Call FREE Request Call Back
Professional Negligence Solicitors

Data Protection Breach

Public bodies and organisations have a duty to store the sensitive data that they hold securely and responsibly. However, sometimes mistakes are made that can have serious consequences for you and your family. If you fall victim to a data breach, you may be able to bring a data protection breach claim.


411 reviews on
Company Logo
illustration of padlock and binary data

Data Protection Breach Claims

Even with the most stringent measures taken, it can be possible for you to encounter a data protection breach. This can result in unauthorised individuals or organisations having personal and private information about you which you did not want them to see, which can cause a great deal of worry and upset.

Some data protection breaches can have wide-ranging and catastrophic impacts. For example, when you go to see a medical professional, you are under the impression that no information will be shared about your medical records or general health unless you give explicit consent. Sadly, there are instances in which very personal information of this nature is disclosed to third parties.

Data protection breaches can also put you in considerable danger if your data gets into the wrong hands. For example, the disclosure of a new address to an abusive former partner could not only put you in considerable danger but also lead to psychiatric harm from the trauma of the breach.

In both scenarios, although you may not experience a direct financial loss because of the data breach, the effects can still be equally as devastating. That is why you may wish to seek data protection breach compensation.

At Been Let Down, we will help you to make data breach claim. We work with you to find out what happened and then make a claim against the company or public body that you trusted with your data.

What is personal data?

Personal data is information that relates to and can identify an individual. Examples of personal data include your name, home address, telephone number (mobile and landline), email address, National Insurance Number, the IP address of your home computer, and medical and family information.

If a public body or company leaks this information without your consent, you may be able to claim for a data breach and receive GDPR breach compensation.

What is data protection?

Data protection is the process put in place to safeguard private or important details from corruption or loss. The process that is put in place is a series of laws and policies that make it illegal to share certain information about people without their knowledge or their permission.

The significance of data protection grows in line with the volume of data that needs to be protected. For example, large organisations with thousands of employees will have a high demand for robust protective measures. Therefore, as well as ensuring that there is a comprehensive protective procedure in place that is designed to deflect any breaches, there must also be a policy for handling the fallout should a breach occur.

What is a data protection breach?

It is worth gaining an understanding of what a breach looks like before you begin the claims process as having a clear idea of what this is can put you in a better position for success. To help, here is a look at the essentials.

In the UK, the Information Commissioner’s Office (ICO) is the independent authority set up to uphold information rights in the public interest.

The ICO defines a data protection breach as:

“A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes. It also means that a breach is more than just about losing personal data.”

What are examples of data protection breaches?

A data protection breach can occur for a variety of reasons. These can include:

  • Access to your personal data by an unauthorised third party
  • An organisation sending your personal data to the wrong recipient
  • A device containing your data that an organisation uses being lost or stolen
  • Your data being altered by an organisation without your permission

If any of the above have occurred, you may be able to claim for a data breach to receive data protection compensation.

Make a claim

Make an online claim now.

Make a claim

How much does it cost to make a data breach claim?

Should it be determined that we can help you with your data breach claim, in most cases we will be able to offer a Conditional Fee Agreement, also known as a ‘No Win No Fee’ agreement. There are several advantages to this arrangement for you.

Firstly, it shows that we are confident that your case has a strong chance of receiving GDPR breach compensation. Secondly, it protects you financially as, if there is no compensation won, there is no payment made. In addition, No Win No Fee agreements provide a clear framework for payment that all sides understand, so that there are not any hidden charges down the line.

Are there time limits for making a data protection breach claim?

In English law, under the Limitation Act 1980, there are statutory time limits during which various legal procedures (often involving claims for compensation) must be filed with the court.

The limitation period for making a data protection claim is currently six years from the date of the breach, or three years f you have suffered psychological harm as a result of the breach. Failure to comply or recognise the relevant limitation period or date may result in you losing your opportunity to pursue your GDPR data breach compensation claim. If your claim may include breach of your human rights, then you will need to act more quickly as the time limit for making such a claim is only one year.

If you are unsure of the time limit that applies in your case, please do not hesitate to call us.

The Data Protection Act 2018 was introduced in May 2018. It is the UK’s implementation of the General Data Protection Regulation (GDPR) and deals solely with a data protection breach in the UK. GOV.UK states that it “controls how your personal information is used by organisations, businesses or the government”. The Act sets out the data protection principles that we must follow if we are responsible for using personal data.

In addition to having to follow the key principles by protecting against data being used unfairly or unlawfully, and ensuring that said data is used for specified purposes, the Act protects sensitive information, such as race, religion and ethnicity.

Under the new Data Protection Act, individuals have the right to find out what information about them is stored by the government as well as other organisations. This means that you can request to find out how a company is gaining access to your personal data and how that data is being used.

It is crucial that you know this when pursuing a data breach claim as a data protection breach usually means that there is a need to prove there has been a Data Protection Act breach.

The General Data Protection Regulation (GDPR) is the European-wide law that came into effect on 25 May 2018. While it is a regulation that applies to the European Union, it also applies to businesses and brands that supply goods and services to individuals in the EU. GDPR is the wider regulation, while the new Data Protection Act 2018 is the UK’s internal implementation of GDPR – both of which replace the Data Protection Act 1998.

Breaches of GDPR regulations can give rise to GDPR breach compensation.

The Data Protection Act 1998 was introduced to protect personal data stored on computers and paper filing systems. Like the GDPR today, this Act was the enactment of an EU directive – the EU Data Protection Directive 1995 –, which addressed the provision of protection and processing of data.

There were eight data protection principles to this Act, though much of it did not apply to domestic use. The 2018 update, along with GDPR, was introduced to create stricter regulations around the collection, storage and use of personal data.

This change was – and continues to be – significant. In the 20 years since the first Act was passed and came into force, the world of technology and the data that is captured has altered significantly. Social media and artificial intelligence have become part of our everyday world. Updating the Act means that both businesses and individuals are now even more protected from a data protection breach in the UK.

By having grounds to pursue a data breach claim, you can have confidence that your personal data will not be used without your consent.

If you face a data protection breach committed by a public body, it is likely that the access gained to your personal and private information interferes with your private life. This can be distressing and damaging to your wellbeing as well as your finances.

By law, everyone has the right to a private life. This right was introduced by Article 8 of the European Convention on Human Rights and, in the UK; it is protected by the Human Rights Act 1998. In addition, those storing your data must comply with the EU Charter of Fundamental Rights, which protects personal data.

If your claim is against a public body, it can be argued as part of your claim that, by your data being breached, your human rights have been impinged upon as you have lost your right to privacy.

The team of solicitors here at Been Let Down would pursue a data-breach human rights claim if we feel that there has been a lapse in data protection by a state organisation, which has contravened your human rights.

If you believe that you have suffered because of a data protection breach from a company or a public body, it is worth getting in touch to talk about making a claim. We recommend doing so as soon as you discover the breach, so that our team can act quickly to process your case and bring a data breach claim.

We can assess your claim in several ways. In line with the Data Protection Act 2018 and GDPR rules, we would consider whether your data has been illegally accessed and distributed. We would then work with you to establish the financial implications of the breach. How damaging it might be to your personal finances can play a part in the compensation process.

We would also try to establish if your right to a private life has been impacted, as this is another way in which a data breach can affect you. If so, you may be able to receive GDPR compensation for distress.

We understand that a data protection breach can have a huge impact on both your financial and emotional wellbeing. We pride ourselves on offering a service that allows you to seek the data breach distress compensation you are entitled to.

We will always listen to your unique circumstances and advise on the amount of GDPR breach compensation to which you could be entitled.

How can I make a GDPR compensation claim for distress?

If you think that you have suffered financial loss due to a data protection breach, we can help you to bring a data breach claim.

Start the claims process today by speaking to one of our team. The sooner that you get in touch with Been Let Down, the sooner that we can work with you to rectify the damage done and prevent those who put your data at risk from doing the same to others.

When you speak to our team, we will listen to you to establish what happened and advise you of your next steps. We will take you through every stage in the process. You can call us, request a call back at a time that works for you, or make an online enquiry. Contact us today and we will help you to move forward.

Here to help you

Get in touch today and find out how we can help with your case for data protection breach compensation.

Please call us on 0800 234 3234 or contact us and a member of our legal team will call you back.

Contact us today

Bond Turner Tracking

This field is for validation purposes and should be left unchanged.