The Dutch privacy regulator Autoriteit Persoonsgegevens said on Thursday it had received almost 10,000 complaints since the introduction of new European privacy legislation (GDPR) in May this year.

In addition, 11 companies and organisations are being investigated for non-compliance after dozens of complaints were made about their operations, the AP said.

Many complaints centred on companies which did not want to give people insight into the information they kept about them – which they are now required to do by law. Others focused on companies collecting too much information or companies selling or passing on private information to third parties.

Service companies such as online retailers and public utilities were by far the most often complained about, followed by the IT sector and government departments, financial companies and healthcare.

‘I’m encouraged by just how many people are standing up for their right to privacy by making a complaint,’ chairman Aleid Wolfsen said in a statement. ‘They are giving a serious signal to a company, so that others do not end up in the same position.’