We need to process your personal information that you provide yourself when you use this app. This information is necessary to ensure complete functionality and to perform the requested services.
This document is issued pursuant to Article 13 of EU Regulation 2016/679 of 27th April 2016 (hereinafter „GDPR“) on protection of natural persons with regard to personal data processing and in compliance with the legislation on personal data processing, as well as on the free movement of such data.
Owner and Data Controller:
39044 Neumarkt (BZ)
When using this app, data is processed and stored locally. If desired, all the data (seasons, tournaments, teams, players and matches) can also be transferred to our server in order to synchronise with other devices or to create a backup of the data. Only users to whom you give your club code can then see this data.
We may transfer your data outside the United Kingdom and the European Union area (see section Analysis with Google Firebase) subject to appropriate safeguards under Art. 46 GDPR. Whenever we transfer your personal data out of the EU area, we ensure a similar degree of protection is afforded to it by ensuring that personal data receives the same protection it has in the EU area.
a) Logs created when accessing our server
Based on our legitimate interests, pursuant to Article 6, section 1, paragraph (f) GDPR, we save data each time the server on which this webservice is located is accessed. This access data includes the date and time it was accessed, the app and operating system version. This is necessary for security reasons, and to find and fix potential errors.
All data to be processed in connection with the operation of this app is stored as part of the hosting. We process such data on the basis of our legitimate interests in accordance with Art. 6 section 1 f) GDPR to enable the operation of the app. To provide our online services, we use the services of a web hosting provider in Germany, to whom we transmit the above data. We have concluded an order processing contract with this provider.
If we use a service provider in the sense of order processing, we remain responsible for the protection of your data. All processors are contractually obliged to treat your data confidentially and only process it within the scope of the provision of services. The processors commissioned by us will receive your data if they need the data to fulfill their respective service. These are, for example, IT service providers that we need for the operation and security of our IT system.
If there is a legal obligation and in the context of legal prosecution, authorities and courts as well as external auditors can be recipients of your data.
The data that you voluntarily disclose when contacting us will not be disclosed to third parties without your explicit consent. We point out in this context that the transmission of data on the Internet (for example in the case of communication by e-mail) may have security gaps.
d) Profile Data
The app can be used both with and without registration. Registration is only required for synchronising the data with the server and thus with other devices. If you create a user account, you agree that your user data (e-mail address and password) will be saved. This allows us to identify you as a user and thus ensure the security of data exchange. The data processing takes place on the basis of Art. 6 section 1 b) GDPR for the fulfillment of the contract.
We will take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, in accordance with Article 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing and the different likelihood and severity of the risk to the rights and freedoms of natural persons. The security measures include the encrypted transmission of data between your device and servers (TLS).
You may give the following optional permissions when using the app. Please note that prior to Android 6.0 it was not possible to give these permissions individually.
When importing players, you have the possibility to import names and birth dates from the contacts on your device. These informations are used purely to create new players in the app, no other informations are read.
You have the option to assign pictures to your players and teams. This has the sole scope to have more appealing list and details views. No other pictures are read, and no pictures are transmitted over the internet.
All data (players, teams, seasons, tournaments and matches) can be saved online and synchronised with other devices. To do so, the creation of a personal account is mandatory. If you do not want to use the synchonisation feature, the app can be used offline.
Analytics with Google Firebase
This app is using technologies from Google Firebase. Google Firebase is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Google Firebase is a developing platform and offers several services.
Use of Google Firebase is effected to optimize this app and improve our offerings. This constitutes a legitimate interest within the meaning of Art. 6 section 1 f) GDPR.
a) Firebase Analytics
Firebase Analytics includes several features that allow us to analyse your in-app behaviour. In this way we can analyse, for example, your screen calls, operation of buttons or in-app purchases. We can also determine which features are commonly or rarely used within the app. For these purposes, Firebase Analytics stores, among others the number and duration of sessions, operating systems, device models, region, and a range of other data.
Use of Firebase Analytics may require the transfer of your personal information to the United States. The storage period for the data thus acquired is up to a maximum of 6 weeks after uninstalling the app. For a detailed overview of the data collected by Firebase Analytics, see: Google Analytics for Firebase
b) Firebase Crashlytics
With the aid of Crashlytics we collect data in case of crashes or errors. In the event of a crash, a crash report is created and transmitted to servers of Google. This includes information about the use of our app and the status of your end device (app version, device type, operating system, version of the operating system, device ID, location, time). We evaluate this data for troubleshooting, solving problems and improving the app. We process the data obtained in this way due to legitimate interests pursuant to Art. 6 section 1 f) GDPR
For a detailed overview of the data collected by Crashlytics, see: Firebase Crashlytics
Your personal data is processed and stored for as long as required by the purpose they have been collected for. We may be allowed to retain personal data for a longer period whenever you have given consent to such processing, as long as such consent is not withdrawn. Furthermore, we may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Data Privacy Rights
You have the right to withdraw consent at any time without affecting the validity of the processing performed prior to such withdrawal of consent (Art. 7 section 3 GDPR)
You have a right to know what information we hold about you and in some cases to have the information communicated to you. If you wish to exercise this right please contact us letting us know that you wish to exercise your right of access and what information in particular you would like to receive. We reserve the right to ask for proof of identity for verification before we provide you with any information. (Art. 15 GDPR)
In the sense of Art. 16 GDPR you can always contact us by e-mail with any request for rectifying personal data. Additionally, there are in-app tools for updating your details.
In the sense of Art. 17 GDPR you have a right to have some of the personal information that we hold about you deleted. If an account was created, all personal data that we have will be deleted. We will also forward a request to our analytics and crash reporting tools providers to remove any of your personal data they might have. Should you wish to have any information about you deleted, please contact us by e-mail, stating which data you wish to be deleted.
e) Restrict Processing
In the sense of Art. 18 GDPR you have the right to restrict the processing of your personal data. If you wish to request restricted processing (for example if you think your data processing is unlawful) please contact us by e-mail stating the reasons for the restriction and the data in question.
You have the right to request that data which you have provided to us is provided to you in a machine-readable format, so you can transfer this to another data controller. (Art. 20 GDPR)
g) Lodge a Complaint
Users have the right to bring a claim before their competent data protection authority.
Exercise of data subject rights