Most privacy services hand you a dashboard. A page that ticks up as brokers are processed, then quietly resets when you stop paying. The dashboard is the product, and the product disappears the moment you leave.
We do the opposite. At day 90 we send you a single PDF, usually seven pages, sometimes nine, with your name on the cover and every broker we contacted listed inside. That document is yours. It does not expire, it does not require a login, and it remains valid evidence long after we have closed your file.
People ask, reasonably, what is actually in it. Below is the page-by-page breakdown of a typical report.
Page 1: the cover
Your full legal name. Your order number, e.g. ORD-AB12C9. The date the work was opened and the date it was closed. Underneath, a single summary line in the same serif as the cover of this site:
147 of 150 brokers cleared. 3 stalled. Report closed 30 May 2026.
That line is the headline. If you read nothing else, you read that. It tells you what happened in one sentence, in a font large enough to photograph and send to anyone who asks what you have done about your data.
Pages 2 to 3: the broker-by-broker table
Two pages, sometimes three, of a single table. Every broker we contacted on your behalf, in alphabetical order. For each one: the legal entity name, the jurisdiction (UK, US, or both), the date we sent the deletion request, the date they confirmed, and the broker-side reference number where one was issued.
So you will see, for example, Acxiom LLC with a confirmation date of 14 March 2026 and a reference like OPT-OUT-7740291. Below it, Spokeo Inc., confirmed 21 March, reference SUPPR-118842. Below that, LexisNexis Risk Solutions, confirmed 09 April, no reference issued.
The point of the table is not decoration. It is the audit trail. If a broker ever resurfaces your record, you have the date, the reference, and the entity that confirmed deletion. That is what you take to the regulator.
Page 4: the legal evidence
This is the page that subscription competitors never produce, because they never produce it. We include scanned copies of the actual deletion requests we sent. Each one cites the correct statute for the broker's jurisdiction: Article 17 of the UK GDPR for UK and EU brokers, the California Consumer Privacy Act §1798.105 for California-based ones, and the relevant state-level analogues for Virginia, Colorado, and the rest.
Each request carries a timestamp, our outbound email or postal log, and beneath it the broker's acknowledgement. Sometimes the acknowledgement is a one-line auto-reply. Sometimes it is a formal letter on letterhead. We include all of it, redacted only where the broker accidentally included a third party's data in their response.
Page 5: the unresolved cases
The honest page. Three to five brokers, usually, that did not comply within 90 days. We name them, we name the reason they gave us, and we tell you what we recommend you do next.
The reasons fall into three categories. Some brokers argue they are exempt because they hold the data for a journalistic or public-interest purpose, which is a real exemption under Article 17(3). Some claim they cannot identify your record from the information provided, which is occasionally true and more often a stall. A few simply do not answer. We document each case in plain language.
Our recommendation is almost always: do nothing. The brokers that stall are usually low-traffic aggregators whose copy of your data will degrade naturally within a year. In the rare case where the broker is high-traffic and refuses without a valid statutory basis, we draft a complaint to the Information Commissioner's Office (or, for the US, the relevant state attorney-general) that you can sign and send yourself. We include the draft in the appendix.
Page 6: the leakage scan
Separate from broker deletion, we run a one-time scan of the public breach corpus and surface-web paste sites for your email addresses and phone numbers. This page lists what was already exposed before we started work, what is still exposed today, and what we cannot remove because it sits on infrastructure outside any legal regime we can compel.
We are clear about the limits. We cannot delete a breach from 2019 that was indexed by a Russian-language forum. What we can tell you is that it exists, where it appeared, and what credentials were involved, so that you can rotate passwords and add the exposed email to a watchlist.
Page 7: the re-scan reminder
The last page is short. It tells you when, in our experience, your data is likely to reappear on a meaningful number of brokers, usually somewhere between 14 and 18 months after the initial sweep. It explains what our £29 (or $39) year-two re-scan would check, and it makes plain that you are under no obligation to buy it. You can do nothing, you can run a manual check yourself using the broker list on page two, or you can hand it back to us.
Why we ship a PDF at all
Because subscription competitors cannot. If your contract with a privacy service ends the moment you cancel, the work also ends, and the only proof you ever had was a dashboard you no longer have access to. We think that is a strange thing to call a deliverable.
A document you can show your spouse, your lawyer, or your future self.
The PDF is the trust artefact. It is what makes the transaction look like a transaction rather than a rolling charge. If we delivered nothing, you would have no proof of anything. With the report, you have a document you can email to your solicitor before a property purchase, attach to a subject-access request a year from now, or simply keep in a folder labelled privacy for the next time someone asks how you handled it.
That is the product. The work is the work, but the report is what remains.
If you would rather have this done for you, Nox Æterna handles all 150+ brokers in one £89 payment, with the report delivered at day 90.