Privacy Policy

1. Controller

The controller for the processing of merchant data in connection with the app is:

Konstantin Rossbeck
Ginsterheide 133
14532 Kleinmachnow
Email: cocoa-support@proton.me

2. Categories of data

RechnungsPilot processes the data required to provide invoicing and export features. This may include merchant account data, company settings entered in the app, billing information, Shopify order data, customer billing details, invoice data, cancellation invoice data, tax data, PDF files, XML files, and accounting export files.

We also use essential technical session data and tokens required to authenticate merchants within the Shopify Admin environment. We do not use tracking or marketing cookies.

3. Purposes and legal bases

Personal data is processed for the following purposes and legal bases:

• To provide the app, create invoices and cancellation invoices, manage app settings, and make exports available to merchants pursuant to Art. 6 para. 1 lit. b GDPR.
• To comply with legal retention, accounting, and tax obligations related to invoicing and document archiving pursuant to Art. 6 para. 1 lit. c GDPR.
• To operate, secure, maintain, and improve the app infrastructure and prevent misuse pursuant to Art. 6 para. 1 lit. f GDPR.

4. Data sources

Data is obtained directly from merchants through the app and from Shopify based on the permissions granted by the merchant when installing and using the app.

5. Roles of the parties

For the merchant's own account and contract data, RechnungsPilot acts as controller. For personal data of the merchant's customers that is processed in order to create invoices on behalf of the merchant, RechnungsPilot acts as processor on behalf of the merchant.

Where required, data processing for customer invoice data should be governed by a data processing agreement between the merchant and the app provider.

6. Hosting, storage, and international transfers

The application is hosted on Render. According to the deployment configuration, the production hosting region is Frankfurt, Germany. Invoice documents may be stored in Cloudflare R2. The project documentation states that the configured R2 bucket is intended to be located in the EU.

Render and Cloudflare are companies based in the United States. If personal data is transferred to a third country, such transfer must be protected by an appropriate transfer mechanism, for example an adequacy decision such as the EU-U.S. Data Privacy Framework or the European Commission's Standard Contractual Clauses.

7. Retention

Data is retained for as long as necessary to provide the app and for as long as required to fulfill legal retention and accounting obligations.

Upon uninstallation of the app, merchant data is marked for deletion and permanently removed from our active databases after a grace period of 30 days. If a merchant explicitly requests deletion via Shopify, for example through the shop/redact webhook, data is deleted immediately. Merchants are solely responsible for exporting and archiving their invoices before deletion in order to comply with statutory retention obligations, including retention periods under GoBD in Germany.

If an end customer requests deletion of their data via the merchant, for example through the customers/redact webhook, we process this request in accordance with applicable law. However, personal data contained in already generated invoices and export files cannot be deleted or modified where such documents are subject to strict financial and tax retention laws applicable to the merchant.

8. Data subject rights

Data subjects have the following rights under applicable law, subject to the statutory requirements:

• Right of access pursuant to Art. 15 GDPR
• Right to rectification pursuant to Art. 16 GDPR
• Right to erasure pursuant to Art. 17 GDPR
• Right to restriction of processing pursuant to Art. 18 GDPR
• Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR

9. Contact

Questions about privacy and data protection can be sent to:
cocoa-support@proton.me

10. Updates

This privacy policy may be updated if the app functionality or legal requirements change.