Royal Bank of Scotland Data Breach Compensation Claims Experts

100% No Win, No Fee Claims
Nothing to pay if you lose.

  • Free legal advice from a friendly solicitor.
  • Specialist solicitors with up to 30 years experience
  • Find out if you can claim compensation Call 0800 073 8804

Start My Claim Online

Royal Bank Of Scotland Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Royal Bank Of Scotland Data Breach

I Was Impacted By The RBS Data Breach, Could I Claim Compensation?

As well as money, banks hold something else which can be really valuable to criminals – customer’s personal details. If the data banks hold got into the wrong hands it could cause its customers serious harm and ongoing problems. That’s why, in this guide, we’re going to look at when data breach claims against Royal Bank of Scotland might arise. While this is an article about RBS data breaches, the information we’ll supply could easily be applied to other banks as well.

Royal Bank of Scotland data breach claims guideLuckily, the laws relating to the ways in which companies use our data, store it and how they share it have been tightened up a lot since the implementation of the General Data Protection Regulation (GDPR) and The Data Protection Act 2018.

These new pieces of legislation now mean it’s possible for the Information Commissioner’s Office (ICO) to serve companies with massive fines if they breach data protection rules. In addition, they could entitle you to seek compensation for any harm caused by such a breach.

Legal Expert offers free claims advice to anybody who’s considering a claim as well as a no-obligation telephone assessment of your case. If there appears to be a good chance of success with your claim, you could be referred to one of our specialist solicitors. If they agree to work on your claim, they’ll do so on a No Win No Fee basis.

To start a Royal Bank of Scotland data breach claim today, why not call us on 0800 073 8804? Otherwise, to learn more about why you could be entitled to claim, please continue reading.

Select A Section

A Guide To Data Breach Claims Against Royal Bank Of Scotland

The GDPR has changed the way in which companies interact with customers. You might not realise it but whenever you fill out a form or visit a website, you’ll usually see some form of GDPR interaction. These can include tick boxes allowing a company to use your information and pop-up boxes on websites asking you to consent to the use of tracking cookies.

The reason that happens is that the GDPR states you have to give companies permission to use your personal information in different ways. For instance, your bank might ask your permission to contact you regarding products they think you might be interested in. What’s important is that once you’ve given your data preferences, the bank must only use your information in the ways you’ve agreed to.

They also have a duty to keep information safe, secure and only store it for as long as is required. Failure to do so could mean you’re entitled to make a claim against them.

If you are interested in starting a claim, we should tell you about the time limits that apply. In general circumstances, you’ll have 6-years to claim but this can be lowered to 1-year if the claim relates to a breach of human rights. We believe it’s often better to seek legal representation sooner rather than later, though. That’s because you might find it more difficult to recall how you were affected the later you leave it to start a claim.

When you’ve read all of the information in this guide, please let us know if you have any questions or would like to start a claim by calling the number at the top of the screen.

What Is A Data Breach Claim Against RBS?

While we often think of data breaches as being related to cybersecurity issues like hacking, they can happen in a number of different ways and can involve physical documentation (like paperwork in filing cabinets) as well as information stored on electronic devices.

The definition of a personal data breach in terms of the GDPR is a security flaw which means personal information is accessed, destroyed, altered, lost or disclosed in ways you’d not previously agreed to. The reason for the breach might be deliberate (and sometimes illegal) or completely accidental.

If your data is exposed, and the company finds out that a breach has happened, they should let you know how it took place, what data was leaked and when the incident happened.

If you’d like advice on whether you’re able to claim for a data breach involving your personal information, please let us know what happened and an advisor will review your case for free.

GDPR Implementation For Banks And Financial Service Providers

The GDPR defines roles such as data controller, data subject and data processor to make it clear who has what responsibility. The data controller needs to define why data needs to be processed and come up with the method in which processing should be carried out. The data processor is the organisation who carry out processing on behalf of the data controller.

Also, within the GDPR are a set of principles relating to data processing which the controller must be able to show they are compliant with. They include:

  • The data subject needs to be made aware of the legitimate reason why their information will be processed.
  • Processing must be conducted within the law, fairly and in a way which is obvious to the data subject.
  • Data can only be stored for as long as is necessary.
  • Any personal information which is stored has to be kept up to date.
  • The processing of data must be secure and confidential.
  • Only the minimum amount of data should be processed i.e. if signing up for an email newsletter, the minimum data requirement might be your name and email address.

We can help you with q data breach claim against Royal Bank of Scotland if you can prove that they’ve caused you harm, so please get in touch with our team today to find out whether you’ve got a valid claim.

Information Commissioners’ Office Data Breach Fines Against Banks

We’re now going to look at how your data could end up in a data breach that the Information Commissioner’s Office needs to investigate by looking at some recent articles in the press.

The first article explains that there was a 25% increase in bank data breaches in 2018 affecting over 145 financial services companies. The article went on to explain that Royal Bank of Scotland, Barclays and Santander banks were amongst those affected.


In another case involving RBS, an ex-employee was found to be holding on to banking records of 1,600 customers which she says she had been left with for 10-years or more. The files were allowed to be taken so that the employee could work from home.

The ICO has said the incident is a data breach but, according to the news article, the customers involved have not been informed by RBS.

More information:

How A Bank Might Breach Your Data Privacy

In this section, we’re going to look at how your personal information or banking details could be exposed by a possible RBS data protection breach. These are just theoretical scenarios to demonstrate the types of mistake that could cause a data breach to happen:

  • If a member of staff with no business reason to do so looks up your details.
  • When the bank computer system is infiltrated by ransomware, viruses or malware.
  • Where physical documentation is disposed of with normal rubbish rather than being securely destroyed and ends up in the public domain.
  • When a laptop or memory stick containing personally identifiable information is lost and ends up in the wrong hands.
  • If a letter with your banking details and personal information is sent to the wrong customer.

We can help you claim for any harm that results from a data breach, so please contact our team if you’re ready to start a claim today.

Could I Report The Bank To The Information Commissioners’ Office?

As mentioned at the start of this article, the ICO can investigate organisations who’ve breached laws relating to data protection and issue very large financial fines. If you want them to investigate your case, you’ll need to follow the RBS complaints procedure first. Once you’ve been through that process, and all escalation routes, if you’re unhappy with their response, you could ask the ICO to step in. Or you could seek legal representation to begin legal action against the bank.

The two options are different because of the potential outcomes. If the ICO investigate, you should find out more about what happened and then the bank might receive a fine – but you won’t receive compensation. Should you start legal action, you might receive compensation, but the bank won’t necessarily face any action by the ICO because of your claim.

If it has been more than 3-months since you last heard from the bank, why not contact one of our advisors to find out if a solicitor will take your case on? If they do, they’ll consider whether they can try to agree to a compensation settlement on your behalf directly with the bank or whether an ICO investigation might also be required.

How Could A Victim Of A Bank Data Breach Be Compensated?

When filing data breach claims against Royal Bank of Scotland, your solicitor can split your claim into two distinct parts:

Material damages – these are used to compensate you for any losses relating to your finances.

Non-material damages – if you’ve sustained psychological injuries following an RBS data breach, you can seek compensation for this.

To try and ensure you receive the right amount of compensation, it’ll be important to determine whether any long-term problems might arise as well as claiming for the impact that’s already been caused.

For example, if you’ve suffered psychological injuries, your solicitor will use medical specialists to try and determine if anxiety, stress, depression or similar injuries will have a long-term effect on life, work, education or your ability to manage relationships.

With regards to financial losses, as well as claiming for any immediate costs you’ve incurred, your solicitor will look at any future losses which might have to be claimed for as well. For instance, if your private data is sold to criminals following the data breach, you could be the victim of identity theft which might cause problems with your credit file for years to come.

It’s important for the full impact of the data breach to be considered before a claim is submitted because you can only make a single claim. Once you’ve settled in full, it’s not possible to request further compensation at a later date because you hadn’t realised the full effect of the breach.

If you would like an advisor from our team to carry out a no-obligation assessment of your case, provide free advice, and refer you to one of our solicitors if your claim is viable, please get in touch today.

How Much Compensation For A Data Protection Breach Could You Claim?

So, when you make a data breach claim against Royal Bank of Scotland, how much compensation could you receive? In truth, that’s a tough question to answer until your case has been reviewed by a solicitor because everybody is affected differently. However, the following table has been provided to show some example compensation amounts from the Judicial College Guidelines (JCG) for psychological injuries relevant to data breach claims.

The JCG is a document which is used to help calculate compensation settlements in personal claims. That’s important because a hearing in the Court of Appeal (Vidal-Hall and others v Google Inc [2015]) said that non-material damage caused by data breaches should be compensated in the same way as personal injuries. Furthermore, the judges said that, unlike other compensation claims, you can seek damages for injuries caused by data breaches even if there aren’t any financial losses to claim for.

Claim Severity Level Compensation Additional Notes
Psychiatric Damage Severe £51,460 to £108,620 The injured party will have serious problems with relationships and the ability to cope with work, education or life in general. It is unlikely that any type of treatment will help so the prognosis will be very poor.
Psychiatric Damage Moderately Severe £17,900 to £51,460 The injured party in this case will suffer similarly to above but their prognosis will be much more optimistic.
Psychiatric Damage Moderate £5,500 to £17,900 Even though the injured party will have suffered the symptoms seen above, there will already have been good levels of improvement and the prognosis will be good.
Psychiatric Damage Less Severe Up to £5,500 Minor issues which resolve in full within a short time.
Post-Traumatic Stress Disorder (PTSD) Severe £56,180 to £94,570 The injured party will suffer permanent PTSD symptoms (flashbacks, avoidance, nightmares etc) and all aspects of their life will be affected meaning it won’t be possible for them to function at pre-trauma levels.
Post-Traumatic Stress Disorder (PTSD) Moderately Severe £21,730 to £56,180 The injured party will see a lot of the same symptoms as above but they’ll be given a better prognosis because it will be deemed things could improve with professional help.

To help prove the level of your suffering, which is a key factor used to calculate the correct compensation level, your solicitor will arrange for you to to be assessed by a local medical expert as part of your claim.

In your appointment, a specialist will assess your medical records and ask you questions about how you’ve suffered. Once the appointment is over, they’ll produce a report containing their findings and send it to your solicitor.

How To Claim Compensation From A Bank Or Financial Service Provider

So, to reiterate, if you want to make a data breach claim against a bank you should first all raise a formal complaint with the bank in question. When you do, it’s a good idea to keep the complaint concise and explain what information you would like them to provide. After the bank has investigated, you have a couple of choices: you can accept their findings, or you can escalate the complaint further.

After it has been 3-months since the bank has contacted you and you’re dissatisfied with their response, it might be possible to ask a legal specialist to start a claim against them. If a solicitor agrees to take your case on, they’ll assess whether you can proceed to try and settle directly with the bank based on the evidence you already have or whether the ICO need to investigate the matter.

If you would like your case to be assessed by a specialist to see if one of our data breach solicitors could take it forward for you, please contact us today. Should your claim be taken on, your solicitor will represent you under a No Win No Fee agreement.

How A Solicitor Specialising In Data Protection Breach Cases May Help You

When you decide that you want a legal specialist to represent you in your data breach claim, how do you pick the right solicitor? Do you ask friends for recommendations, do you read online reviews, do you look for your nearest law firm or do you save loads of time and call Legal Expert?

Obviously, we’d advise you to follow the last of those options! That’s because if your case is taken on, you’ll be assigned a specialist from our team of solicitors. They’ll work hard to try and ensure you’re compensated fairly. You’ll receive regular updates from your solicitor, and they’ll be available throughout your claim to explain any legal jargon and answer any questions that arise. So why not give us a call today to have your claim assessed for free?

No Win No Fee Data Breach Claims Against Royal Bank Of Scotland

There are many people who don’t ever make a compensation claim because they’re too worried about how much hiring a data breach solicitor might cost them. This is a travesty and it’s one of the reasons our team of specialist solicitors work under a No Win No Fee agreement for the cases they take on. That means less financial risk when claiming which reduces the amount of stress involved as well.

Before beginning work on a claim, a solicitor will need to check there is a reasonable chance of successfully winning your claim. If they decide to take the case on, and you’re happy to continue, you’ll be given a Conditional Fee Agreement or CFA to sign.

The CFA will provide details of the services your solicitor will provide, and it will also show that:

  • There won’t be any charges to pay at the start of the claim.
  • You won’t be presented with any solicitor’s fees when the case is ongoing.
  • You’ll not have to cover any of your solicitor’s fees at all if the claim fails.

The CFA will provide additional information about the ‘success fee’ you’ll pay if the solicitor wins your case. This fee is capped by law and forms a modest portion of the compensation award to cover the cost of their work and expenses. When you sign the CFA, the exact percentage you’ll pay will be indicated clearly.

For additional information on how our No Win No Fee service works, please contact an advisor today.

Speak To Our Team Today

Thanks for reading our article on data breach claims against the Royal Bank of Scotland. If you’re now ready to start a claim with Legal Expert on your side, here’s how to contact us:

  • Call a specialist data breach advisor on 0800 073 8804
  • Use our live chat to speak to our team.
  • Claim online to arrange a call back when it’s convenient.
  • Send us an email to to let us know why you’d like to make a claim.

To make things as easy as possible, the Legal Expert advice line is operational 24-hours a day, 7-days a week!

Where To Learn More

This is the final part of our guide about data breach claims against Royal Bank of Scotland. Hopefully, as you’ve reached this far, you’ve received all of the information you needed to kickstart the process. So that we can provide you with support both now and in the future, we’ve added some additional resources that could prove useful below:

Hospital Negligence Claims – This guide looks at when it might be possible for harm caused by medical negligence in a hospital.

Accidents In The Workplace – Information on how you could claim for injuries sustained in workplace accidents.

Freedom Of Information Requests – Details from the ICO about how to request information public bodies hold on you.

Anxiety Disorders – An NHS article which helps you work out if you’re suffering from an anxiety disorder.

The Financial Ombudsman – an impartial dispute resolution service for financial providers and their customers.

Other Useful Compensation Guides

Guide by Hambridge

Edited by Billing

    Contact Us

    Fill in your details below for a free callback

    Meet The Team

    • Patrick Mallon

      Patrick is a Grade A solicitor having qualified in 2005. He's an an expert in accident at work and public liability claims and is currently our head of the EL/PL department. Get in touch today for free to see how we can help you.

      View all posts