The operator of this website, Retresco GmbH, takes the protection of your personal data very seriously. When processing your data, we comply with applicable legislation relating to protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and relevant national implementing legislation. This privacy statement contains detailed information about how Retresco GmbH processes your personal data and about your rights.
Personal data is any information that can be used to identify a natural person. It includes in particular a person’s name, data of birth, address, telephone number and email address, as well as their IP address.
Anonymous data is data that cannot be used to identify a user.
1.1 Data controller and data protection officer
Grünberger Straße 44a
Tel. +49 (0)30 60 98 39 600
Fax +49 (0)30 60 98 39 608
Data protection officer contact address: datenschutz[at]retresco.de
1.2 Your rights as data subject
First of all, here is some information about your rights as a data subject. These rights are established in Articles 15–22 of the GDPR. They comprise:
- the right of access (Article 15 GDPR),
- the right to erasure (Article 17 GDPR),
- the right to rectification (Article 16 GDPR),
- the right to data portability (Article 20 GDPR),
- the right to restriction of data processing (Article 18 GDPR),
- the right to object to data processing (Article 21 GDPR).
If you wish to exercise any of these rights, please contact us at datenschutz[at]retresco.de. You can also use this address if you have any questions about how we process data. You also have the right to lodge a complaint with a data protection supervisory authority.
1.3 Rights to object
Please note the following in connection with your rights to object:
If we process your personal data for direct marketing purposes, you have the right to object to this data processing at any time without stating grounds. This also applies to any profiling that we carry out to the extent that this profiling is related to direct marketing.
If you object to processing for direct marketing purposes, we will no longer process your personal data for those purposes. It costs nothing to make an objection, and there are no formal requirements for your notice, which you should preferably send to: insert contact details.
If we process your data in order to pursue our legitimate interests, you can object to this processing at any time on grounds relating to your particular situation; this also applies to any profiling based on these provisions.
If you do so, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
1.4 Purposes of and lawful bases for the data processing
Your personal data is processed in compliance with the provisions of the GDPR and all other data protection legislation. The lawful bases for data processing are defined in particular in Article 6 of the GDPR.
We use your data for business development purposes, to fulfil contractual and statutory obligations, to perform our contract with you, to offer products and services and to strengthen the customer relationship, which may also involve analysis of data for marketing and direct marketing purposes. A law, a contract or a legitimate interest may provide a lawful basis for use of your data.
Use of your data may also be based on your consent. When obtaining your consent we will state the purposes of the data processing and inform you of your right to withdraw your consent. If the consent concerns the processing of special categories of personal data, we will state this explicitly when obtaining your consent (Article 88(1) GDPR).
Processing of special categories of personal data within the meaning of Article 9(1) GDPR will be carried out only if required due to provisions of law and there is no reason to believe that you have an overriding legitimate interest in not having the data processed (Article 88(1) GDPR).
1.5 Disclosure of data to third parties
We will disclose your data to third parties only within the limits of the statutory provisions or if you have given your consent to such disclosure. Otherwise, we will not disclose your data to third parties unless we are required to do so by mandatory provisions of law (disclosure to external bodies such as the supervisory authorities or the law enforcement authorities).
1.6 Recipients of the data/categories of recipients
Within the company, we ensure that your data is received only by individuals who need it for performance of our contractual and statutory obligations.
In many cases, external service providers support our teams in their work. We have entered into the necessary data protection agreements with all service providers. We use services by software and communications providers for e.g. technical infrastructure provision.
1.7 Transfer to third countries/intention to transfer to third countries
Data is transferred to third countries (outside the European Union or the European Economic Area) only if necessary for the performance of our contract with you, where required by law, or if you have given your consent. This relates solely to the use of Google Analytics.
We transfer your personal data to a service provider or group companies outside the European Economic Area. In the case of Google Analytics (USA), an adequate level of data protection is ensured by participation in the Privacy Shield Framework (Article 45(1) GDPR).
1.8 How long we store your data for
We will store your data for as long as necessary for the purpose of the processing concerned. Please note that we are subject to numerous retention periods that require us to continue to hold your data. These include in particular retention requirements under commercial and tax law (such as the German Commercial Code (Handelsgesetzbuch) and Tax Code (Abgabenordnung), etc.). Unless any additional retention requirements apply, your data will be routinely erased once the purpose for which it was stored has been achieved.
We can also retain your data if you have authorised us to do so or in the event of legal disputes if we use evidence within the statutory limitation periods, which may be up to thirty years; the standard limitation period is three years.
1.9 Secure transfer of your data
We employ appropriate technical and organisational measures to protect the data we store as fully as possible against accidental or intentional manipulation, loss or destruction and against unauthorised access. The levels of security provided are reviewed and adapted in line with new security standards on an ongoing basis in collaboration with security experts.
Data sent to and from our website is encrypted. We offer the HTTPS transfer protocol on our website and use current encryption protocols. Alternative channels of communication (such as post) can also be used.
1.10 Obligation to provide data
Various types of personal data are required for the purpose of concluding, performing or terminating contracts and for compliance with the associated contractual and statutory obligations. This also applies to the use of our website and the various functions that it provides.
Details of these are summarised in the previous paragraph. In certain cases data, must also be collected or provided due to statutory provisions. Please note that we will not be able to respond to your inquiry or perform the underlying contract if these data are not provided.
- Categories, sources and origin of data
Which data we process is determined by the context and will depend on whether you have for example placed an order online, submitted a query using our contact form, sent us a job application, or made a complaint.
Please note that we may provide information relating to specific processing situations separately in a suitable location, e.g. when you upload job application documents or ask us to contact you.
We collect and process the following data when you visit our website:
- name of your internet service provider
- details of the website from which you accessed our website
- web browser and operating system used
- the IP address allocated by your internet service provider
- files requested, volume of data transferred, downloads/file exports
- details of which pages on our website you visit, including the date and time of access
For technical security reasons (in particular to avert attempted attacks on our web server) these data are stored pursuant to Article 6(1)(f) GDPR. After seven days at the latest, the IP address will be anonymised in such way that the individual user cannot be identified.
- Contact form/email contact (Article 6(1)(a) and (b) GDPR)
Our website contains a contact form which you can use to get in touch with us electronically. If you write to us using the contact form, we will process the data you provide in the form to respond to your questions or requests.
We practice data minimisation and data avoidance, and so require you to provide only the data that we need to contact you. For technical reasons and for reasons of legal protection, your IP address will also be processed. Some of the fields are optional and you can provide this information if you wish (e.g. to enable us to respond to your questions personally).
If you contact us via email, we will use the personal data you provide to us only for the purpose of responding to your enquiry. No further information will be collected if you do not use the forms provided to contact us.
If you send us a contact request, we will collect and process the following data:
- surname, first name
- contact information
- company name
- details of requests and interests
- Cookies (Article 6(1)(f) GDPR/Article 6(1)(a) GDPR if consent is given)
Cookies are used in various places on our website. They help improve the user experience and make our website more effective and secure. Cookies are small text files which are placed on your computer and stored (locally on your hard drive) by your browser.
We can use these cookies to analyse how visitors use our website. This enables us to tailor our website content to the needs of visitors. The cookies also enable us to measure the effectiveness of particular ads and to determine where those ads will be displayed, for example in accordance with the interest of users in particular subjects.
Most of the cookies we use are “session cookies”. Session cookies are deleted automatically when you leave the site. Persistent cookies are automatically deleted from your computer when they expire (normally after six months) or if you delete them yourself before this time.
Most web browsers accept cookies automatically. However, if you prefer not to send this information, you can normally adjust your browser settings to prevent this. If you do this you will still be able to make full use of this website (with the exception of configuration tools).
Please note that if you disable cookies, you may not be able to make full use of all the features of our website.
4.1 Google Analytics
- browser and browser version,
- operating system used,
- referrer URL (the previous site visited),
- host name of the accessing computer (IP address) and
- time of server request
will normally be transmitted to and stored by Google on a server in the United States. The IP address sent by your browser for Google Analytics will not be combined with any other data held by Google. We have also added the “anonymizeIP” feature to Google Analytics on this website. This masks your IP address and ensures that all data are collected anonymously. Only in exceptional cases will your full IP address be transmitted to a Google server in the USA and anonymised there.
By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. More information is available from www.google.com/privacypolicy.html.
You can modify your browser settings to reject cookies. You can also prevent Google from recording and processing the data generated by the cookie about your use of the website (including your IP address) by downloading and installing the browser add-on available from https://tools.google.com/dlpage/gaoptout?hl=de.
- Social plugins
This website includes social plugins, which can send data to social networks and which you can use. These plugins can be recognised by the logos of the social network concerned and the caption “tweet” or “share”. Currently, we include plugins for Facebook, Twitter, LinkedIn and Xing. No data is sent to these social networks when you access our website. Only when you click on the buttons will data be sent to and stored by the social networks concerned. Use of the social plugins is voluntary and not connected with use of the website.
You can access services by the following providers by using the social plugins on our website:
Twitter Inc. (1355 Market St, Suite 900, San Francisco, California 94103, USA)
Facebook Inc. (1601 S California Ave, Palo Alto, California 94304, USA)
LinkedIn Corporation (2029 Stierlin Court, Mountain View, CA 94043, USA)
Xing AG (Gänsemarkt 43, 20354 Hamburg, Germany)
- Links to other providers
Our website also contains links to the websites of other companies. These links are clearly recognisable as such. We have no influence over the content of websites of other providers that we link to. Therefore, we can give no assurances and accept no liability in respect of such content. Responsibility for the content of these websites lies with the relevant provider or website operator.
The websites we link to were reviewed for possible rights infringements and obvious violations of law at the time of linking. No unlawful content was in evidence at the time of linking. However, the operator of this website cannot reasonably be expected to monitor the content of the websites linked to on an ongoing basis. Any infringing links will be removed without delay after we become aware of them.