The task of understanding and managing our online footprint can feel daunting. Few of us know where or how to get started so we ignore reality: 90% of the data online was created in the last 2 years.

We created to help people like you practically and quickly understand and manage their online footprint. Sign-up here & get your free report in less than 5 minutes!

Here’s our quick guide to answer your pressing questions:

What sites are the biggest collectors of my data?

  1. Amazon
  2. Facebook
  3. Google
  4. Apple
  5. Uber
  6. Spotify
  7. Twitter
  8. Fitbit
  9. Snapchat
  10. Tinder
  11. Airlines, e.g. Delta
Source: wants to keep things simple for you. We chose a select number of sites to include in our free reports that we felt had the biggest body of data, the most sensitive data, and the data that’s most relevant to public review / reaction.

But, this is only part of the story. Remember: in order to take control as a user, it is important to consider not just who is collecting, but what they are collecting and how.

What are data are these sites actually collecting?
Users control what data sites collect first through the Terms & Conditions, then through Privacy Settings (see our site guide, below), and finally through Cookies.

What do most Terms & Conditions, include?

  • Device attributes: OS, storage and battery status, etc.
  • Device operations: window positioning, mouse movements, etc.
  • Device signals: nearest WiFi / cell towers, etc.
  • User identifiers: usernames / IDs, etc.
  • Access to user’s device: photos, camera, location, and contacts
We think sites like Terms of Service; Didn’t Read or TLDR Legal offer a light touch way of understanding this.

What are cookies?
Cookies are used by sites to remember what you are doing and have done on their site. This includes things to improve your experience such as preferences, passwords, or shopping cart items. It also allows the site to track your interactions for their analytics. Cookies aren’t inherently good or bad, but users should be aware of what it means to ‘accept’ cookies in the context of different sites.

How do sites use my data?
Sites use your data to improve your user experience (e.g. third party integrations ease sign up experience, and cookies help you save your shopping cart even after you close a browser). However, this data can also be used in ways that work against users (e.g. how travel aggregators increase prices knowing you’ve search the same trip multiple times). Many social sites use your data to target ads and their service; others dislike this - it is a personal choice. The important thing to note is that a lot of your data is being collected, it is influencing your online experience, and you have the power to control how and if you want this to be true.

How do sites protect my data?
This varies by site. Apple is known to take data quite seriously. Uber, on the other hand, has historically put a lower priority on protecting users’ data. (See more on Apple privacy and Uber privacy.)

  • SSL Encryption (prevent data from being intercepted)
  • Cybersecurity Tools and Tech (e.g. “malware detection, vulnerability scanning, web application firewalls”
  • Data Storage Methods (e.g. choosing not to store data; using third parties)
  • Geolocation (IP addresses)

What can I do to get control over my online footprint? Accounts for review in FREE report.

Take Action Gain Control Get Informed
How to:
  • Delete your account
  • Adjust privacy settings
  • Download your data (thanks, GDPR!)
  • Understand the T&Cs


Delete your account here. It will be Immediately unavailable from other users’ view. Takes up to 90 days for all your data to be deleted, after request.
The only data that will remain after this are disassociated (anonymized) data, and some information held by ‘friends’ - e.g. messages or photos.

Go to FB settings to change the following:

  • Location and device information (via login)
  • Discoverability
  • Public / private content
  • Images you shared
  • Comments / statuses you shared
  • How Ads tailored to you (“interests”)
  • Approval for facial recognition, third party access
**Users cannot control friends’ images, tags, comments that reference you / your profile.

Go to phone "Settings" app (on iPhone) to manage access to your phone’s location, microphone, contacts, camera, and photos.
Download all data (comments, photos, messages, groups, events, etc) on Facebook - in different file formats
Simple audit of T&C.


Delete your account here. All content, likes, comments, followers will be permanently deleted.

Go to Instagram privacy settings to manage.

Instructions to view and download your Instagram data..

Simple audit of T&C.

Note: Instagram can sub-licence your content? This means that it could licence a user’s photograph or video to any third party, for free, without seeking permission.



Delete your account here.This will “deactivate” your Twitter account. May take a couple days to be unavailable from other users’ view. After 30 days, they will start to delete all your data. Unclear how long this process takes. If you log in before end of 30 days, it will re-activate!

To adjust privacy settings on an iPhone, go to the ‘Settings’ app to adjust location, microphone, contacts and photo preferences.

Download your Twitter data.

Simple audit of T&C.
Understand privacy settings, here.
Understand third-party access.

Go to Twitter privacy and safety settings to manage (with option to delete):

  • Location information
  • Photo tagging
  • Discoverability
  • Access to contacts
Manage 2FA.
Manage third-party access.



It is possible to delete all data, but takes more time because done by product: Web (Chrome), Email (Gmail), etc. On phone, this is the same problem: you have to manage access by app (Gmail, Google Calendar, etc).
Guide coming soon!

Simple audit of T&C.

Accounts that are not currently to review FREE report.


Delete LinkedIn here. You can re-open an account closed within the last 20 days, but some data will be lost (e.g. endorsements, group membership).

Manage privacy settings:
Covers all privacy and security settings related to what can be seen about you, how information can be used, and downloading your data.

From here, you can navigate to the Account tab, Ads tab ( control the information that LinkedIn uses to show you relevant ads), and Communication tab (how LinkedIn and other parties are able to contact you). Note: LinkedIn has cleverly made it so if you want to see who is viewing your profile, you have to let others see when you are looking at theirs.

Download your LinkedIn data.
Note: You can get some data within 10 mins (connections, interests, etc) or wait 24 hours for a richer set.


Delete Flickr here. All photos are deleted, but might still appear in search engines due to indexing.

Manage privacy settings (via desktop):
You can pick the audience for specific photos (or collections of photos)... and customize as required.
When you change the content’s default settings, previous content not changed (need to do so separately if you want to go fully private).

Manage privacy settings (via mobile).

Download your data.
Note: This can take up to 2 weeks! You can download individual photos, albums, or all data.

Like Instagram, there may be copyright concerns for some people. Take a look at this blog, and this blog to learn more!


Delete Pinterest here. Becomes inactive immediately. It takes 14 days for your account to be fully “unrecoverable” (i.e., you can reactivate within 14 days).

Manage Pinterest privacy settings.
You can hide your account from search engines, and make secret boards, but you can’t completely hide your active account.

“Unlike Google and Facebook, Pinterest doesn’t have an official, easy-to-use tool to download an archive of your Pinterest boards. This article provides one tool ( - but a bit buggy) and walks through another workaround (creating a web archive).

Simple audit of T&C.

Not seeing what you’re after, here? We are probably still working on adding them!
Meantime, we’d suggest this guide to 'kill' almost any online account!

My email was associated with a hack. What should I do?
First of all, don’t panic!
If your email address has been compromised in a data breach, it would be smart to change your login password for your email address, and for the service which was affected by the breach. Even if your email account itself hasn’t been victim of a data breach, there’s a security risk if another account that you log into with the same password has been affected. Ideally, you should never use the same passwords across multiple websites. It can, admittedly, be a pain to remember multiple logins. If nothing else, you should always have a completely unique password for logging into your email account – don’t use this same password on any other service. When creating a strong password, use a mix of upper and lower case letters, numbers and symbols.
The creator of haveibeenpwned (one of the most popular and comprehensive security breach sites for everyday people), says: "if you've got strong, unique passwords. I wouldn't do anything". However, let’s be honest, many of don't have strong passwords and / or don’t use unique passwords for each account. If this is you, then you should change your passwords.

What is a “good” password?
If you don’t want to commit to a password locker, having a strong password can help prevent less-sophisticated hacks.

  • Use number, symbol, lower and uppercase, and more than 8 characters. Your password’s length is the most important part!
  • Use 2FA (“two-factor authentication”) when provided by the site.
  • Make sure your passwords are unique for each site.
    • This can be tough, unless you use password locker (which can also help you increase password strength because you don’t have to remember it). If you want something low-touch, we suggest LastPass (free version), which allows you to create secure passwords for all your accounts and store unlimited logins. It also auto-completes forms for you, so you don’t have to open it up every time you’re logging on

What else could I be doing to protect myself, online?
Users can and should take ownership over their data as well. Employ none, some, or all of these techniques. We’ve listed them in order of ease of implementation - so it’s easy for you to decide what works best for you and your goals.

  • Use common sense
    • Don’t open links that seem strange in your email. Don’t leave accounts open. Trust your gut.
  • Don’t use public WiFi
    • Seriously. Not worth inviting a hack to check your Instagram at the airport.
  • Don’t ignore those software update notifications!
    • Keeping your software updated reduces the ability for hackers to find and exploit security loopholes.
  • Use a password to unlock your computer and phone
  • Download Ransomware / Anti-Malware software
    • Have you heard about the ransomware that hijacks your machine and demands Bitcoin in exchange? If not, check this out.
    • There are plenty of products that help prevent this (free: Cybereason Ransomware, Acronis Ransomware Protection; paid: Malwarebytes Anti-Malware)
  • Download Anti-Virus software
    • While Ransomware / Anti-Malware software is a good start, you should download Anti-Virus software to truly protect yourself.
    • We recommend downloading Kaspersky Free - its free and they’ve been producing Anti-Virus software for 20+ years! Or if have a Mac, make sure you keep it updated.
  • Use a password locker (to increase password diversity and strength)
    • While having a strong password is a great start, you really need to have a different password for each service in order to be protected.
    • If you use Apple products, iCloud Keychain is a great way to easily start doing this. Otherwise, we recommend paying for 1Password or LastPass.
  • Use a VPN that you trust
    • is a great VPN that works seamlessly across mobile devices and computers
  • Opt for encrypted / safe services (warning: not easy!)
    • If you want to go the extra mile and truly protect yourself online, you should opt for encrypted services when possible.
    • Search engines like DuckDuckGo and messaging platforms like Signal are a great start.

What does GDPR do for me?
If you live in EU or EEA, you started benefiting from GDPR in May 2018. The law is intended to “protect the personal information of individuals” in the modern, online world. It both reduced ability for organizations to handle and store user/customer information (especially around sharing email addresses), and increased individuals’ rights and control over their data. Notably, individuals can now ask to access the information companies hold about them and companies can be fined for violations.

For those legal nerds out there, here is the full text of GDPR. For everyone else, here is a simple guide to GDPR by Wired magazine.

There is no better time to gain peace of mind and take back control.

With fewer than 10 questions and less than 5 minutes, you can get a FREE report detailing your digital footprint.