DFL Deutsche Fußball Liga GmbH, Guiollettstr. 44-46, D-60325 Frankfurt am Main (the "DFL") collects, processes and uses personal data which has been captured from visits to the website www.dfl.de (the "Website") in compliance with the applicable data protection provisions of the Federal Republic of Germany. This Data Protection Policy Statement sets out which visitor ("User") data is captured on the Website and how this information is processed and used.
1. Personal data
Personal data is all data containing information about the personal or material circumstances of an identified or identifiable natural person. This includes, for example, name, email address, home address, phone number or date of birth.
2. Data collection, processing and use when the website is accessed over the internet
Each time a User accesses the Website, the User’s internet browser, for technical reasons, automatically supplies the following data to the DFL’s web server:
- IP address of the computer
- date and time of access
- name and URL of file downloaded
- amount of data transmitted
- access status (file transmitted, file not found, etc.)
- data identifying internet browser software and operating system used
- name of internet access provider of user
- website from which the access was made
The collection, processing and use of this information are solely for the purpose of enabling the use of the Website (connection set-up), system security and technical administration of the network infrastructure. No comparison with other datasets or any transfer of the collected data to third parties, even partial transfer, is carried out.
With regard to data collection, processing, and use for the purpose of optimizing the Website through web analytics and the creation of user profiles, additional reference is made to Section 4 of this Privacy Statement.
3. Special terms and conditions for the subpage tomorrow.dfl.de and the DFL Focus: Tomorrow newsletter
3.1 Registration for DFL Focus: Tomorrow newsletter
3.1.1 In order to receive the DFL Focus: Tomorrow Newsletter, the User must subscribe to it including entering his or her personal data (first and last name, email address). The collection, processing and use of these personal data are solely for the purpose of offering the User information and services requested by him/her and only in the nature and extent of the prior consent of the User.
The User may revoke his or her consent prospectively at any time, without this affecting the legitimacy of the processing done prior to the withdrawal of the consent.
3.1.2 The DFL uses the Customer Identity Management Platform provided by Gigya Inc., 855 El Camino Real, Palo Alto, CA 94301 ("Gigya") for the registration for the DFL Focus: Tomorrow newsletter. The use of these data will only be processed for the purposes of enabling the use and the technical administration of this newsletter.
3.1.3 The social login function which is also provided by Gigya allows the User to subscribe for the DFL Focus: Tomorrow newsletter with his/her social media account at Facebook. If the User signs up using Facebook, the following data transfers will take place:
The transmission of information and user data (visited pages, activated fields) to Facebook, with the possibility for Facebook to merge these data with the data relating to the User. Data will then also be transmitted to the US with possible data access by national security authorities without ensuring an European level of data protection. Facebook is a registered member of the EU-US Privacy Shield
The transmission of certain information from the User’s Facebook account to the DFL with the consequence that in addition to the data outlined in this Privacy Statement (IP address), the following information is transmitted to the DFL:
- First name and last name
- email address
IF THE USER DOES NOT WANT TO SHARE THIS INFORMATION, THE USER SHOULD USE THE REGULAR REGISTRATION VIA THE DATA ENTERED BY HIM OR HER MANUALLY.
3.2 Analytics of the use of the DFL Focus: Tomorrow newsletter
The User has been informed in detail about the nature, scope, location and purpose of the collection, processing and use of the personal data. The Users of the DFL Focus: Tomorrow newsletter are assigned a UserID, which allows the DFL to determine when the respective DFL Focus: Tomorrow newsletter was opened and which links or functions from the respective DFL Focus: Tomorrow newsletter were activated. This tracking (tracing) takes place for the internal optimization of the DFL Focus: Tomorrow newsletter. These data will not be disclosed. If the User of the DFL Focus: Tomorrow newsletter does not want this tracking to take place, he/she can unsubscribe from the DFL Focus: Tomorrow newsletter.
4. Data collection, processing and use in the context of web analytics and creation of user profiles
4.1 Web analysis by Google Analytics
The information generated by the cookie about the User’s use of the Website will be transmitted to and stored by Google on servers in the United States. However, if the IP anonymisation feature is activated on the Website, Google will shorten the User’s IP address before this transfer takes place, whilst the information is still inside European Union Member States or other contracting states to the Agreement on the European Economic Area. The full IP address will only be transferred to a Google server in the USA and shortened there in exceptional cases.
Furthermore, the User can prevent Google from recording and processing the data generated by the cookie and relating to his/her use of the Website (including the User’s IP address) by downloading and installing the browser plugin available via the following link.
The User can refuse the use of Google Analytics by clicking on the following link. An opt-out cookie will be placed on the computer, which prevents the future collection of his/her data when visiting the Website: Disable Google Analytics
Further information about the Google privacy terms can be found under the following links: Google Analytics Terms of Service or Google Analytics Overview.
Furthermore, the DFL would like to point out that on this Website, Google Analytics code is supplemented by "gat._anonymizeIp();" to ensure an anonymized collection of IP addresses (so called IP-masking).
4.2 Web analysis for statistically analysis of the speed of the Website
Furthermore, the DFL uses a plugin of the performance analysis service of New Relic Inc. ("New Relic") which enables the DFL to statistically analyse the speed of the Website.
When the User visits a page of the Website which contains such a plugin, his/her browser builds a direct connection to the servers of New Relic. Therefore, the DFL has no influence on the scope of data collected by New Relic and informs the User according to its current information.
By integrating the plugin, New Relic receives the information that the User has accessed the corresponding page of the Website. If the User is logged in at New Relic, New Relic may assign the User’s visit to the Website to his/her account at New Relic. If the User is not a member of New Relic, there is still the possibility that New Relic will detect and store his/her IP address.
If the User is a member of New Relic and does not want New Relic to collect data about him/her in order to combine them with the member data stored by New Relic, the User must logout of New Relic before visiting the Website.
5. Purpose of processing and use of personal data
Any processing or use of a User’s personal data is only for the purposes stated in this Privacy Statement and only to the extent necessary to achieve the respective purposes.
Personal data will not be published by the DFL, nor will it be passed on to third parties without authorization.
Transmission of personal data to government institutions and authorities will only be carried out within the framework of mandatory national legislation or if the transmission is necessary for legal or law enforcement purposes as a result of attacks on the network infrastructure.
6. Retention and deletion of personal data
As soon as it is no longer needed for the purposes for which it was collected or as soon as the User requests so, all personal data stored and all pseudonymised usage data will be directly and irretrievably deleted; this will be the case, provided that the DFL is not under a statutory duty to store the data. If the DFL is under a statutory duty to store the data, the stored personal information and the pseudonymised usage data will be permanently deleted upon expiry of the relevant statutory retention periods.
The DFL uses technical and organizational security measures to protect the personal data of Users from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. These security measures are continually being updated in line with technological developments.
8. Links to other websites
The website may contain links to other websites. This Privacy Statement applies solely to the website of the DFL. The DFL has no influence over, and does not control whether other providers comply with applicable data protection provisions.
9. Right of information, rectification, blocking or deletion of data
Users of the Website have a right to receive information with regard to the personal data collected concerning them. They also have a right to rectification of inaccurate data, as well as blocking or deletion of data. To contact the DFL, click here.
10. Acceptance, validity, and timeliness of the Privacy Statement
By using the Website, the user agrees to the collection, processing, and use of his/her data, as described in this Privacy Statement. This Privacy Statement is currently valid and dated as of 15 January 2018. The DFL reserves the right to change this Privacy Statement at any time as needed with effect for the future, especially in order to adapt it to the further development of the Website or the implementation of new technologies.