Users access a multitude of services on the Internet, being offered by vast conglomerates of providers that are individually mostly ‘invisible’ to users. Partly unknowingly, partly without being asked, users cede considerable amounts of valuable personally identifiable information to the providers. On the one hand, this information is deserving of protection, on the other hand, its commercialization is what makes it possible for the service providers to offer the service free of charge. For a normal user, it is neither clear what kind of personally identifiable data is collected by whom, nor which parties are involved in the process of service provisioning. Additionally, it is often impossible to assess the trustworthiness of a service and its provider(s).