Dashboard
Dashboard Make a document Ask a lawyer Get guidance Home
Account
Profile information Account settings
Logout
Help
Help Contact us
Explore
Make documents Ask a lawyer Get guidance About us
Account
Sign up Log in
Help
Help Contact us
Make documents
Easily make legal documents
See all documents
Popular business documents
Popular employment documents
Popular property documents
Popular family documents
Terms and conditions Privacy policy Non disclosure agreement Shareholders' agreement
Employment contract Health and safety policy Settlement agreement Consultancy agreement
Tenancy agreement Lodger agreement Eviction notice Declaration of trust
Affidavit Prenuptial agreement Last will and testament Power of attorney
Ask a lawyer
Get quick legal advice from a lawyer
Ask your question
Popular legal topics
Bespoke legal drafting Start a business Startup legal help Run an online business
Hire employees Manage employees Discipline employees Dismiss employees
Rent residential property Rent commercial property Manage rented property Tenant eviction service
Get divorced Apply for probate IR35 status determination advice Settlement agreement advice
Get guidance
Get reliable legal guidance
Read legal guides
Popular business guides
Popular employment guides
Popular property guides
Popular family guides
Make terms and conditions Run a private limited company Types of shares Ending a contract
Overpayment of wages Notice periods Summary dismissal Implied employment terms
Declaration of trusts Legal interests in property Section 21 notices Security of tenure
Affidavits Executing a will Changing your name Getting married
About us
Learn more about Rocket Lawyer
Contact us
Get more information
Pricing
Help
About us
Careers

MAKE YOUR FREE Data erasure request

  • Make your document in minutes
  • Access from any device
  • Securely sign online
Make document
Data erasure request

How to make a Data erasure request

Under section 47 of the Data Protection Act 2018, you can make data erasure requests (also known as 'data deletion requests’) to businesses (or other organisations), asking them to delete any of your personal data (ie names, contact details or health information). Use this document to make a written data erasure request to a business.

Recently reviewed by Lauren Delin, Solicitor. 

This data erasure request was last reviewed on 19 April 2022.

Use this data erasure request template:

  • to request a business delete any of your personal data they hold

  • if you are based in England, Wales or Scotland

  • if the business is based in England, Wales or Scotland

This data deletion request template covers:

  • your details

  • the business’ details

  • details of your ‘right to be forgotten’ 

  • what personal data you want to be deleted

  • where the to-be-deleted personal data is held (eg in employment records, billing records or a user activity log)

  • why you are requesting the deletion

The right to be forgotten is your right to have your personal data deleted. There are different reasons why you may want your personal data deleted, including: 

  • you have now withdrawn consent for activities relating to your data (eg you agreed to partake in a market research study and later changed your mind)

  • it’s not necessary for the business to continue keeping your data for its original purpose (eg the gym no longer needs to keep details on your name, address, age and health conditions after you’ve cancelled your membership)

  • the business has collected or used your data unlawfully

For more information, read Making data deletion requests.

An erasure request is a written request to a business asking them to delete any of the personal data they hold on you. 

Your request should, as a minimum, include: 

  • your full name (including any previous names, where relevant)

  • your up-to-date contact details (eg address and telephone number) 

  • any details to help the business identify you

  • a statement that you wish to exercise your right of erasure

  • details of the personal data you want to have deleted

  • a request for a response within a timeframe (typically one calendar month) confirming that they will comply with your request

For more information, read Making data deletion requests.

Businesses generally have to respond within one month. However, they may extend this period (for up to two months) if they need extra time to consider your request (eg if you have made several requests). If they need more time, you should be informed (and provided with a reason) within one month.

For more information, read Data protection requests.

After receiving your request, a business should delete your data, unless they refuse to do so because an exemption applies. Examples of exemptions include:

  • it’s necessary to keep your data for reasons such as freedom of expression or information (eg work for journalism, academic, artistic and literary purposes)

  • the data is necessary for legal claims that require establishing, exercising or defending the claims

  • retention of the data is necessary for reasons of public health

When you make a successful deletion request (ie one that results in your data being deleted), the business should contact any third parties, with which they shared your data, about your data deletion request. This can only be refused if it would be impossible or involve a disproportionate effort. 

If your personal data has been published online (eg social networks and websites) the business has to take reasonable steps to inform those responsible for these sites to erase your personal data.

For more information, read Making data deletion requests and Data protection requests.

If a business doesn’t respond (or you are dissatisfied with their response), you should contact them directly. If you do not receive a response or remain dissatisfied with the response, you can complain to the ICO. For more information, read Data protection requests.

Ask a lawyer if:

  • you are making a data deletion request on behalf of someone else

  • this document does not cover your legal needs

  • the business is based outside of England, Wales or Scotland

  • a business does not respond to your request

This data erasure request is governed by the laws of England, Wales and Scotland.

Other names for Data erasure request

Data deletion request, Right to be forgotten request, Data protection request.

Follow us

We use cookies to provide the best experience