This is one of the most intensely and extensively discussed questions regarding legally compliant email archiving. It is certain (we experience it almost daily): there is enormous ignorance and unhealthy half-knowledge in the world. We want to shed some light on this.

To get to the bottom of the question of what characterizes a legally compliant email archiving, we draw on a case from practice: Recently, a customer inquiry in connection with Benno MailArchiv revealed that the customer only wanted to archive the emails of selected email mailboxes. So far so good. Technically, this is easily feasible with Benno MailArchiv. But be careful! Legal compliance is not defined solely by the technical product used for email archiving!

The question of “legal compliance” of a mail archiving solution already begins where a decision about archiving or not archiving emails takes place.

Against the background of the valid requirements of the legislator for lawful email archiving, it is extremely tricky to exclude certain email addresses from archiving in principle. This only works (purely legally speaking) if it is absolutely certain that no emails that are subject to archiving are sent or received via the email addresses excluded from archiving. This brings us to the next pitfall. Which emails are subject to archiving?

The obligation to archive e‑mails exists due to commercial and tax law requirements. The legal basis is therefore defined in the HGB and the AO. To give just one single (!) example of e‑mails subject to archiving: according to the AO, all e‑mails or e‑mail‑based communicated information that meets the status “as far as they are relevant for taxation” must be archived in a legally compliant manner. In practice, this refers to e‑mails whose content (e.g.,) relates to a business transaction or could otherwise affect the taxation of the archiving‑obligated company. Generally, this can basically include almost everything that has been sent or received as e‑mail.

This gradually closes the circle: How must emails be archived in compliance with the law now?

Compliance mail archiving means operating a form and a procedure of archiving that is suitable to cover the requirements for compliant mail archiving. What requirements are involved? For example (to illustrate just one aspect) it concerns the requirement of timeliness of archiving. In other words: Emails that enter the company must therefore be archived as promptly as possible (which minimizes potential manipulation possibilities before archiving, etc.). Thus concrete requirements arise for the archiving solution itself, but especially for the process of the archiving.

There are still some additional requirements. They all condition the design of various procedural aspects. This means that in the end not only the technical solution “Mailarchivierungssoftware Benno MailArchiv” must meet certain requirements, but also the entire process, the application environment, etc., in which the mail archiving takes place.

In short: First, organizational measures must be taken to ensure that all requirements for lawful mail archiving are met. Only then do the technical aspects (implementation in software) come into play.

In a single sentence: A technical Lösung (e.g., Benno MailArchiv) is alone (i.e., without supporting organizational Maßnahmen) never able to represent a legally compliant mail archiving.

To finally map the last requirement of compliant email archiving, namely the verifiability of the solution by third parties in a reasonable time, it is finally established that without a suitable procedural documentation for compliant email archiving, verifiability cannot be established and thus the entire solution without a suitable procedural documentation is not compliant.

And that means: A legally compliant mail archiving solution is the sum of the organizational Maßnahmen, the technical Lösung (mail archiving software such as Benno MailArchiv itself), the overall technical implementation and the final procedural documentation. Only so can all legal requirements for mail archiving be demonstrably represented. A software alone, i.e., without supporting organizational Maßnahmen, is never suitable to represent a legally compliant mail archiving.

We look back on many years of know-how regarding this complex of questions and advise you gladly on compliance, legal requirements and their implementation. For professional reasons, neither these explanations nor our consulting services in this context represent legal advice.