Kanzlei21

Privacy Policy

How we protect and handle your data

Effective Date

24 October 2024

Last Updated

20 January 2025

Welcome to Kanzlei21. We value your privacy and are committed to ensuring that your personal data is handled with the utmost care, in full compliance with applicable laws and regulations, including the General Data Protection Regulation (GDPR).

1Information We Collect

We collect different types of personal information to provide and improve our services. To clarify how our services operate across our ecosystem, we distinguish between data collected universally (via Mobile Application and Web Platform) and data collected exclusively via our Web Platform.

A. Data Collected Across All Platforms

Mobile Application & Web Platform

  • Account Information: Your email address and credentials used to authenticate your identity and synchronize your account across devices.
  • Documents & Images: Receipts, invoices, contracts, and similar documents uploaded to our Web Platform, and images of documents captured via the Mobile Application.
  • Communication data
  • Usage data
  • Transaction data
  • Cookies and tracking technologies
  • Error logs and session recording

B. Data Collected Only via Web Platform

To protect your privacy and minimize mobile data usage, the following data types are not accessed, requested, or collected by our Mobile Application. They are collected solely when you use our Web Platform.

  • Bank Transaction Data: To the extent that users provide us with the necessary permissions, we collect bank transaction data to enable core functionalities of our services.
  • Tax and Accounting Data: To the extent that authorized tax advisory and/or accounting firm(s) provide us with this information, we collect tax and accounting data to facilitate seamless integration and reporting.

2How We Use Your Information

We use the collected data for the following purposes:

  • Providing Services: To deliver the core functionalities of our platform, including accounting support provided to the authorized tax advisory firm and communicating results back to the user.
  • Improving User Experience: To analyze usage patterns, troubleshoot issues, and enhance the overall performance and usability of our app.
  • Improving Algorithms: To refine and optimize the core services of our platform through the use of anonymized data.
  • Communication: To respond to inquiries, provide customer support, and send updates related to our services or your account.
  • Legal Compliance: To comply with legal obligations, such as tax and accounting requirements, and to ensure adherence to applicable regulations.

3Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

Consent

When you provide explicit consent for specific processing activities, such as accessing bank transactions or processing accounting information.

Contractual Obligations

When processing is necessary to perform a contract with you or take steps prior to entering into a contract.

Legitimate Interests

When processing is necessary for our legitimate interests, such as improving our services, provided these interests do not override your rights and freedoms as defined by GDPR.

Legal Obligations

When processing is required to comply with legal or regulatory obligations.

4Sharing Your Information

We do not sell or give away your personal data to third parties for their marketing purposes. Your data is shared only to the extent necessary for providing our services and with trusted third-party providers essential to our operations.

Our Trusted Partners

FinAPI

To securely access and process your bank transactions, enabling core functionalities of our service.

View Data Protection Policy

Posthog

To monitor and understand how our app is used, helping us improve its performance and user experience.

View Privacy Policy

Authorized Tax Advisory Firms

If you have authorized a tax advisory firm to use your data, we will share relevant information with them to facilitate accounting and tax advisory services.

Cloud Providers

We use cloud services for storage and data processing adhering to best security practices to ensure the safety and security of your data.

All third-party providers we work with are bound by strict confidentiality agreements and data protection standards to ensure your information remains secure and is used solely for the intended purposes.

5Data Retention

We retain your personal data only as long as necessary to fulfill the purposes described in this policy or as required by applicable law. Retention periods are determined based on the type of data and the purpose for its collection, ensuring that data is not kept longer than necessary. Once your data is no longer required, we securely delete or anonymize it in compliance with legal and regulatory requirements.

6Your Rights

Under the GDPR, you have the following rights regarding your personal data:

Access

The right to obtain confirmation of whether we process your personal data and access to such data.

Rectification

The right to request correction of inaccurate or incomplete personal data.

Erasure

The right to request the complete deletion of your personal data and account. Contact us via support@kanzlei21.com.

Restriction

The right to request the limitation of processing your personal data under certain circumstances.

Data Portability

The right to receive your personal data in a structured, commonly used, and machine-readable format.

Objection

The right to object to the processing of your personal data for specific purposes, including direct marketing.

To exercise any of these rights, please contact us using the details provided in this policy. We will respond to your requests in accordance with applicable legal requirements.

7User Consent for Financial Data Processing

By using our services, you explicitly consent to your tax advisor (or accountant) uploading your GDPdU data and processing your bank transactions, uploaded documents (such as invoices, receipts, etc.), and the information extracted from these documents for accounting and tax advisory purposes. This consent is required to fulfill the contractual obligations of the services.

8Security

We use appropriate technical and organizational measures to protect your personal data from unauthorized access, misuse, or loss. These measures include encryption, access controls, regular security audits, and staff training to ensure the highest level of data protection. Despite these efforts, no security measures are entirely foolproof, and we cannot guarantee absolute security of your data.

9Cookies and Tracking Technologies

We use cookies and similar technologies to authenticate you in our app, improve user experience, and analyze platform performance. You can manage your cookie preferences through your browser settings.

10Data Breach Notification

In the event of a data breach, we will promptly inform affected account holders and the appropriate supervisory authorities in compliance with the GDPR.

11International Data Transfers

🇩🇪 Data Hosted in Germany

All storage servers are located mainly in Germany and at most in other countries of the European Economic Area (EEA). Thus, we strictly adhere to the GoBD and the GDPR. Your personal data will not be transferred outside the EEA.

12Changes to This Policy

We may update this privacy policy from time to time. All changes will be posted on this page.

13Third-Party Links

Our system may include links or integrations with third-party services necessary for providing our services or enhancing the user experience (for example FinAPI). We ensure that any such third-party links or integrations comply with strict security standards and applicable privacy regulations to protect your data and maintain compliance.

14Contact Information

If you have any questions about this privacy policy or how we handle your personal data, please contact us:

support@kanzlei21.com