Chamber of Commerce – Court Ruling (Netherlands, 2022)

The data subject requested the Chamber of Commerce (the controller) to shield the visiting address of his foundation - which was also his home address - in the Commercial Register. On 15 December 2020, the controller denied this request, stating that it was mandatory to include a foundation’s visiting address in the Commercial Registry. The data subject objected to the controller's decision, but the latter dismissed the objection as unfounded. In response, the data subject filed an appeal against this decision. In the appeal, the data subject requested a foreclosure of their address, until the moment of the appeal decision. Initially, the controller refused to do so. However, after an order from the interim relief judge, the controller did foreclose the address. The controller should have assessed the initial request against the conditions set out in section 51(3)(a) of the HRB 2008, in which these conditions of the case have been met. Furthermore, At the hearing before the Board, the data subject applied for damages for exceeding the reasonable time limit provided for in Article 6 ECHR. In cases such as the one at issue here, the basic principle is that the objection and appeal phases together may not exceed two years. The objection phase may not exceed six months and the appeal phase may not exceed eighteen months. In this case, the two-year period was exceeded, with no justification. The Court of Appeal held that the appeal was well-founded and annulled the contested-decision. Meaning, that the data subject was eligible for the suppression of the entry of their residential address, on the basis of probable threat. Moreover, the data subject was awarded €500 in damages for exceeding a reasonable time limit, pursuant to article 8:88 of the AWB.