Legally required information for business correspondence

Company

360 Treasury Systems AG
Grüneburgweg 16-18
60322 Frankfurt am Main
Germany

Phone: +49 69 900 289 0
eMail: [email protected]

Registration

Registered Office: Frankfurt

Commercial Register Frankfurt, No. HRB 49874

Relevant fiscal authority: Finanzamt Frankfurt III, company tax no.: 045 231 76367
VAT identification number: DE 21 21 37 654

Competent supervisory authority:
Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin), Bonn

360 Treasury Systems AG is assigned to the Compensatory Fund of Securities Trading Companies (EdW).

Executive Board

Carlo Kölzer
Thomas Spaun
David Hable

Supervisory Board

Andreas Preuss

Data protection information under the EU General Data Protection Regulation

The following information provides an overview of how we process your personal data and your rights under data protection law.

Who is responsible for the data processing and who can I contact in this regard?

360T AG is acting as data controller and determines the purposes and means of the processing of personal Data in the context of providing services to the customer base.

360T AG has responsibility for compliance with the obligations under the GDPR vis-a-vis the Data Subjects. A Data Subject may exercise its rights (such as access right, right to rectification, right to restriction, right to object, right to data protability and right to be forgotten) in respect of the controller.

360 Treasury Systems AG

Grüneburgweg 16-18
60322 Frankfurt am Main
Germany

Phone: +49 69 900 289 0
Fax: +49 69 900 289 29

You can reach the data protection officer via the above address or via email [email protected]

What sources and data do we use?

We process personal data which we receive from our clients in the context of our business relationship. This includes personal data we receive from persons acting as representative/agent of the legal entity of a prospective and/or existing client.

To the extent necessary in order to provide our services, we also process personal data which we lawfully (e. g., for executing orders, performing contracts or on the basis of your consent) receive from you, other entities in 360T or Deutsche Börse Group, or from business partners.

In some cases, we may be required to collect additional information based on legal and regulatory requirements from publicly available sources (e. g., debtor directories, land registers, commercial registers and registers of associations, press, media, Internet) which we lawfully obtain and are permitted to process.

We only use data that is required to execute the business relationship, to provide the trading platform, and fulfill our contractual, legal, and regulatory requirements. Relevant personal data are personal details (name, address and other contact data) and legitimisation data (such as data from ID cards). In addition, these may also be contract data (such as an order), data resulting from the performance of our contractual obligations (such as a trade), information about your financial status (such as data on credit standing, scoring/rating, data relevant for loans (income and expenditure), documentation data (such as an excerpt from the Commercial Register) and other data comparable with the above-mentioned categories.

Why do we process your data (purpose of the processing) and on what legal basis?

We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR)

a. for fulfillment of contractual obligations (Art. 6 para. 1b of the GDPR) and for the purpose of safeguarding legitimate interests (Art. 6 para 1f of the GDPR)

To identify, provide access, and facilitate trading on the TEX platform, mapping of User-IDs to external systems, monitor and improve the user experience.

b. due to statutory provisions (Art. 6 para. 1c of the GDPR) or in the public interest (Art. 6 para. 1e of the GDPR)

As a regulated entity, we are subject to various legal obligations, meaning statutory requirements (e.g. Anti-Money Laundering Act) and bank regulatory requirements. Purposes of processing include assessment of creditworthiness, identity and age checks, fraud and money laundering prevention, fulfilling control and reporting obligations under fiscal laws, and measuring and managing risks. We are also required to keep records according to section 83 para 1 and 2 of the German Securities Trading Act (WpHG) in conjunction with German Securities Administration and Organisation Regulation (WpDVerOV). Depending on the instrument and trading venue, additional provisions may apply.

c. on the basis of your consent (article 6 (1) a) GDPR)

Insofar as you have granted us consent to the processing of personal data for specific purposes (e. g., marketing, email newsletters, client satisfaction surveys), the lawfulness of such processing is based on your consent. Any consent granted may be revoked at any time. This also applies to the revocation of declarations of consent that are granted prior to the entry into force of the EU General Data Protection Regulation, i. e., prior to 25 May 2018. Please be advised that the revocation will only take effect in the future and does not apply to processing carried out prior thereto.

Who receives my data?

Within 360T, those units will be granted access to your data that need them in order to comply with our contractual and statutory obligations. In cases where 360T subsidiaries need to access your data, appropriate contracts are in place to safeguard the data.

Access may also be given to service providers which observe our written instructions under the data protection law.

We may also disclose data to external parties if we are legally required to do so. This includes:

User Mapping Reports that are sent to market makers, market takers, and liquidity providers
Notifications on executed or failed trades to counterparties
Audit logs and reports on trading activities to regulators and appointed regulatory service providers (e.g. BaFin, the European Central Bank, Tax offices, the CFTC, National Futures Association etc.) insofar as a statutory or official obligation exists

We may also need to disclose your data to regulators, auditors, and other companies in the Deutsche Börse Group for the purposes of risk management on the basis of statutory or official obligations.

Is data transferred to a third country or to an international organisation?

Data will only be transferred to countries outside the EU or the EEA (so called third countries) if this is required for the execution of the business relationship, and in accordance to GDPR Chapter 5 on “Transfers of personal data to third countries or international organisations”.

How long will my data be stored?

We process and store your personal data as long as it is necessary for the performance of our contractual and statutory obligations. In this regard, it should be noted that our business relationship is a continuing obligation designed to last for several years.

If the data are no longer required for the performance of our contractual and statutory obligations, they are regularly deleted, unless their further processing (for a limited time) is necessary for the following purposes:

Compliance with records retention periods under commercial and tax law, such as the German Commercial Code (Handelsgesetzbuch – HGB); the German Tax Code (Abgabenordnung – AO); the Banking Act (Kreditwesengesetz – KWG); the Money Laundering Act (Geldwäschegesetz – GwG); and the Securities Trading Act (Wertpapierhandelsgesetz – WpHG). The records retention periods prescribed therein range from two to 10 years.
Preservation of evidence within the scope of statutes of limitations. Under section 195 et seq. of the German Civil Code (Bürgerliches Gesetzbuch – BGB), these limitation periods may be up to 30 years, whereby the regular limitation period is three years.

What data protection rights do I have?

Every data subject has a right of access (article 15 GDPR), a right to rectification (article 16 GDPR), a right to erasure (article 17 GDPR), a right to restriction of processing (article 18 GDPR), a right to object (article 21 GDPR) and a right to data portability (article 20 GDPR). The right of access and right to erasure are subject to the restrictions under sections 34 and 35 BDSG. Data subjects also have a right to lodge a complaint with a supervisory authority (article 77 GDPR in conjunction with section 19 BDSG).

You can request that your information is updated, corrected or deleted by sending an e-mail to [email protected].

You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that are granted prior to the entry into force of the EU General Data Protection Regulation, i. e., prior to 25 May 2018. Please be advised that the revocation will only take effect in the future. Any processing that was carried out prior to the revocation shall not be affected thereby.

Under the following link you can change your privacy settings: Cookie Settings

Am I under any obligation to provide data?

Within the scope of our business relationship, you must provide personal data which is necessary for the initiation and execution of a business relationship and the performance of the associated contractual obligations or which we are legally obligated to collect. As a rule, we would not be able to enter into any contract or execute the order without these data or we may no longer be able to carry out an existing contract and would have to terminate it.

In particular, provisions of money laundering law require that we verify your identity before entering into the business relationship, for example, by means of your identity card and that we record your name, place of birth, date of birth, nationality and your residential address. In order for us to be able to comply with this statutory obligation, you must provide us with the necessary information and documents in accordance with section 4 (6) GWG and notify us without undue delay of any changes that may arise during the course of the business relationship. If you do not provide us with the necessary information and documents, we will not be allowed to enter into or continue your requested business relationship.

To what extent is automated decision making (including profiling) carried out?

As a rule, we do not make decisions based solely on automated processing as defined in article 22 GDPR to establish and implement the business relationship. If we use these procedures in individual cases, we will inform you of this separately, provided that this is prescribed by law.

Is “profiling” used?

In some cases, we process your data automatically with the aim of evaluating certain personal aspects (profiling). For instance, we use profiling in the following cases:

We are required by law to take anti-money laundering and anti-fraud measures.
In order to provide you with targeted information and advice on products, we use evaluation tools. These enable demand-oriented communication and advertising, including market and opinion research.

Information on your right to object under article 21 of the EU General Data Protection Regulation (GDPR)
  1. Ad hoc right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on article 6 (1) e) GDPR (processing in the public interest) and article 6 (1) f) GDPR (processing for the purposes of safeguarding legitimate interests); this includes any profiling based on those provisions within the meaning of article 4 (4) GDPR. If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or unless the processing is for the establishment, exercise or defence of legal claims.
  2. Right to object to the processing of data for marketing purposes In certain cases, we process your personal data for direct marketing purposes. You have the right to object at any time to processing of personal data concerning yourself for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, we will no longer processes your personal data for such purposes.

There are no formal requirements for lodging an objection.

Use of Matomo

This website uses Matomo, a web analytics service and open source project.

Matomo uses so-called “cookies”, text files that are stored on the computer of the respective visitor of this website and that allow an analysis of the use of the website by this visitor. The cookies do not give us any information about your identity. Your data will not be transmitted to servers outside our control. We will use this information to evaluate the use of the website by visitors, to compile reports on website activity and to provide other services related to website activity and internet usage to 360 Treasury Systems AG.

If you voluntarily agree to the analysis via Matomo, the following data will be processed:

(1) 2 octets of the IP address of the user’s calling device.

(2) The accessed website

(3) The website from which the user accessed the accessed website (referrer).

(4) The sub-pages accessed from the accessed website

(5) The time spent on the website

(6) The frequency with which the website is accessed

(7) Clicks and downloads within the page

Visitors of the website can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.

Opt-out of website tracking

You can opt out of being tracked by our Matomo Analytics instance below at any time:
Opt-out complete; your visits to this website will not be recorded by the Web Analytics tool. Note that if you clear your cookies, delete the opt-out cookie, or if you change computers or Web browsers, you will need to perform the opt-out procedure again.

To exercise any of the rights mentioned in this Privacy Policy and/or in the event of questions or comments relating to the use of Personal Data you may contact Matomo’s support team: [email protected].

Use of Talents Connect

Object of data protection

Talents Connect provides tools for optimizing recruiting processes. The subject of data protection is personal data. These are details of the personal or material circumstances of a particular or identifiable natural person. This includes, for example, information such as name, postal address, e-mail address or telephone number, but possibly also usage data. Usage data is the kind of data required to use our websites, such as information about the beginning, end and extent of the use of our website and login data. The data Talents Connect collects and how it is processed or used is described below:

Collection and use of data

Automated data collection 

When accessing the web pages of 22CONNECT, in this case the careers page of 360T, the Internet browser automatically transmits data for technical reasons. The following information is stored separately from any other information that may be submitted:

Browser
type / version Used operating system
URL of previously visited web page
IP address
Amount of data sent

This data is stored for technical reasons only and is never assigned to a specific person. Talents Connect reserves the right to check this data retrospectively, if they become aware of specific indications for illegal use.

More Information on Talents Connects data protection regulations can be found here: www.talentsconnect.com/privacy

Use of Clever Reach

Object of data protection

Clever Reach provides tools to manage the subscription process and regular sending of a Thought Leadership-Publication, issued by 360T.

Collection and use of data

Automated data collection

When accessing 360T.com and registering to the Thought Leadership-Publication on the subscription form visitors are using a plugin provided by Clever Reach. The plugin allows 360T to connect the Thought Leadership-Publication- software with the WordPress backend and it enables subscribers to sign-up to the publication in compliance with data protection regulations. 360T’s free Thought Leadership-Publication “FX Spotlight” provides regular Thought Leadership articles via e-mail, edited by 360T. Any data entered here will only be used to personalise the email and will not be passed on to third parties beyond 360T and the service providers used to facilitate this publication service.

Subscribers can unsubscribe from the publication at any time or revoke their consent by e-mail to [email protected]. Subscriber’s data will be deleted after the end of the publication reception, provided that the deletion does not conflict with any statutory storage requirements. When using the subscription form the Internet browser automatically transmits data for technical reasons. The following information is stored separately from any other information that may be submitted:

Browser
type / version Used operating system
IP address

This data is stored for technical reasons only. Clever Reach reserves the right to check this data retrospectively, if they become aware of specific indications for illegal use.

More Information on Clever Reach data protection regulations can be found here: https://www.cleverreach.com/en/features/privacy-security/eu-general-data-protection-regulation-gdpr/

Use of reCaptcha by Google (Only for CleverReach registration forms)

We use Google’s reCaptcha service to determine whether a human or a computer is making a particular entry in our  newsletter form. Google checks whether you are a human or a computer using the following data: IP address of the terminal device used, the website you visit with us on which the captcha is embedded, the date and duration of the visit, the recognition data of the browser and operating system type used, Google account if you are logged in to Google, mouse movements on the reCaptcha areas and tasks that require you to identify images. The legal basis for the described data processing is Art. 6 (1) lit. f of the General Data Protection Regulation. There is a legitimate interest on our side in this data processing to ensure the security of our website and to protect us from automated entries (attacks).

Can’t find what you’re looking for?

For additional information on regulatory matters please contact us

Global Head:
Regulatory Affairs

[email protected]
360 Trading Networks
Grüneburgweg 16-18/ Westend Caree
60322 Frankfurt am Main
+49 69 900 289 0