Information on Data Protection - Notary
1. Data protection responsibility and contact details
In accordance with Art. 4(7) GDPR, the notaries Klaus Beine and Dr Claudia-Maria Wirth in Frankfurt am Main and the notaries Dr Thomas Puffe, Robin Maletz, Dr Bernhard Schultz, and Dr Eva Kreibohm in Berlin are the data controllers in relation to the personal data processed by their respective offices. Each of them acts as sole controller within their sphere of responsibility, i.e. the notarial services provided by their own offices. If you have any questions about data protection and/or privacy issues with regard to our notaries and their services, please contact either the notary directly or our data protection officer.
Mainzer Landstrasse 36, 60325 Frankfurt am Main
Phone: 069 756095-0
Notary Klaus Beine
Notary Dr Claudia-Maria Wirth
Luetzowplatz 10, 10785 Berlin
Phone: 030 264 71-0
Notary Dr Thomas Puffe
Notary Robin Maletz
Notary Dr Bernhard Schultz
Notary Dr Eva Kreibohm
Data Protection Officer:
BEITEN BURKHARDT Rechtsanwaltsgesellschaft mbH,
Phone: 0211 518989-144
2. Information the notaries may collect and process
The notaries process personally identifiable information provided either by yourself or by a third party on your behalf (lawyers, tax advisors, real estate agents, banks, etc), such as
- data relating to your identity, including first and last names, date and place of birth, nationality, marital status, your birth registration number, as required,
- contact details, including your postal address, telephone number, e-mail address,
- your tax identification number if you are a party to a real estate sales and purchase agreement,
- in some cases, for example where matrimonial agreements, wills, inheritance contracts or adoptions are notarised, information relating to your family situation, your financial circumstances and, where required, your health condition or other sensitive data because such data may be needed to document your capacity to sign these legal documents,
- in some cases data relating to your legal relationships with third parties, such as file references or loan and account numbers from banks.
The notaries also process information obtained from public records, for instance from the land title register, the commercial register and the register of associations.
3. What the notaries use your data for and on what legal basis they process the information
Notaries hold public offices. They carry out their work in the public interest of proper administration of justice for preventive purposes and in the exercise of official authority (Art. 6(1)(e) GDPR).
Your data are processed exclusively to perform the notarial services requested by yourself or other parties who may be involved in the transaction. These services may include drafting deeds, documenting transactions in notarial deeds and overseeing the closing process, rendering advice. Personal data are always processed in accordance with the professional and procedural rules and requirements applying to notaries and their work, primarily the German Federal Act on Notaries (Bundesnotarordnung) and the German Notarisation Act (Beurkundungsgesetz). These laws also stipulate the obligation to process necessary data (see Art. 6(1)(c) GDPR). Your failure to provide information requested by a notary means that the notary will have to refuse any (further) work on this matter.
4. Disclosure of information
The law puts notaries under a confidentiality obligation. This confidentiality obligation extends to all their employees and any other agent employed by them.
A notary may disclose your data only if and to the extent the notary is obliged to do so in the specific case. A notary may, for instance, have to notify tax authorities or file information for registration in public registers like land title registers, commercial registers or registers of associations, the central register of wills, the register of lasting powers of attorney, or to file such information with courts like a probate court, a guardianship court, a family court, or with a government authority. For the purpose of supervision, the notary may also be required to provide information to the German Chamber of Notaries or the oversight body, who are themselves bound to confidentiality.
Beyond this, your data will only be disclosed if the notary is required to do so as a result of declarations you have made or because you have requested such disclosure.
5. Transmission of information to third countries
Your personal data will only be transmitted to third countries if you specifically request such transmission or if and to the extent that a party involved in the transaction resides in a third country.
6. How long your data will be stored for
The notaries will process and store your personal data in accordance with their legal retention obligations.
According to section 5(4) of the German Administrative Directive for Notaries (Dienstordnung für Notarinnen und Notare, "DONot") the following retention periods apply to notarial documents:
- registers of deeds, registers of inheritance contracts, name indexes relating to registers of deeds and collections of deeds, including inheritance contracts stored separately (section 18(4) DONot): 100 years
- escrow journals, escrow ledgers and related name indexes, list of escrow accounts, master files: 30 years
- secondary files: 7 years
Notaries may make a written decision to extend the retention period in certain events like a testamentary disposition or a recourse risk. Such decision may also be made for certain categories of legal matters, for example for testamentary dispositions in general.
Once the retention period has expired, your data will be erased and paper documents will be destroyed, unless the notary must retain them to comply with requirements under Art. 6(1)(c) GDPR, the German Commercial Code (Handelsgesetzbuch), the German Criminal Code (Strafgesetzbuch), the German Anti-Money Laundering Act (Geldwäschegesetz) or the German Fiscal Code (Abgabenordnung), and with regulatory requirements regarding conflict checks.
7. The rights you have
You have the right to:
- request information on whether the notary processes your personal data and, where that is the case, on the purpose of the processing, the categories of personal data that are processed, to whom the information is transmitted, for how long the information will be stored, and what rights you have.
- have corrected any inaccuracies of your personal data that have been stored at the notary's office. You also have the right to completion of an incomplete data set stored at the notary's office.
- request erasure of your personal data if there is a statutory ground to do so (see Art. 17 GDPR) and the processing of your data is not required to comply with a legal obligation or any overriding legitimate grounds within the meaning of the GDPR.
- request the notary to restrict the processing of your data, for example to their use for the establishment of legal claims or for reasons of important public interest while the notary checks your entitlement to rectification or objection or if the notary rejects your request for erasure (see Art. 18 GDPR).
- object to the processing where such processing is necessary to allow the notary to carry out the notary's tasks in the public interest or exercise the notary's official functions if there are legitimate grounds for the objection arising from your specific situation;
- contact the data protection authorities to file a complaint. The competent authority for the notaries in Berlin is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Friedrichstr. 219, 10969 Berlin, telephone: +49 30 13889-0, facsimile: +49 30 2155050, e-mail: firstname.lastname@example.org, and for the notaries in Frankfurt am Main The Hessian Commissioner for Data Protection and Freedom of Information (Der Hessische Beauftragte für Datenschutz und Informationsfreiheit), Gustav-Stresemann-Ring, 65189 Wiesbaden, telephone: +49 611 1408-0, facsimile: +49 611 1408-611, e-mail: email@example.com.
The complaint may be filed with any data protection authority, regardless of whether the authority is locally responsible.