1. Data Controller

The data controller responsible for processing your personal data is SteuerPilot GmbH (hereinafter "we", "us", or "our"). For questions regarding data protection, please contact us at:

Email: hello@steuerpilot.xyz

2. Data We Collect

We collect the following categories of personal data:

Account Data: Name, email address, phone number (optional), company name (optional)
Tax Data: Documents, receipts, invoices, tax identification numbers, financial information
Usage Data: IP address, browser type, device information, usage patterns
Communication Data: Messages sent through our contact form or support channels

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

Contract Performance (Art. 6(1)(b) GDPR): To provide our tax management services
Legitimate Interest (Art. 6(1)(f) GDPR): For security, fraud prevention, and service improvement
Consent (Art. 6(1)(a) GDPR): For marketing communications and cookies
Legal Obligation (Art. 6(1)(c) GDPR): To comply with tax and accounting laws

4. How We Use Your Data

We use your personal data to:

Provide and maintain our tax management services
Process and organize your tax documents
Generate ELSTER-compatible tax files
Send deadline reminders and notifications
Enable collaboration with tax advisors
Respond to your inquiries and provide customer support
Improve our services and develop new features
Ensure security and prevent fraud
Comply with legal obligations

5. Data Storage and Security

Your data is stored exclusively in EU data centers located in Germany. We implement industry-standard security measures including:

AES-256 encryption at rest
TLS 1.3 encryption in transit
Regular security audits and penetration testing
Access controls and authentication
Regular backups with 30-day retention

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Tax-related documents are retained for 10 years as required by German tax law (§147 AO). Account data is retained until you delete your account or request deletion, subject to legal retention requirements.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR): Request a copy of your personal data
Right to Rectification (Art. 16 GDPR): Correct inaccurate or incomplete data
Right to Erasure (Art. 17 GDPR): Request deletion of your data
Right to Restriction (Art. 18 GDPR): Request limitation of processing
Right to Data Portability (Art. 20 GDPR): Receive your data in a machine-readable format
Right to Object (Art. 21 GDPR): Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, please contact us at hello@steuerpilot.xyz. We will respond within 30 days.

8. Data Sharing

We do not sell your personal data to third parties. We may share your data with:

Tax Advisors: If you choose to collaborate with a Steuerberater through our platform
Service Providers: Trusted third-party providers who assist in operating our services (hosting, payment processing) under strict data processing agreements
Legal Authorities: When required by law or to protect our rights

9. Cookies

We use cookies to improve your experience and analyze site usage. You can manage cookie preferences through the cookie banner or your browser settings. For more information, see our Cookie Policy.

10. International Transfers

All data is stored and processed within the European Union. We do not transfer your personal data outside the EU.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by email or through our platform. The latest version is always available on this page.

12. Contact

If you have questions about this privacy policy or wish to exercise your rights, please contact us at:

Email: hello@steuerpilot.xyz

Last updated: January 24, 2026

Privacy Policy