If a credit or debit card data breach has affected you, you may be wondering if you can claim compensation.
Organisations often collect and process credit and debit card data for a variety of reasons. There are two main pieces of legislation that dictate the steps organisations must take when collecting and processing the personal data of UK residents: the Data Protection Act 2018 (DPA) and the UK General Data Protection Regulation (UK GDPR). The UK’s independent data authority, the Information Commissioner’s Office (ICO), enforces this legislation.
Any organisation that processes the credit or debit card data, along with any other personal data, of residents of the UK must comply with this legislation. If they fail to do so, and this leads to a personal data breach that causes you to experience harm, you may be able to make a personal data breach claim.
Please reach out to us to enquire about making a personal data breach claim:
Select A Section
- What Is A Credit Card Or Debit Card Data Breach?
- Have My Card Details Been Involved In A Data Breach?
- Examples Of A Credit Or Debit Card Data Breach
- How To Claim For A Card Data Breach
- What Could I Claim For A Breach Of Your Financial Information?
- Talk To Us About Your Credit Or Debit Card Data Breach
Personal data is data which can be used to identify a person. Your name, postal address, or credit card information are all examples of personal data. When a security incident compromises the confidentiality, integrity, or availability of this data, this is a personal data breach.
The UK GDPR sets out the criteria for claiming compensation following a personal data breach. Under this legislation, in order to claim, the breach must:
- Include your personal data
- Be the fault of the data controller or processor
- Cause you to experience harm
A data controller is in charge of establishing a lawful basis for collecting and processing your personal data and deciding which data they need. A data processor then processes this data on the controller’s behalf.
If your credit or debit card details have been compromised in a credit or debit card data breach, contact our advisors today. They can tell you if you are eligible to claim data breach compensation.
If a data controller or processor discovers a credit or debit card data breach which could affect your rights or freedoms, they must report this to the ICO within 72 hours. Likewise, they should inform you as soon as possible.
As such, you may receive a notification from the organisation letting you know that your personal data has been compromised. This notification may tell you what data was affected, how, and what steps the organisation are taking.
Read on to learn how a credit or debit card data breach could happen and how to claim, or contact our advisors for more information.
You may be wondering how a credit or debit card data breach could occur. As we have previously mentioned, in order to claim, the breach must be a result of the data controller or data processor’s wrongful conduct. Some examples of how wrongful conduct could lead to a personal data breach include:
- Misdelivery: For example, a credit or debit card provider could send your new card to the wrong address, allowing an unauthorised party access to your credit or debit card data
- Cyberattacks: Organisations must make sure that they have adequate cybersecurity policies in place. If they fail to do so, and a cyberattacker compromises your credit card or debit card details, you may be able to claim.
- Lost or stolen files: For example, if files are lost by an accountant or bank employee.
Our advisors can provide free legal advice and a free evaluation of your claim when you get in touch today.
If you receive notification of a personal data breach, you can contact the organisation directly and request more information. They may be able to confirm why the breach occurred, what data was affected, and how.
However, if you do not receive a reply, or if their reply is unsatisfactory, you can make a complaint to the ICO. Do this within three months of your last meaningful contact with the organisation responsible for the breach.
The ICO has the power to investigate personal data breaches. If they find the data controller or processor to be at fault, then they may impose a fine upon the organisation. The ICO cannot provide compensation, and they do not process claims. But, correspondence with the ICO can help in supporting and strengthening your claim.
To learn more about how to claim for a breach of the UK GDPR, get in touch with our team of advisors.
There are two heads of claim you can pursue in a personal data breach claim. The first is material damage. Material damage aims to compensate you for the financial impacts of a breach. For example, damage to your credit score or fraudulent purchases made on your credit card.
The second is non-material damage. Non-material damage aims to provide compensation for the mental health problems or psychological injuries that the breach caused. For example, you may have suffered anxiety because of the data breach and be compensated for it. Or, you may experience stress due to a data breach.
The compensation table below features guideline settlement figures taken from the Judicial College Guidelines (JCG). The JCG aids legal professionals in establishing value for compensation claims by providing guideline figures. However, since every claim is unique, it is important to note that the actual amount you could receive following a successful claim may differ. These figures refer to non-material damage awards only.
|Type Of Injury
|£54,830 to £115,730
|There are permanent symptoms that severely impact the ability to cope with daily life.
|£19,070 to £54,830
|Though the symptoms are similar to those above, there is a more optimistic prognosis.
|£5,860 to £19,070
|By the time the case is heard at trial, there has been a marked improvement in symptoms, which leads to a good prognosis.
|£1,540 to £5,860
|The award will take into account factors such as the overall impact on daily life and the length of time affected by symptoms.
|Reactive Anxiety Disorder
|£59,860 to £100,670
|There will be no remaining ability to work or function at the pre-trauma level due to severe symptoms.
|Reactive Anxiety Disorder
|£23,150 to £59,860
|There is some degree of recovery possible with professional treatment, leading to a better prognosis.
|Reactive Anxiety Disorder
|£8,180 to £23,150
|While a large recovery occurs, some symptoms that are not grossly disabling continue.
|Reactive Anxiety Disorder
|£3,950 to £8,180
|There is a virtually full recovery within 1-2 years, and only minor symptoms remain.
Contact our advisors today to learn more about compensation in credit and debit card data breach claims.
You may be wondering how legal representation could be beneficial to your claim. Our panel of skilled solicitors offer their services through a Conditional Fee Agreement (CFA). Under this kind of No Win No Fee arrangement, you receive the benefits of a legal professional working on your case, generally without needing to pay upfront costs or ongoing fees to your solicitor.
The only fee your solicitor will take is a success fee if your claim success. This success fee is taken as a percentage with a legal cap and comes from your final award. But, if your claim does not succeed, this fee is not taken.
To find out how a solicitor from our panel could help you, get in touch with our advisors today. They can provide free legal advice, and if your claim is valid, they may connect you with a solicitor from our panel. To learn more:
Related Resources On Financial Data Breaches
These resources can help you if you want to know more about making a data breach claim.
- Post Traumatic Stress Disorder Compensation Claims Guide
- How To Claim For A Breach Of Criminal Offence Data
- Victim Of Domestic Abuse Data Breach – When Could You Claim Compensation?
Or, for more helpful resources:
- NCSC – Help to stay secure online
- ICO – Do organisations need consent to share your data?
- ICO – Your right to be informed if your personal data is being used
Thank you for reading our guide to claiming compensation for a credit or debit card data breach.
Page by AE
Published by EN