This assumes all requests are made by the owner of the e-mail address, with sufficient understanding to give consent vs. e.g. an e-mail provider that fails to understand the privacy concerns.
Even then, as pointed out by others, this does not preclude the user from withdrawing consent to continued use of the information.
It may or may not become a legal problem. But they really need to consider the privacy implications and have lawyers that actually know the relevant national laws throughout the EU member states to evaluate it.
Even then, as pointed out by others, this does not preclude the user from withdrawing consent to continued use of the information.
It may or may not become a legal problem. But they really need to consider the privacy implications and have lawyers that actually know the relevant national laws throughout the EU member states to evaluate it.