GDPR Data Request Generator

A GDPR data request is a formal letter or email you send to a company exercising your rights under the General Data Protection Regulation (GDPR). The GDPR grants EU residents (and anyone whose data is processed under EU law) specific rights over their personal data: the right to access, delete, correct, export, object to processing, or restrict processing of their data.

Companies are legally required to respond to GDPR requests within one month. But writing a proper request that cites the correct legal articles and includes all necessary information can be daunting. Using the wrong article, missing key details, or writing an informal message can lead to delays or ignored requests.

Our GDPR request generator creates professionally formatted, legally-cited request letters in both English and German. Simply fill in your details, select the type of request, and get a ready-to-send letter that references the correct GDPR article, includes standard legal language, and reminds the company of their response obligations. All data is processed in your browser — your personal information is never sent to any server.

1. Select the language — Toggle between English and German (Deutsch) depending on the company's location and your preference.
2. Choose the request type — Select from six GDPR rights: Access (Art. 15), Rectification (Art. 16), Erasure (Art. 17), Restriction (Art. 18), Portability (Art. 20), or Objection (Art. 21).
3. Fill in your details — Enter your name, email, the company/organization name, and their address. Optionally specify particular data you're requesting about and any additional context.
4. Review the generated letter — The tool generates a complete, professionally formatted letter with proper legal citations. Switch between Plain Text and Email views.
5. Copy and send — Copy the letter and paste it into an email to the company's Data Protection Officer or privacy contact. The subject line is pre-formatted for Email view.

• Six GDPR request types — Access (Art. 15), Rectification (Art. 16), Erasure/Right to be Forgotten (Art. 17), Restriction (Art. 18), Data Portability (Art. 20), and Objection to Processing (Art. 21).
• English and German — Full bilingual support with proper legal language in both languages. German letters use formal "Sie" addressing and correct legal terminology (DSGVO).
• Correct legal citations — Each letter cites the specific GDPR article and includes the Article 12(3) one-month response deadline — putting legal weight behind your request.
• Customizable content — Add specific data references and additional details to make your request more precise and harder to dismiss.
• Email-ready format — The Email view includes a properly formatted subject line, making it ready to paste directly into your email client.
• 100% client-side — Your personal data (name, email, request details) is processed only in your browser. Nothing is ever sent to any server or stored anywhere.

• Subject Access Request (SAR) — Request a copy of all personal data a company holds about you, including how it's used, who it's shared with, and where it came from.
• Account deletion — Formally request that a company delete all your personal data after closing an account or discontinuing a service.
• Data portability — Request your data in a machine-readable format (JSON, CSV) to transfer to a competing service.
• Correcting inaccurate data — Request rectification when a company has incorrect personal information about you (wrong address, misspelled name, outdated details).
• Objecting to marketing — Formally object to the processing of your data for direct marketing, profiling, or other purposes you haven't consented to.
• Restricting processing — Request that a company stops processing your data while a dispute about its accuracy or the legality of processing is resolved.