Tenant – Court Ruling (Austria, 2020)

The complainant is the Municipality of the City of Vienna (Wiener Wohnen) and the respondent is a tenant of the complainant. On 31 August 2019, the tenant informed the police that children had broken a window. In addition, he informed the complainant about the damage to the general parts of the property (window in the staircase). On the phone, the complainant stated that they would commission an emergency service and have the damage repaired. Shortly afterwards, an "electrician" called the respondent, saying he had been commissioned to repair the damage. Since the respondent generally had a secret number and had changed it for security reasons he never allowed to pass on his telephone number to third parties (electricians). He had not been asked about this, nor had he been informed of the transfer, so that he could have objected to it. When the respondent complained via telephone, he was told that the complainant usually compared the data and passed it on to technicians so that they could contact the detector. The tenant then submitted a complaint to the Data Protection Authority (DSB) which found that the respondent's right to secrecy had been violated by unlawfully transmitting personal data of him to a commissioned company and disclosing it to the latter. The complainant then appealed against this decision at the Federal Administrative Court claiming that it followed from the obligations arising from sections 1096 and 1097 of the General Civil Code that the landlord may use vicarious agents to remedy the reported defects "and may therefore also provide them with the telephone number of the tenant who has reported a defect". Therefore, the justification of Article 6(1)(b) of the GDPR would be given. Was the transmission of personal data (mobile number) to the commissioned company considered to be necessary for the performance of a contract and did it comply with the conditions laid down in Articles 5 and 6 GDPR? The Federal Administrative Court held that th