right to Erasure requests’

Products

Latest Articles

Categories

Blog Archive

Our Products

Related Articles

Cy-BOO!-Security Awareness Month Competition Winning Entries

Employees Password Sharing Policies

Cyber Horror Stories of 2023: Unmasking Terrifying Breaches

Never Miss a Blog Post

Talk to Our Email and DNS Security Team