← Back to tool

Opening e-invoices safely

An e-invoice often contains more than just an amount and an invoice number. Depending on the case, it may include delivery addresses, contact persons, IBANs, tax numbers, service periods and complete line items. If you upload such a file to an external online service, you are handing that data over to a third party. digital-rechnung.de opens XRechnung, ZUGFeRD and Factur-X entirely locally in your browser. The file stays on your device.

Verifiable Privacy by Design

Many online services promise privacy. digital-rechnung.de goes one step further: privacy is not only promised here, but verifiable. This is called Verifiable Privacy by Design - privacy that is guaranteed by the architecture itself and that anyone can check for themselves.

The difference from a server-side service is this: there, you have to trust that your data is not stored or shared. With digital-rechnung.de, there is nothing to trust - there simply is no server that could receive your file. All processing happens in the browser on your computer.

Why is this verifiable?

Because you can check it yourself. Every browser has a network console (DevTools) that records all data transfers. When you open an invoice in digital-rechnung.de, you can see there: no connection to an upload server, no file leaving the device. The page further below shows step by step how to do this.

That is the core of Verifiable Privacy by Design: not privacy as a promise, but as a technical fact that you can verify yourself at any time.

Check it yourself: Is data really not being sent?

You do not have to simply take our word for it. Every browser has built-in tools that let you see exactly what is being sent to servers in the background.

Here is how:

1. Open your browser's DevTools:
   Windows / Linux: key F12  |  Mac: Cmd + Opt + I
   This works in Chrome, Firefox, Edge and Safari (in Safari, first enable "Show Develop menu" under Settings -> Advanced).
2. Click the "Network" tab.
3. Now load your XRechnung or ZUGFeRD file into the tool.
4. Look at the list of entries: you will see the page itself and its resources (fonts, scripts), but no request containing your invoice data. The file is processed locally - there is nothing to transmit.

If you click on an entry, you will see details: server address, response code, and whether data was sent along. With an upload, you would see the invoice data there in the request body. On digital-rechnung.de, there is no such request.

Tip: For a complete overview, reload the page with an empty cache: Ctrl + Shift + R (Mac: Cmd + Shift + R), while the Network tab is open. Then you can see everything that was loaded from the start - and what was not sent.

What does an e-invoice contain?

In an XRechnung, the content is structured as XML. With XRechnung, the focus is not on a visually appealing document but on machine-readable data. This is precisely why ERP, accounting and procurement systems can automatically validate and process the invoice.

ZUGFeRD and Factur-X work in a similar way, with one difference: here the structured XML is additionally embedded inside a PDF file. To a human reader it looks like a normal invoice, but the structured dataset is still present for software to process.

In practice, these files often contain more information than a traditional paper invoice or a simple PDF, for example:

• Name and address of the supplier and recipient
• Contact persons, email addresses and internal purchase order numbers
• IBAN, payment terms and due date
• Individual line items with quantities, prices and discounts
• Delivery or service periods
• Project names, cost centres or references

Since 1 January 2025, the e-invoice has been firmly embedded in German tax law for B2B transactions. The BMF explains the current rules, and § 14 UStG sets out what legally constitutes an electronic invoice.

What happens when you upload to another service?

There are many reputable online services that can open and process e-invoices, and many of them are well secured. Even so, it is worth understanding the technical process: when you upload a file, it leaves your device and is processed on someone else's server. That creates a broader attack surface from a technical perspective, regardless of how trustworthy the service may be.

• The invoice is transferred to an external server and processed there.
• Server logs, temporary files or backups are typically created.
• The provider or its sub-processors have technical access to the transmitted content.
• The storage location may not be in Germany or the EU.
• You rely on deletion, access protection and data processing arrangements being handled correctly.

None of that has to be a problem, but it is a deliberate step worth being aware of. If you only want to view or briefly check an invoice, an upload is often unnecessary. The BSI generally recommends handling attachments and files consciously and avoiding unnecessary data transfers.

How does local processing in the browser work?

With digital-rechnung.de, processing happens directly in your browser. The file is read and rendered locally on your device. No invoice data is uploaded to our server.

• The file is opened in the browser.
• XML and embedded content are processed locally.
• The rendered view is generated on your device.
• No server needs to analyse, store or forward the invoice.

Browsers can process local files without transmitting their contents to any service. This is exactly what makes sense for e-invoices: you want to see what is in the file, not let a third party read along.

Important: local does not automatically mean perfectly secure. If the device itself is compromised or someone has unauthorised access to it, local processing will not help. It does, however, eliminate one clear and avoidable step: transmission to third parties.

Check it yourself: is no data really being sent?

You do not have to take our word for it. Every browser includes built-in tools that let you see exactly what is being sent to servers in the background.

How to check:

1. Open your browser's developer tools:
   Windows / Linux: key F12  |  Mac: Cmd + Opt + I
   This works in Chrome, Firefox, Edge and Safari (in Safari, first enable "Show Develop menu" under Settings → Advanced).
2. Click the "Network" tab.
3. Now load your XRechnung or ZUGFeRD file into the tool.
4. Look at the list of entries: you will see the page itself and its resources (fonts, scripts), but no request containing your invoice data. The file is processed locally, so there is nothing to transmit.

If you click on an entry, you can inspect the details: server address, response code and whether any data was sent along. With an upload, you would see the invoice data in the request body. On digital-rechnung.de, there is no such request.

Tip: For a complete overview, reload the page with an empty cache: Ctrl + Shift + R (Mac: Cmd + Shift + R), while the Network tab is open. Then you can see everything that was loaded from the very beginning, and also what was not sent.

What does the GDPR say about this?

The GDPR does not prescribe a particular invoicing application. It does, however, require a careful approach to personal data.

With invoices, this becomes relevant quickly. Even a name, a business email address, a direct-dial number or a delivery address can constitute personal data. The usual principles then apply: process only as much data as necessary, limit risks and choose appropriate protective measures. The BfDI explains the underlying idea here.

Opening an e-invoice locally in your browser instead of uploading it avoids an additional processing step. This aligns with the principle of data minimisation and the requirement to adapt technical measures to the risk involved. The BfDI describes this thinking in the context of state of the art and Art. 32 GDPR.

In addition, invoices must be retained. For tax purposes, the obligation arises from § 14b UStG. This is another reason why it makes sense to keep the structured content cleanly readable, without unnecessarily creating additional copies with third parties.

Why is digital-rechnung.de free?

digital-rechnung.de is operated by Rechnivo, invoicing software for freelancers and small businesses in Germany. Rechnivo has a paid Pro plan, and that allows us to keep offering this tool free of charge in the long term, without advertising, subscriptions or a trial period.

The way digital-rechnung.de is built also reflects one of our principles: data should only be collected when it is genuinely necessary. Because everything runs locally in the browser, we simply do not need user data, and that is why there is no cookie banner here either. There is nothing to track.

What we do have is an anonymous feedback form. Anyone who wants to can briefly tell us what worked well or where something did not work. We only see which step the person had reached, for example "File uploaded", but no personal data, no IP address, nothing else. That is enough for us to keep improving the tool.

We would like more tools on the web to work this way.

One final note for transparency: digital-rechnung.de was developed with AI support, from the technical implementation to the texts. All content was reviewed, adapted and approved by us. The fact that AI helps reduce the workload is what makes it possible to offer this tool not only in German but in seven European languages, for everyone who needs to open e-invoices, no matter which country they are in.