THE PULSE Holding GmbH (“we”, “us”, “our”) is the controller of your personal data. Data controller: Danziger Straße 64, 10435 Berlin, Germany. Email: [email protected]. Phone: +49 (0) 30 2218 0913.
Data Protection contact: Thomas Rieger (same address / email).
What data we collect
Data you provide — when you submit the request-access form: your salutation and name, email address, organisation (where applicable), role, jurisdiction, investor type, and your US-person status; and, once approved, account-activation data (your chosen credential / passkey). When you accept the portal’s confidentiality notice, we record that acceptance with a timestamp and version.
Data collected automatically — when you use the portal: your IP address, browser type and version, device characteristics, the pages you view and time spent, the referring page, and the date and time of access (server logs and in-portal activity).
Cookies — see our Cookie Policy. The portal uses only strictly-necessary and functional cookies (an authentication session cookie and a sidebar-preference cookie); it sets no analytics or advertising cookies.
How and why we use your data (legal bases)
- To assess and manage your access request — name, contact, organisation, jurisdiction, investor type, US-person status. Legal basis: steps prior to entering into a contract and our legitimate interest in evaluating eligibility and managing our investor relationship (Art. 6(1)(b) and (f) GDPR).
- To operate your account and secure the portal — authentication, session management, server logs. Legal basis: contract performance and legitimate interest in security (Art. 6(1)(b) and (f)).
- To record confidentiality acceptance — legal basis: legitimate interest and compliance (Art. 6(1)(f), (c)).
- To understand how the portal is used — first-party, server-side activity analytics tied to your account, to improve the service and time our communications. Legal basis: legitimate interest (Art. 6(1)(f)). No third-party trackers are used. You can ask us to stop tracking your activity at any time.
- To communicate with you and to comply with legal obligations — Art. 6(1)(b), (f) and (c).
Fonts (no transfer to Google)
The portal’s web fonts are served from our own servers (self-hosted at build time). No connection to Google Fonts / Google servers is made when you load a page, and your IP address is not transmitted to Google for font delivery.
Who we share your data with
- Hosting — Hetzner Online GmbH, servers in Germany (EU); we maintain a data-processing agreement (Auftragsverarbeitungsvertrag) with them.
- Platform operator (Auftragsverarbeiter) — Solarkiosk Solutions GmbH, Schwedter Str. 9A, 10119 Berlin, Germany. Develops, hosts, operates, and maintains the portal platform on our behalf under a data-processing agreement (Auftragsverarbeitungsvertrag).
- Email / communications providers acting as our processors.
- Group companies — including TP HOLD CO. Ltd and TP OPCO Ltd (Nigeria), where necessary to evaluate and manage the investment relationship.
- Authorities, advisers, and professional service providers where required by law or to establish, exercise, or defend legal claims.
We do not sell your personal data.
International data transfer
Your data is primarily stored and processed in Germany (EU). Where data is shared with our group companies in Nigeria, we rely on appropriate safeguards (e.g. EU Standard Contractual Clauses and/or an adequacy assessment) to ensure an equivalent level of protection, as required by Chapter V GDPR.
How long we keep your data
We keep personal data only as long as necessary for the purposes above. Access-request data for declined or withdrawn requests is deleted when no longer needed for the assessment and any record-keeping period; account data is kept for the duration of your access and a reasonable period thereafter; confidentiality-acceptance and other compliance records are retained as required to evidence compliance; server logs are kept for a short period for security and then deleted. (Exact retention periods to be confirmed with counsel.)
Your rights
Under the GDPR you have the right of access, rectification, erasure, restriction, data portability, and objection, and the right to withdraw consent at any time (without affecting prior processing). To exercise any right, contact [email protected]; we respond within one month. You also have the right to lodge a complaint with a supervisory authority — for us, the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit, BlnBDI). If you are in Nigeria, you may also contact the Nigeria Data Protection Commission (NDPC, https://ndpc.gov.ng).
Automated decision-making
We do not take decisions producing legal effects concerning you, or similarly significantly affecting you, based solely on automated processing. Access decisions are reviewed and made by a person.
Children
The portal is directed only at institutional and professional/qualified investors and is not intended for persons under 18. We do not knowingly collect data from children.
How we protect your data
HTTPS/TLS encryption throughout, access-controlled hosting with regular security updates, data-processing agreements with our processors, and access to personal data restricted to authorised personnel.
Changes & contact
We may update this notice; we will update the “Last updated” date and, for significant changes, place a notice in the portal. Questions or concerns: Thomas Rieger, [email protected].