Choose the experimental features you want to try

This document is an excerpt from the EUR-Lex website

Document 62020CN0601

Case C-601/20: Request for a preliminary ruling from the Tribunal d’arrondissement (Luxembourg) lodged on 13 November 2020 — SOVIM SA v Luxembourg Business Registers

OJ C 35, 1.2.2021, p. 37–39 (BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)

1.2.2021   

EN

Official Journal of the European Union

C 35/37


Request for a preliminary ruling from the Tribunal d’arrondissement (Luxembourg) lodged on 13 November 2020 — SOVIM SA v Luxembourg Business Registers

(Case C-601/20)

(2021/C 35/50)

Language of the case: French

Referring court

Tribunal d’arrondissement

Parties to the main proceedings

Applicant: SOVIM SA

Defendant: Luxembourg Business Registers

Questions referred

Question 1

Is Article 1(15)(c) of Directive (EU) 2018/843, (1) amending the first subparagraph of Article 30(5) of Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing …, (2) in so far as it requires Member States to make information on beneficial owners accessible to the general public in all cases, with no requirement for a legitimate interest to be shown, a valid provision:

(a)

in the light of the right to respect for private and family life guaranteed by Article 7 of the Charter of Fundamental Rights of the European Union (the ‘Charter’), interpreted in accordance with Article 8 of the European Convention on Human Rights, having regard to the objectives stated inter alia in recitals 30 and 31 of Directive 2018/843 relating, in particular, to efforts to combat money laundering and terrorist financing; and

(b)

in the light of the right to protection of personal data guaranteed by Article 8 of the Charter, in so far as it is intended, inter alia, to guarantee that personal data are processed lawfully, fairly and in a transparent manner in relation to the data subject, that the purposes for which such data are collected are limited, and that the data are minimised?

Question 2

1.

Is Article 1(15)(g) of Directive 2018/843 to be interpreted as meaning that the exceptional circumstances to which it refers, in which Member States can provide for exemptions from access to all or part of the information on beneficial owners, where access on the part of the general public would expose the beneficial owner to disproportionate risk, risk of fraud, kidnapping, blackmail, extortion, harassment, violence or intimidation, exist only where it is demonstrated that there is a disproportionate risk of fraud, kidnapping, blackmail, extortion, harassment, violence or intimidation which is exceptional, which is actually borne by the beneficial owner as an individual, and which is clear, real and present?

2.

Should this be answered in the affirmative, is Article 1(15)(g) of Directive 2018/843, thus interpreted, a valid provision in the light of the right to respect to private and family life guaranteed by Article 7 of the Charter and the right to protection of personal data guaranteed by Article 8 of the Charter?

Question 3

1.

Is Article 5(1)(a) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (3) (the ‘GDPR’), which requires data to be processed lawfully, fairly and in a transparent manner in relation to the data subject, to be interpreted as not precluding:

(a)

that the personal data of a beneficial owner, recorded in a register of beneficial owners established in accordance with Article 30 of Directive 2015/849, as amended by Article 1(15) of Directive 2018/843, are accessible to the general public, with no monitoring of access and no requirement for any member of the public to provide justification, and without any way for the data subject (the beneficial owner) to know who has accessed his personal data; or

(b)

that the data controller responsible for such a register of beneficial owners provides access to the personal data of beneficial owners to an unlimited and indeterminable number of persons?

2.

Is Article 5(1)(b) of the GDPR, which requires the purposes of data processing to be limited, to be interpreted as not precluding that the personal data of a beneficial owner, recorded in a register of beneficial owners established in accordance with Article 30 of Directive 2015/849, as amended by Article 1(15) of Directive 2018/843, are accessible to the general public, in circumstances where the data controller cannot guarantee that those data will be used only for the purpose for which they were collected, which, in essence, is that of combating money laundering and terrorist financing — a purpose in relation to which the general public is not the responsible body from which compliance is required?

3.

Is Article 5(1)(c) of the GDPR, which requires data to be minimised, to be interpreted as not precluding the general public from having access, through a register of beneficial owners established in accordance with Article 30 of Directive 2015/849, as amended by Article 1(15) of Directive 2018/843, to data indicating, in addition to the beneficial owner’s name, month and year of birth, nationality and country of residence, as well as the nature and extent of his beneficial interests, also his day and place of birth?

4.

Does Article 5(1)(f) of the GDPR, which requires data to be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing, and thus guarantees the integrity and confidentiality of such data, preclude access to the personal data of beneficial owners contained in a register of beneficial owners established in accordance with Article 30 of Directive 2015/849, as amended by Article 1(15) of Directive 2018/843, from being provided on an unlimited and unconditional basis, with no commitment to keep such data confidential?

5.

Is Article 25(2) of the GDPR, which guarantees data protection by default, providing in particular that by default, personal data must not made accessible without the individual’s intervention to an indefinite number of natural persons, to be interpreted as not precluding:

(a)

that a register of beneficial owners established in accordance with Article 30 of Directive 2015/849, as amended by Article 1(15) of Directive 2018/843, does not require members of the general public consulting the personal data of a beneficial owner on its website to create an account; or

(b)

that no information concerning a consultation of personal data of a beneficial owner contained in such a register is disclosed to that beneficial owner; or

(c)

that no restriction on the extent and accessibility of the personal data at issue is applicable in the light of the purpose of their processing?

6.

Are Articles 44 to 50 of the GDPR, under which the transfer of personal data to a third country is subject to strict conditions, to be interpreted as not precluding that the personal data of a beneficial owner, contained in a register of beneficial owners established in accordance with Article 30 of Directive 2015/849, as amended by Article 1(15) of Directive 2018/843, are accessible in any circumstances to any member of the general public, with no requirement to demonstrate a legitimate interest and no limitations as to the location of that public?


(1)  Directive (EU) 2018/843 of the European Parliament and of the Council of 30 May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU (OJ 2018 L 156, p. 43).

(2)  Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC (OJ 2015 L 141, p. 73).

(3)  Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ 2016 L 119, p. 1).


Top