If your banking details were shared unlawfully, you may be wondering if you can make a claim for compensation. If a bank, credit card provider, or accountant data breach led to you suffering harm, you might be able to claim.
Two main laws protect the personal data of UK citizens. These are the Data Protection Act 2018 (DPA) and UK General Data Protection Regulation (UK GDPR). Together, they outline the steps that organisations must take when processing and collecting personal data. The Information Commissioners Office (ICO) enforces these laws and protects the data rights of the public as an independent watchdog.
In this article, we will discuss who could be eligible to claim, alongside when organisations can share your personal data. Following this, we will discuss compensation. This includes the criteria your claim must meet in order to be eligible. Finally, we will explain the potential benefits of a No Win No Fee agreement.
Our advisors are available to provide free legal advice and guidance when you get in touch. They can evaluate your claim and identify whether it is valid. If they find it to be eligible, they may connect you with a solicitor from our panel. To learn more:
Select A Section
- When Is Data Sharing Unlawful?
- How Common Is Unlawful Data Sharing?
- The Impact Of Unlawfully Shared Banking Details
- Your Right To Claim Compensation
- What Could I Claim If My Banking Details Were Shared?
- Could I Make A No Win No Fee Claim If My Banking Details Were Shared?
Personal data is any information that, used alone or with other details, could allow you to be identified. This can include your name, phone number, and banking details. More examples of personal data can include your:
- Email address
- Postal address
- Date of birth
- Credit card number
- Bank account number
- Sort code
Under data protection law, organisations that request and use data are called data controllers and data processors. A data controller decides how and why they intend to use your personal data. A data processor then follows the controller’s instructions to process this data. However, in order to process your personal data, they must first establish a lawful basis.
If a security incident compromises your personal data’s availability, confidentiality, or integrity, this is a personal data breach. We will discuss the potential impacts of a breach later on in this article.
Can Data Be Shared Without Consent?
As we have already mentioned, in order to process your personal data, organisations must establish a lawful basis. There are 6 lawful bases, and consent is only one of these. This means that in some circumstances, an organisation may share your personal data without your consent. But, only if the organisation can establish another lawful basis.
Contact our advisors to learn more about making a personal data breach claim.
Your bank details could be shared unlawfully through a variety of means. Some examples of how wrongful conduct on the part of the data controller or processor could contribute to a personal data breach include:
- Staff verbally disclose personal data from your bank statement to an unauthorised person
- Debit or credit cards are posted to the incorrect address
- A bank statement containing your personal data is sent to the wrong email address
- A fax from a bank containing your personal data is sent to the wrong fax machine
- Paper or digital files are lost, which allows unauthorised persons to access unredacted data.
Unlawful Data-Sharing Statistics
Below, you can find statistics provided by the ICO’s data security incident trends. According to these trends, 1,692 instances of personal data being emailed to the wrong recipient were reported in 2021.
Our advisors can provide free legal advice and a free consultation of your claim. Get in touch today if your banking details were shared unlawfully. Or, keep reading to learn about the impacts of a data breach.
A personal data breach can cause you significant harm. However, in order to form a valid claim, you must experience harm in at least one of two areas: your mental health, and your financial well-being.
For example, a personal data breach can cause significant distress. You could suffer anxiety due to a data breach, as well as depression or post-traumatic stress disorder (PTSD). This could mean you need to take time off work to recover from these injuries. Or, you may need professional counselling.
If your bank details are shared unlawfully, this could also result in financial harm. For example, if a breach compromises your credit card details, this could lead to illegal charges to your account, as well as damage to your credit score. Or, criminals could use your details to take out loans in your name.
To find out how to claim for the impacts of a personal data breach, read on. Alternatively, contact our advisors to start your claim.
Not all instances of a breach of data protection will result in a valid claim. This is because the breach of data protection must lead to a personal data breach.
The UK GDPR sets out certain criteria that all personal data breach claims have to meet in order to be eligible for compensation. This criteria includes:
- The breach has to affect your personal data
- It must be a result of wrongful conduct on the part of the data controller, or the data processor
- You must experience either financial harm or psychological injuries as a result of the breach
You must also start your claim within the relevant time limit. Generally, this is six years from the date of the breach. However, this falls to one year if you are making a claim against a public body.
Our advisors can help you identify whether or not you have a valid claim. Get in touch today to learn more. Or, read on to find out what you could claim if your banking details were shared unlawfully.
Compensation for a data breach claim contains two heads. Material damage is the head of claim that provides compensation for the financial impacts of a personal data breach. You can find some examples of these impacts in the section above.
Non-material damage is the head of claim that tackles the psychological impacts of a personal data breach. For example, if you suffer stress, depression, or anxiety following a breach, non-material damage provides compensation for this.
You may be wondering how much compensation you could receive if your claim succeeds. Every claim is unique, which means we cannot provide an average payout. But, the Judicial College Guidelines (JCG) is a document that provides solicitors with guideline compensation amounts. You can find some examples of these guideline amounts below.
|Type of Injury
|Judicial College Guideline Award Bracket
|There are severe and permanent symptoms that affect the ability to cope with all aspects of daily life.
|(a) Severe – £54,830 to £115,730
|Symptoms are similar to those shown above, though there is a more optimistic prognosis.
|(b) Moderately Severe – £19,070 to £54,830
|There is a marked improvement in symptoms by the time of trial.
|(c) Moderate – £5,860 to £19,070
|This is reflective of the effect symptoms have on daily life, and how long they last.
|(d) Less Severe – £1,540 to £5,860
|Post-Traumatic Stress Disorder (PTSD)
|Severe symptoms affect all areas of life, and leave no remaining ability to function or work at the pre-trauma level.
|(a) Severe Cases – £59,860 to £100,670
|A better prognosis is possible with professional treatment.
|(b) Moderately Severe Cases – £23,150 to £59,860
|A large recovery occurs, with any remaining symptoms being non-disabling.
|(c) Moderate Cases – £8,180 to £23,150
|A virtually full recovery within 2 years and any remaining issues being minor.
|(d) Less Severe Cases – £3,950 to £8,180
Please note that these amounts are guidelines only. To get a free consultation of what your claim could be worth, contact our advisors. Alternatively, read on to learn more about making a claim.
You may be wondering if you can make a claim. Data breaches fall under a complex area of law. Because of this, you may wish to hire legal representation to assist you.
Our solicitors offer their services through a Conditional Fee Agreement (CFA). Usually, you do not pay your solicitor any fees under a CFA. This includes upfront costs as well as ongoing fees. Alongside this, you get all the benefits of an expert No Win No Fee data breach solicitor. And, the only fee your solicitor will take is a success fee if your claim succeeds. However, if your claim does not succeed, then you do not have to pay this fee.
Our advisors can give you a free consultation of your claim. If they find that you have the basis for a valid claim, then they may connect you with one of our solicitors. To learn more, get in touch:
Were Your Banking Details Shared? – Related Financial Data Breach Claims
For more helpful articles:
- Read more on your rights after customer service data breach
- The best way of reporting a breach to the ICO
- Or was your personal information shared at work?
Or, for further resources:
- Why your personal data matters
- The latest Government Cyber Security Breaches Survey 2022
- And how to complain about a bank or financial institution to the Financial Conduct Authority (FCA)
If you have any more questions regarding personal data breach claims, contact our team today. Thank you for reading this guide on what to do if your banking details were shared unlawfully.
Guide by JW
Edited by CH