Wthdrawing consent must be as easy as giving consent.

[Shishirgano9]

cookies
Alfred must be informed – in a language he understands – that you use cookies on your website and must be able to agree or refuse to be tracked by cookies.

deletion
Alfred has the right to request that you delete shareholder database any personal data you have about him. Here, GDPR requires the permanent removal of Alfred's contact from your database, including email tracking history, call logs, form templates, and more.

In many cases, you must respond to Alfred's request within 30 days.

The right to erasure is not absolute and may depend on the context of the request, so it may not always apply.

Access / Portability
Just as Alfred can request that you delete his data, he can also request access to the personal data you have about him.

Personal data is anything that can be identified, such as Alfred's name or email address. If Alfred requests access, you must provide a copy of the data, partly in machine-readable format (e.g. CSV or XLS).

Alfred may also request that the lawfulness of the processing be verified (see above).

the change
Alfred may ask your company to change his personal data if it is inaccurate or incomplete. You must be able to comply with this request for change.

security measures
In addition, the GDPR requires a number of data protection guarantees. For example,

Encryption at rest and in transit
access control
Pseudonymization and anonymization of data
Consulting on GDPR implementation

Read more about GDPR:

GDPR-compliant digitization of business processes made easy.