1. General Information
This privacy policy informs you about how we, PSTax Steuerberatung GmbH and Mag.a Miglena Hofer, LL.M., as joint controllers, process personal data when you visit our website https://setupinaustria.at, contact us, or use our services.
We comply with the provisions of the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance not only with the statutory data protection regulations and this privacy policy, but with the professional standards of our respective industries.
2. Joint Controllers
PSTax Steuerberatung GmbH
Biberhaufenweg 78, 1220 Vienna, Austria
E-Mail: [email protected]
Website: https://pstax.at
Mag.a Miglena Hofer, LL.M.
Apollogasse 4/7, 1070 Vienna, Austria
E-Mail: [email protected]
Website: https://miglenahofer.com
Both parties have concluded an agreement on joint controllership pursuant to Article 26 GDPR. In this agreement, we have determined our respective responsibilities for compliance with data protection obligations.
3. Categories of Data Processed
Depending on the interaction, we may process:
Identification data (name, title, company name)
Contact data (email, address, telephone number)
Professional and contract data (e.g., tax numbers, financial data for clients)
Communication content (e.g., requests and attachments)
Technical data (IP address, browser type, access time, cookies)
We do not intentionally collect sensitive data unless required by law or contract (e.g., for tax representation and business registration purposes).
4. Data Sources
We obtain data primarily:
Directly from you (e.g., inquiries, contracts, emails)
From public registers (e.g., Companies Register, Land Register)
From tax authorities and other official bodies where legally required
5. Data Sharing and Processors
Your data may be shared with:
IT and hosting service providers within the EU
Legal and tax authorities where required by law
Banks and insurance partners involved in contract execution
Sub-consultants or cooperating experts (bound by confidentiality)
No data will be shared with third parties for marketing and/or advertisement reasons, without your explicit prior consent.
All processors are contractually bound to comply with Art. 28 GDPR.
6. Retention Periods
Data are stored only as long as required for the relevant purpose or statutory retention obligations:
Tax-related data: 7 years under §132 BAO (Austrian Fiscal Code)
Business-consulting records: generally 3–7 years, longer if needed for legal claims
Marketing and inquiry data: until withdrawal of consent or resolution of the request
After these periods, data are securely deleted or anonymised.
7. Cookies and Web Analytics
Our website uses essential cookies to ensure technical functionality.
We may use Google Analytics or comparable services for statistical evaluation of website usage only with your explicit consent (Art. 6 (1)(a) GDPR).
You can withdraw your consent at any time by adjusting your browser settings or via the cookie banner.
8. Data Transfers Outside the EU/EEA
We do not transfer personal data to third countries unless necessary for specific tasks (e.g., email hosting or analytics services in the USA).
In such cases, transfers occur only where adequate safeguards (e.g., EU Standard Contractual Clauses) are in place.
9. Use of AI Notetakers (Fireflies.ai and Circleback.ai)
During online consultations, we use the tools Fireflies.ai and/or Circleback.ai to automatically record, transcribe, and summarise conversations for documentation and quality assurance purposes. They are AI-based meeting assistants provided by Fireflies.ai Inc. and Circleback.at respectively, based in the United States. However, the data is stored in Europe.
Purpose and legal basis
The use of these Notetakers serves the purpose of creating meeting notes and summaries to ensure accuracy, follow-up, and efficient client service.
The processing of data is based on Art. 6 (1) lit. b DSGVO (performance of a contract or steps prior to entering into a contract) and Art. 6 (1) lit. f DSGVO (legitimate interest in efficient and accurate documentation of consultations).
Categories of data processed
When Fireflies.ai joins a meeting, it records and transcribes the audio of the conversation. The recording may include:
your voice and the content of the conversation,
meeting metadata (date, time, participants, duration), and
any text-based chat exchanged during the meeting (if applicable).
Storage and access
The recordings and transcripts are stored securely on Fireflies.ai’s servers. We limit access to these recordings to authorised personnel only (e.g. the consultant and, if applicable, internal assistants bound by confidentiality).
The transcripts are used exclusively for internal purposes (note-taking, task tracking, and client file documentation) and are not shared with third parties without consent.
Data transfers to third countries
Fireflies.ai Inc. and Circleback.at are U.S.-based service providers. Data processing therefore involves a transfer of personal data to the United States.
Fireflies.ai and Circleback.at participate in the EU–U.S. Data Privacy Framework, which provides an adequate level of protection as recognised by the European Commission.
More information about Fireflies.ai’s data protection practices is available here: https://fireflies.ai/privacy.
More information about Circleback.ai’s data protection practices is available here: https://circleback.ai/privacy
10. Data Subject Rights
You have the following rights under the GDPR:
Access (Art. 15 GDPR)
Rectification (Art. 16 GDPR)
Erasure (Art. 17 GDPR)
Restriction (Art. 18 GDPR)
Data portability (Art. 20 GDPR)
Objection (Art. 21 GDPR)
Withdrawal of consent (Art. 7 (3) GDPR)
Requests may be directed to either controller:
PSTax Steuerberatung GmbH – [email protected]
Mag.a Miglena Hofer, LL.M. – [email protected]
You also have the right to lodge a complaint with the Austrian Data Protection Authority (www.dsb.gv.at).
11. Data Security
We implement technical and organizational security measures to protect data against loss, misuse, and unauthorized access.
All systems are hosted on secure servers within the EU, with encrypted data transmission (HTTPS).
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
12. Joint Responsibility Information (Art. 26 GDPR)
Both parties jointly determine the purposes and means of data processing for this website.
13. Updates
This privacy policy is subject to regular review and update to reflect legal or technical changes.
Last updated: October 2025.
The latest version is always available.
14. Contact for Data Protection
PSTax Steuerberatung GmbH – [email protected]
Mag.a Miglena Hofer, LL.M. – [email protected]