Search

§ 34 Right of access by the data subject

  1. In addition to the exceptions in Section 27 (2), 28 (2) and 29 (1), second sentence, the data subject’s right of access according to Article 15 of Regulation (EU) 2016/679 shall not apply if
    1. the data subject shall not be informed pursuant to Section 33 (1) no. 1, no. 2 (b) or (3), or
    2. the data
      1. were recorded only because they may not be erased due to legal or statutory provisions on retention, or
      2. only serve purposes of monitoring data protection or safeguarding data,

    and providing information would require a disproportionate effort, and appropriate technical and organizational measures make processing for other purposes impossible.

  2. 1 The reasons for the refusal to provide information shall be documented. 2 The data subject shall be informed of the reasons for refusing to provide information, unless providing the reasons in law and in fact on which the decision is based would undermine the intended purpose of refusing to provide the information. 3 Data stored for the purpose of providing information to the data subject and preparing such provision may be processed only for this purpose and for purposes of data protection monitoring; processing for other purposes shall be restricted according to Article 18 of Regulation (EU) 2016/679.
  3. 1 If a public body of the Federation does not provide information to a data subject, such information shall be provided to the Federal Commissioner at the request of the data subject, unless the responsible supreme federal authority determines in the individual case that doing so would endanger the security of the Federation or a Land. 2 The notification from the Federal Commissioner to the data subject with the results of the data protection assessment shall not permit any conclusions to be drawn concerning the information held by the controller unless the latter agrees to the provision of more extensive information.
  4. The data subject shall have the right to information about personal data processed by a public body neither in automated nor in non-automated form and stored in a filing system only if the data subject provides information enabling the data to be located and if the effort required is not disproportionate to the data subject’s interest in the information.

Contact us!

Assistance with data protection?

Subscribe to our free newsletter! 

Secure the knowledge of our experts!

Subscribe to our free newsletter: