If you work with data security departments at large companies, you get these types of questionnaires all the time already. And every single question has been answered a dozen times before, but each new request's questions have subtle nuances such that it's impossible to build up a FAQ comprehensive enough that a non-technical person could copy-and-paste answers in a legally safe way. You'd think it would be possible, it just isn't.
The part that's not clear about the GDPR is whether you're obligated to manually answer any data-related question a user has, or if you can just post a comprehensive FAQ + data export / account deletion tool, and auto-respond to GDPR requests with links to those.
The part that's not clear about the GDPR is whether you're obligated to manually answer any data-related question a user has, or if you can just post a comprehensive FAQ + data export / account deletion tool, and auto-respond to GDPR requests with links to those.