Privacy Policy (Website)

At the TK8 Sports Academy GmbH (hereinafter “Toni Kroos Academy”), we take the protection of our users’ personal data very seriously. Accordingly, we process personal data in compliance with all legal requirements, in particular with the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). In this Privacy Policy, we explain to users how we process their personal data when they use our website or our social media pages.

1. Controller and Data Protection Officer

The controller for the processing of the personal data is

TK8 Sports Academy GmbH
Walder Straße 5-7
42781 Haan,
Deutschland

E-mail: support@tonikroos-academy.com

We have appointed an external Data Protection Officer, Prof. Dr. jur. Thomas Wilmer, whom users can contact at the following e-mail address: gdpr@tonikroos-academy.com.

 

2. Data collection by this website

When accessing this website, the Internet browser automatically transmits to us or the connection services we use:

  • IP address of the requesting computer
  • Date and time of access
  • URL of the data to be retrieved
  • Amount of data transferred
  • Access status (file transferred, file not found, etc.)
  • Recognition data of the browser and operating system used (“user agent”)
  • URL from which the access was referenced

In addition, individual cookies are used on this website (if applicable). For more details, please refer to section 7 Cookies.

Beyond this, we do not collect any personal data on this website.

 

3. Purposes of processing and legal basis

The collection, processing and use of this data is for the purpose of enabling the use of the website (establishing connectivity), ensuring system security and the technical administration of the network infrastructure. The legal basis of the processing is the protection of our legitimate interests pursuant to Art. 6 (1) lit. f) GDPR. Our legitimate interests here are to provide users with a website that is secure and pleasant to use.

 

4. Contact

In various areas of the website, users have the opportunity to contact us. In this case, when contacting us, the user declares his consent to the related processing of the personal data he has transmitted to us. We process this data for the purposes of users’ establishing contact and our responding accordingly. The legal basis is the user’s consent in accordance with Art. 6 (1) lit. a) GDPR, which the user can revoke at any time with effect for the future.

 

5. Newsletter

If a user registers for our newsletter via the website, we process the personal data provided in order to be able to offer the user the information and services requested by him via the newsletter.

For the distribution of our newsletter, we use CleverReach. The provider is CleverReach GmbH & Co KG, Mühlenstr. 43, 26180 Rastede, Germany. CleverReach organizes and analyzes the distribution of newsletters for us. The personal data processed by CleverReach is stored on servers in Germany or Ireland. We can use this service to analyze the behavior of the recipients of the newsletter, for example, how many recipients have opened the newsletter and how often users clicked on which link in the newsletter. Users can find out more information about CleverReach’s data analysis by visiting https://www.cleverreach.com/de/funktionen/reporting-und-tracking/, or in CleverReach’s Privacy Policy https://www.cleverreach.com/en/privacy-policy/.

The legal basis for this processing is the user’s consent pursuant to Art. 6 (1) lit. a) GDPR, which the user can revoke at any time with future effect, for example by clicking on the unsubscribe link in the newsletter.

 

6. Matomo

We use the open source web analytics application “Matomo” by InnoCraft Ltd, New Zealand on the website to analyze the behavior of our users on the website. This application uses cookies, for more details see Section 7. Cookies. When the website is accessed, the following data is collected and stored:

  • An IP address of the calling system of the user shortened/anonymized by one byte
  • The accessed URL
  • The URL from which the user has reached the called URL (referer)
  • The subpages that are called up from the called-up website
  • The dwell time on the website
  • The frequency of the call to the respective URL(s)

The data is not disclosed to third parties.

The application is set so that the IP addresses are not stored completely, but 1 byte of the IP address is masked. In this way, an assignment of the truncated IP address to the requesting device is no longer possible.

The user can prevent the analysis by making use of the following opt-out:

Klicken Sie auf den unteren Button, um den Inhalt von tonikroosacademy.matomo.cloud zu laden.

Inhalt laden

In this case, an opt-out cookie is set for the user. If the user deletes cookies from his user device in the meantime, this opt-out cookie is also deleted and he must save it again.

 

7. Cookies

We use cookies on the website to make the visit attractive and to enable the use of certain functions. Cookies are small text files that are stored on the user’s computer and enable us to recognize the user device. Users have the option of setting their browser so that no cookies can be stored. In this case, certain areas or functions of the website may not work properly.

The website uses cookies from Matomo to measure the use of the website in order to optimize the website accordingly. We do not share information obtained from these cookies with third parties or use it for customized advertising. The legal basis for the use of these cookies is the protection of legitimate interests in accordance with Art. 6 (1) lit. f) GDPR. The legitimate interests lie in analyzing the use of the website in order to make it as pleasant as possible for users. Users can object to the use of Matomo in Section 6. Objecting to Matomo.

The website stores the following cookies:

Name Lifetime Description
MATOMO_SESSID* 30 minutes / session This cookie from Matomo (formerly: Piwik) of InnoCraft Ltd (New Zealand) is used to track and temporarily store user behavior and page views during the session. We do not share any information collected through this cookie with Matomo or any other third party.
mtm_consent_removed* 30 years This cookie from Matomo of InnoCraft Ltd. (New Zealand) we use to allow users to withdraw their consent.
matomo_ignore Until user deletes We use this cookie from Matomo of InnoCraft Ltd (New Zealand) to mark users for us who have objected to the use of Matomo to measure their user behavior. As long as that cookie is saved, no further analysis cookies are saved. We do not share any information collected through this cookie with Matomo or any other third party.

 

8. Facebook and Instagram

We offer users additional information and content through the Instagram and Facebook platforms, both of which are operated by Facebook Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). We point out to users that they use these platforms and their functions on their own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

When visiting the two platforms, Facebook collects technical information (e.g. the IP address) as well as other information that is available in the form of cookies on the user’s PC. In addition, the data that the user discloses about himself on the platform by editing his profile or interacting on the platform is recorded. Facebook may transfer this data to countries outside the European Union. Facebook describes in general terms in its Data Policy exactly what information Facebook receives, processes and, if applicable, transfers to third countries, how users can contact Facebook, customize their ads, and manage and delete the data Facebook collects https://www.facebook.com/about/privacy. At the following link, users can find the data use policy specific to Instagram’s processing of data https://www.facebook.com/help/instagram/519522125107875.

When you visit our Facebook page, Facebook uses the data collected to provide us, as the operator of the page, with statistical information about the use of the page. With respect to the processing of such Insights data, Facebook and we are joint controllers within the meaning of Article 26(1) of the GDPR. We have entered into a shared responsibility agreement with Facebook, which states that Facebook has primary responsibility for fulfilling data protection obligations and enabling data subjects’ rights. Users can find more information on this at the following link https://www.facebook.com/help/pages/insights.

Furthermore, we only collect and process the data that users make available to us through their interaction on the platforms. The purpose of this processing is to moderate our information offering and respond to content and requests. The legal basis is the protection of our legitimate interests in accordance with Art. 6 (1) lit. f) GDPR or, to the extent the purpose of contacting us is to conclude a contract, Art. 6 (1) lit. b) GDPR.

 

9. TikTok

We use the TikTok platform of TikTok, Inc, 10100 Venice Blvd, Culver City, CA 90232 USA (“TikTok”) to provide additional information to our users. We remind users that they use the TikTok platform and its functions under their own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

The data collected about users when using the Service is processed by TikTok and may be transferred outside the European Union. This includes the IP address, the application used, details of the device used (including device ID and application ID), information on websites accessed, the location, the mobile phone service provider and other information available on the user’s PC in the form of cookies.

In addition, TikTok collects personal data from users for the purpose of evaluating user behavior. TikTok makes some of this data and analysis available to us, as the operator of the TikTok profile, in anonymized and aggregated form. This involves the number of new followers, demographic data such as gender and country, but without any attribution to individual persons. We use these analytics to customize and optimize our TikTok profile to be as user-friendly as possible, as well as to market our posts. The legal basis for this is the protection of our legitimate interests pursuant to Art. 6 (1) lit. f) GDPR.

We have no influence on the type and scope of the data processed by TikTok, the way in which it is processed and used, or the transfer of this data to third parties. TikTok describes in general terms what information it collects and processes in its Privacy Policy, which can be found under the following link https://www.tiktok.com/legal/privacy-policy?lang=en. For information about the cookies set by TikTok, users should refer to the Cookie Policy https://www.tiktok.com/legal/tiktok-website-cookies-policy?lang=en. Users can also find additional information about using TikTok in the End User License Agreement https://www.tiktok.com/legal/terms-of-service?lang=en.

For the TikTok profile setup, we chose the most privacy-friendly settings possible. We, as the provider of the TikTok profile, only collect and process the data from the use of the service which the users make available to us through their interaction on the platform. The purpose of this processing is to moderate our offer and respond to requests. The legal basis is the protection of our legitimate interests according to Art. 6 (1) lit. f) GDPR.

 

10. Twitter

We offer users additional information via the short message service Twitter of Twitter Inc, 795 Folsom St, Suite 600, San Francisco, CA 94107, USA, (“Twitter”). We point out to the users that they use the offered Twitter short message service and its functions on their own responsibility. This applies in particular to the use of interactive functions (e.g. sharing, rating).

The data collected about users when using the service is processed by Twitter and may be transferred to countries outside the European Union. This includes, but is not limited to, the IP address, the application used, information about the device used (including device ID and application ID), information about web pages viewed, location, and mobile phone service provider. This data is attributed to the data of the Twitter account or the Twitter profile of the users. We have no influence on the type and scope of the data processed by Twitter, the type of processing and use or the transfer of this data to third parties.

Users can find information about which data is processed by Twitter and for what purposes in Twitter’s privacy policy (https://twitter.com/privacy?lang=en) as well as on the possibility to view their own data at Twitter (https://support.twitter.com/articles/20172711#). Furthermore, users have the option of requesting information via the Twitter privacy form or archive requests:

As the provider of the information service, we have chosen the most privacy-friendly settings possible. Furthermore, we only collect and process the data that users make available to us through their interaction on Twitter. The purpose of this processing is to moderate our information offering and respond to content and requests. The legal basis is the protection of our legitimate interests in accordance with Art. 6 (1) lit. f) GDPR or, to the extent the purpose of contacting us is to conclude a contract, Art. 6 (1) lit. b) GDPR.

 

11. YouTube

For our YouTube channel, we use the technical platform and service of YouTube, LLC, a company belonging to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, (“Google”). We would like to point out to users that they use the YouTube site and its functions under their own responsibility. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

The data collected about users when using the service is processed by Google and may be transferred outside the European Union. This includes the IP address, the application used, details of the device used (including device ID and application ID), information on websites accessed, the location, the mobile phone service provider and other information available on the user’s PC in the form of cookies.

This data is attributed by Google to the data of the YouTube account or the Google account. We have no influence on the type and scope of the data processed by Google, the way in which it is processed and used and the transfer of this data to third parties. In its Privacy Policy, Google describes in general terms what information it collects and processes. There, users will also find information on how to contact Google, along with settings options with which users can specify that Google cannot collect certain data (such as information on your location). Google’s Privacy Policy is available at the following link https://policies.google.com/privacy. Users can find general information on data protection settings when using Google services at the following link https://safety.google/privacy/privacy-controls/, as well as with specific reference to individual services (including YouTube) at the following link https://policies.google.com/technologies/product-privacy?hl=en. Users can find information on the use of personal data for advertising purposes by Google and on the corresponding settings options at the following link https://safety.google/privacy/ads-and-data/.

For the setup of the YouTube channel, we have chosen the most privacy-friendly settings possible. As the provider of the YouTube channel, we only collect and process the data that users provide to us through their interaction on the platform. The purpose of this processing is to moderate our offer and respond to requests. The legal basis is the protection of our legitimate interests according to Art. 6 (1) lit. f) GDPR.

 

12. Hubspot

On this website we use the service HubSpot. HubSpot is a software company from the USA with a branch in Ireland.

Contact: HubSpot Dublin (Docklands), Ground Floor, Two Dockland Central, Guild Street, Dublin 1, Ireland, Phone: +353 1 5187500.

Hubspot is digital marketing tool that we use to cover various aspects of our online marketing. These include in particular:

– Content Management (website and blog)

– Email marketing (newsletters and automated mailings, e.g. to provide downloads)

– Social media publishing & reporting

– Reporting (e.g. traffic sources, hits, etc.)

– Contact management (e.g. user segmentation & CRM)

– Landing pages and contact forms

As part of the optimization of our marketing measures, the following data may be collected and processed via Hubspot:

– Technical Data (such as browser type, referral URL, performance data, mobile apps data, domain name, operating system incl. version, internet service provider, IP address, device identifier, device model and version).

– Usage data: (such as frequency of use of the application, files viewed, pages viewed, aggregated usage data, duration of visit, access times, events downloaded within the application, click stream data

– Geographic data (such as geographic location and navigation information).

– Data provided by you (such as login information for the HubSpot subscription service or information about you provided via the contact form).

This information, as well as the content of our website, is stored on HubSpot’s servers. It may be used by us to contact visitors to our website and to determine which services or offers are of interest to them.

The information collection works largely via the HubSpot pixel. We use the data collected and further processed by means of HubSpot to optimize our marketing. The legal basis of the processing is your consent to the setting of the HubSpot cookie in accordance with Art. 6 (1) lit. a DSGVO. If you do not want HubSpot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with future effect, for example by clicking here [please add link to revoke consent]. More information on the cookies used by HubSpot can be found here & here. You can find HubSpot’s privacy policy here; more information on HubSpot’s compliance with the requirements of the GDPR here.

More information on HubSpot’s privacy policy ”

More information from HubSpot regarding EU data protection regulations ”

Personal data will be retained for as long as it is necessary to fulfill the purpose of the processing. The data will be deleted as soon as it is no longer required to achieve the purpose. In the context of processing via HubSpot, data may be transferred to the USA. The security of the transfer is secured via so-called standard contractual clauses, which ensure that the processing of personal data is subject to a level of security that corresponds to that of the GDPR.

 

13. Data transfers to third parties

In some areas we use service providers as processors, who may process data for us. This applies in particular to the IT services category. We have concluded contracts with these processors in accordance with Art. 28 (3) GDPR to ensure that they also only process the data in compliance with all data protection laws.

If we are legally obliged to do so, we may also transmit personal data to authorities or courts. The legal basis for this is Art. 6 (1) lit. c) GDPR.

 

14. Storage period of the data

We store personal data for as long as is necessary for the stated purposes of the processing or as long as we are legally entitled or obliged to store it.

 

15. Data Protection Rights

Users may at any time request information pursuant to Article 15 of the GDPR, rectification pursuant to Article 16 of the GDPR, erasure under the conditions of Article 17 of the GDPR, restriction pursuant to Article 18 of the GDPR and their right to data portability pursuant to Article 20 of the GDPR. In addition, users have the right to object to processing on grounds relating to their person in accordance with Article 21 GDPR, insofar as it is based on Article 6 (1) lit. f) GDPR. To the extent that users do not agree with the processing of their data, they have the right to lodge a complaint with a competent supervisory authority. The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen)