Data Protection Laws

Austrian National Law

General Data Protection Regulation - GDPR

The GDPR is the foundation of data protection law in Europe since 25 May 2018.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC - General Data Protection Regulation

Regulation (EU) 2016/679 - GDPR »


Austrian National Data Protection Act

The Austrian Data Protection Act (Datenschutzgesetz, short "DSG") supplements the General Data Protection Regulation (GDPR). The Datenschutzgesetz was extensively modified. Older versions are no longer useful. The title of the older version of the law was “Datenschutzgesetz 2000” (DSG 2000).

The Federal Act concerning the Protection of Personal Data (Datenschutzgesetz - DSG) has entered into force on 25 May 2018.

Austrian National Data Protection Act - DSG »


More Austrian Laws

The Legal Information System of the Republic of Austria (www.ris.bka.gv.at) provides Austrian legislation in its current version (federal and state), law gazettes (federal and state) and case law. A selection of Austrian Laws in English translation can be found here:

Austrian Laws »


GDPR-Guide (© Austrian Data Protection Authority)

The Austrian Data Protection Authority offers a guide to the GDPR in Austria on its German website.

Download german PDF »

European Regulations and Directives

Regulation (EU) 2016/679 - GDPR

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC - General Data Protection Regulation

Regulation (EU) 2016/679 »

Council Framework Decision 2008/977/JHA

Council Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters

Council Framework Decision 2008/977/JHA »

Directive (EU) 2016/680

Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA

Directive (EU) 2016/680 »

Directive 2002/58/EC

Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications)

Directive 2002/58/EC »

Regulation (EC) No 45/2001

Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data

Regulation (EC) No 45/2001»

Regulation (EC) No 1987/2006

Regulation (EC) No 1987/2006 of the European Parliament and of the Council of 20 December 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II)

Regulation (EC) No 1987/2006 »

Regulation (EC) No 767/2008

Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation)

Regulation (EC) No 767/2008 »

Regulation (EU) 2016/794

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA

Regulation (EU) 2016/794 »

Regulation (EU) No 603/2013

Regulation (EU) No 603/2013 of the European Parliament and of the Council of 26 June 2013 on the establishment of "Eurodac" for the comparison of fingerprints for the effective application of Regulation (EU) No 604/2013 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person and on requests for the comparison with Eurodac data by Member States law enforcement authorities and Europol for law enforcement purposes, and amending Regulation (EU) No 1077/2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice

Regulation (EU) No 603/2013 »

Top