Court case 2 O 49/24 – Court Ruling (Germany, 2025)

The controller is a credit rating agency calculating credit scores based on personal data. The data subject filed a criminal complaint against the controller in April 2023 for allegedly unlawful storage of payment defaults and allegedly criminal conduct by its employees. As a response, the controller temporarily suspended the provision of information regarding the data subject's data to third parties. The criminal proceedings were eventually discontinued, however the controller only learned that during the ongoing civil proceedings. The controller informed the data subject that it would not disclose his data set again until he gave his written consent and waived any subsequent claims that might arise from the credit rating (damages/compensation for pain and suffering). The data subject did not make such a declaration. The data subject requested - inter alia - that the controller be ordered to pay the data subject non-material damages pursuant to Article 82 GDPR, because the controller failed to transmit the current credit score calculated by the controller in particular to two banks contrary to their right to data portability under Article 20(2) GDPR. Additionally, the data subject claimed, that the controller had a contractual obligation to forward the data. The controller requests that the action be dismissed. The controller argued, that even if potential contractual partners had refused to enter into credit-related agreements with the data subject, the corresponding damages would not have been caused by the controller or by the information it failed to provide. The court held, that the data subject is not entitled to damages under Article 82(1) GDPR. = The court found, that the controller had not violated the GDPR as according to Article 20(1) GDPR, the data in question must have been made available to the controller by the data subject to establish an obligation to transfer the data (i.e. the right to data portability). However, the data to be disclosed is no