Glossary: GDPR Fines

The controller is the person who decides on the purposes and means of data processing (Art. 4 No. 7 GDPR). This may also be several persons jointly, who are then joint controllers within the meaning of Art. 26 GDPR.

Joint controllers must, in particular, enter into an agreement on joint responsibility in which they regulate who is responsible for which data protection obligations. Joint controllers are jointly and severally liable to data subjects under Art. 82(2) GDPR. This means that they are also liable to data subjects for violations committed by the other controller. The European Court of Justice interprets the concept of joint responsibility broadly; it is not necessary for the parties involved to make equal contributions to the processing.

The European Data Protection Board (EDPB) is a body established under Article 68 of the GDPR to promote the consistent application of the GDPR in the member states. → FAQ EDPB

The General Data Protection Regulation (DSGVO) is an EU regulation that uniformly governs the protection of personal data across the EU and strengthens the rights of individuals regarding their data. It has been directly applicable in Germany and all other EU member states since May 25, 2018, meaning no national implementing laws are required. As European law, it takes precedence over conflicting national laws.

The official title is “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).” The official text of the GDPR is available from the European Union.

Data protection authorities are independent authorities that monitor compliance with data protection law. There are a total of 18 data protection authorities in Germany. In addition to the Federal Commissioner for Data Protection and Freedom of Information, there is a state data protection commissioner in every federal state except Bavaria. In Bavaria, there are two separate authorities.

The Treaty on the Functioning of the European Union (TFEU) is, alongside the Treaty on European Union (TEU), one of the two founding treaties of the European Union. It lays down detailed provisions on the competences, organization, and functioning of the EU and its institutions. In particular, it regulates the specific implementation of the EU’s various policy areas, such as the internal market, the Economic and Monetary Union, and the common commercial policy. The Treaty on the Functioning of the European Union (TFEU) is one of the two founding treaties of the EU and sets out the detailed rules for the functioning of the European Union, as well as the competences and specific policy areas in which the EU operates. It essentially elaborates on the more general provisions of the Treaty on European Union (TEU), regulating, among other things, the internal market, fundamental freedoms, and the organization of EU institutions.

The official text of the TFEU is available on the European Union’s website.