%20--%3e%3csvg%20version='1.0'%20id='Layer_1'%20xmlns='http://www.w3.org/2000/svg'%20xmlns:xlink='http://www.w3.org/1999/xlink'%20x='0px'%20y='0px'%20viewBox='0%200%20116%20130.5'%20style='enable-background:new%200%200%20116%20130.5;'%20xml:space='preserve'%3e%3cstyle%20type='text/css'%3e%20.st0{fill:%23FFFFFF;}%20%3c/style%3e%3cg%3e%3cg%3e%3cpath%20class='st0'%20d='M30.3,52.1l-0.4-0.3c-4.3,5.8-6.9,13-6.9,20.8c0,19.3,15.7,35,35,35c19.3,0,35-15.7,35-35%20c0-7.8-2.6-15-6.9-20.8l-0.4,0.4c-1.3,1.2-2.6,2.3-3.8,3.5c3.4,4.8,5.5,10.6,5.5,17c0,16.1-13.1,29.3-29.3,29.3%20c-16.1,0-29.3-13.1-29.3-29.3c0-6.3,2-12.2,5.4-17C32.9,54.4,31.6,53.2,30.3,52.1z'/%3e%3cpath%20class='st0'%20d='M23.5,45.7c-0.7-0.7-1.4-1.5-2-2.3c-6.4,8-10.2,18.1-10.2,29c0,25.7,20.9,46.7,46.7,46.7%20c25.7,0,46.7-20.9,46.7-46.7c0-11-3.8-21.1-10.2-29c-0.7,0.8-1.3,1.6-2,2.3L91,47.1l-0.6,0.5c5.3,6.9,8.4,15.5,8.4,24.8%20c0,22.6-18.4,40.9-40.9,40.9S17.1,95,17.1,72.4c0-9.3,3.1-17.9,8.4-24.8L24.8,47L23.5,45.7z'/%3e%3cpath%20class='st0'%20d='M100.3,32.9c-0.7,2-1.6,3.9-2.6,5.7c7.8,9.1,12.6,21,12.6,34c0,28.8-23.5,52.3-52.3,52.3%20c-28.8,0-52.3-23.5-52.3-52.3c0-13,4.8-24.8,12.6-34c-1-1.8-1.9-3.7-2.6-5.7C6,43.3,0,57.2,0,72.5c0,32,26,58,58,58%20c32,0,58-26,58-58C116,57.2,110,43.3,100.3,32.9z'/%3e%3cpath%20class='st0'%20d='M85.5,9.6c-4.1,3.4-29.8,26.8-32,28.9l-1.6,1.6l-0.9,0.9c-0.3,0.3-0.6,0.6-0.8,1c-1.1,1.3-2,2.8-2.7,4.3%20c-1.5,3-2.3,6.4-2.1,9.7c0.1,1.7,0.4,3.3,0.9,4.8c0.3,0.8,0.6,1.5,0.9,2.2c0.3,0.7,0.6,1.4,1,2.1c0.1-0.8,0.2-1.6,0.3-2.3%20c0.1-0.8,0.1-1.6,0.1-2.3c0.1-1.5,0.3-2.8,0.6-4.2c0.6-2.7,1.5-4.4,2.8-6.7c0.8-1.3,1.8-2.6,2.9-3.7c1.6-1.8,3.4-3.4,5.2-5.1%20c5-4.5,19.6-17.7,25.5-23.1L85.5,9.6z'/%3e%3cpath%20class='st0'%20d='M82,33.3c2.2-2.5,3.1-4.1,3.4-8.6l-0.1-1.8L58.4,48.6c-2,2.3-4.3,4.3-5.7,7.2c-1.4,2.9-2.3,7.2-2,10.5%20c0.1,1.6,0.5,3.2,1,4.7c0.3,0.8,0.6,1.5,0.9,2.2c0.3,0.7,0.6,1.4,0.9,2.1c0-1.5,0-3.1-0.1-4.6c0-1.5,0.1-2.9,0.3-4.2%20c0.5-2.7,2.8-8.7,5.9-11.8L82,33.3z'/%3e%3cpath%20class='st0'%20d='M90.1,17.9l0,3c0,0.9-0.1,1.8-0.2,2.6c-0.4,3.5-0.6,6.1-2.4,9.1c-0.9,1.5-3,3.7-4.2,4.9l-0.9,1l-1.1,1%20l-2.1,2.1c-2.9,2.8-5.7,5.5-8.6,8.3l-4.2,4.2l-2.1,2.1l-1,1.1l-1.1,1.2c-2.9,3.3-4.9,7.4-5.4,11.8c-0.3,2.2-0.2,4.3,0.3,6.4%20l0.2,0.8l0.2,0.8c0.2,0.5,0.3,1,0.5,1.5c0.4,0.9,0.7,1.9,1.1,2.8c0.2-2,0-4.1,0.2-6c0.2-1.9,0.5-3.7,1.1-5.4%20c1.2-3.4,3.1-6.5,5.6-9.1l1-0.9l1.1-1l2.2-2l4.4-4c3-2.6,5.9-5.3,8.8-8l2.2-2l1.1-1l1.2-1.1c1.5-1.6,4-3.6,5.1-5.4%20c2.3-3.8,2.7-7.9,3.2-12.3c0.1-1.1,0.2-2.2,0.2-3.3l0-3l-0.1-6C96.1,7.9,96,4,95.9,0l-5.8,5.4V17.9z'/%3e%3cg%3e%3cpath%20class='st0'%20d='M42.9,47.4c-2-2-4-3.9-6-5.8l-2.1-2.1l-1.1-1l-0.9-1c-1.2-1.3-2.3-2.7-3.2-4.2c-1.8-3-3-6.4-3.4-9.9%20c-0.1-0.9-0.2-1.8-0.2-2.6l0-3V5.4L20.1,0c-0.2,4-0.3,7.9-0.3,11.9l-0.1,6l0,3c0,1.1,0.1,2.2,0.2,3.3c0.5,4.4,1.9,8.7,4.3,12.5%20c1.2,1.9,2.5,3.7,4.1,5.2l1.2,1.1l1.1,1l2.2,2c2.9,2.7,5.9,5.4,8.8,8l0.8,0.7c0,0,0-0.1,0-0.1c0-0.4-0.1-0.8-0.1-1.2%20C42.1,51.5,42.3,49.4,42.9,47.4z'/%3e%3cpath%20class='st0'%20d='M31.1,9.6l0,8.1c0,0,15,14,19.5,18.1c0.7-0.7,2.4-2.2,4.6-4.2L31.1,9.6z'/%3e%3cpath%20class='st0'%20d='M31.1,22.9L48,38.4l-0.2,0.2c-0.3,0.3-0.6,0.6-0.8,1c-0.9,1.1-1.6,2.3-2.3,3.5C42.3,41,35,33.5,35,33.5%20S31.1,29.4,31.1,22.9z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
'%3e%3cmask%20id='mask0_3942_40921'%20style='mask-type:luminance'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='34'%20height='25'%3e%3cpath%20d='M34%200H0V25H34V0Z'%20fill='white'/%3e%3c/mask%3e%3cg%20mask='url(%23mask0_3942_40921)'%3e%3cpath%20d='M34%200H0V25H34V0Z'%20fill='white'/%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M0%200V25H34V0H0Z'%20fill='%23E31D1C'/%3e%3cmask%20id='mask1_3942_40921'%20style='mask-type:luminance'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='34'%20height='25'%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M0%200V25H34V0H0Z'%20fill='white'/%3e%3c/mask%3e%3cg%20mask='url(%23mask1_3942_40921)'%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M19.125%206.25H14.875V10.4167H10.625V14.5833H14.875V18.75H19.125V14.5833H23.375V10.4167H19.125V6.25Z'%20fill='%23F1F9FF'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_3942_40921'%3e%3crect%20width='34'%20height='25'%20rx='5'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
'%3e%3crect%20width='32'%20height='24'%20fill='white'/%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M22%200H32V24H22V0Z'%20fill='%23C51918'/%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M0%200H12V24H0V0Z'%20fill='%235EAA22'/%3e%3cpath%20fill-rule='evenodd'%20clip-rule='evenodd'%20d='M10%200H22V24H10V0Z'%20fill='white'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_270_67407'%3e%3crect%20width='32'%20height='24'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
Privacy policy
Last updated: 4 June 2026
OpenFiskal GmbH operates the website openfiskal.com (the "Website"). This privacy policy explains how we process personal data when you visit our Website or interact with our public content. It applies to processing carried out by OpenFiskal GmbH as controller within the meaning of Art. 4(7) of the General Data Protection Regulation (GDPR).
The OpenFiskal product environment, in which fiscal and transactional data of merchants and their customers are processed, is governed by separate data processing agreements and is not the subject of this policy.
1. Controller
OpenFiskal GmbH
Rosenthaler Straße 72A
10119 Berlin, Germany
Email: hello@openfiskal.com
Phone: +49 (0) 30 37009391
Commercial register: Amtsgericht Charlottenburg, HRB 272267 B.
VAT identification number: DE453492892.
Responsible for editorial content pursuant to § 18(2) MStV: Ferry Hötzel, address as above.
2. Hosting and delivery
The Website is hosted on the Lovable platform (lovable.dev, lovable.app) including its associated content delivery network. When you access the Website, the following technical data is automatically processed by our hosting provider on our behalf:
- IP address of the requesting device
- Date and time of the request
- Requested URL and HTTP status code
- Referrer URL
- Browser identifier and operating system (user agent)
This data is processed in server log files to deliver the Website, ensure its stability, detect and prevent misuse, and investigate security incidents.
Legal basis: Art. 6(1)(f) GDPR. Our legitimate interest lies in the secure operation of the Website.
Retention: Operational logs are kept for a short, rolling period and then deleted, unless a specific incident requires longer retention for security reasons or to comply with legal obligations.
3. Backend infrastructure
Data stored in our backend in connection with the operation of the Website (in particular admin area authentication data) is provided via Lovable Cloud and runs on Supabase infrastructure within the European Union. Lovable acts as a processor under Art. 28 GDPR on the basis of a data processing agreement.
4. Processors and recipients
We share personal data with the following processors, each of which is bound by a data processing agreement:
- Lovable / Supabase (Lovable Cloud, EU region) for hosting, application database, authentication and storage.
We do not sell personal data and do not pass it on to third parties for their own marketing purposes.
5. International data transfers
We currently do not transfer personal data to third countries outside the EU/EEA. Should this change in the future, we will rely on an adequacy decision of the European Commission pursuant to Art. 45 GDPR or on the Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR, supplemented by appropriate technical and organisational measures.
6. Cookies and tracking
We use only strictly necessary cookies and corresponding entries in local storage that are required to operate the Website and the admin area, in particular for session handling and security. We do not use advertising cookies, cross-site tracking, web analytics tools (such as Google Analytics), social media pixels (such as the Meta Pixel), or session replay tools (such as Hotjar).
If we introduce non-essential cookies or tracking tools in the future, we will update this policy and implement a compliant consent banner.
7. Blog
Beyond the technical server logs described in section 2, our public blog does not collect any personal data from readers.
8. External links and embedded content
The Website contains links to our profiles on X, Instagram, LinkedIn and YouTube as well as to external press articles. These are plain hyperlinks. Third-party content (such as social media widgets, video players or fonts) is not loaded automatically when you access a page. Personal data is transmitted to the respective third-party providers only when you actively click a link and access their service. Their privacy policies apply in such cases.
9. Your rights
Under the GDPR, you have the following rights:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object to processing based on Art. 6(1)(e) or (f) GDPR (Art. 21 GDPR), including objection to direct marketing
- Right to withdraw consent at any time with effect for the future (Art. 7(3) GDPR)
To exercise these rights, please contact us at hello@openfiskal.com. We may verify your identity before responding.
10. Children
The Website and our service are aimed at business users. They are not intended for children under the age of 16, and we do not knowingly collect personal data from children.
11. Automated decision-making
We do not use automated decision-making, including profiling within the meaning of Art. 22 GDPR, on this Website.
12. Changes to this policy
We reserve the right to adapt this privacy policy, for example if our processing activities, our processors or the applicable law change. The current version is available at this URL. Material changes will be indicated by an updated date at the top of this page and, where appropriate, by additional notices.