Privacy Notice

Right of access (Art. 15 GDPR), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and objection (Art. 21). Where processing is based on consent, you may withdraw consent at any time (Art. 7(3)).

You also have the right to lodge a complaint with a supervisory authority. The authority responsible for Berlin is: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin.

To exercise your rights, please contact us at [email protected].

We share personal data with service providers acting on our behalf (processors) only as necessary and subject to data processing agreements. Categories include: hosting/CDN and infrastructure, analytics, product telemetry, databases and storage, and customer support tools.

• Hosting/CDN: Cloudflare Pages/Workers (frontend delivery). Legal basis: Art. 6(1)(f) GDPR. Privacy:Cloudflare Privacy.
• Analytics: PostHog (product analytics). Privacy:PostHog Privacy.
• Data sources: Alchemy, Etherscan, CoinGecko to retrieve blockchain and pricing data. Privacy:Alchemy,Etherscan,CoinGecko.
• Storage: Google Cloud Storage for generated reports. Privacy:Google Cloud Privacy.

Where recipients are located outside the EEA, we ensure an adequate level of protection, e.g., through adequacy decisions or EU Standard Contractual Clauses (Art. 46 GDPR).

5.1 Account and Service Data

If you create an account or use our SaaS, we process account data (e.g., name, email, authentication data), product usage data, wallet addresses you provide, transaction data imported from supported sources, report configuration, and billing‑related information necessary to perform the contract (Art. 6(1)(b) GDPR) and to comply with legal obligations (Art. 6(1)(c) GDPR).

5.2 Blockchain and Market Data Sources

To fetch and process crypto transaction and pricing data, we may use third‑party APIs such as Alchemy (RPC/access to EVM chain data), Etherscan (block explorer data), and CoinGecko (token prices and metadata). For this purpose, wallet addresses or transaction hashes you provide may be transmitted to these providers. Legal basis: contract performance (Art. 6(1)(b) GDPR) and our legitimate interests in accurate data processing (Art. 6(1)(f) GDPR).

5.3 Report Generation and Storage

When you request a tax report, we generate report files (e.g., PDFs) and may store them in secure cloud storage. Legal basis: contract performance (Art. 6(1)(b) GDPR) and legal obligation for tax documentation where applicable (Art. 6(1)(c) GDPR).

4.1 What are Cookies?

Cookies are small text files stored on your device by your browser. They are widely used to make websites work, or work more efficiently, as well as to provide information to site owners.

4.2 Use of Cookies

We avoid non‑essential cookies. Where analytics or similar cookies are used, we rely on your consent (Art. 6(1)(a) GDPR). You can withdraw consent at any time via your browser settings and, where implemented, our consent tools. We do not use advertising or third‑party tracking cookies.

3.1 Informational Use

When you access our website, your browser automatically transmits data to our server/CDN. We process the following technically necessary data to display the website and ensure stability and security (Art. 6(1)(f) GDPR): IP address, date and time of the request, time zone difference to GMT, content of the request (specific page), access status/HTTP status code, amount of data transferred, referrer URL, browser type, operating system and interface, language and version of the browser software.

3.2 Analytics (PostHog)

We use PostHog (PostHog, Inc.) to analyze usage of our website and product in order to improve functionality and user experience. The data processed may include pseudonymous identifiers, usage events, device and browser information, and truncated IP addresses. Legal basis: our legitimate interest in product analytics (Art. 6(1)(f) GDPR) or your consent where required (Art. 6(1)(a) GDPR).

Further information: PostHog Privacy.

We process personal data only to the extent necessary for providing and improving our website and SaaS application, for performing contracts with you, for complying with legal obligations (e.g., tax laws), or where we have a legitimate interest and your interests or fundamental rights do not override such interests.

Personal data means any information relating to an identified or identifiable natural person. Processing includes any operation performed on personal data such as collection, storage, use, disclosure or deletion.

Legal bases under Art. 6(1) GDPR: (a) consent, (b) contract performance and pre‑contractual measures, (c) legal obligation, (f) legitimate interests.