ElsterSecure - the authentication app from ELSTER

ElsterSecure offers you the option of using your mobile device (e.g. smartphone, Tablet) to log in to ELSTER and services that use the ELSTER Login. A certificate is no longer required for this type of Login. You can use your mobile device to complete the registration for Mein ELSTER and securely store an access key on your mobile device in ElsterSecure. This allows you to access Mein ELSTER wherever you are. ElsterSecure can be installed via the Google Play and Apple App Store app stores.

Video instructions

Procedure for registering with Mein ELSTER with the ElsterSecure Login option (Part 1)

Procedure for registering with Mein ELSTER with the ElsterSecure Login option (Part 2)

Data protection notice

General information

Data protection and data security for citizens are a top priority for the tax authorities. That is why the protection of your personal data while you use our app is very important to us. This privacy policy explains what information we collect on our servers when you use the app and how this information is used. This app is operated by the Bavarian State Tax Office (ICT Division). Data protection at mein ELSTER

Processing of personal data for the ElsterSecure Service

Type and scope of data processing

Login and completion of registration

When using our app, the information provided and saved during registration is transferred from Mein ELSTER to the app and processed there. It is also possible to complete the registration started with Mein ELSTER in the app. In this case, the necessary data is also transmitted from Mein ELSTER to the app. This data is displayed in the app and processed where necessary.

The following data is involved:

  • for a natural person: surname, first names, title, identification number, e-mail address, user name
  • in the case of a legal entity or association of persons: Company name, legal form, registered office, in particular place of management, tax number, e-mail address, user name

Sharing log files with technical support:

In the application, a user can initiate the transfer of log files to the technical support of Mein ELSTER if required. These show all activities when using the application. This data is used exclusively for technical support.

Purpose and legal basis for recording this data

Login and completion of registration

In order to establish the identity of a user, the tax authority may, in accordance with Section 8(2) of the Online Access Act and Sections 29c and 30(4)(1) of the Fiscal Code, retrieve data from the Federal Central Tax Office and corresponding data stored by the tax offices for the taxation procedure from these tax authorities in an automated procedure with the user's consent and transmit the retrieved data to the user's user account or eGovernment service with the user's consent.

The legal basis for the processing of your personal data described above is Article 6(1)(1)(e), (2), (3)(b) and (4) of the General Data Protection Regulation in conjunction with Section 8 of the Online Access Act and Sections 29c and 30 of the Fiscal Code.

Accordingly, we are permitted to process the personal data required for the fulfillment of a task incumbent upon us. You are not obliged to disclose this personal data. However, it is not possible for you to use the services offered here without your personal data.

Sharing log files with technical support:

The legal basis for the processing is Art. 6 Abs. 1 S. 1 lit. a) General Data Protection Regulation. There is also a legitimate interest in processing to optimize system security and stability in accordance with Art. 6 Abs. 1 S.1 lit f) General Data Protection Regulation.

Storage duration of personal data

Insofar as we process personal data in the context of the services offered here, the following applies: The personal data is only stored for the duration of the respective use of the service provided for this purpose.

Access authorizations required for the function of the app on mobile devices

  • Storage:
    For saving and accessing security keys and configuration settings. Access to data selected by the user for transfer to the service.
  • Network, connections and Internet data:
    For communication with the online service used.
  • Camera:
    For scanning QR codes to open the app in a specific context. Also for taking photos that the user wants to send to a service.
  • Biometric Hardware:
    Enables the use of fingerprint or facial recognition as a second factor in user authentication. Processing is carried out by the end device. Only the result of the verification is transmitted to the app.