You can request for your personal data to be deleted if:
-
it is no longer necessary for the organisation to keep your data for its original purpose (eg after you have cancelled a gym membership, the gym no longer needs to keep details on your name, address, age and health conditions)
-
the organisation relied on consent to lawfully hold the data and you have now withdrawn your consent (eg you agreed to partake in a market research study and later changed your mind)
-
you objected to the use of your data and your interests outweigh those of the organisation using it
-
the data was used for direct marketing and you object to that processing (for more information, read Objecting to the use of personal data)
-
the organisation has collected or used your data unlawfully (eg the organisation hasn’t complied with data protection rules)
-
the organisation has a legal obligation to delete your data
-
the data was collected from you as a child for the use of an online service (eg you registered for and used social media as a child). Special protection is awarded to children’s data, especially online, as they may be less aware of the risks and consequences of giving their data to organisations. This means that even if you are an adult now, you can request that data provided by you as a child is now deleted