It seems to get better of late, but slowly. We can get an idea about how GDPR is handled across the EU in the GDPR enforcement tracker or in the GDPR Trap Map. Amongst others, the latter says for example:
Departing from the standard in most procedural laws in Germany, Article 20 of the Bavarian Data Protection Law codifies that a complainant may not get access to the files in a complaints procedure.
This means that the data subject is very much limited in effectively challenging wrong arguments by the controller. The provision seems to violate fair procedures rights.
Edit for an addition: There are many sites to check a website’s GDPR compliance, e.g. Fathom’s, and to find trackers and cookies there is also The Markup’s Blacklight. I’m not aware whether these tools are known by everyone already.
It seems to get better of late, but slowly. We can get an idea about how GDPR is handled across the EU in the GDPR enforcement tracker or in the GDPR Trap Map. Amongst others, the latter says for example:
Edit for an addition: There are many sites to check a website’s GDPR compliance, e.g. Fathom’s, and to find trackers and cookies there is also The Markup’s Blacklight. I’m not aware whether these tools are known by everyone already.