E-Commerce Data Breach Compensation Claims Explained

In this guide, we will discuss when you could be eligible to claim compensation for an e-commerce data breach involving your personal information. If you sell or purchase goods online, you may need to provide personal data, such as your name and address. If this information is compromised, it could cause you to suffer financial losses and/or psychological damage.  

e-commerce data breach

E-Commerce Data Breach Compensation Claims Explained

As we move through this guide, we will explain when you could meet the eligibility requirements to pursue personal data breach compensation. In addition to this, we will explore the negative impacts that a personal data breach could have. 

Following this, we will discuss the potential compensation that could be awarded for a successful personal data breach claim. As a guide to this, we will provide a table containing guideline compensation brackets. 

Towards the end of this article, we will explain the term No Win No Fee and look at when you could enter into an agreement of this type.

Please continue reading to learn more about e-commerce personal data breach claims. You can also enquire whether you may be eligible to make a claim for data breach compensation by contacting a member of our team. We have a friendly team of advisors available 24/7 to provide free and confidential advice. 

To reach them, you can:

  • Call our advice line on 020 8050 3051
  • Contact us via our online form to request a callback
  • Type to an advisor using the live chat feature on this page

Browse Our Guide

  1. When Can You Claim For An E-Commerce Data Breach?
  2. How Could You Be Impacted By An E-Commerce Data Breach?
  3. Potential Compensation From A Data Breach Claim
  4. What Evidence Could Help You Claim For An E-Commerce Data Breach?
  5. Our Panel Of No Win No Fee Data Breach Solicitors Could Help You Claim
  6. Learn More About Data Breach Claims 

When Can You Claim For An E-Commerce Data Breach?

There are two main pieces of legislation that outline the responsibilities of data controllers and data processors when using and storing physical and digital personal data. These are:

The Information Commissioner’s Office (ICO), which is an independent UK body responsible for upholding information rights, provides useful definitions of data controllers and processors

Firstly, data controllers determine the means and purpose of processing personal data, whereas data processors process the personal data on behalf of the controller. Both are responsible for complying with the legislation listed above. Lastly, the data subject is the person to whom the personal data relates.     

To set out when you can claim for an e-commerce data breach, it is first important to lay out the definition of a data breach. The ICO describes personal data breaches as breaches of security which lead to the accidental or unlawful loss, destruction, alteration, unauthorised access to, or disclosure of personal data.  

Therefore, to claim for an e-commerce data breach, the following eligibility requirements must be met: 

  • The data controller or processor responsible for handling your personal data failed to adhere to data protection laws.
  • This led to a data breach involving your personal information. 
  • As a result of this breach, you suffered psychiatric damage and/or financial losses.   

Please speak to a member of our team to learn more about claiming data breach compensation for the damages you have suffered. 

How Could You Be Impacted By An E-Commerce Data Breach?

An e-commerce data breach could occur due to various causes, such as human error as well as cyber security incidents, and may have multiple negative impacts on your life. Below we will provide some examples of how an e-commerce data breach could occur: 

  • After you have ordered goods online, the company sends these to the incorrect address. Additionally, your billing information is included in the delivery. 
  • An online company you have ordered goods from has no digital security. This leads to a cyber attack where your personal information is stolen. 
  • An online goods company sends an email containing your personal information to the incorrect recipient. 

A personal data breach can lead to psychological harm of varying severity. For example, not knowing who has access to your personal data could cause stress, depression, anxiety and, in some cases, post-traumatic stress disorder (PTSD). Also, it could lead to financial losses. For example, money could be stolen from your bank account due to identity theft. 

In the following section, we will discuss the potential compensation you could receive for these types of damage in a successful e-commerce data breach claim.    

Potential Compensation From A Data Breach Claim

You may be wondering how much compensation you could get for a data breach. If you were to make a successful e-commerce data breach claim, you could receive a settlement for material damage and/or non-material damage.  

Firstly, non-material damage is the psychological harm you have suffered as a result of the personal data breach. During the process of valuing a settlement for non-material damage, a data breach solicitor can refer to the Judicial College Guidelines (JCG). Therefore, we have used the JCG to create the table below containing guideline compensation brackets for different types of psychiatric harm. 

Guideline Compensation Table

Type of Harm Severity of the HarmDetailsGuideline Compensation Brackets
Psychiatric Damage(a) SevereThe person will have marked problems coping with life and a very poor prognosis. £54,830 to £115,730
Psychiatric Damage(b) Moderately SevereThe person will have significant problems coping with life but will have a much more positive prognosis than the above bracket. £19,070 to £54,830
Psychiatric Damage(c) ModerateWhile the person would have had problems coping with life, they will have made a marked improvement by the time of trial and will have a good prognosis. £5,860 to £19,070
Psychiatric Damage(d) Less Severe Factors taken into consideration when valuing the award will be the length of time the period of disability lasted and how much daily activities and sleep were impacted. £1,540 to £5,860
PTSD(a) SevereThere will be permanent effects that stop the person from functioning at any level close to the one they did before the trauma. £59,860 to £100,670
PTSD(b) Moderately SevereThis bracket differs from the one above as the person will have a much better prognosis due to some recovery with the help of a professional. £23,150 to £59,860
PTSD(c) ModerateA large recovery will be made, and any effects that continue will not be grossly disabling. £8,180 to £23,150
PTSD(d) Less Severe The person will virtually fully recover within 1-2 years with only minor symptoms persisting past this time. £3,950 to £8,180

Please consider these figures as a guide and not an exact representation of what you would receive if your potential claim were successful. 

Material Damage In A Data Breach Compensation Claim

The second type of damage you could suffer following an e-commerce data breach is called material damage. This is the financial losses suffered as a result of the personal data breach. This may include: 

  • Money stolen from your bank account. 
  • Damage to your credit score.
  • Loss of earnings, due to having to take time off work to recover from the emotional impact of the breach.

It is important that you retain evidence of any material damage you have suffered. This could include a copy of your credit history, payslips and a copy of your bank records. 

Please speak to a member of our team today for a personalised estimate of the data breach compensation you could be eligible to receive. 

What Evidence Could Help You Claim For An E-Commerce Data Breach?

To support a data breach claim, it is important that you can provide evidence of a data controller or processor’s failings in adhering to data protection laws. Within a time frame of 72 hours from the discovery of the data breach, the incident must be reported to the ICO and the data subject. 

If you have been made aware of an e-commerce data breach involving your personal data, or you suspect that one has occurred, there are some steps you could take. Firstly, you can contact the organisation directly. Correspondence that you share, such as letters and emails, could be used as evidence for your case. 

Following this, if the organisation’s response is unsatisfactory, you could report the incident to the ICO. It is important to note that the ICO does not award compensation. However, should they choose to investigate the incident, any findings in favour of your claim could be used as evidence.   

Our Panel Of No Win No Fee Data Breach Solicitors Could Help You Claim 

Contact one of our team members for an evaluation of your e-commerce data breach claim. If one of our advisors finds that you could be potentially eligible to claim compensation, they may connect you with a specialist data breach solicitor from our panel. The solicitors on our panel can offer to work on data breach claims on a No Win No Fee Basis. 

A popular form of No Win No Fee agreement that you could be presented with is a Conditional Fee Agreement (CFA). This would generally mean not paying for the services of your data breach solicitor at the following times: 

  • Upfront
  • During the ongoing course of your claim
  • At any time, if your claim should fail 

On the other hand, if you were to make a successful e-commerce data breach claim, your No Win No Fee solicitor could receive a small success fee. This is a percentage of your compensation, which is capped by the law. 

To discuss your potential personal data breach case, you can:

  • Call our advice line on 020 8050 3051
  • Contact us via our online form to request a callback
  • Type to an advisor using the live chat feature on this page

Learn More About Data Breach Claims 

Find information and support by following the external links below: 

Thank you for reading this guide on when you could be eligible to claim compensation following an e-commerce data breach involving your personal information. If you have any remaining questions, don’t hesitate to get in touch with a member of our team.

Writer Jess Opal

Editor Meg Monsoon