Who is the Data Protection Authority in Austria?

The Data Protection Authority in Austria is the Datenschutzbehörde (DSB). You can reach them at https://www.dsb.gv.at/

How can I check if my Austria website is GDPR compliant?

You can use PrivacyChecker's free GDPR scanner to instantly audit your website. It checks cookie consent, privacy policy, security headers, and 25+ compliance points relevant to Austria's data protection requirements.

PrivacyChecker

🇦🇹

GDPR Compliance in Austria

Österreich · Datenschutzgesetz (DSG)

TL;DR

Websites targeting users in Austria must comply with GDPR as implemented locally through the Datenschutzgesetz (DSG). The supervisory authority is the Datenschutzbehörde (DSB). Notable enforcement: Austrian Post fined for profiling voters (€18 million). Use our free scanner below to check your website instantly.

Check your website's Austria compliance now

Free audit — 25+ automated checks in 60 seconds

Scan My Website Free →

Data Protection Authority

Authority

Datenschutzbehörde (DSB)

Website

www.dsb.gv.at ↗

Local Law

Datenschutzgesetz (DSG)

Language

German

Largest Fine

€18 million

Population

9.1 million

Key Requirements for Austria

Google Analytics was ruled non-compliant by DSB in landmark 2022 decision

Explicit consent required before any analytics tracking

DPO required for regular and systematic monitoring at scale

Must ensure EU-adequate data transfer mechanisms

Cookie consent cannot be bundled with terms acceptance

Data subjects can lodge complaints directly with DSB

What Makes Austria Different?

Austria's DSB issued the groundbreaking ruling that Google Analytics violates GDPR due to US data transfers, following the Schrems II decision. This ruling cascaded across Europe and forced many websites to reconsider their analytics setup.

Austria Website Compliance Checklist

☐

Cookie consent banner that requires opt-in before non-essential cookies

☐

Clear identification of data controller and contact details

☐

Data Processing Agreement (DPA) with all third-party processors

☐

Lawful basis documented for each processing activity

☐

Data Subject Access Request (DSAR) process in place

☐

Data breach notification procedure compliant with 72-hour rule

☐

Data Protection Impact Assessment for high-risk processing

☐

International data transfer mechanisms documented (SCCs, adequacy decisions)

☐

Records of processing activities (ROPA) maintained

Frequently Asked Questions

What are the GDPR requirements for websites in Austria?

In Austria, websites must comply with GDPR as implemented by the Datenschutzgesetz (DSG). Key requirements include obtaining explicit consent before setting non-essential cookies, providing a clear privacy policy, appointing a DPO when required, and notifying data breaches within 72 hours to the Datenschutzbehörde (DSB).

Who enforces GDPR in Austria?

The Datenschutzbehörde (DSB) is the supervisory authority responsible for enforcing data protection laws in Austria. They can investigate complaints, conduct audits, and issue fines up to €20 million or 4% of annual global turnover.

How can I check if my website complies with Austria data protection laws?

Use PrivacyChecker's free scanner to perform an instant audit of your website. Our tool checks 25+ compliance points including cookie consent, privacy policy presence, security headers, tracker detection, and more — all relevant to Austria's GDPR requirements.

Is your website compliant in Austria?

Find out in 60 seconds with our free GDPR scanner

Run Free Audit →

GDPR Compliance in Other Countries

🇩🇪Germany 🇫🇷France 🇳🇱Netherlands 🇪🇸Spain 🇮🇹Italy 🇧🇪Belgium 🇵🇱Poland 🇸🇪Sweden