When a client of ours asks for proof of GDPR compliance what do companies normally provide?
Also, in the 07.24_Data_Subject_Requests_Communication_Register_Premium_EN document I don't see a slot for the name/email of the data subject. Part of me thinks that makes sense as if you are asked to delete their info yet keep it in that document then you technically didn't completely delete it? The other part of me wonders how that demonstrates compliance when you can't link it back to a particular data subject request?
I assume that you are referring to the compliance to the data subject request to delete personal data.
Compliance with GDPR starts from a good privacy notice where it is clear how data subjects can exercise their rights. It may be implemented by a reply to the data subject's request to exercise its rights, where the data controller explains how the data subject request is handled and the confirmation that the request has been accepted or denied. Of course, the delation of data will refer to data that are processed under consent on a legal basis. If some personal data are necessary to be processed under another legal basis, then the data controller will have the right to keep those data and process for that purpose. For example, the data controller may need to keep the name and some personal information of the data subject to fulfill the obligation on invoicing. You should keep a register of data subjects' requests in order to demonstrate compliance with the obligation of assuring the rights of data subjects.
Here you can find more information about how to handle data subjects rights: