You are entitled to expect your personal data is being protected by those organisations that hold it.
In the EU, there is a law called the General Data Protection Regulation (GDPR) that all businesses need to follow. In 2018, this was updated and the penalties if a company breaches these regulations is now more severe than ever. The updated regulation states that if a company is finished using your data for the purpose it was given, they must then delete your information from their system. That even includes people like doctors and your employer.
When a company or organisation collects and uses your personal information, they have a legally binding duty to protect it and keep it private. They can only use your data for the purposes they describe to you at the time they collect it. For example, if they are going to use it solely for their own newsletter, this must be stated. If they want to provide your details to their affiliates, again, this must be stated.
Sometimes however your personal data can be misused for purposes you didn’t intend or agree to, and other times it can be sold to other companies for profit.
Unfortunately, despite the GDPR, data misuse does still occur. Sometimes, serious breaches have the potential to result in identity theft and fraud. In any of these cases, the company that gathered your information to start with is liable for any breach that occurs – and that means you can take legal action.
The experienced team at Dillon Geraghty & Co Solicitors can help you make sense of data protection laws and understand when your data has been misused. If you feel your data has been collected or used without your permission, complete the online form now to arrange an obligation free consultation about your data breach concerns.
Request a call back! Complete our online form for an obligation-free consultation about your matter.
* In contentious business a solicitor may not calculate fees or other charges as a percentage or proportion of any settlement.