My Data Privacy Was Breached By Premier Inn, Could I Claim Compensation?
If Premier Inn has been proven to have breached your personal data whether due to a hacking, virus, employee error or negligence, it could cause you to suffer damage either emotionally or financially. Under data protection law, Premier Inn has a duty to protect the personal data of its customers and staff. A failure to do so could be considered a breach of GDPR or the Data Protection Act. Data protection breach claims against Premier Inn could compensate victims of a data breach for the financial and mental damage they’ve suffered as a result. This guide explains the justifications for making a claim for a data breach by Premier Inn.
In the sections below, we discuss the laws that protect your personal data and explain what constitutes a breach and how it could affect you.
In addition to this, we explain how solicitors and courts calculate compensation for such breaches. We also discuss whether you could make a claim on your own, or whether you’d need assistance from a data breach solicitor.
Finally, we talk you through the No Win No Fee claims process and answer some commonly asked questions about data breach claims.
If you wish to start a data breach claim today or would like us to check your eligibility to claim, you could simply call our team on 0161 696 9685. We’d be happy to help you.
Select A Section
- A Guide On Data Protection Breach Claims Against Premier Inn
- What Are Data Protection Breach Claims Against Premier Inn
- How Does The GDPR Affect Third Party Data Sharing?
- Examples Of Data Breaches Affecting Premier Inn
- Data Breach Compensation Calculator
- Types Of Material And Non-Material Damages Awarded For Data Breaches
- How To Report A Hotel To Information Commissioners’ Office
- Make A Data Protection Breach Claim Against Premier Inn With A No Win No Fee Solicitor
- Can I Sue For A Data Breach At A Hotel?
- How To Begin A Claim If You Were Affected By A Data Breach
- Contact Our Team
- FAQs On Data Breaches At Hotel Chains
- Where To Learn More
In the UK, there are several laws pertaining to the protection of your personal data. One piece of legislation that data controllers and processors have to abide by is the Data Protection Act 2018. This enacted into UK law the General Data Protection Regulation (GDPR), the strictest and most far-reaching data privacy and security law in the world.
Under GDPR and the Data Protection Act, breaches of data protection that cause material (financial) and non-material (psychological) damage to data subjects could leave those impacted able to pursue compensation.
We have put together this guide to specifically explain when data protection breach claims against Premier Inn could be warranted. In the below sections, we highlight the data protection laws that organisations must abide by, particularly when it comes to data sharing.
We also explain the role of the Information Commissioner’s Office (ICO) in upholding individuals’ data rights. In addition to this, we explain different types of data breaches and explain the actions you could take if you can evidence that you have become a victim of a Premier Inn data protection breach.
Limitations On Claiming
There are limits on how long you could have to make data protection breach claims against Premier Inn as well as other data breach claims.
Generally, you would have 1 year to claim if there was a breach of your human rights. However, for other data breach claims, you could have 6 years from the date you obtained knowledge of the breach to claim.
We would, however, advise you to look into claiming as soon as possible after a data breach. This could make gathering evidence somewhat less complicated. If you’d like us to, we could help you get started with a claim right away.
We could put you in touch with a No Win No Fee data breach lawyer from our panel who could start your claim, with no legal fees payable until the end of your claim. Simply call us on the number at the top of this page to learn more.
In order to service you as a customer or provide you with employment, organisations generally need some of your personal information. They may need your name, email address, contact details, and even your financial information in some cases.
This is all classed as personal data according to the Information Commissioner’s Office, and as such, the organisation must protect its privacy.
Data protection laws that organisations must abide by include the Data Protection Act 2018, which states that any breach of the GDPR could give a data subject the right to claim compensation for non-material and material damage they suffer because of the breach.
How Do I Know If I Can Make Data Protection Breach Claims Against Premier Inn?
To claim compensation, you would need to be able to prove that your personal data had been breached. You would also need to evidence any damages the breach has caused you. But, what constitutes a data breach?
The Information Commissioner’s Office describes data breaches as security incidents that cause data to be:
- Unlawfully disclosed, destroyed, accessed, altered or transmitted
- Made unavailable
Examples Of Breaches Of Data Protection In the Hotel Industry
There are lots of ways in which a hotel data breach could occur. Causes could include:
- Hacking – A cybercriminal could use a bot to seek out vulnerabilities in a database or firewall, for example. It could exploit those vulnerabilities and gain access to systems for nefarious purposes.
- Cyber attack – This type of attack could involve phishing attacks, the use of malware, ransomware, spyware or a virus, for example.
- Human error – It isn’t just IT errors that could cause a breach. A hotel receptionist could send your personal data to someone else in error. They may even leave a filing cabinet unlocked, allowing an unauthorised person to access the data within it.
- Negligence – Organisations could breach personal data by not protecting it adequately in the first place. There are strict rules in place as to the protection of sensitive and personal data that all organisations must adhere to. Lack of understanding of data protection requirements is no excuse.
If you can evidence that Premier Inn has breached your personal data, and you’ve been harmed by the breach, you could launch a data breach claim. Get in touch to learn more.
If you’re wondering ‘are the general data protection regulations only for hotel receptionists?’ the answer is no. Companies that provide you with services must ensure any personal data they collect is protected by all staff, under GDPR.
However, sometimes Premier Inn may need to share your personal information with third parties to provide you with services. Under GDPR, organisations must have your consent for data sharing, unless they share it for what the ICO deem ‘valid reasons’. These could include:
- Contract fulfilment
- Legitimate interests
- Vital interests
- Legal obligations
- Public tasks
If you can prove that Premier Inn shared your personal data for reasons other than the above, and without your consent, and it harms you financially or mentally, you could be eligible to claim compensation.
The ICO upholds individual’s data rights here in the UK. It is an independent public body, with the power to investigate organisations that breach the following legislation.
- Data Protection Act
- INSPIRE Regulations
- The re-use of Public Sector Information Regulations
- Privacy and Electronic Communications Regulations (PECR)
- Freedom of Information Act
- Environmental Information Regulations
Does The ICO Enforce GDPR?
The ICO does enforce the General Data Protection Regulation. It has the power to issue fines up to £17.5m for infringements, or 4% of the organisation’s annual global turnover.
Has There Been A Data Breach At Premier Inn?
In 2018, media reports revealed that a Whitbread data breach meant that the personal data of job applicants to Premier Inn and Costa Coffee had been breached. The recruitment system data breach source was PageUp, an Australian based software-as-a-service provider (SaaS). The Premier Inn and Costa Coffee data breach involved the following data:
- Contact details
- Biographical data
- Employment details
- Reference details
Whether you can prove that you’ve suffered financial or emotional harm due to the breach above, or another breach by Premier Inn, you could seek legal advice on your situation. We explain more about these damages in the following sections.
Victims of a breach who wish to make data protection breach claims against Premier Inn may be wondering what compensation the damage they have suffered could attract.
While all claims are unique and come with their own set of facts and circumstances, we’d like to shed some light on how solicitors and courts could calculate data breach compensation.
When it comes to claiming for psychological harm, we can tell you that in 2015, a legal precedent was set which could allow you to claim awards similar to those in personal injury claims for psychological or psychiatric damage.
The case that set the precedent, Vidal-Hall and others v Google Inc . Here it was decided by the Court of Appeal that compensation could be sought for either financial or mental damage. Previously, financial damage was required to make a claim.
What Does This Mean For Claimants?
When making data protection breach claims against Premier Inn, you could be eligible to claim for anxiety, depression, stress and distress if you suffer those conditions as a result.
To come to an appropriate value for your claim, you’d have to gather evidence of your psychiatric/psychological injuries. During your claim, you’d need to attend a medical assessment with an independent professional. They would write a medical report which would evidence your injuries and provide a professional opinion on your prognosis.
Courts and data breach solicitors could use this when assessing how much compensation could be appropriate. They could also look at the Judicial College Guidelines, a publication that gives guidance on payout amounts for specific injuries.
We have created a table below with figures from the guidelines in order for you to get a rough idea of compensation awards for different injuries.
|Condition/Injury||Severity||JCG Compensation Guidelines|
|Psychological injury (General)||Severe||£51,460 to £108,620|
|Post-traumatic stress disorders/PTSD||Severe||£56,180 to £94,470|
|Post-traumatic stress disorders/PTSD||Moderately severe||£21,730 to £56,180|
|Psychological injury (General)||Moderately severe||£17,900 to £51,460|
|Psychological injury (General)||Moderate||£5,500 to £17,900|
|Post-traumatic stress disorders/PTSD||Moderate||£7,680 to £21,730|
|Psychological injury (General)||Less severe||Up to £5,500|
|Post-traumatic stress disorders/PTSD||Less severe||Up to £7,680|
For a more precise estimate, please get in touch with our team of data breach claims advisers.
We have already explained that you could claim non-material and material damages within data protection breach claims against Premier Inn. But what does this actually mean?
- Non-Material Damage – As we explained in the section above, you could be eligible for compensation for psychiatric or psychological injuries.
- Material Damage – If a Premier Inn data breach led to someone committing identity theft, fraud, or stealing money from you, this could cause considerable financial expense. You could claim for such material damage within a data breach claim.
If you’re not sure what compensation you could be eligible for, we’d be happy to assist. Simply call our team and we’ll provide you with a free, no-obligation eligibility check. We could then connect you with a data breach lawyer from our panel to start your claim.
Initially, the ICO advise victims of a data breach to try and resolve their complaint with the organisation that has breached their data.
You could write a letter or email to their data protection officer. You should include relevant details of how you believe they have breached your data and what you would like them to do about it.
In addition to this, you should give them a timeframe in which to respond. If there is no response, or you don’t receive a satisfactory answer, you could further your complaint by raising your concerns with the ICO.
They could investigate, add the company to the ICO data breach register, and issue enforcement action if necessary.
Do I Need To Make A Data Report To Get Compensation?
If you’re considering making a claim for compensation, you could be under the misapprehension that you’d have to have reported a breach to the ICO. This is not the case.
If it has been three months since the organisation has responded to you in any meaningful way, you could seek the help of a data breach solicitor. They could help you fight for the compensation you deserve. This is something we can help you with.
Claimants considering using a lawyer to help make data protection breach claims against Premier Inn may be under the impression that they’d have to pay legal fees upfront. This is not necessarily the case. If you work with a data breach solicitor under No Win No Fee terms, such as those we can connect you with, they wouldn’t take payment until the end of your claim and only if it was successful.
How Do No Win No Fee Data Protection Breach Claims Against Premier Inn Work?
A No Win No Fee claim works like this:
- Your chosen data breach lawyer would send you a No Win No Fee agreement at the beginning of your claim. You’d find details of a small, legally capped success fee within it. This is usually a percentage of your payout. You only pay it if your claim results in compensation, and it’s used to cover your lawyer’s costs.
- Once you’ve returned the signed agreement, your lawyer would begin to put together your case and would seek to negotiate compensation for you.
- If your compensation payout comes through, the solicitor deducts the success fee and the rest is to benefit you.
- If they don’t achieve a payout for you, you don’t pay the success fee nor any other costs they’ve accrued pursuing your case.
If you’d like to read more about No Win No Fee terms, you could take a look at our guide. Alternatively, why not call and ask our team for more information. We’d be happy to help you.
You could opt to have a data breach lawyer help you make data protection breach claims against Premier Inn. While it is not a legal requirement for you to have a data breach solicitor to claim, many claimants prefer to have one on their side. The benefits of doing so could include:
- A professionally put together strong case for compensation
- Less stress and paperwork for you
- Having a professional negotiate for the highest payout possible
- Ensuring you don’t miss out on any of the compensation you could claim
You could take your own action against the Premier Inn by writing to them and asking them for compensation. If the response they give is unsatisfactory, you could escalate your complaint to the ICO. However, if you’re convinced of the benefits of using a data breach lawyer for your claim, you might be concerned about getting the most appropriate lawyer for your case. To find one, you could:
- Conduct a search online, make a shortlist, and call each one to see which suits you best
- As colleagues, family and friends for recommendations
- Look at Independent reviews of various lawyers
- Or you could get in touch with us.
Can We Help With Data Protection Breach Claims Against Premier Inn?
Here at Legal Helpline, we’d be happy to help those looking to make data protection breach claims against Premier Inn find a lawyer. We could connect you with a No Win No Fee data breach lawyer from our panel quickly, easily and with confidence.
Our expert advisors could even answer any questions about the claims process before you get started. We have successfully helped many claimants start their journey to compensation, and we’d be delighted to do the same for you.
If this guide on data protection breach claims against Premier Inn has prompted you to start your own claim, then why not get in touch. We’d be happy to talk to you about your data breach claim and could even check your eligibility for free. If our advisors believe you could have a valid claim, we could put you in touch with a data breach lawyer. They could fight for compensation on your behalf. To contact us, simply:
- Call our helpline: 0161 696 9685
- E-mail the team: [email protected]
- Use our contact form to get in touch
- Use the Live Chat feature on this page
What Is Considered A Data Breach?
A data breach, by the ICO’s definition, is the unauthorised or unlawful access, transmission, storage, processing, alteration, deletion, loss of availability or theft of data. A data breach could cause financial or emotional harm to victims. This could include loss of privacy and even reputational damage in some cases.
How Many Data Breaches Are There In 2020?
In the third quarter of 2020/2021, according to the Information Commissioner’s Office, there were 2,350 data breach reports submitted by data controllers. 698 of these related to cybersecurity incidents, including phishing, DDoS, malware and brute force attacks. The rest related to non-cyber security incidents. These included the incorrect disposal of paperwork and data being posted, faxed or emailed to incorrect recipients.
What Happens After A Data Breach?
If an organisation suffers a data breach that risks the freedoms or right of data subjects they must make an ICO data breach report. They need to report the breach within 72 hours. In addition, they must also inform the data subjects whose data was breached. If there are no risks to data subjects’ rights and freedoms, there is no need for an organisation to report the breach to the ICO. However, they should retain records of the breach.
What Is An Example Of A Data Security Breach?
A data security breach could involve hacking or another type of cybersecurity attack. Examples could include phishing attacks, ransomware, spyware or a virus. It could also happen if someone sends your personal information to an unauthorised recipient.
Keeping My Personal Data Safe – If you want to protect your personal data online, the NCSC has lots of useful advice.
Anxiety Due To Data Breaches – The NHS offers advice on dealing with anxiety on its website
Identity Theft Support – Identity theft victims may find Victim Support helpful.
Marriott Hotel Data Breach Claims – You can find general guidance on making a GDPR claim against a Marriott hotel within this useful guide.
Blackbaud Data Breach – You can find information on a data breach incident that affected a number of organisations in this guide.
Ibis Hotel Breach Claims – If you’ve been affected by an Ibis Hotel data breach, you might find this guide useful.
Thank you for reading our guide to data protection breach claims against Premier Inn.
Guide by JJ
Edited by REB