Under the General Data Protection Regulation (GDPR), the right to be forgotten grants individuals the right to request the erasure of their personal data by data controllers.
This right enables individuals to have their personal information deleted if it is no longer necessary, if they withdraw consent, if there is a legitimate objection, if it was unlawfully processed, or if erasure is required to comply with legal obligations.
Data controllers are obligated to assess these requests and, if valid, remove the data from their systems and inform any third parties who have accessed or processed the data.