The phrase appears on landing page after landing page. Total data removal. Complete erasure. One hundred percent off the internet. It is a phrase we have refused to use since the day we drafted our first piece of copy, and the reason is not modesty. It is arithmetic.
Some categories of data about you cannot be removed by anyone, at any price, ever. A privacy service that pretends otherwise is selling a feeling, not an outcome. We would rather sell the outcome and skip the feeling.
The three things we cannot touch
When we audit what is publicly visible about a typical UK or US adult, the findings sort cleanly into two buckets: data brokers can be made to delete, and three categories that no one can. Those three are worth naming plainly.
Public records. Court filings, Companies House directorships, the UK Land Registry, US county property assessors, marriage and divorce registers, professional licence registers, electoral roll entries on the open variant. These exist because a democracy decided they should. We can sometimes suppress an open electoral roll entry. We cannot un-file a 2018 small-claims judgment, and neither can anybody else.
Things you published yourself. The LinkedIn profile you wrote, the podcast you appeared on in 2021, the Reddit comment under your real name, the conference panel video on YouTube, the Substack you ran for six months. We can ask the platform to delete the account, which often works. We cannot recall the Wayback Machine snapshot, the third-party blog that quoted you, or the screenshot someone took.
Data already exfiltrated to the dark web. If your email, phone number, or password was part of a breach, copies of that file are by now sitting on hundreds of forum mirrors, in Telegram channels, in private trade groups, and on at least one Russian-language paste site that has been online for nine years. There is no court order that reaches all of them.
Why the dark web is mathematically uncatchable
People sometimes ask whether we can "scrub" leaked data the way we scrub broker listings. We cannot, and the reason is structural rather than a matter of effort.
A broker is a company. It has a registered address, a data protection officer, a legal department that does not want a fine, and a server it owns. Send a properly formatted Article 17 GDPR request to that server's operator, and you have a counterparty who is afraid of you.
A dark-web mirror is the opposite of all of that. The file is distributed across anonymous nodes, copied by anyone who downloads it, hosted in jurisdictions that do not honour foreign deletion orders, and immutable in the sense that the original uploader long ago lost the ability to recall it even if they wanted to. There is no counterparty. There is no server to subpoena. There is no fine that anyone is afraid of.
A broker has a legal department that is afraid of you. A dark-web mirror has neither a legal department nor a fear response.
What you can do is rotate every credential that appeared in the breach, freeze your credit, and accept that the leaked snapshot of your 2019 self exists somewhere forever. What you cannot do is delete it. We will not pretend otherwise.
Public records are not a bug
It is tempting to lump court filings and property records in with broker data and call the whole pile "exposure". They are not the same thing.
Public records exist on purpose. The Land Registry being searchable is the reason you can verify that the person selling you a house actually owns it. Companies House being open is the reason journalists can trace shell companies. Court rolls being public is the reason justice happens in daylight rather than in private rooms. These are democratic infrastructure, not data brokers in disguise, and a privacy service that promised to erase them would be promising to vandalise something most readers would, on reflection, want to keep.
We will tell you what is in your public-records footprint. We will not pretend we can delete it, because we should not be able to.
Why "100%" is a marketing red flag
Every reputable privacy lawyer we have worked with hedges the same way. Ask one whether total removal is achievable and you will hear about jurisdiction, about retention periods, about the difference between primary and secondary sources, about the eight footnotes that follow any honest answer.
Ask a marketing page and you will hear "100% guaranteed". The gap between those two answers is exactly the gap between the people who will be around in five years and the people who will not.
What we do promise
Concretely, then:
- 80% of targeted brokers removed by day 30. We file inside seventy-two hours and most large operators respond within four weeks.
- 95% by day 90. The stragglers are usually two or three of the smaller US people-search sites; we escalate, and we keep escalating.
- A PDF audit pack. Every request we sent, every confirmation we received, dated and signed, delivered to your inbox at day 90.
- Written documentation of every refusal. When a broker says no, you get the refusal letter and our note on why.
- A full refund if KYC fails. If our identity check cannot confirm it is really you, we cannot file in your name. In that case the payment goes back, in full, no negotiation.
That is the deal. It is narrower than "one hundred percent off the internet". It is also true, which we think matters more.
If you would rather have someone else file the seventy-odd requests, chase the refusals, and assemble the audit pack, Nox Æterna handles the lot for £89 (about $109) as a one-time payment. No subscription, no upsell, no promise we cannot keep.