🚨 What now?

Data leaked, photo posted, spam flood, company ignoring you — step-by-step out of the mess.

My data was leakedMove in this order: contain the damage, verify what leaked, then use your rights — including compensation. Most harm from breaches happens in the first days, through scams that use the leaked data.Remove me from GoogleSince Google Spain (2014) you can have outdated or irrelevant results delisted from name-searches in Europe. Google has a form; most valid requests succeed without a lawyer.Intimate images sharedThis is a crime across Europe, platforms are legally obliged to act fast, and StopNCII can block images before they spread. You did nothing wrong — move quickly and don’t do it alone.Stop spam & marketingEmail marketing needs your prior consent in the EU. Objection to direct marketing is absolute. The right sequence turns the flood into a trickle — and repeat offenders into complaints.Request ignoredOne month is the law. After that: a dated final notice, then a free DPA complaint, then court if you want damages. Paper trail beats phone calls at every step.Identity theftAccounts, subscriptions or debts appearing in your name: act in this order — stop new damage, document everything, then unwind each fraudulent contract with the fraud file you built.Account hackedThe order matters: retake the account, evict the intruder from every session, close the door they came through, then repair the blast radius — email first, always, because email resets everything else.DoxxedDoxxing is punishable across Europe and platforms remove it under priority rules. Takedown first, then de-index, then dry up the source registers — and treat any threat as a police matter, immediately.A relative diedPlatforms have dedicated legacy flows, subscriptions can be ended with a death certificate, and “digital estate” access depends on national law — here is the sequence that spares you fights in the worst weeks.Photo posted without consentFor ordinary (non-intimate) photos: ask, report, then escalate with Art. 17 and portrait rights. Most cases end at step two — the sequence below keeps the stubborn ones moving.Debt collector, wrong dataDispute in writing, demand validation, freeze the data — and never pay “to make it stop”. Wrong-person collection is a data-quality failure the GDPR was built for.Online stalkingDocument, don’t engage, cut the access, report the pattern. Stalking is prosecuted as a pattern — your evidence file is what turns “annoying messages” into a case. On any concrete threat: emergency services, now.Clicked a phishing linkWhat you did in the seconds after the click decides everything. Clicked only: usually survivable. Typed credentials or codes: move now — the attacker is racing you.Your photo in an adCommercial use of your face without consent is the clearest image-rights violation there is — takedown plus payment is the normal outcome, not just takedown.
← All of PrivacyCheck