Right to be forgotten

Right to be forgotten which is also known as the Right to Erasure or Right to be Deleted is stated in GDPR. It refers to the right of individuals to have their personal data deleted.

What is the right to be forgotten?

The right to be forgotten, as used in Article 17 in GDPR, states that an individual can request and obtain the erasure of their data. The act must be done within approximately a month. However, this right is not ultimate. The right to be forgotten applies in specific situations, which include:

  • The personal data obtained is no longer used for the purposes of its collection
  • A company processes data based on consent
  • A company is using the personal data for marketing and the individual does not wish to have her data used for marketing purposes
  • The company does not have the right to process the personal data

On the other hand, a company can refuse to delete an individual’s data for certain reasons that include:

  • The personal data is used to exercise freedom of information and expression
  • The personal data is necessary being used due to legal obligations
  • The data is used in the public interest

All of the specific situations for both the compliance with the request and its refusal can be found in Article 17 in GDPR or on the official GDPR website.

Why is Right to be Forgotten important for businesses?

Understanding the right is important for any business to assess whether the company must oblige or if it can refuse. If your company must oblige with the request of an individual, it is necessary that the data subject is verified and her data located. Moreover, if your company refuses, it must be able to prove what the data is used for and when and how it was collected. In both cases, your company needs to have an audit trail running smoothly.

A good consent audit trail can ensure your company has evidence to prove consent choices of collected personal data. An audit trail paired with a well-written privacy policy can help your company avoid a lot of trouble and help your company develop trust towards your customers.

Find out more about how Openli can help you become GDPR compliant here.

Learn more about Privacy Hub →