⚖️ Your rights

Access, erasure, objection, portability — the GDPR rights and exactly how to use them.

Right of accessAny organisation processing your data must give you a full copy within one month, free of charge. One email is enough — no form, no reason needed.Right to erasureThe “right to be forgotten”: when the data is no longer needed, you withdraw consent, or you object to marketing, they must delete — and tell everyone they shared it with.Right to rectificationWrong address, wrong default, wrong debt flag — organisations must correct inaccurate data and complete incomplete data, within a month, free.Right to objectObject to direct marketing and they must stop. Full stop — no balancing test, no fee, no “but our legitimate interest”.Data portabilityData you provided under consent or contract must be handed over in a machine-readable format — or sent directly to a competitor.Automated decisionsDecisions with legal or similarly significant effects may not be made by machine alone — you can demand a human review, an explanation, and contest the outcome.Withdrawing consentAnything you consented to, you can un-consent — at any time, free, and it must be as easy as the yes was. If the yes was one click, a five-step cancellation maze is illegal.Claiming damagesFines go to the state; Art. 82 pays you. Material loss and real distress both count, there is no minimum threshold — and after big breaches, collective actions do the heavy lifting.Right to restrictionThe pause button: while accuracy or lawfulness is in dispute, the data may be stored but not used. Underrated, fast, and perfect for credit-register and debt-file fights.
← All of PrivacyCheck