GDPR Breach & Data Rights

At Keller Lenkner UK, our expert data protection lawyers help clients make a wide range of successful GDPR breach and data rights claims.

Get justice following a GDPR breach.

Have you suffered a GDPR breach? You could be entitled to compensation.

The General Data Protection Regulation (GDPR) is an EU law on data protection and privacy. It sets out how organisations can use your personal information.

The UK retained the GDPR after the end of the Brexit transition period, so all UK organisations must comply with the GDPR.  The ‘UK GDPR’ sits alongside the Data Protection Act (DPA).

When it comes to GDPR failures and abuses, it is not just about data breaches.

Today, too many companies are failing to uphold our individual data rights in other ways. If you have suffered financial loss, distress or a loss of privacy caused by an organisation breaching any part of the GDPR/Data Protection Act, you have the right to claim compensation.

At Keller Lenkner UK, we make sure our clients are compensated for any GDPR breaches that impact their legal rights.


What is the difference between a data breach and a GDPR breach?

  • A data breach refers to any situation where data has been put at risk. For example, when criminals break into an organisation’s systems to steal information, or more commonly, because of simple human error and poor data protection processes.
  • A breach of the GDPR is where an organisation fails to follow the rules and regulations set out in the GDPR legislation and our Data Protection Act 2018.
  • As well as data privacy violations, other forms of GDPR breaches happen when the rules set out in the GDPR are not adhered to.
  • In addition to our various data breach group actions, Keller Lenkner UK supports clients who have experienced a whole range of GDPR violations. For example, because of facial recognition software and algorithmic and automated decision-making processes.

Why claim GDPR breach compensation?

Hold organisations to account for failing to protect or misusing your private information.

Receive financial compensation for your losses.

Force organisations to implement better data processes.

What are the consequences of a GDPR breach?

Under the GDPR, an organisation can be fined a maximum of €20 million or 4% of annual global turnover – whichever is greater – for infringements of the data protection regulations. In the UK, GDPR fines are issued by the ICO (the UK’s data protection regulator). But this money goes directly to Treasury, not to the victims of a personal GDPR breach. The only way to get GDPR breach compensation is to make a claim.

When it comes to GDPR breach compensation amounts, each case will be judged on its own merits. But our expert GDPR lawyers will help you get the maximum compensation possible.

Types of GDPR infringement claims


When decisions are made about you without people being involved, this is called automated individual decision-making and profiling or ‘automated processing. In particular, women and people of BAME groups are being discriminated against by companies that use such tech. 

Such technology is also being used by some of the biggest companies in the gig economy sector – often to the detriment of workers.  

At Keller Lenkner UK, we make sure our clients are compensated for any GDPR violations that impact their legal rights. And if you have been harmed by algorithmic and automated decision-making processes, we can help. 


Data breaches are on the rise. And no organisation – regardless of size or type – is safe. At Keller Lenkner UK, our expert data breach lawyers help clients make successful data breach claims. 

As well as supporting individuals with claims that involve them, where several people have been affected by a data breach, we also make group action claims.   

Current GDPR actions

In some cases, you won’t be the only person to experience an organisation’s GDPR breach. In these instances, it might be worth joining a group action. Our current GDPR & Data Right actions include:



If a private parking company has sent you an invalid PCN, or if the DVLA has given a parking company your personal information in error, you could be due compensation.

Find out more »


What is the GDPR?
The General Data Protection Regulation is an EU law on data protection and privacy. It was introduced to bring data protection standards up to date in an increasingly digital and data-driven age. Despite Brexit, all UK organisations must comply with the GDPR. In the UK, the Data Protection Act 2018 (DPA) is the UK’s interpretation of the GDPR.
Making a data subject access request (DSAR/SAR)
Under the GDPR, an individual can ask an organisation if it uses their data, how it is using it, what type/types of data it is using, how long the data will be kept, if it shares this data with any third parties, and more. A refusal to answer such a request within the legal timeframe is a GDPR breach.
Report a GDPR breach
If you want to report a GDPR breach, you should contact the Information Commissioner’s Office (ICO). While the ICO does not award compensation to individuals, we can use any evidence uncovered by the ICO to support your GDPR compensation claim.

Why use Keller Lenkner UK to make a data breach, GDPR violation, or cybercrime claim?

Latest news