Privacy Policy

This Privacy Policy (hereinafter referred to as the “Policy”) governs the relationship between the User (as defined in the Terms & Conditions) and THE FOOTBALL COMPANY GmbH, a company duly incorporated and validly existing under the laws of Germany, having its corporate seat at Am Münchfeld 40 80999 München, Germany (hereinafter referred to as the “Company”).

Preliminary remarks
1. The Policy must be read in conjunction with the Terms and Conditions and the Cookie Policy, present on the website at https://thefootballclub.com/.
2. The Company takes data privacy very seriously and maintains the Policy to describe how the Company will use the information on the Users.
3. The Policy only covers data collected through the Website (as defined in the Terms & Conditions) and other electronic sites and mobile applications directly controlled by the Company (hereinafter collectively referred to as the “Services”). The Policy does not cover any other data collection or processing, including, without limitation, data collection practices of other web pages to which we link as they may be subject to their own privacy policies.
4. The Company is not liable for any possible misinterpretation of the Policy.
Privacy Statement
1. The Policy is intended to inform the Users about how the Company collects, uses, shares and protects or otherwise processes Personal Data (as defined below). Other policies may be notified separately.
2. All Personal Data processed by the Company is necessary to fulfil the purposes for which they were collected. When using the Website for mere information purposes, the Company may also collect the Personal Data that the User’s web browser transmits to the Company’s server, including their IP address, the date and time of their visit, and data relating to their operating system and web browser. The Company uses this data to ensure the security and successful navigation on the Website and to compile statistical data on the use of the Websites.
3. The Company is not in the business of selling or renting the User's information to third parties and does not share their personally identifiable information with others, except as follows:
  1. 2.3.1.for the purpose of delivering the Services (as defined in the Terms & Conditions) to the User;
  2. 2.3.2.for sharing User’s information as required by law or in the interest of protecting or exercising the Company’s or others’ legal rights, for example, in connection with court proceedings or requests from law enforcement officials. Also, the Company reserves the right to use and disclose any information collected via the Website that is not in personally identifiable form;
  3. 2.3.3.to conduct pre-engagement assessments and formalities such as anti-money laundering checks, conflict checks, etc.;
  4. 2.3.4.for client relationship management purposes;
  5. 2.3.5.for internal administrative or operational processes;
  6. 2.3.6.to analyze the services the User may be interested in;
  7. 2.3.7.to send invitations and information from the Company about events, publications, and services provided; and
  8. 2.3.8.to satisfy any legal, regulatory, accounting or reporting requirements.
Acceptance
1. By browsing the Website, the User acknowledges that the Company may collect and process a certain number of Personal Data (as defined below) that relate to them and that they have read and understood the Policy and agree to be bound by it and to comply with all applicable laws and regulations.
2. In particular, the consent for the processing of Personal Data is given once the User and/or the Users ticks the box in the pop-up window which says “I have read the Privacy Policy and agree to be bound by it” (hereinafter referred to as the “Consent”).
3. The Consent is also given when the Users freely submit to the Company the Personal Data required to become a User. This latter understands and agrees that the Company is free to use these Personal Data within the limit provided by law and the Policy.
4. If the User does not agree with the terms of the Policy, please refrain from using the Website.
Principle for processing Personal Data
1. While Processing Personal data, the Company will respect the following general principle:
  1. Fairness and lawfulness
    1. 4.1.1.1.When processing Personal Data, the individual rights of the Personal Data subjects must be protected. Personal Data must be collected and processed lawfully, in a fair manner, in good faith, and must be proportionate to the objective.
  2. Restriction to a specific purpose
    1. 4.1.2.1.Personal Data handled by the Company should be adequate and relevant to the purpose for which they are collected and processed. This requires, in particular, ensuring that the types of Personal Data collected are not excessive for the purpose for which they are collected. Subsequent changes to the purpose are only possible to a limited extent and require substantiation.
  3. Transparency
    1. 4.1.3.1.The User must be informed of how their Personal Data is being handled. When the Personal Data is collected, the User must be informed of:
      1. 4.1.3.1.1.the identity of the Data Protection Officer (as defined below);
      2. 4.1.3.1.2.the purpose of Personal Data processing;
      3. 4.1.3.1.3.third parties to whom the data might be transmitted.
Information the Company may collect about the User.
1. In order to open an account with the Company, the User must first complete and submit a “create account” form to the Company by completing the required information. By completing this form, the User requested to disclose personal information in order to enable the Company to assess their application and comply with the relevant laws (including their regulations).
2. The information that the Company may collect from the User (hereinafter collectively referred to as the “Personal Data”) is as follows:
  1. Full name and contact details (e.g. email address, telephone number, fax etc.);
  2. Date of birth, place of birth, gender, citizenship;
  3. Bank account information and credit card details;
  4. 5.2.4.The digital wallet address;
  5. Other Personal Information or commercial and/or identification information – Whatever information the Company, in our sole discretion, deem necessary to comply with our legal obligations under various anti-money launderings (AML) obligations, such as under the European Union’s 4th AML Directive and the U.S. Bank Secrecy Act (BSA).
3. Personal Data is also the information the Company collects about the User automatically, as:
  1. Browser Information
    1. 5.3.1.1.Information that is automatically collected via analytics systems providers from the user’s browser, including their IP address and/or domain name and any external page that referred the user to the Company, their login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
  2. Log Information
    1. 5.3.2.1.Information that is generated by the User’s use of the Services is automatically collected and stored in the Company server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to pages that the User visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Website, including:
      1. 5.3.2.1.1.date and time;
      2. 5.3.2.1.2.page response times download errors, length of visits to certain pages;
      3. 5.3.2.1.3.page interaction information (such as scrolling, clicks, and mouse-overs); and
      4. 5.3.2.1.4.methods used to browse away from the page;
4. Personal Data is also the information the Company receives about the user from other sources.
5. The Company obtain information about the User in a number of ways through their use of the Services, the account opening process, webinar sign-up forms, event subscribing, news and updates subscribing, and from information provided in the course of ongoing support service communications. The Company also receives information about the User from third parties such as your payment providers and through publicly available sources.
Disclosure of the User’s Personal Data
1. The Company will not disclose any of the User’s Personal Data to a third party, except:
  1. to the extent that it is required to do so pursuant to any applicable laws, rules or regulations;
  2. if there is a duty to disclose;
  3. if our legitimate business interests require disclosure;
  4. in line with what it’s stated in the Terms and Conditions and Cookie Policy;
  5. at the User’s request or with their consent or to those described in the Policy. The Company will endeavour to make such disclosures on a “need-to-know” basis unless otherwise instructed by a regulatory authority. Under such circumstances, the Company will notify the third party regarding the confidential nature of any such Personal Data.
2. As part of using the user’s Personal Data for the purposes set out above, the Company may disclose the User’s Personal Data to the following:
  1. Any members of the Company, which means that any of the Company’s affiliates and subsidiaries may receive such information;
  2. Any of the Company’s service providers and business partners, for business purposes, such as specialist advisors who have been contracted to provide the Company with administrative, financial, legal, tax, compliance, insurance, IT, debt-recovery, analytics, research or other services;
3. If the Company discloses the User’s Personal Data to service providers and business partners in order to perform the services requested by clients, such providers and partners may store those Personal Data within their own systems in order to comply with their legal and other obligations.
4. The Company requires that service providers and business partners who process personal information acknowledge the confidentiality of the Personal Data, undertake to respect any User’s right to privacy and comply with all relevant privacy and data protection laws and the Policy.
Retention of the User’s Personal Data
1. In accordance with applicable laws, the Company will use the User’s Personal Data for as long as necessary to satisfy the purposes for which their Personal Data was collected or to comply with applicable legal requirements.
Lawful basis for processing Personal Data
1. The Company shall process the User’s Personal Data on the following bases and for the following purposes:
  1. 8.1.1.Performance of a contract
    1. 8.1.1.1.The Company processes Personal Data in order to provide its services and products.
    2. 8.1.1.2.The Company must verify the User’s identity in order to accept them as its User, and it will use their Personal Data in order to effectively manage their account. This may include third parties carrying out credit or identity checks on the Company’s behalf. The use of the User’s Personal Data is necessary for the Company to know who they are, as it has a legal obligation to comply with “Know Your Customer” and customer due regulatory diligence obligations.
  2. 8.1.2.Compliance with a legal obligation
    1. 8.1.2.1.There are a number of legal obligations imposed by relevant laws to which the Company is subject, as well as specific statutory requirements, e.g. anti-money laundering laws, financial services laws, corporation laws, privacy laws and tax laws. There are also various supervisory authorities whose laws and regulations apply to the Company. Such obligations and requirements imposed on the Company are necessary for Personal Data processing activities for identity verification, payment processing, compliance with court orders, tax laws or other reporting obligations and anti-money laundering controls.
    2. 8.1.2.2.These obligations apply at various times, including client onboarding, payments and systemic checks for risk management.
  3. 8.1.3.For the purpose of safeguarding legitimate interests
    1. 8.1.3.1.The Company may process Personal Data so as to safeguard the legitimate interests pursued by the Company or by a third party. A legitimate interest is when the Company has a business or commercial reason to use the User's Personal Data. Examples of such processing activities include the following:
      1. 8.1.3.1.1.Initiating legal claims and preparing the Company’s defence in litigation procedures;
      2. 8.1.3.1.2.Measures for managing the business and for further developing products and services;
      3. 8.1.3.1.3.Risk management.
  4. 8.1.4.To investigate or settle enquiries or disputes.
    1. 8.1.4.1.The Company may need to use Personal Data collected from the User to investigate issues or to settle disputes with the User because it is the Company’s legitimate interest to ensure that issues and disputes get investigated and resolved in a timely and efficient manner.
  5. 8.1.5.To comply with applicable laws, subpoenas, court orders, other judicial processes, or the requirements of any applicable regulatory authorities.
    1. 8.1.5.1.The Company may need to use the User’s Personal Data to comply with any applicable laws and regulations, subpoenas, court orders or other judicial processes, or requirements of any applicable regulatory authority. The Company does this not only to comply with its legal obligations but because it may also be in its legitimate interest to do so.
  6. 8.1.6.To send surveys
    1. 8.1.6.1.From time to time, the Company may send User surveys as part of its User feedback process. It is in the Company’s legitimate interest to ask for such feedback to try to ensure that it provides its products and services at the highest standard. However, the Company may, from time to time, also ask the User to participate in other surveys, and if they agree to participate in such surveys, the Company relies on their consent to use the Personal Data collected as part of such surveys.
    2. 8.1.6.2.All responses to any survey the Company sends out, whether for User feedback or otherwise, will be aggregated and depersonalised before the results are published and shared.
  7. 8.1.7.Data analysis
    1. 8.1.7.1.The Website may contain web beacons or pixel tags, or any other similar types of data analysis tools that allow the Company to track receipt of correspondence and count the number of Users that have visited the Website or opened the Company’s correspondence.
    2. 8.1.7.2.The Company may aggregate the User’s Personal Data with the personal information of other Users on an anonymous basis (that is, with their personal identifiers removed) so that more rigorous statistical analysis of general patterns may lead the Company to provide better products and services.
    3. 8.1.7.3.If the User’s Personal Data is completely anonymised, the Company do not require a legal basis as the information will no longer constitute personal information.
    4. 8.1.7.4.If the user’s Personal Data is not in an anonymised form, it is in the Company’s legitimate interest to continually evaluate that personal information to ensure that the products and services it provides are relevant to the market.
  8. 8.1.8.Marketing purposes
    1. 8.1.8.1.The Company may use the User’s Personal Data to send them marketing communications by email or other agreed forms (including social media campaigns) to ensure they are always kept up-to-date with the Company’s latest products and services.
    2. 8.1.8.2.If the Company sends the User marketing communications, it will do so based on their consent and registered marketing preferences.
  9. 8.1.9.Internal business purposes and record keeping
    1. 8.1.9.1.The Company may need to process the User’s Personal Data for internal business and research purposes as well as for record-keeping purposes. Such processing is in the Company’s own legitimate interests and is required in order to comply with its legal obligations. This may include any communications that the Company has with the User in relation to the products and services it provides to the User and its relationship with them.
  10. 8.1.10.Legal Notifications
    1. 8.1.10.1.Often the law requires the Company to advise the User of certain changes to products or services or laws. The Company may need to inform the User of changes to the terms of the features of the Policy.
    2. 8.1.10.2.The Company needs to process the User’s Personal Data to send them these legal notifications. The User will continue to receive this information from the Company even if they choose not to receive direct marketing information from the Company.
Transfers of Personal Data outside of the User’s country
1. By using the Services, the User consents to their Personal Data being transferred to other countries, including countries that have differing levels of privacy and data protection laws than their country.
2. In all such transfers, the Company will protect the User’s Personal Data as described in the Policy and ensure that appropriate information-sharing contractual agreements are in place.
Privacy when using digital assets and blockchains
1. The User’s funding of NFT (as defined in the Terms and Conditions) may be recorded on a public blockchain.
2. Public blockchains are distributed ledgers intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis, which can lead to deanonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data.
3. Because blockchains are decentralized or third-party networks which are not controlled or operated by the Company or its affiliates, the Company is not able to erase, modify, or alter Personal Data from such networks.
Use of Google Analytics
1. The Website uses Google Analytics, an Internet site analysis service supplied by Google Inc. (hereinafter referred to as “Google”). Google uses Cookies which are text files placed on the User’s computer, to help to analyse the use made of the Website.
2. The data generated by the Cookies concerning the User’s use of the Website (including their IP address) will be forwarded to and stored by Google on servers.
3. Google will use this information to evaluate the User’s use of the Website, compile reports on site activity for its publisher and provide other services relating to the activity of the Website and the use of the internet.
4. Google may release these data to third parties if there is a legal obligation to do so or when the third parties process these data for the account of Google, including, in particular, the publisher of the Website.
5. Google will not cross-reference the User’s IP address with any other data held by Google.
Use of Google Cloud Platform
1. 12.1.The Company uses Google Cloud Platform as the platform where it stores all Users' Personal Data.
2. 12.2.The Company assumes that the User has reviewed the Google Cloud Privacy Policy (here is the link: https://cloud.google.com/terms/cloud-privacy-notice).
Protection of Personal Data
1. 13.1.The Company respects the Personal Data of any Users who access the Website, and it is therefore committed to taking all reasonable steps to safeguard any existing or prospective clients, applicants and website visitors.