Join us and Open Rights Group for a day building things that help people exercise their new rights under GDPR.

New rights need new services

The way that companies collect and process data about us gives them a lot of power. GDPR allows us to challenge that power and hold companies to account.

So far, many companies have treated GDPR as a compliance exercise, doing the bare minimum to avoid being penalised. As a result, our new rights have been buried in long, unwieldy privacy policies — that nobody reads.

There’s an opportunity to build new services that help people exercise their new rights, which is why we’ve worked on Data Rights Finder with Open Rights Group. The site helps people understand how companies use personal data and guides people through making requests under GDPR.

GIF: Ian Hutchinson, IF CC-BY

Come build new things

Data Rights Finder website uses a new and open dataset of machine-readable privacy notices. We want to encourage developers to use this to build other new tools and services that help people claim their GDPR rights. You might build a service that notifies a person when and how an org’s privacy policy has changed or that helps people challenge a decision around a loan application.

We’re running a hackday on in London on the 13th October to bring people together, to imagine and develop creative ways that the API and dataset could be used.

Places are limited, so get a ticket on eventbrite here, and please share with anyone you know who might be interested. If you’ve got questions, you can also write to us at