After PersonalData.IO sends the request on your behalf, Uber automatically responds the "message has not reached the intended recipient."
This is false: the message has reached Pein van Noort, the Legal Director Privacy at Uber EMEA, at his corporate email address. In the past, when prototyping our service, we have corresponded extensively with him, and even provided advice on how to handle such requests better.
It's only once we started automating more of the request process that he set up that automated reply. We find this unfortunate.
The most precise guidance on the topic of information requests is available on Uber's website at
It directs individuals to send snail mail to Uber's HQ in the Netherlands in order to do Subject Access Requests. This is too burdensome, and there is a clear mismatch with the original method of data collection. In this mismatch, the process is not compliant with the GDPR.
The best advice we can offer at this stage is to prod van Noort once more to respond, and in the absence of a response to actually refer the issue to the Dutch data protection authority and your local data protection authority.
Please sign in to leave a comment.