My "business" idea would probably last until the tech stack catches up. At this moment there is no easy way to handle this request for a simple helpdesk clerk without involving some pricier jobs.
Even with the tech, it still requires a human (for now) to read the request, understand it and process it.
Perhaps the future is AI interpreting the request and doing all the operations automatically or providing the client with a panel that can do all of these without having to contact the company.
I guess there is nothing that restricts the amount of information you can send. Why not just document everything and refer to that instead? Is there anything in GDPR that states you need to give a specific answer tailored to the individual customer?
The easy part is providing the information about how the data is used because it's do once, reuse always. Just refer to a document.
The hard part is the right to be forgotten which requires the company to remove all information that pertains to a person. The tech stack still has to implement some stuff here in order to reduce costs and make it easier.
Having to contact your database administrator because you can't delete something without leaving dangling information all over is bad tech implementation which will probably require a huge rework for some companies.
I wonder how you can send the information to the client. If you use GMail then GMail will also know the personal information (they used to read your emails.. good stuff).
Even with the tech, it still requires a human (for now) to read the request, understand it and process it.
Perhaps the future is AI interpreting the request and doing all the operations automatically or providing the client with a panel that can do all of these without having to contact the company.