The EU’s General Data Protection Regulation (GDPR) applies to companies handling, transmitting, or storing personal data. This includes marketing technology (martech) companies that process data for and receive personal data from their customers. The less personal data martech companies handle, the better. Martech companies need to think through and map out how all their data is collected and what is sent to them from their partners and customers. If you do not really need the data customers are sending you, do not accept the data. Period. The right to forget can be technically challenging to solve for.”]
Source: https://www.darkreading.com/compliance/how-gdpr-forces-marketers-to-rethink-data-security