Privacy Policy

Last updated: 08 Sep 2025

This Privacy Policy explains how Reportat (“Reportat”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal data in connection with our website and services targeted to SMEs and startups in Europe, especially Austria. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Austrian laws.

Short summary: We only collect what we need, use it for specific purposes (e.g., providing services and responding to enquiries), keep it secure, and never sell your data. You control your data and can exercise your GDPR rights at any time.

1) Who We Are (Data Controller)

The data controller responsible for your personal data is Reportat.
Contact email for privacy queries: privacy@reportat.com

2) What Data We Collect

a) Data you provide directly

  • Contact details: name, business email, phone number, company name, role/title, and any message you submit via forms (e.g., /contact).

  • Account/engagement data: if you become a client, we may collect billing details, service preferences, project files, and communications.

  • Content you upload/share: documents or data you share so we can perform our services (e.g., financial documents, reports, inventory files).

b) Data collected automatically

  • Device and usage data: IP address, browser type, device identifiers, pages viewed, time on page, referrer URLs, and general location (city/region level).

  • Cookies and similar technologies: see the Cookies & Analytics section.

c) Data from third parties

  • Service partners and tools: analytics, CRM, payment or communication providers may share limited information to help us operate our services (e.g., campaign attribution, payment confirmations).

  • Public and professional sources: business directories and public records relevant to B2B operations in Europe.

3) Why We Use Your Data (Purposes) & Legal Bases

  • Provide and improve services (advisory, reporting, valuation, bookkeeping, SAP support). Legal bases: contract performance (Art. 6(1)(b) GDPR) and legitimate interests (Art. 6(1)(f)).

  • Respond to enquiries and support requests submitted via /contact. Legal bases: contract performance / pre-contractual steps; legitimate interests.

  • Marketing communications (e.g., newsletters or event invites) where permitted. Legal bases: consent (Art. 6(1)(a)) or legitimate interests with opt-out (Art. 6(1)(f)). You can unsubscribe anytime.

  • Security, fraud prevention, and compliance with legal obligations (tax, accounting). Legal bases: legal obligation (Art. 6(1)(c)); legitimate interests.

  • Analytics and website performance to understand usage and improve content. Legal bases: consent for non-essential cookies; legitimate interests for strictly necessary processing.

4) Cookies & Analytics

We use cookies and similar technologies to operate the site, measure performance, and (if you consent) personalize or measure marketing. You can manage preferences through your browser or our cookie banner (where available).

  • Strictly necessary cookies: required for core functionality (cannot be disabled).

  • Performance/analytics cookies: help us understand visits and user flows (enabled only with consent where required).

  • Functional cookies: remember your preferences.

  • Marketing cookies: used for audience measurement or retargeting (consent-based).

5) Who We Share Data With

  • Service providers (processors): hosting, analytics, communication, CRM, billing, and security providers who process data on our behalf under GDPR-compliant contracts.

  • Professional advisors: lawyers, accountants, and auditors under confidentiality obligations.

  • Business transfers: in the context of a merger, acquisition, or asset sale, data may be transferred subject to appropriate safeguards.

  • Legal and compliance: where required by law, regulation, or to protect rights, users, or the public.

6) International Data Transfers

We primarily process data within the EEA. If transfers occur outside the EEA/UK, we use appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) and additional measures as needed.

7) Data Retention

We keep personal data only as long as necessary for the purposes described in this policy, to comply with legal obligations (e.g., tax/accounting retention), resolve disputes, and enforce agreements. When no longer needed, data is securely deleted or anonymized.

8) Your Rights Under GDPR

Subject to applicable law, you may have the right to:

  • Access your personal data and obtain a copy.

  • Rectify inaccurate or incomplete data.

  • Erase data (right to be forgotten) in certain circumstances.

  • Restrict or object to processing, including for direct marketing.

  • Data portability (receive data in a structured, commonly used, machine-readable format).

  • Withdraw consent at any time where processing is based on consent (withdrawal does not affect prior lawful processing).

  • Lodge a complaint with your local supervisory authority. In Austria: Österreichische Datenschutzbehörde.

To exercise your rights, contact us at [Add privacy email]. We may need to verify your identity before responding.

9) Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. No system is 100% secure, but we continually improve our controls and vendor due diligence.

10) Children’s Privacy

Our website and services are intended for business users. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

11) Automated Decision-Making

We do not perform automated decision-making or profiling that produces legal or similarly significant effects on individuals.

12) Third-Party Links

Our website may contain links to third-party sites and services. This Privacy Policy does not cover those providers. Please review their privacy policies before submitting personal data.

13) Changes to This Policy

We may update this Privacy Policy to reflect legal, technical, or business changes. We will post the updated version here and adjust the “Last updated” date. Significant changes may be communicated by additional notice.

14) Contact Us

For questions or requests related to this Privacy Policy or your personal data, please contact us:
Email: privacy@reportat.com |  Form: /contact  
For terms of service, see /information/terms.