Why is Business Register data public and how does data protection apply?

The disclosure of register data takes precedence over the protection of privacy. Therefore, the public presentation of the Business Register data also goes in line with the Provisions of the European General Data Protection Regulation (GDPR).

The European Court of Justice has stated in a landmark decision that the disclosure as an interference with the fundamental rights of the data subjects (such as the protection of personal data) must be accepted (Judgment of 09.03.2017, Case C-398/15), which also expressly applies after the dissolution of the respective company. However, in individual cases, access restrictions may be justified (see the section Blocking of Data for more information).

You can find more information about this legal basis here.

If personal data is processed in this context, the legal basis for this can be found in Article 6 (1) sentence 1 of the GDPR. The processing of data is necessary to safeguard the legitimate interests of involved parties. The processing is only limited if it conflicts with the interests or fundamental rights and freedoms of the data subject, provided that such conflicts outweigh further processing.

Legitimate interests of the general public in the processing of personal business register data are, in particular, the information of the representation of corporations for the enforcement of claims. Legal representatives of corporations may, depending on the legal basis of the claim, be directly or indirectly liable to creditors for the fulfillment of an obligation for up to 10 years after their departure. There is therefore a significant interest in the publication of this information in this context.