Welcome to Data Breach Claims. We pride ourselves on providing high-quality legal advice catered to each individual. Here, you can find out about data breach law and get helpful information on claiming compensation.

data breach law

We understand that a data breach can affect you mentally and financially. Therefore, we strive to make the claims process as smooth as possible for you and offer a helping hand.

On this site, you’ll find useful articles explaining the process of making a data breach claim. We have guidance about the types of evidence you can gather to support your claim and how you could calculate compensation.

Our team of advisers are available 24 hours a day to offer free legal advice. They can also answer any queries you may have. If you have a valid claim, they can connect you with data breach lawyers from our panel.

A data breach solicitor or lawyer can then help you gather as much sufficient evidence as possible for your claim. Examples of this evidence include photos, witness statements, bank statements, and CCTV footage.

Our advisers can have a chat with you about No Win No Fee agreements and beginning the data breach claims process. Our panel of data breach lawyers are empathetic, professional and understanding. 

You can get in touch with our team of advisers by:

  • Calling them on the above number to have a chat about your case.
  • Filling out our online contact form to get a reply at your earliest convenience.
  • Chatting with an adviser via our instant chat pop-up box.

Select a Section

  1. What Is Data Breach Law?
  2. What Types Of Information Does Data Breach Law Cover?
  3. Can I Get Compensation For A Data Protection Breach?
  4. Connect With No Win No Fee Data Breach Solicitors
  5. Learn More About Data Breach Law

What Is Data Breach Law?

The UK General Data Protection Regulation (UK GDPR) was enacted into UK law in 2018 alongside an amended version of the Data Protection Act 2018 (DPA). It states that organisations that process personal information should protect it.

Such organisations could be:

  • Data controllers: Organisations that decide how and why personal data is used.
  • Data processors: Organisations that sometimes process personal information on the data controller’s behalf.

A personal data breach can occur if your data is changed, lost, disclosed, accessed or destroyed without your permission or a lawful reason.

Personal data or personal information is anything that can directly identify you or identify you in combination with other information. For example, your name, email address or bank details would be personal data.

In order to make a data breach claim, some wrongful conduct on the part of the data controller or data processor must have occurred. However, even if no harm came to you, the Information Commissioners’ Office (ICO) can still issue a fine to the data controller at fault.

The ICO can’t award you compensation. However, it can still issue a fine to the data controller or data processor, even if the data breach happened accidentally.

You could use the services of a solicitor to claim compensation, providing you have suffered financially or mentally as a consequence.

What Types Of Information Does Data Breach Law Cover?

Personal information is anything that can help identify you. Data breaches can involve many types of information, such as the below. 

  • A letter is sent to the wrong postal address. If a letter containing personal information is delivered to a different address, despite you updating it with the organisation, someone unauthorised could access your personal information. 
  • Failure to redact personal information in publications. If a leaflet is sent out to people’s addresses containing your personal information without a lawful reason, you could experience harm. If so, you could make a data breach claim. 
  • Failure to BCC emails. The BCC field in emails means that recipients can’t see who else the email has been sent to. If a health email is sent out and isn’t BCC’d, people who suffer from the health condition may be exposed without their consent or another lawful reason.
  • Email sent to the wrong recipient. If an organisation sends an email containing personal information to the wrong person without a lawful reason, it could be accessed.

If you’d like to have a chat about data breach law and whether you could make a claim, you can contact our team of advisers. They’d be happy to have a chat about your potential claim. What’s more, they can look at the compensation you could be entitled to. 

Should your claim be valid, you can be connected to one of our expert data breach lawyers from our panel. They could help you receive the compensation you’re owed.

How Common Are Data Breaches?

The below chart includes the latest ICO statistics showing specific data security incident statistics in the 2nd quarter of different years: 2019/20, 2020/21 and 2021/22. This can help us to see how common certain cyber data breach incidents are. 

Interestingly, in the 2nd quarter, there has been a decrease over the 3 years of non-cyber data security incidents. This involves personal information sent in a letter to an incorrect recipient, for example. 

However, there was an increase in cyber-related data security incidents.

The overall number of data security incidents reported to the ICO has decreased over each 2nd quarter in the 3 years.

Data breach law statistics graph

Can I Get Compensation For A Data Protection Breach?

We’ve included a compensation table below to show you how much compensation could be awarded for non-material damages.

Non-material damages compensate for the mental damage you’ve experienced due to the data breach. An example of this could be anxiety or a worsening of pre-existing depression.

The figures have been taken from the Judicial College Guidelines. This is a publication that solicitors use to help them value injuries.

This compensation table is intended to act as an example and the figures may vary depending on your specific circumstances.

Psychiatric Harm GenerallySevereMarked problems and poor prognosis. £54,830 to £115,730
Psychiatric Harm GenerallyModerately SevereSignificant issues but a better prognosis that those in the severe category. £19,070 to £54,830
Psychiatric Harm GenerallyModerateThe likelihood of recovery is high but their life is highly impacted currently.£5,860 to £19,070
Psychiatric Harm GenerallyLess SevereHow much sleep and daily activities were affected will be taken into account.£1,540 to £5,860
Post-Traumatic Stress DisorderSevereThe person struggles to maintain the same level of social life and work life as before the trauma.£59,860 to £100,670
Post-Traumatic Stress DisorderModerateThe person still suffers some symptoms but the prognosis is positive. £8,180 to £23,150

In order to claim compensation for a data breach, you must have suffered material and/or non-material damage. The above compensation table shows non-material damage. The awarded bracket depends on factors such as the length of recovery and the severity of the injury.

Material damages compensate for the way the injury has impacted you financially. For example, if you suffered a credit card data breach and had your money stolen, you may not have been able to recover it through your bank.

You’d need evidence to prove non-material and material damages. However, a solicitor can help you with this.

You could contact our team of advisers today to explore data breach law further. They’re available 24/7 to answer any questions you have and assess how much compensation you may be owed. 

Once you’ve discussed data breach law with our expert team of advisers, you’re under no obligation to carry on with our services. On the other hand, if you’d like to, an adviser can connect you to a data breach lawyer from our panel if you have a legitimate claim.

Connect With No Win No Fee Data Breach Solicitors

Our panel of data breach lawyers would be happy to discuss No Win No Fee claims with you if you have a valid claim. Making a claim on a No Win No Fee basis can bring various financial benefits. 

Essentially, if your claim wins, under a No Win No Fee agreement your lawyer would take a legally capped, small percentage from the settlement. However, you will have agreed to this beforehand and will receive the majority of the compensation.

If your claim doesn’t win, you won’t need to pay any of your lawyer’s fees at all. 

You also won’t need to pay any ongoing or upfront lawyer fees.

Data Breach Claims Time Limits

If you’re claiming against a non-public body, the time limit could be 6 years. However, if your data breach is against a public body, such as the local council or police, you could have 1 year. 

In order for a data breach lawyer to work on your case, there needs to be a likelihood that your case will succeed. In order to decide this, a solicitor will look at:

  • Whether a breach has occurred
  • Whether it was the fault of the data processor or controller
  • What material and/or non-material damage you suffered

You can contact our team of advisers today to receive free legal advice and explore how much compensation you could claim. If you have a valid claim, our advisers can connect you to a data breach solicitor from our panel to discuss No Win No Fee claims with you. 

We suggest you get in touch with our team of advisers via:

  • A telephone call on the number above to chat about your situation. 
  • Our contact form to receive a reply when you’re next available.
  • Our chat pop-up box to chat immediately with an adviser. 

Learn More About Data Breach Law

For Organisations: You can find out more information about how organisations can protect people’s personal data on this page. 

Your Data Matters: This page includes information on how the ICO has worked to prevent data breaches. 

Post-Traumatic Stress Disorder (PTSD): If you’re suffering from PTSD, this NHS guide includes important information. 

Check out more of our guides below:

Thank you for reading our guide on data breach law.