Privacy Policy

Last updated: 15th January 2026

Introduction

zenaro GmbH ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our website and services. As a data controller under the General Data Protection Regulation (GDPR), we are responsible for ensuring your personal data is handled in accordance with applicable data protection laws.

Data We Collect

The data we collect includes information you provide directly to us and information we collect automatically when you use our services. We collect the following types of personal data:

  • Contact Information: Name, email address, phone number, postal address
  • Business Information: Company name, job title, business address, industry
  • Financial Information: Banking details, tax information, accounting records (when providing services)
  • Communication Data: Records of correspondence, enquiries, and support requests
  • Technical Data: IP address, browser type, device information, website usage data
  • Marketing Data: Preferences for receiving marketing communications

How We Use Your Information

We use your personal data for legitimate business purposes and with your consent where required. How we use your information includes the following purposes:

  • Service Provision: To provide accounting, bookkeeping, tax preparation, and financial advisory services
  • Client Management: To manage our relationship with you, process payments, and maintain client records
  • Legal Compliance: To comply with legal obligations, including tax reporting and financial regulations
  • Communication: To respond to enquiries, provide customer support, and send service-related communications
  • Marketing: To send promotional materials about our services (with your consent)
  • Website Improvement: To analyse website usage and improve our online services
  • Security: To protect our systems and prevent fraud or unauthorised access

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to perform our accounting services contract with you
  • Legal Obligation: Processing required to comply with legal and regulatory requirements
  • Legitimate Interest: Processing for our legitimate business interests, such as improving services and marketing
  • Consent: Processing based on your explicit consent for specific purposes like marketing communications

Data Sharing and Disclosure

We may share your personal data with third parties in the following circumstances:

  • Service Providers: Trusted third-party providers who assist with our operations (cloud storage, payment processing, software services)
  • Professional Advisors: Lawyers, auditors, and other professional advisors when necessary
  • Regulatory Authorities: Tax authorities, financial regulators, and other government bodies as required by law
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • Legal Requirements: When required by law, court order, or to protect our legal rights

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes outlined in this policy and to comply with legal obligations. For accounting and tax records, we retain data for the periods required by German law (typically 6-10 years). Marketing data is retained until you withdraw consent or we determine it is no longer necessary. We regularly review our data retention practices and securely delete data that is no longer required.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, access controls, regular security assessments, and staff training. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms under GDPR.

Your Rights

Under GDPR and German data protection law, you have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of processing in certain situations
  • Right to Data Portability: Request transfer of your data to another provider
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for processing based on consent

To exercise any of these rights, please contact us using the information provided below. We will respond to your request within one month.

Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected information from a child under 16, please contact us immediately so we can delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after any changes constitutes acceptance of the updated policy.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

zenaro GmbH

Hauptstraße 196

10372 Berlin, Germany

Phone: +49 302716735

Email: privacy@zenaro.world

Registration Number: HRB845091

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated. In Germany, you can contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI) or your local data protection authority.