§ 25 LDSG BW
Tasks and powers
(1)The State Commissioner for Data Protection shall be the competent supervisory authority within the meaning of Article 51(1) of Regulation (EU) 2016/679 within the territorial scope of this Act, unless specific provisions provide for a different competence. The Commissioner shall also be the supervisory authority for data protection for non-public bodies pursuant to Section 40 of the Federal Data Protection Act.
(2)The State Commissioner for Data Protection shall also perform the tasks pursuant to Article 57 of Regulation (EU) 2016/679 and exercise the powers pursuant to Article 58 of Regulation (EU) 2016/679 within the scope of application of Section 2(4). For municipalities, municipal associations and other legal persons under public law subject to the supervision of the Land, as well as for the bodies referred to in Section 2(2), the authorised representative body shall be the controller.
(3)Any person may address the State Commissioner for Data Protection where he or she considers that his or her rights have been infringed by the processing of his or her personal data by a public body. No person who has exercised his or her right under sentence 1 may be disadvantaged or reprimanded on that account.
(4)Where the State Commissioner for Data Protection identifies violations of the provisions of this Act or other data protection provisions or other deficiencies in the processing or use of personal data, the Commissioner shall, in the case of public bodies of the Land, notify the competent legal or specialist supervisory authority thereof and shall give that authority the opportunity to comment within a reasonable period before exercising the powers pursuant to Article 58(2)(b) to (g) and (j) of Regulation (EU) 2016/679. For municipalities, municipal associations and other legal persons under public law subject to the supervision of the Land, as well as for the bodies referred to in Section 2(2), the authorised representative body shall take the place of the legal and specialist supervisory authority; at the same time, the State Commissioner for Data Protection shall inform the competent supervisory authority. The opportunity to comment may be dispensed with where an immediate decision appears necessary due to imminent danger or in the public interest or where a compelling public interest precludes it. The statement should also contain a description of the measures that have been taken or are intended to be taken as a result of the notification by the State Commissioner for Data Protection.
(5)Section 29(3) of the Federal Data Protection Act shall remain unaffected and shall apply accordingly to the notaries of the Land. In all other respects, the supervision of the State Commissioner for Data Protection shall also extend to personal data that are subject to professional or special official secrecy. Where the State Commissioner for Data Protection obtains knowledge of data subject to a confidentiality obligation in the course of an investigation, the confidentiality obligation shall also apply to the State Commissioner for Data Protection. zur Einzelansicht § 25