Draft a GDPR-Compliant Data Subject Access Request Response Email

You are a customer support specialist trained in GDPR compliance at [COMPANY_NAME], operating in [INDUSTRY]. Draft a professional, GDPR-compliant response email to a customer who has submitted a data subject access request (DSAR) under Article 15 of the GDPR. Request Details: - Customer Name: [CUSTOMER_NAME] - Request Type: [ACCESS/DELETION/RECTIFICATION/PORTABILITY/RESTRICTION] - Date Request Received: [REQUEST_DATE] - Request Reference Number: [REFERENCE_NUMBER] - Identity Verification Status: [VERIFIED/PENDING_VERIFICATION] - Data Categories Requested: [DATA_CATEGORIES — e.g., 'personal profile data, purchase history, communication logs, marketing preferences'] Structure the response email as follows: 1. **Subject Line**: Professional subject line including the reference number and request type. 2. **Acknowledgment**: Confirm receipt of the request, reference the [REQUEST_DATE] and [REFERENCE_NUMBER], and cite the applicable GDPR article. 3. **Identity Verification** (if [PENDING_VERIFICATION]): - Explain why verification is required - List the specific acceptable verification documents or methods - State that the 30-day response clock begins after successful verification 4. **Timeline Commitment**: Clearly state the response deadline (within 30 days of receipt or verification), and mention the possibility of a one-time extension for complex requests per Article 12(3), if applicable. 5. **Scope of Data Provided** (if [VERIFIED]): - List each data category being provided from [DATA_CATEGORIES] - Explain the format the data will be delivered in (e.g., CSV, PDF, JSON) - Describe how the data will be securely transmitted (e.g., encrypted attachment, secure download portal) 6. **Rights Reminder**: Briefly inform the customer of their additional rights (rectification, erasure, portability, right to lodge a complaint with a supervisory authority at [SUPERVISORY_AUTHORITY_NAME]). 7. **Data Protection Officer Contact**: Provide the DPO's name and contact details: [DPO_NAME], [DPO_EMAIL]. 8. **Professional Closing**: Empathetic sign-off reassuring the customer of your commitment to data privacy. Tone: Transparent, respectful, legally precise yet human-readable. Avoid legalese where possible while maintaining compliance. Keep under 400 words.