Information on data protection

1. Name and contact details of the controller and the company data protection officer

The controller is Andersen GmbH Rechtsberatung Steuerberatung (hereinafter: "Andersen", "we" or "us"), Leipziger Platz 1, 10117 Berlin, Germany

E-mail: info@de.Andersen.com
Telephone: +49 30 920314 500
Fax: +49 30 920314 999

Andersen's company data protection officer can be contacted at the above address, Attn: Data Protection Officer, or at datenschutzbeauftragter@de.Andersen.com.

2. Collection and storage of personal data and the nature and purpose of its use

a) When visiting the website
When you visit our website de.Andersen.com ("website"), the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information is collected without any action on your part and stored until it is automatically deleted

  • IP address of the requesting computer,
  • Date and time of access,
  • Name and URL of the accessed file,
  • the website from which access was made (referrer URL)
  • browser used and, if applicable, the operating system of your computer and the name of your access provider.

The aforementioned data is processed by us for the following purposes

  • Ensuring a smooth connection to the website,
  • Ensuring a comfortable use of our website,
  • evaluating system security and stability and
  • for other administrative purposes.

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

We also use cookies and analysis services when you visit our website. You can find more detailed explanations on this in sections 4 and 5 of this privacy policy.

b) When using our contact form
If you have questions of any kind, we offer you the opportunity to contact us using a form provided on the website. It is necessary to provide a valid e-mail address so that we know who sent the request and can answer it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR on the basis of your voluntarily given consent.

The personal data collected by us for the use of the contact form will be automatically deleted after your request has been processed.

3. Transfer of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only pass on your personal data to third parties if:

  • you have given your express consent to this in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data,
  • in the event that there is a legal obligation for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR, and
  • this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR.

4. Cookies

We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity.

On the one hand, the use of cookies serves to make the use of our website more convenient for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted after you leave our site.

In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a specified period of time. If you visit our site again to use our services, it is automatically recognized that you have already visited us and which entries and settings you have made so that you do not have to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you (see section 5). These cookies enable us to automatically recognize that you have already visited our website when you visit it again. These cookies are automatically deleted after a defined period of time.

The user data collected by technically necessary cookies is not used to create user profiles. The use of technically necessary cookies is based on Section 25 (2) TDDDG, further data processing on the basis of Art. 6 (1) lit. b GDPR, insofar as the use of technically necessary cookies is necessary for the purpose of providing our web and/or online services in the sense of contract fulfillment, otherwise on the basis of Art. 6 (1) lit. f GDPR, as the use is also made to safeguard legitimate interests for the purpose of providing web and/or online services.

Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you deactivate cookies completely, you may not be able to use all the functions of our website.

5. Analysis tools

The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR. With the tracking measures used, we want to ensure a needs-based design and the continuous optimization of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.

The respective data processing purposes and data categories can be found in the corresponding tracking tools.

a) Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC, for the purpose of tailoring and continuously optimizing our website. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter referred to as "Google"). In this context, pseudonymized user profiles are created and cookies (see section 4) are used. The information generated by the cookie about your use of this website, such as

  • Browser type/version,
  • operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address),
  • time of the server request,

are transmitted to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services relating to website activity and internet usage for the purposes of market research and the needs-based design of this website. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymized so that they cannot be assigned (IP masking).
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie will be set to prevent the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Further information on data protection in connection with Google Analytics can be found in the Google Analytics help section (https://support.google.com/analytics/answer/6004245?hl=de).

b) Google Adwords Conversion Tracking
We also use Google Conversion Tracking to statistically record the use of our website and to evaluate it for the purpose of optimizing our website for you. Google Adwords places a cookie (see section 4) on your computer if you have reached our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user visits certain pages of the Adwords customer's website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page.
Each Adwords customer receives a different cookie. Cookies can therefore not be tracked via the websites of Adwords customers. The information collected using the conversion cookie is used to generate conversion statistics for Adwords customers who have opted for conversion tracking. Adwords customers find out the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.
If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this - for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain "www.googleadservices.com". Google's privacy policy for conversion
Tracking can be found here (https://services.google.com/sitestats/de.html).

6. Social media plug-ins

We do not use any social plug-ins from social networks on our website. We only link to our profile on the social networks Facebook, LinkedIn and X on our website. Your data is not retrieved by the social networks on our website.

7. Integrated services and third-party providers

7.1 Transmission of IP addresses when integrating external services

We use services and content provided by third-party providers on our website. For such integration, it is technically necessary to process your IP address so that the content can be sent to your browser. Your IP address is therefore transmitted to the respective third-party provider. This data processing is carried out to protect our legitimate interests in the optimization and economic operation of our website and is based on the legal basis of Art. 6 para. 1 sentence 1 f) GDPR. The JavaScript programming language is regularly used to integrate the content. You can therefore object to data processing by deactivating the execution of JavaScript in your browser or installing a JavaScript blocker. Please note that this may result in functional restrictions on the website.

We use "Google Maps" from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google") to display maps. Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

7.2 Use of reCAPTCHA

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on this website. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to check whether data is entered on this website (e.g. in a contact form) by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run completely in the background. Website visitors are not informed that an analysis is taking place.
The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time.
For more information about Google reCAPTCHA, please refer to the Google Privacy Policy and the Google Terms of Service at the following links:
policies.google.com/privacy
policies.google.com/terms.

7.3 Cookie management tool Usercentrics

We use an IT application that documents the necessary consents for the use of cookies and other similar technologies (so-called consent management tool). For this purpose, we use the service provider Usercentrics, based in the EU ("Usercentrics"), which acts on our behalf as part of order processing in accordance with Art. 28 GDPR.
Usercentrics offers a Consent Management Platform (CMP) as a Software as a Service (SaaS) solution. This is used to collect, manage, document and pass on consent and personal data collected on the basis of legitimate interests. By using the CMP, the scripts of the individual technologies implemented are blocked when the website is accessed. These technologies are only played after consent has been given. Technologies that are used on the basis of legitimate interest are not blocked and are played automatically.

With the CMP, it is possible to track and document the user's consent and future changes to the decision. It is also possible to withdraw consent via an embedded button (privacy button/link). This gives the user the opportunity to adjust their decision at a later date.

As soon as our website is accessed and visited by interested users, a Usercentrics cookie is stored in the user's browser, in which the consent(s) given by the user or revocation(s) of this consent are stored.

The following user data is collected:
a. User data in connection with Service Consent Management Platform:

  • Consent data (consent ID, consent number, date and time consent was granted, opt-in or opt-out, banner language, customer settings, template version)
  • Device data (HTTP agent, HTTP referrer)
  • Browser manufacturer and version, operating system
  • IP address
  • Geolocation

b. User data in connection with service preference management platform

  • Unique user ID that is provided to us
  • Preference decisions

The consent ID (contains the above-mentioned data) and the consent status including timestamp are stored in the local memory of your browser and simultaneously on the cloud servers used.

The processing of your pers. Data is generally processed within the EU or the European Economic Area ("EEA"). If data is processed in third countries, we ensure that an adequate level of data protection is guaranteed in the respective third country or at the respective recipient in the third country before such a transfer takes place. This may result, for example, from a so-called "adequacy decision" of the European Commission, by using the so-called "EU standard contractual clauses" or by other measures within the meaning of Art. 44 et seq. GDPR. Processing outside the EEA may also be justified in accordance with Art. 49 GDPR or with consent to such processing in accordance with Art. 49 para. 1 lit. a GDPR.

The purpose of the data processing is to analyze and manage the consents granted so that we comply with our obligation to manage consents in accordance with the GDPR; the proof of consents granted and not granted as well as their management.

The legal basis for the management of your consent to the processing of your personal data is in particular Art. 6 para. 1 lit. c GDPR and Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies, for example, in the legally compliant documentation and verifiability of consents. Consent to the processing of pers. Data can be revoked at any time with effect for the future. You can object to processing on the basis of legitimate interests at any time if the requirements of Art. 21 GDPR are met.

The data collected will be stored in order to document the purpose of the proper consent to the use / use of cookies and other similar technologies. The data will be deleted if it is no longer required for the respective processing purposes or, in the case of consent, if consent has been withdrawn. Instead of erasure, the data may be stored with restriction of processing if this is provided for by the European or national legislator in EU regulations, laws or other provisions to which our company is subject, in particular e.g.

  • for the fulfillment of statutory retention obligations (e.g. the German Fiscal Code (AO) or the German Commercial Code (HGB), currently between 6 to 10 years), and/or
  • if there are legitimate interests in storage (e.g. during the course of limitation periods for the purpose of a possible legal defense (§§ 195 ff. BGB, currently between 3 and 30 years). The legal basis for this is Art. 6 para. 1 lit. c or lit. f GDPR. The data will be deleted at the latest when a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion of a contract or for other purposes (e.g. legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR).

8. Special information on data protection in the notary's office

In addition to the general provisions of this privacy policy, the following specific information applies to the notary's office

8.1 Controller

The respective notary is responsible for the processing of your personal data. You can contact him or the data protection officer for all data protection inquiries as follows:

 Notary responsibleData protection officer
Name

Notary Clemens Scholz-Remes

Notary Lukas Habekost

Former Notary Detlev Stoecker

Andersen GmbH Rechtsberatung Steuerberatung
AddressLeipziger Platz 1, 10117 Berlin, GermanyFor the attention of the data protection officer,
Leipziger Platz 1, 10117 Berlin, Germany
Telephone+49 30 920314 728+49 30 920314 500
Fax+49 30 920314 970+49 30 920314 999
Email

clemens.scholz-remes@de.andersen.com

lukas.habekost@de.andersen.com

detlev.stoecker@de.andersen.com

datenschutzbeauftragter@de.andersen.com


8.2 What data is processed and where does the data come from?

Personal data that the notary receives from you or via third parties commissioned by you (e.g. lawyers, tax consultants, brokers, credit institutions) is processed, such as

  • Personal data, e.g. first name and surname, date and place of birth, nationality, marital status; in individual cases your birth register number;
  • contact details, e.g. postal address, telephone and fax numbers, e-mail addresses;
  • your tax identification number in the case of real estate contracts;
  • in certain cases, e.g. marriage contracts, wills, inheritance contracts or adoptions, also data on your family situation and your assets and, if applicable, information on your health or other sensitive data, e.g. because this serves to document your legal capacity;
  • in certain cases also data from your legal relationships with third parties, such as file numbers or loan or account numbers at credit institutions.
  • In addition, data from public registers, e.g. land registers, commercial registers and registers of associations are processed.

8.3 For what purposes and on what legal basis is the data processed?

The notary is the holder of a public office. His official activity is carried out (i) in the performance of a task which is in the public interest in the orderly and preventive administration of justice and thus in the public interest, and (ii) in the exercise of official authority (Art. 6 para. 1 sentence 1 lit. e of the General Data Protection Regulation (GDPR)).

Your data will be processed exclusively in order to carry out the notarial activity requested by you and any other persons involved in a transaction in accordance with the official duties, i.e. for the preparation of draft deeds, for the notarization and execution of deed transactions or for the provision of advice. Personal data is therefore only ever processed on the basis of the applicable professional and procedural regulations, which are essentially derived from the Federal Notarial Code and the Notarization Act. These provisions also result in the legal obligation to process the required data (Art. 6 para. 1 sentence 1 lit. c GDPR). Failure to provide the data requested from you would therefore mean that the (further) execution of the official transaction would have to be refused.

8.4 To whom will your data be disclosed?

The notary is subject to a statutory duty of confidentiality. This duty of confidentiality also applies to all his employees and all other persons commissioned by him.
Your data will therefore only be passed on if and insofar as the notary is obliged to do so in individual cases, e.g. due to notification obligations to the tax authorities, or to public registers such as the land registry, commercial or association registers, central register of wills, registers of precautionary measures, courts such as probate, care or family courts or authorities. In the context of professional and official supervision, the notary may also be obliged to provide information to the Chamber of Notaries or its supervisory authority, which in turn are subject to an official duty of confidentiality.

Otherwise, your data will only be disclosed if the notary is obliged to do so on the basis of declarations made by you or if you have requested the disclosure.

8.5 Is data transferred to third countries?

Your personal data will only be transferred to third countries at your special request or if and insofar as a party to the deed is domiciled in a third country.

8.6 How long will your data be stored?

The notary processes and stores your personal data within the scope of his statutory retention obligations.
According to Section 5 (4) of the Service Regulations for Notaries (DONot), the following retention periods apply to the retention of notarial documents:

  • Roll of deeds, register of inheritance contracts, register of names to the roll of deeds and collection of deeds including inheritance contracts kept separately (§ 18 para. 4 DONot): 100 years,
  • Custody book, mass book, list of names for the mass book, escrow account list, general files: 30 years,
  • ancillary files: 7 years; the notary may stipulate a longer retention period in writing at the latest when the content is last processed, e.g. in the case of dispositions mortis causa or in the event of a risk of recourse; the stipulation may also be made in general for individual types of legal transactions, e.g. for dispositions mortis causa.

After expiry of the storage periods, your data will be deleted or the paper documents destroyed, unless there is an obligation to store them for a longer period of time in accordance with Article 6 para. 1 sentence 1 lit. c GDPR due to tax and commercial law storage and documentation obligations (from the German Commercial Code, Criminal Code, Money Laundering Act or the Tax Code) as well as professional regulations or for the purpose of conflict of laws checks.

9. Special data protection information for the application procedure at Andersen GmbH Rechtsberatung Steuerberatung

This data protection notice provides information on the processing of personal data in connection with application procedures at Andersen GmbH Rechtsberatung Steuerberatung.

9.1 Application data

On our website, you have the opportunity to apply directly for vacancies using a form and, if necessary, to upload application documents. As part of the application process, we only collect and process the personal data that we require for the initiation of an employment relationship, including the decision on the establishment of an employment relationship or recruitment. The following personal data may be collected if you provide or upload it to us as part of the application process:

  • Personal data (e.g. first* and last name*)
  • Address and contact details (e.g. address; e-mail address*; telephone number)
  • Application documents (e.g. CV, cover letter or certificates)
  • Data on your professional experience (e.g. details of your previous activities)
  • Data on your education (e.g. details of school or university degrees)
  • Other skills and qualifications (e.g. additional training, certificates, languages)
  • Other voluntary information (e.g. application photo, message content from the contact form or other information that you voluntarily provide us with in your application)

Mandatory information is marked with an asterisk*. You are not legally or contractually obliged to disclose your personal data. However, we cannot process your application without the information / personal data marked with an asterisk*.

Furthermore, your data may be supplemented by an employee/service provider of ours as part of the recruiting process:

  • Interview dates, interview notes and comments on your profile;
  • Applicant correspondence with our employees.

9.2 Purpose and legal basis

We process your data as part of our recruiting process (personnel search and selection) to fill vacancies at Andersen GmbH Rechtsberatung Steuerberatung.

You can apply to us in response to a specific job advertisement. One of our employees will then contact you by e-mail or telephone and inform you about the next steps in the recruiting process.

The processing is carried out to carry out pre-contractual measures (e.g. application procedure), which are carried out at your request as the data subject. The processing serves the preparation, conclusion and execution of an employment contract, for which a review and evaluation of the application documents is necessary, Art. 6 para. 1 lit. b GDPR.

Processing is also carried out to fulfill legal obligations (Art. 6 para. 1 lit. c GDPR) and for legitimate interests (Art. 6 para. 1 lit. f GDPR) in connection with the assertion, exercise or defense of legal claims (e.g. claims under the Equal Treatment Act).

9.3 Any recipients of personal data

Your personal data is processed within the EU or the European Economic Area ("EEA").

(1) Employees
Access to applicant data is only granted to those employees of Andersen GmbH Rechtsberatung Steuerberatung who are involved in personnel decisions and who have received appropriate training in the proper and lawful handling of personal applicant data.

Access is strictly regulated and usually only extends to those persons entrusted with the recruiting process, such as managers and key personnel in the relevant departments. Our employees are bound to confidentiality and secrecy.

(2) Other recipients
In order to fulfill legal obligations or to defend against legal claims, we may occasionally grant authorities or courts access to your data.
If you apply for a vacancy in the notary's office, this applicant data will be forwarded to Andersen and processed there for the purpose of the application procedure.

9.4 Data deletion and storage period

The application data will only be processed as part of the application process and will only be stored by us until the relevant application process has been completed and a personnel decision has been made.
If there is no need for personnel in the case of an application or if the application procedure has been completed, the personal data of the unsuccessful applicants will be deleted or destroyed after six (6) months at the latest, provided that there are no other operational or statutory retention obligations to the contrary (statutory exclusion periods with regard to recruitment procedures in accordance with the AGG; during the course of limitation periods for the purpose of any legal defense (§§ 195 ff. BGB etc.).

In all other respects, the information in our other data protection notices applies.

10. Rights of data subjects

You have the right vis-à-vis the aforementioned controllers (see Section 1 and Section 8.1)

  • in accordance with Art. 15 GDPR and Section 34 BDSG, to request information about your personal data processed by us, whether or not we process personal data relating to you and, if so, to what extent;
  • in accordance with Art. 16 GDPR, to request the correction of incorrect or incomplete personal data stored by us
  • in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller
  • in accordance with Art. 7 para. 3 GDPR, to revoke your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future and
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at the registered office of our law firm.

11. Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation.

12. Data security

We use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.

13. Topicality and amendment of this privacy policy

This privacy policy is currently valid and is dated January 20, 2025.
It may become necessary to amend this privacy policy as a result of the further development of our website and services or due to changes in legal or official requirements. You can access and print out the current privacy policy at any time on the website.