Compliance Library Blog Product Sign In
GDPR-17-04 Requirement 17 — Right to erasure (‘right to be forgotten’)

Apply erasure exceptions when processing is necessary for specified purposes

Description

Controller must not apply erasure obligations when processing is necessary for: freedom of expression, legal compliance, public health, archiving/research/statistics, or legal claims...

Full Analysis & Evidence Requirements

Sign in to view the full obligation text, AI-generated applicability analysis, evidence checklists, and compliance mapping.

Sign In to View

Related Obligations

GDPR-17-01 Requirement

Erase personal data without undue delay when grounds apply
GDPR-17-02 Requirement

Take reasonable steps to inform other controllers of erasure requests
GDPR-17-03 Requirement

Consider available technology and implementation costs in erasure measures

Map this obligation to your AI systems

ReguLume automatically maps regulatory obligations to your system inventory, identifies compliance gaps, and generates remediation plans.

Get Started

Start your compliance assessment

Map obligations to your AI systems, identify gaps, and generate board-ready reports. Plans start at $149/mo.

Get Started