We've been featured in:

Learn About Claiming Pension Data Breach Compensation

In this guide, we discuss claiming pension data breach compensation, including the eligibility criteria that need to be met for you to have valid grounds to proceed and the evidence you could collect to strengthen your case.

Additionally, we provide examples of how a pension data breach could occur and the impact it could have.

Later, we look at how compensation for a successful pension data breach claim is calculated and how payouts could can address the impacts the breach has had on different areas of your life.

Finally, we look at how one of our expert solicitors could assist you in seeking data breach compensation on a No Win No Fee basis.

Continue reading to learn more about pension data breach compensation claims. Alternatively, our team is available 24/7 for a free consultation of your potential case. To get in touch, you can:

A white keyboard with one green key showing the word 'data breach'.

Jump To A Section

  1. Who Could Make Pension Data Breach Compensation Claims?
  2. Examples Of Cyberattack Data Breaches
  3. What Evidence Could Help You Claim Compensation?
  4. Estimated Pension Data Breach Settlements
  5. No Win No Fee Pension Data Breach Compensation Claims
  6. Further Guidance On Data Breach Claims

Who Could Make Pension Data Breach Compensation Claims?

The legislation in place to protect your personal information are the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA). Any form of information that can be used to identify you is known as personal data. The UK GDPR and DPA outline the responsibility that data controllers and data processors have with regard to the handling, storing, and processing of your personal data.

A data controller’s role is to determine why and how your personal information will be processed. A data processor’s role is to process your personal information on behalf of the controller. Data controllers can fulfil both roles unless they opt to outsource data processing to an external party.

A pension company who determines the purposes for which the personal data is to be processed, are classed as data controllers. However, a pension administrator may be classed as a data processor.

If either a data controller or data processor does not adhere to the DPA or UK GDPR, this is wrongful conduct. In some cases, wrongful conduct could lead to a personal data breach. A personal data breach is defined in Article 4 of the UK GDPR as a security breach that leads to the unlawful or accidental loss, alteration, destruction, unauthorised disclosure of or access to, personal data. 

Additionally, the data breach claims eligibility criteria are set out in Article 82 of the UK GDPR. These need to be proven for a claim to be valid. As such, you need to show:

  • Either a data controller or data processor did not adhere to data protection law.
  • Due to this wrongful conduct, your personal data was breached. 
  • You suffered emotional damage and/or financial losses because of the breach. 

If you talk to our advisors, they can determine if you are eligible to claim compensation and provide free advice on your next steps.

Time Limits

The standard data breach claims limitation period is 6 years. Thus, you have to begin legal proceedings for your pension data breach compensation claim within this time limit. 

However, the claims time limit is only 1 year if you are claiming against a public body. Also, there may be further exceptions that could result in the standard time limit being indefinitely suspended.

Find out more about how long you have to seek compensation by calling an advisor on the number above.

 

Examples Of Cyberattack Data Breaches

Pension companies may store and process different types of personal data, including National Insurance numbers, full names, email addresses, postal addresses, phone numbers, date of births, and some financial information, such as bank account, credit or debit card details. They may also hold special category data which is more sensitive and, therefore, needs more security. For example, data revealing your racial or ethnic origin. 

There are different ways this information could be breached, such as through human error, or as a result of a cyber attack. Data controllers and processors must have substantial security measures in place to defend against cyberattacks. These security measures can include:

  • Putting up a firewall
  • Using strong passwords
  • Storing personal information using encryption

If there is a failure to protect this personal data, it could result in it being breached leading you to suffer financial loss and/or emotional harm. For example, no or inadequate security measures could leave a pension companies affected by a cyber incident, such as a ransomware attack in which personal data from a pension scheme is stolen.

This could lead to those affected suffering anxiety, distress, or stress due to a data breach as well as financial loss, such as lost income incurred due to time taken off work to deal with the mental impact of the breach.

Call our team on the number above to discuss your specific case and find out whether you’re eligible to make a pension data breach compensation claim.

A computer with warnings of a security breach representing data breaches, such as cyberattacks.

What Evidence Could Help You Claim Compensation? 

You will need evidence when making a pension data breach compensation claim to show how a data controller or processor did not abide by the data protection laws, how your personal information was compromised because of this, and how you have been affected by the breach. 

Examples of the types of evidence you can gather are:

  • A letter of notification. Data controllers have a responsibility to notify you without undue delay of a data breach if the breach has risked your freedom or rights. To notify you, a letter of notification may be sent detailing the personal data that was affected and the steps they plan to take to rectify the situation. You should keep this letter as evidence to substantiate your case.
  • Copies of your medical records, such as a report from a specialist, to prove the emotional effects of the personal data breach. 
  • Bank statements, payslips, credit reports, and other financial documentation to prove the financial effects of having your personal data compromised.

All notifiable data breaches should be reported to the Information Commissioner’s Office (ICO) by the data controller within 72 hours from when they discovered the breach had happened. The ICO upholds information rights in the UK as an independent body.

If you are not happy with the communication from the organisation about the data breach, you can contact the ICO within 3 months from the last meaningful communication you had with the organisation. The ICO may choose to look into data breach reports but they cannot award compensation. If they do investigate, you can use findings from this investigation to substantiate your case.

If your pension data breach compensation claim is eligible and one of our expert data breach solicitors represents you, they can help you gather evidence as part of the services they provide. Additionally, they can ensure you bring forward your claim in full within the relevant time frame.

Contact our team today to find out more about proving data breach claims and whether a solicitor could take on your case and help you seek compensation.

An evidence folder containing information about data breaches.

Estimated Pension Data Breach Settlements

If you have a successful pension data breach compensation claim, you could receive a settlement compensating you for up to two types of damage. These are material damage and non-material damage. You do not need to have suffered both forms of damage in order to receive compensation. Instead, you can claim for material damage alone, non-material damage alone, or if you have experienced both, you can claim for both together.

Firstly, non-material damage refers to the psychological effects you have suffered from your personal data being breached. Psychological effects can include mental health conditions such as, depression, anxiety, and Post-Traumatic Stress disorder (PTSD), in more severe cases. 

The Judicial College Guidelines (JCG) is a document that can be referred to by those responsible for calculating the value of non-material damage. Within the JCG are guideline settlement brackets for all sorts of psychological and physical illnesses and injuries. 

Additionally, your medical reports could also be referred to in order to understand the full extent of the impact the breach has had on your mental health.

Guideline Compensation Table

This table includes figures from the JCG. It is important to note that you should use these figures as a guide only. The value of a data breach claim will differ to what’s listed in the table because every case is unique. 

The top line is not out of the JCG. 

Harm TypeSeverity Guideline Compensation BracketsNotes
Very serious emotional damage with substantial financial lossesVery seriousUp to £150,000+Compensation for the very serious emotional harm and the significant financial losses incurred, such as lost wages.
Psychiatric damageSevere (a)£54,830 - £115,730A very poor prognosis and marked problems affecting several areas of the person's life, including their ability to cope with life and work as well as their relationship with family and friends.
Moderately severe (b)£19,070 - £54,830A more positive prognosis is given but there are significant problems persistently affecting different areas of the person's life.
Moderate (c)£5,860 - £19,070The prognosis is good and there is a significant improvement.
Less severe (d)£1,540 - £5,860The extent to which daily activities and sleep are impacted will be considered for this award.
Post-Traumatic Stress DisorderSevere (a)£59,860 - £100,670All aspects of the person's life will be permanently affected. They will be unable to work or function at anything approaching the pre-trauma level.
Moderately severe (b)£23,150 - £59,860Professional help will lead to some recovery and a better prognosis. However, for the foreseeable future, the person is still likely to experience a significant disability.
Moderate (c)£8,180 - £23,150Continuing effects on the person's life will not be grossly disabling and a significant recovery will have been made.
Less severe (d)£3,950 - £8,180Within 1-2 years, a virtually full recovery is made. Only minor issues will continue over a longer period.

Material Damage

Secondly, material damage refers to the financial losses you have suffered from your personal data being breached. An example of a financial loss which you could suffer following a data breach is a loss of earnings from having time off work due to the mental harm you have experienced.

Our advisors can tell you more about how much compensation could be awarded following a successful pension data breach claim. You can also get in touch to learn more about claiming compensation and how to sue your pension provider.

No Win No Fee Pension Data Breach Compensation Claims

If our team determines that your data breach compensation claim is valid, you could be connected to our expert data breach solicitors. Our solicitors typically offer a type of No Win No Fee agreement called a Conditional Fee Agreement (CFA). 

The benefits of a CFA mainly include not needing to pay any fees for the work that your solicitor does:

  • Before or throughout the claims process. 
  • If your data breach claim is unsuccessful. 

If the claim is successful, a success fee will be deducted from your compensation. Success fees are taken as a percentage that the law caps. This ensures you keep the most of your awarded settlement.

Talk To Our Advisors Today

Talk to our advisors today if you wish to seek pension data breach compensation. By speaking with our team, you can receive advice on what steps you should take next and have any queries answered. You can reach out via any of the following contact details:

A solicitor working on a claim for pension data breach compensation .

Further Guidance On Data Breach Claims

More articles regarding data breach claims:

External resources:

Thank you for reading our guide today about pension data breach compensation claims. If your personal data has been compromised and you need information on what steps you could take, our team is available 24/7.