Data breaches happen constantly. Most affected users are never told directly. These tools let you check, report, and act — from finding out whether your email is already circulating to forcing a company to delete everything it holds on you.
ICO — Information Commissioner's Office (UK)
ico.org.uk/make-a-complaintWhat: The UK's data protection regulator. Accepts complaints about GDPR violations, unlawful data processing, and data breach notifications.
When to use: When a company has mishandled your data, refused a deletion request, or failed to notify you of a breach affecting your data.
FTC Privacy Complaints (US)
reportfraud.ftc.govWhat: The FTC handles complaints about companies that violate US privacy laws, including unauthorized data sharing and deceptive data practices.
When to use: When a US company has misused your personal data or violated its own privacy policy.
Have I Been Pwned
haveibeenpwned.comWhat: Free tool by security researcher Troy Hunt. Enter your email address to see if it appeared in any known data breach.
When to use: Immediately if you suspect your account has been compromised, or annually as a routine check.
GDPR Data Deletion Request
What: Under GDPR (UK/EU) you have the right to request any company delete all personal data they hold about you. They must respond within 30 days. Under CCPA (California) you have the same right.
How to request: Send a written request to the company's Data Protection Officer (DPO) — their contact is usually in the privacy policy. State "I am exercising my right to erasure under Article 17 of the UK GDPR" (or CCPA Section 1798.105 for US).
Note: Kibbo has a free GDPR Data Deletion Request letter generator coming soon.