GDPR insurance GDPR insurance

Built to stay on top of internet-based risks, our cyber insurance includes cybercrime, to cover claims associated with UK General Data Protection Regulations.

Be quote confident. We'll beat the price of any like-for-like quote. T&Cs apply.

Not sure where to start?

Find out what covers businesses like yours choose

Find your cover

Cyber insurance quote

per month

What is GDPR insurance?

GDPR insurance, which comes as part of cyber cover, is designed to support and protect your business if it experiences a data breach or a cyber attack or if a business fails to comply with UK GDPR regulations. Our innovative cover includes a number of important extensions as standard to give you advanced level of protection.

10% of businesses paid £10.79 a month or less for their cyber security insurance, including GDPR cover, between January and March 2023.

  • GDPR penalties
  • Access to specialist PR and IT support
  • Compensation for loss of income
  • Data restoration

Be quote confident

We're big on fairness. So if you find a lower price for a comparable quote, we won't just match it – we'll go one better and beat it.

So even better than apples to apples, apples to better apples. We're talking Galas to Braeburns.

As you'd expect, T&Cs apply.

How can Superscript help?

Find out more about GDPR insurance and the risks it covers.

Fine and compliance

The GDPR puts a greater onus on businesses to keep customer data secure, while introducing more serious penalties for non-compliance. From January 2021, UK GDPR replaced the nearly identical EU GDPR laws after the UK left the European Union. Any business that fails to follow the new rules will face fines of up to £17.5 million, or 4% of annual global turnover – whichever is higher. If that happens, our cyber cover can cover any defence costs and penalties - where legally insurable.

Protecting your reputation

Cyber-attacks and data breaches are big news, and the GDPR will increase the spotlight on those affected. How you handle your PR following a breach can make or break your reputation. That's why with Superscript' cover, you'll have access to PR expertise to guide you through the process and ensure your image remains intact. But, if you do suffer any reputational damage, you'll be covered for resultant lost income over a period of up to 90 days.

Cyber and data specialists

Unlike generic business insurers, we specialise in covering the new and emerging risks faced by innovative digital businesses. That means our products are built around today's cyber and data threats and perfectly aligned with the GDPR. We even have our own in-house GDPR specialist, who is on hand to answer your data questions.

A fast response

Sometimes it's impossible to avoid a breach, which is why an effective response plan is non-negotiable. Having a response plan is also a legal requirement under the GDPR. Being prepared means you'll recover from a breach more quickly, with minimum impact to your business and customers. And with our cover, everything is taken care of, including a direct point of contact on our team and access to legal, IT forensics and PR support.

Once you've completed a quote, you'll be able to view a summary of cover. Please always refer to your policy documents for full details around exclusions, terms and limits of your customised cover. Read our guide to understanding your policy documents.

Boost your cover with legal protection insurance

Covers compensation awards, professional fees and legal costs associated with a range of legal disputes.

GDPR insurance FAQs

When did GDPR become law?

European GDPR was incorporated into the Data Protection act 2018 as an update to the Data Protection Act 1998.

However, UK GDPR became law on 1st January 2021 to replace the EU law after the end of the Brexit transition period.

Is GDPR the same in the UK as in the EU?

Yes, the UK GDPR law is essentially identical to the EU law. The only major difference is that the penalty fines for breaching GDPR laws are now calculated in GBP rather than Euro.

Can I get GDPR cover without cyber insurance?

Superscript's GDPR cover is part of our comprehensive cyber insurance. As well as GDPR cover, you'll be covered for hacking, extortion and ransomware attacks, cybercrime, denial-of-service attacks and cyber-related business interruption.

Will GDPR cover pay penalty fines?

Yes, in the event of your business being liable for a breach of GDPR law, you may be subject to fines. Your insurance can cover any legal costs and penalties incurred.

Will I be covered for loss of income after a data breach?

Yes, if your business suffers reputational damage as the result of a GDPR breach, your insurance can cover loss of income for a period of up to 90 days.

We insure thousands of innovative businesses

Check out our latest posts

Authorised by the FCA

The FCA supervises UK financial services firms to protect consumers. We are directly authorised and regulated by the FCA and our Firm Reference Number is 656459. These details can be confirmed on the Financial Services Register at or by calling the FCA on 0845 606 1234.

A-rated financial strength

Our insurance products are underwritten by Standard & Poor’s A-rated financial strength or higher. This means the underwriter has been independently assessed by the world’s leading credit rating provider and found to have a strong capacity to meet financial commitments (pay claims).

Protected by the FSCS

If you are a business with an annual turnover under £1m, charity with an annual income under £1m, or trust with net assets under £1m, then you will be entitled to compensation from the FSCS in the unlikely event we cannot meet our obligations. Full details and further information on the scheme are available at