WELCOME – Data protection at TSI
Protecting your data is very important to True Sale International GmbH (hereinafter referred to as 'TSI'). We treat your personal data confidentially and in accordance with statutory data protection requirements and this data protection declaration.
The internet pages of True Sale International GmbH can generally be used without entering any personal data. To the extent that personal data such as names, addresses or email addresses are collected on our pages, and where the processing of such data is not regulated by law, we will ask for your consent. These data will not be passed on to third parties without your express consent.
The processing of personal data will always be conducted in compliance with the General Data Protection Regulation and in agreement with the country-specific data protection provisions applicable to True Sale International GmbH.
TSI has implemented a number of technical and organisational measures to ensure the highest possible degree of protection for all personal data we process. However, internet-based data transmissions may in principle have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, e.g. by telephone, telefax or email.
Data protection at a glance
The following provides a quick and simple overview of the personal data we collect from you and how we handle that data. We also inform you about your rights under applicable data protection legislation and whom to contact if you have questions.
What are personal data?
Personal data are all data from which you can be personally identified.
Who is responsible for collecting data on this website?
The processing of data on this website is controlled by the operator of the website, True Sale International GmbH. Contact details are provided in the imprint of this website.
What personal data are processed by TSI?
We usually process your first name, last name, your company address, telephone number, email address, and your date of birth where required for specific events. If you participate in TSI events we also store the necessary data relating to your participation. If you are a speaker at our events we process the documents you provide such as your CV and photograph for the presentation of speakers on our website and for the event documents. We also process personal data which we have legally obtained from publicly available sources such as a commercial register and the media and are allowed to process.
Further personal data are generated in the context of the business relationship in transactions and certifications, particularly through personal, telephone and written interaction initiated by you or your employer, such as details of the contact channel, date, occasion, outcome and (electronic) copies of written correspondence. We do not collect personal data from particular categories referred to as 'sensitive data', such as religious affiliation.
What are my personal data used for?
We mainly use your data to be able to meet our contractual obligations towards you, for example as part of your registration for a seminar. As a matter of principle, we store only such personal data as we require to meet our contractual obligations towards you (Art 6 I b) of the GDPR) and for the ordinary course of business.
Some of the data on the website are collected in order to ensure its error-free operation. Other data may be used to analyse user behaviour. When you fill in the contact form we use your data to respond to your queries.
Analysis tools and tools from third-party providers
When you visit our website, your surfing behaviour can be statistically evaluated. This is done primarily with cookies and so-called analysis programs. The analysis of your surfing behaviour is anonymous; the surfing behaviour cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. You will find detailed information in the further sections of this data protection declaration.
What rights do I have regarding my data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the rectification, blocking or erasure of this data. You can contact us at any time at the address provided in the imprint if you have any further questions on this and on the subject of data protection. Your specific rights and the individual provisions:
- Right of access under Article 15 GDPR,
- Right to rectification under Article 16 GDPR,
- Right to erasure under Article 17 GDPR,
- Right to restriction of processing under Article 18 GDPR,
- Right to object under Article 21 GDPR,
- Right to data portability under Article 20 GDPR.
The rights to access and erasure are subject to the restrictions pursuant to sections 34 and 35 of the German Federal Data Protection Act (BDSG). In addition, you have the right to lodge a complaint with the Hessian Commissioner for Data Protection and Freedom of Information (Article 77 GDPR in conjunction with Section 19 BDSG).
Who is responsible for processing the data and whom can I contact?
The responsibility for processing the data within the meaning of the General Data Protection Regulation, further data protection laws applicable in member states of the European Union and other provisions on data protection lies with the General Manager of True Sale International GmbH, Mainzer Landstraße 61, 60329 Frankfurt, Germany, email@example.com, website: www.true-sale-international.com
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognise an encrypted connection in your browser's address line when it changes from 'http://' to 'https://' and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Is this data protection declaration subject to changes?
We reserve the right to amend the data protection declaration to reflect changes in legal conditions, in the services or in the way data are processed. Users are therefore requested to regularly inform themselves of the content on our website. Where can I find this data protection declaration? This data protection declaration can be downloaded in full here in PDF format.
General notes and mandatory information
Why and on what legal basis do we store personal data?
Purpose of data processing:
As a matter of principle, we store only such personal data as we require to meet our contractual obligations towards you (Art 6 I b) of the GDPR) or to meet your information needs when you request information or wish to be included in our newsletter on events, or in establishing business contacts.
Lawfulness of processing – consent and legitimate interest (Article 6 I f) GDPR)
We inform you that the provision of personal data may be necessary for compliance with legal provisions (e.g. tax regulations) or under contractual provisions (e.g. details on the contractual partner).
Certain data processing operations require your consent. In such constellations we inform you separately of this circumstance and offer you to allow us this data processing, for example when we include you in our newsletter. In these cases we inform you of the purpose of the data processing and your right to revoke your consent.
Data may also be processed on the basis of our legitimate interest (Article 6 I f) GDPR). At the same time, we are required to disclose our interest to you and to balance our interest and your interest.
Routine erasure and blocking of personal data
The duration of any storage of personal data is determined by the respective statutory retention period or the duration of the business relationship for data not subject to any statutory retention periods. After the end of such period or after the end of the business relationship the corresponding data will be routinely destroyed provided they are no longer required for the fulfilment or negotiation of a contract.
Contract data processing
Pursuant to Article 28 GDPR we work only with processors who provide adequate guarantees that suitable technical and organisational measures are implemented in such a way that processing complies with the requirements of this Regulation and in a way that ensures the protection of the rights of affected persons.
No automatic decision-making
As a responsible company, we do not use automatic decision-making or profiling.
Subscribing to our newsletter
TSI circulates a newsletter in regular intervals informing its existing customers and business partners about events and seminars offered by TSI. Such information is limited to the thematic areas of customers and business partners and applies exclusively to the areas of structured and asset-based finance. Newly interested readers and partners may also register for the newsletter through the TSI website or by email free of charge. When you register through the website the data from the contact form are transmitted to TSI, and when you register by email we store your registration email. In addition to these data, we also capture the date and time of registration. During the registration process the interested person is asked for their consent to the processing of the data and referred to the data protection declaration of TSI. Data supplied in this way are used exclusively for this purpose and neither evaluated for other purposes nor passed on to third parties.
Customers or interested persons may at any time withdraw their consent to the storing of personal data which they have given us for the circulation of the newsletter. Each newsletter contains a link that can be used to withdraw consent. Consent may also be withdrawn by sending a fax, letter or email to the person responsible for data processing.
Joint Controllership between SVI and TSI
In accordance with Article 26 of the GDPR, STS Verification International GmbH ("SVI") and True Sale International GmbH ("TSI") entered into an agreement on joint responsibility for data processing which determines their respective responsibilities for compliance with the Regulation (Joint Controller Agreement). This agreement relates in particular to the exercise of your rights and fulfilment of the duties to provide information referred to in Articles 13 and 14 of the GDPR. Irrespective of the terms of the agreement referred to in the previous paragraph, you may exercise your rights under this Regulation in respect of and against each of the controllers. The agreement may be viewed upon request submitted to the responsible person.
Data collection on our website
How are data collected on this website?
Data are collected when you provide them to us. These may be data which you enter in a contact form.
Other data are automatically collected by our IT systems when you visit the website. These are primarily technical data such as your internet browser, operating system or the time of your page visit. These data are automatically collected as soon as you enter our website.
Cookie Consent with Usercentrics
This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or for the use of specific technologies, and to document the former in a data protection compliant manner. The party offering this technology is Usercentrics GmbH, Rosental 4, 80331 München, Germany, website: usercentrics.com (hereinafter referred to as “Usercentrics”).
Whenever you visit our website, the following personal data will be transferred to Usercentrics:
- Your declaration(s) of consent or your revocation of your declaration(s) of consent
- Information about your browser
- Information about your device
- The date and time you visited our website
Moreover, Usercentrics shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the Usercentrics cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.
Server log files
The provider of the websites automatically collects and stores information in what are referred to as server log files which your browser automatically sends us. This information is:
- Web browser type and version
- Computer operating system
- Referrer URL
- Host name of the accessing computer
- Timestamp of server request
- IP address
This anonymous information cannot be used to identify a particular user. These data will not be combined with data from other sources. We reserve the right to subsequently verify these data if we become aware of specific indications of unlawful use.
Cookies do not harm your computer and do not contain any viruses. They are used to make our offer more user-friendly, effective and secure.
Most of the cookies we use are so-called 'session cookies.' They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognise your browser when you next visit the site.
You can configure your browser to disable the storing of cookies from our website at any time and thereby permanently decline the download of cookies. Cookies already downloaded may also be deleted at any time using a web browser or other software. All common web browsers have this functionality. If you disable cookies in your web browser you may not be able to access the full functionality of our website.
If you submit an enquiry using our contact form, the information and contact details which you enter in the form will be stored in our system for processing and for reference if you have any follow-up enquiries. We will not pass any of this information on without your consent.
The data entered in the contact form will thus be processed exclusively on the basis of your consent (Article 6 1 a) GDPR). You may withdraw this consent at any time. This can be done by sending us an email, which does not need to be in a set form. The legality of data processing operations performed up to the revocation will remain unaffected by the withdrawal of consent.
The data entered by you in the contact form remain with us until you request us to erase them, withdraw your consent to their storage or the purpose for their storage ceases (e.g. after the processing of your query has been completed). This does not affect mandatory legal provisions, particularly retention periods.
Request by e-mail, telephone, or fax
If you contact us by e-mail, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
These data are processed on the basis of Art. 6 Sect. 1 lit. b GDPR if your inquiry is related to the fulfillment of a contract or is required for the performance of pre-contractual measures. In all other cases, the data are processed on the basis of our legitimate interest in the effective handling of inquiries submitted to us (Art. 6 Sect. 1 lit. f GDPR) or on the basis of your consent (Art. 6 Sect. 1 lit. a GDPR) if it has been obtained.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.
Analytics and advertising
Our website uses the etracker analytics service. The service is provided by etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. This data can be used to create pseudonymous usage profiles. Cookies may be used for this purpose. Cookies are small text files stored in your local browser cache. These cookies enable the recognition of your browser. The data collected by the etracker technologies are not used to determine the personal identity of website visitors and are not compiled together with personal data related to the person referred to by the pseudonym unless expressly agreed to by the person concerned. etracker cookies remain on your device until you delete them.
The storage of etracker cookies is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour to optimise both its website and its advertising.
You can object to the collection and storage of your data at any time with future effect. To refuse the collection and storage of your visitor data for the future, you can use the etracker opt-out cookie at the following link. This means that in the future no visitor information will be collected and stored by etracker in your browser: https://www.etracker.de/privacy?et=V23Jbb.
I object to the processing of my personal data with etracker on this website. Disable Tracking
Completion of an outsourced data processing contract
We have entered into an agreement with etracker for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using etracker.
This website uses plug-ins of the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of the pages on our website into which a Vimeo video has been integrated, a connection to Vimeo’s servers will be established. As a consequence, the Vimeo server will receive information as to which of our pages you have visited. Moreover, Vimeo will receive your IP address. This will also happen if you are not logged into Vimeo or do not have an account with Vimeo. The information recorded by Vimeo will be transmitted to Vimeo’s server in the United States.
If you are logged into your Vimeo account, you enable Vimeo to directly allocate your browsing patterns to your personal profile. You can prevent this by logging out of your Vimeo account.
The use of Vimeo is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 Sect. 1 lit. f GDPR, this is a legitimate interest. If a corresponding agreement has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission and, according to Vimeo, on “legitimate business interests”. Details can be found here: vimeo.com/privacy.
Online-based Audio and Video Conferences (Conference tools)
We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us. The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).
Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.
Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.
Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.
Purpose and legal bases
The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 sentence 1 lit. b GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the meaning of Art. 6 para. 1 lit. f GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.
Duration of storage
Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.
We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.
Conference tools used
We employ the following conference tools:
Execution of a contract data processing agreement
We have entered into a contract data processing agreement with the provider of Microsoft Teams and implement the strict provisions of the German data protection agencies to the fullest when using Microsoft Teams.
15 December 2020