After data leak payment of damages in the amount of 2,500 euros

Munich-based digital asset manager Scalable Capital must pay its clients damages of 2,500 euros following a GDPR violation and an associated data protection breach.

Scalable Capital ordered to pay damages

A GDPR breach can be costly, as Munich-based asset manager Scalable Capital now has to find out for itself. According to its own information, the company currently manages around 10 million euros of money from 600,000 customers.

In October 2020, the company had to admit to a data breach in which unauthorized persons were able to access the personal data of more than 33,000 active and former customers and thus exploit addresses, tax data or account information. -headlines, as reported by the Frankfurter Allgemeine Zeitung.

Judgment already rendered in December 2021

Thus, Scalable Capital had violated the strict requirements and liability provisions of the General Data Protection Regulation (GDPR). In December 2021, a plaintiff, with the support of the legal service provider EuGD (Europäische Gesellschaft für Datenschutz mbH), was awarded immaterial damages of 2,500 euros before the Munich Regional Court I.

When assessing the sanction, the court took into account that the data had not yet been misused. At the same time, however, the court wanted to achieve a “chilling effect” with the judgment (file number 31 O 16606/20).

According to the court, the security breach was preventable, which therefore constitutes a violation of the GDPR. In July 2022, Scalable Capital withdrew its appeal against the decision.

Especially since the tribunal de grande instance had already indicated at the hearing “that it will also possibly decide on the appeal in favor of the plaintiff”, said Diana Ettig, attorney for the plaintiff.

Profitable model

The CJEU is confident after the first final judgment in this area and further encourages customers to assert their rights. After all, it pays: if successful, the legal service provider keeps 25% of the recovered sum.

“The EuGD has now obtained a legally binding judgment for damages in a first case due to a data breach. Hopefully this will encourage other consumers to assert their rights, explains Thomas Bindl, founder of EuGD in the press release.

On the own homepage, the example Scalable Capital is additionally moved prominently to the fore and offers the possibility of having the claim against Scalable Capital examined free of charge. More recently, GDPR violations by Hannoversche Volksbank and Volkswagen have also been known. The car manufacturer will even have to pay a fine of 1.1 million euros.

About Matthew R. Dailey

Check Also

Contactless payment penetration rate in Saudi Arabia is ‘94% of all digital transactions’

India and Saudi Arabia to focus on sustainability to boost bilateral ties: Indian Trade and …