How JustAnswer Works:
  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site. Ask follow up questions if you need to.
  • Go back-and-forth until satisfied
    Rate the answer you receive.
Ask Ben Jones Your Own Question
Ben Jones
Ben Jones, UK Lawyer
Category: Law
Satisfied Customers: 66755
Experience:  Qualified Solicitor
Type Your Law Question Here...
Ben Jones is online now

I run a small business. Assistant: Where are you? It matters

This answer was rated:

Hi, I run a small business.
Assistant: Where are you? It matters because laws vary by location.
Customer: recently I placed an order for materials and I requested that my information not be shared. I have just been approached and told the supplier has given someone the name of my company as having placed the order. Is this legal? Many thanks
Assistant: What steps have you taken so far?
Customer: I’m in south of the uk and I have taken no steps this is my first.
Assistant: Anything else you want the Lawyer to know before I connect you?
Customer: I don’t think so for now thanks.

Hello, I’m Ben, a UK lawyer and will be dealing with your case today. Firstly, I need to ask some initial questions to determine the legal position.

Who approached you and why do they have information about your order?

Customer: replied 6 months ago.
Ok thank you

No problem. Please provide the information requested

Who approached you and why do they have information about your order?

Customer: replied 6 months ago.
Ok what do you need to know?

Who approached you and why do they have information about your order?

Customer: replied 6 months ago.
I subcontract to a local firm. I worked on a project for over a year with a residential client of the main contractor. The main contractor and client had several issues. The client didn’t wish to offer any further work to the main contractor. I am under no contracts with the main contractor and agreed to do a small additional project which wasn’t related to the main work. I called the material supplier to explain that I needed to order materials but if the main contractor asked who purchased the materials it needed to be kept anonymous. They agreed.
Today the main contractors contracts manager told me that the supplier have said I purchased the materials which puts me in a difficult position trading with them going forward. I presumed my details would have been protected under GDPR or similar.

Thank you. I will get back to you with my answer as soon as I can, which will be at some point today. The system will notify you when this happens. Please do not reply in the meantime as this may unnecessarily delay my response. Many thanks.

Many thanks for your patience. Fist of all, the GDPTR only protects personal information relating to an individual. So if it was just your company details which were shared, then that is not a GDPR issue, but if your personal details were shared as well, then it would be.

If it was just company details, then you can only take it further legally if you have suffered losses as a result of that breach of confidentiality.

If it was your personal data that was shared, then you can consider taking it further. #

The first step is to consider reporting the alleged breach to the Information Commissioner’s Office (ICO). They are the regulatory body that deals with data protection breaches and have certain powers at their disposal to deal with them, such as fines and sanctions. However, they will not award compensation to the victim so the only way to try and do this is by going through court.

What the ICO can do, if a breach is reported to them, is order the company to do the following:

- impose a temporary or indefinite ban on the processing of data

- force them to comply with your request

- provide any required information

- warn and admonish

- order rectification, erasure or destruction of specific data

In addition, they can impose severe financial penalties and fine the company in breach.

If the victim wanted to take formal legal action, they may do so under Article 77 of the GDPR. There is no need to show that financial losses have been suffered and compensation can be sought for mere distress caused by the alleged breach. The level of compensation will depend on the severity of the breach and the effects it has had on the victim.

Does this answer your query?

Customer: replied 6 months ago.
Thank you for the info!The main contractor have given me 80% of my turnover for the last 3 years which equates to around 100k per annum. If they decided not to use our services any longer would that be considered a loss?

What does that have to do with the alleged GDPR breach though?

Ben Jones and 3 other Law Specialists are ready to help you