Those right circumstances will take into consideration that an individual has no further commitments to the company - those of you wanting to get your Credit Card accounts deleted will have no joy we're afraid if you have outstanding debt. Facebook is no exception.
"If you are generally good with data protection, you are probably going to be alright with GDPR ... my concern is the companies that have never even thought about this and now are scrambling", said Richard Merrygold, data protection expert.
Three years ago, ahead of Schrems' pivotal court battles with Facebook and before most people even knew what GDPR was, we caught up with Schrems during a visit to Dublin. There are still a few more things we will be implimenting, like to allowing you to download your data, but we think we have got there.
"Anybody that is collecting personal data from European residents - not only citizens - needs to comply with this", Ale Brown, founder of Kirke Management Consulting, said in a phone interview from Vancouver. On Friday, a sweeping new directive goes into effect called the General Data Protection Regulation, or GDPR.
The law widens the definition of what will be considered personal data. However, in most cases firms must also show that they need the personal data for a specific objective. "Companies will have to put in "right to be forgotten" request".More news: North Korea's Kim Jong Un 'unruffled' after Trump cancels summit
More news: DoD Honors Fallen Service Members for Memorial Day
More news: Jaguars owner reacts to NFL's new national anthem policy
It covers everything from giving people an opportunity to obtain, correct or remove personal data about themselves, to outlining rules for disclosing security breaches, to providing easily understood privacy policies and terms of service.
Will the new law hurt businesses that rely on data collection? One of the lawful reasons is that they've obtained consent to use it for a specific objective, but there are others like they need it to comply with legal obligations or that collecting it is in the public interest.
"GDPR is an important step forward for privacy rights in Europe and around the world, and we've been enthusiastic supporters of GDPR since it was first proposed in 2012", Julie Brill, corporate vice president and deputy general counsel, Microsoft, wrote in a blog post. "Companies need clarity to be able to safely extend operations across the EU".
Regulators will also look to hit the pocket books: Companies can be fined up to 4 per cent of their global revenue or €20 million, whichever is larger.