Privacy Policy

Last Updated: October 25, 2025

1. Introduction

Welcome to getdac7.eu ("we", "us", "our"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, process, and disclose your information in conjunction with your access to and use of our website and services (collectively, the "Service").

This policy applies to two categories of data:

  • Visitor Data: Information we collect from visitors to our public website.
  • Customer Data: Information we process on behalf of our customers who use our Service.

Our legal entity is Marcel Goria, IČO: 08722536, a self-employed person registered in the Czech Republic ("getdac7.eu"). For the purpose of the General Data Protection Regulation (GDPR), we act as the Data Controller for Visitor Data and the Data Processor for Customer Data.

2. Information We Collect

2.1. Visitor Data

When you visit our website, we may collect the following information:

  • Contact Information: If you fill out a form (e.g., "Book a demo," "Get Started"), we collect your name, company name, and email address. The legal basis for this is your consent.
  • Usage Data: We may collect information about how you interact with our website, such as your IP address, browser type, pages visited, and time spent on pages. The legal basis for this is our legitimate interest in improving our website and services.

2.2. Customer Data

When our customers use our Service, they provide us with data for processing. This is the data we process on their behalf as a Data Processor and is governed by our Data Processing Agreement (DPA). This data includes, but is not limited to:

  • Platform Data: Information about the customer's platform, such as its legal name, address, and TIN.
  • Seller Data: Personal and financial data about the customer's sellers, which is required for DAC7 reporting. This is highly sensitive data and includes names, addresses, dates of birth, Tax Identification Numbers (TINs), VAT numbers, and financial transaction summaries.

3. How We Use Your Information

  • To Provide and Maintain our Service: We use Customer Data solely to provide the DAC7 compliance services as instructed by our customers and as detailed in our DPA.
  • To Communicate with You: We use Visitor Data to respond to your inquiries, send you information about our service, and manage access requests.
  • To Improve Our Website: We analyze Usage Data to understand how our website is used and to improve its functionality and user experience.

4. Data Storage and Security

Data Residency: All Customer Data is stored and processed exclusively on servers located within the European Union (EU).

Security Measures: We implement state-of-the-art technical and organizational security measures to protect your data. This includes encryption of data at rest (AES-256) and in transit (TLS 1.3), strict access controls, and regular security assessments.

Data Retention: We retain Customer Data for the duration specified in our DPA with each customer. We retain Visitor Data for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

5. Your Data Protection Rights under GDPR

If you are a resident of the European Economic Area (EEA), you have the following data protection rights:

  • The right to access, update, or delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent.

Please note that for Customer Data, we are a Data Processor. If you are a seller on a platform that uses our service and you wish to exercise your rights, please contact the platform (the Data Controller) directly.

6. Sharing and Disclosure

We do not sell, rent, or trade your personal information with any third parties for their marketing purposes.

We may disclose your information in the following limited circumstances:

  • With Service Providers: We may share information with trusted third-party service providers who perform services on our behalf (e.g., cloud hosting). These providers are contractually obligated to protect your data.
  • For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities.

7. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

contact@getdac7.eu