Office privacy policy

1. Who is responsible, who can you contact?

I, notary Dr. Lorenz Bülow, am responsible for the processing of your personal data. You can contact me or our data protection officer for all data protection inquiries as follows:

2. What data do I process and where does the data come from?

I process personal data that I receive from you or from third parties commissioned by you (e.g. lawyer, tax consultant, estate agent, bank), such as

• Personal data, e.g. first name and surname, date and place of birth, nationality, marital status; in individual cases your birth register number;
• Contact data, such as postal address, telephone and fax numbers, e-mail address;
• your tax identification number for real estate contracts;
• in certain cases, e.g. marriage contracts, wills, inheritance contracts or adoptions, also data on your family situation and your assets and, if applicable, information on your health or other sensitive data, e.g. because this serves to document your legal capacity;
• in certain cases also data from your legal relationships with third parties, such as file numbers or loan or account numbers at credit institutions.

I also process data from public registers, e.g. land registers, commercial registers and registers of associations.

3. For what purposes and on what legal basis is the data processed?

As a notary, I am the holder of a public office. My official duties are carried out in the performance of a task which is in the public interest in the proper administration of justice and thus in the public interest, and in the exercise of official authority (Art. 6 para. 1 sentence 1 letter e of the General Data Protection Regulation (GDPR)). Your data will be processed exclusively in order to carry out the notarial activity requested by you and any other persons involved in a transaction in accordance with my official duties, i.e. for the preparation of draft deeds, for the notarization and execution of deed transactions or for the provision of advice. The processing of personal data is therefore only ever carried out on the basis of the professional and procedural provisions applicable to me, which are essentially derived from the Federal Notarial Code and the Notarization Act. These provisions also give rise to the legal obligation for me to process the required data (Art. 6 para. 1 sentence 1 letter c GDPR). Failure to provide the data requested from you would therefore mean that I would have to refuse to (further) carry out the official transaction.

4. To whom do I pass on data?

As a notary, I am subject to a statutory duty of confidentiality. This duty of confidentiality also applies to all my employees and other persons commissioned by me. I may therefore only pass on your data if and insofar as I am obliged to do so in individual cases, e.g. due to notification obligations to the tax authorities, or to public registers such as the land registry, commercial or association registers, the central register of wills, the register of precautionary measures, courts such as probate, care or family courts or authorities. In the context of professional and official supervision, I may also be obliged to provide information to the Chamber of Notaries or my supervisory authority, which in turn are subject to an official duty of confidentiality. As processors, possible data recipients are our external IT system administrator and our notary software provider. Otherwise, your data will only be passed on if I am obliged to do so on the basis of declarations made by you or if you have requested the transfer.

5. Is data transferred to third countries?

Your personal data will only be transferred to third countries at your special request or if and insofar as a party to the deed is domiciled in a third country.

6. How long will your data be stored?

I process and store your personal data within the scope of my statutory retention obligations. According to Section 50 (1) of the Ordinance on the Keeping of Notarial Files and Directories (NotAktVV), the following retention periods apply to the retention of notarial documents

• Index of deeds, electronic collection of deeds, collection of inheritance contracts and special collection: 100 years,
• Paper-bound collection of documents, custody register and general files: 30 years,
• Collective file for bill of exchange and cheque protests and ancillary files: 7 years; the notary may stipulate a longer retention period in writing at the latest when last processing the content of the ancillary file, e.g. in the case of dispositions mortis causa or in the event of a risk of recourse; the stipulation may also be made in general for individual types of legal transactions, e.g. for dispositions mortis causa.

After expiry of the storage periods, your data will be deleted or the paper documents destroyed, unless I am obliged to store them for a longer period of time in accordance with Article 6 (1) sentence 1 letter c GDPR due to tax and commercial law storage and documentation obligations (from the German Commercial Code, Criminal Code, Money Laundering Act or the German Fiscal Code) as well as professional regulations for the purpose of conflict-of-law checks.

7. What rights do you have?

You have the right:

• to request information about whether I process personal data about you, if so, for what purposes I process the data and which categories of personal data I process, to whom the data may have been forwarded, how long the data may be stored and what rights you are entitled to (Art. 15 GDPR).
• to have inaccurate personal data concerning you that is stored by me corrected. You also have the right to have an incomplete data record stored by me completed (Art. 16 GDPR).
• to demand the deletion of personal data concerning you, provided that there is a legal reason for deletion (see Art. 17 GDPR) and the processing of your data is not required to fulfill a legal obligation or for other overriding reasons within the meaning of the GDPR.
• to demand that I only process your data to a limited extent, e.g. to assert legal claims or for reasons of important public interest, while I check your right to rectification or objection, for example, or if I reject your right to erasure (cf. Art. 18 GDPR).
• to object to the processing if this is necessary for me to perform my duties in the public interest or to exercise my public office, if there are reasons for the objection arising from your particular situation (Art. 21 GDPR).
• to contact the supervisory authorities with a data protection complaint. The supervisory authority responsible for me is: Der Bayerische Landesbeauftragte für den Datenschutz (BayLfD), Postfach 221219, 80502 München, Wagmüllerstraße 18, 80538 München, Tel. 089/2126720, poststelle@datenschutz-bayern.de.