Google Results About You is the first thing I configure for every client who walks through the door. It costs nothing, takes five minutes to set up, and runs in the background 24/7. Over 10 million people have activated it since Google launched it. But here is what most of them get wrong: they activate it and assume the job is done. It is not. Results About You is the automated baseline. The real monitoring work starts after activation, and that is what this piece covers.
Google Results About You: what it does and why it goes first
Access it at myactivity.google.com/results-about-you. You add your personal identifiers (full name, home address, phone number, email address) and Google begins scanning its own search index for results containing that information. When it finds a match, you get an alert. From the alert, you can submit a one-click removal request asking Google to delist the result.
The tool monitors Google search results only. It does not contact the underlying website, does not send GDPR requests, and does not remove the source data. It removes the Google search result that points to the data. The data itself remains on the original site until someone submits a separate request to the site owner.
For anyone beginning to reduce their digital footprint, this is the correct starting point. It is free, automatic, and requires no technical knowledge. I recommend activating it before tackling individual brokers like 192.com or Tracesmart, because it gives you an ongoing monitoring layer while you work through the manual removal process.
Configuring for compound exposure
Most setup advice assumes one name, one address, one phone number, one email. Fine for the average person. Nowhere near sufficient for someone with a property portfolio, multiple directorships, or a family to protect.
Add every identifier you can think of:
- Every residential address from the past ten years, including previous postcodes
- Your current business address if it differs from your registered office
- Every phone number, including old numbers you no longer use (they still appear in breach databases and directory records)
- Every email address, personal and professional
- Variations of your name: maiden names, middle names used professionally, and common misspellings
Google allows multiple entries for each category. Use that capability fully. The more identifiers you feed in, the wider the net catches. I have had clients who added their primary name and home address, received no alerts, and assumed they were clean. When I ran their maiden name and a previous address through the same tool, alerts started appearing immediately.
If you have family members who share your surname and address, they each need their own activation. Results About You monitors your identifiers, not your household. A partner’s name linked to your home address will not trigger your alerts unless you have added their name as one of your configured identifiers.
What Results About You will never catch
This is where it matters for anyone with real exposure. Results About You monitors exact matches against the identifiers you provide. There are entire categories of personally identifiable information it cannot find.
Your old usernames and online aliases. A handle you used on forums fifteen years ago, linked to personally identifiable information on a cached page somewhere, will not trigger an alert. The tool does not know your previous usernames existed.
Partial matches and contextual exposure. A forum post mentioning your first name, your school, and the town you grew up in might be enough for an investigator to confirm your identity. Results About You will not flag it because it searches for your full name and address, not fragments that could be pieced together.
Email prefixes on old accounts. If your email is aaron@example.com and you signed up for a service years ago as “aaronbw” with no surname attached, that account and any associated breach data will not appear in your alerts.
Links between your name and organisations. A search for your name plus a company name, a sports club, or a school might surface results tying you to a specific location or profession. Results About You does not search for these combinations because it does not know about them.
Cached results from brokers you have already dealt with. Completing the 192.com opt-out removes the source data. But Google may hold a cached version in its index for weeks or months afterward, and Results About You may or may not flag the cached page depending on how the content is structured.
Having mapped hundreds of digital footprints professionally, the pattern is always the same. The exposure that Results About You misses is more dangerous than what it catches. The tool finds the obvious broker listings. The non-obvious references, the ones scattered across old forums and cached pages and breach pastes, are what investigators and threat actors actually exploit.
Boolean searches cover everything Results About You leaves open
This is the manual work that separates monitoring from actual protection. Boolean searches are structured Google queries that narrow results to exactly the information you need. Run every one of these in an incognito browser window. Your search history is itself a data point, and you do not want Google personalising results based on previous privacy searches.
Exact name match: Search "Your Full Name" in quotation marks. Without quotes, Google splits the words and returns partial matches that bury the real results in noise.
Name plus location: "Your Full Name" AND "Your Town" surfaces results linking your identity to a geographic area. Run this for every town you have lived in. If you hold directorships, run it with each company name as well.
Name on a specific site: site:linkedin.com "Your Full Name" restricts results to a single domain. Run this against platforms you use, platforms you used to use, and platforms you have never heard of but which might hold scraped data. Try site:192.com, site:linkedin.com, site:facebook.com, and site:mumsnet.com as starting points.
Username search with exclusion: "your_username" -site:twitter.com finds your username everywhere except your known active accounts. This catches old forum registrations, paste dumps, and scraped profiles on sites you never signed up for directly.
Email prefix search: "aaronbw" (whatever your typical email prefix is) catches throwaway accounts, forum registrations, and breach paste sites where your full email was partially redacted but the prefix remains visible.
Phone number variations: Search "07700900000" and "07700 900000" and "077 0090 0000". Different sites format numbers differently. Search with and without the country code prefix, because international directories will store the +44 format while UK sites use the 0 prefix.
Exclusion of your own properties: "Your Full Name" -site:yourwebsite.com -site:linkedin.com/in/yourprofile filters out results you already know about and control. What remains is the exposure you need to act on.
Run these monthly at minimum. Weekly if you face an active threat such as stalking or harassment. The 90-day broker re-scrape cycle means data you removed three months ago can reappear without warning, so quarterly is the absolute minimum cadence even for someone with a relatively low risk profile.
The search engines nobody checks
Results About You monitors Google exclusively. Your data also appears on Bing, Yahoo, DuckDuckGo, Yandex, and Brave Search. Ignoring them leaves a significant gap in any monitoring strategy.
Bing is the second priority. A delisting request submitted to Bing simultaneously removes results from Yahoo and DuckDuckGo, since both rely on Bing’s index. Submit requests at bing.com/webmaster/tools/eu-privacy-request. In my experience, Bing is more cooperative than Google on autocomplete removal.
Yandex is the one that matters most from a threat perspective, and almost nobody thinks to check it. Investigators use Yandex specifically because it indexes content that Google has already delisted under right to be forgotten requests. A successful Google delisting does not touch Yandex in any way. Yandex operates outside UK GDPR enforcement in any practical sense, which means content you thought was gone may still be fully visible to anyone who knows where to look.
Brave Search accepts delisting requests at privacy@brave.com and applies them globally, not just to UK and EU results. Worth the five minutes it takes to submit if you find concerning results elsewhere.
Autocomplete: the problem nobody has solved
Defamatory or reputation-damaging autocomplete suggestions are the most difficult challenge in search engine monitoring. People focus on the search results themselves. Autocomplete shapes what others search for before they even reach a result page.
Google claims autocomplete is algorithmically generated and rarely intervenes manually. My honest take: autocomplete is the weakest point in Google’s entire privacy framework, and I do not see that changing any time soon. You can submit a right to be forgotten request for a harmful autocomplete suggestion, but success rates are lower than for standard result delisting. The approach I have found most effective combines an RTBF submission with escalation to the ICO if refused (you have three months to file that complaint), paired with positive content publication designed to suppress the suggestion algorithmically over time.
Bing is genuinely more responsive on autocomplete removal than Google. Always submit to both search engines.
When monitoring reveals something that needs removing
Monitoring identifies the problem. The removal process depends entirely on what you find and where you find it.
If Results About You flags a data broker listing, submit a removal request to the broker directly and then follow up with a Google delisting request for the cached search result. We have published step-by-step removal processes for common UK brokers including PeopleTraceUK. Your rights under UK GDPR give you legal backing for requests to any UK or EU data controller, with a one-month statutory response deadline and the right to complain to the ICO if that deadline is missed.
If your boolean searches uncover exposure across many sources simultaneously, that is compound exposure. Automated services like Incogni handle US brokers at scale but miss most UK-specific sources, which is the gap I keep seeing in every assessment I run. When monitoring reveals a problem bigger than a few individual broker listings, the question becomes whether to spend months tackling each source individually or whether a professional assessment that maps everything first and sequences the removals correctly will save time and actually close the gaps.
Most people I work with activate Results About You, run a few boolean searches, and are genuinely shocked by what they find. The reaction is always the same: “I had no idea it was this bad.” The tool that costs nothing is the one that finally shows them the scale of the problem. What they do with that information is the part that actually matters.
If you have run these searches and found more exposure than you expected, get in touch. I will tell you honestly whether your situation needs professional help or whether the free tools and DIY removal process will get you there.
