A Beginner’s Guide to Online Privacy: Protecting Data in a Connected World

personal data
Written By Nathalie Pouderoux

We live in an age where your phone knows more about you than your best friend. Your morning coffee order, your running route, even what time you usually fall asleep, all tracked, stored, and analysed.

Online privacy isn’t about hiding from the internet anymore; it’s about managing what you give away every day, often without realising it. Here are a few tips on protecting your data in a connected world.

 

1. Understand the New “Invisible Data” You’re Sharing

Your data isn’t just your name or email address anymore. It’s how you scroll, how long you hover over a video, even the tone of your voice when you talk to Alexa. Modern algorithms use behavioural and biometric data to predict who you are and what you’ll do next.

For example, some retail apps can infer your income level or mood based on the items you browse and when you browse them. To regain some control, regularly review your phone’s sensor permissions, location, microphone, motion, and Bluetooth and disable access for apps that don’t genuinely need it.

2. Stop Giving Away Data for “Convenience”

The biggest privacy trade-off today isn’t security breaches, it’s convenience. “Login with Google” or “Sign in with Facebook” seems harmless, but it links your browsing, purchase history, and location data into one giant profile.

Every shortcut you take online, autofilling details, voice-activated commands, saving loyalty cards builds a clearer digital portrait of you. Where possible, create standalone accounts and avoid cross-platform logins. 

3. Treat AI Tools Like Strangers, Not Colleagues

Generative AI tools such as ChatGPT, Copilot, and Google Gemini are becoming part of daily workflows. But remember: anything you type into these platforms may be stored or used to improve the model.

If you’re using AI in a professional context, especially law, healthcare, or finance, never input confidential client data or unpublished documents. Even anonymised details can be reconstructed. Use enterprise versions that offer data isolation or on-premises options where possible.

4. Pay Attention to Metadata 

Every file, image, or PDF you send often contains hidden metadata: timestamps, GPS coordinates, device IDs, and author names. In one real-world example, a journalist exposed a whistleblower’s location because a photo contained geolocation data.

Before sending documents, especially sensitive ones, scrub metadata using your operating system’s “Remove Properties” function or dedicated redaction software. 

5. Watch for “Smart Device Creep” at Home

Your home is now a data ecosystem, smart TVs, fridges, voice assistants, and even thermostats constantly collect and transmit information. Earlier this year, a major smart TV manufacturer faced scrutiny when its “viewing history” feature was discovered to log voice commands and share them with advertisers.

To stay private, segment your home Wi-Fi network: keep smart devices on a separate network from your laptop and phone. Disable “diagnostics” or “usage data” settings, often hidden deep in menus, that share your habits with third parties.

How Can Gerrish Legal Help?

Gerrish Legal is a dynamic digital law firm. We pride ourselves on giving high-quality and expert legal advice to our valued clients. We specialise in many aspects of digital law such as GDPR, data privacy, digital and technology law, commercial law, and intellectual property. 

We give companies the support they need to successfully and confidently run their businesses whilst complying with legal regulations without the burdens of keeping up with ever-changing digital requirements. 


We are here to help you, get in contact with us today for more information.

Nathalie Pouderoux
Next

Do You Need an AI policy?