In its judgment of 4 May 2023 (C-300/21), the ECJ ruled that a significant interference with the protected legal positions of the data subject is not a prerequisite for non-material damages under the GDPR (we reported). In the future, it will be even more important for customer communication in B2C to distinguish between mere customer information and advertising contact, as a decision by the OLG Hamm (Germany) shows.
Since the General Data Protection Regulation (GDPR) came into force in May 2018, the classic B2C customer approach in direct marketing via the still relevant address channel email seems to be associated with even greater risks: In addition to the known risk of a claim by an end customer, a competitor or a consumer protection association for injunctive relief, based on the objection that express consent for the receipt of the received email did not exist in the specific case, those affected are increasingly demanding immaterial damages pursuant to Article 82 (1) of the GDPR in addition to the mere injunction.
The reasoning put forward for this is simple: insofar as the email sent by a company to an end consumer is unlawful due to the absence of a previously expressly granted consent (Section 7 (2) no. 2 UWG), this infringement shall automatically include an unlawful processing of personal data according to the GDPR and should therefore trigger a claim for damages according to Art. 82 GDPR, without the degree of seriousness of the interference playing a role.
The OLG Hamm (Germany) also had to deal with this argumentation. In a decision of 19 May 2022 (Case No. 6 U 137/21), the court specified the requirements for permitted end-customer communication. The court thus also finds confirmation with the BGH (Case No. I ZR 94/22), which dismissed the non-admission appeal filed against the decision of the OLG Hamm.
The case referred to an email with which a company offering a software-based online platform for reporting equestrian events informed registered customers in 2020 about documentation obligations in connection with a new viral disease in horses. The company combined this information with a note on how these official documentation obligations could be fulfilled within the online platform service, which is only available to registered customers.
Due to a technical error in sending this email, a customer who had already registered for the company’s online product seven years earlier in 2013 received this email 13 times and, in addition to being blocked from receiving further emails from the company, demanded damages of at least 25,000 euros in accordance with the GDPR. He justified this on the basic that the email was advertising to which he had not given his consent. Furthermore, the company’s reference to any consent or other justification for advertising was inadmissible after seven years without any use of the plaintiff’s data. He also claimed that receiving the e-mail 13 times in his e-mail box constituted unreasonable harassment. The accompanying unlawful processing of his personal data also triggered a claim for non-material damages under the GDPR, whereby questions regarding Art. 82 GDPR would ultimately have to be clarified by the European Court of Justice in the context of a preliminary ruling.
The defendant company, on the other hand, did not consider the email to be advertising, but rather sending important information in fulfilment of its obligations towards the plaintiff. Likewise, there was no violation of the plaintiff’s right to informational self-determination, so that no clarification of questions of interpretation of Art. 82 GDPR or a submission to the European Court of Justice was necessary.
The OLG Hamm, like the LG Münster at first instance (Case No. 2 O 11/21), followed the latter opinion and dismissed the appeal.
What can the decision mean for practice?
- Well, first of all and detached from the specific facts of the case, it can be inferred from the decision of the OLG Hamm that despite the broad legal concept of advertising, not every end-customer approach of a company can (also) be seen as advertising. For the sake of comprehension: the BGH understands advertising to mean all measures of a company that are aimed at promoting the sale of its products or services, which, in addition to directly product-related advertising, also includes indirect sales promotion (cf. BGH, judgment of 10 July 2018, VI ZR 225/17, para. 18, with reference to Art. 2 lit. a Directive 2006/114/EC on misleading and comparative advertising).
- If the element of promoting future business transactions is missing in the customer contact, for example because the company’s product mentioned in the email is free of charge for the registered customer and the company is not aiming for future product sales (e.g. in the form of updates subject to a charge) to the customer, the email cannot be seen as advertising either.
- The mere fact that there is a longer period of time between the registration of the customer and the receipt of the company’s communication (in this case more than seven years) does not mean that the registered customer is no longer recognizably interested in receiving emails from this company. The OLG Hamm thus contradicts the opinion of other courts, according to which consent is quasi “consumed” after the expiry of a few months or years (most recently AG Munich after four years at the latest (judgement of 14.02.2023, ref. 161 C 12736/22)).
- The repeated sending of an email due to a technical oversight also does not constitute unreasonable harassment, as the multiple mailings were precisely not made in order to take up the attention or resources of the plaintiff.
- A claim for non material damages does not arise from Art. 82 GDPR if the data are processed lawfully: However, personal data are lawfully processed if the data subject requests an unlimited registration for an online service from a company and voluntarily sends his or her data to the company.
Conclusion – In addition to the statement of the OLG Hamm that not every B2C communication is quasi-automatically advertising, but that it depends on a case-by-case consideration, whereby a differentiation must be made between the advertising intention of promoting sales through customer communication on the one hand and the interest of a company to inform its customers about its contractual product on the other hand, the core of the decision consists in the finding that the consent of an end customer to receive email messages as a registered customer of a company is generally not limited in time. Also, technical glitches in the sending of e-mails do not in themselves trigger claims for injunctive relief, and certainly not claims for non-material damages under the GDPR.
