Close Menu

Privacy Policy – re:cap Website

Last updated on 23 July 2025

This Privacy Policy explains how RE:CAP TECHNOLOGIES GMBH, Linienstraße 214, 10119 Berlin, Germany (herein referred to as "RE:CAP", "we", "us" or "our") processes personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws, when operating the RE:CAP Platform, the RE:CAP Website, or otherwise interacting with you as current or potential business partner.

1. General Information

RE:CAP operates its platform and its website to provide modular capital management services to companies. If we process personal data for the provision of these services, we do so as a data processor or sub-processor for the respective company. For further information on such data processing, please see the data privacy notice of the respective company.

We may also process personal data as a data controller, in particular to ensure the functionality of the RE:CAP Platform or Website, for promoting our services, and to manage our relationships with our customers and services providers, as well as their respective employees. Insofar as we process personal data as a data controller, we do so as described below.

We are committed to protecting the privacy and security of your personal data. This policy describes why and how we collect, use, store, share, and protect your personal data, as well as your rights in relation to this data.

2. Who is responsible for your data?

The data controller responsible for the processing of your personal data described in this Privacy Policy is:

RE:CAP TECHNOLOGIES GMBH
Linienstraße 214
10119 Berlin
Germany
privacy@re-cap.com

For further information and questions, or if you wish to exercise your data privacy rights under the GDPR or any other applicable data protection laws and regulations, you may, at any time, contact us at the contact details indicated above.

You can reach our Data Protection Officer at mail@planit.legal.

3. What personal data do we process?

We collect various types of personal data depending on our relationship with you. This may include:

  1. Log files of your use of the RE:CAP Platform or Website, such as browser types and versions, the operating system, the website from which you reach our website (so-called referrers), the date and time of access to our website, an Internet protocol address (IP address), and the Internet service provider.
  2. Tracking data of your use of the RE:CAP Platform or Website, collected through cookies or other tracking technologies, such as scripts, tags, pixels, or beacons.
  3. Contact data if you are a customer or service provider or if you are acting on behalf of a customer or service provider, including your professional address, email address, telephone number, and your job title.
  4. Transactional data: If you personally are a customer or services provider, details about your contracts in place with us, and any payments made or to be made under these contracts.
  5. Communication data: Records of correspondence, telephone calls, and other communications with us relating to our own business.
  6. Publicly available information: Information obtained from public sources (e.g., company registers, sanction lists, media reports).

4. How do we collect your personal data?

We collect personal data from various sources, including:

  1. Directly from you: When you provide it to us through the RE:CAP Platform or Website, via correspondence, phone calls, or during meetings.
  2. From third parties: From service providers, such as credit reference agencies and fraud prevention agencies for due diligence and risk assessment purposes.

5. Purposes and legal bases for processing your personal data

We process your personal data for the following purposes, relying on the specified legal bases:

a) Consent (Art. 6(1)(a) GDPR)

We may process your tracking data for tracking purposes based upon your consent, Sec. 25(1) TDDDG, and Art. 6(1)(a) GDPR. For more information on the tracking tools we are using, please see the section "Cookies and tracking tools".

b) For the fulfillment of contracts (Art. 6 (1)(b) GDPR)

If you personally are our customer or services provider, we may process your personal data for the management and fulfillment of our contracts with you.

c) Legitimate interests (Art. 6(1)(f) GDPR)

We may process your personal data to pursue the legitimate interest of both us and the company you are working for in negotiating, initiating, implementing, and managing service agreements between your company and us.

We may also process your personal data to pursue other legitimate business interests, including business development (e.g. analyzing our business data, conducting market research, and improving our services), security (ensuring IT and physical security, including network and information security), legal claims (establishing, exercising, or defending legal claims), and internal administration purposes. We will only do so provided that your interests and fundamental rights do not override these interests. You may object to this data processing with future effect in accordance with the legal requirements of Art. 21(1) GDPR at any time.

6. Cookies and tracking tools

We use tracking technologies on the RE:CAP Platform (for details please see below under 6.3) and in the RE:CAP Website (for details please see below under 6.4) that enable us or our contractual partners or service providers to collect data relating to the use of our websites. These tracking technologies are usually referred to as cookies, which is why we also use this term below. However, the following explanations also apply accordingly to other tracking technologies or file formats, such as local storage, pixels, beacons or tags.

6.1 What are cookies?

Cookies are text files that are stored in a computer system via an Internet browser. Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

Through the use of cookies, we can provide the users of the RE:CAP Platform and Website with more user-friendly services that would not be possible without the cookie setting. You may, at any time, prevent the setting of cookies through the RE:CAP Platform or Website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.

6.2 Cookie settings and legal basis

When you visit the RE:CAP Platform or Website for the first time, we display a cookie consent banner to inform you about the tracking technologies we use and to give you the choice of which optional cookies you would like to consent to. You can change your selection at any time under the following link:

Adjust privacy settings


In certain cases, the storage of information on your device or access to information already stored on your device is absolutely necessary so that we can make our website available to you for use ("necessary cookies"). In these cases, your device is accessed on the basis of Section 25(2)(2) TDDDG. Insofar as this information has a personal reference and is further processed by us in our IT systems, the legal basis for this data processing is our legitimate interest in providing our website and ensuring data security, Art. 6(1)(f) GDPR.

We only use technically non-essential cookies with your consent. We use the following categories of cookies that require consent. You can find more information about the file names, storage duration, provider and category of the respective cookie below. By clicking on the respective button ("Accept all cookies") in the cookie consent banner or the privacy settings you consent both to the storage and reading of information in these optional cookies (Section 25(1) TDDDG) via our respective website and to the further processing of any personal data read out (Art. 6(1)(f) GDPR).

6.3. Cookies and tracking tools on the RE:CAP Website

6.4. Cookies and tracking tools on the RE:CAP Platform

For cookies and tracking tools on the RE:CAP Platform, please see our privacy policy under https://app.re-cap.com/legal/privacy-policy.

7. Who do we share your personal data with?

We may share your personal data with the following categories of recipients:

  1. Service providers: Third-party service providers acting on our behalf, such as hosting and IT service providers. These providers are contractually bound to process data only according to our instructions and applicable data protection laws.
  2. Group companies: Other entities within our corporate group for internal administrative purposes, and to provide integrated services.
  3. Regulatory and governmental authorities: Law enforcement agencies, tax authorities, and other governmental bodies, where we are legally obliged or permitted to do so.
  4. Counterparties and business partners: In the context of transactions (e.g., mergers, acquisitions, sale of assets), where required for due diligence or legal reasons.
  5. Professional advisers: Including lawyers, accountants and consultants, as necessary to obtain professional advice.
  6. Public (if legally required): In certain limited circumstances, specific information may be required to be made public, e.g., through company registers.

8. International data transfers

Your personal data may be transferred to, and processed in, countries outside the European Economic Area (EEA), including countries that may not offer the same level of data protection as within the EEA. When we transfer your data to countries outside the EEA, we ensure appropriate safeguards are in place to protect your data, such as:

  1. Standard Contractual Clauses (SCCs): Implementing the standard contractual clauses approved by the European Commission.
  2. Adequacy decisions: Relying on an adequacy decision by the European Commission, where applicable.
  3. Binding Corporate Rules (BCRs): For intra-group transfers, if applicable.
  4. Your explicit consent: In specific situations, if no other safeguard applies and you have been fully informed of the risks.

For more information on the safeguards in place, please contact us using the details provided above.

9. How long do we store your personal data?

We store your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The retention periods are determined based on:

  1. Legal and regulatory requirements: For example, the data retention obligation under Sec. 257 of the German Commercial Code (HGB) is six or ten years from the end of the year in which the relevant data has been processed.
  2. Contractual obligations: As long as necessary to administer our contractual relationship with you.
  3. Legitimate interests: As long as necessary to pursue our legitimate business interests, provided that your interests and fundamental rights do not override these interests.
  4. Statute of limitations: For the duration of potential legal claims.

Once the retention period expires, your personal data will be securely deleted or anonymized.

10. Your data protection rights

Under the GDPR, you have the following rights regarding your personal data:

  1. Right of access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not your personal data is being processed, and, where that is the case, access to the personal data and certain information about the processing.
  2. Right to rectification (Art. 16 GDPR): You have the right to request the correction of inaccurate or incomplete personal data concerning you.
  3. Right to erasure ("Right to be forgotten") (Art. 17 GDPR): You have the right to request the deletion of your personal data under certain conditions (e.g., if the data is no longer necessary for the purposes for which it was collected, or if you withdraw consent and there is no other legal ground for processing).
  4. Right to restriction of processing (Art. 18 GDPR): You have the right to request the restriction of processing of your personal data under certain conditions (e.g., if you contest the accuracy of the data, for a period enabling us to verify the accuracy).
  5. Right to data portability (Art. 20 GDPR): Where processing is based on consent or a contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
  6. Right to object (Art. 21 GDPR): You have the right to object, on grounds relating to your particular situation, to the processing of your personal data based on legitimate interests. You have an absolute right to object to the processing of your personal data for direct marketing purposes.
  7. Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on your consent, you have the right to withdraw your consent at any time. This withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
  8. Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint with a data protection supervisory authority, particularly in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The competent supervisory authority for RE:CAP in Germany is:
    Berliner Beauftragte für Datenschutz und Informationsfreiheit
    Alt-Moabit 59-61
    10555 Berlin
    www.datenschutz-berlin.de

To exercise any of your rights, please contact us using the contact details provided in Section 2. We may require you to verify your identity before responding to your request.

11. No automated decision-making

We do not make you the subject of automated decisions referred to in Art. 22(1) and (4) GDPR.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website or by other appropriate means. We encourage you to review this Privacy Policy periodically.

Close Menu
Home
Pricing
Location
Get startedLogin