Court case 13 O 129/21 – Court Ruling (Germany, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A German court awarded €5,000 in damages to a person whose negative credit entry was not deleted promptly by a credit agency. The agency had kept the entry despite a court order to remove it. This case shows the importance of complying with court orders and the potential financial consequences of failing to do so.
What happened
A credit agency failed to promptly delete a negative credit entry despite a court order.
Who was affected
A person who was affected by the continued storage of a negative credit entry.
What the authority found
The Regional Court Hannover awarded damages because the credit agency unlawfully stored data by not complying with a court order to delete it.
Why this matters
This ruling underscores the importance of complying with court orders regarding data deletion. It highlights the potential for significant damages if companies fail to act on such orders, emphasizing the need for timely compliance with legal requirements.
GDPR Articles Cited
National Law Articles
The controller is a credit reference agency. The data subject entered into a contract with a mobile phone provider under the address of his parents. The mobile phone was used by the data subject's brother. During the term of the contract, the mobile phone provider was unable to debit an amount due and, therefore, sent debt collection letters to the registered address. However, the data subject did no longer live at his parents' address. The debt was then settled in the short term, but the mobile phone provider terminated the contract and initiated a negative entry in the controller's debt register. One year later, the data subject requested the controller to delete the negative entry, because he has never received any which the controller refused. The controller felt it was entitled to keep the entry, because the debt has not been paid initially and two debt collection letters had been sent to the parents' address. Subsequently, the data subject obtained a judgement ordering the controller to delete the entry. The controller, however, did not immediately comply with the judgement. As it turned out, the data was still processed by the controller and shared with its customers. Only three months later, after the data subject again requested deletion, the controller finally removed the entry. The data subject then initiated new court proceedings claiming damages for the unlawful storage of its data. The controller applied for the dismissal of the claim, arguing that the negative entry was stored lawfully and the data subject did not suffer any damages. The incident partially occurred before the GDPR came into effect. The facts of the case were therefore partly assessed on the old version of the German Data Protection Act (BDSG a.F.). The Regional Court Hannover (Landgericht Hannover - LG Hannover) awarded €5000 in damages to the data subject according to Article 82 GDPR, since the the processing of the data by the controller violated the old German Data Protection A
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case 13 O 129/21 in DE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case 13 O 129/21 - Germany (2022). Retrieved from cookiefines.eu
Last updated: