Privacy Policy

1.  Basics

We take the protection of your personal data very seriously. We process your data in accordance with applicable personal data protection legislation, in particular the GDPR and our country-specific implementation laws, which provide comprehensive information about the processing of your personal data by Retresco GmbH and your rights.

Personal data is any information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address and IP address.

Anonymous data means, that no personal reference to the individual/user can be made.

1.1 Responsible body and data protection officer

Retresco GmbH
Grünberger Straße 44a
10245 Berlin

Germany

telephone +49 (0)30 60 98 39 600
fax +49 (0)30 60 98 39 608

email: kontakt[at]retresco.de

Contact info of the data protection officer: datenschutz[at]retresco.de

1.2 Your rights as a data subject

We would first like to notify you of your rights as a data subject. These rights are set out in Articles 15 - 22 GDPR, and include:

·      The right of access (Art. 15 GDPR),

·      The right to rectification (Art. 16 GDPR),

·      The right to data portability (Art. 20 GDPR),

·      The right to object to data processing (Art. 21 GDPR),

·      The right to erasure / right to be forgotten (Art. 17 GDPR),

·      The right to restriction of data processing (Art. 18 GDPR).

To exercise these rights, please contact: datenschutz[at]retresco.de. The same applies if you have any questions regarding data processing in our company or when you withdraw your consent. You also have a right of appeal to the relevant data protection supervisory authority.

1.3 Right to object

Please note the following with respect to your right to object:

If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without providing the reasons for such objection.

This also applies to profiling insofar as it is associated with direct marketing.

If you object to the processing for direct marketing, we will no longer process your personal data for such purposes. The objection is free of charge and can be made informally, where appropriate to: datenschutz@retresco.de.

Should we process your data to protect legitimate interests, you may object to such processing at any time for reasons that arise from your specific situation; this also applies to profiling based on these provisions.

We will then cease to process your personal information unless we can demonstrate compelling legitimate grounds for processing such information that outweigh your interests, rights and freedoms, or the processing is intended to assert, exercise or defend legal claims.

1.4 Purposes and legal bases of data processing

The processing of your personal data complies with the provisions of the GDPR and all other applicable data protection regulations. Legal bases for data processing arise in particular from Art. 6 GDPR.

We use your data to initiate business, to fulfil contractual and legal obligations, to conduct the contractual relationship, to offer products and services and to consolidate customer relationships, which may include marketing and direct marketing. A legal basis that entitles us to use your data may be a law, contract or our legitimate interest.

Your consent also constitutes a legal basis for data processing. In this respect, we will inform you about the purposes of data processing and the right to withdraw your consent. If the consent also relates to the processing of special categories of personal data, we will explicitly notify you in the consent process, Art. 88 (1) GDPR.

Processing of special categories of personal data within the meaning of Art. 9 (1) GDPR may only take place where necessary on the grounds of legal regulations and there is no reason to assume that your legitimate interests should prevail to the exclusion of processing such data, Art. 88 (1) GDPR.

1.5 Data transfers / Disclosure to third parties

We will only transmit your data to third parties within the scope of given statutory provisions or based on consent. In all other cases, information will not be transferred to third parties unless we are obliged to do so owing to mandatory legal regulations (disclosure to external bodies, including the supervisory authorities or law enforcement authorities).

1.6 Data recipients / categories of recipients

In our organisation, we ensure that only individuals who are required to process the relevant data to fulfil their contractual and legal obligations are authorised to handle personal data.

In many cases, service providers assist our specialist departments to fulfil their tasks. The necessary data protection contract has been concluded with all service providers. We use software and communication service providers for the provision of our technical infrastructure.

1.7 Transfers of personal data to third countries  

A transfer of data to third countries (outside the European Union or the European Economic Area) shall only take place if required by law, if necessary for the conclusion or performance of a contract concluded or if you have provided your consent for such a transfer.
In such cases, compliance with the level of data protection is ensured.

1.8 Period of data storage

We store your data for as long as such is required for the relevant processing purposes. Please note that numerous retention statutory periods require that data must be stored for a specific period of time. This relates in particular to retention obligations for commercial or fiscal purposes (e.g. commercial code, tax code, etc.). The data will be routinely deleted after use unless a further period of retention is required.

We may also retain data if you have given us your permission to do so, or in the event of any legal disputes and we use the evidence within the statutory limitation period, which may be up to 30 years; the standard limitation period is 3 years.

1.9 Secure transfer of data

We implement appropriate technical and organisational security measures to ensure the optimal protection of the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security levels are continuously reviewed in collaboration with security experts and adapted to new security standards.

The data exchange to and from our website is encrypted. We provide https as a transfer protocol for our website, and always use the current encryption protocols. It is also possible to use alternative communication channels (e.g. surface mail).

1.10 Obligation to provide data

A range of personal data is required to establish, implement and terminate the obligation and the fulfilment of the relevant contractual and legal obligations. The same applies to the use of our website and the various functions we provide.

We have summarised the relevant details in the following points below. In some cases, legal regulations require data to be collected or made available. Please note that it will not be possible to process your request or execute the underlying contractual obligation without this information.

2. Data categories, sources and origin of data

The data we process is defined by the relevant context: it depends on whether, for example, you place an order online, enter a request on our contact form or if you want to send us an application or submit a complaint.

Please note that we may also provide information at specific points for specific processing situations separately where appropriate, e.g. when uploading application documents or when making a contact request.

We collect and process the following data when you visit our website:

  • Name of the Internet service provider
  • Web browser and operating system used
  • Information on the website from which you visited us
  • The IP address by your allocated Internet service provider
  • Files accessed, volume of data transferred, downloads/file export

Information on websites accessed on our site, including date and time

For reasons of technical security (in particular to safeguard against attempts to attack of our web server), this data is stored in accordance with Art. 6 (1) lit. f GDPR. Anonymization takes place no later than after seven days by abbreviating the IP address so that no reference is made to the user.

3. Appointment booking (Art. 6 (1) lit. a, b GDPR)

We collect and process personal data in order to enable you to book appointments online.

For carrying out the appointment booking we use the service “Microsoft Bookings” of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. A direct connection to the service is only established when you click the button of our online booking function on our website. Further information about how Microsoft handles your personal data can be found here: https://privacy.microsoft.com/de-de/privacystatement.

We would like to point out that you are not obliged to use Microsoft Bookings to make an appointment. If you do not want to use this service, please use another contact option offered to make an appointment.

The legal basis for data transmission, storage and processing is your consent (Art. 6 (1) lit. a GDPR).

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.

You may revoke your consent at any time. In this case, the intended contact with the user is no longer possible, or an communication that has already begun can no longer be continued.

3. Contact form / Contact via email / Demo request (Art. 6 (1) lit. a, b GDPR)

A contact form is available on our website, which can be used to contact us electronically or to request a demo. If you write to us using the contact form or the demo form, we will process the data you submitted in the contact forms to respond to your queries and requests or for the dispatch of the demo.

In so doing, we respect the principle of data minimisation and data avoidance, so that you only have to provide the information we need obligatory. Your IP address will also be processed for technical reasons and for legal protection. Some arrays are voluntary and can be given optionally (e.g. to provide a more detailed response to your questions).

If you contact us by email, we will process the personal data provided in the email solely for the purpose of processing your request. If you do not contact us using the forms provided, no additional data will be collected.

When using our contact form, we collect and process the following data:

Name, first name
Contact details
Company,
Phone numer
Email address
Line of business
The message itself
In the framework of the demo request we collect and process the following data:

Name, first name
Company,
Email address
In the framework of advertising consents (opt-in) we process the following data:

Form of address
Name, first name
Address
Email, contact details
Date and time of advertising consent
IP address within the opt-in single form
You can, of course, revoke your consent anytime with effect for the future without providing a reason. This can be made without the need for filling in a form via e-mail to: datenschutz[at]retresco.de

or by post to

Retresco GmbH
Grünberger Straße 44a
10245 Berlin

3.1 Zoho CRM

Personal data you provided within the contact form, by downloading contents or in the framework of a direct business connection are processed and maintained with the help of our Customer-Relationship-Management-System (CRM-System).  

Operator and provider of Zoho.eu is the Zoho Corporation B.V., Beneluxlaan 4B, 527 HT UTRECHT, The Netherlands.

The CRM-System is cloud based. Further information can be found on the website of Zoho (https://www.zoho.eu/privacy.html). Furthermore, you have the possibility to give your advertising consent within the registration window. If you give your consent by ticking the relevant checkbox we will process your data to send information and offers on products/services as well.

3.2 HubSpot

On our website we use the service HubSpot for several purposes, especially for providing the contact forms. HubSopt is an American software company with a subsidiary in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, telephone: +353 1 5187500.

HupSpot is an integrated software solution that enables us to cover various aspects of our online marketing. This includes for example: email marketing, social media publishing & reporting, reporting, contact management (i.e. user segmentation & CRM), landing pages and contact forms.

Our sign in-service allows visitors of our website to learn more about our business, download content, and provide their contact information as well as other demographic information. This information and the content of our website are stored on the servers of our software partner HubSpot. We can use them to contact visitors of our website and to determine which of our company's services are of interest to them. All information we collect is subject to this Privacy Policy. We use all recorded information exclusively to optimize our marketing measures.

Further information about the processing of your personal data by HubSpot can be found online here or here. Further information about the cookies that are used by HubSpot are available here & here.

For the optimization of our marketing measures, the following data may be collected and processed by HubSpot:

Geographical position
Browser type
Navigation information
Referral URL
Performance data
Information about how often the application is used
Mobile Apps Data
Login credentials for the HubSpot subscription service
Files displayed on site
Domain names
Pages viewed
Aggregate Usage
Operating system version
Internet Service Provider
IP address
Device ID
Duration of the visit
Where the application was downloaded from
Operating System
Events that occur within the application
Access times
Clickstream data
Device model and version
The legal basis for the processing is your consent according to Art. 6 (1) lit. a GDPR, §25 (1) TTDSG. If you do not wish the collection and processing of the data above through HupSpot, you may refuse to give your consent or revoke your consent any time with effect for the future.

We keep your data for the before mentioned purposes. However, your data will be deleted as soon as it is no longer necessary achieve the purpose.

Within the processing through HubSpot data may be transferred to the USA. The necessary data protection contract has been concluded.

4. Cookies (Art. 6 Abs. 1 lit. f GDPR, § 25 Abs. 2 TTDSG / Art. 6 Abs. 1 lit. a GDPR, § 25 Abs. 1 TTDSG with consent)

On our website, we are using so-called cookies. Cookies use to make our content more user-friendly, effective and secure. Cookies are small text-files which are stored (locally) on your device.

These cookies help us to see how users use our website, enabling us to design the website’s content according to the visitors’ needs. In addition, cookies enable us to measure the effectiveness of a particular advert and to place it according, for example, to the user’s thematic interests. The legal basis for this is your consent (Art. 6 (1) lit. a GDPR, §25 (1) TTDSG) or in case that cookies are technically necessary Art. (1) lit. f GDPR. Furthermore, we are using technically required cookies, which are mandatory to operate the website as such and to operate it technically perfect. Additionally, and again without your consent, we use cookies which´s sole purpose is to store or access information for transmitting messages or to offer services you expressly request, Section 25 II TTDSG.

Most cookies are persisting only for a single browsing session (so-called session-cookies), others are active for a longer period of time (so-called persistent cookies). Persistent cookies are subject to auto-deletion after its pre-set expiration (usually 6 months).

Your consent can be given via our consent management tool and may be revoke anytime and with effect for the future (find the link below the footer).

We use the following cookies:

Own cookies:
These cookies are directly controlled by the Retresco GmbH . Depending on their purpose they either remain permanently  - even after expiration of the browsing session ( so-called persistent cookies, i.e. to save consent-settings) or are deleted after terminating your browser (so-called session cookies; they are only valid for one single browser session)

Third party cookies:
These cookies are controlled by a third party. In particular, this are service providers who insert banner ads for the Retresco GmbH at other websites. They use cookies for example to transmit information that an inserted banner has led to a purchase (i.e. conversation tracking).

These so-called temporary/persistent cookies will be deleted automatically after their pre-set duration (normally 6 months) expires. These temporary or persistent cookies are stored on your device and delete themselves after their pre-set expiration. Cookies of our partners contain pseudonymous data only, in most cases even only anonymous data. The cookies enable our partner to retrace which products you have already seen, whether something was bought, which products you have searched for, etc. Some of our advertising partners also collect information about which websites you have visited before or in which products you were interested. Through this, we can provide you an individual advertisement based on your interests. The pseudonymous data is not linked to personal data at any time.

By using these third party cookies we can still offer time-consuming investigated information on our website free of charge. The marketing of the advertising space to third-party providers described in detail below enables us to continue to be able to keep these offers available for you and thereby make a significant contribution to the transfer of knowledge, the procurement of information and the exchange of opinions.

Most browsers accept cookies automatically. However, you may deactivate, restrict or delete cookies manually by your browsers´ settings or software-based. Should cookies be deactivated, our website may eventually not be used anymore or to a limited extent, only.

Please check also our information on cookies located in our privacy statements´ respective part on the single service using cookies.

5. Web-Tracking

5.1 Google Analytics

With your consent (Art. 6 (1) lit. a GDPR, §25 (1) TTDSG) we use the tool Google Analytics provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland on our website. Google Analytics uses cookies, which are stored on your device and enable us to analyse the interaction of our website visitors with our website. The cookie generates information about your use of the website such as

  • Browser type/version,
  • Operating system used,
  • Referrer URL (the previously visited page),
  • Host name of the accessing computer (IP address) and
  • Time of server request

This data is usually transferred to and stored at a Google server in the USA. The IP address transmitted by your browser will not be linked to other Google data. We have also added the “anonymizeIP” code to Google Analytics on this website. This guarantees that your IP address is masked so that all data is collected anonymously. Only in exceptional cases the full IP address will be sent to a Google server in the USA and shortened there.

Google may also transfer this information to third parties if this is required by law or if third parties process this data on behalf of Google. Under no circumstances Google will associate your IP address with other data stored by Google. You can prevent the installation of cookies by setting your browser software accordingly; we would like to point out that in this case, our website may eventually not be used anymore or to a limited extent, only.

By using our website you agree with the processing of your data by Google in the manner and for the purposes set out above. Please visit www.google.com/privacypolicy.html for more information.

You can prevent the storage of cookies by setting your browser software. You can also prevent Google from collecting the data generated by the cookie and related to the use of our website (including your IP address) and from processing this data by Google by downloading and installing the available browser plugin from https://tools.google.com/dlpage/gaoptout?hl=en-GB.

You may revoke your consent anytime and with effect for the future via our consent-banner. Please remember, that all changes must be made per device.

Please make changes in our consent-banner below the footer.

5.2 Google Maps

On our website, we use Google Maps provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps is a web service for displaying interactive (land) maps to visually display geographic information. By using this service, you will be shown our location and you can plan your journey.

Google Maps is disabled when you first enter our website. A direct connection between the Google servers is only established when you enable Google Maps (consent according to Art. 6 (1) lit. a GDPR, §25 (1) TTDSG). You may revoke your consent at any time here.

Cookie-Consent-Tool

Google Maps will site your IP address when it has been enabled. This will then generally be transferred to and stored in a Google server located in the USA.

Further information on the handling of user data can be found in Google’s Privacy Policy: https://policies.google.com/privacy.

6. Social media links

You’ll find links to social media services from Facebook, LinkedIn, Twitter, Youtube and Xing on our website. Links to the webpages of these social media providers are recognisable by the respective company logo. When you click on the links, you will be forwarded to our page on the various social media platforms. Clicking on these links creates a connection to the social media providers’ servers, which then receive the information that you have visited our website. Additional data is also transferred to the social media service, for example:

Address of the website where the activated link is located
Date and time of your visit to the website or link activation
Information about the browser and operating system used
IP address

In addition to us, the following providers are responsible for the company appearances within the meaning of the EU General Data Protection Regulation (GDPR) and other data protection regulations:

Meta
(Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)

LinkedIn
(LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

Twitter
(Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland)

Youtube
(Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland)

Xing
(News Work SE, Dammtorstraße 30, 20354 Hamburg, Germany)

If you are already logged in to the social media site at the time the link is activated, the provider may be able to determine your user name and possibly even your real name from the data transferred and assign this information to your personal user account. To prevent this from happening, please make sure you are logged out of your account.

The social media providers’ servers are located in the USA and other countries outside of the European Union. For this reason, data can also be processed by the social media provider in countries outside of the European Union. Please be aware that business in these countries are not subject to the same strict levels of data protection as those who are member states of the European Union.

Please also be aware that we have no influence on the scope, type and purpose of data processing carried out by these social media providers. Further information about the use of your data by the social media platforms embedded on our website can be found in the privacy policies of the respective social media provider.

LinkedIn

Privacy policy: https://www.linkedin.com/legal/privacy-policy;

Opt-out: https://www.linkedin.com/legal/cookie-policy

Twitter

Privacy policy: https://twitter.com/de/privacy;

Opt-out: http://www.youronlinechoices.com;

Settings: https://twitter.com/settings/account/personalization;

Youtube

Privacy policy: https://policies.google.com/privacy;

Opt-out: https://tools.google.com/dlpage/gaoptout?hl=de und

http://www.youronlinechoices.com;

Xing

Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung;

Opt-out: http://www.youronlinechoices.com.

 

You have the following rights with regard to the processing of your personal data:

right of access; right to rectification; right to erasure; right to restriction of processing; right to object; right to data portability; right to lodge a complaint with the responsible data protection authority about unlawful processing of your personal data.

If you would like to request information or exercise your rights as a user, this can be done most effectively directly with the providers themselves as only they have direct access to user data and can therefore take appropriate action and provide information.

7. Links to other providers

Our website also contains clearly identifiable links to the Internet sites of other companies. Although we provide links to websites of other providers, we have no influence on their content, and no guarantee or liability can therefore be assumed for such. The content of these pages is always the responsibility of the respective provider or operator of the pages.

The linked pages were checked at the time of linking for potential legal violations and identifiable infringements. No illegal content was identified at the time of linking. However, a permanent content control of the linked pages is not reasonable without concrete evidence of an infringement and, upon notification of a violation of rights, such links will be promptly removed.