The organization should reject all non-legally binding personal data disclosure requests, but accept all contractually defined personal data disclosures that the customer has accepted. The relevant customer must be asked before handing over personal data.
Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.