The controller should use all reasonable measures to verify the identity of a data subject
Huge emphasis on reasonable. If by asking me to log in for the sake of verification results in me not being able to delete my data as I’ve demonstrated above, then this is 100% NOT REASONABLE.
They are actively hindering the process that GDPR requires me to take.
I don’t care about the small letters, this is a GDPR violation. I should have an easy way to delete my data and this ain’t it.
Greed.
The answer is always Greed.
What profit is my government(Greek) going to have by doing this? Nothing, so obviously it’s not gonna be done.
If everything is because of profit, then nothing works.