Skip to content
Privacy Rights Hub

Your rights. Explained simply.

The law gives you remarkable power over your personal data. Most people just don't know it exists. Here's a plain-English guide to the rights that matter most.

delete

Article 17 — UK GDPR

Right to Erasure (the "Right to be Forgotten")

You have the right to ask any organisation to permanently delete your personal data — and in most cases, they are legally obliged to comply within one month.

When does it apply?

  • The data is no longer necessary for the original purpose.
  • You withdraw consent and there is no other legal basis.
  • You object to processing and there is no overriding legitimate ground.
  • The data was unlawfully processed.
  • Erasure is required for compliance with a legal obligation.

How OnePriv helps

OnePriv automatically detects organisations holding your data and sends compliant, legally-formatted Article 17 requests on your behalf — then verifies the deletion actually happened.

pause_circle

Article 18 — UK GDPR

Right to Restriction of Processing

You can require an organisation to pause its processing of your data — keeping it on file but not actively using it — while accuracy disputes or legal claims are resolved.

When to use it

  • You're contesting the accuracy of the data.
  • The processing is unlawful but you don't want it erased.
  • You need it preserved for a legal claim.
  • You've objected to processing and the controller is verifying its legitimate interest.
import_export

Article 20 — UK GDPR

Right to Data Portability

You can request a copy of your personal data in a structured, commonly-used, machine-readable format — and have it transferred to another controller where technically feasible.

Practical examples

  • Move your transaction history from one bank to another.
  • Take your fitness data with you when you switch platforms.
  • Export your social-media archive to a competing service.
FAQs

Common questions about your rights.

Do these rights apply to me? expand_more
If you are a UK resident, the UK GDPR and the Data (Use and Access) Act 2025 apply to you. EU residents are covered by EU GDPR. Many of the same rights exist under California's CCPA for US residents.
How long do organisations have to respond? expand_more
Most rights requests must be answered within one calendar month. Complex cases may extend by a further two months — but only with written justification.
What if an organisation ignores me? expand_more
You can complain to the Information Commissioner's Office (ICO). OnePriv automatically prepares the supporting evidence and can lodge complaints on your behalf.
Does OnePriv do all this automatically? expand_more
Yes. OnePriv automates discovery, sending requests, verifying responses, and escalating non-compliance — all from a single dashboard.
Is there a cost to me beyond OnePriv's subscription? expand_more
No. Exercising your data-rights is free under UK GDPR. Organisations cannot charge you for compliant requests.

Take back control of your data today.

Join thousands of privacy-conscious people across the UK and beyond who refuse to let data brokers, ad networks and forgotten accounts hold on to their personal information.

Cancel anytime. Works on Chrome, Firefox, and Safari.