This right is made concrete in regard to universities in the North Rhine Westphalia Data Protection Act (German/DSG NRW). For federal authorities and non-public bodies the Federal Data Protection Act (German) applies.
The Data Protection Commissioner advises the university on the formation and selection of procedures for processing personal data and monitors compliance with the pertinent regulations when new procedures are introduced or existing ones changed. He must be involved from an early stage in the drafting of in-house regulations and measures regarding the processing of personal data and must monitor compliance with the data protection laws. He must also familiarise those persons engaged in processing personal data with the provisions of this legislation and the other data protection provisions and carry out prior vetting (cf. § 32a para. 1 DSG NRW).
Employees of the universities may contact the Commissioner directly at any time regarding data protection matters. The Commissioner is committed to keeping the identity of the person concerned secret as well as any facts that might enable conclusions to be drawn about this person, unless he is released of this obligation by the person concerned (cf. § 32a para. 4 DSG NRW).
The Data Protection Commissioner is:
D-53757 Sankt Augustin (Germany)
Tel: +49 2241 865 102
Fax: +49 2241 865 8102
You are hereby notified that an email addressed to me is categorically not confidential. Please address any post to "the Data Protection Commissioner". This post will not be opened before it reaches me.
Additional information can be found on the website of the State Commissioner for Data Protection and Freedom of Information of NRW (German) and the Federal Commissioner for Data Protection and Information Security (German).