Court case 62 O 194/23 – Court Ruling (Germany, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A German court ruled that a telecommunications company did not owe damages to a customer who was upset about their data being shared with a credit rating agency. The customer claimed this sharing caused them distress and was unnecessary, but the court found the data transfer was lawful. This case highlights the importance of understanding how customer data can be shared and the legal protections available.
What happened
A court ruled on a case involving a telecommunications company sharing customer data with a credit rating agency.
Who was affected
The customer of the telecommunications company who felt distressed by the data sharing was affected.
What the authority found
The court decided that the data sharing was lawful and the customer was not entitled to damages.
Why this matters
This ruling emphasizes that companies can share certain customer data under specific legal bases. Businesses should ensure they understand the legal requirements for data sharing to avoid potential disputes.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The data subject is a customer of a telecommunications service provider (the controller). The data protection information on the telecommunications contract does state that the controller reports the conclusion of the contract to a credit rating agency. In October 2023, the data subject received a letter of information from the credit rating agency, about the personal data stored, including - among other things - the fact of the conclusion of a telecommunications contract with the controller in January 2021, the account number and the statement, that this information will be stored as long as the business relationship exists. The data subject claims the transmission of data caused distress and existential concern, particularly regarding potential impacts on creditworthiness. The data subject asserts that the transfer of data was unlawful because it did not fulfill the conditions of legitimate interest under Article 6(1)(f) GDPR. The data subject contends that the controller could have used other available systems for fraud prevention and that the data transfer was unnecessary for maintaining credit system functionality or calculating default risks. The data subject claimed - inter alia - non-material damages of at least €5,000. The controller asserts that the transmission of positive data was lawful under the GDPR, justified by the need to prevent fraud and to protect consumers from excessive indebtedness. The controller disputes that any damage occurred, claiming the data subject’s fears were unfounded and that there was no deterioration in the data subject’s credit score due to the data transfer. The court held, that though the notification of the credit rating agency about the conclusion of the contract constitutes processing (of so called 'postive data') within the meaning of Article 6 GDPR the data subject is not entitled to non-material damages under Article 82(1) GDPR or any other basis against the controller. The court denied Article 6(1)(a) GDPR as a
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case 62 O 194/23 in DE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case 62 O 194/23 - Germany (2024). Retrieved from cookiefines.eu
Last updated: