Court case 202100213/1/A3 – Court Ruling (Netherlands, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
The Council of State in the Netherlands ruled that the municipality of Eindhoven did not violate GDPR rules when it forwarded a resident's email to their neighbors. The court found that the municipality responded to the resident's requests within the legal time frame and that the requests for data correction were not justified. This case highlights the importance of understanding what constitutes a valid data correction request under GDPR.
What happened
The municipality of Eindhoven forwarded a resident's email to their neighbors without consent, leading to a court case about data correction and compensation.
Who was affected
A resident of Eindhoven whose email, containing a complaint about neighbors, was forwarded to those neighbors without consent.
What the authority found
The Council of State ruled that the municipality acted within GDPR rules, as the data correction request was not valid and the response time was appropriate.
Why this matters
This ruling clarifies that not all disagreements over data content qualify for correction under GDPR, emphasizing the need for clear, objective inaccuracies to be present. It also underscores the importance of municipalities adhering to response timelines for data requests.
GDPR Articles Cited
National Law Articles
Controller is the municipality of Eindhoven. The data subject found out that an email that they sent to the municipality on 15 January 2017 (in which they complained about their neighbours), had been forwarded and had ended up with their neighbours, without blacking out their email-address. Because they had not given consent for this, and the processing for personal data was not necessary to fulfil a public interest, the data subject requested the municipality to (1) rectify personal data mentioned in letters of 7 April 2016 and 14 November 2018, and (2) compensation for damages caused by forwarding their personal data without a legal basis. After the municipality had rejected the request, the data subject [https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBOVE:2019:1827 brought the issue before court]. The District Court of Oost-Brabant dismissed this appeal, after which the data subject appealed this judgement before the Council of State. On appeal, the data subject argued that (1) The municipality had exceeded the decision period of one month as per Article 12(3) GDPR for their request to rectify the personal data, (2) the municipality should have also rectified personal data in the letter of 14 November 2018, and (3) The District Court had wrongly considered that the data subject was not entitled to compensation. The Council of State rejected the appeal. First, the Council stated that the municipality complied with the data subject's access request within the decision time of one month as per Article 12(3) GDPR. Second, the Council of State held that the right to rectification of personal data pursuant to Article 16 GDPR only applies to inaccuracies that can be easily and objectively ascertainable. Since the letter of 14 Novemer 2018 concerned impressions and conclusions with which data subject did not agree, the Council found that the rejection of the request for rectification was well-founded. Lastly, although it is not disputed between parties
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case 202100213/1/A3 in NL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case 202100213/1/A3 - Netherlands (2022). Retrieved from cookiefines.eu
Last updated: