Law: Saarland Data Protection Act ('SDSG') of 16 May 2018 (only available in German here)
Regulator: Saarland data protection authority
Summary: The SDSG provides for derogations from the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR') and data protection requirements within Saarland. In particular, the SDSG addresses special purposes of processing, public sector activities, and data subject rights, as well as processing sensitive data, Data Protection Impact Assessments, and automated processing. The SDSG is slightly more detailed than comparable state-level data protection laws in Germany. The Saarland data protection authority has released extensive guides for data processors, impact assessments, and data protection officers.