Privacy Policy

TrustBills Marketplace GmbH operates the website at trustbills.com and the auction platform at marketplace.trustbills.com. The protection of your privacy is very important to us. Below we provide you with information about the handling of your personal data. This privacy policy applies to every TrustBills website in which the footer refers to this privacy policy.

You can visit our website without providing any personal data. However, certain services listed below require the processing of personal data, such as the name, address or telephone number of a natural person. In this case, the processing is carried out on a statutory basis or with the consent of the data subject. The processing of personal data is carried out in accordance with the General Data Protection Regulation (GDPR) and the other data protection regulations applicable to TrustBills.

With our privacy policy, we would like to inform you about the type, extent and purpose of the personal data processed by us.

I. Definitions

Our privacy policy is based on the General Data Protection Regulation (EU GDPR). For reasons of comprehensibility, we would like to explain the terms used here and there.

Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"); an identifiable natural person is one who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

Data subject

The data subject is any identified or identifiable person whose personal data is processed by the data controller.

Processing

Processing means any operation or series of operations carried out with or without the aid of automated procedures in relation to personal data, such as the collection, recording, organisation, sorting, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or any other form of provision, reconciliation or linking, restriction, erasure or destruction.

Data controller

The data controller shall be the natural or legal person, public authority, agency or other body which alone or jointly with others decides on the purposes and means of processing personal data; where the purposes and means of such processing are specified by Union law or the law of the Member States, the data controller or certain criteria for his/her appointment may prescribed in accordance with Union law or the law of the Member States.

Profiling

Profiling is any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, behaviour, whereabouts or relocation of that natural person.

Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

Third party

A third party is a natural or legal person, public authority, agency or other body other than the data subject, the data controller, the data processor and the persons authorised to process the personal data under the direct responsibility of the data controller or the data processor.

Processor

The order processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the data controller.

Consent

Consent is any freely given, specific, informed and unambiguous declaration of intent made by the data subject, in the form of a declaration or other clear affirmative act, through which the data subject indicates that he/she agrees to the processing of his/her personal data.

Recipient

A recipient is a natural or legal person, public authority, agency or other body to which personal data is disclosed, irrespective of whether it is a third party or not. However, authorities which receive personal data under Union law or the law of the Member States of the European Union within the context of a specific investigation mandate shall not be regarded as recipients. The processing of this data by the said authorities shall be carried out in accordance with the applicable data protection regulations and in accordance with the purposes of the processing.

Group of undertakings

A group of undertakings means a controlling undertaking and its controlled undertakings.

II. Name and contact

For the processing of the personal data that we collect via the website and our products, the responsible party is

TrustBills Marketplace GmbH
Grosse Elbstraße 86
22767 Hamburg
Phone: +49 40 257 660 650

Website: www.trustbills.com
Email: privacy@trustbills.com

You can always contact us by email or by post for all matters relating to data protection.

III. Data processing in general

1. Scope of processing of personal data

In principle, personal data is only collected and used if this is necessary to provide a functioning website as well as for our content and services. As a rule, the collection and use of personal data takes place only after you have granted your consent, or if it was not possible to obtain consent in advance for actual reasons, but the processing of the data is permitted by legal regulations.

2. Legal basis for the processing of personal data

The processing of personal data takes place on various legal bases:

  • Article 6 (1) lit. a EU GDPR: The consent of the data subject has been obtained for the processing of personal data.
  • Article 6 (1) lit. b EU GDPR: The processing of personal data is necessary for the performance of a contract to which the data subject is a party. This includes processing operations that are necessary to carry out pre-contractual measures.
  • Article 6 (1) lit. c EU GDPR: The processing of personal data is necessary to fulfil a legal obligation to which the data controller is subject.
  • Article 6 (1) lit. d EU GDPR: Vital interests of the data subject or another natural person require the processing of personal data.
  • Article 6 (1) lit. f EU GDPR: Processing is necessary to safeguard a legitimate interest of the data controller or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the aforementioned interest.

3. Data deletion and duration of storage

The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. In addition, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the data controller is subject. The data will also be blocked or deleted if a storage period prescribed by the above standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

IV. Scope, purpose, legal basis and duration of the processing of personal data

1. Data processing when visiting our website

When you access our website and call up a file or subpage stored on the website, some general data and information will be logged. The following data is logged: (1) Path of the requested resource, (2) date and time of access, (3) amount of data transferred, (4) notification of successful access, (5) web browser used, (6) requested domain, (7) the website from which our website is accessed (Referrer URL), (8) time of the server request, (9) operating system used, (10) screen resolution, (11) plugins used, (12) IP address of the accessing computer, and (13) other similar data and information to fend off a threat in the event of an attack on our IT systems.

This data is stored separately from the personal data provided in addition to the IP address. There is no inference to the person concerned. The data is required to (1, 2, 5, 6, 7, 9, 12) correctly display and transmit the contents of our website, (1, 3, 4, 5, 6, 9, 10, 11) improve the contents and the advertising for our website, (1, 2, 3, 4, 6, 7, 8, 12, 13) ensure the permanent functionality of our IT systems and the technology of our website and to detect and fend off cyber-attacks, as well as (1, 2, 4, 5, 6, 7, 9, 12, 13) to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber-attack. This anonymously collected data and information is thus statistically and internally evaluated in order to optimise data protection and data security at TrustBills. The legal basis for data processing is Article 6 (1) lit. f EU GDPR.

The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data was collected for the provision of the website, it is no longer required at the end of the respective session and will be deleted. For data stored in log files, this applies after seven days at the latest, although further storage remains possible if the IP addresses are deleted or altered so that it is no longer possible to assign the data to a user.

2. Data collection in the context of the use of the services offered

Visitors to our website have the opportunity to use the services we offer. What personal data is transmitted to us is determined by the input mask provided for the use of the respective service and the data fields to be filled in.

The legal basis for data processing is Article 6 (1) lit. b EU GDPR.

Registration takes place so that we can offer services to the data subject, which by nature can only be offered to registered participants. The purpose of the registration and the personal data collected is to fulfil the contract with the data subject regarding the use of the respective service or to carry out pre-contractual measures which are carried out at the request of the data subject. It is used in particular for:

  • registration as a participant on the auction platform
  • the conclusion of trade receivable purchase contracts and the performance of assignments/transactions between the participants on the auction platform
  • the delivery of transaction-related notifications. In addition to notifications to the participants of the auction platform, this also includes the sending of payment reminders to a debtor and informing a debtor about a sale of receivables in the event of a disclosed assignment,
  • the provision of our agreed services, including the possible presentation of personal data in connection with sales offers and
  • the billing of our services.

When signing up for or using the services we offer, the following other personal data is also stored:

  • IP address of the person concerned
  • date and time of registration
  • date and time of the last login
  • number of failed logins

The legal basis for the storage of other personal data is Article 6 (1) lit. c and f EU GDPR.

The other personal data stored during registration are required

  • to ensure the operation of our auction platform, in particular to determine technical problems and the utilisation of the auction platform and to make adjustments or improvements to the platform.
  • to ensure that we comply with legal provisions, including in particular the necessary measures in connection with the prevention of fraud and money laundering, as well as the prevention of violations of embargo regulations.

Special information for the placement of offers for sale that contain personal data

In order to make an offer to sell a trade receivable, it is necessary to provide various details, which may also contain or constitute personal data. This can include the debtor’s contact email address or telephone number if these can be assigned to a specific natural person, or the identity of the debtor if the debtor is a natural person (for example the foreign equivalent to a registered businessman, if he is admitted as a debtor) or if it is a partnership whose partners are personally liable for the claims against the company (e.g. the foreign equivalent to a partnership, general partnership, partnership under civil law or limited partnership with at least one natural person as general partner if these foreign equivalents are admitted as debtors on TrustBills). We use this personal data to the extent necessary for the purposes listed above. This data is transmitted to the buyer of a trade receivable and, if necessary, also to the banks involved. In addition, some of this data may also become visible to other registered participants in connection with the presentation of a sales offer on our auction platform; the data visible to other participants includes: the name, registered office and industrial sector of the debtor. Under our platform conditions, the seller of a receivable is required to transmit to us only such personal data of a debtor for which corresponding consent of the data subjects is present or for which no consent is required which enables us to use the data as described above.

Personal data will only be passed on if this is necessary to achieve the above purposes or based on legal or official orders. This includes in particular the transfer of personal data (email address/contact data) of the seller of a trade receivable to the buyer and vice versa, the transfer of personal data to the banks involved in order to be able to carry out the instructions of the banks owed by us for the transfer of incoming payments or our fees, as well as the transfer of data of the buyer to the debtor in the case of a disclosed assignment. In addition, personal data is reconciled using databases such as Worldcheck to minimize the risk of fraud and money laundering.

The TrustBills Marketplace GmbH is subject to a group of undertakings with the TrustBills GmbH in accordance to Article 4 No 19 EU GDPR and together they are joint controllers (Article 26 EU GDPR). The legal basis for the joint processing and transmission of personal data between the companies lies, unless a different determination is made in individual cases, in the legitimate interests of the companies under Article 6 (1) clause 1 lit. f in conjunction with Recital 48 EU GDPR, to transmit personal data within a group of undertakings for internal administrative purposes, including the processing of personal data of customers and employees. For futher information regarding the joint controllership please refer to the contract about joint data controllership.

The personal data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The personal data processed for the performance of a contract or pre-contractual measures will be deleted if it is no longer required for the performance of the contract. A necessity of data processing can also arise after conclusion of the contract if personal data of the contractual partner must be stored due to contractual or legal obligations.

The stored data can be changed at any time and the registration can be cancelled at any time by cancelling the participation in TrustBills. For further information, reference is made to the platform’s terms and conditions.

In the case of data required to fulfil a contract or to carry out pre-contractual measures, premature deletion is only possible if there are no contractual or statutory obligations opposing this.

V. Rights of the data subject

1. Right of expression, Article 15 EU GDPR

The data subject has a right to request confirmation from the controller as to whether personal data concerning him or her is being processed.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

2. Right to information, Article 15 EU GDPR

The data subject shall have a right with respect to the controller to obtain free information on the personal data relating to his/her stored data and a copy of such information. This right to information includes the following information:

  • the purposes of the processing
  • the categories of personal data to be processed
  • the recipients or categories of recipients to whom the personal data has been or is still being disclosed, in particular recipients in third countries or international organisations
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration
  • the existence of a right of rectification or deletion of personal data concerning him/her or of a restriction on processing by the controller or of a right of opposition to such processing
  • the existence of a right of appeal to a supervisory authority
  • if the personal data is not collected from the data subject, all available information on the origin of the data
  • the existence of automated decision-making including profiling in accordance with Article 22(1) and (4) EU GDPR and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing on the data subject
  • In addition, the data subject has a right to information as to whether personal data has been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to obtain information on the appropriate guarantees under Article 46 EU GDPR in connection with the transmission.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

3. Right to rectification, Article 16 EU GDPR

The data subject shall have the right to request that controller rectifies any inaccurate personal data concerning him/her without delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

4. Right to erasure ("right to be forgotten"), Article 17 EU GDPR

The data subject has the right to require the data controller to delete personal data concerning him/her without delay and the data controller shall be required to delete personal data without delay if one of the following reasons applies:

  • the personal data is no longer necessary for the purposes for which it was collected or otherwise processed
  • the data subject withdraws his/her consent on which the processing was based under Article 6 (1)(a) EU GDPR or Article 9 (2)(a) EU GDPR and there is no other legal basis for processing
  • the data subject objects to processing under Article 21(1) of the EU GDPR and there are no overriding legitimate interests for processing or the data subject objects to processing under Article 21(2) of the EU GDPR
  • the personal data has been processed unlawfully
  • the deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the data controller is subject
  • the personal data was collected in relation to information company services offered in accordance with Article 8 (1) EU GDPR.

The right to deletion does not exist insofar as the processing is necessary

  • to exercise rights of freedom of expression and information;
  • for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the data controller;
  • on grounds of public interest in the field of public health in accordance with Article 9 (2) lit. h and i and Article 9 (3) EU GDPR;
  • for archiving purposes, scientific or historical research purposes in the public interest or for statistical purposes in accordance with Article 89 (1) GDPR, to the extent that the right referred to in (a) is likely to render the attainment of the objectives of such processing impossible or seriously impaired, or
  • to assert, exercise or defend legal claims.

If, as data controller, we have made the personal data public and are required to delete it in accordance with Article 17 (1) EU GDPR, we shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform other responsible parties who process the personal data that a data subject has requested that they delete all links to this personal data or copies or replications of this personal data, insofar as processing is not necessary. We will take the necessary steps.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

5. Right to restriction of processing, Article 18 EU GDPR

The data subject has the right to require the data controller to restrict processing if one of the following conditions is met:

  • the accuracy of the personal data is disputed by the data subject for a period which enables the data controller to verify the accuracy of the personal data
  • the processing is unlawful and the data subject refuses to delete the personal data and instead requests a restriction on the use of the personal data
  • the data controller no longer needs the personal data for the purposes of processing, but the data subject needs it for the purpose of asserting, exercising or defending legal claims, or
  • the data subject has lodged an objection to the processing under Article 21 (1) EU GDPR until it has been established whether the legitimate interests of the data subject outweigh those of the data subject

If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural person or legal entity or on grounds of an important public interest of the Union or a Member State.

If the processing restriction has been restricted in accordance with the above conditions, you will be informed before the restriction is lifted.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

6. Right to notification, Article 19 EU GDPR

When exercising the right to rectify, cancel or limit the processing, the data subject has the right to be informed of the recipients to whom the rectification, cancellation or limitation of the processing has been communicated.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

7. Right to data portability, Article 20 EU GDPR

The data subject has the right to receive the personal data concerning him/her which he/she has provided to a data controller in a structured, current and machine-readable format. The data subject also has the right to transmit such data to another data controller without obstruction by the data controller to whom the personal data has been provided, provided that

  • processing is based on consent under Article 6 (1) lit. a EU GDPR or Article 9 (2) lit. a EU GDPR or on a contract under Article 6 (1) letter b EU GDPR and
  • processing is carried out using automated methods.

In addition, in exercising his/her right to data transferability, the data subject has the right to have the personal data transferred directly from one data controller to another data controller, provided that this is technically feasible and does not affect the rights and freedoms of other persons.

The right of data transferability shall not apply where processing is necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the data controller.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

8. Right of objection, Article 21 EU GDPR

The data subject has the right to object at any time to the processing of personal data concerning him/her on the basis of Article 6 (1) lit. e or f EU GDPR for reasons arising from his particular situation. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can prove compelling reasons for the processing which are worthy of protection and which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

Where personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him/her for the purpose of such advertising. This also applies to profiling insofar as it is connected with such direct advertising. If the data subject objects to our processing for direct marketing purposes, we will no longer process the personal data for these purposes.

In addition, the data subject has the right to object to the processing of personal data concerning him/her for scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) EU GDPR for reasons arising from his/her particular situation, unless the processing is necessary for the performance of a task in the public interest.

The data subject may also, notwithstanding Directive 2002/58/EC, exercise his/her right of opposition in relation to the use of services of the information company by means of automated procedures in which technical specifications are applied.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

9. Automated decisions in individual cases including profiling, Article 22 EU GDPR

The data subject has the right not to be subjected to a decision based exclusively on automated processing, including profiling, which has legal effect against him/her or significantly impairs him/her in a similar manner. This does not apply if the decision is necessary for the conclusion or performance of a contract between the data subject and the data controller, or is admissible in accordance with the law of the Union or of the Member States to which the data controller is subject and that law contains appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject; or with the express consent of the data subject.

These decisions may not be based on special categories of personal data under Article 9 (1) EU GDPR, unless Article 9 (2) lit. a or g applies and appropriate measures have been taken to protect the rights and freedoms and the legitimate interests of the data subject.

Where a decision is necessary for the conclusion or performance of a contract between the data subject and the data controller or is taken with the express consent of the data subject, we shall take appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, including at least the right to bring about the intervention of a person on the part of the data controller, to state his own position and to challenge the decision.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

10. Right to revoke consent granted under data protection law, Article 7 EU GDPR

The data subject has the right to revoke his/her consent to the processing of personal data at any time. The revocation shall not affect the legality of the processing carried out on the basis of the consent before the revocation.

To exercise this right, please contact us online at privacy@trustbills.com or by post.

11. Right to lodge a complaint with a supervisory authority, Article 77 EU GDPR

Without prejudice to any other administrative or judicial remedy, the data subject shall have the right of appeal to a supervisory authority, in particular in the Member State where he/she resides or works or where he/she allegedly carried out the infringement, if the data subject considers that the processing of personal data concerning him/her is contrary to EU GDPR or national data protection laws. The supervisory authority with which the appeal has been lodged will inform the appellant of the status and results of the appeal, including the possibility of a judicial remedy in accordance with Article 78 EU GDPR.

VI. Use of cookies

We use cookies on our websites. These are text files that are stored in or by the Internet browser on your computer system. If you call up a web page, this process can take place. These cookies can, for example, contain information about the login status or characteristic character strings that can make it possible to uniquely identify the browser when the website is accessed again.

In order to make visiting our website, including the restricted areas, in particular the partner area and auction platform, attractive and to enable the use of certain functions, we use technically necessary cookies on various pages. The transmission of these cookies enables the processing of the following information:

  • Language preference
  • Login information
  • TrustKeys information
  • Cookie information / privacy settings
  • Internal route

The purpose of the collection is to simplify the use of the websites and the restricted areas. Some functions cannot be offered without creating cookies. It is necessary in this respect that your browser is also recognised after the page change. We need cookies for the following purposes:

  • Transferring the language setting
  • Login recognition
  • TrustKeys recognition
  • Displaying the cookie information
  • Load distribution on our systems

User profiles will not be created based on the technically necessary cookies.

Our legitimate interest in the processing of personal data using technically necessary cookies under Article 6 (1) lit. f EU GDPR lies in the above purposes.

The duration of the storage of the stored cookies varies. The deletion is carried out as follows:

  • Language setting – session cookie; by closing the browser session
  • Login information – session cookie; by closing the browser session
  • TrustKeys information – deleted after 1 day
  • Cookie information / privacy settings – permanent; no deletion
  • Route cookie – session cookie; by closing the browser session

You can choose your browser settings so that you are informed about the creation of cookies and decide in each individual case about their acceptance or exclude the acceptance of cookies for certain cases or in general. Cookies that have already been saved can be deleted at any time. If cookies are not accepted, the functionality of our website may be limited.

In addition, we use non-technically necessary cookies for an internal analysis of the use of our websites and the platform. We use these in the web analysis program Matomo.

Detailed information on Matomo's web analysis can be found in Section VII below.

An overview of the cookies used and further information can be found here.

VII. Web analysis by Matomo

We use the open source software tool Matomo on our website and on our participant platform. Matomo uses cookies that are stored on your computer.

If individual pages of our website are accessed, the following data is stored:

  • two bytes of the IP address of the user's system used to access the page
  • the web page accessed
  • the website from which the user came to the accessed website (Referrer)
  • the subpages that are accessed from the web page
  • the length of stay on the website
  • the frequency with which the website is accessed
  • screen resolution
  • browser and plugins used
  • operating system used

The software is set up so that the IP addresses are not completely stored, but rather 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way it is no longer possible to assign the shortened IP address to the computer used.

The legal basis for processing personal data in connection with visiting the website is Article 6 (1) lit. a EU GDPR. When you visit our website, a banner will inform you about the use of cookies for analytical purposes and ask you to grant your consent to the processing of personal data used in this context. A reference is made to the cookie policy.

Cookie analysis is used to improve the quality of our website and its content. The analysis of cookies enables us to evaluate how the website is used in order to adapt and optimise our offerings.

If individual pages of the restricted areas are accessed by our users, the following data is stored:

  • IP address of the user's calling system
  • the web page accessed
  • the website from which the user accessed the website (Referrer)
  • the subpages that are accessed from the web page
  • the length of stay on the website
  • the frequency with which the website is accessed
  • screen resolution
  • browser and plugins used
  • operating system used

The processing of the personal data of users is based on Article 6 (1) lit. b and f EU GDPR. The processing of personal data enables us to analyse the use of the areas. We are able to compile information about the use of the individual components by evaluating the data obtained. This helps us to continuously improve the areas and their user-friendliness, but also to identify fraudulent actions. Only in this way can we meet our users' demands for secure areas of use and effective fraud prevention. For these purposes, it is also in our legitimate interest to process the data in accordance with Article 6 (1) lit. f EU GDPR.

All information collected by the cookies is transferred to our own servers and stored there. The data of website visitors and users is only stored there. The data will not be passed on to third parties.

The data will be deleted as soon as it is no longer needed for our recording purposes.

You can deactivate or restrict the storage of cookies that are to be stored when you visit our website by choosing your browser software settings accordingly or by using the cookie banner located at the bottom of each of our websites. Cookies that have already been saved can be deleted at any time. This can also be done automatically.

An overview of the cookies used and further information can be found here.

You can also prevent the collection of data generated by the cookie and related to your use of the websites and the processing of this data by clicking “Disagree” (opt-out cookie) on the Cookie Policy website mentioned above. Than an opt-out cookie is stored on your device, which signals to our system that it is not to store your data. If you delete the corresponding cookie from your own system in the meantime, you will need to create the opt-out cookie again.

VIII. Contact form, email contact and document dispatch

On our website there is a contact form which can be used for to contact us electronically. The data entered into the input mask during use will be transmitted to us. This data is:

  • name (optional)
  • email
  • message

The contact will be recorded. Both

  • the time of sending as well as
  • the IP address will be stored.

Logging is technically necessary to deliver your message and is also required for security reasons.

For the processing of the data entered in the input mask, the sender's consent is obtained during the sending process and reference is made to the privacy policy. The legal basis for data processing is Article 6 (1) lit. a and Article 7 EU GDPR. Article 6 (1) lit. f EU GDPR applies to the logged data.

It is also possible to contact us via the email addresses published on the website. The data transmitted by the sender with the email is stored. The legal basis for data processing is Article 6 (1) lit. f EU GDPR and, if the enquiry relates to the conclusion of a contract, Article 6 (1) lit. b EU GDPR.

Interested parties and customers we send the documents offered on the website by post on request. We collect, store and process name and address as well as e-mail address. We need the e-mail address to check if there is a contradiction in advertising. The legal basis for data processing is Art. 6 (1) lit. a, 7 EU GDPR and, if the request relates to the conclusion of a contract, Art. 6 (1) lit. b EU-GDPR.

The personal data will be used solely for the processing of the contact or for the document dispatch. If contact is made by email, the necessary legitimate interest in data processing also lies in the processing of the contact. The personal data processed within the context of logging serves to prevent misuse of the contact form and to safeguard the security of our IT systems. This is the necessary legitimate interest of data processing. Personal data will not be disclosed to third parties unless required by law or for the purpose of prosecution.

Personal data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of personal information submitted to us for a conversation, this is the case when the conversation is over, i.e. when the matter underlying the request have been finally clarified. The additionally logged personal data will be deleted after a period of seven days.

The user of the contact form can revoke his/her consent to the processing of personal data at any time. If you contact us by email, you can object to the storage of your personal data at any time. A conversation can then no longer be continued. Revocation and objections are to be sent by email to privacy@trustbills.com.All personal data of the data subject stored during the establishment of contact will then be deleted.

IX. Sign up for the webinar

Our website gives companies the opportunity to sign up for an online presentation of the TrustBills platform. In the so-called webinar, interested parties are introduced to the functionalities of the platform live by a member of our staff. Sign up for the webinar requires the name, the company name and a valid e-mail address. The legal basis for the processing of personal data is Article 6 (1) lit. b EU-GDPR. The personal data will be used solely for the coordination and execution of the webinar. To perform the webinars the WebEx Meetings cloud software by Cisco Systems, Inc., 170 West Tasman Dr, San Jose, CA 95134, USA, is used. To participate, the specified email address must be transferred to Cisco Systems Inc. The web conference data is routed through Cisco Systems servers. These can also be outside the EU. In all these cases, we ensure that processing in third countries is at a level of protection comparable to the European standard. Please refer to the Privacy Policy of Cisco Systems, Inc..

Personal data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected, i. E. if the facts underlying the sign up for the webinar are finally clarified.

X. Applications and application procedures

Interested parties can apply for jobs with us via the email addresses published on the websites. The data transmitted by the sender with the email is stored. The legal basis for data processing is Article 6 (1) lit. f EU GDPR and, if the contact inquiry relates to the conclusion of a contract, Article 6 (1) lit. b EU GDPR. The personal data of applicants will be processed exclusively for the purpose of the application procedure. The necessary legitimate interest in data processing lies in the processing of the application and the contacting of interested applicants. If an employment contract is concluded, the data transmitted by the applicant will be stored in accordance with the law for the purpose of processing the employment relationship. If an employment contract is not concluded, the application documents will be deleted no later than six months after the rejection decision has been announced to the applicant, provided that there are no other legitimate interests, such as in particular evidence obligations within the context of proceedings under the General Equal Treatment Act (AGG).

The applicant can object to the storage of personal data at any time. The processing of the application and the conversation with the applicant can then no longer be continued. The objection must be sent by email to privacy@trustbills.com.All personal data of the person concerned stored in the application will then be deleted.

XI. Google Maps

On our website we use the Google Maps API for the visual representation of geographical information. Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using Google Maps, Google can transfer data about visitors to our website to a server in the USA and store it there. Google may also transfer the data collected in this way to third parties for processing on behalf of Google or insofar as this is required by law. When you access our contact page that includes Google Maps, Google places a cookie on your computer system to process user settings and data when you view the page and the associated features that include Google Maps. As a rule, this cookie is not deleted when you close your browser, but rather expires after a certain period of time (up to 24 months), unless you delete it before then. If you do not agree to this processing, you can deactivate the Google Maps service and prevent data transfer by deactivating the JavaScript function in your browser. Further information can be found in Google's privacy policy Google provides information about the use of cookies here.

This website uses cookies to ensure you get the best experience on our website. Cookie Policy