Depends where you are. If in the EU, for example, you have some pretty strong rights to access personal data held about you, correct it, or even block its further use. They apply to data all over the world, provided it's processed by a company that has an "establishment" (e.g. subsidiary) in the EU, and the data use is somehow related to that establishment's activities. From May next year, when the new GDOR kicks in, the geographic link will be even easier to establish: businesses are caught the moment they monitor people in the EU. Check out the website of your local data protection authority for details.