Free Resource

EU Data Broker Opt-Out List
(GDPR Removal Directory, 2026)

75 EU-based data brokers, AdTech vendors, and data intermediaries — with verified opt-out and erasure links

Published by Privacy Insight Solutions · Last Updated: April 2026

EU residents have legally enforceable deletion rights under GDPR Article 17. This directory covers the brokers most likely to hold your data in Europe — with direct links to their privacy portals.

Managed Removal — The Eraser (€3,800) Send a confidential enquiry

Your Legal Rights Under GDPR

Unlike the opt-out model common in the United States, the European framework treats personal data processing as prohibited by default unless a lawful basis is established under Article 6. For data brokers relying on “legitimate interests,” that basis faces increasing scrutiny from national DPAs as individual rights requests accelerate.

Article 17 — Right to Erasure

Demand deletion without undue delay. Brokers must respond within 30 days and notify any third parties they have shared your data with.

Article 15 — Right of Access

Request a copy of all data held about you, including the original source and all recipients it has been shared with.

Article 21 — Right to Object

Object to processing based on legitimate interests. The broker must stop unless it can demonstrate compelling grounds that override your interests.

Article 7(3) — Withdraw Consent

If consent was the legal basis (common in AdTech), you can withdraw it at any time through the same consent mechanism or by direct request.

If a broker fails to respond within 30 days or refuses a valid request, escalate to your national DPA: the AP (Netherlands), CNIL (France), BfDI (Germany), ICO (UK). DPA complaints are free to file and carry real enforcement consequences — GDPR fines in 2024 exceeded €1.5 billion across Europe.

Before You Start

Deletion versus suppression

Deletion removes your record from the broker’s active database. Suppression retains the data internally but flags it so it cannot be used, sold, or displayed. For ongoing protection, suppression is often more effective: a suppressed identifier prevents re-scraped data from resurfacing in future. Where a broker offers both options, request deletion and suppression.

Use a dedicated email address

Create a separate email address for opt-out requests. Using your primary address hands the broker a confirmed, live contact point — the opposite of what you want. A masked alias (via SimpleLogin, Apple Hide My Email, or a disposable service) is preferable.

Track your submissions

Keep a spreadsheet: broker name, date submitted, confirmation code, and the 30-day deadline. If you receive no response by the deadline, escalate directly to the relevant DPA rather than chasing the broker a second time.

For US-based people-search aggregators (Spokeo, BeenVerified, Whitepages, and similar), the main Data Broker Opt-Out Guide covers 100 brokers including those primarily operating in the US market.

1 — Marketing & AdTech Brokers

Who these are: EU-registered companies participating in the IAB Transparency and Consent Framework (TCF). They use browser cookies, mobile advertising IDs (MAIDs), and real-time bidding infrastructure to build behavioural profiles sold to advertisers. TCF version 2.3, mandatory from February 2026, requires all consent signals to identify specific downstream vendors — meaning you can now trace exactly who received your data from a cookie consent action. Withdrawal is possible via the same consent management platform (CMP) used to collect it, or directly via each vendor’s privacy portal below.

#	Broker	Jurisdiction	Privacy / Opt-Out
1	Criteo SA	France	criteo.com/privacy
2	Ogury Ltd.	UK / France	ogury.com/privacy-policies
3	Sirdata	France	sirdata.com/en/Privacy
4	Adikteev	France	adikteev.com/privacy
5	Jellyfish France	France	jellyfish.com/privacy-policy
6	ADventori SAS	France	adventori.com/gdpr
7	Adloox SA	France	scope3.com/privacy-policy
8	Sublime	France	sublime.xyz/privacy-policy
9	Roq.ad GmbH	Germany	roq.ad/privacy-policy
10	AdSpirit GmbH	Germany	adspirit.de
11	Admetrics GmbH	Germany	admetrics.io/privacy
12	Semasio GmbH	Germany	semasio.com/legal/privacy-policy
13	Virtual Minds GmbH	Germany	virtualminds.com/privacy-policy
14	Showheroes SE	Germany	showheroes.com privacy policy (PDF)
15	smartclip Europe GmbH	Germany	smartclip.tv/privacy
16	Captify Technologies	UK	captifytechnologies.com/privacy-notice
17	Sovrn, Inc.	UK / Global	sovrn.com/legal/services-privacy-policy
18	Venatus Media	UK	venatus.com/privacy-policy
19	Blis Global	UK	blis.com/privacy-centre
20	Fifty Technology	UK	fifty.io/privacy-policy
21	MiQ Digital Ltd.	UK	wearemiq.com/privacy-and-compliance
22	LoopMe Limited	UK	legal.loopme.com/privacy-center
23	Dentsu UK	UK	dentsu.com/privacy-notices
24	Crimtan Holdings	UK	crimtan.com/privacy-policy
25	Genius Sports UK	UK	geniussports.com/policies/privacy-policy
26	Yahoo EMEA Limited	Ireland / Global	legal.yahoo.com/ie/privacy
27	Adform A/S	Denmark	adform.com/privacy-center
28	RTB House S.A.	Poland	rtbhouse.com/privacy-policy
29	ETARGET SE	Slovakia	etargetnet.com/policy
30	BidTheatre AB	Sweden	bidtheatre.com/privacy-policy
31	Emerse Sverige AB	Sweden	emerse.com/privacy-policy
32	Triple Lift, Inc.	EU Bound	triplelift.com/privacy
33	The Trade Desk	EU Bound	thetradedesk.com/privacy
34	Epsilon	EU Bound	legal.epsilon.com/dsr
35	Magnite, Inc.	EU Bound	magnite.com/privacy-policy
36	Madison Logic, Inc.	EU Bound	madisonlogic.com/privacy-policy
37	33Across	EU Bound	33across.com/user-data-portal
38	Eyeota Pte Ltd.	EU Bound	eyeota.com/privacy-center
39	DoubleVerify Inc.	EU Bound	doubleverify.com/privacy-notice
40	Quantcast	EU Bound	legal.quantcast.com

2 — Financial, Credit & B2B Intelligence Brokers

Who these are: Companies that compile verified financial and professional data for credit scoring, fraud prevention, and B2B lead generation. Credit bureaus (Experian, Equifax, TransUnion) operate Consumer Information Portals under GDPR Article 15. For B2B brokers (ZoomInfo, Cognism, Lusha, Apollo) that hold professional profiles, a “claim and correct” strategy — correcting inaccurate data while suppressing marketing use — is often more practical than outright deletion, since these profiles are continuously re-aggregated from public sources.

#	Broker	Jurisdiction	Privacy / Opt-Out
41	Acxiom	Global / EU	acxiom.com/optout
42	LexisNexis	Global / EU	lexisnexis.com/global/privacy
43	Experian (Business)	UK / Global	experian.co.uk/opt-out-options
44	Experian (Consumer)	UK / Global	experian.co.uk/consumer-portal
45	Equifax	Global / EU	equifax.co.uk/privacy-hub
46	TransUnion	Global / EU	transunion.co.uk/privacy-centre
47	Cognism	UK / Germany	cognism.com/en/privacy-policy
48	Dealfront	Germany	leadfeeder.com/gdpr
49	Dun & Bradstreet	Global / EU	dnb.com/data-transparency
50	ZoomInfo	Global / EU	zoominfo.com/privacy-center
51	Lusha	Global / EU	lusha.com/privacy-center/request-removal
52	Apollo.io	Global / EU	apollo.io/privacy-center
53	RocketReach	Global / EU	rocketreach.co/privacy
54	Seawave Media	UK	privacy@seawavemedia.com
55	Datajoy	Belgium	privacy@datajoy.eu
56	Selectabase	UK	admin@selectabase.co.uk
57	Data Bubble	UK	databubble.co.uk
58	Data HQ	UK	datahq.co.uk

3 — EU Data Intermediaries (Not Data Brokers)

Important distinction: The organisations listed below are not data brokers. They are registered data intermediation services under the EU Data Governance Act (DGA, Regulation 2022/868), explicitly prohibited from selling personal data for profit. They act as neutral, supervised connectors between data holders and data users — functioning as trust anchors in the EU’s data strategy rather than commercial data traders. They are included here because they intermediate significant volumes of personal data and individuals retain the right to withdraw consent for data sharing at any time under DGA Article 12 of the DGA. Contact the organisation directly using the links below.

#	Organisation	Member State	Privacy / Contact
59	Athumi	Belgium	athumi.be/en · privacy@athumi.eu
60	Publiq	Belgium	publiq.studio/privacy-policy
61	Dataspace Europe OY	Finland	dspace.com/privacypolicy
62	ADH	France	data-intermediation.eu/privacy
63	Hub One DataTrust	France	hubone-datatrust.fr/privacy
64	M-ITRUST	France	mitrust.eu/privacy-policy
65	VISIONS	France	visionsfrance.fr/privacy-policy
66	EkologgIA	France	EC notification (EkologgIA)
67	NOTO	France	EC notification (NOTO)
68	THEMIS-X	France	EC notification (THEMIS-X)
69	DID	Austria	EC notification (DID)
70	NIDHAS	Hungary	EC notification (NIDHAS)
71	Datakeeper B.V.	Netherlands	EC notification (Datakeeper)
72	Dexes	Netherlands	EC notification (Dexes)
73	Fairsfair.io	Netherlands	EC notification (Fairsfair)
74	iGrant.io	Sweden	EC notification (iGrant)
75	Smarter Contracts	Finland	EC notification (Smarter Contracts)

Full register: European Commission DGA Data Intermediation Services Registry

Obstruction Tactics to Know About

No-index opt-out pages: A 2026 US Senate investigation found that several major data brokers — including Comscore, IQVIA Digital, Telesign, and 6sense Insights — placed code on their opt-out pages preventing search engines from indexing them. The forms exist but are unsearchable. If you cannot find a broker’s opt-out form via search, try appending /privacy, /opt-out, or /gdpr to their domain directly.

Geoblocking: Some brokers with EU data block European IP addresses from accessing their opt-out forms, returning 403 errors or redirect loops. Under GDPR, obstructing EU residents from exercising their rights is likely unlawful regardless of where the server is located. If blocked, use a non-EU VPN to access the form, but still cite Article 17 of the GDPR in your submission and include your country of residence.

Known non-functional portals (April 2026)

Mozilla Data Removal: Mozilla has exited the data removal industry. All previous removal links are inactive — do not use.
Findem: The privacy policy page remains indexed by search engines but the opt-out form submit button is non-responsive. Contact their DPO by email directly instead.

Not sure whether to do this yourself? Before investing time in manual opt-outs, it’s worth understanding what automated removal services like Incogni and DeleteMe actually cover in Europe — and where they fall short. Our comparison of data broker removal services covers pricing, coverage gaps, and when manual engagement produces a different outcome.

Need it handled for you?

Manual GDPR opt-outs must be repeated every 3–6 months as brokers re-acquire data from public sources. The Eraser covers the broker and people-search platforms that hold your records — with full documentation of each removal, a 90-day re-scrub guarantee, and a final confirmation report for your records.

The Eraser — €3,800 Send a confidential enquiry

Disclaimer: Opt-out links were verified in April 2026. Brokers update their privacy portals periodically — if a link is broken, search “[broker name] GDPR erasure request” or navigate to their main privacy policy page. This directory does not constitute legal advice. For enforcement, contact your national data protection authority. The DGA intermediaries listed in Section 3 are not data brokers and are subject to different rights and obligations than those in Sections 1 and 2.

EU Data Broker Opt-Out List(GDPR Removal Directory, 2026)

Your Legal Rights Under GDPR

Article 17 — Right to Erasure

Article 15 — Right of Access

Article 21 — Right to Object

Article 7(3) — Withdraw Consent

Before You Start

Deletion versus suppression

Use a dedicated email address

Track your submissions

1 — Marketing & AdTech Brokers

2 — Financial, Credit & B2B Intelligence Brokers

3 — EU Data Intermediaries (Not Data Brokers)

Obstruction Tactics to Know About

Known non-functional portals (April 2026)

Need it handled for you?

EU Data Broker Opt-Out List
(GDPR Removal Directory, 2026)