The operator of this website, Retresco GmbH, takes the protection of your personal data very seriously. When processing your data, we comply with applicable legislation relating to protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and relevant national implementing legislation. This privacy statement contains detailed information about how Retresco GmbH processes your personal data and about your rights.
Personal data is any information that can be used to identify a natural person. It includes in particular a person’s name, data of birth, address, telephone number and email address, as well as their IP address.
Anonymous data is data that cannot be used to identify a user.
1.1 Data controller and data protection officer
Grünberger Straße 44a
Tel. +49 (0)30 60 98 39 600
Fax +49 (0)30 60 98 39 608
Data protection officer contact address: datenschutz[at]retresco.de
1.2 Your rights as data subject
First of all, here is some information about your rights as a data subject. These rights are established in Articles 15–22 of the GDPR. They comprise:
- the right of access (Article 15 GDPR),
- the right to erasure (Article 17 GDPR),
- the right to rectification (Article 16 GDPR),
- the right to data portability (Article 20 GDPR),
- the right to restriction of data processing (Article 18 GDPR),
- the right to object to data processing (Article 21 GDPR).
If you wish to exercise any of these rights, please contact us at datenschutz[at]retresco.de. You can also use this address if you have any questions about how we process data. You also have the right to lodge a complaint with a data protection supervisory authority.
1.3 RIGHTS TO OBJECT
Please note the following in connection with your rights to object:
If we process your personal data for direct marketing purposes, you have the right to object to this data processing at any time without stating grounds. This also applies to any profiling that we carry out to the extent that this profiling is related to direct marketing.
If you object to processing for direct marketing purposes, we will no longer process your personal data for those purposes. It costs nothing to make an objection, and there are no formal requirements for your notice, which you should preferably send to: firstname.lastname@example.org.
If we process your data in order to pursue our legitimate interests, you can object to this processing at any time on grounds relating to your particular situation; this also applies to any profiling based on these provisions.
If you do so, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
1.4 Purposes of and lawful bases for the data processing
Your personal data is processed in compliance with the provisions of the GDPR and all other data protection legislation. The lawful bases for data processing are defined in particular in Article 6 of the GDPR.
We use your data for business development purposes, to fulfil contractual and statutory obligations, to perform our contract with you, to offer products and services and to strengthen the customer relationship, which may also involve analysis of data for marketing and direct marketing purposes. A law, a contract or a legitimate interest may provide a lawful basis for use of your data.
Use of your data may also be based on your consent. When obtaining your consent we will state the purposes of the data processing and inform you of your right to withdraw your consent. If the consent concerns the processing of special categories of personal data, we will state this explicitly when obtaining your consent (Article 88(1) GDPR).
Processing of special categories of personal data within the meaning of Article 9(1) GDPR will be carried out only if required due to provisions of law and there is no reason to believe that you have an overriding legitimate interest in not having the data processed (Article 88(1) GDPR).
1.5 Disclosure of data to third parties
We will disclose your data to third parties only within the limits of the statutory provisions or if you have given your consent to such disclosure. Otherwise, we will not disclose your data to third parties unless we are required to do so by mandatory provisions of law (disclosure to external bodies such as the supervisory authorities or the law enforcement authorities).
1.6 Recipients of the data/categories of recipients
Within the company, we ensure that your data is received only by individuals who need it for performance of our contractual and statutory obligations.
In many cases, external service providers support our teams in their work. We have entered into the necessary data protection agreements with all service providers. We use services by software and communications providers for e.g. technical infrastructure provision.
1.7 Transfer to third countries/intention to transfer to third countries
Data is transferred to third countries (outside the European Union or the European Economic Area) only if necessary for the performance of our contract with you, where required by law, or if you have given your consent. This relates solely to the use of Google Analytics.
We transfer your personal data to a service provider or group companies outside the European Economic Area. In the case of Google Analytics (USA), an adequate level of data protection is ensured by participation in the Privacy Shield Framework (Article 45(1) GDPR).
1.8 How long we store your data for
We will store your data for as long as necessary for the purpose of the processing concerned. Please note that we are subject to numerous retention periods that require us to continue to hold your data. These include in particular retention requirements under commercial and tax law (such as the German Commercial Code (Handelsgesetzbuch) and Tax Code (Abgabenordnung), etc.). Unless any additional retention requirements apply, your data will be routinely erased once the purpose for which it was stored has been achieved.
We can also retain your data if you have authorised us to do so or in the event of legal disputes if we use evidence within the statutory limitation periods, which may be up to thirty years; the standard limitation period is three years.
1.9 Secure transfer of your data
We employ appropriate technical and organisational measures to protect the data we store as fully as possible against accidental or intentional manipulation, loss or destruction and against unauthorised access. The levels of security provided are reviewed and adapted in line with new security standards on an ongoing basis in collaboration with security experts.
Data sent to and from our website is encrypted. We offer the HTTPS transfer protocol on our website and use current encryption protocols. Alternative channels of communication (such as post) can also be used.
1.10 Obligation to provide data
Various types of personal data are required for the purpose of concluding, performing or terminating contracts and for compliance with the associated contractual and statutory obligations. This also applies to the use of our website and the various functions that it provides.
Details of these are summarised in the previous paragraph. In certain cases data, must also be collected or provided due to statutory provisions. Please note that we will not be able to respond to your inquiry or perform the underlying contract if these data are not provided.
2. Categories, sources and origin of data
Which data we process is determined by the context and will depend on whether you have for example placed an order online, submitted a query using our contact form, sent us a job application, or made a complaint.
Please note that we may provide information relating to specific processing situations separately in a suitable location, e.g. when you upload job application documents or ask us to contact you.
We collect and process the following data when you visit our website:
- name of your internet service provider
- details of the website from which you accessed our website
- web browser and operating system used
- the IP address allocated by your internet service provider
- files requested, volume of data transferred, downloads/file exports
- details of which pages on our website you visit, including the date and time of access
For technical security reasons (in particular to avert attempted attacks on our web server) these data are stored pursuant to Article 6(1)(f) GDPR. After seven days at the latest, the IP address will be anonymised in such way that the individual user cannot be identified.
3. Contact form/email contact (Article 6(1)(a) and (b) GDPR)
Our website contains a contact form which you can use to get in touch with us electronically. If you write to us using the contact form, we will process the data you provide in the form to respond to your questions or requests.
We practice data minimisation and data avoidance, and so require you to provide only the data that we need to contact you. For technical reasons and for reasons of legal protection, your IP address will also be processed. Some of the fields are optional and you can provide this information if you wish (e.g. to enable us to respond to your questions personally).
If you contact us via email, we will use the personal data you provide to us only for the purpose of responding to your enquiry. No further information will be collected if you do not use the forms provided to contact us.
If you send us a contact request, we will collect and process the following data:
- surname, first name
- contact information
- company name
- details of requests and interests
4. Cookies (Article 6(1)(f) GDPR/Article 6(1)(a) GDPR if consent is given)
Cookies are used in various places on our website. They help improve the user experience and make our website more effective and secure. Cookies are small text files which are placed on your computer and stored (locally on your hard drive) by your browser.
We can use these cookies to analyse how visitors use our website. This enables us to tailor our website content to the needs of visitors. The cookies also enable us to measure the effectiveness of particular ads and to determine where those ads will be displayed, for example in accordance with the interest of users in particular subjects. The legal basis for this is Art. 6 para. 1 lit. f or, if consent is given, Art. 6 para. 1 lit. a GDPR.
This type of cookie is controlled directly by Retresco GmbH. Depending on the purpose, these remain permanently stored – even after the session has ended – (so-called persistent cookies, e.g.: implementation of opt-out) or are deleted when the browser is closed (so-called session cookies; they are only valid for one browser session).
Third party cookies:
So-called temporary/permanent cookies are used, which are automatically deleted after the specified time (usually 6 months). These temporary or permanent cookies are stored on your end device and are deleted automatically after the specified time. The cookies of our partner companies also only contain pseudonyms, usually even anonymous data. They enable our partners to track which products you have looked at, whether something has been purchased, which products have been searched for, etc. Some of our advertising partners also collect information about which pages you previously visited or which products you were interested in, for example, beyond the web pages. This makes it possible to display individual advertisements. This pseudonymous data is never merged with your personal data.
5. Web analytics
5.1 Google Analytics
- browser and browser version,
- operating system used,
- referrer URL (the previous site visited),
- host name of the accessing computer (IP address) and
- time of server request
will normally be transmitted to and stored by Google on a server in the United States. The IP address sent by your browser for Google Analytics will not be combined with any other data held by Google. We have also added the “anonymizeIP” feature to Google Analytics on this website. This masks your IP address and ensures that all data are collected anonymously. Only in exceptional cases will your full IP address be transmitted to a Google server in the USA and anonymised there.
By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. More information is available from www.google.com/privacypolicy.html.
You can modify your browser settings to reject cookies. You can also prevent Google from recording and processing the data generated by the cookie about your use of the website (including your IP address) by downloading and installing the browser add-on available from https://tools.google.com/dlpage/gaoptout?hl=de.
5.2 Matomo web analysis (formerly PIWIK)
Scope of data processing
Our website uses the open-source software tool Matomo (formerly PIWIK) for analysing the browsing behaviour of our users. The software saves cookies onto the user’s computer. When the user accesses a page on https://app.textengine.io, Matomo saves the following data:
- two bytes of the user’s IP address
- the accessed webpage
- the website from which the user is directed to the accessed page (referrer)
- the sub-pages to which the user is directed from the accessed page
- the length of time the user remains on the page
- the frequency the page is accessed
The software runs exclusively on the servers of our website. Any storage of the user’s personal data only takes place there. No data is shared with third parties.
The software is configured in such a way that it does not store full IP addresses, but only two bytes of the user’s IP address. This renders it impossible to attribute the abbreviated IP address to the querying computer.
6. Social plugins
This website includes social plugins, which can send data to social networks and which you can use. These plugins can be recognised by the logos of the social network concerned and the caption “tweet” or “share”. Currently, we include plugins for Facebook, Twitter, LinkedIn and Xing. No data is sent to these social networks when you access our website. Only when you click on the buttons will data be sent to and stored by the social networks concerned. Use of the social plugins is voluntary and not connected with use of the website.
You can access services by the following providers by using the social plugins on our website:
Twitter Inc. (1355 Market St, Suite 900, San Francisco, California 94103, USA)
Facebook Inc. (1601 S California Ave, Palo Alto, California 94304, USA)
LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
Xing AG (Gänsemarkt 43, 20354 Hamburg, Germany)
7. Links to other providers
Our website also contains links to the websites of other companies. These links are clearly recognisable as such. We have no influence over the content of websites of other providers that we link to. Therefore, we can give no assurances and accept no liability in respect of such content. Responsibility for the content of these websites lies with the relevant provider or website operator.
The websites we link to were reviewed for possible rights infringements and obvious violations of law at the time of linking. No unlawful content was in evidence at the time of linking. However, the operator of this website cannot reasonably be expected to monitor the content of the websites linked to on an ongoing basis. Any infringing links will be removed without delay after we become aware of them.
8. Analysis by wiredminds
Our website uses a counting pixel technology provided by wiredminds GmbH (www.wiredminds.de) to analyze visitor behavior. If necessary, data is collected, processed and stored, from which user profiles are created under a pseudonym. Wherever possible and reasonable, these usage profiles are completely anonymized. Cookies can be used for this purpose. Cookies are small text files that are stored in the visitor’s Internet browser and serve to recognize the Internet browser. The collected data, which may also contain personal data, will be transmitted to wiredminds or collected directly by wiredminds. wiredminds may use information that is left by visiting the websites to create anonymized usage profiles. The data obtained without explicit consent of the affected person will not be used to personally identify the visitor of this website and will not be merged with personal data of the bearer of the pseudonym. Whenever IP addresses are recorded, their immediate anonymization takes place by deleting the last number block.