If that's really the case I recommend what I've done on the few instances I had my contact details shared between 3rd parties for marketing without my consent here in Sweden, contact them explicitly stating you want them to:
1. provide details about how the data was collected according to GDPR's Article 14 paragraph 1, I also request the information they should provide as delineated by paragraph 2.
2. send you all the data related to your person according to GDPR's Article 15.
3. complete erasure of all personal data they have collected in accordance with GDPR's Article 17.
So far I have not had to contact the Swedish DPA since the few times it happened the companies actually followed my GDPR request.
Edit: and even if you have given consent through some GDPR form you can withdraw it at any time, contacting the company with a GDPR request and explicitly stating you withdraw all consent to their processing of personal data should be enough.
1. provide details about how the data was collected according to GDPR's Article 14 paragraph 1, I also request the information they should provide as delineated by paragraph 2.
2. send you all the data related to your person according to GDPR's Article 15.
3. complete erasure of all personal data they have collected in accordance with GDPR's Article 17.
So far I have not had to contact the Swedish DPA since the few times it happened the companies actually followed my GDPR request.
Edit: and even if you have given consent through some GDPR form you can withdraw it at any time, contacting the company with a GDPR request and explicitly stating you withdraw all consent to their processing of personal data should be enough.