Privacy Policy

Last updated: 12 April 2026

Table of Contents

  1. Preamble
  2. Data Controller
  3. Overview of Processing Activities
  4. Legal Bases
  5. Security Measures
  6. Transfer of Personal Data
  7. International Data Transfers
  8. Data Retention and Deletion
  9. Your Rights
  10. Website Hosting
  11. Cookies
  12. Blog and Publication
  13. Newsletter
  14. Web Analytics
  15. Online Marketing
  16. Affiliate Programmes
  17. Social Media
  18. Plugins and Embedded Content
  19. Management Tools
  20. Changes to this Policy
  21. Definitions

1. Preamble

This privacy policy explains what personal data we collect, why we collect it, and how we use it. It applies to all personal data processed through our website, mobile applications, and social media profiles.

2. Data Controller

Venkatesh Soundarapandian Am Mahlbusen 32 16321 Bernau bei Berlin Germany

Email: taxbyte.de@gmail.com Website: https://taxbyte.de/

3. Overview of Processing Activities

Types of data we process:

  • Master data (name, address, contact details)
  • Location data
  • Contact data
  • Content data
  • Contract data
  • Usage data
  • Meta, communication and process data
  • Event data (Facebook)
  • Log data

Categories of people affected:

  • Prospective users
  • Communication partners
  • Website visitors and users

Purposes of processing:

  • Providing our services
  • Communication
  • Security measures
  • Direct marketing
  • Reach measurement and analytics
  • Tracking
  • Conversion measurement
  • Audience targeting
  • Affiliate tracking
  • Marketing
  • User profiling
  • Operating and improving our website

4. Legal Bases

We process personal data based on the following legal grounds under the GDPR:

  • Consent (Art. 6(1)(a) GDPR) — where you have given explicit consent for a specific purpose
  • Legitimate interests (Art. 6(1)(f) GDPR) — where processing is necessary for our legitimate interests, unless overridden by your rights

In addition to GDPR, German national law (Bundesdatenschutzgesetz — BDSG) also applies, including rules on access rights, deletion, objection, and automated decision-making.

5. Security Measures

We implement appropriate technical and organisational measures to protect your personal data. These include securing the confidentiality, integrity and availability of data through physical and electronic access controls.

All data transmitted through our website is protected using TLS/SSL encryption (HTTPS).

6. Transfer of Personal Data

We may share personal data with third-party service providers (such as IT providers or content delivery services) where necessary. In all such cases we ensure appropriate data protection agreements are in place.

7. International Data Transfers

Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place. For transfers to the USA, we rely primarily on the EU-US Data Privacy Framework (DPF), recognised by the EU Commission on 10 July 2023, supplemented by Standard Contractual Clauses where applicable.

8. Data Retention and Deletion

We delete personal data as soon as the purpose for which it was collected no longer applies and no legal retention obligation exists.

Statutory retention periods under German law:

  • 10 years — accounting records and annual financial statements
  • 8 years — booking documents and invoices
  • 6 years — other business documents
  • 3 years — data needed for potential warranty or liability claims

9. Your Rights

Under GDPR, you have the following rights:

  • Right to object — you can object to processing based on legitimate interests at any time
  • Right to withdraw consent — you can withdraw consent at any time
  • Right of access — you can request confirmation of whether we process your data and a copy of it
  • Right to rectification — you can request correction of inaccurate data
  • Right to erasure — you can request deletion of your data
  • Right to data portability — you can request your data in a structured, machine-readable format
  • Right to lodge a complaint — you can complain to a supervisory authority in your country of residence

To exercise any of these rights, contact us at: taxbyte.de@gmail.com

10. Website Hosting

We process user data (including IP addresses and log data) to operate and deliver our website. This is hosted on rented server space provided by Hostinger.

Server log files are stored for a maximum of 30 days and then deleted or anonymised, unless longer retention is required for security purposes.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

11. Cookies

We use cookies in accordance with legal requirements. Where required, we obtain your consent before setting cookies. Cookies may be temporary (deleted when you close your browser) or permanent (stored for up to two years).

You can withdraw your consent at any time using the cookie settings banner on our site.

Cookie management: We use Complianz to manage cookie consent. Complianz stores your consent preferences in a cookie on your device. More information: https://complianz.io/legal/

12. Blog and Publication

We operate a blog. Reader data is processed only to the extent necessary to display content and ensure security.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

13. Newsletter

We send newsletters only with your consent. Your email address is processed by Brevo (Sendinblue SAS, 55 rue d’Amsterdam, 75008 Paris, France) as our email service provider.

Newsletter content: Tax tips, German tax deadline reminders, updates to tax law, and useful guides for expats, employees, students, and freelancers living in Germany.

You can unsubscribe at any time by clicking the unsubscribe link in any newsletter or by contacting us at taxbyte.de@gmail.com.

Unsubscribed email addresses may be retained for up to three years to document the history of consent.

Note: Newsletter subscription may be required to access certain free resources (such as the tax deadline calendar). If you wish to access these without subscribing, please contact us.

Legal basis: Consent (Art. 6(1)(a) GDPR)

14. Web Analytics

We use Google Analytics 4 to analyse how visitors use our website. Google Analytics uses pseudonymous identifiers and does not store individual IP addresses for EU users. Geographic location data is derived from IP addresses at an aggregated level only.

Google Analytics is only loaded after you have given explicit cookie consent via our consent banner. If you decline statistics cookies, no analytics data is collected.

You can opt out of Google Analytics tracking at any time here: https://tools.google.com/dlpage/gaoptout

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Privacy policy: https://policies.google.com/privacy Legal basis: Consent (Art. 6(1)(a) GDPR)

15. Online Marketing

We use online marketing tools including Google Ads and Google AdSense to display relevant advertising. These tools use cookies to build pseudonymous user profiles for ad targeting purposes.

You can opt out of personalised advertising at: https://myadcenter.google.com/personalizationoff

For EU residents: https://www.youronlinechoices.eu

Legal basis: Consent (Art. 6(1)(a) GDPR) and legitimate interests (Art. 6(1)(f) GDPR)

16. Affiliate Programmes

We participate in affiliate programmes. When you click an affiliate link on our site and make a purchase, we may receive a commission. Affiliate links may contain tracking parameters to attribute sales correctly.

We participate in the following affiliate networks:

  • TARIFFUXX (TARIFFUXX GmbH, Benzstraße 11, 82178 Puchheim, Germany): https://www.tariffuxx.de
  • Webgains (ad pepper media GmbH, Nürnberg, Germany): https://www.webgains.com

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

17. Social Media

We maintain profiles on the following social networks. User data may be processed outside the EU on these platforms:

  • Instagram — Meta Platforms Ireland Limited: https://privacycenter.instagram.com/policy/
  • Facebook — Meta Platforms Ireland Limited: https://www.facebook.com/privacy/policy/
  • LinkedIn — LinkedIn Ireland Unlimited Company: https://www.linkedin.com/legal/privacy-policy
  • Pinterest — Pinterest Europe Limited: https://policy.pinterest.com/privacy-policy
  • X (Twitter) — X Internet Unlimited Company: https://x.com/privacy
  • YouTube — Google Ireland Limited: https://policies.google.com/privacy

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

18. Plugins and Embedded Content

We embed third-party content and plugins on our website, including:

  • Google Fonts — loaded from Google servers. Your IP address is transmitted to Google to deliver the fonts. Privacy policy: https://policies.google.com/privacy
  • Facebook and Instagram plugins — social sharing buttons
  • LinkedIn plugins — social sharing buttons
  • YouTube videos — embedded video content

Legal basis: Consent (Art. 6(1)(a) GDPR) and legitimate interests (Art. 6(1)(f) GDPR)

19. Management Tools

We use third-party tools for website management and operations. These providers may process usage and metadata for security and service optimisation purposes.

Legal basis: Legitimate interests (Art. 6(1)(f) GDPR)

20. Changes to this Policy

We will update this privacy policy when our data processing practices change. The date at the top of this page shows when it was last updated. We will notify you if any changes require your action or consent.

21. Definitions

  • Personal data — any information relating to an identified or identifiable person
  • Processing — any operation performed on personal data, including collection, storage, use, or deletion
  • Tracking — following user behaviour across multiple websites to build interest profiles
  • Conversion measurement — measuring whether marketing activities led to a specific action (e.g. a purchase)
  • Affiliate tracking — recording whether a user followed an affiliate link and completed a transaction

Generated with the free privacy policy generator by Dr. Thomas Schwenke — datenschutz-generator.de