EPU Finanzplaner
Privacy Policy
Information on the processing of your personal data in accordance with GDPR
Data controller
The data controller is the operator of EPU Finanzplaner (epuplaner.com). For questions about data processing please contact: epuplanner@gmail.com
Data we process
We process the following personal data:
- Authentication data: email address and Firebase user ID (on registration)
- Profile data: name, phone number, company name, industry, federal state (voluntary)
- Financial data: monthly calculations (revenue, expenses, tax reserves) — only when you choose to save them
- Subscription data: Stripe customer ID, subscription status (paid plans only)
- Anonymous usage statistics: number of calculations performed, revenue bracket (no exact amounts), selected options, and a random session ID (stored in browser storage)
Legal basis
Contract performance (Art. 6(1)(b) GDPR): authentication, saving your calculations and managing your subscription.
Consent (Art. 6(1)(a) GDPR): newsletter. Consent can be withdrawn at any time in profile settings.
Consent (Art. 6(1)(a) GDPR and § 165 TKG 2021): anonymous usage statistics are collected only with your explicit consent and can be withdrawn at any time. The recorded data contains no precise financial figures.
Data processors
Google Firebase
Google Firebase (Authentication, Firestore) – Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland. Data processing agreement pursuant to Art. 28 GDPR is in place. More info: firebase.google.com/support/privacy
Stripe
Stripe (payment processing) – Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Dublin D02 H210, Ireland. More info: stripe.com/privacy
Retention period
Your data is stored as long as your account is active. When you delete your account (via profile settings) all personal data — profile, saved calculations and subscription data — is deleted immediately.
Your rights
Under GDPR you have the following rights:
- Access (Art. 15): request a copy of your stored data
- Rectification (Art. 16): have inaccurate data corrected
- Erasure (Art. 17): delete your account and all data (directly in profile settings)
- Restriction (Art. 18): request restriction of processing
- Data portability (Art. 20): receive your data in machine-readable format
- Objection (Art. 21): object to processing
You have the right to lodge a complaint with the Austrian Data Protection Authority: dsb.gv.at.
Newsletter
Newsletter emails are only sent based on your explicit opt-in consent. You can withdraw consent at any time in your profile settings. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
Local storage
We use technically necessary browser storage entries for language, colour scheme and UI preferences. For anonymous usage statistics we store — only after your consent — a random session ID (UUID) in local storage. This ID contains no personal data. You can withdraw your consent at any time via the cookie settings (link in the footer); the ID is then removed.
Contact
For data processing enquiries, access requests or to exercise your rights please contact: epuplanner@gmail.com