OLG Koblenz - 5 U 2141/21

From GDPRhub
OLG Koblenz - 5 U 2141/21
Courts logo1.png
Court: OLG Koblenz (Germany)
Jurisdiction: Germany
Relevant Law: Article 82 GDPR
Article 6 GDPR
§ 287(1) ZPO
Decided: 22.05.2018
Published:
Parties: Unknown customer
Unknown mobile phone company
National Case Number/Name: 5 U 2141/21
European Case Law Identifier: ECLI:DE:OLGKOBL:2022:0518.5U2141.21.00
Appeal from: LG Koblenz
12 O 59/21
Appeal to: Unknown
Original Language(s): German
Original Source: landesrecht.rlp.de (in German)
Initial Contributor: n/a

The Higher Regional Court of Koblenz rejected the notion of a de minimis limit under Article 82 GDPR and held that a data subject can also claim compensation for minor damages, in the present case €500, because the controller unlawfully reported a payment default to a credit rating agency.

English Summary

Facts

The data subject concluded a mobile phone contract with the controller on 25 September 2018. The contract gave the data subject the option to change her payment plan in the fourth to the sixth month of the contract in exchange for a contractual extension of another 24 months, which the defendant took on 27 December 2018. On the same day she received an affirmative response from the controller which stated that her "present payment plan will be cancelled on 27 December 2020". On 6 January 2019, the data subject sent the controller a letter stating that she is exercising her right to withdraw from the contract within 14 days after the contract (Article 9 Consumer Rights Directive). From 11 February 2019 until 10 July 2019 the controller invoiced her several times. The data subject did not pay these invoices. On 16 September 2019 the controller arranged an out-of-court SCHUFA entry against the data subject. On 27 September 2019, the controller commissioned the deletion of the entry by the SCHUFA. However, only after instructing the SCHUFA a second time to delete the entry, the entry was finally marked as to be deleted on 19.07.2021. As a result of the entry, the data subject was denied a loan on the 26 March 2020 and on 29 December 2020 a loan was only granted on the condition that the entry is erased.

Because of the oustanding invoices, the controller initiated court proceedings against the data subject arguing that the data subject was bound by the contract and did not have a right to withdraw from the contract, because the change of the payment plan was a mere alteration of the original contract and not a new replacing contract. The data subject, on the other hand, argued that it was indeed a new contract which replaced the old one so she had a fourteen day period to withdraw from the contract under the respective German provision of Article 9 Consumer Rights Directive. Furthermore, the data subject filed a counterclaim against the controller demanding damages in the amount of €6000 under Article 82 GDPR for the unlawful arrangement of the SCHUFA entry as well as demanding that the controller informs the SCHUFA that the requirements for the registration of default were not met and that all data communicated to the SCHUFA are to be permanently deleted in such a way that no indication of a record remains.

The court of first instance - the Regional Court of Koblenz (Landgericht Koblenz - LG Koblenz) ruled in favor of the controller and denied the counterclaim entirely. The court argued that the change of the payment plan did not constitute a new replacing contract and the data subject failed to prove that it suffered (non-material) damages from the entry at the SCHUFA.

The data subject appealed this decision. In the course of the appeal, she replaced her second counterclaim demanding now that the controller ensures and proves that all personal data of her reported to the SCHUFA has been completely and permanently deleted so that no indication of a record remains with the SCHUFA.

Holding

The Higher Regional Court of Koblenz (Oberlandgesgericht Koblenz - OGL Koblenz) rejected the claim of the controller, granted the data subject damages in the amount of €500 but denied the second counterclaim as to the proof of the deletion of the data.

The Higher Regional Court held that the controller's claim missed a legal basis because the data subject legitimately withdrew from the contract. The court concluded that, from an objective point of view, the option to change the payment plan constituted an offer to cancel the old contract and to conclude a new contract. It, therefore, reasoned that the change of the payment plan by the parties was a cancellation of the old contract and the conclusion of a new contract, giving the data subject the right to withdraw from the contract within 14 days under the respective German provision of Article 9 Consumer Rights Directive. It found that the controller itself was responsible for giving the data subject a new possibility to withdraw from the contract because of its business conduct of attracting customers with short term contracts and then inducing them to conclude long term contracts.

As to the question of damages, the court held that the controller violated Articles 5 and 6 GDPR by arranging the SCHUFA entry and, resulting from this, the data subject suffered non-material damages. The court reasoned that the controller was not allowed to register the alleged outstanding payments with the SCHUFA, since they were contested by the data subject, and, therefore, the data subject's interest in the non-publication overrode the interest of the controller (editor's note: compare § 31(2) BDSG). The court further assessed the requirements of Article 82 GDPR in length. It established that the Article 82(1) GDPR requires the data subject to have suffered material or non-material damages but that the term damages is to be construed broadly as laid down in sentence 3 of Recital 146. The court concluded that the gravity of the damages suffered by the data subject don't need to surpass any minimum limit (de minimis limit), since the wording of Article 82(1) GDPR does not lay down such a requirement and there is no need for one, because the gravity of the damages is to be considered when determining the amount of damages to be awarded. In detail, the court laid down that a data subject already suffers non-material damages when having an uneasy feeling of uncertainty as to whether personal data has become known to unauthorised persons. The court listed as examples for non-material damages: anxiety, stress as well as loss of comfort and time, potential stigmatisation, discrimination, reputational damage or loss of confidentiality as a result of a negative entry with a credit rating agency, irrespective of whether the entry was communicated to a third party. It rejected the notion that a data subject must show a special non-material interest beyond the annoyance or other emotional harm caused by the violation, like exposure, identity theft, disclosure of sensitive information or other serious harm to the self-image or reputation. The court further held that Article 82 GDPR has a compensatory, satisfactory and general preventive function which are to be taken account when determining the amount of the damages. Regarding the general preventive function, the court held that the notion of damages under Article 82 GDPR is not of punitive nature and is not to be mixed with penalties under Article 84 GDPR, but it intends to establish a high level of protection of data subjects so that future damages are prevented from occurring. However, the court also noted that the general preventive function should not be overstretched so that companies no longer report defaults to Schufa at all, since the reporting is also in the interest of the data subjects to prevent them from getting deeper into debt. When considering the facts of the case under the aforementioned deliberations, especially the difficulties which the data subject had to endure until she received a loan, the court came to the conclusion that the data subject had suffered non-material damages and that an amount of €500 is adequate compensation.

On the second counterclaim, the court held that it was already inadmissible, because the procedural requirements for the alteration of a claim during appeal proceedings were not met. Moreover, it found that the counterclaim missed a legal basis because the controller had no influence on the SCHUFA and, therefore, could not legally compel it to delete the data. It further reasoned that the controller took every reasonable step to ensure that the inaccurate data is being erased under Article 5(1)(d) GDPR.

Lastly, the court allowed the appeal of its judgement to the Supreme Court (Bundesgerichtshof - BGH) in relation to the damages and assumed that there is a need and an obligation of the Supreme Court to refer the case to the ECJ.

Comment

Since an appeal to the Federal Court of Justice (which would have to refer to the ECJ) is admissible, it has not yet been clarified whether a de minimis limit for compensation under Article 82 of the GDPR is to be expected in Germany. Nevertheless, this is the first time that a higher court has suggested that there is a de minimis limit. The court's argumentation is conclusive from the perspective of both the data subject and the controller. Article 82 GDPR should adequately compensate the data subject, but should not force the controller to go out of business because of individual violations.

The view that damages also serve a general preventive purpose is not in line with "normal" German tort law. German courts have often highlighted that damages only serve the purpose of adequately compensating the injured party and not punishing the perpetrator. The notion of "general preventive purpose" is rather linked to criminal law than civil law in Germany. German law rejects the concept of punitive damages.

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the German original. Please refer to the German original for more details.

[Provisional note by the Documentation Centre of the Federal Court of Justice: The court states that the appeal has been admitted and that it is assumed that there is an obligation to refer the case to the ECJ in the last instance (margin note 116).]

Tenor

1	On appeal by the defendant, the judgment of the Regional Court of Koblenz of 29.10.2021, 12 O 59/21 is amended and restated as follows:

a) The action is dismissed.

b) On the counterclaim, the plaintiff is ordered to pay the defendant € 500 less the amount of € 54.74 recognised on the claim, thus € 445.26 plus interest in the amount of 5 percentage points above the respective base rate since 19 January 2021 (lis pendens).

In all other respects, the counterclaim is dismissed as inadmissible with regard to claim Number 2 and as unfounded with regard to claim Number 1.

2. The plaintiff shall bear 16% and the defendant 84% of the costs of the legal proceedings.

3. The value of the appeal proceedings is set at €6,542.00

4. The judgment is provisionally enforceable. The parties may avert the enforcement of the respective other party against security in the amount of 110% of the enforceable contract, unless the enforcing party first provides security in the same amount.

5. The appeal is admitted insofar as the Senate has decided on the counterclaim under Number 1.


Facts


I.

(1) The parties are in dispute about payment claims arising from a mobile telephone contract and, in opposition, about a claim for damages under Article 82 of the GDPR.

(2) On 25 September 2018, the defendant concluded a mobile telephone contract with the designation "...[A1]" with the telephone number ...7 and the card number ...8 at a monthly basic price of € 79.95 from the fifth month onwards in a branch of the plaintiff, a telecommunications company (Annex K2). The contract gave the defendant the option to order a tariff change in the period from the fourth to the sixth month of the contract as part of a contract extension of a further 24 months, which the defendant did on 27 December 2018. The tariff change was made to the contract type "...[A2]" at a monthly basic fee of € 36.95 gross (net: € 31.05, cf. Annex B1). This contract was concluded between the parties in writing and came into effect through the plaintiff's order confirmation of 27.12.2018. The order confirmation (Annex B1) states inter alia:

(3) "Your previous tariff ...[A1] with all inclusive services will cease to apply as of 27.12.2018".

(4) By letter dated 06.01.2019, the defendant revoked the contract of 27.12.2018 (Annex B2) vis-à-vis the plaintiff. In the period from 11.02.2019 to 10.07.2019, the plaintiff issued various invoices to the defendant (Annex K1), which were not settled by the defendant. The defendant subsequently claimed that it had revoked the contract and was therefore not obliged to pay (Annex B3). On 16.09.2019, the plaintiff arranged for an out-of-court SCHUFA [Editor's note: Germanys largest Credit Reporting Agency] entry to be made against the defendant. On 27.09.2019, it ordered the deletion of the entry.

(5) After the defendant still did not settle the claim, the plaintiff applied on 24.01.2020 for an order to pay the claim, which was issued on 27.01.2020 and served on the defendant on 29.01.2020. The defendant subsequently objected on 31.01.2020. The defendant subsequently objected in due form and time on 31.01.2020, whereupon the proceedings were transferred to the Local Court on 20.11.2020 and, after the counterclaim had been filed, were referred to the Regional Court.

(6) The plaintiff claims that the existing contract was not effectively revoked or otherwise terminated. The SCHUFA entry had already been deleted again on 07.10.2019. It disputes the grounds and amount of the claim for damages asserted by the defendant in opposition. The defendant did not suffer any damage as a result of the accidental notification to SCHUFA.

(7) At first instance, the plaintiff requested,

(8) 1. order the defendant to pay it €542.00 plus interest of five percentage points above the base rate since 18 September 2019 as well as €20.60 in ancillary costs;

(9) 2. order the defendant to pay to it €124.00 in extrajudicial legal costs, together with interest thereon at a rate of five percentage points above the base rate from the date of the lis pendens.

(10) At the hearing at first instance, the defendant finally requested that the court

(11) 1. dismisses the action,

(12) 2. counterclaiming, that the plaintiff be ordered to

(13) a) to pay to the plaintiff a partial amount of € 6,000 of the appropriate non-material damages pursuant to Art. 82 DSGVO, plus interest of five percentage points above the base interest rate since the service of the counterclaim;

(14) b) to inform SCHUFA ... that the preconditions for the registration of personal data and a default of payment of the defendant in the amount of € 562 did not exist and that all data communicated to SCHUFA by the plaintiff and concerning the defendant are to be permanently deleted in such a way that no reference to an entry remains.

(15) In this respect, the plaintiff requested that the court

(16) dismisses the counterclaim.

(17) The defendant counters the action with the view that the revocation of the contract of 27.12.2018 necessarily also covered the contract of 25.09.2018, if that contract still existed at all. The contract of 25.09.2018 had been replaced by the contract of 27.12.2018. The latter was a completely new and independent contract. The plaintiff had unlawfully obtained the SCHUFA entry on this basis to its detriment and was therefore obliged to pay it damages. The unauthorised disclosure of data was capable of significantly reducing her creditworthiness and making her participation in economic life more difficult. On 26 March 2020, her bank had suspended loan negotiations on the grounds that the granting of the loan was currently prevented by a negative entry in SCHUFA. Even at the end of 2020, the entry had still not been deleted, and the credit approval had only been granted subject to the reservation that the entry would be cleared. The defendant also had to fear negative consequences for online transactions. The plaintiff had done nothing to avoid or reduce the damage; it had grossly violated its supervisory duties in deleting the entry. Against this background, the plaintiff was entitled to a non-material claim for damages in an appropriate amount. With regard to the invoices issued by the plaintiff for the data tariff "...[B]", the defendant declared a set-off with the claim for damages asserted by it in the amount of €54.74, which it acknowledged. In the event that the action was further justified, the defendant alternatively declared the set-off with the further claim for damages asserted by it.

(18) On 5 October 2021, after the conclusion of the oral proceedings at first instance on 26 July 2021, the defendant declared the counterclaim under 2 b) to be settled, extended the counterclaim to SCHUFA ... as third party defendant and requested that the plaintiff and the third party defendant be ordered jointly and severally to pay to the plaintiff a partial amount of € 7,000 of the appropriate non-material damages pursuant to Article 82 of the GDPR, plus interest of five percentage points above the base rate from the date of service of the counterclaim and third-party counterclaim.

(19) With regard to the further submissions made at first instance and the motions filed at first instance, reference is made to the facts of the contested decision of 29 October 2021 (p. 123 et seq. e-court file of the Regional Court).

(20) The Regional Court ordered the defendant to pay € 543 - instead of the requested € 542 - plus interest as well as € 20 - instead of the requested € 20.60 - incidental costs and to pay € 124 for the extrajudicial legal costs plus interest; the Regional Court dismissed the counterclaim as unfounded. The claim follows in any case from section 611(1) of the German Civil Code (Bürgerliches Gesetzbuch - BGB) in connection with the telecommunications contract concluded between the parties on 25 September 2018. Whether and when the defendant's letter of revocation of 06.01.2019 had been received by the plaintiff was irrelevant, as it was undisputed that it had expressly referred exclusively to the contract concluded between the parties by the plaintiff's order confirmation of 27.12.2018, which was not to be regarded as a completely new contract by which the contract of 25.09.2018 would have been cancelled. Moreover, the defendant had at most been entitled to a right of cancellation with regard to this contract of 27 December 2018. The ancillary claims asserted by the plaintiff were also justified in the amount requested. The counterclaim was unfounded, as the defendant was not entitled to damages against the plaintiff pursuant to Art. 81(1) GDPR (correctly: Art. 82(1) GDPR). The plaintiff had indeed violated an obligation under Articles 5 and 6 of the Regulation as a result of the unlawful transfer of data to SCHUFA ... the plaintiff had breached an obligation under Articles 5, 6 in conjunction with Article 4 no. 2 of the Regulation. However, the defendant had not sufficiently substantiated that it had suffered non-material damage within the meaning of § 253 of the German Civil Code (Bürgerliches Gesetzbuch - BGB), which the chamber had to assess pursuant to § 287 (1) sentence 1 of the German Code of Civil Procedure (Zivilprozessordnung - ZPO). The plaintiff had directly arranged for everything to be done to correct the breach of duty and had not been able to see that this had not been directly implemented by the credit agency. According to the nature, severity, duration and extent of the breach, non-material damage could not otherwise be identified. In the absence of sufficient evidence of a causal cause of non-material damage by the plaintiff, the defendant was also not entitled to damages on the basis of another basis for a claim. The third-party counterclaim filed after the end of the oral proceedings as well as the amendment to the complaint filed at the same time were inadmissible and therefore not to be taken into account in the reasons for the judgment. For further details of the grounds, reference is made to the contested decision of 29.10.2021, p. 123 et seqq. of the e-court file of the Regional Court.

(21) The defendant contests this in its appeal. The contested judgement is already based on an infringement of the requirement of the lawful judge. The findings of the Regional Court with regard to the claim are also incorrect. The plaintiff was not in fact entitled to any contractual claim. The rules on the burden of proof were incorrectly applied, in particular the prima facie evidence claimed by the plaintiff was not taken into account. The Regional Court found that the plaintiff had violated Articles 5, 6 in conjunction with 4 No. 2 of the GDPR and breached its obligations under Section 31 of the BDSG and thus confirmed a claim for damages on the merits. However, the Regional Court then incorrectly assumed that the claim for damages lacked a basis because it examined Article 81 of the GDPR, but not the actually relevant Article 82 of the GDPR. The claims asserted in the counterclaim under Article 82 of the GDPR were confirmed on the merits by both the Regional Court and the BfDI (Federal Commissioner for Data Protection and Freedom of Information). With regard to the amount of appropriate damages, which depend on the type, severity and duration of the data breach as well as the circumstances of its occurrence, the defendant had sufficiently presented its case in the first instance submission of 7 July 2021. The plaintiff had not complied with its increased duty of care to ensure that an erroneously registered SCHUFA entry was removed without residue, as the execution of the deletion order had not been monitored. The damaging negative entry had been deleted on the date of the hearing on 26 July 2021, but not without residue, as it turned out on 27 January 2022, which is why another application for removal had become necessary. The negative entry was still visible at Sparkasse ...[Z], which was presumably due to the still active settlement account of the plaintiff. The Regional Court's statements on the claim for damages under Article 82 of the GDPR were wrong. Insofar as the Regional Court denied the occurrence of damage, it failed to recognise the scope and the compensatory function of Art. 82 GDPR and the requirements for the occurrence of damage. The Regional Court erred in not taking into account the temporal connections (deletion request already two weeks after the erroneous entry, but final deletion only on 19 July 2021), because it assumed that the plaintiff could not be blamed for the misconduct of SCHUFA ..., which did not execute the deletion request or only in July 2021. This assumption is wrong, as Article 82 of the GDPR establishes joint and several liability of the controller and processor pursuant to Section 426 of the German Civil Code (Bürgerliches Gesetzbuch - BGB), whereby they form a liability unit and, consequently, fault must also be attributed. For further details, please refer to the statement of grounds of appeal dated 31 January 2012, p. 22 et seq. of the e-court file.

(22) In its appeal, the defendant seeks to have the judgment of the Regional Court of Koblenz of 29.10.2021, 12 O 59/21, varied and to have

(23) 1. dismiss the action

(24) and, in the alternative, to order the plaintiff,

(25) 1. to pay to the plaintiff a partial amount of € 6,000 of the reasonable non-material damages pursuant to Art. 82 of the GDPR, at the discretion of the court, plus interest of 5 percentage points above the respective base rate thereon from the date of the lis pendens;

(26) 2. to ensure and prove to the defendant that all personal data of the defendant reported by the plaintiff to SCHUFA ... has been completely and permanently deleted, so that SCHUFA ... no evidence of an entry remains.

(27) The plaintiff requests that

(28) dismiss the appeal.

(29) It defends the contested judgment in relation to the action, repeating and expanding on its submissions at first instance. There is no infringement of the requirement to be a legal judge.

(30) There is no violation of the requirement of the statutory judge; a possible fundamental importance of the matter only arose shortly before the hearing at first instance, as essential parts of the subject matter of the proceedings were only presented at that time. The plaintiff considers the counterclaim under 2 and the counterclaim under 3 to be inadmissible for various reasons; in any case, the defendant was precluded from bringing these claims at second instance. It was also precluded by its complaint of a breach of data by passing on its data to the debt collection company ...[E], which was otherwise admissible. With regard to the counterclaim, the Regional Court erred in affirming a claim on the merits, but correctly relied on the fact that the defendant had not substantiated any damage it had suffered. In any case, the defendant had not suffered any damage as a result of the registration of its data.

(31) For further details, reference is made to the statement of defence of 22.03.2022, p. 93 et seq. of the e-court file.

(32) With regard to the further submissions of the parties in the appeal instance, reference is made to the pleadings exchanged in the appeal proceedings as well as the minutes of the oral hearing of 4 May 2022.


Reasons for decision


II.


(33) The admissible appeal of the defendant is well-founded with regard to the action, well-founded on the merits with regard to the counterclaim in counterclaim 1), but largely unfounded as to the amount. The counterclaim is inadmissible with regard to counterclaim 2).


(34) A. Withholding the legal judge


(35)	However, the defendant's complaint that the judgment is based on a violation of the requirement of the lawful judge, Article 101.1 sentence 2 GG, § 16 GVG, remains unsuccessful and must be set aside for this reason alone.

(36)	It is correct that according to Article 101.1 sentence 2 of the Basic Law, no one may be deprived of his or her lawful judge. If the court is not properly constituted in this sense, there is always an absolute ground for revision within the meaning of § 547 no. 1 of the Code of Civil Procedure, which always constitutes a substantial procedural defect within the meaning of § 538.2 no. 1 of the Code of Civil Procedure (Zöller/Heßler, ZPO, 34th ed. § 538 marginal no. 14, etc.) and, under the further conditions set out there, can justify the setting aside of the contested judgment and the remittal of the proceedings to the original court.

(37)	It can, however, be left open whether the defendant's view that the dispute had to be decided at first instance by the fully staffed chamber of the Regional Court because it concerned a dispute from the field of communications and information technology, for which original chamber jurisdiction was established under § 348.1 sentence [(38)] 2 no. 2 j) of the Code of Civil Procedure, is correct. The defendant is not able to assert this view procedurally. Pursuant to § 348.4 of the Code of Civil Procedure, an appeal cannot in principle be based on the failure of the single judge to refer the case to the Chamber. An exception applies only if jurisdiction was arbitrarily assumed (see BGH, order of 25.11.2015, XII ZB 105/13, juris para. 9; MüKoZPO/Stackmann, 6th ed. 2020, § 348 para. 73 et seq.; BeckOK ZPO/Fischer, 43rd ed., § 348 para. 58 et seq.; BeckOK GG/Morgenthaler, 49th ed., Art. 101 para. 16). The defendant does not submit anything in this regard.

(39)	There is also nothing to be seen in this regard. On the basis of the contents of the file and on the basis of the orders received by the parties, the Regional Court evidently assumed the original jurisdiction of the single judge pursuant to § 348.1 sentence 1 of the Code of Civil Procedure. This was also not arbitrary. There is no obvious dispute from the fields of communications and information technology within the meaning of § 348.1 sentence 2 no. 2 j) ZPO. It is a matter of a claim that has no relation to communications and information technology. It is not sufficient for this that a telecommunications company is a party to the legal dispute. Rather, it follows from the explanatory memorandum to § 348.1 sentence 2 no. 2 j) ZPO (Bundestag printed paper 14/4722, 89) that "disputes primarily arising from contracts and tortious acts, including product liability with regard to data processing programs and computers" as well as "possible legal innovations in the field of telecommunication contracts and trade" are to be covered by the provision (MüKoZPO/Stackmann, 6. Aufl. 2020, § 348 marginal no. 65; Musielak/Voit/Wittschier, 18th ed. 2021, § 348 ZPO marginal no. 16). Since the mobile telephone contract underlying the cause of action in this case is in any case not clearly a contract from the field of communication technology, but is likely to be a contract for communication services, and since there are also no legal innovations in the field of telecommunication contracting and trade at issue, the omission of the submission for adoption by the board cannot in any case be regarded as arbitrary.

(40)	A violation of the requirement of the statutory judge also does not result from the fundamental importance of the matter, as the defendant assumes. This circumstance would only lead to a violation of Article 101.1 sentence 2 of the Basic Law if the single judge did not submit the case to the Chamber for adoption, although he or she attributed fundamental importance to it, so that arbitrariness would have to be affirmed (see BeckOK ZPO/Fischer, 43rd ed., § 348 marginal no. 60, etc.). It is not ascertainable for the senate that the judge before the court would have attributed fundamental importance to the present legal dispute. Neither was there a request to the chamber to take over the case, nor does it emerge from the reasons for the decision that it assumed a fundamental importance. The defendant has not shown otherwise. The fact that the senate assumes fundamental importance with regard to the counterclaim - see below - does not justify arbitrariness on the part of the lower court judge if there are no indications that the scope was subjectively recognised.


(41)	B. Appeal on the cause of action


(42) The defendant's appeal, on the other hand, is successful insofar as it attacks the District Court's legal statements on the cause of action. The admissible action is unfounded. The plaintiff has no contractual claim for remuneration against the defendant beyond the acknowledged amount of €54.74, which has been settled by offsetting. 43 1.

(43) Firstly, the Regional Court awarded an amount that was too high by € 1.00 within the scope of the main claim, contrary to the requests made (§ 308 ZPO). The plaintiff's application was for payment of €542. For the amount exceeding €542, the defendant's conviction therefore lacks a basis in substantive law as well as in procedure.

(44) Contrary to the plaintiff's view, there has been no contractual basis for the asserted claim since the defendant's revocation of the contract of 27 December 2018.

(45) a) This results first of all from the fact that the claims asserted are based on the contract of 27 December 2018. As can be seen from the invoices submitted as Annex K1, they refer solely to the customer number assigned to this contract and the customer account related to it. The invoices also show 27.12.2018 as the contract date.

(46) However, this contract was revoked on 6 January 2019 and has ceased to be a contractual basis for a claim.

(47) The Senate also has no doubts about the effective revocation, for which its timely dispatch is sufficient, § 355 para. 1 sentence 5 BGB. The return receipt submitted with Annex B2 proves that the plaintiff even received the revocation. In view of this, the plaintiff's assertion in the statement of 21 December 2020 is without any substance. It does not provide any evidence that it could have received another letter by means of this advice of receipt. It can be inferred from the further Annex K3 that the author of this letter was not aware of a revocation on the part of the plaintiff. However, this does not exclude the possibility that the receipt of the revocation, as evidenced by the advice of receipt, took place within the plaintiff's sphere of control and was merely not processed properly. However, as explained above, this is not the point.

(48) b) Irrespective of the fact that, according to the facts presented, the plaintiff does not assert any claim from the contract of 25 September 2018, this contract also does not form a sufficient basis for the claim. The contract of 25 September 2018 was terminated by mutual agreement between the parties and replaced by the - revoked - contract of 27 December 2018.

(49) (1) From the perspective of a reasonable and economically thinking consumer (§§ 133, 157 BGB), the plaintiff, with the mobile telephone contract of 25.09.2018 with the designation "...[A1]" for the telephone number ...7 and the card number ...8, offered the defendant to agree on another contract (tariff) with it within a certain period of time, so that the plaintiff no longer held the defendant to the contract of 25.09.2018. Within the time limit, a new contract was concluded on 27.12.2018. Thus, the contract of 25.09.2018 was cancelled by mutual agreement on 27.12.2018 and thus cannot be the basis of the payment claim.

(50) Contrary to the plaintiff's opinion, not only a deviating agreement on the remuneration was made. This results first of all from the fact that the invoices claimed do not show 25 September 2018 as the start of the contract, but explicitly 27 December 2018. If there had only been a change in the conditions, the start of the contract would not have changed.

(51) According to the Senate's assessment from the perspective of a reasonable and economically thinking consumer, the fact that the new customer contract of 25 September 2018 states that the change takes place "in the context of a contract extension" does not change this. This can only be understood to mean that the conclusion of the new contract and the release from the previous contract presupposes that the new contract is concluded for a longer period of time. The fact that a different understanding is also possible is to the plaintiff's detriment pursuant to § 305c (2) BGB. This contractual provision is a general business condition.

(52) The senate sees that the plaintiff thus runs the risk of giving the customer the option to withdraw from the contractual relationship with it altogether within the revocation period by concluding the new contract with simultaneous cancellation of the old contract: the first contract is cancelled and there is now a (new) right of revocation for the second contract. However, this disadvantage cannot justify a different view of the matter, because it is part of the plaintiff's recognisable business policy to get customers to sign contracts with the longest possible terms by concluding a first contract with a shorter term and lower or discontinued basic fees for a limited period of time, which is then supposed to lead to a contract with a longer term. The applicant thus consciously takes this risk.

(53) (2) If, according to this, the contract of 25.09.2018 cannot be the basis of the claim for payment asserted by way of action already on the basis of general contract law, reference must be made to the specific circumstances of the individual case only for the sake of completeness.

(54) In the letter of 16.04.2019, which the plaintiff submitted as Annex K3, it is explicitly stated that the defendant terminated the contract of 25.09.2018 (accepted by the plaintiff as of [(55)] 25.09.2020) and that the Plaintiff was concerned to make a new "offer" to the Defendant. Against the background of a terminated contract, however, this could only be an offer to establish a new contractual relationship and at the same time to terminate the terminated contract of 25.09.2018 prematurely, namely at the time of the establishment of the new contract. This has happened and is documented on the invoices submitted as Annex K1 by the fact that 27.12.2018 is stated as the start date of the contract. In this respect, the statement of claim also does not refer to a conclusion of the contract in September 2018.

(56) It must be seen that the offer for the contract of 25.09.2018 was to be able to change the tariff in the fourth to sixth month. These conditions "did not yet exist on 27.12.2018, because on that day only the third month of the contract ended, §§ 188 para. 2, 193 BGB. The defendant had not sought the possibility of a tariff change granted to it by contract in the fourth (to sixth) month of the contract, but had terminated the contract much earlier (20.11.2018). The new contract offer was therefore not based on a voluntary change of tariff, but on the termination of the contract of 25 September 2018, which was announced on 20 November 2018.

(57) This is also evident against the background that, notwithstanding the confirmed termination date of 25.09.2020, no more claims were asserted from this contract, but rather, according to the invoices, only claims from the contract concluded on 27.12.2018.

(58) The defendant received the order confirmation dated 27.12.2018 by email (see Annex B1). The order confirmation states "Your previous tariff ...[A1] with all inclusive services will cease to apply on 27.12.2018". This can only be understood by a reasonable and economically thinking consumer as meaning that the "old contract" has ended, especially since not only the contract but also the contract term has changed.

(59) Ultimately, it would hinder consumer rights in an abusive manner if the consumer is prevented from cancelling an initial contract because he has the option of concluding a contract extension with lower monthly prices but a longer contract term and is then factually prevented from exercising the right of cancellation with regard to a "contract extension" by the fact that this is only possible at the price of a significantly higher remuneration. With a simple "bait and switch" offer, the plaintiff would then also have been able to agree on a term exceeding the limit of § 309 no. 9 a) and b) BGB.

(60) The fact that the plaintiff derives its claim from the use of the mobile telephone contract with the no. ...7 is not constitutive for a claim from the contract of 25.09.2018. Admittedly, the allocation of the telephone number was established with this contract. However, the mobile telephone number is not bound to the contract, but can be transferred to other contracts at will. This is also possible across providers.

(61) c) The claim for the asserted ancillary costs in the amount of € 20.60 is not justified due to the lack of a main claim. Irrespective of this, the claim for the ancillary costs is also not justified in other respects.

(62) For the blocking costs, no basis for a claim is given, neither for the reason nor for the amount. It is neither explained nor otherwise apparent which - solely reimbursable - material expense the plaintiff should have incurred here.

(63) The reminder costs are also not conclusively presented. When which claim was reminded and in what amount is not explained. The senate is therefore unable to determine the necessity of the reminders. The amount of the reminder costs is obviously excessive. According to the case law of the highest courts, only the material costs are recoverable (BGH, judgement of 26.06.2019, VIII ZR 95/18). Based on the submission, the Senate cannot determine whether such costs were incurred at all or whether reminders were sent electronically. As it is known to the court that the postage costs were increased on 1 July 2019, the postage costs for a postal reminder cannot be estimated without further ado (section 287 of the German Code of Civil Procedure), especially as the plaintiff, as a bulk purchaser, is likely to be granted discounts.

(64) Ultimately, the return debit note costs are also unfounded. It is not explained when the return debit note occurred. It must be assumed that the SEPA direct debit mandate was also revoked at the latest with the revocation of 6 January 2019. Incidentally, the senate also considers the amount to be excessive. It is known from court practice that direct debit costs - especially for large companies - regularly do not exceed the amount of € 3. Since only the actual costs are recoverable, these would have to be proven. This is lacking.

(65) The collection costs are refundable on the merits. However, they must also have been incurred. What remuneration agreement existed between the plaintiff and the collection service provider, however, is not explained. Since the Lawyers' Fees Act (Rechtsanwaltsvergütungsgesetz) does not directly apply to debt collection service providers, § 4 (1) RDGEG in the version applicable until 30 September 2021 - even if its application can of course be contractually agreed - it had to be explained which remuneration was contractually agreed. This primarily limits the claim for damages. The defendant had already permissibly disputed corresponding expenses in its statement of defence.

(66) The presentation of the incidental costs is therefore largely inconclusive. Since they are ancillary claims, this did not have to be pointed out separately pursuant to § 139 (2) ZPO.


(67) C. Appeal on the counterclaim


(68) The appeal is partially successful insofar as the defendant challenges the dismissal of its counterclaim under 1) for payment of non-material damages under Article 82 GDPR on the merits. The claim is unfounded in terms of amount and the appeal is therefore dismissed insofar as non-material damages in excess of €500 are claimed.

(69) According to Art. 82(1) GDPR, "any person who has suffered material or non-material damage as a result of an infringement of this Regulation" (...) "shall be entitled to receive compensation from the controller or the processor".

(70) The prerequisite for the claim is therefore first of all a breach of the provisions of the GDPR. In this context, it is already disputed whether it is a claim of fault or strict liability. If the infringement is established, the further requirements for the amount of the claim for damages are disputed in case law and literature. In particular, it is disputed whether a de minimis limit is to be observed and according to which criteria the amount of the claim for damages is determined. So far, there has been no concretisation of the requirements under European law, even though there have already been referrals to the European Court of Justice (BAG v. 26.08.2021, 8 AZR 253/20; ECJ C-340/21 (Bulgaria); ECJ C-300/21 (Austria); LG Saarbrücken v. 22.11.2021, 5 O 151/19).

(71) (1) The Regional Court correctly found that the plaintiff culpably breached its obligations arising from Articles 5, 6 in conjunction with Article 4 No. 2 of the GDPR by disclosing data to the SCHUFA ... although the interests of the defendant in not publishing its data with regard to the claim still in dispute between the parties outweighed the plaintiff's interest in notification. The claim was disputed and not yet titled, so that a notification should not have been made. The defendant provided documentary evidence that it had disputed the cause of action against the plaintiff. The fact that the proven objection received by the plaintiff obviously did not reach the file is not to be blamed on the defendant and does not exonerate the plaintiff. A sufficient exculpation from the statutory presumption of fault (cf. on this Quaas, BeckOK Datenschutzrecht, 39th ed., status 01.11.2021, marginal no. 17 ff.) is not to be seen.

(72) This was also readily recognisable to the plaintiff, so that an at least negligent and thus culpable registration is indisputably given. The question of whether fault is necessary to justify the non-material claim for damages is therefore not relevant in the present case. Even if the Federal Labour Court doubts this in its referral decision to the ECJ of 26 August 2021 (8 AZR 253/20) and assumes strict liability (para. 39), Article 82 (3) of the GDPR, which excludes liability in the absence of fault in the sense of a reversal of the burden of proof, speaks against such a view.

(73) Thus, a violation of the provisions of the GDPR and thus the defendant's liability for damages is also established for the Senate on the merits.

(74) (2) However, the defendant is correct in its appeal to attack the district court's finding that the defendant did not sufficiently demonstrate that it suffered damages in the amount claimed as a result of this breach of duty. With the reasoning given by the Regional Court, a non-material damage of the defendant cannot be denied.

(75) a) The concept of non-material damage within the meaning of Article 82(1) of the GDPR is to be interpreted broadly - autonomously under European law and incorporating the objectives set out in the recitals to the GDPR.

(76) It already follows from the wording of the provision that a non-material claim for damages can be a causal consequence of the breach of duty. However, it must be distinguished from material damages, such as damages due to the refusal to grant credit or the granting of credit only under less favourable conditions or the refusal of certain payment methods with the consequence of higher transaction costs. The defendant does not always succeed in making this distinction in its considerations regarding the amount of the claim.

(77) On the other hand, the wording of the provision suggests that the European legislator does not assume that the breach of duty alone constitutes the material damage (so also Laoutoumai, K&R 2022, 25, 27; LG Saarbrücken v. 22.11.2021, 5 O 151/19 in its order for reference to the ECJ). A claim for damages only exists if "material or immaterial damage has occurred". This differentiation in the wording would not have been necessary if the infringement was already constitutive for the claim. In this respect, the Senate does not follow the Federal Labour Court (26.08.2021, 8 AZR 253/20, para. 33 - juris), which assumes that "the violation of the GDPR itself already leads to a non-material damage to be compensated". Thus, some kind of non-material damage must have occurred. Although the claim then goes beyond the damage suffered in its objective, it does not waive this due to further objectives. In this respect, the basis of the claim remains to protect an individual right. Art 82 GDPR is not part of collective redress. This raises the question of when damage suffered is to be assumed.

(78) This question must be distinguished from the assumption that a de minimis threshold must be taken into account in the context of Art. 82(1) GDPR. According to its wording, Art. 82 (1) GDPR does not standardise a de minimis limit and such a limit does not appear to be appropriate. Already in national law, such a limit was opposed by constitutional concerns in the context of the reform of the law of obligations in 2002 (Ebert in: Erman, BGB, 16th ed. 2020, § 253 BGB, marginal no. 14a). The legislator therefore rejected such approaches (BT-Drucks. 14/8780). If a non-material damage has occurred, its severity is to be taken into account in the context of the amount of the compensation claim, but not to be found in a necessarily only arbitrarily set trivial limit. Insofar as the Federal Supreme Court assumed a correction for reasons of equity (Federal Supreme Court NJW 1992, 1043, marginal no. 8; Federal Supreme Court NJW 1993, 2173), this was based on the one hand on a norm that is no longer valid today (§ 847 BGB) and on the other hand was not linked to a de minimis limit, but to the circumstance that neither the compensation nor the satisfaction function were affected in such a way that immaterial damage occurred at all. Thus, in the latter constellation, there is no "damage suffered".

(79) Since the previous Section 8 (2) BDSG, which made compensation for non-material damage dependent on a serious violation of the right of personality of the person concerned, is no longer applicable, it is not possible to fall back on the case law on the concept of damage. In this respect, the national case-law, which adheres to this - partly in the case of only verbal dissociation - is also inapplicable (cf. OLG Dresden v. 12.1.2021, 4 U 1600/20, marginal no. 31 - juris; OLG Dresden v. 20.08.2020, 4 U 784/20, marginal no. 32 - juris; AG Hannover v. 09.03.2020, 531 C 10952/19, marginal no. 21 et seq. - juris; AG Frankfurt a.M. v. 10.07.2020, 385 C 155/19, marginal no. 28 - juris) to be rejected.

(80) The categories of the national law on damages are therefore not helpful in interpreting the concept of non-material damages within the meaning of Article 82 of the GDPR autonomously under European law. The concept of damage under Article 82(1) of the GDPR is a concept under European law, which may not be filled in on the basis of national materiality thresholds or other restrictions (cf. Kühling/Buchner/Bergt, 3rd ed. 2020, GDPR Art. 82 para. 18a-18b).

(81) The concept of damage is intended, according to recital 146 p. 3 EU GDPR "shall be interpreted broadly in the light of the case law of the Court of Justice in a way that is fully consistent with the objectives of this Regulation." It can be deduced from this that the concept of damage, which is already broad according to para. 1 - because claims under Section 253 of the German Civil Code are already comprehensive - will not have to be interpreted in a limiting manner in case of doubt (cf. Paal/Pauly/Frenzel, 3rd ed. 2021, GDPR Art. 82 para. 10). The GDPR does not provide for an exclusion of alleged minor damages.

(82) Non-material damages are therefore also an instrument to realise the objectives of the GDPR, as set out in Article 1, under the protective purpose of protecting individual rights. The core of this is the protection of natural persons in the processing of personal data within the scope of protection of fundamental rights and freedoms in a specific individual case.

(83) Serving the function of a non-material claim for damages, various aspects must therefore be included in the assessment of the amount of non-material damages.

(84) are to be taken into account. Firstly, the immaterial and individual compensation function due to the violation of the protected good, then the satisfaction function establishing the violation and finally the general preventive influence on the damaging party to observe data protection in the future. In this sense, Article 82 of the GDPR does not have a punitive character - this is rather laid down in Article 84 of the GDPR, which respects the state's monopoly on the use of force - but it does have an incentive function for the controller to take sufficient security measures to protect the personal data of the data subject.

(85) Because of the broad interpretation required in recital 146 p. 3, the Senate agrees with voices in the literature that the uneasy feeling of uncertainty as to whether personal data have become known to unauthorised persons already constitutes non-material damage suffered. Potential damages are therefore, for example, anxiety, stress as well as loss of comfort and time and the potential stigmatisation, discrimination, damage to reputation and loss of confidentiality caused by a negative entry at a credit agency without it being transmitted to third parties (cf. on this also Kühling/Buchner/Bergt, 3rd ed. 2020, DS-GVO Art. 82 marginal no. 18a-18b; Quaas, BeckOK Datenschutzrecht, 39th ed., status 01.11.2021, marginal no. 24). This non-material damage, even if it will be low-level in individual cases and as a rule, must be compensated. To assume damage only when there is (public) exposure, identity theft, disclosure of sensitive information or other serious damage to a person's self-image or reputation as a result of unlawful access to data, and to demand a special non-material interest that goes beyond the annoyance or other emotional damage caused solely by the infringement itself, fails to recognise the concept of damage, which is to be interpreted autonomously and expressly broadly according to recital 146 (Kühling/Buchner/Bergt, 3. Aufl. 2020, DS-GVO Art. 82 Rn. 18a-18b) and disregards the individual claim for compensation with regard to the consequences shown. Such a view therefore falls short. The aforementioned restrictions remain out of consideration in the question of the claim for damages on the merits, but are only to be taken into account in the context of the amount of the compensation claim. The decisive factor is whether the person affected can present and prove the immaterial affectedness with the standard of proof of § 286 ZPO. The intensity of this must then be taken into account in the amount of the claim using the standard of proof under section 287 of the Code of Civil Procedure. Only here do the further conceivable immaterial impairments of the exposure or the necessary level of protection of the data concerned come into play.

(86) The satisfaction function comes into play - in addition - if there has been an actual impairment of the protected interests in relation to third parties in the sense of a use of the personal data processed in breach of duty vis-à-vis third parties. In this case, it is not (only) the fear of stigmatisation, discrimination or damage to reputation that applies, but the risk inherent in the data protection breach has now materialised. On the one hand, this increases the demands on the compensatory function and at the same time establishes satisfaction as a determinant of the amount within the immaterial claim for compensation, which is to be determined uniformly. It is precisely this processing with the participation of third parties that causes the exposure to be corrected outside of material damage caused thereby. This can be just as much the case when confronted with negative information in a credit application as when applying for a rental flat or negative information in the context of an employment relationship. This can also include the refusal of postpaid offers because of negative scores. The data subject regularly has no difficulty proving the processing of the data to third parties on the basis of the right to information to which he or she is entitled under Article 15 of the GDPR and asserting the satisfaction function on this basis.

(88) The general preventive effect of the immaterial claim for damages should not be overlooked. In the area of conflict between the risk of sanctioning violations of the GDPR without consequences by means of a non-material claim for damages pursuant to Article 82 of the GDPR, the tasks of collective legal protection by supervisory authorities with the sanctioning possibilities pursuant to Article 84 of the GDPR, the principle of proportionality and the principle of not sanctioning the same breach of duty with the same objective twice, the basic concern of the GDPR to already ensure the processing of data in the context of the purposes of protection must be taken into account. Already in the determination of the purposes, the assumed legal grounds for justification and the weighing of data protection consequences, if any, the level of protection must also be effectively preserved by the non-material claim for damages. In light of the non-material claim for damages pursuant to Article 82 GDPR, incentives must be created to ensure that the level of protection is so high that the risk of damages is not realised in the first place. The general preventive effect does not have to be reflected in particularly high immaterial claims for damages, but can fulfil its function precisely in the broad effect - even small violations are sanctioned without a de minimis limit. Where people work, mistakes happen. If this happens in an individual case, the lower sanction is proportionate and at the same time noticeable and thus effective. If, on the other hand, there are multiple breaches of duty and violations of the law, many small claims - especially since these are asserted collectively as well as very broadly within the framework of legal-tech offers - will quickly result in a large financial loss for the company concerned. Thus, if the number of breaches of duty is large or greater, smaller claims for damages will also be more effective in individual cases. In this context, the objective formulated in Article 1 of the GDPR of enabling the free movement of data must also be taken into account. Creditworthiness checks not only protect commercial enterprises from customers who are unable or unwilling to pay, but also consumers from excessive debt, especially in cashless payment transactions. The general preventive effect in the assessment of non-material damages must therefore not lead to a situation where no more registrations are made with credit agencies because of the risk of damages, because other protective purposes would then be negatively affected. The consumer who is not stable in his financial circumstances should be [(89)] protected by registration from quickly getting into debt. The warning function through the restriction of credited transactions is a building block to ensure this. In this context, it must also be assessed that the awarding of immaterial damages is not the only form of sanction against the company acting in breach of duty, especially if persistent violations of the law are established through complaints to supervisory authorities. In the end, there must also be no motivation to provoke data protection violations because of high non-material compensation claims, especially if even minor fault or even only the objective breach of duty triggers the claim. When evaluating the general preventive effect in the assessment of the amount of the non-material compensation claim, it must therefore also be taken into account to what extent the goals pursued in the specific individual case have already been achieved through compensation and satisfaction or whether an excessive effect is required.

(90) b) On the basis of this concept of non-material damage, the defendant has sufficiently demonstrated that it has suffered non-material damage. In this regard, the defendant stated that the unauthorised disclosure of data was capable of considerably reducing its creditworthiness and making its participation in economic life more difficult. Thus, the granting of credit by her bank had been stopped and it was to be feared that in future she would be denied purchases on account when doing business on the internet.

(91) These generally stated potential difficulties in participating in economic life in the form of concluding internet purchases are already sufficient to justify an already incurred - and not only to be feared (cf. on this Quaas, BeckOK Datenschutzrecht, 38th ed., DS-GVO Art. 82 marginal no. 25, and with reference to the wording of EC 146 p. 3: "suffered") - harm to her. 3: "suffered") - to demonstrate immaterial damage in the sense of the compensatory function. The fears associated with the dangers described are understandable. In e-commerce in particular, it is common practice, as is known in the courts, to secure the contractual contact by means of creditworthiness enquiries. Creditworthiness scores are usually based on the characteristics provided by the major credit agencies, including SCHUFA. Against this background, the registration and the resulting usability of the negative feature already constitutes the immaterial damage and not only the use of the registered data - which can hardly be proven by the person concerned - to his or her disadvantage. At the same time, the present proceedings and other published decisions already show that the elimination of an erroneous registration is not easily achieved, especially if the aim is to restore the situation before the registration and not only to correct it for the future.

(92) Notwithstanding this, the defendant submitted and proved by the testimony of a bank employee that the unjustified negative entry with SCHUFA had a concrete effect in such a way that its principal bank discontinued the loan negotiations on 26 March 2020 on the grounds that the granting of the loan was currently prevented by a negative entry with SCHUFA. It further explained that the credit approval under 29.12.2020 had only been granted subject to the proviso that the negative entry with SCHUFA - which still existed at the end of 2020 - would be settled. In this regard, the defendant submitted a documentary evidence (Annex B6), from which precisely this restriction can be seen as a handwritten entry. The plaintiff did not counter this in any significant way within the meaning of § 138 of the Code of Civil Procedure, so that this submission is to be regarded as undisputed and there was no need to take evidence on this. The defendant was thus stigmatised as a customer unable or at least unwilling to pay by the unlawful disclosure of its data to SCHUFA and the publication of its data. The damage to reputation thus caused constitutes a violation of the defendant's general right of personality, which is undoubtedly to be regarded as non-material damage within the meaning of Art. 82(1) of the GDPR and is to be compensated within the scope of the non-material claim for damages.

(93) Whether material damage has also occurred is not to be decided here. In the grounds of appeal, the defendant and counterclaimant admittedly argues that, in the course of the credit check, its bank pointed out that the negative entry with SCHUFA had still not been removed without any arrears in January 2022 and also informed it that the interest rate of 0.80% promised at the time could not be maintained due to inflationary developments. Instead, she now had to reckon with an interest rate of 1.2%, which would lead to a monthly repayment instalment of €90 more. Furthermore, she states that the average benchmark value of the property intended for purchase has meanwhile increased by € 10,000 and that the seller's interest in selling has decreased. She thus makes statements about material damage (see Simitis/Hornung/Spiecker gen. Döhmann, Datenschutzrecht, DSGVO Art. 82 marginal no. 28). This remains irrelevant for the assessment of the non-material damage. Irrespective of the fact that damage has not yet occurred both due to the lack of conclusion of the credit agreement and due to the lack of conclusion of the purchase agreement, a claim for material damages is not covered by the defendant's counterclaims.

(94) c) The damage in the form of the reduction of the defendant's creditworthiness with its principal bank was causally caused by the established breach of duty by the plaintiff and the counter-defendant. This is not refuted with regard to the compensatory function; with regard to the satisfaction function, the defendant's bank expressly refers to the negative entry of 16.09.2019 with the credit agency SCHUFA. This entry was indisputably obtained by the plaintiff.

(95) d) The plaintiff cannot exempt itself from the presumed liability under Article 82(1) of the GDPR.

(96) Whether fault on the part of the plaintiff is relevant for the establishment of a claim for damages under Article 82(1) of the GDPR (by contrast: BAG v. 26.08.2021, 8 AZR 253/20; Paal/Pauly/Frenzel, 3rd ed. 2021, DS-GVO Art. 82 marginal no. 6), can be left aside here. Insofar as Article 82(3) of the GDPR provides that the controller or processor is exempted from liability under paragraph 2 if it proves that it is not at fault for the event giving rise to the damage (Kühling/Buchner/Bergt, 3rd ed. 2020, DS-GVO Art. 82 para. 49), it is not necessary to decide whether the provision already excludes the claim under paragraph 1. The plaintiff has not provided the evidence necessary for this.

(97) The notification was made unlawfully. The claim asserted is objectively unjustified and was also subjectively disputed. This alone establishes her fault, if one does not want to assume a legal presumption of fault. However, once fault has been established, it does not cease to exist because the plaintiff endeavours to keep the damage low. Irrespective of this, however, this is also not sufficient to assume a low degree of fault with regard to the amount of damage. In this respect, the plaintiff has admittedly stated that it had already issued a deletion request to SCHUFA on 27 September 2019, which it has also substantiated by the letter from SCHUFA dated 23 July 2021 submitted as Annex K5. However, this is not sufficient for a disclaimer of liability after the plaintiff deliberately caused a negative entry to be made about the defendant with SCHUFA. In such a case, where there was no access to sensitive data by unauthorised persons, for example due to insufficient security, but where there was a deliberate disclosure of sensitive data, the person responsible or processor is only "in no way responsible for any damage" if the damage is exclusively due to the conduct of the person concerned (in this case, the defendant) or force majeure. Mere contributory negligence on the part of the injured party, on the other hand, does not exonerate, nor does a joint responsibility of third parties or a joint causation by force majeure (Kühling/Buchner/Bergt, 3rd ed. 2020, DS-GVO Art. 82 marginal no. 54). Finally, a controller cannot exonerate itself by proving that its processor disregarded a lawful instruction or otherwise breached its own obligations (Kühling/Buchner/Bergt, 3rd ed. 2020, GDPR Art. 82 para. 55). This results not least from the joint and several liability of the controller and processor as stipulated in Art. 82(4) of the GDPR, as the requirement of effective compensation (Recital 146, Sentence 6) would otherwise be undermined. This applies all the more since the plaintiff did not take precautions to ensure that retroactive deletion would actually take place. It cannot rely on the inadequate measures taken by the credit agency for deletion if it does not itself keep track of this in a timely manner in each case. According to the above, it cannot exonerate itself by the fact that it already issued the deletion order on 27 September 2019. The SCHUFA communication of 23.07.2021 submitted as Annex K5 does not prove anything more. Neither this letter nor the letter of 19 July 2021 submitted as Annex K4, according to which the negative reports concerning the defendant had been deleted, indicate the exact date when the deletion was carried out. That this in any case did not take place promptly after the order for deletion was issued on 27.09.2019 is evidenced by the SCHUFA information of the defendant dated 31.05.2021 (Annex B8), which still contains information on "payment problems" and that a settlement account exists. That the plaintiff at any time checked the successful completion of its order is neither set out nor proven. Consequently, the plaintiff is not exempt from liability.

(98) It may be that the credit agency, as the processor of the deletion order, disregarded the plaintiff's instruction to delete or violated its own obligations (timely processing or similar). However, this does not lead to the applicant's release from liability for the unlawful reporting of the data. The delays and reservations in the examination of the credit approval to the defendant by its house bank in the period from March 2020 to the end of 2020, which are documented, are consequently the fault of the unlawful data reporting of the plaintiff to SCHUFA.

(99) e) However, the amount of the claim for material damages of € 6,000 asserted by the defendant in the open partial action is completely excessive in accordance with § 287 ZPO. It is also disproportionate to immaterial claims for compensation in the context of other acts of damage, such as physical effects of bodily injuries. Thus, the relevant circumstances of the concrete individual case are not sufficiently taken into account in the overall context. The senate considers a compensation for pain and suffering of 500 € to be appropriate, but also sufficient to satisfy the function of compensation and satisfaction on the one hand, and to sufficiently take into account the general preventive function of immaterial damages on the other hand. The defendant and counterclaimant apparently also sees it this way, stating at the oral hearing that the amount of the claim for damages asserted was primarily driven by the will to establish the subject-matter jurisdiction of the Regional Court as the court of origin.

(100) Art. 82 GDPR does not contain any criteria for determining the amount of the claim for non-material damages. The starting point for its calculation is the concept of damage under European law, which is to be interpreted broadly. In addition to the seriousness of the infringement, its duration and the context in which the infringement occurred, the compensatory, satisfaction and preventive function of the claim for damages must also be taken into account (cf. Paal/Pauly/Frenzel, 3rd ed. 2021, GDPR Art. 82 para. 12a) as well as threatening consequences (Kühling/Buchner/Bergt, 3rd ed. 2020, GDPR Art. 82 para. 18d). In the end, however, the concrete circumstances of the individual case are essential (also BAG v. 26.08.2021, 8 AZR 253/20).

(101) In order to take into account the different functions of the claim for damages in individual cases as well as in general, it is not mandatory to set the amounts high in order to achieve the required effectiveness and deterrent effect (but so Simitis/Hornung/Spiecker gen. Döhmann, Datenschutzrecht, DSGVO Art. 82 Rn. 27; Paal/Pauly/Frenzel, 3rd ed. 2021, DS-GVO Art. 82 Rn. 12a; Sydow, Europäische Datenschutzgrundverordnung, DSGVO Art. 82 Rn. 6; Kühling/Buchner/Bergt, 3rd ed. 2020, DS-GVO Art. 82 Rn. 18d). Such an approach ignores the sum of the concrete circumstances of the individual case and focuses solely on the general preventive effect. It also disregards the fact that a concrete claimant is to be compensated with his or her affectedness, while the general interest is primarily safeguarded by fines according to Art. 83 GDPR. In the end, however, such a view unreasonably exceeds the threshold of a punitive function. However, Article 82 of the GDPR does not aim to implement a right to punishment - which is the sole right of the state and not of an individual - but only to motivate general preventive security measures. Considering the context, it must be seen that receivables management in certain economic sectors, such as telecommunications, but also the insurance industry, the energy industry or public transport, are mass procedures. In these sectors, hundreds of thousands, if not millions, of receivables are justified, invoiced and their receipt monitored every month. The individual claim is - as in this case - extraordinarily small and, even in the sum of several months, usually remains in the corridor of minor claims up to 500 €. Even the individual case of a non-material claim for damages to the extent considered appropriate by the senate therefore causes a loss of earnings exceeding the claim in the main action. With regard to the remuneration claim of the (legal) service provider, who regularly initiates the filing in these contexts, the claim even exceeds a multiple of his remuneration. If a legal violation occurs in an individual case, the specific low-threshold compensatory function and the satisfaction necessary in the specific case with regard to the exposure to one's own credit institution are satisfied by the non-material claim for damages awarded. The impairments are primarily economic and not of a highly personal nature and do not come close to physical impairments. If there are many cases of violations of the law by the same person responsible (infringer), the high deterrent effect is also to be seen in the breadth of the liability for damages, i.e. in the sum of all immaterial claims for damages. In addition, there is then the risk of very substantial material claims for compensation. If the non-material claim for damages were set too high, there would be a risk that applications would not be filed at all for economic reasons. This would, however, completely overshadow the (also) consumer-protecting function of the registration to make it more difficult to get into debt. The claim for compensation deemed appropriate by the Senate therefore also takes into account the principle of proportionality. In addition, it must be seen that the person affected has a multitude of rights and possibilities to keep the impairment low and short, so that immaterial damages do not stand alone in their sanctioning effect either. Article 83 also provides the supervisory authorities with a sufficient instrument to effectively achieve special and general preventive objectives. The considerations and trade-offs made by the Senate satisfy the requirements of effectiveness and equivalence under EU law (see also ÖOGH (Austria) v. 15.04.2021, 60b 35/21 x).

(102) The Senate's view is also in line with recital 146 of the GDPR. According to its third sentence, the concept of damage should be interpreted broadly in the light of the case law of the Court of Justice in a way that fully complies with the objectives of this regulation. However, the objectives of the GDPR are not unilaterally aimed at preventing data traffic, but show with Art. 1, 5 and 6 GDPR that various purposes are to be served within the framework of the grounds for justification. These purposes can - as in this case - give rise to conflicts of objectives that must be resolved in a balancing manner. In this respect, the responsible person should (also) be motivated by the non-material damages to implement measures to avoid false registrations. At the same time, however, not all motivation to file should be eliminated just because there is a risk of errors and a liability for damages.

(103) The Senate sees that the unlawful registration with the credit agency existed for a period of - at least - almost two years, as the registration of 16.09.2019 was not completely deleted until July 2021 at the earliest. This state of affairs was also triggered by culpably unlawful conduct on the part of the plaintiff and, in any case, was not terminated prematurely by careless conduct after the deletion order. As a result, over a period of at least nine months (March to December 2020), the defendant's creditworthiness has been impaired, as it has been denied a loan to finance the property it occupies. The non-material damages, however, do not aim at the material damage through higher interest rates and a higher purchase price, which is not asserted here. What is to be compensated is the burden and worry due to the infringement and the exposure to the credit institution.

(104) Since the claim in the action - beyond the acknowledged amount of €54.74 - does not exist, the auxiliary set-off with the claim for damages against the claim in the action exceeding this amount is of no significance. The set-off declared was to be taken into account in the amount recognised.

(105) (4) The senate did not have to rule on the defendant's motion asserted in the statement of grounds for appeal to expand the action, as the counterclaim is inadmissible.

(106) a) After the defendant's counterclaim under 1. b), filed at first instance, was unanimously declared to have been settled and its new claim from the statement of 5 October 2021 after the subjective extension of the action to SCHUFA ... had been considered inadmissible by the Regional Court - rightly and with correct reasoning, without it having been necessary to reopen the oral proceedings - had filed the application with the statement of grounds of appeal,

(107) "order the plaintiff to ensure and prove to the defendant that all personal data of the defendant which had been reported by the plaintiff to the SCHUFA ... has been completely and permanently deleted, so that SCHUFA ... no indication of an entry remains."

(108) However, the requirements of § 533 ZPO necessary for this second-instance extension of the action are not present. The plaintiff did not expressly consent to the amendment of the action, § 533 no. 1 ZPO. It is true that consent can also be declared impliedly, whereby a reckless plea to the amended action suggests consent (see BeckOK ZPO/Wulf, 44th ed., § 533 no. 10). In the present case, however, implied consent cannot be assumed, since the plaintiff considers the defendant's appellate counterclaims to 1) and 2) to be inadmissible.

(109) It is irrelevant whether relevance within the meaning of § 533 no. 1 ZPO could be assumed. In the required procedural approach, the extension of the action could serve to settle all issues between the parties and make further litigation superfluous in principle (see BeckOK ZPO/Wulf, 44th ed., § 533 no. 11).

(110) However, the admissibility of the extension of the action fails in any case because it cannot be based on facts which the senate must in any case take as a basis for its hearing and decision on the appeal pursuant to § 529 ZPO, § 533 no. 2 ZPO. In any case, the defendant's statements with regard to the data still stored at SCHUFA on 27 January 2022 ... and the measures undertaken by the plaintiff in the run-up to this date are not undisputed, so that this argument is considered "new" within the meaning of § 531 (2) ZPO and is therefore not admissible in the appeal proceedings.

(111) b) However, the application - assuming its admissibility - would also be unfounded.

(112) Like the plaintiff, the Senate is of the opinion that the plaintiff is not passively entitled to the defendant's request to ensure the complete deletion of a data record at a third party. It is neither submitted nor otherwise evident that the plaintiff has any influence whatsoever on the manner of data processing and the scope of the data stored at SCHUFA ... has. Significantly, the defendant does not make any statements about the basis of its claim and whether the prerequisites are met.

(113) According to the defendant's submission, the plaintiff has also complied with its sole obligation under Article 5(1)(d) of the GDPR to take all reasonable steps to ensure that personal data which are inaccurate in relation to the purposes for which they are processed are erased or rectified ("accuracy") without undue delay, i.e. that they are accurate and, where necessary, kept up to date. The defendant submitted an extract from the Sparkasse Koblenz dated 27.01.2022 as Annex B36. Contrary to its view, however, "the negative entry of 16.09.2019" is not still visible on it. Rather, the extract shows that a subsequent notification was made on 16.07.2021, as a result of which a "deletion note wg. inventory correction (subsequent notification reason)" was added to both the claim for €562 notified as due on 16.09.2019 and the claim for €562 notified as uncollectible on 31.10.2020. This sufficiently expressed that the negative entry was no longer factually correct. The plaintiff has thus made the necessary correction imposed on it by Article 5(1)(d) of the GDPR. The defendant cannot demand more from the plaintiff in terms of substantive law.

(114) The decision on costs is based on § 92 (1) ZPO. The decision on provisional enforceability follows §§ 708 no. 10, 711 ZPO. The amount in dispute was determined in accordance with §§ 47, 48 GKG.

(115) The appeal was to be allowed with regard to the counterclaim under 1) because the standards for the assessment of the non-material damages within the scope of Art. 82 GDPR in case constellations such as the present one do not yet appear to have been sufficiently clarified by the highest courts. At the same time, registration with SCHUFA ... as with other credit agencies, is a mass process and it is becoming apparent that claims for damages of this kind will be asserted en masse, not least via legal tech companies. In this respect, the questions raised in the context of Article 82 of the GDPR are of fundamental legal importance. At the same time, it must be noted that the courts of instance show a wide range in the non-material damages awarded, insofar as a claim is affirmed on the merits, without the cases differing significantly. A decision by the Federal Supreme Court therefore also appears appropriate to ensure uniform case law.

(116) Even if a clarification under European law appears to be appropriate and has already been initiated elsewhere (see above), the Senate has decided in favour of allowing the appeal instead of the - considered - direct referral to the ECJ, as it appears appropriate to first enable a classification by the highest court into the national law on damages under European law with regard to the compatibility or deviation from previous legal categories and a referral to the ECJ on this basis.