Regulator: The Federal Commissioner for Data Protection and Freedom of Information ('BfDI'). Please note that there are also regional laws and regulators.
Summary: Germany is composed of a federation and 16 Länder that have complementary competences in the privacy sector. In addition to the Act, every Land has adopted its own regional data protection law implementing the GDPR, which apply to the public sector and have priority over the Act. Further information on each Land as well as federal activities is available through the jurisdiction dashboard links below.