Welcome to our data breach frequently asked questions page. Here you can find the answers to some questions we often get asked about pursuing a GDPR breach claim, as well as more general questions about the claims process.
If you have any more queries or would like to proceed with a claim, you can get in touch with our advisers any time of day or night, 7 days a week, via the following methods:
- Call us on 0800 408 7827
- Write to us about your case on our contact us page
- Or chat with us now using our live chat
What constitutes a breach of data protection?
A breach of data protection is defined as the deliberate or accidental loss, alteration, destruction, unauthorised disclosure of or access to personal data. Examples include information that is exposed during a cyberattack, sending personal data to the wrong recipient, failing to encrypt devices that are subsequently stolen, and accidentally deleting data.
What are my rights if my data has been breached?
If your data has been breached and you have suffered financial or mental harm as a result, you have the right to pursue a claim for compensation under the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
What do I report to the ICO?
If your data has been breached, the Information Commissioner’s Office (ICO) recommends that you first complain to the responsible company. If they ignore you or remain silent for around 3 months, you can then get in touch with the ICO and ask them to investigate. Include as much information possible on the breach, such as the date of the exposure, the type of information affected, and the impact it has had on you.
Who is liable for a data breach?
Depending on who is responsible for the data breach, the liable party could either be the data controller (the organisation that sets out to obtain your data), or the data processor (the organisation instructed by the controller to process your data on their behalf). It can be difficult to identify who is at fault, so seeking legal advice will be very useful.
Who do I complain to about a data breach?
In the first instance, the ICO recommends complaining to the organisation responsible for the data breach. Usually, there will be a Data Protection Officer within the firm that handles all complaints relating to GDPR. A complaint should be directed at them. If you get no response within 3 months, you can escalate the complaint to the ICO.
What can I do if my personal data has been breached?
In the first instance, you can seek clarification as to what data has been exposed. This should be confirmed by the organisation at fault for the breach. You can complain to them and ask for compensation. However, you could also seek legal help from a data breach solicitor, or ask the ICO to investigate the case.
Can I sue for breach of GDPR?
Provided you have suffered mental or financial damage as a result of a data breach, you could sue the organisation responsible. If you’re at all unsure, please get in touch with our team.
You can check out more of our guides below:
- An Overview Of Data Breach Compensation
- How Much Could My Data Breach Claim Be Worth?
- How To Use A Data Breach Compensation Calculator
- Payouts For Mortgage Broker Data Breach Claims
- How To Report A Data Breach
- How To Claim For A Medical Conditions Data Breach
- Payouts For Debt And Arrears Data Breach Claims
- Can I Claim Compensation For A Data Breach?
- How To Claim For A Disciplinary Information Data Breach
- Children In Care Data Breach Claims
- A Guide To Police Data Breach Claims
- Trade Union Membership Data Breach Claims
- How To Claim For A Tax Information Data Breach
- Credit Score Data Breach Claims
- No Win No Fee Data Breach Claims Explained
- Can I Claim For A Disciplinary Records Data Breach?
- What Is A Data Protection Breach?
- Can I Claim For An Accountant Data Breach?
- Medical Records Data Breach Claims Explained
- NHS Data Breach Compensation Claims Guide
- Could I Claim For A Sexuality Data Breach?
- If you’re wondering in what circumstances you can make a claim for a data breach, this guide can help. It explains compensation payouts, eligibility criteria and No Win No Fee agreements.