Whitbread Data Breach Compensation Claims Guide – How Much Compensation Can I Claim? – Amounts For Whitbread Data Breach
How To Claim If Affected By The Whitbread Employee Data Breach
If you’ve been affected by the Whitbread employee data breach, you may be surprised that you could make a compensation claim for it if you can prove the breach affected you. If you’ve suffered financial harm, or emotional distress, or perhaps a combination of the two, you could be eligible to launch a claim against Whitbread for breaching your data protection.
This guide has been created to explain how such claims could be made. In the sections below, we discuss what constitutes personal data, how it should legally be protected and what to do if your data has been breached.
We’ll also explain how our friendly, experienced advisors could assess your eligibility to make a Whitbread data breach claim, and how you could make a claim without having to pay for legal assistance until your claim has been settled.
If you’d like to get started right away or have any questions about the claims process, you can reach our expert advisors on 0800 073 8804.
Select A Section
- A Guide To Data Protection Breach Claims Against Whitbread
- What Is A Data Protection Breach Claim Against Whitbread?
- General Data Protection Regulations For Employers
- What Happened In The Whitbread Employee Data Breach?
- Reporting An Employer Or Company To The Information Commissioners’ Office
- How Could I Be Compensated If Affected By The Breach Of Whitbread Data?
- Compensation Calculator For Whitbread Data Breach Claims
- What Can I Do If My Personal Or Employment Data Is Breached?
- Dealing With A Data Protection Breach Compensation Claim
- No Win No Fee Data Protection Breach Claims Against Whitbread
- Beginning Your Data Breach Claim
- Information On Data Breach Claims
The protection of our personal data has never been more vital. Now, much of our data is held online by companies ranging from employers, banks and healthcare services. The laws surrounding the protection of such data have been strengthened to ensure that the risk of data breaches is minimised.
Both the Data Protection Act 2018 and GDPR give organisations who hold and process data certain responsibilities to ensure the safety of personal data. However, sometimes things go wrong, and when they do, they could cause big problems for the people whose data has been breached.
A breach of personal data could have many negative outcomes. It could lead to identity theft, the selling of your data to third parties, fraud committed in your name, and even if this did not affect you financially, it could affect you emotionally.
This guide has been created to help you if you’ve suffered emotionally or financially due to a Whitbread data breach, as you could be entitled to claim compensation for this provided you can prove the breach and the harm caused.
Whitbread is, at the time of posting, the largest hospitality company in the UK. It owns Premier Inn, Table Table, Brewer’s Fayre and Bar+Block, to name but a few of its brands.
As a large company, it holds and processes data relating to over 35,000 employees, as well as customers’ details. Like any organisation, it has responsibilities under GDPR and the Data Protection Act 2018 to protect the data it holds and processes. If that data is breached, it could lead to serious consequences both for Whitbread and for the persons whose data is breached.
What Is A Data Breach?
According to GDPR, a breach of data could include security breaches through which data is, accidentally or unlawfully:
- Subject to unauthorised disclosure
- Subject to unauthorised access
- Transmitted to a third party (unauthorised)
- Stored in an unauthorised manner
- Processed in an unauthorised manner
If your data is breached, it could cause you financial harm. It could also lead you to suffer emotionally and could cause anxiety and stress. If you have been harmed financially or psychologically because of a data security breach, you could make a claim for the data breach against Whitbread if you have evidence of their failings and the harm you’ve endured.
GDPR came into force in May 2018. It is currently the toughest security and privacy law in the world and it requires organisations that store or process data concerning EU subjects anywhere in the world to comply with it.
In terms of what organisations must do to comply with GDPR, the list of requirements is lengthy. Organisations who store or process personal data must do so in accordance with 7 main principles. These include:
- Purpose limitation – data must be collected for legitimate purposes which have been specified to the subject
- Data minimisation – the data that is collected must be the minimum required for the purpose it is meant for
- Storage limitation – the data must only be stored for as long as is strictly necessary
- Accuracy – data must be kept up to date and must be accurate
- Transparency, lawfulness, and fairness – the processing of data must be done in a lawful and fair manner, and data processors should be transparent as to the processing of such data with the subject
- Confidentiality and integrity – integrity and confidentiality of data should be maintained by employing data security methods such as encryption
- Accountability – a data controller should be able to demonstrate compliance with these principles
If a breach of Whitbread’s data occurred because Whitbread was not compliant with GDPR regulations, they could be fined for non-compliance. You could also make a Whitbread data breach claim against them for any harm you’ve suffered because of the breach as long as you can prove the breach affected you and caused harm.
In 2018, a Whitbread cyber attack caused a breach of data of Whitbread job applicants, including their name, e-mail address, phone number, address and employment information. Job applicant data was stolen when a third party vendor suffered a breach and compromised Whitbread data.
Australian firm PageUp said of the breach that an unauthorised person was able to gain access to their systems. While their security team stopped the access and PageUp revealed the site had been made safe to use, they also admitted that some data may be at risk.
While the PageUp data breach did not, according to PageUp, breach tax file numbers, financial information and the resumes of those persons whose details were held on their systems, Whitbread suspended the use of PageUp for applicants at the time. It refused to say how many people may have been affected by the breach.
Whether you’ve been affected by the Whitbread recruitment system data breach, or have had your data breached in another Whitbread cybersecurity incident, we could check your eligibility to claim compensation for emotional and financial harm caused.
How An Employer Could Be In Breach Of Data Protection Rules
A Whitbread data breach could break data protection rules if it relates to:
- The accessing of your data by an unauthorised third party
- The loss of availability of your personal data
- The alteration of your personal data without your permission
- The sending of your personal data to an unauthorised third party (this could include e-mailing your personal details to someone else by mistake)
- The theft of a computing device that contains your personal data
- The loss of a computing device that contains your personal data
- A deliberate act or inaction by a processor or controller
- An accidental act or inaction by a processor or controller
If you’re unsure as to whether the Whitbread data breach you’ve been harmed by would constitute a breaking of data protection rules, please call our team. We’d be happy to assess your case for free.
If you’ve been the subject of a data breach, you might assume the proper action to take would be making a report to the ICO (Information Commissioner’s Office), but according to the ICO’s website, you should report the breach to the organisation yourself first.
When making such a report, the ICO advise you to:
- Raise your report quickly
- Ensure it is sent to the right place, whether this is the Whitbread data protection officer or complaints department
- Be specific in describing the breach that is affecting your personal data; how do you think it was breached and what data exactly was breached?
- Request a timescale for a response – if the organisation doesn’t respond in a timely manner or to your satisfaction then you could raise your concerns with the ICO and ask them to investigate – however, you should raise your concerns with the ICO before 3 months has passed. The ICO wouldn’t normally investigate if there has been an undue delay in you bringing a matter to its attention.
We should mention here that whether you are putting a complaint into the ICO or not, this would not affect you being able to make a legal claim for a data breach that has affected you.
If you’ve suffered non-material or material damages due to a Whitbread data breach, you could claim compensation for this.
- Material damages, is, essentially the financial harm you’ve suffered due to the breach
- Non-material damages could include the loss of amenity, suffering and pain caused by psychological injuries you’ve sustained because of the breach
Calculating Financial Expenses
Working out how much you could receive for the financial expenses relating to the breach of your personal data is not as simple as checking if anyone had accessed your bank account or stolen from you.
An experienced solicitor would know there may be a risk of future financial damage if your data has been breached and could take steps to claim compensation for this. Along with the financial expenses you’ve suffered already, they could fight for the maximum compensation possible for your claim.
Calculating Non-Material Damages
Calculating non-material damages would usually involve a review of your psychological injuries by an independent medical expert. This assessment would take place as part of your claim. You would have to talk to them about your injuries, whether they have kept you from sleeping or caused you anxiety, and what treatment, if any, you had sought for your psychological harm.
Once the independent medical expert had written a psychological injury report, this could be used as evidence of your injuries. Your solicitor could use this to fight for injury compensation on your behalf.
You may be wondering how it could be possible to claim personal injury compensation for a Whitbread data breach. There is, in fact, legal precedent that allows for the consideration of personal injuries within data breach claims.
The cases we refer to is Vidal-Hall and others v Google Inc  – Court of Appeal, in which the judge presiding over the case discussed the matter of personal injury caused by a data breach, and said that such awards should be considered.
What this means is if a Whitbread data breach has caused you emotional or psychological harm, you could be eligible to make a claim for it. The table below, containing figures from the Judicial College Guidelines, could give you some insight into how much you could claim.
|Type of injury||Remarks||Compensation Amount|
|General Psychiatric Injury – Severe||There would be marked effects on factors such as ability to work, relationships, effectiveness of treatment, ability to cope with work, life and education||£51,460 to £108,620|
|General Psychiatric Injury – Severe||Significant problems with those factors mentioned in the above section, but where the prognosis is much more positive than those in the severe section||£17,900 to £51,460|
|General Psychiatric Injury – Moderate||Problems could be similar in nature than those above but the injured party would have had a marked improvement by the time any trial took place and they would also have a good prognosis.||£5,500 to £17,900|
|General Psychiatric Injury – Less severe||The length of suffering/disability would be assessed and how much sleep and daily activities were affected would also be taken into account.||Up to £5,500|
|PTSD||These cases would be severe. There would be a permanent effect on the injured party which would leave them unable to function as they did before. Every aspect of the injured party’s life would have been impacted.||£56,180 to £94,470|
|PTSD||These cases would be moderately severe. There would be a better prognosis for the injured party’s recovery with some professional help. There would still be some significant disability for the foreseeable future.||£21,730 to £56,180|
|PTSD||These cases would be moderate. There wouldn’t be any grossly disabling continuing effects and the injured person would have largely recovered.||£7,680 to £21,730|
|PTSD||These cases would be less severe. There would have been a virtually full recovery within the space of one to two years. There may be some minor symptoms that continue for longer, however.||Up to £7,680|
It is also worth mentioning that financial expenses relating to such injuries could also be included within your claim. These could include:
- Loss of income – if you’ve had to take time off to recover from the injuries caused by the data breach
- Medical expenses – this could include the costs of counselling, for example
- Travel expenses – you could also claim for expenses sustained when attending medical appointments or visiting your lawyer
- Care costs
If your personal or employment data is breached, you could report it to the organisation that has breached your data and ask them to investigate. You could tell them how you have been affected by the data breach, and you could request that they compensate you for your suffering and the expenses you’ve incurred.
You could take this action on your own, but you may prefer to have an experienced solicitor on your side to help you. Not only could this take the stress of asking for compensation from your shoulders, but it could also help you to claim the maximum compensation possible for your suffering, pain and loss of amenity as well as the financial expenses you’re claiming for.
How Long Do I Have To Claim For A Whitbread Data Breach
We should mention that there is a time limit when making data breach claims:
- 6 years for data breach claims
- 1 year for claims relating to a breach of your human rights
If you’d like help with dealing with your Whitbread data breach claim, we’d be happy to assist.
Here at Legal Expert, we have years of experience in helping claimants with a wide variety of claims. Our expert advisors would be happy to talk to you about your data breach claim, explaining everything in simple terms with no confusing legal jargon. We could also explain how the claims process works, and we could check your eligibility to claim too. We don’t charge for advice or eligibility checks and these come with no obligation to use our services.
If we believe you could have a valid claim, we would be happy to provide you with a solicitor to help you fight for compensation. All of our solicitors work under No Win No Fee terms, so you would not have to pay anything upfront when beginning a claim with us.
If you’d like to know more about our services or would like to see what other claimants have thought of the services we offer, we’d be happy to talk to you. Or, you could take a look at our reviews page here.
If you’d like to claim data breach compensation for a Whitbread data breach, we’d be glad to provide you with a No Win No Fee solicitor to help you provided you can prove their failings and the harm caused. This means you would not have to pay your lawyer up front, or throughout the course of your claim. Instead, you would be sent an agreement known as a Conditional Fee Agreement to sign. Some people refer to these as No Win No Fee agreements.
They specify a success fee that you would pay your lawyer once they’d achieved a compensation settlement for you. This fee is capped and usually represents a small percentage of your data breach compensation payout. If your lawyer doesn’t achieve a payout for your Whitbread data breach claim, you wouldn’t pay them the success fee. You would not have to pay for the costs incurred by the lawyer while they were pursuing your data breach claim, either.
We’ve included a guide to No Win No Fee claims in the resources section at the end of the guide. If you have any questions or would like to begin a data breach claim under these terms, all you need to do is call us.
Here at Legal Expert, we’d like to help you if you’ve been affected by the Whitbread recruitment system data breach, or you’ve suffered harm because of any other Whitbread data breach. For a free, no-obligation eligibility check, or to begin a claim, simply:
- Call our helpline on 0800 073 8804
- E-mail our advisors on firstname.lastname@example.org
- Use the contact form to get in touch
- Or, use our Live Messenger.
Data Breach Claimants’ General Information– We have put together a general guide for claimants looking to make a data breach claim. You may find this useful.
Making No Win No Fee Claims – In this guide, we explain how to go about making a claim on a No Win No Fee basis.
Holiday Inn Data Breach Claims – Here, you can read about making a data breach claim against the Holiday Inn.
How Is My Data Used? – The ICO has produced an article explaining how your personal data could be used.
What Enforcement Actions Has The ICO Taken? – Enforcement actions taken by the ICO are detailed here.
What Should Companies Do In The Event Of A Data Breach?– This guide explains how an organisation should act if they become aware that they have suffered a data breach.
Guide by Jeffries
Edited by Billing