Barclays GDPR Data Breach Compensation Claims Guide – How To Claim?

My Data Privacy Was Breached By Barclays, Could I Claim Compensation?

By Max Malkovich. Last Updated 5th July 2022. As you can imagine, your bank is likely to hold a lot of personal information about you. Without it, they would struggle to manage their relationship with you. However, due to the sensitivity of that information, you wouldn’t want to share it with others. Thankfully, the General Data Protection Regulation (GDPR) means that the rules relating to personal data security have been improved. That said, if your personal information is leaked, you could suffer financial losses or conditions such as anxiety or distress. In this article, we’re going to look at the justifications for pursuing data protection breach claims against Barclays. We will explain what harm could result in a breach and the amount of compensation that could be awarded for different forms of damage

Barclays data breach compensation claims guideIf you are considering making a banking data breach claim, we are ready to help you. Our team of specially trained advisors provide a no-obligation review of any claim and offer free legal advice.

While you aren’t obliged to proceed with a claim, we have a panel of lawyers who could represent you if your case has a good chance of success. Should your claim be accepted, they will provide their services on a No Win No Fee basis.

If you suspect you have a valid case for claiming compensation, why not get in touch with us today? Our advisors are available on 0161 696 9685. If you’d rather learn more about data protection breaches before calling, please continue to read the rest of this guide.

Select A Section

A Guide On Data Protection Breach Claims Against Barclays

Data safety is paramount these days. It’s the reason the GDPR and the Data Protection Act 2018 were implemented. Thanks to these laws, individuals (or data subjects) benefit from more control over personal data usage. Nowadays, any organisation (or data controller) that wants to use your personal information must have a lawful basis for doing so. As you might have seen, a lot of the time they will now tell you why it’s going to be used and ask for your permission too.

Additional procedures and processes need to be implemented to help secure personal information since the GDPR became law. If mistakes are made and there are data security concerns, the Information Commissioner’s Office (ICO) can choose to investigate.

Furthermore, they have the legal powers to fine any company that has broken the rules. The one thing they cannot do is issue compensation to you if you’ve suffered due to a personal data breach. The only way of receiving compensation is if you take action yourself.

If you are thinking of claiming, there is a time limit that must be adhered to. Generally, this is a 6-year period from the date you obtained knowledge of the breach. However, you may wish to get legal advice on how long you have because claims relating to breaches of human rights are limited to 1-year.

As we continue through this guide, we’ll look at what could cause a bank data breach to take place. It’s worth pointing out at this point that claims could be made for various reasons. That could range from branch staff disposing of bank statements in the normal rubbish through to the bank’s IT systems being targeted by hackers.

After reading our guide, do feel free to contact our team if you have questions. Should you believe you have a valid claim, we’ll be here to help you too.

What Are Data Protection Breach Claims Against Barclays?

Banks process vast amounts of personal data every day. As data controllers, they have a legal duty to try and keep it safe. A banking data breach will usually occur following a security incident. If any personally identifiable information is accessed, lost, disclosed, destroyed or altered, then a breach has happened. Importantly, the act that led to the breach doesn’t have to be illegal or deliberate. You could be compensated if harmed by an accidental breach too.

To make a data protection breach claim against Barclays, you will need to prove that:

  • The data breach took place and it was the fault of the bank.
  • You have suffered damage either financially or mentally as a result of the breach.

Claims might be possible if you have lost money following a data breach. Additionally, it could be possible to claim for medical conditions such as stress or anxiety caused by the breach.

While we often hear about data breaches involving cyber attacks (phishing emails, key loggers, ransomware and the like), they can involve physical documents too. For example, if your bank branch was broken into, and the burglar obtained personal information about you from an unlocked cupboard, a GDPR breach will have taken place.

Personally identifiable information relates to data that can directly determine who you are. This includes your name, email address, telephone number and home address. Data that might indirectly help to identify you are also covered. For example, details about your ethnicity, age, marital statement or disability.

What Data Could Be Shared With Third Parties?

Organisations need a lawful basis to process information about you. The same is true if they want to share data with other organisations. In many cases, when you register with a bank, their data protection policy will make it clear where sharing could occur. Furthermore, you will probably be asked to consent to it.

However, there are times when a lawful basis might exist to share your information without your consent. For example, banks might be legally obliged to tell HMRC about your savings or spending.

If you suspect your data has been shared by your bank, e.g. for marketing purposes, you could be entitled to claim for any damage it has caused. Why not call our team of specialists today to see if you have a valid compensation claim?

Examples Of Banking, Credit Card And Financial Services Hacks

The ICO maintains a database of action taken against companies that have been fined following data breaches. At the time of writing, Barclays was not included in that database.

However, to demonstrate how serious the ICO takes data protection breaches, here are some of the fines issued recently:

If a banking data breach were to happen, the bank would be legally obliged to tell you about it within 72 hours. In some cases, this may be weeks or months after the event because the bank didn’t find out about the breach until later. The letter or email alerting you to the breach could act as evidence in any future claim.

Even if you haven’t been contacted, you could approach the bank with your concerns and await a formal response. If you would like help deciding whether you have a valid compensation claim, please call our team of specialists today.

Potential Barclays UK GDPR Breach – Example Compensation Amounts

Have you suffered due to a personal data breach through a failure to comply with UK GDPR? If so, compensation could be possible. If you were eligible to make a data breach claim, you could claim under two types of damages:

  • Material damages – This relates to monetary losses suffered from a breach. This can include money being stolen from an account.
  • Non-Material damages – This relates to psychological injuries (such as PTSD or anxiety) caused by the breach.

You may also be wondering; how could a breach of UK GDPR lead to compensation for distress? Due to the ruling by the Supreme Court of Vidal-Hall and Others v Google Inc in 2015, you can now seek compensation for psychological injuries without having to also claim for material damages. Psychological injuries are also valued in the same way as they are during personal injury claims.

Due to this, the Judicial College Guidelines can give you a better idea of what you could receive for non-material damages. They have used previous payouts from court cases in England and Wales to build compensation brackets which you can see below. These have been taken from the most recent guidelines, published in 2022. Please remember that these figures are just guidelines as every claim is different.

Claim TypeSeveritySettlement BracketFurther Details
PsychiatricSevere£54,830 to £115,730The claimant will struggle significantly with life in general and work. Relationships will also struggle, the claimant will continue to be vulnerable and treatment will not help. The prognosis will be very poor.
Moderately Severe£19,070 to £54,830A more optimistic prognosis will be offered in this category even though levels of suffering will be similar to the above.
Less severe£1,540 to £5,860How long daily activities (like sleeping) were affected will be considered in this settlement bracket.
PTSDModerately Severe£23,150 to £59,860There will be significant PTSD symptoms in this category. They include flashbacks and nightmares. The claimant will struggle to work, but some recovery is possible with specialist support.
Moderate£8,180 to £23,150Most of the symptoms will have been resolved. Some may continue but won't be severely disabling.

As part of the claims process, your injuries may be assessed by a medical professional. This is because how severe your injuries are is one of the factors that can determine your potential compensation. With that in mind, a medical specialist will assess your injuries and produce a medical report. This report will detail aspects such as your prognosis and the nature of your injury.

To learn more about the claims process, or what principles of the UK GDPR Barclays must comply to, please read on or contact our team for legal advice that is completely free using the details above.

Damages Awarded For Breaches Of Data Protection By A Bank

Data breach claims are generally made up of two key elements. Firstly, you will look at material damages. This part of your claim is for money that you have lost or expenses you have incurred because of the breach.

Then you would normally move on to non-material damages. This part of the claim is for any pain or suffering caused by psychiatric problems that result from the data leak. This could include distress, depression or anxiety.

Importantly, your claim will need to cover any future suffering too. If you instruct a lawyer from our panel, they will work with you to try and ensure how you have been affected. They will also consider your medical assessment to see if the claim needs to cover any illnesses or injuries that will continue to cause suffering in the future.

If you would like to discuss your options with a specialist, please call today. They will be able to review your claim and give you some idea of what could be claimed for.

Do I Need To Report A Banking Data Breach To The ICO?

As part of your claim, you might want to contact the ICO and ask them to investigate. Before you do, though, you will need to complain to the bank first. If you don’t agree with the outcome of their internal investigation, you should escalate the complaint as high as possible.

Once you have exhausted all of the escalation routes, you can contact the ICO if 3-months have passed since you last heard anything meaningful from the bank. Don’t leave it too long beyond that as the ICO can turn claims away.

Following an ICO audit, the bank may be told to improve its procedures if found guilty of breaking data protection rules. Furthermore, the Information Commissioner’s Office could levy a fine on the company. However, they won’t help you claim compensation. Taking legal action against the bank yourself is the only way you will receive compensation.

Please call today for a free review of your case and legal advice on your options.

Make A Data Protection Breach Claim Against Barclays With A No Win No Fee Solicitor

The thought of losing money on lawyer’s fees may be putting you off claiming. You needn’t worry too much though because we have a panel of lawyers who provide a No Win No Fee service for cases they take on. That allows you to have a less stressful claim because your financial risks are lowered.

Obviously, lawyer’s can’t accept all claims on this basis. Therefore, your claim will need to be reviewed before it is taken on. Should the lawyer agree to work on your case, they will give you a Conditional Fee Agreement (CFA) to sign. This is the formal title of a No Win No Fee agreement and serves as your contract. It will show clearly what the lawyer must do before they are paid. Additionally, it will show that:

  • Your lawyer won’t want payment for their work upfront.
  • There are no lawyer’s fees payable while the claim is being processed.
  • You won’t need to cover your lawyer’s fees if the claim fails.

Importantly, you will only pay your lawyer’s fees if you receive compensation. If that happens, a small success fee will be deducted from your compensation payment. This forms a percentage of your compensation and is capped by law. So you know how much is payable, the success fee is listed in the CFA.

An advisor from our team could check whether your claim is suitable for a No Win No Fee service. Why not call today to find out more?

How To Find The Right Solicitor About Your Data Breach

We know how complex bank data breach claims can become. For that reason, we do advise claimants to seek legal representation. By doing so, we believe you’ll have a better chance of being compensated correctly.

To find a lawyer to help, you could simply call our free advice line. If we pass your claim to a specialist lawyer from our panel, and they agree to represent you, they will:

  • Spend time discussing your case with you to get a complete understanding of how you’ve been affected.
  • Work hard to obtain evidence that could back up your allegations.
  • Arrange for you to be assessed locally by an independent medical specialist.
  • Put together your claim before forwarding it to Barclays or their legal representatives.
  • Answer all queries that come back from the defendant so that you don’t need to speak directly to them.
  • Aim to get you the highest possible compensation figure to cover your suffering.

If you’re interested in beginning a claim, why not contact our advisors today? Free advice will be provided even if you choose not to claim.

How To Get Compensation After Your Data Privacy Has Been Breached

In this section, we will briefly summarise the route you could take to receive compensation for any suffering that results from a GDPR data breach.

The first action you should take is to complain formally to Barclays Bank. Once they’ve responded, you should follow any escalation paths their response offers. After 3-months, you could involve the Information Commissioner’s Office if you’re not happy with the formal response. They may choose to investigate on your behalf.

You should bear in mind that the ICO can’t award compensation. Therefore, you might choose to begin your own legal proceedings. If that is what you would like to do, we are ready to support you. Call our team for free advice, a no-obligation claim assessment and guidance on your options.

Contact A Specialist About Your Case

You have almost arrived at the end of our article about data protection breach claims against Barclays. We hope that you are now in a position where you know what action you’ll take next. If you want to proceed with a claim, we are happy to help. You can get in touch with our specialists by:

When you get in touch, our team will provide clear and free legal advice. You’ll benefit from a telephone consultation where you’ll be under no obligation to continue. If you do decide to pursue damages, we could link you with a data breach lawyer from our panel.

Frequently Asked Questions About Banking Data Breaches

We are now going to supply some answers to questions we often hear about data breach claims. Don’t worry if your question isn’t answered here as you can simply call our team of specialists for free advice.

Can I claim directly from the ICO?

No, the Information Commissioner’s Office cannot get involved in personal data breach claims. They do have the power to order companies to change their data protection policies or fine them. However, to receive compensation, you will need to make a claim directly.

What can I claim for following a data breach?

You can’t claim just because a GDPR data breach has happened. That said, if you can show that the breach caused you to suffer damage, a compensation claim might be possible. For example, claims could be made to cover financial losses or to cover the pain and suffering that results from conditions like distress or anxiety.

Can I be compensated for emotional distress?

People react to data breaches in different ways. For some, anxiety, depression and emotional distress can result in suffering which affects their way of life. It is therefore possible to claim for emotional distress if it was caused by a GDPR data breach.

Where To Learn More

Thank you for reaching the end of our guide about data protection breach claims against Barclays. To help you further, we have chosen to add some links to external resources that may help you during a claim. If you do need to know anything else about banking data breaches, please call our team today.

Barclays Privacy Policy – Information for customers of Barclays that explains how the company uses their personal information.

Requesting Information – This ICO article provides advice on how you can request copies of information from public bodies.

Anxiety And Panic Attacks – Information on the possible causes of panic attacks and what treatment might help.

Here are a few more of our guides that you may also find useful:

Bank Data Breaches – A more generic look at data breach claims following the leaking of your personal data by a bank.

The Blackbaud Data Breach – Information on a ransomware attack that led to a data breach that had the potential to affect many universities in the UK.

Pharmacy Data Breaches – Free advice relating to breaches of data protection relating to pharmacies.

Thank you for reaching the end of our guide about data protection breach claims against Barclays.


Guide by BH

Edited by REB