Legal help for data breach compensation claims

How to claim GDPR compensation

Start Your Claim Today!

Your privacy is extremely important to us. Read how we handle your data in our Privacy Policy

As leading data lawyers, here’s some guidance for how to claim GDPR compensation as a victim of a breach, leak, hack, or as part of a group action.

We can briefly look at how you can make a claim and when you could be entitled to compensation, as well as what you can make a claim for. As specialist consumer action lawyers, we can also look at GDPR compensation for group and multi-party actions too.

We’re here to help. Read on for more information.

How to claim GDPR compensation

Here’s some general information about how to claim GDPR compensation as a victim of a data breach, leak or a hack.

If the data breach or leak was caused through no fault of your own, we need to establish who is at fault. If an organisation or their agent or employee is at fault, we may then be able to establish a case of negligence. If, for example, a breach was caused through an accidental leak or someone accessing your data when they shouldn’t have, this could lead to a claim. Deliberate leaks of information by an employee, as determined in the recent court case involving Morrison’s employees, may not constitute as a case of negligence.

If data was exposed because of a cyberattack, we need to assess what steps and defences – if any – were in place for the organisation hit by the attack. If they had inadequate defences, that’s when you may be able to hold them liable for a case. A classic example is that of Equifax, who were hacked after they failed to patch a known security vulnerability and failed to identify the ongoing vulnerability for months.

The best way to know for sure if we can help you is to speak to our team for a free, no-obligation claims assessment. We can normally tell you right away if we can assist  you and represent you for a No Win, No Fee compensation claim.

What do you claim for?

In terms of what you can claim for in a GDPR compensation case, there are two key headings which apply in most claims:

  1. General Damages: this can cover the distress caused by the loss of control of your personal information, and even claims for simply being the victim of a breach;
  2. Special Damages: this can cover losses and expenses. This may include money lost from fraud events that arise from a cyberattack, for example.

When it comes to how we calculate GDPR breach compensation amounts, we can look at factors such as:

  • The extent of data affected – i.e. how much;
  • The nature of the information – e.g. medical data claims can often be seen as high value because this kind of data is usually seen as very personal and sensitive;
  • Who information has been exposed to or misused by.

Group action GDPR compensation

When it comes to how to claim GDPR compensation in a group action, you can complete an enquiry form on our website. You can find one at the bottom of this page.

Our lawyers are fighting for justice in over 35 separate data group actions, and we also have some dedicated websites set up for some of the key actions we’re involved with.

How to claim GDPR compensation for the British Airways and Virgin Media breaches

For victims of the British Airways data breach, please see the dedicated BA Group Action website here.

If you have been affected by the Virgin Media event, please go to the dedicated Virgin Media data breach compensation website here.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.


Joining the Your Lawyers Virgin Media data breach compensation action
Portsmouth City Council data breach
%d bloggers like this: