64
Recital Number 64

Data subject authentication*

 

The controller should use all reasonable measures to verify the identity of a data subject who requests access, in particular in the context of online services and online identifiers. A controller should not retain personal data for the sole purpose of being able to react to potential requests.

 

*Unofficial title for ease of reference