§ 29 BlnDSG
Administrative Offences, Criminal Provisions
(1)Any person who, contrary to the provisions of Regulation (EU) 2016/679, this Act and other data protection provisions, processes personal data that are not publicly known without authorisation, shall be guilty of an administrative offence. The administrative offence may be sanctioned with a fine of up to 50,000 euros.
(2)Any person who commits the acts described in paragraph 1 for remuneration or with the intention of enriching themselves or another person or of harming another person shall be punished with imprisonment of up to two years or with a fine.
(3)The offence pursuant to paragraph 2 shall only be prosecuted upon application. The data subject, the controller and the Berlin Commissioner for Data Protection and Freedom of Information shall be entitled to file an application.
(4)A notification pursuant to Article 33 of Regulation (EU) 2016/679 or a communication pursuant to Article 34(1) of Regulation (EU) 2016/679 may only be used in criminal or administrative fine proceedings against the person required to notify or communicate, or their relatives designated in Section 52(1) of the Code of Criminal Procedure, with the consent of the person required to notify or communicate. zur Einzelansicht § 29 Teil 3 Bestimmungen für Verarbeitungen zu Zwecken gemäß Artikel 1 Absatz 1 der Richtlinie (EU) 2016/680 Kapitel 1 Anwendungsbereich, Begriffsbestimmungen und allgemeine Grundsätze für die Verarbeitung personenbezogener Daten