GDPR Requirements
Personal data must be correct and up to date. All reasonable measures must be taken to ensure that personal data, which is inaccurate in relation to the purposes for which it is processed, is deleted or rectified without delay (Article 5 (1d)).
Resulting Challenge
The system must provide an interface for the erasure or rectification of personal da-ta. A possibility for regular user verification of personal data should be created.
Technical Solution Approach
A corresponding interface (API) in the application as well as in the backend must facilitate notification of inaccuracies and subsequent revision of personal data. In particular, the technical measures for the right to correction are very useful here.
Checklist:
- See Right to Restriction of Processing (10) and Right to Erasure (9).