Protecting your personal data is hard, you have no idea what you're signing up for when you register a new account somewhere. You're almost always going in blind unless you love to read pages and pages of privacy policies.

The focus of this article is to know who leaked or sold your personal data, with that information you can take measures to keep yourself secure, for example by removing apps, deleting accounts, taking legal actions, etc.

The + trick

One simple and free trick is to add a + to you email name, followed by something that indicates where you've registered.

For example, when I register an account at amazon.com I'd enter my e-mail as my.email+amazon.com@gmail.com. The mail will arrive in the inbox of my.email@gmail.com but it would show as sent to my.email+amazon.com@gmail.com

What do you gain from this? Well, one day you might get a mail and see it was sent to my.email+amazon.com@gmail.com - so you'd know it was either shared by Amazon or Amazon was compromised. Knowing that, you take take action against it by blocking all the mails to that address, deleting your Amazon account or even suing them!

Another useful trick is to set up filters and label every mail as Amazon, or send them straight to the trash - it's really up to you!

Note

The trick isn't fool proof, it's fairly simple for someone to filter it out, this could be remedied by setting up a filter that moves everything sent to my.email@gmail.com to trash and treating only addresses that contain a + as a valid e-mail.

Another problem is that not every website or app allow you to enter a + so you're forced to use regular e-mail address without the +.

Catchall e-mail address

This isn't free as it requires you to own a domain but it gives you a lot more freedom. I've been using this method for many years now.

To use this method, you need to buy a domain and set up e-mail. For this to work properly you'll have to be the sole user of the email address.

After you've done all that, you'll need to set up a catchall so that anything with @yourdomain.com is sent to a certain mailbox of your chosing. For example, you can set up your catchall so no-matter-what-you-enter-here@yourdomain.com would go to catchall@yourdomain.com

At this point, you'd use your mail similar to the + trick, using out Amazon example we'd register with amazon using amazon.com@yourdomain.com and know all Amazon mails should go to that address. You'd see this in the mailbox of catchall@yourdomain.com

Depending on the mail platform you use, you may have a lot more options. With Google Workforce (Gsuite), you can drop mails before they ever enter your mailbox. I do this for accounts that receive spam.