In a previous post, this blog reported on German guidance on the scope of the right of access under Art. 15 of the GDPR and in particular on the right to receive a copy.  The Supervisory Authority of Hesse region stated that the term “copy” in Art 15 GDPR should not be understood literally but rather in the sense of a “summary”.

This somewhat relaxed interpretation appears to conflict with an earlier decision of the Labor Appeals Court of Stuttgart which ordered an employer to provide actual copies of all information held by the company regarding an employee’s performance and behavior to that employee.

More recently, the Appeal Court of Cologne held that the customer of an insurance company is entitled to access all personal data pertaining to him and processed by the company, including any internal notes regarding conversations between company employees and the customer.  The company argued that it was impracticable to compile the information due to the large amounts of customer information processed by it. The court was unimpressed, stating that the company was compelled to adapt its IT systems to the requirements of the GDPR.  The court did not explicitly rule on the customer’s right to also receive a copy of his personal data.

These first court decisions on Art. 15 of the GDPR confirm that the right of access is becoming a powerful tool in litigation. Germany’s code of civil procedure does not provide for a general right to discovery.  The right of access could make up for this and significantly affect outcomes in civil and labor law cases.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Ulrike Elteste Ulrike Elteste

Ulrike Elteste is an experienced technology, media and intellectual property lawyer in the firm’s Frankfurt office. She also advises on related regulatory aspects, in particular, privacy law, financial services supervisory law, and telecommunications law. She is regularly involved in cross-border transactions with a…

Ulrike Elteste is an experienced technology, media and intellectual property lawyer in the firm’s Frankfurt office. She also advises on related regulatory aspects, in particular, privacy law, financial services supervisory law, and telecommunications law. She is regularly involved in cross-border transactions with a focus on technology or IP. Ulrike also represents clients in commercial and IP litigation.

Photo of Kristof Van Quathem Kristof Van Quathem

Kristof Van Quathem advises clients on data protection, data security and cybercrime matters in various sectors, and in particular in the pharmaceutical and information technology sector. Kristof has been specializing in this area for over fifteen years and covers the entire spectrum of…

Kristof Van Quathem advises clients on data protection, data security and cybercrime matters in various sectors, and in particular in the pharmaceutical and information technology sector. Kristof has been specializing in this area for over fifteen years and covers the entire spectrum of advising clients on government affairs strategies concerning the lawmaking, to compliance advice on the adopted laws regulations and guidelines, and the representation of clients in non-contentious and contentious matters before data protection authorities.