Data protection, online safety and digital privacy

UK guides on UK GDPR rights, data subject access requests, the right to erasure, data breaches, social media takedowns, online fraud recovery, and cyberstalking.

11 guides in this section

Popular guides

View all 11

UK GDPR Rights for Individuals

The 8 individual rights, the role of the ICO, and how to enforce them.

Data Subject Access Requests

How to make a SAR, the 1-month response deadline, and what to do if refused.

Right to Erasure (Right to be Forgotten)

The grounds for erasure, exemptions, and search engine de-indexing.

When a Company Has a Data Breach

Notification duties, ICO complaints, and Article 82 compensation claims.

Removing Content from Social Media

Platform reporting tools, the Online Safety Act 2023, and UK GDPR routes.

Removing Intimate Image Abuse

Section 67A of the Sexual Offences Act, OSA 2023 offences, and the Revenge Porn Helpline.

All guides in this section

UK GDPR Rights for Individuals

The 8 individual rights, the role of the ICO, and how to enforce them.

Data Subject Access Requests

How to make a SAR, the 1-month response deadline, and what to do if refused.

Right to Erasure (Right to be Forgotten)

The grounds for erasure, exemptions, and search engine de-indexing.

When a Company Has a Data Breach

Notification duties, ICO complaints, and Article 82 compensation claims.

Removing Content from Social Media

Platform reporting tools, the Online Safety Act 2023, and UK GDPR routes.

Removing Intimate Image Abuse

Section 67A of the Sexual Offences Act, OSA 2023 offences, and the Revenge Porn Helpline.

Recovering Money Lost to Online Fraud

PSR APP fraud reimbursement scheme (October 2024), £85,000 cap, and Action Fraud reporting.

Dealing with Cyberstalking

Protection from Harassment Act 1997, Stalking Protection Orders, and police involvement.

Children's Online Safety

Online Safety Act duties, the ICO Children's Code, and CEOP reporting.

Online Defamation

Defamation Act 2013 serious harm test, website operator procedure, and litigation routes.

Cookie Consent and Marketing Email Rules

PECR rules on cookies and marketing emails, ICO enforcement, and how to opt out.

Frequently asked questions

How do I make a Subject Access Request?
Write to the company (any format — email, letter, even verbally if confirmed in writing) asking for a copy of the personal data they hold about you. They have 1 calendar month to respond, and it must be free in most cases. The ICO website has template letters.
What can I do if my bank refused to refund a fraud loss?
Since October 2024, banks must reimburse most authorised push payment (APP) fraud losses up to £85,000 within 5 business days under PSR rules. If your bank refuses, complain in writing. If unresolved within 8 weeks, escalate to the Financial Ombudsman Service.
Can I get content removed from social media?
Most platforms have reporting tools for harassment, defamation, intimate image abuse, and impersonation. The Online Safety Act 2023 requires platforms to act on illegal content. For unlawful content, you can also use a UK GDPR right to erasure or, in serious cases, court action.
How do I report a data breach?
Complain to the company first. If unresolved or serious, report to the ICO at ico.org.uk. The ICO can fine companies up to £17.5 million or 4% of global turnover. You can also claim compensation for distress under Article 82 UK GDPR.

Explore more

Interactive tools All comparisons All checklists Step-by-step guides Glossary

Disclaimer

This information is for general guidance only and does not constitute legal, financial, or professional advice. Always check official sources and seek qualified help where needed.