By Marlon Redding. Last Updated 22nd September 2022. If you have come across this page it is probably because you have been the victim of a GDPR breach that has caused you stress. You may be looking for options about taking action against the organisation responsible.
You could have the right to take action in the form of making a data breach compensation claim, and that is what this article is all about. We have put this page together, and others like it, to offer advice and support to people in situations like yours and to offer the services of our team of advisors and our panel of specialist data breach claims solicitors.
If you have been the victim of a data breach then you could suffer a variety of different effects that could have a serious impact on your mental health and on your financial situation. You should make use of your right to claim in order to help rectify your own situation and to hold to account those who have breached your rights to data privacy and security.
If you want to take things further, you can call us on 0161 696 9685, or fill out our online enquiry form to request a phone call from our team. You could also message us through the chat messenger at the bottom of the screen to speak to one of our advisors.
Select A Section
- A Guide On Claims If A GDPR Breach Caused You Stress
- What Is A Breach Of The GDPR?
- What Is The GDPR?
- Common Types Of Data Breaches And How You Could Be Affected
- How Could A GDPR Breach Cause You Stress?
- Types Of Stress And Psychological Injury
- Can A GDPR Breach Cause You Emotional Distress?
- Calculate Compensation If A GDPR Breach Caused You Stress
- Material Damages Awarded Where A GDPR Breach Caused You Stress
- Make A Data Protection Breach Claim For Stress With A No Win No Fee Solicitor
- Speak To A Solicitor
- FAQs On Claims For Stress Caused By A GDPR Breach
- Where To Learn More
If you think that you have been the victim of a personal information breach, one of the first things you will need to know is whether or not you have grounds for making a claim. In regards to this, we will explain what kind of responsibilities and restrictions are placed on businesses that collect and store data, and what kind of situations would constitute a breach of these obligations.
To help you understand how a data breach claim works, we will explain what some of the consequences of a data breach might be, and how the compensation you could claim for these consequences is worked out.
You are also invited to get in touch with us, either to speak to an advisor and ask questions about how making a claim works or to be connected with one of the data protection lawyers on our panel. One of the benefits that we will explain about working with our panel is the ability to make a No Win No Fee claim.
At the bottom of this page is a series of FAQs about GDPR breach claims, contact details for getting in touch with us, and a series of links to the other pages on our website that deal with GDPR protection breach claims. There will also be links for you to follow throughout this guide that might prove useful in helping you to further understand your rights when it comes to taking action after suffering a data breach.
A GDPR breach is a situation in which a company or other third party has broken the rules surrounding the security and privacy of your data. The could mean situations where the data has been accessed by another party, either because it was shared with them deliberately, accidentally, or because there was inadequate security.
It could also involve situations where the data has been used improperly, such as contacting you without your consent, or situations where the data has been lost or has become outdated. Actions like this could be a breach of the law under the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
You could be entitled to compensation to cover the damages you have suffered as a result of the breach.
GDPR stands for the General Data Protection Regulation. GDPR was introduced in the EU in 2018 and applies to all organisations that handle data relating to EU citizens. The UK enacted GDPR into domestic law by introducing the Data Protection Act 2018.
The GDPR and Data Protection Act 2018 outline the following responsibilities and restrictions on an organisation’s use and handling of personal information:
- That the data was collected only using methods that were clear, transparent, and in accordance with the law
- That only the data that the organisation needed was collected
- That the data has not been used for purposes other than those that were outlined when collecting data
- That the data has been kept up-to-date and is accurate
- That the data is being held securely
- That the data has or will be destroyed once its purpose has been served
If you have evidence or suspect that your data hasn’t been used in accordance with these principles, get in touch with our data breach claims advisers.
GDPR breaches could potentially occur in different circumstances and be caused by a variety of factors, from oversights to security flaws.
Below is a list of a few examples of situations that could be classed as data breaches:
- Using data for marketing without your consent
- Misplacing the paperwork or external storage devices containing your personal information
- Lapses in cyber-security making hacking of your personal information possible
- Recording your data incorrectly or failing to update the information
- Sharing the data with another third party without your express permission.
If you would like to ask questions about whether or not your situation could be classed as a data breach and whether or not you could be entitled to make a data breach claim, you can call our team any time you wish.
Suffering a data breach has been likened to being burgled or mugged. Just because it happens virtually doesn’t lessen the extent of the harm it can inflict.
Data breach victims in some cases display symptoms consistent with various psychological disorders and mental health issues. These include Post-traumatic Stress Disorder, Generalised Anxiety Disorder, clinical depression, and adjustment disorders.
These can be caused by the fear and distress of knowing that your personal data has been breached and that you are living under the threat of this data being misused. In extreme cases, the breach could threaten your personal safety, which could create significant distress.
The risks of a data breach that would weigh on the mind of a data breach victim include:
- Identity theft
- Theft of funds from a bank account
- Use of credit card details to make fraudulent purchases
- Being harassed, stalked, or put at risk of violence as a result of your address or contact details being published
- Being put at risk of harassment, discrimination, or violence as a result of personal details such as protected identity status being made public.
If you’ve suffered distress because of a data breach, get in touch with our team today on the number at the top of this page. You could be entitled to compensation.
The stress and fear of a data breach and its potential consequences can cause impacts on your mental health and emotional wellbeing. This stress can cause you to experience sleeplessness, nausea, nightmares, panic attacks, as well as some of the psychological and emotional disorders mentioned in the previous section.
The effects can have a lasting impact on your health, such as PTSD, depression, and anxiety.
As part of a data breach claim, it’s possible to account for these conditions and the impact they have on your life. To learn more, get in touch with our team.
There is also a component of emotional shock, turmoil, and distress associated with being the victim of a data breach. Finding out that you have been the victim of a data breach is an upsetting experience, not just because you now have to deal with all of the fears described in the two previous sections, but also because you have had the trust that you placed in the third party betrayed.
You could be compensated for the emotional distress and fear that you experience as a result of a data breach. This compensation can be awarded even if your fears are not realised and no financial losses occur.
The legal precedent for pursuing compensation on the basis of emotional distress caused by finding out that your data has been breached was established in the case Google Inc v Vidal-Hall and others .
Prior to this Court of Appeal case, it was necessary to show financial damage to claim for emotional harm.
Compensation in data breach claims is calculated to reflect the degree of harm done. Different types of harm are calculated separately but are all based on the principle that more compensation can be claimed if the effects, whatever they may be, are more severe.
One type of damage that you could be entitled to claim compensation for, as we have explored above, is the harm caused to your mental health and your emotional well-being. You could claim compensation for suffering the symptoms of stress, anxiety, trauma, depression, and any of the other disorders and issues outlined in the previous sections.
In order to provide evidence for this part of your claim, you will need a report from a medical expert. This would be arranged as part of the claims process, and if you decide to pursue a claim through Legal Helpline, you can take advantage of our extensive network of medical experts, meaning you can be assessed close to your home.
Once a proper assessment of the harm done to your mental health has been conducted, the medical expert will compile their results into a medical report. This will be used to prove the damage caused by the breach, as well as enable your lawyer to value your claim.
To help them determine a value, your lawyer will likely refer to the guidelines of the Judicial College. You can see what these guidelines have to say about awarding damages for mental health damage in the compensation table below.
|Severe psychiatric damage
|£54,830 to £115,730
|Moderately severe psychiatric damage
|£19,070 to £54,830
|Moderate psychiatric damage
|£5,860 to £19,070
|£59,860 to £100,670
|Moderately Severe PTSD
|£23,150 to £59,860
|£8,180 to £23,150
|Less severe PTSD
|£3,950 to £8,180
While these numbers are not definitive, they could help you to get a rough idea of the amount of money you could be entitled to claim for harm done to your mental health and emotional wellbeing.
For a more precise estimate, please get in touch with our team on the number at the top of this page.
Another factor following a data breach that you could claim compensation for is any loss of money or income that you sustain as a result of the breach. There are a number of different ways in which you could be affected financially. These include:
- Having someone access your bank account using your financial information and stealing money
- Having someone use your credit card using accessed details in order to make purchases
- Being blackmailed by those who have gained access to your personal information
- Having to spend money to take steps to avoid harassment, stalking or threats of violence stemming from a breach of your personal information
- Losing work from discrimination or dismissal as a result of disclosure of information accessed in the breach
- Taking time off or sick leave from work due to stress, mental health problems, or emotional distress caused by the data breach.
If you wish to claim back the financial losses you have experienced as a result of the breach you will need to have records and documentation to prove them. This can include bank statements, payslips, invoices, receipts, and so on.
Evidence will be needed in order to calculate and prove the losses that occurred. Any losses that occurred as a result of the breach that you cannot provide evidence for cannot be claimed back as part of your claim.
If you want help and advice about how a lawyer can help you to put together this evidence, you can call our team and speak to an advisor.
A No Win No Fee claim is one in which you will sign an agreement with your solicitor. The terms of this agreement will outline three key points.
- You will not be charged legal fees to start the claim or while it’s ongoing
- You will not be charged legal fees if you make a claim that does not succeed
- If you are successful in claiming compensation your solicitor will deduct a small percentage to cover their costs. This is known as a success fee and by law, it’s capped at a low level.
We recommend this less risky option that is offered by all of the data breach lawyers on our panel.
If you want to make a data breach claim for stress, or if you’d like to learn more about your legal rights, you can call us on 0161 696 9685, or fill out our online enquiry form to request a call back at a time that suits you.
You could also message us through the chat messenger at the bottom of the screen to speak to one of our advisors.
In this section, we’ve included answers to some questions we often get asked about a GDPR breach that causes stress.
What are the principles of the GDPR?
The GDPR is a set of regulations that outline the responsibilities and principles an organisation has to comply with if they hold people’s personal data. They ensure the security, anonymity, integrity, and accessibility of people’s personal data.
When did the GDPR come into force?
The GDPR was introduced by the EU in 2018 and subsequently enacted into UK law by the Data Protection Act 2018.
What fine could be issued for a breach of the GDPR?
Under certain conditions, a fine equivalent to 4% of a business’s annual turnover could be imposed for serious breaches of the GDPR. Meaning that companies could face fines worth tens of millions of pounds.
What responsibilities do companies have under the GDPR?
The GDPR outlines that companies have an obligation to be able to provide proof that they have taken steps to keep their customers’ details secure, anonymous, accessible, up-to-date, and used only for the correct purposes.
Data Breach Claim – Time Limits
The limitation period – which is the time limit in which a claim must be started – for a data breach claim can depend on the organisation that committed the breach.
- If it is a public body – such as a branch of the government or a departmental – you would have one year from the date of the breach to start a claim
- If it is a non-public body your time limit could be six years.
You should, however contact a legal professional to learn more about how the time limit could be applied or extended depending on the circumstances of your UK GDPR claim.
Our advisers can help you by talking to you about your data breach claim. Whether you are claiming for financial losses stemming from a breach of the UK GDPR, or for compensation for distress – please reach out now for help with your data breach claim.
In the last section of our data breach claims guide, we’ve included links to some other resources you may find useful.
Here is our general guide to data protection compensation claims.
Our guide to medical data breach claims
Our guide to data breaches caused by solicitors
Learn more about GDPR from the Information Commissioner’s Office (ICO) in their informative guides:
- About the ICO
- Does an organisation need my consent?
- Enforcement action taken by the ICO
- If you’ve been impacted by a data protection breach at work, you can head here to learn all about your legal rights. You can also find potential compensation payouts and how we can help you take action.
- For advice on claiming for a data breach if your employer lost your documents, you can read our separate guide about this.
Thank you for reading this guide on making a claim for a GDPR breach that caused you stress.