Privacy policy

We value you as a business partner, customer as well as prospective customer of the one(s) who are interested in us and our products and services. When you interact with us, we collect and process certain personal data from you. This data protection notice explains how we use the personal data you provide us with and which rights and options are available to you in this regard.

This concerns personal data that you provide us with as well as data derived from such data. Please note that as far as applicable legal provisions and your rights are explained in this notice, this only applies to personal data that is processed in accordance with the EU General Data Protection Regulation (GDPR). If the processing of your personal data is not subject to this Regulation, different rules will apply, depending on the law applicable to you.

1. Who is responsible for your personal data?

Your personal data will be controlled by us, who will be designated in our notification as the person responsible for your data (hereinafter referred to as "we" or "RCS Risk & Claims Services GmbH"). In this way we ensure the security and integrity of your personal data.

RCS Risk & Claims Services GmbH
Schifferstr. 26
47059 Duisburg

2. Data protection officer

We have appointed a data protection officer for our company. Contact at: datenschutz(at)

3. How do we protect your personal data?

We use physical, electronic and procedural security measures in accordance with the latest technology and legal data protection requirements to protect your personal data from unauthorised access or intrusion. These security measures include the implementation of specific technologies and procedures to protect your privacy, such as secure servers, firewalls and SSL encryption. We strictly comply with applicable laws and regulations regarding the confidentiality and security of personal information at all times.

4. To whom do we share your personal data?

We may forward your personal data as follows:

To third parties: We may also contract service providers (so-called data processors) within or outside our company, e.g. joint service centres, to process personal data for the permitted purposes and only in accordance with our instructions. We retain control of your personal data and remain fully responsible for it. We take all reasonable security measures required by applicable law to ensure the integrity and security of your personal data when using such service providers. In addition, we may also share the information with other third parties, to the extent permitted or required by law, for permitted purposes, including the establishment, exercise or defence of legal claims.

To the extent required by law: To courts, law enforcement agencies, regulatory authorities or other governmental organizations, or attorneys or other private parties, to the extent legally permissible and necessary to fulfill a legal obligation or to establish, exercise or defend legal claims.

With potential sellers or buyers: With potential sellers or buyers and their professional advisors in connection with the sale or acquisition of companies or assets.

Otherwise, we will only disclose your personal information if you instruct us to do so or give us your consent, if we are required to do so by applicable law or by court or governmental order, or if we suspect fraudulent or criminal activity.

5. Where are your personal data processed?

The RCS Risk & Claims Services GmbH is an insurance specialist that has concentrated on the comprehensive support for logistics companies, freight forwarders, terminal operators and carriers. In the course of our business, we may also transfer your personal data to recipients in Europe. In doing so, we will comply with relevant data protection requirements and take reasonable precautions to ensure the security and integrity of your personal data. You can contact us at any time at the contact address given below if you would like more information on such security measures.

6. Your data protection rights

Under certain legal conditions, you can request information about your personal data or its rectification, deletion or limited processing. You can also object to data processing or demand data transferability. In particular, you have the right to request a copy of your personal data stored by us. If you make such requests repeatedly, we may charge a reasonable fee for this. The following rights are contained in the EU General Data Protection Regulation (GDPR):

  • Right to access information about your data stored by us and its processing (Art. 15 GDPR),
  • Right to rectification of incorrect personal data (Art. 16 GDPR),
  • Right of deletion of your data stored by us (Art. 17 GDPR),
  • Right to restriction of data processing, provided we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR),
  • Right to object to the processing of your data by us (Art. 21 GDPR),
  • Right of data transfer (Art. 20 GDPR),
  • Right to appeal to a competent state authority. An overview of the state authorities can be found under the following link:’

For further details on your data protection rights, please refer to Articles 15 - 22 of the EU General Data Protection Regulation (GDPR).

If you have given us your permission to process your personal data and revoke it at a later point in time, this will only have effects for the future, i.e. revocation of the permission will not affect the lawfulness of the processing based on the permission before its revocation. In the event of revocation of consent, we may only further process the personal data if there is another legal reason for processing.

For any of the above requests, please send a description of your relevant personal information, including your name, customer number or other identification number (if available) as proof of identity, to the contact address below. We may also request additional proof of identity to protect your personal information from unauthorized access. We will carefully review your request and, if necessary, discuss with you how best to fulfill it.

If you have concerns about our handling of your personal information or wish to make a complaint, you can contact us at the contact address below to have the matter investigated. If you are not satisfied with our response or believe that we are not processing your personal data in accordance with the law, you can complain to the relevant data protection authority.

7. Are you obliged to provide personal data?

In principle, you provide us with your personal data voluntarily. As a rule, you can expect no adverse effects if you do not give your consent or do not provide personal data. However, there are situations in which we cannot act without certain personal data, e.g. when we are required to carry out a legally required conformity check. In such cases, without the relevant personal data, we will unfortunately not be able to provide you with the information you have requested.

8. Storage of your personal data

Your personal data will be deleted immediately if they are no longer reasonably required for the permitted purposes or if you withdraw your consent (if necessary) and we are no longer obliged or entitled to store the data by law or in any other way. We will in particular retain your personal data to the extent that we need it for the assertion or defence of legal claims. In this case, the data will be stored until the end of the corresponding storage period or until the settlement of the respective claims. If you have asked us not to contact you, we will retain this information for as long as is necessary to fulfil this request and in accordance with applicable law.

9. Updates to this data protection notice 

This privacy notice was last updated in August 2020. We reserve the right to update and amend this privacy notice at any time to reflect the way we use your personal information or changes in legal requirements. In the event of such changes, we will publish the amended data protection notice on our website. All amended information is effective from the date it is posted on our website.

10. For what purposes do we use your personal data?

Depending on the nature of our business relationship with you, we will only process your personal data for a number of reasonable and legitimate business purposes, including but not limited to the following ("legitimate purposes"):

Planning, closure, fulfilling, administering and performing your contractual relationship (or the contractual relationship with your company or organisation) with us, for example, by executing transactions and ordering products or services, processing payments, performing accounting, auditing, billing and collection activities, arranging shipping and delivery, providing repair and support services or providing other services requested by you:

  1. Maintaining and protecting the security of our products, services, websites and other systems, preventing and detecting security threats, fraud and other criminal, illegal or harmful activities;
  2. Ensure compliance with legal obligations (e.g., record keeping obligations), as well as compliance review or recording obligations (e.g., based on competition law or to prevent economic or money laundering crimes), automatically cross-check your contact information or other information provided by you regarding your identity against relevant sanctions lists and contact you to confirm your identity in case of a potential match or record any interaction with you that may be relevant for antitrust law reasons;
  3. to the extent permitted by applicable law, communications under an existing business relationship about products and services of the RCS Risk & Claims Services GmbH that are similar to or related to the products or services you have already purchased or used under that business relationship
  4. Investigating and resolving disputes, enforcing contractual agreements and the establishment, exercise or defence of legal claims or
  5. to carry out an application procedure, or
  6. if you have given us your express consent to do so or if this is permitted under data protection law, we may also process your personal data for the following purposes:
  • Communicate with you through the communication channels you have approved to keep you informed of the latest announcements, special offers or other information about the products and services (including marketing related newsletters) of RCS Risk & Claims Services GmbH and events and projects of RCS Risk & Claims Services GmbH;
  • Profiling and automated processing: Collection of information about your preferences based on your activities when you use our website or any products, downloadable content or other services we offer online. We do not create a user profile on the basis of this information (e.g. what content is downloaded, clicked on or viewed and how often and for how long).

Please note: According to the General Data Protection Regulation (GDPR) (Article 21 (2)) you have the right to object to the use of your personal data for direct marketing purposes. Please read more about this in the section below "Your data protection rights", which explains what rights you have and how you can exercise them.

With respect to marketing-related types of communications (e.g., e-mails and telephone calls), where required by law, we will not provide this information to you without your consent and we will give you the opportunity to unsubscribe at any time if you do not wish to receive further marketing-related communications from us.

We do not use your personal data to make automated decisions concerning you or to create profiles other than those described above.

The legal basis for processing your personal data is laid down in Article 6 of the General Data Protection Regulation (GDPR). Depending on the above-mentioned purposes for which we process your personal data, the processing is necessary either for the performance of a contract or other commercial agreement with the [insert company] or to fulfil our legal obligations or for the legitimate interests pursued by us, always provided that these interests are not overridden by your interests or fundamental rights and freedoms. Furthermore, the processing may be based on your consent if you have expressly given us your consent.

11. Scope of the personal data processed

We may in particular collect and process the following categories of personal data:

  1. Professional or personal contact information such as full name, address, telephone number, mobile phone number, fax number and e-mail address, the identification number of your mobile phone and the IP address of your computer when you use our websites;
  2. Payment and financial data such as information required for the processing of payments and the prevention of fraud, including account information, credit/debit card numbers, security code numbers, payments, outstanding amounts, expenses and other related accounting information;
  3. Other business information that must necessarily be processed as part of a project or contractual relationship with RCS Risk & Claims Services GmbH or is voluntarily provided by you, such as orders placed, payments made, inquiries and projects;
  4. Information that originates from publicly accessible sources, integrity databases or credit agencies, and
  5. where required by law for compliance purposes: Information about any relevant and significant legal or other proceedings against you or any third party related to you or any interaction with you that may be relevant for antitrust purposes.
  6. Special categories of personal data. In certain situations, where required by law or where you have given us your consent, we may also collect special categories of your personal data that are subject to special data protection protection laws. For example, in connection with registering for and participating in an event or seminar, we may ask you for information about your health in order to identify and address any disabilities or special dietary needs. The use of such information always requires your consent. If you do not provide us with the appropriate information about disabilities or special dietary needs, we will not be able to take appropriate action.

12. How we collect your personal data

We may collect this personal information in various ways, in particular applies:

12.1 Direct collection of data

As a rule, we collect your personal data directly from you (e.g. when you voluntarily provide us with information on our website, send us an e-mail or other written correspondence or otherwise make information available to us as part of our business relationship).

If you have given us your express consent, we may obtain your personal data from third parties for marketing purposes. In such cases we will inform you of this in accordance with the relevant legal provisions.

12.2 Indirect collection of data

We do not receive personal data from third parties unless specifically stated in this Privacy Policy (e.g. information from publicly available sources, integrity databases and credit reference agencies or from a counterparty who typically acts with your consent and who is in possession of the data).

12.3 Automatic acquisition tools

Through automatic acquisition tools (such as cookies and other analysis or tracking technologies, as described above, when you visit our website, view our newsletters or other electronic information, or use our online products and services):

12.3.1 Cookies

The Internet pages partly use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies enable us to recognize your browser the next time you visit us.

You can set your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for certain cases or in general and to activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.

Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping basket function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of his services. Insofar as other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in this data protection declaration.

Accept Necessary Cookies: This option allows the website to set all cookies that are necessary for the operation and execution of the specific functions. They enable basic technical functions such as page navigation and access to secure areas of the website. They also influence how the website adapts to individual users and how it is displayed. Without the necessary cookies, the website cannot function to its full extent. Furthermore, no further cookies are set with this option.

Accept All Cookies: This option allows the website to set all cookies that are necessary for tracking and analysis purposes, social media services or to personalise the website. This may also include cookies from external media content providers such as YouTube or Vimeo to enable video playback.

Cookies that are not exclusively necessary for the operation of the website can also be set here. This refers to cookies that can be used for marketing, anonymous statistical user analysis and other purposes. A detailed list of the cookies used in this extended area can be found in Section 13: “Our recording methods used”.

12.3.2 Server log-files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

The basis for data processing is Art. 6 para. 1 letter f GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

13. Our recording methods used

13.1 Contact form

If you use our contact forms to send an request, the request and the contact data you provide in the request will be stored to process your request and for possible follow-up questions. We will not pass on this data to third parties without your consent.

The data entered in the contact form will be processed exclusively on the basis of your consent (Art. 6 para. 1 GDPR). You can revoke this consent at any time. An informal e-mail is sufficient for this purpose. The legality of the data already processed before the revocation is not affected by the revocation.

The data entered in the contact form will remain in our systems until you ask us to delete it, to revoke your consent for storage or until the purpose for which the data was stored becomes invalid (e.g. after completion of your request). Mandatory legal provisions - in particular retention periods - remain unaffected by this.

13.2 Applicant data

We collect and process personal data of applicants for the purpose of the application procedure. The processing can be done electronically.

This is particularly the case if an applicant has provided his/her application documents electronically, e.g. by e-mail or via a contact form on the website.

If the application leads to an employment contract, all transmitted data will be stored in compliance with the legal provisions for the handling of the employment relationship.

If the application does not lead to an employment contract, the application documents will be deleted six months after the end of the recruitment procedure, unless the person responsible for processing the application has another legitimate interest. An example of such a legitimate interest is the burden of proof in a legal dispute under the General Equal Treatment Act (Allgemeines Gleichbehandlungsgesetz, AGG). With the consent of the applicant, the data may be stored for a longer period of time.