What are UK consumer data brokers?

UK consumer data brokers are companies that collect, classify, and sell personal data about individuals to businesses, advertisers, and investigators. Unlike people-search sites such as 192.com, they operate in the background. LiveRamp UK holds identity databases on approximately 45 million consumers, while CACI classifies every UK postcode by income and spending behaviour.

How do I find out which data brokers hold my data?

File Subject Access Requests under UK GDPR Article 15 to the five main invisible brokers: LiveRamp, Experian Marketing Services, CACI, TransUnion Marketing, and the REaD Group. Each must respond within one calendar month, free of charge. What comes back typically includes classification profiles describing your income bracket, household type, and purchasing behaviour.

Does LiveRamp hold data on UK consumers?

LiveRamp UK (formerly Acxiom UK) holds identity databases on approximately 45 million UK consumers. They create persistent RampIDs linking your offline identity (name, address, phone number) to your online activity (cookies, device IDs, ad impressions). Erasure requests go to liveramp.uk/privacy/your-rights/ or ukprivacy@liveramp.com.

Can I remove my data from CACI?

CACI accepts suppression requests via compliance@caci.co.uk, but processing takes up to 3 months. CACI operates Acorn (consumer classification of every UK postcode), Ocean (mobile location data), and PayCheck (household income estimates). A suppression request removes you from future marketing, but historical classification data may persist in downstream systems.

Why don't Incogni and DeleteMe cover UK data brokers?

Incogni and DeleteMe focus on US people-search sites. Neither service, to my knowledge, submits erasure requests to LiveRamp UK, CACI, the REaD Group, or TransUnion Marketing. These UK consumer data brokers require specific, individual requests citing UK GDPR, directed to compliance teams rather than generic opt-out forms.

What is the Mosaic consumer classification?

Mosaic is Experian Marketing Services' consumer classification system that segments every UK household into one of 66 types and 15 groups. It draws on open electoral register data, county court judgments, and aggregated spending patterns. You can opt out of Mosaic profiling at experianmarketingservices.digital/OptOut, with processing taking 7 days plus the next monthly data build.

15 April 2026 · Aaron Barnes-Wilding 9 min read

The UK data brokers you have never heard of

Most people start their privacy cleanup with 192.com. Fair enough. It is the most visible people-search site in the UK, and removing yourself takes about ten minutes. But 192.com is the shopfront. Beneath it sits a commercial data broker layer that profiles approximately 45 million UK consumers, classifies every UK postcode by spending habits and income, and sells that data to anyone willing to pay. These are the UK data brokers you have never heard of, and they almost certainly hold more about you than 192.com ever did.

I’ve filed Subject Access Requests to every one of these companies as part of client investigations. What comes back is always more than people expect.

How your data reaches the UK data brokers you have never heard of

The data does not appear from nowhere. It follows a supply chain, and understanding that chain is the difference between effective removal and wasted effort.

At the base sit what I call root sources: the open electoral register, credit reference agencies, the BT-OSIS telephone directory, Companies House, and HM Land Registry. These are the primary records. Every downstream broker draws from them.

The open electoral register is the single largest root source for consumer data brokers. Roughly 19 million UK adults remain on it, their home addresses commercially available to any purchaser for £20 plus £1.50 per 1,000 entries. Known commercial purchasers include 192.com, LiveRamp, Experian Marketing Services, CACI, and TransUnion. That is not speculation. These companies buy it in bulk, legally, every time a new edition is published.

Credit reference agencies sit alongside the electoral roll as the other major root source. Experian, Equifax, and TransUnion hold your full name, date of birth, every address you have lived at, your financial associations, and your spending patterns. They are permitted to sell certain categories of this data for marketing purposes. They also supply identity data to commercial brokers like LexisNexis and GBG, who then make that data available to anyone who passes their onboarding checks.

The onboarding checks, by the way, are nowhere near as strict as these companies claim. A Bark.com trace costs £100 to £200. Five investigators will compete for the work, and nine times out of ten they will query LexisNexis or GBG to find your current address.

The six brokers profiling you in the background

These are the brokers that do not show up when you search “people search UK” on Google. They operate behind the scenes, serving businesses, advertisers, and investigators.

LiveRamp UK (formerly Acxiom UK)

LiveRamp holds identity databases on approximately 45 million UK consumers. Their product is the RampID, a persistent identifier that links your online browsing to your offline identity. Your name, address, email, and phone number from the electoral roll and credit data get matched to your cookies, device IDs, and ad impressions. LiveRamp’s UK operation sits at the centre of the ad-tech identity resolution industry, and most people have never heard of them.

The Open Rights Group filed formal ICO complaints against LiveRamp in February 2024, alleging unlawful processing. As of early 2026, no enforcement action has followed. Erasure requests go to liveramp.uk/privacy/your-rights/ or ukprivacy@liveramp.com. Expect medium to hard difficulty. They respond, but the process takes persistence.

If you have a Tesco Clubcard, your shopping data likely reaches LiveRamp through Dunnhumby’s data partnerships. The connections between these companies are not obvious unless you know where to look.

CACI Ltd

CACI operates three classification systems that profile the entire UK population. Acorn classifies every UK postcode by consumer behaviour. Ocean uses mobile location data in 630 square metre areas to track footfall patterns. PayCheck estimates household income. If you have ever wondered how advertisers seem to know your salary bracket and shopping habits, CACI is often the answer.

Suppression requests go to compliance@caci.co.uk. Processing takes up to 3 months, which is technically within the statutory deadline if they claim complexity, but still frustrating.

Experian Marketing Services

This is the marketing arm of the credit reference agency, separate from your credit file. It holds your name, address, date of birth, email, and open register data. It powers the Mosaic consumer classification, which segments every UK household into one of 66 types and 15 groups. When I’ve reviewed Mosaic data returned via Subject Access Requests, the level of specificity is striking. It describes what supermarket you likely shop at, what newspaper you probably read, and what your media consumption habits look like. Opt out at experianmarketingservices.digital/OptOut. Processing takes 7 days plus the next monthly build.

TransUnion Marketing

Formerly Callcredit Define, this division operates a consumer lifestyle data product separate from the credit bureau. Opt out by writing to PO Box 491, Leeds LS3 1WZ or emailing ukconsumer@transunion.com. Allow up to 30 days.

The REaD Group (Sagacity)

Maintains what it claims is the UK’s largest consumer database. Also operates the Gone Away file, which tracks address changes nationally, and the Bereavement Register. Physical address for requests: 120 Holborn, London EC1N 2TD. Effort: medium.

LexisNexis Risk Solutions UK and GBG

These two sit in a different category entirely. LexisNexis holds electoral roll data, Companies House filings, Land Registry records, and 6+ year address history. GBG provides identity verification data. Both claim AML and fraud prevention exemptions to resist erasure requests, and they mean it.

I’ve personally secured a 12-month suppression from LexisNexis. It took eight or nine emails and a specific argument: demonstrating heightened risk of being targeted due to occupation, citing involvement in legal cases. The suppression from these two databases is the single most valuable outcome in any UK data removal programme, because they feed current address data to skip tracers, debt collectors, and investigators.

What Subject Access Requests actually reveal

The real challenge with these brokers is finding out which ones hold your data in the first place. I recommend filing Subject Access Requests to the top five as a starting point: LiveRamp, Experian Marketing Services, CACI, TransUnion Marketing, and the REaD Group. What comes back is usually surprising.

Most people expect a name and address. What they actually receive is a classification profile describing their income bracket, property type, household composition, media consumption habits, and purchasing behaviour. CACI’s Acorn data told one client which supermarket they were most likely to shop at and what newspaper they probably read. None of it was wrong.

Under UK GDPR Article 15, every controller must respond within one calendar month, free of charge. Cite the article number in your request. Be specific about which data products you want disclosed, particularly marketing classifications and any third-party data sharing agreements. A vague “all my data” request gives them room to provide the minimum.

Most privacy advice gets the order backwards

Here is my honest opinion: most privacy advice in the UK focuses on the wrong layer entirely. It tells people to remove themselves from people-search sites one by one, treating each site as an independent problem. Those sites are symptoms, not the source.

The actual problem is the supply chain. Electoral roll data feeds 192.com, LiveRamp, CACI, and every other downstream broker simultaneously. Opting out of the open register stops future sales but does nothing about the data already sold. CRA marketing data feeds Experian Marketing, TransUnion Marketing, and indirectly reaches ad-tech platforms through partners like LiveRamp.

If you remove yourself from 192.com but leave your electoral roll data flowing to LiveRamp, CACI, and Experian Marketing, your data is still being traded. The visible removal felt productive. The invisible exposure remains unchanged. This is why mapping your full digital footprint before removing anything is the approach I take with every client. You need to see the complete picture before you start pulling threads, or you end up playing whack-a-mole for months.

Why automated services miss this entire layer

Incogni covers 420+ brokers. DeleteMe claims 976+. I’ve written detailed comparisons of these automated services and the pattern is consistent: their broker lists are overwhelmingly US-focused people-search sites. Neither service, to my knowledge, submits erasure requests to LiveRamp UK, CACI, the REaD Group, or TransUnion Marketing’s consumer data division.

The UK consumer data broker layer requires a fundamentally different approach. LiveRamp requires you to work through a privacy portal. CACI requires a direct email to their compliance team with a 3-month processing window. Experian Marketing has an opt-out page, but it only covers their marketing division. The credit bureau data that feeds it sits behind a separate process entirely.

These requests need to be specific, citing the right legislation, directed to the right team, and followed up when responses are slow or incomplete. That is investigation work. If you are comparing automated services for UK removal, understand that this layer falls outside their scope entirely.

What to do about it

Start with the root sources. Opt out of the open electoral register. Go ex-directory. If you are a company director, file SR01 applications at Companies House to suppress your residential address from historical filings at £30 per document.

Then file Subject Access Requests to the five brokers listed above. Understand what they hold. Use the responses to inform targeted erasure requests under UK GDPR Article 17. For the identity verification layer (LexisNexis and GBG), expect resistance and plan for a sustained engagement over weeks or months.

For anyone with compound exposure (multiple properties, directorships, family members with public profiles), this is not a weekend project. A full digital footprint assessment maps every source before any removal begins. I’ve mapped hundreds of these, and the pattern is always the same: people underestimate how many places hold their data by a factor of ten. They focus on what they can see. The brokers in this article are what they cannot see, and those are the ones that do the real damage.

If your situation is complex enough that the invisible layer matters to you, that is exactly the work we do. Start a conversation.

Aaron Barnes-Wilding

Founder & Privacy Intelligence Expert

Former intelligence analyst and licensed investigator with over a decade of experience in OSINT, counter-fraud, and digital privacy. Advises high-net-worth individuals, solicitors, and corporates on data exposure and removal strategies.

Full bio Contact