Yes, a website can refuse to delete your account, but only under specific legal exceptions, such as when they are required to keep data for legal compliance (like financial records) or for public interest reasons (like journalism), but they must provide valid reasons in writing if they deny your request. While privacy laws like CCPA grant data deletion rights, exemptions exist, and practical issues like data being spread across complex systems or technical limitations can also make deletion difficult or impossible for some companies.
Companies don't always have to comply (they can refuse your right to delete for various reasons, including for freedom of expression or if deleting/archiving your data would not be in the public interest).
Many account deletion options are tucked away in the settings or privacy sections of a website. Look for headings like “Account,” “Profile,” or “Privacy.” If you're having trouble, the help or support section of the site often has guides on how to delete your account.
Unless legally compelled to, there isn't really any benefit to a company to hard delete your data, and there is a benefit to hanging on to it in case you come back or they find a case for selling it. Heck, as the many, many database breaches demonstrate, there's barely any reputation value to deleting old data.
Under APP 11, organisations must take reasonable steps to destroy or de‑identify personal information when they no longer need it for the purpose for which it was collected (unless another law requires retention). That's a data minimisation and lifecycle obligation, not a blanket “delete on request” right.
The right to get your data deleted is also known as the 'right to erasure'. You can ask an organisation that holds data about you to delete that data. In some circumstances, they must then do so. You may sometimes hear this called the 'right to be forgotten'.
Under the GDPR, there is no specific retention period prescribed; instead, data must be kept no longer than necessary to fulfil the purposes for which it was collected. The retention period depends on various factors, including legal obligations, the purpose of data processing, industry standards, and business needs.
How To Delete Digital Footprint (14 Ways)
If the information is about you, you or a representative can ask Google to take it down. When you fill out the request form, you must provide the website addresses (URLs) for the pages that have your personal information. Only those URLs are reviewed for removal from Search results. Learn how to find a URL.
To erase it, you'll need to contact them directly. If your details are listed on a page, take a screenshot and record the web address. Go to the Contact Us page and fill out the form or email it to them with the information. Alternatively, you can engage a data removal service like Incogni or DeleteMe.
Complete deletion of data from our servers is equally important for users' peace of mind. This process generally takes around 2 months from the time of deletion.
JustDelete.me also ranks the difficulty of closing out your account. Green indicates your account is easy to delete. Yellow means it will take some extra steps to delete. Red means it's hard and the account cannot be fully deleted without contacting customer services. Black means the account is impossible to delete.
This is why recovery software can often retrieve deleted files if the space they occupied hasn't been reused. The process of permanently deleting files permanently from computer involves overwriting the data with new information, which can be done using specialized software.
Article 37Designation of the data protection officer
A group of undertakings may appoint a single data protection officer provided that a data protection officer is easily accessible from each establishment.
To Delete Genetic Data from 23andMe:
Consumers can delete their account and personal information by taking the following steps: Log into your 23andMe account on their website. Go to the “Settings” section of your profile. Scroll to a section labeled “23andMe Data” at the bottom of the page.
Is your digital footprint permanent? Yes, your digital footprint is relatively permanent. Every online activity that you publicly shared left a trace. Even if you go back and clean up your social media comments, for example, they may likely be saved on the server or through screen shots from other users.
Delete items from your Chrome history
Even when you delete an account, companies rarely erase your data completely. Instead, it lingers on their servers—accessible to advertisers, data brokers, and even hackers. This means your personal information can still be exploited long after you think you've erased it.
You can check what Google knows about you under 'Personalized ads' in 'My Ad Center', where you can find information about your age range, languages, education and so on.
Log into your old social media accounts to find a list of apps that they can access, and take note of accounts you aren't using. From there you can remove the app's access to your account, but you'll also want to go to the specific sites to cancel your account at the source.
HIPAA requires healthcare providers to retain documentation for at least six years, while SOX mandates that financial records be kept for seven years. In contrast, privacy regulations like GDPR require organizations to delete personal data as soon as it's no longer necessary for the purpose it was collected.
Employment records, including wages, PAYG withholding, and superannuation details, should be retained for a minimum of five years. However, in some cases, the Fair Work Ombudsman or other regulatory bodies may require longer retention.
Increased Risk of Data Breaches
Retaining data beyond its necessary lifetime also unnecessarily increases a company's exposure to data breaches. Old, unused data makes an attractive target for cybercriminals trawling for personal information to steal and exploit.