The DPC received a complaint via the One-Stop-Shop (OSS) mechanism from an individual regarding the handling of an Article 17 GDPR erasure request made by them. 

The individual in this matter had made an erasure request to have their social media account, as well as any subsequent personal data belonging to them, erased by the controller. The individual also noted as part of their complaint that they had lost access to the account in question. Therefore, they could not delete the account on their own accord using the controller’s self-deletion tool, due to inaccessibility. The individual first raised their request with the controller directly, but was left dissatisfied with the controller’s response to their request. The individual then contacted their national supervisory authority, seeking assistance in acquiring the erasure of the account and related personal data. 

The DPC identified the complaint as potentially being capable of amicable resolution under Section 109(2) of the Data Protection Act 2018. The DPC commenced an examination of the complaint by contacting the controller and outlining the details of the complaint. 

In its response to the DPC, the controller acknowledged that it appeared that the individual was unable to access their account as asserted by the individual in their complaint. On foot of the DPC’s intervention, the social media company contacted the individual directly and its specialist team assisted the individual in regaining access to their account. This enabled the individual to then initiate the process of self-deleting their account and related personal data. The individual subsequently notified the DPC that they considered that their complaint had been amicably resolved.