As featured on
How it works
Select the companies who no longer need your data.
Send your request
This request uses your data rights, so companies have to respond.
Receive responses within a month
Some companies may ask you for additional information, but delete your data quickly.
Did you know?
Up to 88%
of UK companies have suffered breaches in the last 12 months
of UK organisations say that they've lost customers after a data breach
At least 6%
of UK adults have experienced attempted identity theft in the last few years
Why should I clean up my digital footprint?
Make sure you're in control
Regularly cleanse your information from company records to make sure that you're comfortable with how your data is being used.
Minimise your risk of scams
More than two thirds of British adults have been targeted by scammers this year (Citizens Advice, 2021). Minimise your online information to reduce your risk.
Stop the spread of your data
Purging your information from all possible records stops companies re-sharing your data with third parties, who then sell it on.
Clean up your digital footprint
It's quick and easy. You can submit to all your chosen companies in one go.
How do I stop receiving spam?
Spam is incredibly common in the UK. In fact, the UK is the most-targeted nation in the world for COVID-19 related spam communications. Reducing the amount of companies that hold your contact information will drastically decrease your chances of receiving spam. This is because companies suffer data breaches and hacks all the time, which leak your contact details to spammers.
How can I unsubscribe from multiple emails at once?
Cleaning up your digital footprint means deleting your information from all companies that you'd no longer like to have your personal data. By deleting the personal data of yours that's being held by them, you'll automatically be unsubscribed from their mailing lists, too.
To stop receiving spam from companies in one go, get started above and select as many companies as you'd like.
How can I stop junk mail?
To stop junk mail, clean up your digital footprint today. By deleting your information from company databases and marketing lists, you'll make it much harder for companies to contact you.
Our mission is to put you in control of your personal online data and how businesses use it.
In the future, we may charge for additional features. But we promise everything here today will still be free tomorrow!
Why should I use Rightly to send a request?
Nowadays, we all feed the world’s data-engines with massive amounts of information about ourselves in a wide variety of forms. We speak our minds, share our thoughts, feelings and moments of joy and sadness with a watching, thirsty, inquisitive world.
We’re becoming a transparent society of record such that documentation of our digital lives is increasingly accessible, but awareness and genuine control of all the data and consent on your part is lacking.
Through Rightly, you can protect your identity. Our service puts you back in control, where personal identity is valued and respected. Better still, Rightly is the only platform that lets you do this for free: no hidden costs, subscriptions or data sharing.
After the companies have received your request, they have to reply in full within 30 days, or give a valid reason for asking for an extension. However, we're glad to say that most companies normally reply within a week.
Your responses from companies are likely to come directly into your inbox. We don't mind when this happens, as long as you're happy with how your request has been handled and have everything you need.
If you have any questions, or have any difficulty at all with how companies respond, our friendly support team is here to help!
Don't worry, they have to follow your wishes thanks to your ‘right to erasure’ under GDPR law. GDPR applies in the UK and EU, and gives you a whole range of data rights. At Rightly, we help you use these for free.
Companies will contact you after they receive your request. This is because your request simply connects you to all of the companies you select. After that, they'll take it from there and link you to their own forms and processes for you to fill out. Only your name and email address is required to send these requests, but companies will likely ask you for much more information to identify you, like your ID.
They should confirm your data has been deleted within a month. Remember, a deletion request demands that they delete all of your data, including your account details.
There are many different types of personal data, but here are some that are commonly held:
- Name, address and contact details
- Bank and insurance details
- IP Address & Cookie identifiers
- Marital status and number of children
- Political opinions and affiliations
The above can be used to build an accurate picture of who you are, culminating in a clear identity.
If you're unsure, you can still ask them. Even if they tell you they don’t have it, you're making yourself safer online by knowing where your data is.
A Virgin Media database containing customers’ personal details was accessible online for 10 months.
The database included:
- phone numbers
- home addresses
- email addresses
Number of records affected: 900,000
In May 2020, low-cost airline EasyJet revealed that a "highly-sophisticated attacker" stole the personal data of 9 million customers.
There were two groups of affected customers in the EasyJet breach. The first was the 9 million customers who lost:
- email addresses
- travel records
Even worse, roughly 2,200 customers had their credit card details exposed, including the three-digit CVV code on the backs of their cards, which leaves their finances very vulnerable.
Number of people affected: approx. 9 million
In October, retail giant H&M was fined €35.3m (£32.1m) for the illegal surveillance of several hundred employees. This is the second-largest fine a single company has faced under EU GDPR rules.
The company kept "excessive" records on its workforce including:
- family details
Number of people affected: approx. 300
Muscle Foods were found guilty of making 6,354,426 text messages and sending 135,651,627 unsolicited marketing emails. After 467 reported complaints, they were fined £50,000 by the ICO in March 2021.
In March 2020, CRDNN was fined a maximum of £500,000 for making over 193 million automated calls.
Decisions Technologies Limited
Between 2017 and 2018, Decision Technologies Limited is said to have sent out over 14 million direct messages. They were fined £90,000 by the ICO.
In June 2019, the ICO fined telecoms company EE Limited £100,000 for sending over 2.5 million unsolicited marketing text messages.
Send your request in under two minutes
It's simple and completely free