Anyone else come across this third party request channel for customers? We have just received a request to cease marketing a person and also a DSAR from them. The request email only provides us with the first name and last name of the individual and we would need to log into the service to get more information (e.g. email address, DOB etc). I minded to ignore the request as it contains insufficient information and the ICO have previously advised we can do this where the requester requires you to register/login to a third party platform to get more information (which if we were required to do would be a possible way of doing a phishing attack on DPO mailboxes).
Revoke.com – new third party portal for customer right requests
Share