The protection of your personal data is important to us. Your data will be protected in accordance with legal requirements. This is ensured, among other things, by a data protection officer who is appointed and trained for this purpose.
General information about how we process your data
Below you will find information about what data we collect and how we use it:
Name and contact details of the data controller and the company data protection officer
This privacy policy applies to data processing by:
Responsible:
Notary Dr. Jens Heinig
Poststraße 6
40789 Monheim am Rhein
Phone: +49 (0) 2173 39 39 95 91-0
info@notar-heinig.de
Internet: https://www.notar-heinig.de/
Our data protection officer is:
Notary Dr. Jens Heinig
for the attention of the Data Protection Officer
Mr. Paul Göde
Poststraße 6
40789 Monheim am Rhein
Phone: +49 (0) 2173 (0) 2173 39 95 91 91 27
E-Mail: goede@notar-heinig.de
Internet: https://www.notar-heinig.de/
What data do I process and where does the data come from?
I process personal data that I receive from you or from third parties commissioned by you (e.g. solicitors, tax advisors, estate agents, credit institutions, banks), such as
- Personal data, e.g. first name and surname, date and place of birth, nationality, marital status; in individual cases, your birth registration number;
- Contact details, such as postal address, telephone and fax numbers, email address;
- in certain cases, e.g. in the case of marriage contracts, wills, inheritance contracts or adoptions, also data on your family situation and your assets, as well as, where applicable, information on your health or other sensitive data, e.g. because this serves to document your legal capacity;
- for property contracts, your tax identification number;
- in certain cases, data from your legal relationships with third parties, such as file numbers or loan or account numbers at credit institutions.
- I also process data from public registers, e.g. land registers, commercial registers and association registers.
On what legal basis and for what purposes are the data processed?
As a notary, I am a public official. My official activities are carried out in the exercise of a task that is in the public interest, namely the administration of justice in the interests of the general public, and in the exercise of official authority (Art. 6 para. 1 sentence 1 letter e of the General Data Protection Regulation (GDPR)).
Your data will be processed exclusively for the purpose of performing the notarial services requested by you and, where applicable, other persons involved in a transaction in accordance with my official duties, i.e. for the preparation of draft deeds, the notarisation and execution of deeds or the provision of advice. The processing of personal data is therefore always carried out in accordance with the professional and procedural regulations applicable to me, which are essentially derived from the Federal Notary Code and the Notarisation Act. These provisions also impose a legal obligation on me to process the necessary data (Art. 6 para. 1 sentence 1 letter c GDPR). Failure to provide the data requested by me would therefore mean that I would have to refuse to (further) perform the official task.
We do not process your data with the aim of evaluating certain personal aspects (so-called ‘profiling’).
Who has access to my data?
As a notary, I am bound by law to maintain confidentiality. This obligation also applies to my employees and all persons commissioned by me.
I am therefore only permitted to disclose your data if and to the extent that I am obliged to do so in individual cases, e.g. due to disclosure obligations to the tax authorities, or to public registers such as the land registry, commercial or association registers, the Central Register of Wills, the Central Register of Lasting Powers of Attorney, courts such as probate, guardianship or family courts, or authorities. Within the scope of professional and official supervision, I may also be obliged to provide information to the Chamber of Notaries or my supervisory authority, which in turn are subject to official confidentiality obligations. As data processors, possible recipients of data are our external IT system administrator, notary software provider, web host and NotarNet GmbH.
Otherwise, your data will only be passed on if you have expressly consented to this or have obliged me to do so.
Is personal data transferred to so-called third countries?
Your personal data will only be transferred to third countries at your specific request or if and to the extent that a party to the document is based in a third country, and will only be transferred to third countries in accordance with the statutory provisions.
Insofar as we fulfil our contract with you, data will be made available to third parties. Appropriate safeguards pursuant to Art. 46 GDPR or an adequacy decision pursuant to Art. 45 GDPR are not necessary for this purpose.
Unless you have given your consent to the transfer of data, the transfer of data is not necessary for the performance of the contract or the transfer is necessary for the assertion, exercise or defence of legal claims, we will only transfer the data if suitable guarantees or an adequacy decision are in place.
A suitable guarantee exists, for example, if the EU standard data protection clauses issued by the EU Commission have been agreed or if certification by means of a ‘Privacy Shield’ has been obtained.
The legal basis for this is Articles 45 and 46 of the GDPR.
For how long will your personal data be stored?
Your personal data will be processed and stored in accordance with the applicable statutory retention periods.
According to Section 50 (1) of the Regulation on the Keeping of Notarial Files and Registers (NotAktVV), the following retention periods apply to the storage of notarial documents:
- List of documents, electronic collection of documents, collection of inheritance contracts and special collection: 100 years,
- Paper-based document collection, custody directory and general files: 30 years,
- Collective file for bills of exchange and cheque protests and ancillary files: 7 years; the notary may specify a longer retention period in writing at the latest when the ancillary file is last processed in terms of content, e.g. in the case of dispositions of property upon death or in the event of a risk of recourse; the provision may also be made generally for individual types of legal transactions, such as dispositions of property upon death.
After expiry of the storage periods, your data will be deleted or the paper documents destroyed, unless I am obliged to store them for longer in accordance with Article 6(1)(c) of the GDPR due to tax and commercial law storage and documentation obligations (from the German Commercial Code, Criminal Code, Money Laundering Act or the German Fiscal Code) as well as professional regulations for the purpose of conflict checks.
What are your rights?
You have the right to:
- To request information about whether I process personal data about you, and if so, for what purposes I process the data and what categories of personal data I process, to whom the data may have been disclosed, how long the data may be stored, and what rights you have (Art. 15 GDPR).
- Request the deletion of personal data concerning you, provided that there is a legal reason for deletion (see Art. 17 GDPR) and the processing of your data is not necessary for the fulfilment of a legal obligation or for other overriding reasons within the meaning of the GDPR.
- to have inaccurate personal data concerning you that is stored by me corrected. You also have the right to have an incomplete data record stored by me completed (Art. 16 GDPR).
- to object to processing, insofar as this is necessary for me to perform my tasks in the public interest or to exercise my official authority, if there are reasons for the objection arising from your particular situation (Art. 21 GDPR).
- to request that I only process your data to a limited extent, e.g. to assert legal claims or for reasons of important public interest, while I, for example, examine your request for correction or objection, or if I reject your request for deletion (cf. Art. 18 GDPR).
- to lodge a complaint with the supervisory authorities responsible for data protection. The supervisory authority responsible for me is:
State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Postfach 20 04 44, 40102 Düsseldorf, telephone: 0211/38424-0, fax: 0211/38424-10, email: poststelle@ldi.nrw.de.
The complaint may be lodged with any supervisory authority, regardless of its jurisdiction.
Your right to object
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct marketing.
In the first case, we will no longer process your data unless we can demonstrate compelling reasons that outweigh your interests, freedoms and rights, or our processing serves to assert, exercise or defend legal claims.
In the latter case, you have a general right of objection, which we will implement without you having to specify a particular situation. If you wish to exercise your right of revocation or objection, simply send an email to goede@notar-heinig.de.
Information for applicants (m/f/d) pursuant to Articles 13, 14 and 21 of the GDPR
Below, we provide information about how we process your personal data and your rights under data protection regulations.
Data controller, contact details
Responsible:
Notary Dr. Jens Heinig
Poststraße 6
40789 Monheim am Rhein
Phone: +49 (0) 2173 39 39 95 91-0
info@notar-heinig.de
Internet: https://www.notar-heinig.de/
Our data protection officer is:
Notary Dr. Jens Heinig
for the attention of the Data Protection Officer
Mr. Paul Göde
Poststraße 6
40789 Monheim am Rhein
Phone: +49 (0) 2173 (0) 2173 39 95 91 91 27
E-Mail: goede@notar-heinig.de
Internet: https://www.notar-heinig.de/
Data collected and its origin
We process data that you provide to us in connection with your application. In particular, the following personal data and categories of data are processed for the purposes specified in section 3:
- Personal details (first name, surname, address, marital status)
- Information about your qualifications (educational and professional qualifications, certificates, language skills, additional qualifications)
- Information about your CV (type, start date, end date, location and duration of school education, training, studies, further training and professional experience)
- If applicable, account details for reimbursement of costs
- other documents submitted and information derived therefrom.
We may also process personal data about you that we have obtained from publicly available sources (e.g. information on social networks such as Xing or LinkedIn).
Purpose of processing, legal basis
Contract negotiation
We process your data to decide whether to enter into an employment relationship with you. The legal basis for processing is therefore Art. 6 para. 1 lit. b) GDPR.
We would like to evaluate all applicants solely on the basis of their qualifications and therefore ask that you refrain from including information about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, health data, or data concerning your sex life or sexual orientation in your application.
Your consent
If you have given us your consent to process personal data, in particular the processing of special categories of personal data that you have provided, the respective consent is the legal basis for the processing specified therein. This applies in particular to your consent to the further storage of your data in an applicant pool even if your current application is rejected, in the event that we require your services again at a later date.
We process the data provided on the basis of your consent in accordance with Art. 6 (1) (a) GDPR or, in the case of special categories of personal data, Art. 9 (2) (a) GDPR. This consent can be revoked at any time with future effect. Processing that took place before revocation is not affected by this.
You can send your revocation to the data protection officer named in section 1.
Reimbursement of costs
If we have promised to reimburse you for travel expenses incurred in connection with a job interview or similar, we will process your account details for the purpose of reimbursing these costs. The legal basis for this is the fulfilment of our promise to reimburse costs within the meaning of Art. 6 para. 1 lit. b) GDPR.
Transmission of data
Your data will only be passed on if permitted by law. The data specified in section 2 will be transferred to government agencies if there is a legal obligation to do so or if you have given your consent to such transfer. Such government agencies may include, in particular, the tax authorities, customs authorities and trade supervisory authorities. Within our company, your data will only be received by those departments that require it to fulfil our contractual and legal obligations or to perform their respective tasks.
Furthermore, personal data may be transferred for the purpose of order processing, in particular to IT service providers.
Duration of storage / deletion
We process your personal data for the purpose of selecting a suitable candidate for the position to be filled. The data will then be deleted, at the latest when no civil law claims can be asserted against us, in particular those arising from the General Equal Treatment Act. If we do not delete the data immediately, we will mark it as restricted.
Transfer of data to third countries
Your data will only be transferred to countries outside the European Economic Area (EEA) if and to the extent that this is necessary for the execution of the contractual relationship or required by law (e.g. accounting, administration) or if you have given us your consent.
Insofar as we use software from providers based in third countries or software from providers with subcontractors/service providers in third countries to fulfil our contractual obligations, your data or parts of your data may be transferred to third countries (e.g. the United States of America), depending on the purpose of processing.
We would like to point out that, with the abolition of the EU-US Privacy Shield, there is currently no adequacy decision by the Commission within the meaning of Art. 45 (3) GDPR for an adequate level of data protection in the United States. We have therefore concluded standard data protection clauses within the meaning of Art. 46 (2) lit. c) GDPR with the service providers/suppliers we use to protect your data. Furthermore, some of our service providers have implemented binding internal data protection regulations (BCR) within their companies, which have been approved by the respective competent supervisory authority within the meaning of Art. 47 GDPR.
Existing data protection rights
Under the respective legal requirements, you have the right to information (Art. 15 GDPR, Section 34 of the German Federal Data Protection Act (BDSG)), to rectification (Art. 16 GDPR), to erasure (Art. 17 GDPR, Section 35 BDSG), restriction of processing (Art. 18 GDPR), objection (Art. 21 GDPR) and data portability (Art. 20 GDPR).
You also have the right to lodge a complaint with the competent data protection supervisory authority (Art. 77 GDPR, § 19 BDSG).
Data usage for profiling, automated decision-making
We do not process your data with the aim of evaluating certain personal aspects (so-called ‘profiling’).
Obligation to provide data
You are neither legally nor contractually obliged to provide personal data in the context of your application. We would like to point out that our ability to assess your skills and knowledge depends on the data you provide. If you do not provide any data, our assessment may not reflect your actual suitability for the position to be filled, which means that you may not be considered for employment.
As part of any recruitment process, we collect certain data that we require for the performance of the contract (e.g. for the payment of your salary) or that we are legally obliged to collect (e.g. social security data).
Right to object pursuant to Art. 21 GDPR
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(f) GDPR (data processing based on a balancing of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
The objection can be made informally and should be addressed to the contact details provided in section 1.
Supplementary data protection information regarding data processing carried out on our website
Below, we provide you with detailed information about data protection when visiting our website. You can generally use our website without providing any personal data. If personal data is collected when you visit our website, we process it exclusively in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). The processing of personal data takes place exclusively in accordance with this privacy policy. This privacy policy applies to the use of the website at the address https://www.notar-heinig.de/. For linked content from other providers, the privacy policy stored on the linked website is applicable. We would like to point out that security gaps may arise during data transmission via the Internet that cannot be prevented by the technical design of this website. Complete protection of personal data when using the Internet is not possible.
Responsible body, Art. 13 para. 1 lit. a GDPR
The responsibility for data protection in relation to the processing of personal data in connection with the use of this website lies with:
Responsible:
Notary Dr. Jens Heinig
Poststraße 6
40789 Monheim am Rhein
Phone: +49 (0) 2173 39 39 95 91-0
info@notar-heinig.de
Internet: https://www.notar-heinig.de/
Data protection officer
Our data protection officer is:
Notary Dr. Jens Heinig
for the attention of the Data Protection Officer
Mr. Paul Göde
Poststraße 6
40789 Monheim am Rhein
Phone: +49 (0) 2173 (0) 2173 39 95 91 91 27
E-Mail: goede@notar-heinig.de
Internet: https://www.notar-heinig.de/
Hosting
Our website is operated on servers belonging to InternetWerk GmbH, Frankenstraße 2, 04932 Hirschfeld (host).
We have concluded a data processing agreement with InternetWerk GmbH.
When you visit our website, data is automatically collected and stored in log files on our host's server. This data may be personally identifiable. The data collected includes:
- IP address of the requesting computer (in anonymised form)
- Date and time of access,
- Name and URL of the file accessed,
- Website from which access is made (referrer URL),
- the browser used and, if applicable, the operating system of your computer and the name of your access provider.
The host uses the collected data to ensure the smooth operation of the website, to guarantee IT security and to improve our offering. If there are specific indications, the log data may be analysed retrospectively. The temporary storage of the IP address by the host is necessary to enable the website to be delivered to the user's computer. For this purpose, your IP address must remain stored for the duration of the session.
This data is not combined with other data sources.
The legal basis for data collection is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest in data collection arises from the purposes stated above.
The data will be deleted by the host as soon as it is no longer required for the purpose for which it was collected. In the case of data collected for the provision of the website, this is the case when the respective session has ended.
If the data is stored in log files, this technical information will be deleted or rendered unrecognisable after seven days at the latest.
The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, you have no right to object.
Cookies
No (own) cookies are currently used to provide our website.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line.
When SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties (end-to-end encryption). The protocols authenticate the communication partner and ensure the integrity of the data being transferred.
Contact details
You can contact us by email via our website.
In this context, your details from the email, including the contact details you provided there, will be stored and processed by us for the purpose of processing your enquiry and in the event of follow-up questions. This data (e.g. name, address, telephone number, email address, IP address) will not be passed on to third parties without your consent.
The data will not be merged with other data collected on this website.
The data will be stored as part of the notarial activities, if applicable, provided that an order or assignment has been placed.
This data is processed on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR, provided that your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective processing of enquiries addressed to us (Art. 6 para. 1 sentence 1 lit. f GDPR).
The data you provide in the email will remain with us until you request its deletion, object to its processing or the purpose for which it was stored no longer applies (e.g. after your enquiry has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.
Your rights and how you can exercise them
You are entitled to the rights listed below. You can assert these rights against us. To do so, please use the contact details above or contact us by email at: info@notar-heinig.de
Information:
In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. In particular, you may request information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about the details of such processing;
Correction:
In accordance with Art. 16 GDPR, you have the right to request the immediate rectification of inaccurate personal data stored by us or the completion of your personal data;
Deletion:
In accordance with Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, unless processing is necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
Restriction of data processing:
In accordance with Art. 18 GDPR, you have the right to request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require it for the assertion, exercise or defence of legal claims, or you have objected to the processing in accordance with Art. 21 GDPR;
Data portability:
In accordance with Art. 20 GDPR, you have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request its transfer to another controller;
Withdrawal of your consent:
In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent at any time. This means that we will no longer be permitted to process the data based on this consent in the future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Please send your cancellation to the address above or by email to: info@notar-heinig.de
Right of objection
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions.
The controller will no longer process your personal data unless he can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defence of legal claims.
If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes; this also applies to profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
You have the option, in connection with the use of information society services – notwithstanding Directive 2002/58/EC – to exercise your right to object by means of automated procedures using technical specifications.
Automated individual decision-making, including profiling, pursuant to Art. 22 GDPR
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision is necessary for the conclusion or performance of a contract between you and the controller, is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is based on your explicit consent.
However, these decisions must not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) lit. a) or g) GDPR applies and appropriate measures to protect your rights and freedoms and legitimate interests have been taken.
Right to lodge a complaint with the competent data protection supervisory authority:
You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our law firm's registered office for this purpose.
YouTube
We use YouTube on our website. This is a video portal operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as ‘YouTube’.
We use YouTube in conjunction with the ‘Extended Data Protection Mode’ feature to display videos to you. If you have given your consent to this processing, the legal basis is Art. 6 para. 1 lit. a GDPR. The legal basis may also be Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in improving the quality of our website. According to YouTube, the ‘Extended Data Protection Mode’ function means that the data described in more detail below will only be transmitted to YouTube's server if you actually start a video.
Without this ‘extended data protection,’ a connection to the YouTube server in the United States will be established as soon as you access one of our Internet pages on which a YouTube video is embedded.
This connection is necessary in order to display the respective video on our website via your Internet browser. In the course of this, YouTube will collect and process at least your IP address, the date and time, and the website you visited. In addition, a connection to Google's ‘DoubleClick’ advertising network is established.
If you are logged in to YouTube at the same time, YouTube will assign the connection information to your YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our website or adjust the settings in your YouTube user account accordingly.
For the purposes of functionality and to analyse usage behaviour, YouTube permanently stores cookies on your device via your internet browser. If you do not agree to this processing, you can prevent the storage of cookies by adjusting the settings in your internet browser. For more information, please see ‘Cookies’ above.
Further information about the collection and use of data, as well as your rights and options for protection, can be found at
https://policies.google.com/privacy
in Google's privacy policy.
Sample privacy policy the Law firm Weiß & Partner
Status of the privacy policy
Due to ongoing technical and legal developments, we reserve the right to amend our privacy policy as necessary.
As of: May 2025 / Revision: May 2025
English 
German