Claiming Compensation For A Retail Data Breach Explained

This article explains how to claim compensation for a retail data breach that has compromised your personal data. We will provide information about the key legislation covering data protection and what kind of information could be considered personal data.

retail data breach

Retail data breach claims guide

We will also discuss what to do if you suspect a data breach and how one of the No Win No Fee solicitors on our panel could help you claim compensation, typically without having to pay any upfront fees. Finally, we will cover important information about how compensation is calculated and the payout you could receive as reimbursement for the damage you experienced.

Keep reading to learn more about data breach claims. Alternatively, if you would like to speak to someone about a data protection breach that compromised your personal data, you can speak to one of our team members over the phone or online. To be put in touch with one of our advisors:

Choose A Section

  1. Can You Claim After A Retail Data Breach? – A Guide
  2. When Can You Claim Compensation From A Retail Data Breach?
  3. What Evidence Can Be Used In Data Breach Claims?
  4. What Potential Data Breach Payout Could You Receive?
  5. Could A Data Breach Solicitor Help Me On A No Win No Fee Basis?
  6. Learn More About How To Claim For A Retail Data Breach

Can You Claim After A Retail Data Breach? – A Guide

The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) are the two main pieces of legislation that protect the personal data of UK residents, and outline how organisations can handle this data.

This legislation applies to both data controllers and processors, which are defined as the following:

  • Data controllers are the key decision-makers. They decide how and why data is processed.
  • Data processors act on behalf of instructions from the relevant data controller to process your personal data.

You may be eligible to claim compensation when a data processor or controller does not fulfil their legal responsibilities and, as a result, compromises your personal data. This is any information that can identify you, either used alone or with other details. For example, personal data could include your:

  • Name
  • Email address
  • National Insurance number

The next section will cover claiming for a retail data breach in more detail. In the meantime, contact our advisers if you’d like more information about UK GDPR and the legal definition of a data protection breach.

When Can You Claim Compensation From A Retail Data Breach?

In order to claim for a retail data breach, you have to be able to show that:

  • The breach involved your personal data
  • It occurred as a result of the controller or processor’s wrongful conduct
  • You experienced emotional or financial harm as a result

Below are examples of data breaches that could occur because of a data controller or processor’s wrongful conduct:

  • A retailer could fail to put into place an adequate security system to protect a database containing their customers’ phone numbers from cybercriminals
  • An online retailer could ignore warnings that the payment section of their website is unsecured. This could leave their customers’ credit card and debit card information open to hackers and malware.
  • Similarly, a retailer could send a receipt or sensitive parcel to the wrong address, despite having the correct address on file.

If you are wondering what constitutes a retail data breach, speak to our advisers for more information. They can listen to your circumstances and offer advice about the best way to proceed with your potential claim.

What Evidence Can Be Used In Data Breach Claims?

When preparing a claim for a personal data breach, collecting certain pieces of evidence could be useful. For example, you could keep records of:

  • Any correspondence between you and the data controller or processor regarding the breach
  • Medical assessments that detail the extent of psychological harm you’ve experienced
  • Financial records, such as receipts, invoices and bank statements, that demonstrate your material losses

Evidence is a crucial aspect of data breach claims, but you don’t have to gather everything on your own. Contact our advisers to learn more about the help you could receive while claiming for a retail data breach.

Steps You Could Take To Make A Claim

Certain data breaches must be reported to the Information Commissioner’s Office (ICO), the independent watchdog established to ensure that individuals’ information rights are upheld.

You can take the following steps to report a data breach:

  1. If you suspect your personal data has been compromised, contact the data controller or processor. You can request information about how the breach occurred and what data was compromised.
  2. If you don’t receive a satisfactory response, you can then approach the ICO and request they investigate a potential breach of personal data. This must be done within three months of your last contact with the controller or processor.
  3. At any time during this process, you can seek legal advice about making a retail data breach compensation claim.

Get in touch with our team today for free legal advice regarding your claim.

What Potential Data Breach Payout Could You Receive?

This section will address how much compensation your data breach claim could be worth. This type of claim can help reimburse you for two kinds of harm resulting from the retail data breach: material and non-material damage.

The first of these, non-material damage, is any psychological harm you experience due to the data breach. To assess how much emotional distress compensation an individual might receive, a data breach solicitor will generally refer to a document known as the Judicial College Guidelines (JCG). This contains different award brackets for various injuries and severities of harm. We have included some examples of these brackets below.

InjuryJudicial College Guidelines (JCG)Notes
General Psychiatric Damage (Severe)£54,830 to £115,730Very poor prognosis regarding future vulnerability and marked problems managing various aspects of life.
General Psychiatric Damage (Moderately Severe)£19,070 to £54,830More optimistic prognosis regarding the factors mentioned above.
General Psychiatric Damage (Moderate)£5,860 to £19,070Good prognosis regarding the factors mentioned above due to symptoms that improve by the time of trial.
General Psychiatric Damage (Less Severe)£1,540 to £5,860Awards made for this level of damage will consider the length of time disbility is experienced.
Reactive Psychiatric Condition (Severe)£59,860 to £100,670Individual is prevented from functioning at pre-trauma levels by the presence of permanent symptoms.
Reactive Psychiatric Condition (Moderately Severe)£23,150 to £59,860Professional help likely to lead to some level of recovery, with significant disability for the foreseeable future.
Reactive Psychiatric Condition (Moderate)£8,180 to £23,150Individual recovers to a large degree, without effects that are grossly disabling.
Reactive Psychiatric Condition (Less Severe)£3,950 to £8,180Full or near-full recovery within 2 years. Minor symptoms may persist beyond this point.

These figures are only intended as guidelines. The compensation for data breach claims will vary depending on the circumstances of your case.

Additionally, your data breach compensation payout could help reimburse you for the material damage you experienced.  This is the financial damage caused by the breach. For example, you may be compensated for any money that is stolen from your bank account.

Speak to our advisors if you’d like to know more about the payout you could receive as compensation for a data breach.

Could A Data Breach Solicitor Help Me On A No Win No Fee Basis?

Additionally, our advisers could put you in touch with someone from our panel of data breach solicitors to help you with your personal data breach claim. A solicitor from our panel may be able to offer their services to you under a kind of No Win No Fee agreement called a Conditional Fee Agreement (CFA).

When hiring a solicitor under these terms, you typically do not have to pay them any upfront charges or ongoing fees. You also generally don’t have to pay the solicitor for their services if your claim fails.

Instead, at the end of a successful claim, your solicitor will take a success fee. This fee is subject to a legislative cap, as determined by the legislation mentioned above. This is to ensure you always get the majority of your compensation.

Want To See If You Can Make A Data Breach Claim? Contact Us For Free Today

If you have questions about claiming for a personal data breach that compromised your personal data, you can contact our team 24/7. Our advisors can provide free legal advice and more help during a free consultation. If our team finds that your claim has a chance of success, they may then pass you on to a solicitor from our panel. To get started:

Learn More About How To Claim For A Retail Data Breach

More articles with related information:

Third-party materials that may be useful:

We hope this article has provided useful information about claiming for a retail data breach.

Writer Morgan Feather

Editor Cat Hunt