It’s reminder for you’re team (and you’re DPO first). You must comply to GDPR, and write you are GDPR compliant in you’re website is not enought.
When someone ask to have access to personal data you store you have 2 month to answer … or said " we have to many work so it will take 1 more month".
Not 2 years.
I have make an 2 official request for my data and they don’t receive answer : The first during blackout. The second on december and directly to you’re DPO.
So i notify you here i will ask the CNIL to open enquest on you’re compliance to GDPR. I hope you will answer so i could stop the legal procedure to have an access to my personal data.