LG Wiesbaden - 2 O 49/24
| LG Wiesbaden - 2 O 49/24 | |
|---|---|
 | |
| Court: | LG Wiesbaden (Germany) |
| Jurisdiction: | Germany |
| Relevant Law: | Article 20(1) GDPR |
| Decided: | 15.01.2025 |
| Published: | |
| Parties: | |
| National Case Number/Name: | 2 O 49/24 |
| European Case Law Identifier: | ECLI:DE:LGWIESB:2025:0115.2O49.24.00 |
| Appeal from: | |
| Appeal to: | |
| Original Language(s): | German |
| Original Source: | hessenrecht (in German) |
| Initial Contributor: | tjk |
A court held, that the data subject's right to data portability according to Article 20(1) GDPR, is limited to the personal data concerning them that they have provided to a controller.
English Summary
Facts
The data subject requests that the controller transmit his personal data, and in particular the current score calculated by the controller based on his stored personal data, to third parties, in particular two banks in accordance with Article 20(2) GDPR, as well as non-material damages for the refusal to transmit data to the aforementioned third parties in accordance with Article 82 GDPR.
The controller is a credit-scoring agency. The data subject filed a a criminal complaint against the controller in April 2023 for allegedly unlawful storage of payment defaults and allegedly criminal conduct by its employees. As a response, the controller temporarily suspended the provision of information regarding the data subject's data to third parties. The criminal proceedings were eventually discontinued, however he controller only learned that during the ongoing civil proceedings.
The controller informed the data subject that it would not disclose his data set again until he gave his written consent to waive any subsequent claims that might arise from the score calculation (damages/compensation for pain and suffering). The data subject did not make such a declaration.
The data subject claims that as long as the controller refuses to provide information to third parties, the data subject is currently no longer able to enter into continuing obligations or pay by invoice. He believes that the controller has breached its duty to disclose data directly to third parties and that he is therefore entitled to information and transmission of the data in accordance with Article 20(2) GDPR.
The data subject is of the opinion that the legality of the processing pursuant to Article 6(1)(a) and (f) GDPR, on which the controller relies, also simultaneously constitutes an obligation of the controller towards the data subject to provide information about his personal data to third parties upon the data subject's instruction. By consenting to the processing of data and accepting the consent by the controller pursuant to Article 6(1)(a) GDPR, a contract is simultaneously concluded between the parties.
Because the controller unlawfully failed to provide information to third parties, in particular to Bank 1 eG and Bank 2 AG, contrary to the provisions of Article 20 GDPR, it is obligated to pay damages to the data subject pursuant to Article 82 GDPR.
The data subject requests that:
1. the controller be ordered to provide specified banks with information about the data subject's data stored by the controller, in particular the stored score values;
2. To order the controller to pay the data subject non-material damages;
3. To order the controller to pay the data subject the pre-trial legal fees claimed as an ancillary claim in the amount of €800.39, plus interest thereon at a rate of 5 percentage points above the respective base interest rate since the commencement of proceedings.
At the oral hearing on December 17, 2024, the data subject declared the first claim to be settled. The controller has consented to the settlement.
The controller requests that the action be dismissed, unless it has been declared settled.
The controller argued, that even if potential contractual partners had refused to enter into credit-related agreements with the data subject, the corresponding damages would not have been caused by the controller or by the information it failed to provide.
The controller is of the opinion that since the provisions of the GDPR are fundamentally prohibitive provisions subject to permission, data subjects can restrict the use of their data but cannot demand the active processing of their data. The data subject is demanding that the controller carry out a completely "new" processing activity against their will in the form of providing new information. Chapter III of the GDPR does not provide for such a claim. A claim under Article 20(2) in conjunction with (1) GDPR is also excluded because the data subject did not personally provide the personal data concerning him to the controller. Furthermore, the controller's data processing in connection with its database is not based on consent or a contract, but on overriding legitimate interests pursuant to Article 6 (1) (f) GDPR. This does not change simply because the data subject unilaterally granted the controller "the right" to process "this data" in a letter from his lawyer dated October 12, 2023 (see Exhibit K 2). Furthermore, this blanket declaration, which is in no way specified in terms of content, does not constitute effective consent under data protection law pursuant to Article 6(1)(a) GDPR.
With regard to the criminal proceedings and the data subject's failure to notify them of their discontinuation, the data subject is also at least partially at fault, which excludes damages. If the data subject had informed the controller of the discontinuation of the investigation in the pre-trial correspondence, the controller could have taken this into account in its decision to resume the disclosure of the data subject's data. Finally, the refusal to provide information during the ongoing criminal proceedings was in any case based on objective grounds.
Holding
The court held, that the data subject is not entitled to damages under Article 82(1) GDPR.
No right to instruct transfer of credit information to third parties
The court found, that the controller had not violated the GDPR as no right of the data subject existed to demand that the controller provide credit information about him to third parties.
The court stated, that while the data subject has the right under Article 20(2) GDPR to obtain that personal data be transmitted directly from one controller to another controller (here, the data subject's contractual partner), this right is limited, according to the wording, to the exercise of the right to data portability under Article 20(1) GDPR.
However, the court stated, that according to Article 20(1) GDPR, the data in question must have been made available to the controller by the data subject. However, the data to be disclosed is not data that the data subject made available to it, but rather data that the controller received from contractual partners or collected itself.
The court found, that no further legal bases in the GDPR are relevant.
b) Even if, contrary to the Chamber's legal opinion, a violation of the GDPR and a resulting claim for damages or compensation for pain and suffering were to be assumed on the merits, this would nevertheless fail because the data subject's predominant contributory negligence in ceasing to provide information would preclude the claim.
In addition to the exculpation pursuant to Article 82(3) GDPR, contributory negligence of the entitled party must also be taken into account as Article 82 GDPR is an independent tort claim that is subject to the general national liability regime of the German Civil Code (BGB) within the framework of the principle of effectiveness.
The data subject's contributory negligence, which excludes any claim for damages, is to be seen in the fact that, on the one hand, the data subject subjected the controller to unjustified criminal proceedings, which gave the controller a legitimate interest (objective reason) in temporarily suspending disclosure to prevent any further criminal offenses and damages. On the other hand, the contributory negligence is to be seen in the fact that the public prosecutor's office had already notified the data subject on August 7, 2023, of the discontinuation of the criminal proceedings. The data subject did not inform the controller of this, but rather left it unaware of it and filed the present lawsuit. Had the data subject informed the controller of the discontinuation of the criminal proceedings at that time, it can be assumed that the controller would have resumed providing information at that time. This is precisely what the controller did during the course of this proceedings. The data subject would therefore have had the power to initiate an earlier continuation of the disclosure of the controller's electronic data records relating to him. Therefore, the data subject's contributory negligence is so serious in this case that no negligence on the part of the controller can be assumed. As explained, the controller had a factual reason for the temporary discontinuation of information.
c) Most recently, during the ongoing criminal proceedings, the controller was also permitted to make further disclosure dependent on a clear, comprehensive, and legally effective waiver of claims for damages. However, the data subject rejected such a waiver.
No contractual relationship based on processing alone
2. The claim cannot be derived from an alleged breach of duty under an agency agreement existing between the parties.
a) National grounds for claims are already excluded due to the primacy of the GDPR.
Claims for damages and claims for injunctive relief under national law, insofar as they are based on violations of rules on the processing of personal data and other provisions of the GDPR, do not apply because the provisions of the GDPR constitute a conclusive, fully harmonizing European regulation. Due to this primacy of application of data protection law, which has been conclusively harmonized throughout the EU, a claim cannot be based on provisions of national German law (Federal Constitutional Court NJW 2020, 314 = GRUR 2020, 88 para. 64 – Right to be Forgotten II, with further references). (Higher Regional Court of Frankfurt, 16 U 22/22, judgment of March 30, 2023; GRUR 2023, 904 para. 50, beck-online).
b) Furthermore, no agency agreement was concluded between the parties. The constitutive elements of a matching offer and acceptance are already missing.
The unilateral declaration made by the data subject, that he had expressly granted the controller the right to process this data can only be considered as consent under data protection law pursuant to Article 6(1)(a) GDPR if necessary. Furthermore, the controller never made a corresponding declaration of intent related to the conclusion of a contract. Rather, in a letter dated October 20, 2023 (Exhibit K3), the controller made the provision of information with regard to the criminal proceedings dependent on the controller waiving the assertion of subsequent claims. However, this does not constitute a corresponding declaration of acceptance, but rather, if at all, an amending acceptance, which, according to Section 150(2) of the German Civil Code (BGB), is considered a rejection of the offer combined with a new application. This, in turn, was undisputedly rejected by the data subject.
There is no contractual relationship between the parties, but solely between the controller and its contractual partners to whom it provides credit information.
c) Finally, the controller would not have committed a culpable breach of duty. This would not be the controller's responsibility since, on the one hand, the failure to provide information was based on an objective reason (justification), and, on the other hand, the data subject bears predominant contributory negligence, as described above.
3. Article 3 of the Basic Law (Grundgesetz - GG) cannot be used to derive a right to information (with the consequence of a claim for damages) in this case because, as explained, the controller excluded the data subject (from providing information) for an objective reason. Whether the data subject suffered compensable damages is therefore irrelevant.
Comment
This judgement interestingly does not consider Article 15 GDPR (right of access). It would be interesting to see if this is made an issue in an appeal.
II. The parties have unanimously declared the first claim to be settled, so that the Chamber, pursuant to Section 91a(1) of the Code of Civil Procedure, only has to decide on the costs, taking into account the current facts and circumstances of the case. This means that, due to the immediate termination of the lis pendens at the time when both parties' declarations of settlement become effective, the taking of evidence on the merits is, in principle, no longer an option, and the decision on costs must be summarily examined to determine whether the action would likely have been successful at the time of the terminating event.
According to these principles, the costs relating to claim 1.) must be imposed on the data subject.
As already explained in detail under section I., the data subject did not have a right to information, which was asserted with claim 1.) If not settled, the claim would therefore have been dismissed without taking evidence. Therefore, it is reasonable to impose the costs on the data subject in this regard.
Further Resources
Share blogs or news articles here!
English Machine Translation of the Decision
The decision below is a machine translation of the German original. Please refer to the German original for more details.
Claim for damages due to the failure to communicate a score value to a third party Guiding Principle On the concept of data in Art. 20 (1) GDPR Guiding Principle According to Art. 20 (1) GDPR, the data subject's right to data portability is limited to the personal data concerning them that they have provided to a controller. Therefore, within the scope of Art. 20 (1) and (2) GDPR, the data must be data that the plaintiff has made available to the defendant. However, the defendant's data to be disclosed is undisputedly not data that the plaintiff has made available, but rather data that the defendant has received from contractual partners or collected itself. Opinion 1. The action is dismissed. 2. The plaintiff shall bear the costs of the legal action. 3. The judgment is provisionally enforceable against the provision of security in the amount of 110% of the amount to be enforced. 4. The value in dispute is set at €7,500.00. Facts The plaintiff requests that the defendant transmit his personal data, and in particular the current score calculated by the defendant based on his stored personal data, to third parties, in particular Bank 1 eG and Bank 2 AG, in accordance with Article 20 (2) GDPR, as well as non-material damages for the refusal to transmit data to the aforementioned third parties in accordance with Article 82 GDPR. The defendant is a joint institution of the German credit-providing industry. It operates a database containing information relevant for assessing creditworthiness. Its contractual partners provide it with information relevant to the database from their business relationships with their customers. The defendant stores this information as entries in its database in order to be able to provide information to its contractual partners. The defendant temporarily suspended the provision of information regarding the plaintiff's data to third parties in light of the plaintiff's filing a criminal complaint against the defendant in April 2023 for allegedly unlawful storage of payment defaults and allegedly criminal conduct by its employees. The public prosecutor's office therefore opened proceedings and heard the defendant on the allegations in June/July 2023. The plaintiff apparently classified the defendant's data processing as unlawful and ultimately even criminally relevant. Due to the fact that the hearing by the public prosecutor's office had already taken place approximately a year ago, the defendant, in its defense of June 7, 2024, declared, without acknowledging any legal obligation, that it would again provide information about the plaintiff. It has therefore temporarily lifted the block on the plaintiff's data. Since the defendant has now released the plaintiff's data again, it would again provide information in the event of a request from Bank 2 AG or Volksbank Bank 1 eG. The criminal proceedings initiated by the plaintiff against the defendant were discontinued on August 7, 2023, pursuant to Section 170 (2) of the Code of Criminal Procedure (StPO). The public prosecutor's office notified the plaintiff of this in a letter dated August 7, 2023. The plaintiff never informed the defendant of the discontinuation of the criminal proceedings, in particular not before filing the lawsuit. The defendant only learned of the discontinuation of the criminal proceedings during the ongoing civil proceedings through inspection of the files after the defense had been filed. In a letter dated September 20, 2023, the defendant informed the plaintiff that it would not disclose his data set again until he gave his written consent to waive any subsequent claims that might arise from the score calculation (damages/compensation for pain and suffering). The plaintiff did not make such a declaration. The plaintiff claims that due to the plaintiff's refusal to disclose the data it had collected about him to banks and other contractual partners, these banks are refusing to enter into contracts with the plaintiff. Among other things, he wanted to increase the loan amount of his loan agreement, which was not possible due to the defendant's refusal to provide information to the bank. A further loan agreement with Bank 2 AG was rejected by the bank because the defendant did not provide any information. The extension of his existing loan agreement with Bank 1 eG is also at risk. Thus, as long as the defendant refuses to provide information to third parties, the plaintiff is currently no longer able to enter into continuing obligations or pay by invoice. He believes that the defendant has breached its duty to disclose data directly to third parties and that he is therefore entitled to information and transmission of the data in accordance with Article 20 (2) GDPR. The plaintiff is of the opinion that the legality of the processing pursuant to Article 6 (1a) and (1f) GDPR, on which the defendant relies, also simultaneously constitutes an obligation of the authorized party towards the data subject, and in this case the plaintiff, to request information about his data and to instruct the transmission of this information directly to third parties. The defendant is therefore also obligated, for this reason, to provide information about his personal data to third parties upon the plaintiff's instruction; otherwise, the defendant would, conversely, have no right to process the data pursuant to Article 6 (1a) and (f) GDPR. By consenting to the processing of data and accepting the consent by the defendant pursuant to Article 6 (1a) GDPR, a contract for agency services within the meaning of Section 675 of the German Civil Code (BGB) is simultaneously concluded between the parties. Because the defendant unlawfully failed to provide information to third parties, in particular to Bank 1 eG and Bank 2 AG, contrary to the provisions of Article 20 GDPR, it is obligated to pay damages to the plaintiff pursuant to Article 82 GDPR. The plaintiff also suffered damages because he was unable to obtain a loan agreement due to the lack of information, and the extension of his existing loan agreement was jeopardized. The refusal to process the data and the refusal to provide information constitute a serious violation of Article 83 (2) GDPR and also justify non-material damages of at least €2,500.00 as a sanction. The plaintiff requests that: 1. the defendant be ordered to provide Bank 1 eG (…) and Bank 2 AG (…) with information about the plaintiff's data stored by the defendant, in particular the stored score values, and to transmit the data to Bank 1 eG; 2. To order the defendant to pay the plaintiff reasonable damages for pain and suffering in the amount of at least €2,500.00, plus interest thereon at a rate of 5 percentage points above the respective base interest rate since the commencement of proceedings; 3. To order the defendant to pay the plaintiff the pre-trial legal fees claimed as an ancillary claim in the amount of €800.39, plus interest thereon at a rate of 5 percentage points above the respective base interest rate since the commencement of proceedings. At the oral hearing on December 17, 2024, the plaintiff declared the first claim to be settled (page 150 of the file). The defendant has consented to the settlement. The defendant requests that the action be dismissed, unless it has been declared settled. The defendant denies that the plaintiff suffered non-material damages as a result of the "refusal to transmit data" to third parties, particularly with regard to information provided to Bank 1 eG and Bank 2 AG. Furthermore, the defendant denies, on the grounds of ignorance, that the plaintiff suffered causal damages as a result of the defendant's failure to provide information. The plaintiff overlooks the fact that the defendant did not provide him with inaccurate or "negative" information. The defendant simply did not provide any information about the plaintiff at all. It is unclear how the plaintiff could have suffered causal damages as a result of this. Even if potential contractual partners had refused to enter into credit-related agreements with the plaintiff, the corresponding damages would not have been caused by the defendant or by the information it failed to provide. The defendant is of the opinion that the plaintiff never had a right to demand that the defendant provide information to third parties. There is a lack of a suitable basis for this claim. As the controller within the meaning of the GDPR, the defendant alone decides whether and how personal data is processed. As data subjects, the plaintiffs are exclusively and conclusively entitled to the data subject rights under Chapter III of the GDPR (Articles 12 to 22 GDPR). Since the provisions of the GDPR are fundamentally prohibitive provisions subject to permission, data subjects can restrict the use of their data but cannot demand the active processing of their data. The plaintiff is demanding that the defendant carry out a completely "new" processing activity against their will in the form of providing new information. Chapter III of the GDPR does not provide for such a claim. A claim under Article 20 (2) in conjunction with (1) GDPR is also excluded because the plaintiff did not personally provide the personal data concerning him to the defendant. Furthermore, the defendant's data processing in connection with its database is not based on consent or a contract, but on overriding legitimate interests pursuant to Article 6 (1) (f) GDPR. This does not change simply because the plaintiff unilaterally granted the defendant "the right" to process "this data" in a letter from his lawyer dated October 12, 2023 (see Exhibit K 2). Furthermore, this blanket declaration, which is in no way specified in terms of content, does not constitute effective consent under data protection law pursuant to Article 6 (1) (a) GDPR. A contractual relationship never existed between the parties, in particular, no agency agreement. The defendant never made a corresponding declaration of intent. Since there is no right to disclosure by the defendant to third parties, the violation of the GDPR required for a claim for damages under Article 82 GDPR is already lacking. Finally, however, the defendant can also exculpate itself under Article 82(3) GDPR. The defendant is not at fault, because, based on the relevant case law, it was entitled to assume that it had lawfully blocked the plaintiff's data. With regard to the criminal proceedings and the plaintiff's failure to notify them of their discontinuation, the plaintiff is also at least partially at fault, which excludes damages. If the plaintiff had informed the defendant of the discontinuation of the investigation in the pre-trial correspondence, the defendant could have taken this into account in its decision to resume the disclosure of the plaintiff's data. Finally, the refusal to provide information during the ongoing criminal proceedings was in any case based on objective grounds. Furthermore, for a description of the facts and the dispute, reference is made to the exchanged written submissions and attachments, as well as the minutes of the oral hearing of December 17, 2004 (pages 149-151 of the file). Reasons for the Decision The action is admissible but unfounded. I. The second claim, which is still pending, is unfounded. 1. The plaintiff is not entitled to damages under Article 82 (1) GDPR. a) The prerequisite for a claim for damages under Article 82 (1) GDPR is a violation of the GDPR. This is already lacking. In the present case, a violation is only conceivable insofar as the defendant may have failed to provide credit information concerning the plaintiff to third parties upon request. Therefore, the GDPR would give rise to a claim for the plaintiff to disclosure of information, which the defendant would have failed to fulfill in breach of duty. However, the plaintiff has no right to demand that the defendant provide credit information about him to third parties. The GDPR does not give rise to any claims for the plaintiff within the meaning of the applications submitted. The plaintiff ultimately requests that the defendant (re)start processing personal data in the form of scoring or the transmission of credit-relevant information. This is a claim related to data processing. In this regard, however, the plaintiff is only entitled to the data subject rights under Chapter III of the GDPR. However, there, data subjects can only request that a data controller (here, the defendant) carry out data processing to the extent that inaccurate personal data is rectified (Article 16 GDPR), personal data is erased (Article 17 GDPR), former recipients of personal data are informed of a rectification, erasure, or restriction of processing of personal data (Article 19 GDPR), or personal data is made available for transfer under certain circumstances (Article 20 GDPR), see Higher Regional Court of Frankfurt, judgment of October 31, 2024, 6 U 127/24; Regional Court of Wiesbaden, judgment of April 5, 2024, 2 O 35/24. The only conceivable claim here is based on Article 20 (2) GDPR, which is the legal basis on which the plaintiff also relies. However, contrary to the plaintiff's view, the requirements for this are not met. While the plaintiff, as a data subject, has the right under Art. 20 (2) GDPR to obtain that personal data be transmitted directly from one controller (the defendant) to another controller (here, the plaintiff's contractual partner), this right is limited, according to the standard, to the exercise of the right to data portability under Art. 20 (1) GDPR. However, according to Art. 20 (1) GDPR, the data subject's right to data portability is limited to the personal data concerning them that they have made available to a controller. Therefore, within the scope of Art. 20 (1) and (2) GDPR, the data in question must have been made available to the defendant by the plaintiff. However, it is undisputed that the defendant's data to be disclosed is not data that the plaintiff made available to it, but rather data that the defendant received from contractual partners or collected itself. Therefore, the prerequisites for this claim are not met. Further legal bases in the GDPR are not relevant. b) Even if, contrary to the Chamber's legal opinion, a violation of the GDPR and a resulting claim for damages or compensation for pain and suffering were to be assumed on the merits, this would nevertheless fail because the plaintiff's predominant contributory negligence in ceasing to provide information would preclude the claim. In addition to the exculpation pursuant to Art. 82 (3) GDPR, contributory negligence of the entitled party pursuant to Section 254 of the German Civil Code (BGB) must also be taken into account (cf. BeckOK DatenschutzR/Quaas, 50th Ed. 1 August 2024, GDPR Art. 82 para. 22, beck-online). Art. 82 GDPR is an independent tort claim that is subject to the general national liability regime of the German Civil Code (BGB) within the framework of the principle of effectiveness. In addition, the provision of contributory negligence pursuant to Section 254 of the German Civil Code (BGB) must be considered in particular (cf. Quaas, op. cit. with further references, para. 10, beck-online). The defendant has suspended further disclosure due to the criminal proceedings initiated against the defendant by the plaintiff. The plaintiff's contributory negligence, which excludes any claim for damages, is to be seen in the fact that, on the one hand, the plaintiff subjected the defendant to unjustified criminal proceedings, which gave the defendant a legitimate interest (objective reason) in temporarily suspending disclosure to prevent any further criminal offenses and damages. On the other hand, the contributory negligence is to be seen in the fact that the public prosecutor's office had already notified the plaintiff on August 7, 2023, of the discontinuation of the criminal proceedings pursuant to Section 170 (2) of the Code of Criminal Procedure (StPO). The plaintiff did not inform the defendant of this, but rather left it unaware of it and filed the present lawsuit. Had the plaintiff informed the defendant of the discontinuation of the criminal proceedings at that time, it can be assumed that the defendant would have resumed providing information at that time. This is precisely what the defendant did during the course of this proceedings. The plaintiff would therefore have had the power to initiate an earlier continuation of the disclosure of the defendant's electronic data records relating to him. Therefore, the plaintiff's contributory negligence is so serious in this case that no negligence on the part of the defendant can be assumed. As explained, the defendant had a factual reason for the temporary discontinuation of information (see also Higher Regional Court of Frankfurt, judgment of October 31, 2004, 6 U 127/24, para. 29 – beck-online). c) Most recently, during the ongoing criminal proceedings, the defendant was also permitted to make further disclosure dependent on a clear, comprehensive, and legally effective waiver of claims for damages (cf. Higher Regional Court of Frankfurt, loc. cit., para. 30). However, the plaintiff rejected such a waiver. 2. The claim cannot be derived from an alleged breach of duty under an agency agreement existing between the parties. a) National grounds for claims are already excluded due to the primacy of the GDPR. Claims for damages and claims for injunctive relief under national law, insofar as they are based on violations of rules on the processing of personal data and other provisions of the GDPR, do not apply because the provisions of the GDPR constitute a conclusive, fully harmonizing European regulation (BeckOK DatenschutzR/Wolf/Brink DSGVO Introduction para. 19). Due to this primacy of application of data protection law, which has been conclusively harmonized throughout the EU, a claim cannot be based on provisions of national German law (Federal Constitutional Court NJW 2020, 314 = GRUR 2020, 88 para. 64 – Right to be Forgotten II, with further references). (Higher Regional Court of Frankfurt, 16 U 22/22, judgment of March 30, 2023; GRUR 2023, 904 para. 50, beck-online). b) Furthermore, no agency agreement was concluded between the parties. The constitutive elements of a matching offer and acceptance are already missing. The unilateral declaration made by the plaintiff, as per Exhibit K2, that he had expressly granted the defendant the right to process this data can only be considered as consent under data protection law pursuant to Article 6 (1) (a) GDPR if necessary. Furthermore, the defendant never made a corresponding declaration of intent related to the conclusion of a contract. Rather, in a letter dated October 20, 2023 (Exhibit K3), the defendant made the provision of information with regard to the criminal proceedings dependent on the defendant waiving the assertion of subsequent claims. However, this does not constitute a corresponding declaration of acceptance, but rather, if at all, an amending acceptance, which, according to Section 150 (2) of the German Civil Code (BGB), is considered a rejection of the offer combined with a new application. This, in turn, was undisputedly rejected by the plaintiff. There is no contractual relationship between the parties, but solely between the defendant and its contractual partners to whom it provides credit information. c) Finally, the defendant would not have committed a culpable breach of duty. This would not be the defendant's responsibility under Section 280 (1) Sentence 2 of the German Civil Code (BGB), since, on the one hand, the failure to provide information was based on an objective reason (justification), and, on the other hand, the plaintiff bears predominant contributory negligence, as described above. 3. Article 3 of the Basic Law (GG) cannot be used to derive a right to information (with the consequence of a claim for damages) in this case because, as explained, the defendant excluded the plaintiff (from providing information) for an objective reason. Whether the plaintiff suffered compensable damages is therefore irrelevant. The second claim was therefore dismissed. II. The parties have unanimously declared the first claim to be settled, so that the Chamber, pursuant to Section 91a (1) of the Code of Civil Procedure, only has to decide on the costs, taking into account the current facts and circumstances of the case. This means that, due to the immediate termination of the lis pendens at the time when both parties' declarations of settlement become effective, the taking of evidence on the merits is, in principle, no longer an option, and the decision on costs must be summarily examined to determine whether the action would likely have been successful at the time of the terminating event. According to these principles, the costs relating to claim 1.) must be imposed on the plaintiff. As already explained in detail under section I., the plaintiff did not have a right to information, which was asserted with claim 1.) If not settled, the claim would therefore have been dismissed without taking evidence. Therefore, it is reasonable to impose the costs on the plaintiff in this regard. III. Since the principal claims do not exist or did not exist, the accessory claim for reimbursement of pre-trial legal fees (claim 3.) must also be dismissed. IV. The decision regarding costs is based on Section 91a of the Code of Civil Procedure (ZPO) (see section II. above) with regard to claim 1.) and otherwise on Section 91 of the Code of Civil Procedure. The decision on provisional enforceability follows from Section 709, Sentences 1 and 2 of the Code of Civil Procedure and, with regard to the determination of the value in dispute, from Sections 3-5 of the Code of Civil Procedure and Section 63, Paragraph 2, Sentence 1 of the Law on Civil Procedure.
