Website Compliance in Germany
German websites must comply with the DSGVO (GDPR), the Telemediengesetz (TMG), the Impressumspflicht (mandatory imprint), the European Accessibility Act, and strict cookie consent requirements. The Bundesdatenschutzbeauftragte (BfDI) and the 16 Landesdatenschutzbehörden actively enforce data protection rules. Germany also has uniquely strict Abmahn-culture: third parties, including competitors, can sue for Impressum violations, privacy-policy deficiencies, and unlicensed images.
Toezichthouder gegevensbescherming:
Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
(BfDI)
Vereisten
5
landspecifieke regels
Handleidingen
0
handleidingen beschikbaar
Specifieke vereisten voor Duitsland
Impressumspflicht (mandatory imprint)
Every German commercial website must have an Impressum listing the full name and address of the responsible person or company, contact email, phone number, and where applicable the Handelsregisternummer and USt-IdNr. Violations are aggressively pursued via Abmahnungen (cease-and-desist letters) by competitors.
Datenschutzerklärung (privacy policy)
German websites must have a comprehensive Datenschutzerklärung under the DSGVO and BDSG. It must name every service that processes personal data (Google Analytics, fonts, CDN, contact forms), the legal basis for each, and contact details of the responsible controller.
Cookie consent (TTDSG)
The Telekommunikation-Telemedien-Datenschutz-Gesetz (TTDSG) requires prior informed consent for non-essential cookies. German courts have ruled that nudging users (e.g. pre-ticked boxes, hard-to-find reject buttons) violates consent requirements.
Google Fonts self-hosting
In January 2022 a Munich court (LG München I) ruled that embedding Google Fonts via Google servers without consent violates the DSGVO by leaking visitor IP addresses to the US. German websites should self-host fonts or use privacy-compliant CDN configurations.
European Accessibility Act (EAA) from June 2025
From 28 June 2025 the EAA requires e-commerce and financial-services websites in Germany to meet WCAG 2.1 AA accessibility standards. Violations can be reported to Marktüberwachungsbehörden.
Handhaving in Duitsland
The Hamburg DPA fined a company €105,000 for embedding Google Fonts without consent. The LG München I ordered a website to cease embedding Google Fonts via Google servers and pay €100 in damages to an individual complainant. Abmahnwellen (mass cease-and-desist campaigns) for missing Impressum or cookie-consent non-compliance are common, with typical Abmahnung costs of €500–€1,500.
Officiële bronnen
Check je website op Duitsland-vereisten
Onze scanner controleert automatisch op Duitsland-specifieke vereisten.