Privacy Policy

TNG Technology Consulting GmbH (hereinafter referred to as TNG / We) welcomes your visit to our website and your interest in our company. We take the protection of your personal data seriously and want you to feel safe and comfortable when visiting our website.

TNG aims to minimize the use of personal data in the internet services for which we are responsible. All personal data accumulated within the framework of the internet services provided by TNG will be processed and used in accordance with the applicable regulations for the protection of personal data. Under no circumstances will TNG use your personal data for other purposes.

1. Controller

Data processing on this website is the responsibility of the controller, namely:

TNG Technology Consulting GmbH
Beta-Straße 13
85774 Unterföhring
Germany

2. Data Security

TNG Technology Consulting GmbH uses technical and organizational security measures to protect the data made available to TNG Technology Consulting GmbH from accidental or intentional manipulation, loss, destruction or access by unauthorized persons.

Our security measures are continuously updated in line with technological developments.

3. Data Processing

Here we inform you about how we process your personal data. "Personal data" in this context includes all information relating to an identified or identifiable natural person. "Processing" means all operations or series of operations relating to personal data, such as the collection or storage of personal data.

3.1 Website Hosting

Each time you visit our website, we automatically collect and store the following data:

  • IP address
  • Date and time of access
  • Information about your browser and operating system
  • Websites through which you have been redirected to our website
  • Websites that you access through our website

This data will be automatically deleted after 7 days. Exceptions to this rule will only be made in cases where there is a legitimate interest in its further storage, for example to clarify security incidents. In these cases, the data will be deleted as soon as this process is completed.

This data processing is based on our legitimate interest to make our website accessible to users, to identify any functional problems or capacity deficits of our website and to verify security in accordance with Art. 6 para. 1 lit. f DSGVO/UK GDPR.

All data is processed exclusively on infrastructure located within the European Union. No data is transferred to servers outside the EU.

3.2 Using the TrustedTokens API

The data provided by users is processed by the TrustedTokens API and the LLM selected by the user.

All models available on TrustedTokens are hosted on TNG-operated GPU infrastructure in Germany. The data sent to the API is processed only for the purpose of providing the service. In particular, the queries sent by users and the generated responses are not logged or stored by TrustedTokens beyond the duration of the API call. The data is not used to train any models and is not sent to third-party services.

This data processing is based on the performance of the contract in accordance with Art. 6 para. 1 lit. b DSGVO/UK GDPR.

For every API call, we log the following data for operational and security purposes:

  • API key identifier
  • Target endpoint (e.g. /v1/chat/completions)
  • Name of the used model
  • Prompt and completion token counts
  • HTTP status code and latency

This data will be automatically deleted after 30 days.

This data processing is based on our legitimate interest to make our services accessible to users, to assemble aggregate usage statistics, to identify any functional problems or capacity deficits, and to verify security in accordance with Art. 6 para. 1 lit. f DSGVO/UK GDPR.

3.3 Account and Billing Data

When you create a TrustedTokens account, we process the following data:

  • Name and email address
  • Organization name (if provided)
  • Payment information as required by our billing provider

This data is processed for the purpose of fulfilling the contract, providing customer support, and issuing invoices in accordance with Art. 6 para. 1 lit. b DSGVO/UK GDPR.

Billing data is retained for the duration required by applicable tax and commercial law (typically 10 years under German law). Account data is deleted upon account termination, subject to the same retention requirements.

4. Rights of Data Subjects

4.1 DS-GVO (EU) / Data Protection Act 2018 & UK GDPR (UK)

You have the right, in accordance with the laws applicable to you and to the extent provided therein, to access your personal data and to require us to update, rectify or erase your personal data. In addition, in accordance with applicable law, you may restrict TNG's processing of your personal data, and you have the right to data portability. Your right to access your personal data includes the right to obtain a copy of all or certain portions of your personal data in our possession, as long as the provision of such data by TNG does not adversely affect the rights and freedoms of other persons.

Right to object: you have the right to object to the processing of your personal data solely on the basis of TNG's legitimate interest. If you exercise your right to object hereto, TNG will no longer process your personal data unless there are compelling legitimate reasons for further processing or the processing is necessary to establish, exercise or defend legal claims.

If the processing is based on your consent, you can revoke this consent at any time. This revocation only affects future processing.

You also have the right to lodge a complaint with the relevant data protection authority if you believe that the processing of your personal data has violated applicable data protection laws.

4.2 Privacy Act (Australia)

You have the right of access to your data and to request rectification of your data. You also have the right to lodge a complaint if you believe that the processing of your personal data has violated applicable data protection laws. In all such cases, please contact our data protection officer (see section 5).

If you wish to lodge a complaint about our handling of your personal information, you can contact our data protection officer. We take all complaints seriously and will investigate your concerns promptly and fairly. We will respond to your complaint within a reasonable timeframe, usually within 30 days, and inform you of the steps we have taken or will take to address your concerns. We may ask you to provide additional relevant details and may discuss your complaint with our internal departments, our service providers, and others where appropriate. If you are not satisfied with our response, you have the right to lodge a complaint with your relevant data protection authority, e.g. the Office of the Australian Information Commissioner at https://www.oaic.gov.au/about-us/contact-us/.

4.3 Privacy Act (New Zealand)

You have the right of access to your data and to request rectification of your data. In such cases, please contact our data protection officer (see section 5).

4.4 California Consumer Privacy Act

You have the right of access to your personal data and to require us to rectify or erase your personal data. You also have the right to data portability and to restrict the use of sensitive personal data. Exercising these rights, such as the erasure of your data, may result in TNG being unable to provide certain services you have requested or being unable to provide them as desired. Exercising your rights does not carry any further negative consequences for you; TNG will not discriminate against you in any way as a result of exercising your data protection rights. To exercise your rights, please contact our data protection officer (see section 5).

5. Data Protection Officer

If you have any questions regarding the processing of your personal data, you can contact our data protection officer directly, who is also available in case of requests for access, inquiries or complaints:

Data Protection Officer
Dr. Marcel Lippmann
TNG Technology Consulting GmbH
Beta-Straße 13
85774 Unterföhring
Germany

datenschutz@tngtech.com

We can supply our GPG key on request, should you wish to send us your request in encrypted form.

6. Version

This privacy policy was last modified on 2026-06-22. We reserve the right to amend this policy from time to time to reflect changes in our data processing practices. In the event of changes, we will post the new privacy policy on this website.