Compared to art 82(1) of the General Data Protection Regulation (GDPR), which since 2018 grants data subjects a claim for damages resulting from the infringement of European data protection law, private enforcement of European competition law looks back on a much longer history. Thus, its concepts and learnings may serve as a model for data protection law. However, any potential transfer from one area to the other must be carefully weighed, as both the factual circumstances and the underlying regulatory framework differ. Against this background, this paper aims at identifying important similarities and differences between the private enforcement of European competition and data protection law. Amongst others, it reaches the conclusion that both fields of law – although for different reasons – share a comparably high level of Europeanisation and that the primary aims of private enforcement generally align. In addition, potential for spill-over effects from the area of competition to data protection law is identified, namely with regard to causation and the European concept of undertaking.