Consumer Data Privacy Rights Intro: Compensation for Data Breach and Beyond
Millions of consumers suffer from data breaches and identity theft globally, but a large number do not realize that there are data privacy rights to protect them when breach happens. DataClaim can explain your rights and help you claim compensation you might be eligible for.
You should check if your personal information was leaked in the past 6 years and if you can make a claim up to £2,000 for data breaches in the UK, and up to €1,000 if data breached happened in the EU, and up to $750 for data breaches occurred in the United States.
Data breached or compromised? You have a right to claim compensation up to £2,000Check compensation NOW
What Are Data Privacy Rights?
Consumers’ privacy rights involve specific laws that support people whose personal information was compromised and advocate for protection and compensation when people face a data breach.
The situation varies from country to country. In the USA there is no single comprehensive federal consumer privacy law or digital privacy framework yet, but the US has some federal privacy laws that are vertically focused on a particular industry as well as the Children's Online Privacy Protection Act (COPPA). Individual states have recently passed their own privacy laws related to data breach notification and some states do allow data breach compensation (California for example). Recent data breaches and privacy scandals caused Individual states to introduce enhanced privacy regulation allowing consumers private right of action for compensation, while Congress is trying to pass a new comprehensive law alternative to GDPR in EU, which might be somewhat similar to CCPA.
Data breach usually happens in one country, but affects consumers globally, so consumers often find more protection in Europe. In EU and the UK data protection regulations are one of the best in the world and privacy regulators and courts started to enforce data privacy rights under General Data Protection Regulation (GDPR) and UK Data Protection Act. GDPR is a comprehensive law and entitles consumers to claim data breach compensation.
The problem is that many people are not aware that the law is on their side or even that consumer privacy rights or data protection rights exist. In fact, 97% of people don't know or use their data privacy rights, and don't know how to deal with data breach and claim compensation for a data breach.
Playing an Active Role in Consumer Data Privacy Rights
At DataClaim, we are committed to serving consumers and victims of data breach with important up-to-date information regarding consumers’ privacy rights. It is our mission to help people affected by data breach to understand their rights in detail and empower people to get fair compensation.
What’s more, we seek to simplify specific legal statues that are on your side, so that you know what the laws provide and how you effectively deal with a wide variety of data breaches and prevent harm. We help people that experience data breaches, whose personal information was hacked, leaked or got disclosed.
We encourage you to check for free, if your personal information was leaked and if you have the right to claim data breach compensation.
Consumer Data Privacy Rights and Regulations You Should Know
While it’s true that individual countries abide by their own laws, there are some regional or international laws that serve as powerful tools for privacy protection. These include, EU GDPR, EU-U.S. Privacy Shield Framework and UK-GDPR (United Kingdom General Data Protection Regulation) and California Consumer Privacy Act (CCPA) that set a standard for other states to base their privacy laws.
Certain regulations have better protections than others, but many still remain fairly new when it comes to consumer compensation for data breach. However, data breaches can differ significantly depending on type of information, severity of breach and many other factors. It is helpful to know how to navigate complicated privacy laws and which strengths you can rely on.
If your personal information was leaked, breached, hacked, mis-used or lost, you could be eligible for up to $750Check compensation
In Europe: GDPR privacy regulation
What is GDPR?
GDPR is a new EU data security and privacy law that protects consumer privacy. It is known as the General Data Protection Regulation (GDPR) and requires all companies to follow strict rules protecting personal data and privacy of people living in the EU. It holds companies financially accountable when data breach happens and allows victims to claim compensation.
In comparison to other countries' laws on privacy rights and data security, GDPR is one of the most comprehensive and rigid. This legislation plays an important role in advocating for consumers and online privacy rights. It covers both citizens and residents of any EU country regardless of where they are living or located.
GDPR applies to companies both located in and outside the EU, but which market their services to EU consumers. So GDPR equally applies to US companies with EU users.
GDPR compensation for data breach.
Consumers often do not understand that in many instances, companies are legally and financially responsible to notify users that their personal data was compromised and compensate for data breaches.
Depending on data breach circumstances, understanding consumer privacy rights and filing for EU GDPR compensation can mean anywhere from a few hundred EUR up to €1,000 per person in compensation for distress (non-material damages) even if the victim has not suffered any financial harm. In some severe & sensitive cases compensation amounts can be more than €2,000. This compensation amount is in addition to any real cost reimbursements.
To make an GDPR breach claim, DataClaim can assist with our staff of legal experts and engaged lawyers in different countries to make this process easy and without risks.
Just check your compensation and submit details about the data incident that happened to you and we will do the rest.
The amount of compensation consumers are entitled to depends on a lot of factors including sensitivity, severity, company degree of fault, impact on consumers. Since GDPR is fairly new law, courts in different countries have made inconsistent decisions regarding the amount of compensation.
Data breached? You might have a right to compensation up to €1,000 or moreCheck compensation
What countries are covered by GDPR?
When it comes to EU GDPR compensation, it is beneficial to know which countries’ data breaches are covered.
GDPR is in force and covers all EEA members, not just those that also have EU membership. Regulation refers to EU Member States in the text but it should be read to also include EEA members.
The GDPR covers all the European Union member states: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, and Sweden. In addition to the member states, the GDPR covers the European Economic Area countries: Iceland, Lichtenstein, and Norway.
Since the UK was part of the EU at the time GDPR became effective, the Channel Isles, England, Northern Ireland, Scotland, and Wales are also covered by the GDPR. Read more about UK data breach compensation.
Does GDPR cover the US?
Short answer is Yes, but not all US companies are covered. Although the GDPR is a European Union regulation, non-EU organizations with offices in EU countries or that collect, store, and process personal data of EU residents or citizens. A company’s physical location or non-EU registration doesn’t exempt it from GDPR compliance.
The EU doesn’t consider United States data protection laws stringent enough to offer its citizens adequate protection. Thus, only U.S. based organizations certified under the EU-US Privacy Shield agreement will be able to transfer data from the EU.
Does GDPR cover the UK?
Short answer is Yes, the UK has made GDPR into its law. The United Kingdom’s Data Protection Act (DPA) 2018 updates and replaces the Data Protection Act 1998. The DPA 2018 went into effect with GDPR’s new rules, and details how the GDPR applies in the UK.
Does GDPR cover Switzerland?
Yes, even though the new regulation comes from the EU, it does apply to organisations in Switzerland that either do marketing to individuals in the EU or process info about EU residents.
What Personal Information Is Covered by GDPR?
When it comes to EU GDPR compensation, it is beneficial to know which personal information is covered for purposes of breach compensation.
In the GDPR, personal data means any information relating to an individual who can be identified (directly or indirectly) from that information. This is a very broad definition and basically any information of any relevance to an individual is considered personal (includes location data, online identifiers, and genetic data). Identifiers may include name, IP address, type of device, geo location, medical or financial information, any information related to physical, physiological, genetic, mental, economic, cultural or social identity.
Special categories of sensitive personal data under GDPR
Special categories of sensitive personal data include information about individual’s race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information (if used to identify a person), and information about personal health, sex life, or sexual orientation. Biometric data includes facial recognition and fingerprints.
The easiest way to find out if you’re covered is to use the DataClaim free eligibility check.
What is a Personal Data Breach definition under GDPR?
It is typically a security breach that causes accidental or unauthorised disclosure of, or access to personal data of users. It also may include accidental loss, destruction, alteration, theft, corruption, or unauthorised disclosure of personal data.
How do I know if my data was breached?
GDPR requires companies to notify authorities of a personal data breach not later than 72 hours after discovery where feasible. However, some companies decide to hide this information, so approximately 1 out of 2 people affected was notified. Often companies do not identify data leak promptly and it can continue unresolved for some time. In some recent data breaches notice was made a couple of years late. For this reason it is important to proactively check if your personal information was compromised, please use our website tool to check your compensation.
Check If my personal information has been compromised and claim compensation with DataClaimCHECK COMPENSATION NOW
What’s Not Covered under GDPR?
While many data breaches happen due to companies fault or mistakes, not every data breach will lead to compensation. Companies can avoid liability only if the company can prove that it did everything possible to prevent data breach and is in no way responsible for the data being compromised in the incident.
Also, GDPR does not protect anonymous data and personal data processed by governments for national security, or immigration purposes.
What Can Cause a Personal Data Breach?
A personal data breach can happen for a number of reasons:
- loss or theft of data or equipment on which data is stored (e.g., loss of a laptop or a paper file)
- Poor data access controls allowing unauthorised use
- Equipment failure.
- Human error (e.g., sending an email [or SMS] to the wrong recipient.
- Unforeseen circumstances, such as a fire or flood.
- Hacking, phishing, and other attacks
- alteration of personal data without permission.
- Loss of availability of personal data.
Your privacy rights under GDPR
The GDPR provides the most advanced privacy rights on the planet so far. These are set out in Chapter 3 of the GDPR, Regulation (EU) 679 / 2016, GDPR and they include:
- right to be informed.
- right of access to information about the user. This allows consumers to know what information is stored about them and sources where personal data was collected from.
- right of correct inaccurate or incomplete information.
- right to be forgotten (personal information to be deleted).
- right to restrict processing, collection or disposal of data.
- right to data portability.
- right to object to processing of information, in other words personal data cannot be collected or processed without clear and freely given consent from the user. This “Opt-in” approach, which is very different from the dominant “opt-out” data collection approach in the US.
- right not to be subject to automated decision making and profiling without user’s express consent.
- Parental consent. GDPR provides that parental consent is required for children below the age of 16 although individual countries can lower this to 13 years. In the UK, the Data Protection Act 2018 sets the age limit to 13 and the age of 14 in the Austrian Data Protection Amendment Act 2018 (Datenschutz-Anpassungsgesetz 2018).
- Right to compensation.
Companies are required by law to inform customers about their rights when business collects personal data and enable free and easy tools to exercise such rights.
Right to compensation under the GDPR
Article 82(1) of Regulation (EU) 2016/679, GDPR provides that consumers have the right to compensation from any organization collecting or processing personal information where consumers suffer material or non-material damage due to a data breach or another violation of the GDPR. This means you can claim compensation for data breach from any organization that has your personal data, even if such organization has not collected that data directly from you.
Data breached? Don't lose your right to get compensation - up to €1,000START Claim Risk-Free
What Is a Time Limit to File a Claim for GDPR Compensation?
Your right to compensation under Article 82(1) GDPR does eventually expire, but the time limit varies from one country to the other.
You should note that the country you claim in is decided by your nationality or residency, or what court has jurisdiction over that company for that particular case of data breach.
This is a handy chart for you with limitation periods for data compensation claims on a country basis:
COUNTRY | LIMITATION PERIOD |
Austria | 3 years |
Belgium | 1 year |
Bulgaria | 5 years |
Croatia | 3 years |
Cyprus | 6 years |
Czech Republic | 3 years |
Denmark | 3 years |
Estonia | 3 years |
Finland | 3 years |
France | 5 years |
Germany* | 3 years |
Greece | 5 years |
Hungary | 5 years |
Iceland | 2 years |
Ireland | 6 years |
Italy | 26 months |
Latvia | 6 months |
Lithuania | 10 years |
Luxembourg | 10 years |
Malta | No limit |
Netherlands | 2 years |
Norway | 3 years |
Poland | 1 year |
Portugal | 3 years |
Romania | 3 years |
Slovakia | 2 years |
Slovenia | 2 years |
Spain | 5 years |
Sweden | 2 years |
Switzerland | 2 years |
UK | 6 years |
* the limitation period in Germany expires on the last day of the third calendar year (for example, the limitation period for a data breach on 29/05/2020 expires on 31/12/2023).
Had EU data breach or identity theft?Start Your Claim NOW
US Consumer Data Privacy Rights
What are US Consumer Data Privacy Rights?
The US does not have a nationwide consumer privacy law, but has multiple vertical industry focused privacy laws, such as health care information privacy (HIPPA), banking privacy law Gramm-Leach-Bliley Act (GLBA) with its privacy flaws and Children's Online Privacy Protection Act (COPPA) protecting privacy of children under age of 13,
However, in most cases consumers will find protection of personal data in states legislation. Importantly, your privacy rights are based on residence, so your privacy rights will be determined by the state you are living in.
As of April 2020, only California has an effective general law on privacy called the California Consumer Privacy Act of 2018 (CCPA), which allows broad protection of personal data and importantly provides for right for compensation of up to $750 per data breach.
California CCPA Data Privacy Law.
California passed data privacy law California Consumer Privacy Act of 2018 (CCPA), as a response to recent massive data breaches and privacy leaks. It set a standard in data privacy in the US and it is expected other states to adopt the same approach or modify it. CCPA is the major law to protect consumer privacy and give more control to consumers in the state.
Who is covered by CCPA?
The law protects individual “consumers" who are natural persons and who must be California residents in order to be protected. Resident is defined as a person that lives permanently in California even if she is away temporarily.
Who Does CCPA apply to?
California law applies to commercial businesses that do business in California and collect or sell personal information of California users, located in and out of state as well as overseas companies. Location or place of business of the company is disregarded as long as it meets these requirements:
- Collects consumer’s personal information and gross annual sales exceed $25 million, and
- Collects, shares or sells personal information of 50,000 California consumers, OR derives 50% of it annual revenues from selling personal data.
Example: if you were a customer of British Airways, which recently had a data breach, assuming BA meets above criterias, you have the right to claim compensation under CCPA, but not GDPR since the California law applies to you, not GDPR.
What personal information is protected under CCPA?
CCPA has a broad definition of personal information and it is basically any information that can directly or indirectly identify individual, such as:
- Identifiers: real names, aliases, physical addresses, IP addresses, account names, geo location, driver’s license, passport information, etc.
- Email login, password, security questions information.
- Commercial information: purchasing history, property records, consumption habits.
- Biometric information (eye scan, finger prints).
- Browser history, search history.
- Electronic, visual, thermal, audio or similar information.
- Professional or employment-related information.
- Education information that isn’t publicly available.
CCPA excluded some categories of data:
- De-identified and aggregate consumer information (without reference to a user).
- Medical information covered under HIPPA.
- Employee information exchanged in the course of employment.
- Financial information under Gramm-Leach-Bliley Act.
What is a data breach?
Data breach is when unsecured personal information is leaked, compromised or shared without the user's proper consent.
Breach of Security: unauthorized disclosure or leakage of personal information that compromises the data security, confidentiality or integrity of personal information.
CCPA Compensation for a data breach
You have the right to bring law suit to claim compensation for a data breach from $100 to $750 for each person, as inconvenience compensation, or actual losses whatever is greater, or join into a class action regarding breach of security that caused data breach. Note, this only works if your leaked data was not secured, i.e. if data was encrypted you cannot claim.
Also, Attorney General office can seek civil penalties against company, which may be up to $2,500 for each violation and $7,500 for intentional violation.
Since all recent data breaches were massive, class action will appear, if you had a data breach check your compensation as soon as possible. People that take a lead in a class action get a generous compensation for an active role, which can be $10,000.
Data breached or compromised? You have a right to claim compensation - up to $750CHECK COMPENSATION NOW
My information was breached, can I claim compensation if I have not suffered any losses?
Yes, you can. In fact CCPA is designed to finally allow consumers to do just that. Based on recent surveys every 1 out of 3 people who suffered data breach had an identity theft problem later. So data breach has serious lasting and costly consequences on your personal and professional life, so it should not be ignored.
Is it true that lawyers get all the money from class action?
False, the settlement pull of funds gets divided equally or proportionately to degree of loss among class action members. The court decides how money will be allocated and the court limits lawyers compensation, which is typically a percentage.
Can I claim compensation if I have a cyber insurance or LifeLock plan?
Yes, you can claim compensation, which is your absolute right. Making a claim under your insurance is separate, so you should check your insurance coverage. Typically insurance will only cover out of pocket expenses and have no inconvenience compensation. Also, insurance companies always try to avoid any payments and have very short deadline to report breach.
Where do I find information about current DataBreach class actions?
DataClaim is tracking reported data breaches and class actions, so please check our DataBreach Settlement page.
How do I know if my data was breached?
All 50 states have passed Data breach notifications laws and companies are required to notify affected consumers whose personal information was breached. Also, in some states if number of victims exceed 500 such notice be must made to Attorney General office and in some states (e.g., California) such information is public. Sometimes security breach can remain unnoticed for long time and bad actors continue to exploit data leak and misuse personal info. Recent survey shows that only 1 out 2 Americans are notified about data breach.
While there is no single database and there are myriad of sources where data leak can appear, DataClaim tries to track it as feasible. So check for free if your personal information was breached.
CCPA Your Data Privacy Right explained
California law provides extensive consumer data privacy rights which includes:
- Right to request deletion of personal information for free. We recommend using this right to minimize risks of your personal data being compromised or leaked. The less data companies have on you generally the better you are.
- Right to be informed: to know why, how and what personal information is collected and how it is used and with which third parties information was shared or sold. This is a retroactive right allows to look back 12 months.
- Opt-out: right to tell any business “Do Not Sell My Personal Data”, which must be on the home page.
- Right of access: to get information about you, how it was used and categories of third parties with which information was shared, to know source of information.
- Right to no discrimination in price, conditions or quality of service for exercising your privacy rights. You cannot be denied service for using your rights.
- Data portability: to get all information in reasonable format to migrate or export your data for free.
Law sets a 45-day deadline (extendable to 90 days) for above rights, except for Opt-out.
Read more detailed information about CCPA Consumer Data Privacy Rights.
Every year millions of people miss out on data breach compensation they are owed under CCPAClaim Your Compensation
Other US states’ Consumer Data Privacy Rights.
Besides California, few states - Washington, Virginia, New Hampshire and Illinois have Draft of Data Privacy Law pending in each state that includes basic privacy rights and the right to claim compensation (also known as “Private right of action”) and are expected to set a better privacy regime soon. New York has added private right to compensation in its draft Privacy Act, but it is currently on hold.
The Illinois draft Data Transparency and Privacy Act (DTPA) is very similar to California CCPA and was submitted early 2020. The Law includes:
- Right to know: to request personal information and categories of sources for it; and information with whom such personal information was disclosed or sold.
- Right to opt-out of: disclosure and sale of personal information by business to third parties.
- Right to correct inaccurate personal information.
- Right to be forgotten: to request personal information be deleted.
- Private Right of action: to claim compensation for data breach $100-$750.
If New Hampshire passes its proposed privacy law, consumers will get the right to claim from $100 to $750 or actual losses (if the amount is greater) if unsecured personal information is compromised or stolen due to business negligence.
Draft Virginia Privacy Act: enforceable under the Virginia Consumer Protection Act. If passed into law, will provide consumers the right to claim $500 or actual losses (if the amount is greater) after a 30-day right to cure a data breach. If breach is intentional compensation can treble in actual damages or $1,000 (whichever is greater).
Washington Privacy Act (WPA) the latest draft had private claim of compensation included, but Bill was not passed in March 2020. So it is likely to be delayed into 2021. WPA would create the following rights:
- Right of access: access to user’s personal information.
- Right to correct: inaccurate personal data.
- Private right of action: right of claim personal data breach compensation.
- Right to deletion: their personal data and be forgotten.
- Right to data portability. the right to obtain personal data in a portable and be able to export it.
- Right to opt out of: processing or sale of personal data, or profiling.
State by state comparison of data breach compensation rights.
Here is a general snapshot (note all the laws will equally apply to all the business, there are a lot of variations from state to state):
State | Law status: effective or pending | Can you claim compensation for data breach? | How much can you claim (per person)? |
CA | Effective | Yes, private compensation is allowed after a 30 days cure period. | Greater of $100-$750 or actual damages |
WA | Failed, delayed voting 2020/21 | Yes, private compensation is included in the bill. | N/A |
VA | Pending | Yes, private compensation after a 30 days cure period is included in the bill. | Greater of $500 or actual damages. If breach is intentional: $1000 or 3x losses. |
NH | Pending | Yes, private compensation after a 30 days cure period is included in the bill. | Greater of $100-$750 or actual damages |
SC | Pending (Biometric Data only) | Yes, private compensation is included in the bill. | Greater of $1,000 or actual damages for negligent breach, $10,000 or actual damages for intentional or reckless breach, plus attorney’s fees and costs. |
What is Personal Information definition?
For California specifically see above. All 50 states now have a Data Breach Notification laws, so here is a common definition of Personal Information widely used by many states (every data breach must be assessed separately).
Personal Information: An individual’s name plus any following data element:
- Social Security number, or State ID or driver’s license number; or
- email login and password;
- Bank account number, credit or debit card number combined with any security code, access code, PIN or password needed to access an account.
Generally, the law does not protect personal information that was lawfully made public, sensitive but encrypted or unidentified information.
Can I claim compensation for a data breach if I am not from California?
The law of the state where you are the resident in will determine eligibility criterias for compensation, currently only California has an effective law. Depending on circumstances of data breach and state laws you might be able to claim compensation under common law or other statute. Submit a request for free compensation check.
How much can I claim for a data breach?
It depends on data breach circumstances, your state laws and court practice. But some states that have Consumer Privacy laws now allow to claim up to $750 or actual losses in compensation and sometimes the amount can be even greater or lower. Actual losses typically are capped at $20,000. If you become a Lead plaintiff in a class action, compensation can sometimes reach $5,000 or $10,000.
Data breached or compromised? You have a right to claim compensation - up to $750CHECK COMPENSATION
What states have the right to compensation?
Currently only California has CCPA that became effective and provides for the private right to compensation. Other states such as VA, NH, SC have Privacy bills that include private right of action for individual consumers.
UK Consumer Privacy Rights and Data Breach Compensation Claims
What are UK Consumer Data Privacy Rights?
The United Kingdom has two major laws: the UK’s Data Protection Act 2018 (DPA) and the EU’s General Data Protection Regulation 2016/679 (GDPR), which give individuals more protection of individual data privacy rights and regulates use and processing of personal information.
The law provides you seven major privacy rights, the same as explained above under GDPR in EU, major of which include: right to to know what information business knows about you, right to rectify any incorrect information, right to delete data, right to limit processing or use of your personal information, right to object and export/migrate data, right to claim compensation for a data breach.
Despite all above rights and corresponding obligations DPA puts on companies, data breaches happen so often now and have a lasting negative impact on personal and professional life that not always have immediate economic loss. According to recent surveys up to 31% of victims later become victims of identity theft or fraud.
Types of data breaches and when you can claim compensation
If your personal information was lost, accessed, mis-used, became known to the public by organization or a company, you have the right to claim compensation. This can be in the context of some economic or non-economic harm to you or your family, such as inconvenience or distress. You are entitled to claim compensation even if you have not suffered economic damage.
DataClaim team of experts in data privacy protection can help you to claim data protection breach compensation for these privacy violations:
- Data has been accidentally leaked, disclosed, lost, or hacked
- An identity has been stolen (identity theft)
- Unauthorized access by or sharing of personal data with a third party.
- IT security breach of the company or its vendor which leads to unsecured personal data leak: reckless or negligent.
- Sending or sharing personal data with a wrong recipient that puts personal information at risk.
- Lost or stolen computer or another electronic device which leads to security breach or authorized access to private information.
- Exploitation of security weaknesses that lead to data leak.
Read more about UK Data Breach Compensation Claims.
DataClaim has partnered with the best legal experts in privacy protection and privacy claims to achieve the best possible outcomes for you and highest chances for data breach compensation success.
Can I get compensation for a data breach?
Yes, if your private information was compromised, leaked or misused, you should have the right to claim fair compensation even if you have not suffered economic damage.
How much can I get for a data protection breach in the UK?
How much compensation for data breach will be determined by court based on many factors. But amount of data breach compensation typically can range:
- from £750 to £1,000 - for low risk data breach where information is not sensitive and where no financial harm was suffered, as compensation for distress.
- from £2,000 to £8,000 where sensitive information was compromised, but breach has not caused severe losses or has not been intentional.
Courts have not set exact compensation brackets yet and the amount of compensation depends on many different factors, above amounts are based on prior data breach awards. In some cases where sensitive information was leaked or celebrity was involved, or data breach had a major effect on the person, courts carefully assessed data breach damages and data breach payout can be much greater and reach £30,000 - £50,000.
Check more information about my data breach rights to claim compensation in the UK.
Data breached or compromised? You have a right to claim compensation - up to £1,000 or moreCHECK COMPENSATION
Do I have to go to court?
Typically, the company would tend to settle out of court, because it is costly to oppose data breach cases especially if company admitted to it and for reputational reasons. However, some companies amy decide not to settle in which case our team of experts will take your case to court, where it is feasible.
What is the cost to make a data breach compensation claim?
We work based on a “No-Win, No-Fee” success basis and without any advance payments from you. This means that legal costs are deducted from data breach compensation payout to you and you don't have to pay legal bills. You can also refer to the Price section in Terms of use for % of success fee.
How do I know if my personal data was breached or stolen?
Under GDPR, a company must report data breach, which may cause high risk to consumers, to ICO and affected individuals within 72 hours, as feasible. However, according to some recent surveys companies are slow to identify and mitigate data breach and 279 days is the average period. In some recent cases breach was left unnoticed for more than a year. Less than 1 out of 2 victims were notified about data breach and we recommend checking if your personal information was compromised for free. Don't be surprised if you will find out that you were hacked multiple times!
Check if my personal information was compromised
Check data breach NOW
How to make a data breach compensation claim?
If you had a data breach and want to make a claim for compensation click below to submit your request and our experts will assess your case. After we determine you have a valid claim we will seek compensation on your behalf at the pre-court stage and if it fails we will even take your case to court, all based on “No-Win, No-Fee” success fee basis. That means we take on all the risk and it is risk-free to make your claim, because legal costs will only be deducted from compensation received. If we don't success in claiming compensation, you pay nothing.
What is the time limit to file a data breach claim?
You have 6 years to bring your claim in the UK.
What personal information is protected?
Personal data is defined very broadly under the DPA to effectively deal with different sorts of data unauthorised disclosures, leaks and breaches.
Special category of sensitive personal information
Under the DPA sensitive personal information includes data about:
- biometric data (finger prints, voice recognition, hand geometry, behavior characteristics, face recognition, eyes scan)
- Ethnic background and race
- physical or mental health
- Political opinions and preferences
- Religious beliefs
- Trade union membership
- Genetic information
- sex life or sexual orientation
- Criminal or offence history (attempts, arrests, sentence, parol) and similar records.
Data breach - what to do
If you are reading this it is likely your data personal information was compromised, if still in doubt please check if you have been hacked. No one should ignore even a small personal data breach, because it can have a serious effect on your future life. Often leaks are caused by human factors in absence of bad faith, but bad actors can take advantage and mis-use personal information. According to recent surveys, every third person who had personal data leaked, had later suffered from identity theft or fraudulent activity, had a bad mark on a credit history, sometimes faced discrimination on different grounds.
It is risk-free and our data privacy experts will review your case for free. You might have a right to compensation - up to £1,000 or moreStart Your Claim NOW
