top of page

Data Protection


Confidentiality is one of the most important professional obligations of notaries. For this reason alone, data protection is a top priority at notiq.

In the following, we provide you with general information about data processing in the context of our professional activities, especially regarding the exercise of our public office as notary (I.) and about data processing in the context of our website at ("website") (II.).

This information is intended to inform you about the processing of your personal data and your data protection rights.

Our practices comply with the requirements of the General Data Protection Regulation (Datenschutz-Grundverordnung, “GDPR”), the Data Protection Act and, the requirements governing the legal profession? (not sure about this). The type and scope of data processing depend on the services you request.

We have taken all necessary technical and organizational measures in order to ensure the best possible protection of the data processed via our website. Nevertheless, absolute security cannot always be guaranteed for Internet-based data transmissions. You always have the option of providing us with your personal data by alternative means, for example by post or in person.

I. General client information on data processing and data protection

1. Who is responsible, who can you contact?

We, lawyer and notary Roman Bärwaldt, lawyer and notary Professor Dr. Hagen Hasselbrink and lawyer and notary Dr. Sebastian Hoefling, all based in Berlin (each a "controller"), are responsible for the processing of your personal data. Each controller is the sole controller within the meaning of the data protection regulations for the area for which they are responsible. You can address all data protection inquiries directly to the respective controller or to our data protection officer (in this case, please contact the data protection officer), by post at the address notiq, SpreeDreieck, Friedrichstrasse 140, 10117 Berlin, by telephone on +49 30 1663809-20, by fax on +49 30 1663809-40 or by e-mail at or to the data protection officer.

2. What data is processed and where does the data come from?

We process personal data that we receive from you or from third parties commissioned by you (e.g. lawyer, tax consultant, estate agent, bank), such as


  • Personal data, e.g. first name and surname, date and place of birth, nationality, marital status; in individual cases your birth register number

  • Contact details, e.g. postal address, telephone and fax numbers, e-mail address

  • Your tax identification number in the case of real estate contracts

  • Marriage contracts, wills, inheritance contracts or adoptions, also data on your family situation, assets and, if applicable, information on your health or other sensitive data because this serves to document your legal capacity

  • Data from your legal relationships with third parties, such as document numbers, loan or account numbers at credit institutions.


We also process data from public registers, such as land registers, commercial registers and registers of associations.

3. For what purposes and on what legal basis is the data processed?

As notaries, we are holders of a public office. The official activity is carried out in the performance of a task which is in the public interest in the orderly and preventive administration of justice and thus in the public interest, and in the exercise of official authority (Art. 6 para. 1 sentence 1 lit. e GDPR).


Your data will be processed exclusively in order to carry out the notarial activity requested by you and any other persons involved in a transaction in accordance with our official duties, i.e. for the preparation of draft deeds, for the notarization and execution of deed transactions or for the provision of advice. Personal data is therefore only ever processed on the basis of applicable professional and procedural regulations, which are derived from the Federal Notarization Ordinance (Bundesnotarordnung, BNotO) and the Notarization Act (Beurkundungsgesetz, BeurkG). These provisions also result in the legal obligation to process the required data (Art. 6 para. 1 sentence 1 lit. c GDPR). Failure to provide the data requested from you would lead to the (further) execution of the official transaction being refused.

The legal basis for data processing in connection with the activities of those responsible as lawyers is Art. 6 para. 1 sentence 1 lit. b GDPR. Your data will be processed in this respect for the establishment and execution of the client relationship. This requires the provision of your personal data. If you do not provide your personal data, it may not be possible to establish and execute the client relationship.

4. To whom is data passed on?

As notaries, we are subject to a statutory duty of confidentiality. This duty of confidentiality also applies to all our employees and other persons commissioned by us.

We may therefore only pass on your data if and insofar as we are obliged to do so in individual cases, e.g. due to notification obligations to the tax authorities, or to public registers such as the land registry, commercial or association registers, the central register of wills, the register of precautionary measures, courts such as probate, care or family courts or authorities. In the context of professional and service supervision, we may also be obliged to provide information to the Chamber of Notaries or our service supervisory authority, which in turn are subject to an official duty of confidentiality. As processors, possible data recipients are our external IT system administrator, notary software provider, web host and NotarNet GmbH.

Otherwise, your data will only be passed on if we are obliged to do so on the basis of declarations made by you or if you have requested the transfer.

5. Will data be transferred to third countries?

Your personal data will only be transferred to third countries at your special request or if and insofar as a party to the deed is domiciled in a third country.

6. How long will your data be stored?

We process and store your personal data in accordance with our statutory retention obligations.


According to section 50 para. 1 of the Ordinance on the Keeping of Notarial Records and Directories (Verordnung über die Führung notarieller Akten und Verzeichnisse, NotAktVV), the following retention periods apply to the retention of notarial documents:


  • Deed directory, electronic collection of deeds, collection of inheritance contracts and special collection: 100 years,

  • Paper-based collection of deeds, register of safe custody and general files: 30 years,

  • Collection file for bill of exchange and cheque protests and ancillary files: seven years; the notary may specify a longer retention period in writing, e.g. for dispositions mortis causa or in the event of a risk of recourse, at the latest when the content of the ancillary file is last processed; the provision can also be made in general for individual types of legal transactions, e.g. for dispositions mortis causa.



After expiry of the retention periods, your data will be deleted or the paper documents destroyed, unless we are obliged to store them for a longer period in accordance with Article 6 para. 1 sentence 1 lit. c GDPR due to retention and documentation obligations under tax and commercial law (from the Commercial Code (Handelsgesetzbuch, HGB), Criminal Code (Strafgesetzbuch, StGB), Anti Money Laundering Act (Geldwäschegesetz, GwG) or the Fiscal Code (Abgabenordnung, AO)) and professional regulations for the purpose of conflict-of-law checks.

7. What rights do you have?

You have the right to


  • Request information about whether we process personal data about you, if so, for what purposes we process the data and which categories of personal data we process, to whom the data may have been forwarded, how long the data may be stored and what rights you are entitled to (Art. 15 GDPR)

  • Have inaccurate personal data concerning you that is stored by us corrected. You also have the right to have an incomplete data record stored by us completed by us (Art. 16 GDPR)

  • Request the erasure of personal data concerning you, provided that there is a statutory reason for erasure (see Art. 17 GDPR) and the processing of your data is not necessary for compliance with a legal obligation or for other overriding reasons within the meaning of the GDPR

  • Demand that we only process your data to a limited extent, e.g. for the assertion of legal claims or for reasons of important public interest, while we check your right to rectification or objection, for example, or if we reject your right to erasure (see Art. 18 GDPR)

  • Object to processing where this is necessary for the performance of tasks carried out in the public interest or for the exercise of official authority vested in us, if there are grounds for the objection arising from your particular situation (Art. 21 GDPR)

Contact the supervisory authorities with a data protection complaint. The supervisory authority responsible for us is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, telephone: +49 30 13889-0, fax: +49 30 2155050, e-mail: The complaint can be lodged with any supervisory authority, regardless of independence.

II. Information on accessing the website (data protection declaration)

We take the protection of your personal data seriously. In this data protection declaration, we would like to inform you in detail about which data of the users of this website is collected, processed and used for which purposes.

1. Who is responsible for your data?

The respective controller is responsible for the lawful collection, processing and use of your data.

2. What data is collected and for what purposes?

2.1 Usage data

When you visit this website, the server automatically saves various data. This includes



  • Date and time of the request

  • Name of the requested file

  • Page from which the file was requested

  • The browser type and version used

  • The operating system used

  • Access status (file transferred, file not found, etc.)

  • Complete IP address of the requesting computer

  • If applicable, the link through which you reached the page

  • Amount of data transferred.



This usage data is used to make the website accessible to you, to identify and rectify any technical problems that may occur and to prevent and, if necessary, prosecute any misuse of the website. In addition, the usage data is used in anonymized form, i.e. without the possibility of identifying you as a user, for statistical purposes and to improve our website.

2.2 Data that you transmit to us

On our website, you have the option of contacting us (e.g. via the contact form). This form of contact via the website is in unencrypted form. If you wish to contact us in encrypted form, please contact us in encrypted form by e-mail. The personal data that you transmit to us in this context will be used exclusively to process your respective inquiries.

2.3 Legal basis

The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. c, e or f GDPR or Art. 6 para. 1 sentence 1 lit. b GDPR if the contact is aimed at the conclusion of a contract.

3. Cookies, tracking measures and analysis tools, social media plugins, maps

3.1 Cookies

We use cookies on our website. Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity.


On the one hand, the use of cookies serves to make the use of our website more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.



In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time.


The data processed by cookies is required for the purposes mentioned to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.


If you have given your consent on our website, we also use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you (see below). These cookies enable us to automatically recognize that you have already visited our website when you visit it again. These cookies are automatically deleted after a defined period of time (14 months).

3.2 Tracking measures and analysis tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the corresponding tracking tools.


We use Google Analytics, a web analysis service of Google Inc. ( (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google") for the purpose of designing and continuously optimizing our pages to meet your needs. In this context, pseudonymized user profiles are created and cookies are used. The information generated by the cookie about your use of this website, such as


  • Browser type/version;

  • Operating system used;

  • Referrer URL (the previously visited page);

  • Host name of the accessing computer (IP address);

  • Time of the server request;



are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that an assignment is not possible (IP masking).


You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website.



You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (



As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link ( An opt-out cookie is set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.



Further information on data protection in connection with Google Analytics can be found in the Google Analytics help section (


The transfer of your information to a third country outside the EU is covered by an adequacy decision of the Commission (C/2016/4176 of July 12, 2016) within the meaning of Art. 45 GDPR, because Google has undertaken to comply with the principles of the EU-US Privacy Shield. Google acts for us as a processor within the meaning of Art. 28 GDPR.

3.3 Social media plugins

We use social media plugins from the following providers on our website:


LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA (“LinkedIn”).


We use the so-called Shariff solution. This means that when you visit our website, no personal data is initially passed on to the providers of the plugins. You can recognize the provider of the plugin by the name of the respective plugin and the logo. We give you the opportunity to communicate directly with the provider of the plugin via the button. Only if you click on the button and thereby activate it will the plugin provider receive the information that you have accessed the corresponding website of our online offering. By activating the plugin, your personal data is therefore transmitted to the respective plugin provider and stored there (in the USA in the case of US providers). The transfer of your information to a third country outside the EU is covered by an adequacy decision of the Commission (C/2016/4176 of July 12, 2016) within the meaning of Art. 45 GDPR, because LinkedIn has submitted to the EU-US Privacy Shield. As the plug-in provider collects data via cookies in particular, we recommend that you delete all cookies via your browser's security settings before clicking on the button.


We have no influence on the data collected and data processing operations, nor are we aware of the full extent of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.



The plug-in provider stores the data collected about you as usage profiles and uses these for the purposes of advertising, market research and/or the needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. We offer you the opportunity to interact with the social networks and other users via the plugins so that we can improve our offering and make it more interesting for you as a user.




The legal basis for the use of the plugins is Art. 6 para. 1 sentence 1 lit. f GDPR. The plugins serve to make our law firm better known via selected social media channels. This advertising purpose is our legitimate interest in data processing, which you also trigger yourself through a deliberate action (click on the button).


Data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be directly assigned to your existing account with the plug-in provider. If you click the activated button and, for example, link the page, the plug-in provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid being assigned to your profile with the plug-in provider.




Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.



3.4 Google Maps

Google Maps API, a map service of Google, is integrated on this website to display an interactive map. By using Google Maps, information about your use of this website (including your IP address) may be transmitted to a Google server in the USA and stored there. By scrolling down and using the Google Maps features embedded on this website, you consent to the collection, processing and use of the data collected automatically and the data you enter by Google, one of its representatives or third-party providers in accordance with the Google Maps Terms of Use and the Google Privacy Policy. The data processing by Google is based on Art. 6 para. 1 sentence 1 lit. a GDPR.


It would be technically possible for Google to identify at least individual users on the basis of the data received. It would also be possible for personal data and personal profiles of users of the website to be processed by Google for other purposes. This and the fact that data is transferred to the USA is problematic for data protection reasons.


You have the option of deactivating the Google Maps service in a simple way and thus preventing the transfer of data to Google: To do this, deactivate JavaScript in your browser.

4. When is data passed on to third parties?

Your data will only be passed on to third parties without your express consent if there is an obligation to do so by law or an official or court order.

5. Where is your data stored?

The processing of your personal data on this website is carried out by the operator through the service provider Ltd., based in Tel Aviv and with an office at 500 Terry A. Francois Boulevard, San Francisco, California, 94158, USA. independently manages its servers in both Europe and the USA. For more information on data protection, please refer to the privacy policy at: Regarding data processing in the USA, ensures compliance with the level of data protection according to the Privacy Shield agreement, which can be viewed at

6. How long will your data be stored?

Personal data will be deleted when it is no longer required for the purposes described in this statement, unless statutory provisions require longer storage.

7. How secure is your data?

We use technical and organizational security measures to protect your data processed by us and continuously improve this protection in line with technological developments.

8. What rights do you have with regard to the processing of your data?

You and any other persons affected by the use of your data have the right to information about the personal data stored by us and, if the relevant legal requirements are met, the right to rectification, erasure or restriction of processing.


You and the other data subjects also have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format. This includes the right to transmit this data to another controller. If technically feasible, you and the other data subjects may also request that the personal data be transmitted directly to the other controller from the aforementioned date.


You and the other data subjects can contact our data protection officer in confidence at any time to exercise your aforementioned rights and if you have any questions or complaints regarding the use of your personal data.



You and the other persons concerned can also contact the responsible supervisory authority with complaints about the use of data by us:


Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstrasse 219, 10969 Berlin, telephone: +49 30 13889-0, fax: +49 30 2155050, e-mail:

9. Topicality of this data protection declaration

This data protection declaration is valid as of December 2023. Due to the further development of our website, changes to the underlying data processing or due to changes in legal requirements, it may become necessary to amend this data protection declaration. The current version can be accessed and printed out at any time on our website

10. Delete Cookies

bottom of page