Information about GDPR can be found in the Carnegie Mellon University privacy policy.
If any campus affiliate receives a data subject request (erasure, change request, etc) that is more than an "unsubscribe" request, you must forward the request to gdpr-info@andrew.cmu.edu as soon as possible to ensure that the request is handled within appropriate time frames and per CMU's GDPR processes.