Who is responsible, who can you contact?
We, the notaries, are responsible for processing your personal data. You can contact us or our data protection officer (datenschutzbeauftragter@notare-krebs-ackermann.de) via the notary's office for all data protection inquiries. All contact details can be found on this website under “Contact” or “Legal Notice.”

What data do we process and where does the data come from?
We process personal data that we receive from you or from third parties commissioned by you (e.g., lawyers, tax advisors, brokers, credit institutions), such as

• Personal data, e.g., first and last name, date and place of birth, nationality, marital status; in individual cases, your birth registration number;
• Contact details, such as postal address, telephone and fax numbers, e-mail address;
• your tax identification number for real estate contracts;
• in certain cases, e.g., for marriage contracts, wills, inheritance contracts, or adoptions, also data on your family situation and your assets, as well as, if applicable, information on your health or other sensitive data, e.g., because this serves to document your legal capacity;
• in certain cases, data from your legal relationships with third parties, such as file numbers or loan or account numbers at credit institutions.

We also process data from public registers, e.g., land registers, commercial registers, and association registers. 

For what purposes and on what legal basis is the data processed?
As notaries, we hold public office. Our official activities are carried out in the performance of a task that is in the public interest in the interests of orderly preventive administration of justice and thus in the public interest, and in the exercise of official authority (Art. 6 (1) sentence 1 letter e of the General Data Protection Regulation (GDPR)). 
Your data will be processed exclusively for the purpose of performing the notarial activities requested by you and, if applicable, other persons involved in a transaction in accordance with my official duties, i.e., for example, to draft deeds, to notarize and execute deeds, or to provide advice. The processing of personal data is therefore always carried out solely on the basis of the professional and procedural regulations applicable to us, which are essentially derived from the Federal Notary Code and the Notarization Act. These provisions also give rise to a legal obligation on our part to process the necessary data (Art. 6 (1) sentence 1 letter c GDPR). Failure to provide the data we request from you would therefore result in us having to refuse to (further) perform our official duties. 

To whom do we disclose data?
As notaries, we are subject to a legal duty of confidentiality. This duty of confidentiality also applies to all our employees and other agents.
We may therefore only disclose your data if and to the extent that we are obliged to do so in individual cases, e.g. due to reporting obligations to the tax authorities, or to public registers such as the land registry, commercial or association registers, the central register of wills, the pension register, courts such as probate, guardianship or family courts, or authorities (e.g. FIU). Within the scope of professional and supervisory oversight, we may also be obliged to provide information to the Chamber of Notaries, the Notary Fund, or our supervisory authority, which in turn are subject to an official duty of confidentiality. Possible data recipients may also include processors such as external IT system administrators, notary software providers, web hosts, and NotarNet GmbH.
Otherwise, your data will only be passed on if we are obliged to do so on the basis of statements you have made or if you have requested the transfer.

Communication via email (e.g., responding to inquiries, sending drafts) is possible. Outgoing emails are sent with transport encryption (“Start-TLS”), which protects the content of the email from unauthorized access by third parties during the transfer process from our mail server to your email provider's mail server. Please note that transport encryption can only be used if the server used by your email provider supports it.
Transport encryption only affects the transmission process and does not protect the content of the email from access to the mail servers. This means that unauthorized access by the email provider or a third party who has gained access to the mail servers is possible. End-to-end encryption to prevent this is not offered. Furthermore, it cannot be ruled out that the transport encryption may be decrypted and the content of the email accessed during the transmission process. You therefore have the option of objecting to email communication. In this case, communication will take place in writing by post.

Is data transferred to third countries?
Your personal data will only be transferred to third countries at your specific request or if and to the extent that a party to the deed is based in a third country.

How long is your data stored?
We process and store your personal data in accordance with our statutory retention obligations.
According to Section 50 of the Regulation on the Keeping of Notarial Files and Registers (NotAktVV), the following retention periods apply to the storage of notarial documents:

• Entries in the register of deeds, documents stored in the inheritance contract collection, documents stored in the special collection, documents stored in the electronic collection of deeds: 100 years,
• entries in the custody register, documents stored in the collection of deeds and documents stored in the general file: 30 years,
• Documents kept in the supplementary file: 7 years (pursuant to Section 52 (2) NotAktVV, the notary may specify in writing a longer retention period of up to 30 years, e.g., in the case of dispositions of property upon death or in the event of a risk of recourse; the determination may also be made generally for individual types of legal transactions, such as dispositions of property upon death). 

After the storage periods have expired, your data will be deleted or the paper documents destroyed (Section 35 (6) sentence 2 of the Federal Notary Code), unless we are obliged to store the data for a longer period for the purpose of conflict checks in accordance with Article 6 (1) sentence 1 letter c of the GDPR due to tax and commercial law storage and documentation obligations (from the German Commercial Code, Criminal Code, Money Laundering Act, or the Tax Code) and professional regulations for the purpose of conflict of law checks.

What are your rights?
You have the right:

• To request information about whether we process personal data about you, and if so, for what purposes we process the data and what categories of personal data we process, to whom the data may have been disclosed, how long the data may be stored, and what rights you have.
• have inaccurate personal data concerning you that is stored by us corrected. You also have the right to have us supplement any incomplete data records stored by us.
• To request the deletion of personal data concerning you, provided that there is a legally prescribed reason for deletion (cf. Art. 17 GDPR) and the processing of your data is not necessary to fulfill a legal obligation or for other overriding reasons within the meaning of the GDPR.
• To request that we only process your data to a limited extent, e.g. to assert legal claims or for reasons of important public interest, while we examine your claim for correction or objection, for example, or if we reject your claim for deletion (cf. Art. 18 GDPR).
• to object to processing, provided that this is necessary for us to perform our tasks in the public interest or to exercise our public authority, if there are reasons for the objection arising from your particular situation.
• to lodge a complaint with the supervisory authorities under data protection law. The competent supervisory authority for Bavarian notaries is the Bavarian State Commissioner for Data Protection, Wagmüllerstraße 18, 80538 Munich.

To exercise your rights and if you have any questions or complaints regarding the use of your personal data, you and the other data subjects can contact our data protection officer (email address above) at any time via the notary's office.