Privacy Policy
I. Lawyers of HFK Rechtsanwälte Heiermann Franke Knipp und Partner mbB
1. Name and contact details of the controller and the company data protection officer
This data protection information applies to data processing by:
Controller: HFK Rechtsanwälte Heiermann Franke Knipp und Partner mbB (hereinafter: HFK), Maximilianstrasse 29, D-80539 München, Germany, email: muenchen@hfk.de, phone: +49 (0)89 291930-0, fax: +49 (0)89 291930-28.
HFK's company data protection officer, Mr Martin Wodianka, can be contacted at the above address or at datenschutz@hfk.de.
2. Collection and storage of personal data and the type and purpose of their use
When you access our website, information is automatically sent to our website server by the browser used on your device. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until automatic deletion:
IP address of the requesting computer;
date and time of access;
name and URL of the file accessed;
the website from which the access was made (referrer URL);
the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The aforementioned data is processed by us for the following purposes:
ensuring a smooth connection setup of the website;
ensuring comfortable use of our website;
evaluating system security and stability;
other administrative purposes.
The legal basis for the data processing is Art. 6 para. 1 cl. 1 lit. f General Data Protection Regulation (GDPR). Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
In addition, our website uses cookies and analytics services when you visit our website. You can find more detailed explanations on this under sections 4 and 5 of this data protection declaration.
3. Transfer of data
We do not transfer your personal data to third parties for purposes other than those listed below.
We only pass on your personal data to third parties if:
- you have given your express consent in accordance with Art. 6 para. 1 cl. 1 lit. a GDPR;
- the disclosure is necessary for the assertion, exercise, or defence of claims in accordance with Art. 6 para. 1 cl. 1 lit. f GDPR and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data;
- if there is a legal obligation to disclose your data pursuant to Art. 6 para. cl. 1 lit. c GDPR, as well as if this is legally permissible and necessary for the processing of contractual relationships with you pursuant to Art. 6 para. cl. 1 lit. b GDPR;
- or the transfer takes place and is justified within the framework of website analytics, in accordance with section 5 of this data protection declaration.
4. Cookies
Our website uses cookies. These are small files that are automatically created by your browser and stored on your device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage to your device and do not contain any viruses, Trojans, or other malware.
Consent to the use of cookies is voluntary, therefore not necessary for the use of this website, and can be revoked at any time by undoing the relevant settings in the cookie window.
Each cookie stores information that arises in each case in connection with the specific device used. However, this does not mean that we gain direct knowledge of your identity.
The use of cookies serves on one hand to make the use of our services more pleasant for you. We use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted after you leave our site. In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your device for a certain fixed period. If you visit our site again to use our services, the website automatically recognises that you have already been to our site, and which entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to record the statistics from the use of our website and to evaluate it for the purpose of optimising our services for you (see section 5). These cookies enable us to automatically recognise that you have already been to our website when you visit it again. These cookies are automatically deleted after a defined period.
The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 cl. 1 lit. f GDPR.
Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your device, or a notice always appears before a new cookie is created. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.
5. Analytics tool
The tracking measures listed below and used by us are carried out based on Art. 6 para. 1 cl. 1 lit. f GDPR. With these tracking measures, we want to ensure a needs-based design and the ongoing optimisation of our website. Furthermore, we use the tracking measures to record the statistics from the use of our website and to evaluate it for the purpose of optimising our services for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
Google Analytics
For needs-based design and continuous optimisation of our pages, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about; 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised usage profiles are created and cookies are used (see under section 4). The information generated by the cookie about your use of this website such as the:
- browser type/version,
- operating system used,
- referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of the server request,
are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and internet use for the purposes of market research and needs-based design of these web pages. This information may also be transferred to third parties if this is required by law, or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an allocation is not possible (IP masking).
You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=en).
6. Data subject rights
You have the following rights:
- To request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and if applicable, meaningful information about its details.
- In accordance with Art. 16 GDPR, to request the correction of incorrect or incomplete personal data stored by us without delay.
- In accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defence of legal claims.
- Pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
- Pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common, and machine-readable format or to request that it be transferred to another controller.
- To revoke your consent at any time in accordance with Art. 7 para. 3 GDPR. This has the consequence that we may no longer continue the data processing based on this consent in the future.
- To complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office for this purpose.
7. Right of objection
If your personal data is processed based on legitimate interests pursuant to Art. 6 para. 1 cl. 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds for doing so that arise from your particular situation, or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.
If you would like to make use of your right of revocation or objection, simply send an email to datenschutz@hfk.de.
8. Data security
We use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or against unauthorised access by third parties. Our security measures are continually improved in line with technological developments.
9. Currentness and amendment of this data protection declaration
This data protection declaration is currently valid and has the status of May 2018.
Due to the further development of our website and range of services offered on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection statement at any time on the website at www.hfk.de/datenschutz.
II. Notary's office of HFK Rechtsanwälte Heiermann Franke Knipp und Partner mbB
1. Name and contact details of the data controller and the company data protection officer
The notaries of HFK Rechtsanwälte Heiermann Franke Knipp und Partner mbB (hereinafter: HFK) are responsible for the processing of your personal data in each of the mandates they handle themselves. Currently, our notary is Michael Köhn, working from his office in Berlin. You can contact the respective persons responsible for all data protection enquiries as follows:
Responsible Parties
Notary Michael Köhn
HFK Rechtsanwälte Heiermann Franke Knipp und Partner mbB
Knesebeckstrasse 1
D-10623 Berlin
Email: koehn@hfk.de
Phone: +49 30 / 318675-49
Fax: +49 30 / 318675-29
Data Protection Officer
Mr Martin Wodianka
Maximilianstrasse 29
D-80539 München
Phone: +49 89 / 291930-11
Fax: +49 89 / 291930-22
datenschutz@hfk.de
2. Data processing, origin of data
I process personal data, which I receive from you or from third parties commissioned by you (for example lawyer, tax advisor, real estate agent, credit institution), such as:
- personal data, for example first name and surname, date and place of birth, nationality, marital/civil status;
- in individual cases your birth registration number;
- contact data, for example postal address, telephone and fax numbers, email address;
- in the case of real estate contracts, your tax identification number;
- in certain cases, for example in the case of marriage contracts, wills, inheritance contracts or adoptions, data about your family situation and your assets, if applicable;
- information on your health or other sensitive data, for example because these serve to document your legal capacity;
- in certain cases, data from your legal relationships with third parties, such as file numbers or loan or account numbers with credit institutions.
I also process data from public registers, for example land register, commercial registers, and registers of associations.
3. Legal basis and purpose of data processing
As a notary, I hold a public office. My official activities are carried out in the performance of a task which is in the interest of the public (an orderly preventive administration of justice and thus in the public interest) and in the exercise of official authority (Art. 6 para. 1 cl. 1 lit. e GDPR).
Your data will be processed exclusively to carry out the notarial activity requested by you and, if applicable, other persons involved in a transaction, in accordance with my official duties, that is for the preparation of draft deeds, for the notarisation and execution of deeds, or for the performance of consultations.
Personal data is therefore only ever processed based on the professional and procedural provisions applicable to me, which are essentially derived from the Federal Notaries' Act (Bundesnotarordnung) and the Notarisation Act (Beurkundungsgesetz). At the same time, these provisions also result in the legal obligation for me to process the required data (Art. 6 para. 1 cl. 1 lit. c GDPR). Failure to provide the data requested from you would therefore result in me having to refuse to continue my official duties.
4. Disclosure of data
As a notary I am subject to a legal duty of confidentiality. This duty of confidentiality also applies to all my employees and other persons commissioned by me.
I may therefore only pass on your data if and insofar as I am obliged to do so in individual cases, for example based on notification obligations towards the tax authorities, or to public registers such as the Land Registry, Commercial Register or Register of Associations, Central Register of Wills, Register of Enduring Powers of Attorney, courts such as the Probate, Guardianship or Family Court or authorities. Within the scope of professional and official supervision, I may also be obliged to provide information to the Chamber of Notaries or my official supervisory authority, which in turn are both subject to an official duty of confidentiality. As order processors, possible data recipients are the external IT system administrator, notary software provider, web host, and NotarNet GmbH, with whom a duty of confidentiality has been agreed.
Otherwise, your data will only be passed on if I am obliged to do so, based on declarations made by you, or if you have requested that it be passed on.
5. Transfer of data to third countries
Your personal data will only be transferred to third countries at your specific request, or if and insofar as, a party to the deed is domiciled in a third country.
6. Duration of data storage
I process and store your personal data within the scope of my statutory retention obligations.
According to Section 50 para. 1 of the and the Ordinance on the Maintenance of Notarial Files and Registers (Verordnung über die Führung notarieller Akten und Verzeichnisse), the following retention periods apply to the retention of notarial records:
- Register of notarial deeds, electronic collection of deeds, collection of inheritance contracts and special collection: 100 years
- Paper-based collection of deeds, custody register and general files: 30 years
- Collective file for bill of exchange and cheque protests and ancillary files: 7 years; the notary may determine a longer retention period in writing no later than the last time the content is processed, for example in the case of dispositions on death or in the event of recourse; the determination may also be made generally for individual types of legal transactions such as dispositions on death.
After the storage periods have expired, your data will be deleted or the paper documents destroyed, unless I am obliged to store them for a longer period in accordance with Art. 6 para. 1 cl. 1 lit. c GDPR due to storage and documentation obligations under tax and commercial law (from the German Commercial Code (Handelsgesetzbuch), Criminal Code (Strafgesetzbuch), Money Laundering Act (Geldwäschegesetz) or the German Fiscal Code (Abgabenordnung), as well as professional regulations for the purpose of collision checks.
7. Right to information
You have the following rights:
- To request information on whether I process personal data about you, if so, for what purposes I process the data and which categories of personal data I process, to whom the data has been forwarded if applicable, how long the data is to be stored if applicable, and what rights you are entitled to.
- To have inaccurate personal data, which is stored by me, corrected. You also have the right to have me complete an incomplete data record, which is stored by me.
- To request deletion of the personal data concerning you if there is a legally provided reason for deleting it (Art. 17 GDPR), and processing your data is not required for the fulfilment of a legal obligation or for other overriding reasons within the meaning of the GDPR.
- To demand that I process your data only in a restricted manner, for example to assert claims or for reasons of important public interest, while I am, for example, examining your claim for rectification or objection or, if applicable, if I reject your claim for erasure (Art. 18 GDPR).
- To object to processing where it is necessary for me to carry out my tasks in the public interest or to exercise my public office, if there are grounds for the objection arising from your particular situation.
- To contact the supervisory authorities with a data protection complaint. The supervisory authority responsible for me is the Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstrasse 219, D-10969 Berlin, phone: +49 (0)30 13889-0, fax: +49 (0)30 2155050, email: mailbox@datenschutz-berlin.de.
- The complaint can be lodged with any supervisory authority, regardless of jurisdiction.