Privacy Policy
How ROTONDA Inkasso GmbH collects, processes, and protects your personal data.
ROTONDA Inkasso GmbH ("we", "our", "the Company") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and disclose information about you when you visit our website at rotonda-inkasso.com or contact us.
This policy is issued in accordance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), the German Bundesdatenschutzgesetz (BDSG), and other applicable data protection legislation.
1. Controller Details
The data controller responsible for this website is:
ROTONDA Inkasso GmbH
Salierring 32
50677 Köln
Deutschland
Telephone: +49 221 9977180
Email: support@rotonda-inkasso.com
2. Data We Collect
2.1 Website Usage Data
When you visit our website, our server automatically collects certain technical information, including your IP address, browser type and version, operating system, referring URL, pages visited, and date and time of access. This data is collected for technical administration and security purposes and is not linked to specific individuals.
2.2 Contact Form Data
When you submit an enquiry via our contact form, we collect the information you voluntarily provide, including your name, email address, company name (if provided), telephone number (if provided), and the content of your message.
2.3 Cookies and Tracking
We use cookies to improve website functionality. For detailed information on the cookies we use, please see our Cookie Policy.
3. Legal Basis for Processing
We process your personal data on the following legal bases under Article 6 GDPR:
- Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent, such as agreeing to cookies or submitting a contact form with consent.
- Contractual necessity (Art. 6(1)(b) GDPR): Where processing is necessary to perform a contract or take pre-contractual steps at your request.
- Legal obligation (Art. 6(1)(c) GDPR): Where we are required to process data to comply with applicable law.
- Legitimate interests (Art. 6(1)(f) GDPR): For website security, fraud prevention, and improving our services, where our interests are not overridden by your rights.
4. How We Use Your Data
We use the personal data we collect for the following purposes:
- To respond to your enquiries and provide requested information.
- To administer and improve this website.
- To comply with legal obligations applicable to our business.
- To protect the security and integrity of our systems.
- To manage the client and mandate relationship where a service agreement exists.
5. Data Sharing and Disclosure
We do not sell, trade, or rent your personal data to third parties. We may share data in the following limited circumstances:
- Service providers: Technical partners who host or operate website infrastructure, under strict data processing agreements.
- Legal requirements: Where disclosure is required by applicable law, court order, or regulatory authority.
- Mandate-related processing: In the course of debt collection mandates, we may process and share data with courts, enforcement officers, and legal representatives as required by law and the applicable mandate.
6. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place in accordance with Chapter V GDPR, including adequacy decisions or Standard Contractual Clauses approved by the European Commission.
7. Data Retention
We retain personal data for no longer than is necessary for the purposes for which it was collected:
- Contact form enquiries: up to 3 years from the date of last contact, unless a mandate or contractual relationship ensues.
- Mandate-related data: in accordance with applicable statutory retention obligations under German commercial and tax law (typically 6–10 years).
- Server log data: up to 30 days, unless extended retention is required for security investigation.
8. Your Rights Under GDPR
Under applicable data protection law, you have the following rights:
- Right of access (Art. 15 GDPR): To obtain confirmation and a copy of the personal data we hold about you.
- Right to rectification (Art. 16 GDPR): To have inaccurate data corrected.
- Right to erasure (Art. 17 GDPR): To request deletion of your data where applicable.
- Right to restriction (Art. 18 GDPR): To request restriction of processing in certain circumstances.
- Right to data portability (Art. 20 GDPR): To receive your data in a structured, machine-readable format.
- Right to object (Art. 21 GDPR): To object to processing based on legitimate interests.
- Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time without affecting prior processing.
To exercise any of these rights, please contact us at support@rotonda-inkasso.com.
9. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority. In Germany, the competent authority is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW), Kavalleriestraße 2-4, 40213 Düsseldorf.
10. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction, in accordance with Art. 32 GDPR. These measures include encrypted data transmission (TLS/HTTPS), access controls, and regular security reviews.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The current version will always be published at this URL with the date of last revision. Material changes will be communicated where required by law.
12. Contact
For any questions about this Privacy Policy or data protection matters, please contact:
support@rotonda-inkasso.com
ROTONDA Inkasso GmbH, Salierring 32, 50677 Köln, Deutschland