Posted to remove from the unanswered list
string updateQuery = "update Personal set PersonalEmail = @email,FirstName = @fname, Surname = @sname,TelephoneNo = @telno, Password = @password, ContactbyText = @conText, ContactByEmail = @conEmail Where UserName = '" + LblUserName + "'";
should be:
string updateQuery = "update Personal set PersonalEmail = @email,FirstName = @fname, Surname = @sname,TelephoneNo = @telno, Password = @password, ContactbyText = @conText, ContactByEmail = @conEmail Where UserName = '" + LblUserName.Text + "'";
Seems odd to me though that you mixed a parameterized query along with an SQL injection attack. You should use a parameter with LblUserName.Text also.