Subject Access Requests: How to See Your File
A Subject Access Request (SAR) forces any organisation to hand over all personal data they hold about you within 30 calendar days. It's free. You can submit one by email — no special form needed. Just write:
"Under Article 15 of the UK GDPR, I am making a Subject Access Request. Please provide all personal data you hold relating to me, including data processed by third parties on your behalf. My name is [X], my email/account is [Y]. Please respond within 30 days."
Data Breaches: Know When You've Been Leaked
Under UK GDPR, organisations must report serious breaches to the ICO within 72 hours and notify affected individuals "without undue delay." If you discover your data has been leaked (check at haveibeenpwned.com), change your passwords immediately and consider whether you have grounds for a compensation claim.
VPNs: When to Use Them (and what they can't do)
A Virtual Private Network (VPN) encrypts the connection between your device and the VPN provider's servers. That encryption prevents people on the same network (for example, on public Wi‑Fi) or your internet service provider from seeing the sites you visit. A VPN also hides your real IP address from websites, which can reduce tracking and make it harder to link your browsing to your home location.
However, VPNs are not a silver bullet. They do not stop websites from tracking you if you sign into accounts, and they do not prevent fingerprinting or tracking embedded in pages. Use a VPN as one layer in a broader privacy approach: keep browser protections enabled, avoid logging into services when you want anonymity, and combine a VPN with tracker-blocking extensions and a privacy-first browser.