ePrivacy Directive Compliance in Germany
The ePrivacy Directive governs electronic communications privacy, covering cookies, email marketing, and confidentiality of communications. Its replacement (ePrivacy Regulation) is pending but the Directive remains law.
How does ePrivacy apply in Germany?
ePrivacy applies in Germany under EU law with the same obligations as across the bloc — maximum fine Per member state (typically up to €20M). The national supervisory authority is the BfDI (Federal Commissioner for Data Protection), which handles enforcement, complaints, and notifications. Deadline: In force — update expected 2025-2026.
- Supervisory authority: BfDI (Federal Commissioner for Data Protection)
- Maximum fine: Per member state (typically up to €20M)
- Key deadline: In force — update expected 2025-2026
| Supervisory authority | BfDI (Federal Commissioner for Data Protection) |
| Maximum fine | Per member state (typically up to €20M) |
| Key deadline | In force — update expected 2025-2026 |
| Sectors affected | Telecommunications, Digital Services |
In force — update expected 2025-2026
Per member state (typically up to €20M)
Telecommunications, Digital Services, E-commerce
Key ePrivacy Obligations for Germany Businesses
- Obtain consent for cookies and tracking
- Honour opt-out for direct marketing
- Protect confidentiality of communications
- Notify breaches to authorities
- Implement privacy by default
Does ePrivacy apply to your Germany business?
Find out in 2 minutes with our free regulation checker.
Check now — freeePrivacy in Other Countries
For informational purposes only. This is not legal advice — consult qualified legal counsel.