Data Protection Officer
Every authority in the European Union is required by data protection law (Article 37 of the General Data Protection Regulation) to appoint a person as data protection officer. This person monitors compliance with data protection laws when processing personal data. He/she is obligated to maintain special confidentiality.
In companies, a data protection officer must be appointed insofar as at least 20 persons are generally permanently employed there with the automated processing of personal data (Section 38 of the Federal Data Protection Act).
The data protection officer at your Authority or institution can help you with specific questions about data protection. You can find the relevant contact details here. There you will also find the person responsible for information security.