§ 25 TDDDG
Protection of Privacy in Relation to Terminal Equipment
(1)The storage of information in the end user's terminal equipment or the access to information already stored in the terminal equipment is only permissible where the end user has given consent on the basis of clear and comprehensive information. The information of the end user and the consent must be provided in accordance with Regulation (EU) 2016/679.
(2)Consent under paragraph 1 is not required 1 where the sole purpose of the storage of information in the end user's terminal equipment or the sole purpose of the access to information already stored in the end user's terminal equipment is the transmission of a message over a public telecommunications network, or; 2 where the storage of information in the end user's terminal equipment or the access to information already stored in the end user's terminal equipment is strictly necessary in order for the provider of a digital service to provide a digital service expressly requested by the user.