Data protection policy of the Royal Federation of Belgian Notaries

This data protection policy has been drawn up in accordance with the principle of transparency enshrined in the General Data Protection Regulation in order to sufficiently inform citizens about the processing of personal data carried out by Fednot.

In this document, we will describe the categories of personal data processed, the categories of data subjects, the purposes and grounds for lawful processing and the data retention period. Technical and organizational measures will also be described, as well as how citizens can exercise their rights under the GDPR.

Note that applications managed by Fednot that are also accessible to citizens – such as the digital vault for citizens (IZIMI) or the auction platform for real estate (Biddit) – have their own data protection policies.

Data controller

The Royal Federation of Belgian Notaries (hereinafter “Fednot”), with company number 0409.357.321 and registered office at Rue de la Montagne 30/34, 1000 Brussels, is the data controller for the management of its databases. The data controller is the person who determines the purpose and means of processing your data.

Fednot has appointed Privanot asbl as Data Protection Officer (DPO). You can contact them via the following:

Email: dpofednot@privanot.be
Tel.: 02 500 14 15

Data processing

Identification of processing operations and data subjects

Fednot processes personal data about Belgian and European notaries as well as Belgian and European citizens. These citizens are for the most part parties involved in a notarial act. Fednot processes the following personal data:

  • Management of notaries’ central registers
  • Management of applications coordinating data transmission between notaries and government departments
  • Management of applications created to improve notarial operations and support notaries in their missions

Purpose and legitimacy

The purpose of this policy is to inform citizens about the processing of their data by Fednot in the context of the performance

  • of its legal obligations (Art. 6.1c GDPR) and
  • of its public-interest missions (Art. 6.1e GDPR)

Fednot will only process personal data for the purposes described below.

Central registers

Fednot has been appointed by the legislator to manage several central registers. It is the data controller for the management of notaries’ authentic sources. These authentic sources are as follows:

  • Central Register of Wills
  • Central Register of Cohabitation and Marriage Agreements
  • Central Register of Inheritance
  • Central Register of Power of Attorney Contracts
  • Central Register of Declarations
  • Bank for Notarial Acts (NABAN)
  • etc.

The various regulations relating to these databases designate Fednot as their manager. The processing of personal data carried out as part of the management of these databases is therefore carried out within the framework of the legal obligations to which Fednot is subject.

The legislator has entrusted Fednot with the management of the central registers in order to help notaries and the competent administrations (authorities) to have access to the data contained therein as part of the performance of their legal obligations. In certain cases, citizens also have the right to access the data contained in the central registers (in addition to their own personal data).

Applications that coordinate data transmission between notaries and public authorities

As part of its public-interest mission and/or its legal obligations, Fednot manages certain applications that enable the transfer of citizens’ personal data between notary offices and public authorities. The aim is to enable notaries and public authorities to fulfill their legal obligations.

These applications include:

  • ASF: Avis sociaux et fiscaux (Social and fiscal notices) – this application enables the exchange of social and fiscal notices between notaries and authorities, for example in the case of a debt.
  • eRegistration: This application allows notaries to digitally register deeds at the registry office, or remove a mortgage, etc.
  • eDepot: This application allows notaries to digitally file a company’s incorporation dossier with the clerk’s office of the Company Court, with a view to the latter issuing a company number and publishing the incorporation deed, by extract, in the appendices to the Belgian Official Gazette.
  • etc.

Data categories and retention periods

The following categories of data are processed:

Central registers

Different categories of data are processed in these central databases:

  • Identification data such as name, date of birth, Belgian national register number, social security number (Rbis), place of birth, date of death, place of residence, etc.
  • Family data: household composition
  • Social data
  • Data relating to marriage agreements, wills
  • Data relating to power of attorney contracts
  • Data in authentic instruments and copies of authentic instruments themselves
  • etc.

As part of its management of these authentic sources, Fednot has legal authorisations or authorisations issued by the competent authority to use the Belgian national register number or the social security number (Rbis). Fednot also has authorisations to access data from the Belgian national register and the central social security data bank (Rbis) in order to check the data and thus guarantee its quality.

Data retention periods are specified in the regulations specific to each authentic source. Access logs for central registers are stored for 10 years to enable Fednot to identify the individual carrying out the searches.

If citizens wish to obtain further information on this subject, they may always exercise their right to information and right of access by contacting Fednot’s Data Protection Officer (dpofednot@privanot.be).

Applications that coordinate data transmission between notaries and public authorities

In addition, data relating to citizens is also processed via applications through which notaries communicate with authorities.  This mainly concerns:

  • Identification data (name, Belgian national register number, date of birth, place of birth, place of residence, etc.)
  • Contact details
  • Authentic instrument data for electronic registration
  • Social and tax data (debts)
  • Professional data for online company creation
  • etc.

Fednot retains some of your personal data only in the following cases:

  • if required by law
  • or for evidentiary purposes for 20 years (in accordance with the prescribed period of the former Civil Code)

Further processing of data

Where appropriate, data may be reused by Fednot for statistical or scientific research purposes. The ultimate aim of such further data processing is always to improve the service provided by notaries to the public. This is in line with the public interest missions carried out by Fednot. In certain cases, the further processing of data for statistical and scientific purposes by Fednot is expressly authorised by the legislator. This is the case, for example, with deeds and data stored in the Bank of Notarial Acts (NABAN).

Technical and organisational measures

Fednot has implemented several technical and organisational measures to ensure an adequate level of security for the personal data it processes. Fednot ensures that its employees and any subcontractors sign confidentiality agreements or subcontracting contracts. In addition, it has implemented several procedures and protection mechanisms to ensure that the personal data it processes is adequately protected.

These measures are reassessed every three years by the Data Protection Officer, who ensures that data processing within Fednot complies with the GDPR, by the Data Protection Officer and the Chief Information Security Officer (CISO) in charge of data processing security.  During these assessments, all applications are checked and tested to ensure that measures are sufficiently implemented.

Your rights 

As a data subject concerned by the processing of personal data by Fednot, you have the right to obtain clear information about the processing of your data. This policy aims to fulfil this obligation for Fednot.

You also have the right to request further information from Fednot regarding the processing of your personal data. This is your right of access.

Under certain conditions and in strictly defined cases, you also have the right to rectification and deletion of your data, as well as the right to object to its use.

Furthermore, in the event of a dispute concerning the processing of your data, you have the right to ask Fednot to suspend certain processing operations. This is your right to restrict processing.

You may exercise your rights directly by contacting Fednot or the Data Protection Officer appointed by Fednot (dpofednot@privanot.be).

Finally, if you feel that your rights have not been respected, you can lodge a complaint with the Data Protection Authority (https://www.autoriteprotectiondonnees.be/citoyen/agir/introduire-une-plainte) or take legal action.