This guide will explore frequently asked questions regarding data breaches and will help you discover if you’re eligible for compensation. We will explore personal data breaches, what you could claim for, and what time limits could affect the claiming process.
The UK General Data Protection Regulation (UK GDPR) runs in line with the Data Protection Act 2018 (DPA) to protect the personal data of UK residents. An organisation failing to comply with data protection legislation could lead to a personal data breach. If you suffer harm as a result of this breach, you may be able to claim compensation.
To find out if your personal data breach claim is valid, you can contact our team of advisors today. They are available 24/7 to provide free legal advice and help surrounding your claim. If your claim is valid, our advisors may put you in contact with a solicitor from our expert panel.
To get in touch:
Select A Section
- What Is A Personal Data Breach?
- Who Could Use My Personal Data?
- How Could My Personal Data Be Misused?
- When Can Companies Use My Personal Data Without Permission?
- Is There A Personal Data Breach Claims Time Limit?
- How Much Could You Get For Personal Data Breach Claims?
Under the UK GDPR, personal data breaches are security incidents caused by the accidental or unlawful destruction, unauthorised disclosure of, loss, alteration, or access to your personal data. Personal data is information that could identify you. For example, this could be your full name, phone number, or email address. It could also include your credit or debit card details.
You must suffer harm in order to claim for a personal data breach, and you must be able to prove that the breach was a result of the organisation’s failings. For example, they may fail to comply with data protection legislation, or the breach was caused through wrongful conduct.
To find out if your claim is valid, contact our advisors today.
Many different organisations will process your data. Organisations that say how and why your data will be collected and used are known as data controllers. Data controllers consist of but are not limited to:
- Healthcare providers, such as pharmacies, dental services and opticians
- Social media platforms
- Your employer
- Local council and government agencies
All organisations must have a lawful basis for collecting your personal information. Some organisations will have a lawful basis to process your data without your consent.
Our team can provide more answers to any questions you may have.
There are many ways that your personal data could be exposed, from human error to cybercrime. Ransomware and phishing scams are two examples of how cybercriminals can gain access to your personal data.
There are six lawful bases for processing personal data, and permission (or consent) is only one of these. The Information Commissioner’s Office (ICO) provides more information on the six lawful bases, which include:
- Legal obligation
- Vital interests
- Legitimate interests
- Public task
Contact our advisors to learn more about the lawful bases and how they could affect your claim.
Generally, there is a six-year time limit for starting data breach claims. However, this falls to one year if your claim is against a public body. Speak to our advisors to learn how time limits could affect your claim.
There are two potential heads of claim you could pursue in a personal data breach claim.
- Material damage: Financial losses due to a breach. For example, money fraudulently transferred from your account or damage to your credit score.
- Non-material damage: A psychological impact following a breach. For example, anxiety, PTSD and depression.
The Judicial College Guidelines (JCG) provide guideline compensation brackets for non-material damage claims, some examples of which you can find below.
|Psychological Injury||Compensation Guidelines||Notes|
|Severe Psychiatric Damage||£54,830 - £115,730||Ability to cope with life, education and work will be seriously affected.|
|Moderately Severe Psychiatric Damage||£19,070 - £54,830||Less severe prognosis than above, though still retaining significant problems coping with life, education and work.|
|Moderate Psychiatric Damage||£5,860 - £19,070||Marked improvement of symptoms by trial.|
|Less Severe Psychiatric Damage||£1,540 - £5,860||This bracket considers the length of disability period and how daily activities and sleep are affected.|
|Severe Post-Traumatic Stress Disorder (PTSD)||£59,860 - £100,670||Cases include permanent effects, preventing the injured person from working or functioning at pre-trauma level.|
|Moderately Severe Post-Traumatic Stress Disorder (PTSD)||£23,150 - £59,860||Some recovery with professional help but still retaining significant disability for the foreseeable future.|
|Moderate Post-Traumatic Stress Disorder (PTSD)||£8,180 - £23,150||Injured person will be mostly recovered with any continuous effects not being grossly disabling.|
|Less Severe Post-Traumatic Stress Disorder (PTSD)||£3,950 - £8,180||Almost full recovery can be made within one to two years with only minor symptoms persisting.|
Please be advised that the JCG is only to be used as a guideline. Contact us today for a more in-depth estimate of what your potential settlement could amount to.
Start Reading Our Guides To Personal Data Breach Claims
Contact our team today to learn more about claiming for personal data breaches and how a solicitor from our panel could help you. To get in touch:
For more helpful resources:
Or, for more helpful guides:
- How To Claim Compensation For A Data Breach
- How Long Do You Have To Report A Data Breach And Start A Claim?
- Check Your Data Breach Claim Value
For more questions on personal data breach claims, contact our team.