Bounty Breached My Data Privacy, Could I Claim Compensation?
By Max Malkovich. Last Updated 5th July 2022. Welcome to our guide that explores the concept of a data breach by Bounty. Bounty gives help to those who’re pregnant, trying for a baby or are parenting.
Whenever you register to use a new service, purchase a product online, or even when you visit a medical professional, it is more than understandable to expect your data to be stored safely. After all, there are laws and policies set in place that emphasise the importance of data protection.
However, while there are laws like the Data Protection Act 2018 that reinforce the importance of data security, unfortunately, there are circumstances where a breach could occur.
A breach could compromise the security of your data and cause additional complications, such as psychological harm and financial loss. If that is the case, then you may question whether or not you could take legal action.
Throughout this guide, we are going to look at what you should know about data breaches. By the time you have read this guide to the very end, you’ll have a greater understanding of the claims process. More specifically, you will understand the effects of a data breach, what impact it can have on you, whether you could make a claim, and how one of our advisers could support you.
In the meantime, if you have any questions, please do not hesitate to contact us. One of our advisers would be more than happy to speak with you. The number to call is 0161 696 9685.
Select A Section
- A Guide On Claims For A Data Breach by Bounty
- What Is A Data Breach Claim Against Bounty UK?
- What Is Third-Party Data Sharing And How Does The GDPR Affect This?
- Enforcement Action Taken By The ICO Against Bounty UK Ltd
- Calculating Compensation Amounts For A Data Breach By Bounty
- Potential Compensation For A Data Breach Claim
- How The Information Commissioner’s Office Could Help You
- No Win No Fee Claims For A Data Breach By Bounty
- How Data Breach Protection Lawyers Could Help You
- How Victims Of A Data Breach Could Start Their Claim
- Speak To A Solicitor
- Where To Learn More
Every time your data is being used or stored, the organisation processing it should adhere to data protection law. In doing so, they must ensure your data is being kept safe and stored lawfully.
In this guide, we are going to look at data breaches in greater detail. This guide will outline how a data breach could be caused, what implications it could have, and whether or not you could take legal action. Throughout this guide, we are going to answer critical questions, such as:
- What is a data breach, and how can it affect me?
- Can I collect evidence to support my claim?
- Has Bounty had an ICO fine?
- What is a No Win No Fee agreement?
- Can I claim compensation from Bounty?
- Does the ICO enforce the GDPR?
- What’s the ICO breach register?
- What happens if a company has a data breach?
We hope you’ll find all the answers you’ll need. However, we understand that not everything can be covered in one guide. Therefore, if a question hasn’t been answered, or if aspects of your circumstances aren’t mentioned in this guide, please do not worry. Contact our advisers.
Our advisers are professionals, so if you believe you have been affected by a data breach, contact them for free legal advice.
Every claim must meet specific criteria for a solicitor to take on the case. For instance, if you wish to make a data breach compensation claim, you should do so within the limitation period.
A data breach compensation claim should usually be made within 6 years from the date you obtained knowledge of it. However, while 6 years may sound like a significant period of time, it is crucial to begin your case as soon as you’re able. If you choose to use the services of a solicitor, allowing them time to build your case is vital.
If a data breach happens to affect your human rights, then you could only have 1 year. Failure to meet this timeframe would ultimately affect your ability to claim compensation.
If you have evidence of a valid claim, then please feel free to contact our advisers. One of our advisers would be more than happy to speak with you.
In simple terms, a data breach happens when a security issue causes your data to be unlawfully or accidentally lost, accessed, destroyed, altered or disclosed. This may result in various complications such as financial loss and psychological harm.
When we use online shopping services, our personal data can be used to create a tailored customer experience. Perhaps due to an increase in technology and data usage, laws have been introduced to promote data security.
The General Data Protection Regulation (GDPR), requires companies that use and store personal data to protect it. The GDPR was enacted via the Data Protection Act 2018, and it emphasises the importance of data protection outlined by the GDPR, stating that all companies must follow the rules and regulations to ensure the data they use/store is up to standard, lawful, and ethical.
Examples of Personal Data
While there are laws to promote data security, there are unfortunate circumstances where breaches can occur. Various types of personal data could become compromised or non-consensually used, such as:
- Email address
- Home address
- Mobile number
- Date of birth
- Passwords and usernames
- Banking information
Not only could you pursue a claim as a customer affected by a data breach, but you may also have grounds to make a claim if you are an employee affected by a data breach. Employers have a duty of care to ensure all of their employees’ personal data is kept safe — even once they have left their position and moved on from the role/company.
However, if a data breach were to affect the security of their employees’ data, and it caused psychological or financial damage, then a claim could be a suitable course of action.
If you can provide evidence to support your case, then we could connect you to our panel of solicitors who can handle a data breach compensation claim.
In the previous section, we briefly touched upon the General Data Protection Regulation (GDPR) and discussed its influence on data protection. In this section of the guide, we are going to look at the various roles and obligations that the GDPR upholds concerning data protection.
There are different parties involved in data protection:
- The data controller is the one that is required to outline how and why your data needs processing. They can be an organisation.
- A data subject is an individual whose data is being processed.
- Data processors are the ones who are sometimes asked to process data on behalf of another party.
The GDPR states that the following measures should be taken:
- The data subject should be fully informed as to why their data is being collected and processed — they should also be informed of how it is stored. However, there are exceptions where a data controller doesn’t need your consent.
- Personal data that is being stored must be secured and be processed lawfully and ethically.
- Data controllers are required to adhere to their lawful duties and provide evidence that shows their compliance with data protection measures.
While the measures outlined above can promote safer data protection standards, should a breach occur, and your data is compromised, it could leave you with psychological damage and financial loss.
If you have evidence that that is the case, then please contact us. One of our advisers would be more than happy to speak with you, as they can offer free legal advice with no obligation. Use our live chat or call the number at the top of the page.
In this section of the guide, we are going to look at a case study that discusses a fine against Bounty.
The Information Commissioner’s Organisation (ICO) issued a £400,000 penalty to Bounty under section 55A of the Data Protection Act 1998. The fine was issued due to a severe breach of personal data.
Over 14 million people’s personal information was shared with various organisations, such as credit reference and marketing agencies. This transaction was done without informing or asking for the consent of the data subjects. The ICO found that Bounty had processed the data unfairly and breached data protection law.
Understandably, you mighty seek compensation if you have suffered due to a data breach. It is essential to acknowledge that compensation can be broken down into two categories if you intend to make a claim. They are below.
- Non-material damages can be awarded to those who have endured psychological harm due to the data breach.
- Material damages can be awarded to those that endure financial loss due to a data breach.
In order for compensation to be awarded for financial loss or psychological suffering, you will be required to provide evidence to support your claim. For instance, if you intend on making a claim for financial loss, you would be required to provide evidence such as receipts and bank statements.
In comparison, if you intend on taking legal action for any psychological harm you’ve endured, then you would be asked to attend a medical assessment. The independent medical professional conducting the assessment will gain an understanding of your injuries by asking you a series of questions, evaluating the severity of the condition, and determining whether there are future implications.
The information that is collected from the assessment will be documented in a report and used to value your condition. Another purpose of the medical assessment is to prove that the data breach caused or exacerbated your condition.
If you happen to have any questions relating to the information provided in this section, then please do not hesitate to contact our advisers today.
You may be able to make a claim if you’ve suffered due to a personal data breach if:
- The data breach has led to you suffering material (financial) losses or non-material (psychological) damage.
- The data breach was caused by positive wrongful conduct by the company that held your data. Successful personal data breach claims revolve around you showing how the company mishandled your data, which was a contributory factor to the breach.
The ruling in the case of Vidal-Hall and others v Google Inc  now means that you can claim for non-material damages as a result of a data breach without also claiming for financial losses. Psychological injuries in data breach claims are valued the same way as they are for personal injury claims.
If you had sufficient evidence to claim for a Bounty data breach, the Judicial College guidelines could give you a greater idea of what you could receive. The amount you receive will be based on factors including the severity of your injury, whether there are any long-term implications and the general negative impact of the injury on your life.
These figures are not guaranteed and have been taken from the latest guidelines, published in 2022.
|Psychiatric Damage Generally||Severe||£54,830 to £115,730||Severe psychiatric damage will often take into account
various factors that cause long-term complications.
|Psychiatric Damage Generally||Moderately Severe||£19,070 to £54,830||Cases of this nature are often associated with work-related stress disorder. The level of compensation will take into account the prognosis.|
|Psychiatric Damage Generally||Less Severe||£1,540 to £5,860||An award of this nature would take into consideration the length of time in which disability has had an impact.|
|PTSD||Severe||£59,860 to £100,670||Severe PTSD will have a profound and long-lasting impact on the individual. Not only may it affect their professional life, but it could also hinder their social life as well.|
|PTSD||Moderately Severe||£23,150 to £59,860||With the support of a medical professional, the individual would be expected to make a decent recovery. However, some implications may affect their day-to-day life.|
|PTSD||Less Severe||£3,950 to £8,180||Those who endure PTSD of this nature would be expected to make a full recovery within 2 years. Some minor symptoms may prevail.|
Regarding material damages, some of the losses you could potentially claim for include:
- Medical expenses, such as prescription costs
- Travel costs
- Loss of earnings
- Care costs
In order to receive this compensation, you would need evidence, such as receipts and invoices, that shows the value of the financial losses. To learn more about this, please contact our advisors for free using the details above.
As we previously outlined in an earlier section, you could make a complaint about a data breach to the Information Commissioner’s Office (ICO). However, before you make a complaint to them, they recommend you contact the organisation affected by the data breach. Should you make a complaint to the organisation, they may conduct an investigation into the matter.
Sometimes data breaches can risk the rights and freedoms of data subjects. In these cases, organisations are required to inform the victims of the breach without undue delay. And they should inform the ICO of their findings within 72 hours.
If the organisation doesn’t respond to your complaint satisfactorily, you could escalate your query with the ICO. However, you should do so within 3 months of their final response to you. Please note that an ICO investigation cannot help you gain compensation for any financial losses or psychological harm caused.
You could receive compensation by making a claim. Here at Legal Helpline, we could connect those with valid grounds to make a claim to our panel of solicitors with qualifications and experience handling similar cases.
If you choose to use the services of a solicitor, you may be concerned about how you can fund them if the case loses. The unexpected aftermath of a data breach could have a profound impact on your psychological health and finances, and having to find affordable representation could ultimately add to that stress.
Here at Legal Helpline, we firmly believe that nobody should ever be discouraged from taking legal action if they have suffered from a data breach. And it is for that reason why we connect those with valid cases to our panel of solicitors that offer No Win No Fee services.
A No Win No Fee agreement can be a credible option for many claimants, as it provides the following benefits:
- No solicitor fees to pay to start your case.
- There are no solicitor fees to pay while the case is ongoing.
- You would not have to pay your solicitor’s fees should the case be unsuccessful.
Please note that if the case were to be successful and compensation awarded, your solicitor would deduct a small percentage for their work. By law, this fee is capped, so you do not have to worry about overcharging.
For many, a crucial part of the claims process is finding the right solicitor to handle the case. However, it is more than understandable to be unsure of how to find the best legal representation. After all, you may not have expected to be involved in a situation that requires legal attention.
You may use the internet to try and find the best lawyer suited to take on your claim. Consequently, you may read client reviews, as they can provide valuable information and insight.
By reading a client review, you can gain a firm understanding of a lawyer’s success rate. You can see whether the firm has experience handling similar cases to yours. And you can also gain insight into the clients’ overall experience.
However, while we acknowledge the importance of client reviews, we would always recommend picking up the phone and speaking to someone before you progress with your case. In doing so, you have the opportunity to ask questions and determine whether the firm is a suitable fit for you and your case.
You might be of the understanding that you require a local solicitor to take on your data breach compensation claim. But, in short, that isn’t entirely true. Thanks to the advancements in technology, a solicitor can offer to take on a claim regardless of location, as most communication could be done:
- Over the phone.
- Via email.
- In writing.
- By speaking with you in person during online meetings.
Therefore, you can search for a solicitor with relevant experience that is best suited to handle your case and not worry about their location. Our panel of solicitors can work on your case from anywhere in the country.
If you have evidence of a valid claim, get in touch by clicking the live chat icon to access free legal advice. One of our advisers would be more than happy to speak with you and could connect you to our panel of solicitors.
As we enter the final sections of this guide, you rightfully may have additional questions you’d like to ask relating to your case. Alternatively, you might have evidence of a valid compensation claim and wish to discuss it. Our advisers are standing by and would be delighted to speak with you.
When you are ready to speak with someone regarding your case, why not use one of these quick and easy methods to contact us?:
We look forward to hearing from you.
Thank you for taking the time to read our guide. We hope you understand how a solicitor could take on a data breach compensation claim. Now that you have come to the final section of the guide, understandably you might have some additional questions. If so, then you will find the resources we have provided extremely beneficial.
We have taken the time to include some additional resources to further your understanding of the claims process. Below, you will find links to relevant websites and guides, but should you have any questions, then please feel free to contact our claims team using the information provided in the previous section.
Employer Breach Of the Data Protection Act: Read our guide to learn what steps you should consider if your employer were to breach the Data Protection Act.
Medical Data Breaches: Why not read our guide to learn more information about medical data breach cases?
Accident At Work Claims: How to make a claim against your employer for accidents at work.
NHS PTSD: Learn how the NHS can treat PTSD.
ICO Complaint: Take a look at how ICO complaints work.
ICO Key Definitions: Definitions of processors and controllers.
Thank you for reading this guide exploring what a data breach by Bounty could entail.
Written by MB
Edited by RV