Law: Saxon Data Protection Act ('SächsDSG') of 25 August 2003, as amended to implement the GDPR (only available in German here)

Regulator: Saxon data protection authority ('SächsDSB')

Summary: The SächsDSG provides for derogations from the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and data protection requirements within Saxony. Compared to other state-level German data protection laws, the SächsDSG is slightly more detailed and addresses a marginally wider range of topics. In particular, there are additional provisions related to data subject rights and data transfers.