GDPR data
request generator
Take control of your personal data. Generate a legal request to access, delete, or correct data held about you by any organization.
All Request Types
Access, deletion, correction, and portability requests.
GDPR Compliant
Based on UK GDPR and EU GDPR requirements.
Works Globally
GDPR, CCPA (US), and other data protection laws.
Your data rights
Subject Access Request
Get a copy of all data held about you
Right to Erasure
Request deletion of your personal data
Right to Rectification
Correct inaccurate personal data
Data Portability
Get your data in a portable format
Right to Object
Stop processing for marketing or profiling
Withdraw Consent
Remove permission for data processing
Common questions
How long do they have to respond?
Organizations must respond within one calendar month (not 30 days). They can extend this by two months for complex requests, but must tell you within the first month.
Can they charge me for this?
Subject Access Requests are free. They can only charge a reasonable fee if requests are 'manifestly unfounded or excessive' - which is rare.
What if they ignore my request?
You can complain to the ICO (UK) or your national data protection authority. They have the power to investigate and fine organizations up to 4% of global turnover.
Tips for success
- Be specific about what data you want
- Include account numbers or reference IDs
- Send to the DPO if you can find their address
- Keep a copy of your request and when you sent it
- Follow up if no response after 30 days
Request ignored?
If an organization doesn't respond to your GDPR request, NoReply can help you escalate to the ICO or take further action.
Get Help EscalatingRelated
Other places this tool comes in handy - plus the companies most likely to be on the receiving end.