Get organizations to delete your account or provide a copy of your personal information.

YourDigitalRights.org is a free service that helps you regain control of your online privacy by making it easy to get organizations to delete or provide a copy of the personal information that they have on you. We do this by automating the process outlined in powerful data protection laws that give you the right to delete or access your data. In addition to sending requests to organizations, we can help ensure that requests are resolved in your favor.

Data protection laws protect individuals with regard to the processing of their personal information by organizations. They define the responsibilities organizations have when processing personal information and grant individuals certain rights in relation to their data. Many countries have data protection laws; some go further in terms of the protection they provide than others.

Please contact us if you would like to help us implement support for additional regulations.

We support two types of requests:

• Data Deletion Requests (also known as erasure requests or the right to be forgotten requests) allow you to ask an organization to delete your personal information.

• Access requests (also known as Subject Access Requests or SAR for short) allow you to ask an organization to provide a copy of your personal information.

After selecting an organization and filling in a short form, we will generate a request email addressed to the organization you have chosen. The email will open up in your email app for you to review and send. Optionally, we can follow up with you a short while after a request has been sent to ensure that the request is resolved in your favor. This can include sending the organization reminder emails or escalating to the government regulatory agency.

Data protection laws allow organizations to refuse to delete your personal information in certain exceptional circumstances. Here are some general examples, but you should read the specific regulation that applies to you for details:

• When the organization is legally obliged to keep hold of your data (for example, financial institutions must keep records of your transactions in order to comply with anti-money laundering regulations)

• When keeping your data is necessary for reasons of freedom of expression and information (this includes journalism and academic, artistic, and literary purposes)

• When keeping hold of your data is necessary for public health reasons

• When keeping your data is necessary for establishing, exercising, or defending legal claims

• When erasing your data would prejudice scientific or historical research or archiving that is in the public interest

Data protection laws provide various escalation mechanisms for such cases, including the possibility of filing a complaint against the organization with a government regulatory agency or taking the organization to court (called a private right of action).

If this sounds complicated, please don't worry; we can help. When submitting a data request via this service, turn on the “Smart Follow-up Assistance” option to get personalized advice on what to do in case an organization has not complied with your request. We will help you communicate with the organization and if needed, escalate to the government regulatory agency.

Data protection laws require organizations to verify the identity of the individual submitting a request to prevent fraud. Most laws also state that the verification method should be proportional to the nature of the data involved. For example, if you request a copy of your message history from a typical internet forum a simple verification that you own the email address associated with your account should be enough. On the other hand, if you request your transaction history from a financial institution, they are justified in asking you to provide additional information such as a photo ID and proof of address.

In most cases, a simple verification that you own the email address associated with your account should be enough. When you use this service to send a request, an email is sent from your email app, which provides this basic verification.

To further protect you personal information, the requests we generate on your behalf explicitly prohibit organizations from using the personal information included as part of the request for any purpose other than fulfilling the request.

We are a registered nonprofit organization called Conscious Digital. We believe in transparency, and therefore the source code for this service is open source. As for October 2022, we have helped individuals submit more than 100,000 requests to varius organizations

We are independent, do not sell your personal information, are not affiliated with any of the organizations which we help you send data requests to. We also do not provide these organizations with any services. Finally, we are funded by your donations.

We have designed this service so that, by default, it does not require us to collect any of your personal information. When certain optional features require you to provide personal information, we delete this data after 120 days. Please see our privacy policy for details.

We would like to support all data protection laws which grant individuals the right to access and delete their personal information. Please contact us if you would like us to add support for a particular regulation.

Please understand that we cannot provide personal support regarding specific data requests or your experience with a particular organization. We know that, in some cases, organizations can be pretty frustrating, but unfortunately, we cannot help and will not reply to such emails.

For all other requests, please contact us via email.

Yes, please!

We rely on donations to ensure our long-term financial stability and independence. You can make a contribution here.

Please see the information on this page if you would like to report a bug, help translate the website, assist with the development, or conduct research.