Legal
In this privacy notice, we inform you about the processing of your personal data in connection with the use of the Prematch app (hereinafter referred to as the "App"). Personal data is all data relating to an identified or identifiable natural person, e.g. their name or IP address.
1. Overview
The controller for data processing in the App pursuant to Art. 4 (7) UK GDPR is PREMATCH Sports GmbH, Brüsseler Str. 21, 50674 Cologne, Germany, email: privacy@prematchapp.de.
Our representative in the UK is xxx
Our data protection officer can be contacted via heyData GmbH, Schützenstraße 5, 10117 Berlin, Germany, www.heydata.eu, email: datenschutz@heydata.eu.
The scope of the processing of personal data, the purposes of processing and the legal bases are explained in detail in section 2. In principle, the following legal bases exist for processing of personal data:
Where necessary, we transfer personal data to processors for one or more of the purposes specified in this privacy notice as well as to the following recipients in particular:
Insofar as we transfer data to service providers or other third parties outside the European Economic Area (EEA), adequacy regulations pursuant to Art. 45(3) UK GDPR guarantee the security of the data during transfer, insofar as these exist, as is the case, for example, for South Korea and Israel.
If no adequacy regulation exists, the legal basis for data transfers is usually standard data protection clauses. These form part of the contract with the respective third party. According to Art. 46 (2) b UK GDPR, they guarantee the security of data transfers. For registered service providers, we also rely on the UK Extension to the EU-U.S. Data Privacy Framework.
Unless explicit storage periods are specified in this privacy notice, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted, i.e. the data will not be processed for other purposes. This applies, for example, to data that we must retain to comply with our obligations under commercial or tax law.
As a data subject, you have the following rights with regard to the personal data we process concerning you:
In particular, you can object to data being displayed in your profile (e.g. market value) if you do not want this. We will then delete your profile.
You can exercise the above rights by contacting us using the contact details provided in this privacy notice.
As a data subject, you also have the right to complain to the Information Commissioner’s Office about the processing of your personal data.
You are neither contractually nor otherwise legally obliged to provide us with personal data. However, if you refuse to provide such data, which is absolutely necessary for the use of the App or which we are obliged to collect under applicable law, you will not be able to use the App or will only be able to use it to a limited extent.
Mandatory information is marked as such in the App.
In principle, we do not use fully automated decision-making in accordance with Art. 22 UK GDPR. Should we use this technology in individual cases, we will inform you separately where required by law.
Our App is available for download from Google's Play Store and Apple's App Store (hereinafter "Stores"). When you download the App, the required information is transmitted to the stores, in particular your user name, email address and account customer number, time of download, payment information and individual device identification number. We have no influence on this data collection and are not responsible for it. We process the data only to the extent necessary for downloading the App to the mobile device.
When you use our App, we collect data that is necessary to ensure the stability and security of the App. This is our legitimate interest, so the legal basis is Art. 6 (1) f UK GDPR.
We collect data on amateur footballers from public sources, such as online platforms, websites and club press releases. From this data, the App calculates a fictitious market value, which includes the following parameters in particular:
Prematch calculates a fictitious market value for all players in the adult sector (unless they have expressly objected to this). The market values are determined using various publicly available parameters (if known):
The data is stored on our servers for as long as the player is active and deleted as soon as the player requests the deletion of their data.
The legal basis for data processing is Art. 6 (1) f UK GDPR. Our interest is to offer our users an app that is as attractive as possible, including market values for comparing the performance of players.
If you do not agree to your data (e.g. market value) being displayed in our App, you can object to it at any time. We will then remove your profile from the App.
You can open a user account in the App. We process the data requested in this context to perform the contract concluded via the account, so that the legal basis for the processing is Art. 6 (1) b UK GDPR.
As a verified user, you can add further data to your user account on a voluntary basis. You can find further information on this in your user account.
You can log in to our App using one or more single sign-on solutions. You use the login data you have already created for another provider. The prerequisite is that you are already registered with the respective provider. If you log in using the single sign-on solution, we will receive information from the provider that you are logged in with the provider and the provider will receive information that you are using the single sign-on solution in our App. Depending on the settings in your account on the provider's website, the provider may provide us with additional information. The legal basis for this processing lies in the user contract between the provider and you.
The provider(s) of the offered solution(s) are
As a user, you can request to verify your player profile in our App. In order to verify the identity of the user, we process the personal data that is requested in the verification flow.
The legal basis for the processing is Art. 6 (1) f UK GDPR in conjunction with our legitimate interest in preventing the takeover of third-party player profiles.
When you contact us, e.g. by email or telephone, the data you provide us with (e.g. names and email addresses) will be stored by us in order to answer your questions. The legal basis for the processing is our legitimate interest (Art. 6 (1) f UK GDPR) in answering inquiries addressed to us.
We occasionally offer competitions. We process the data requested to determine and notify the winners. We then delete the data. It is in our legitimate interest to offer competitions to attract new users or to interact with our existing users. The legal basis for data processing is Art. 6 (1) f UK GDPR.
From time to time, we conduct surveys to get to know our users and their wishes better. In doing so, we collect the data requested in each case. It is our legitimate interest to get to know our users and their wishes better, so that the legal basis for the associated data processing is Art. 6 (1) f UK GDPR. We delete the data once the results of the surveys have been evaluated.
We reserve the right to inform users who have already used our services and from whom we have received an email address or other address for electronic contact (e.g. via SMS and/or WhatsApp or other messenger services) from time to time via this email or other electronic contact address about our similar offers, unless they have objected to this. The legal basis for this data processing is Art. 6 (1) f UK GDPR. Our legitimate interest lies in the use of direct marketing (Recital 47 UK GDPR). You can object to the use of your email or other electronic contact address for advertising purposes at any time and without stating reasons and at no additional cost, for example via the link at the end of any electronic contact in this context or by email to our email address stated above.
Based on the consent of the recipients (Art. 6 (1) a UK GDPR), we also measure the opening and click rate of our newsletters in order to understand which content is relevant to them.
We send newsletters using the tools
We also regularly send information, vouchers and other marketing communications to users who have registered for our newsletter (by email or telephone number). In these cases, the processing is based on the consent of the recipients in accordance with Art. 6 (1) a UK GDPR. You can revoke your consent to receive the newsletter at any time, e.g. by contacting us using the contact details provided in this privacy notice.
If you have registered to receive communications via WhatsApp, we will process the contact details using WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Further information about the processing of personal data by WhatsApp can be found at https://www.whatsapp.com/legal/privacy-policy.
We use Firebase Cloud Messaging to communicate with our users. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) a UK GDPR. Processing takes place on the basis of consent. You can withdraw your consent at any time with effect for the future, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://firebase.google.com/support/privacy
We use Amazon AWS for hosting. The provider is Amazon Web Services EMEA Sarl, 38 avenue John F. Kennedy, L-1855, Luxembourg. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
It is our legitimate interest to provide an app, so the legal basis for data processing is Art. 6 (1) f UK GDPR. Insofar as the hosting of the data is necessary to fulfill our obligations under the terms of use, the legal basis is Art. 6 (1) b UK GDPR.
Further information can be found in the provider's privacy notice at https://aws.amazon.com/de/privacy/?nc1=f_pr.
We use AppsFlyer for analysis. The provider is AppsFlyer Ltd, 14 Maskit St., Herzlia, Israel. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for the processing is Art. 6 (1) a UK GDPR. Processing takes place on the basis of consent. You can withdraw your consent at any time, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://www.appsflyer.com/legal/privacy-policy/.
We use Firebase for application development. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, D04e5w5, Ireland. The provider processes usage data (e.g. interest in content, access times), contact data (e.g. email addresses, telephone numbers) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR. We have a legitimate interest in developing new applications in a simple manner.
Further information can be found in the provider's privacy notice at https://firebase.google.com/terms/data-processing-terms/.
We use Firebase App Check to track errors in applications and for repair management. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, D04e5w5, Ireland. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR. We have a legitimate interest in appropriately monitoring the functionality of our App.
Further information can be found in the provider's privacy notice at https://policies.google.com/privacy.
We use Firebase Crashlytics to track errors in applications and for repair management. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, D04e5w5, Ireland. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for the processing is Art. 6 (1) f UK GDPR. Our legitimate interest is to be able to offer a functioning app.
Further information can be found in the provider's privacy notice at https://policies.google.com/privacy.
We use CleverTap to analyze and communicate with our users. The provider is WizRocket Inc, 19th Floor, DLH Park, SV Road, Goregaon West, Mumbai 400062, India. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR, insofar as we send you messages with content that is a core component of our App (e.g. messages that inform you about the progress of a game) or do not require consent for other reasons. Insofar as we send you messages that contain advertising content and require prior consent, the legal basis is Art. 6 (1) a UK GDPR in conjunction with your consent. You can withdraw your consent at any time with effect for the future, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://clevertap.com/privacy-policy/.
We use Intercom to communicate with our users. The provider is Intercom R&D Unlimited Company, 2nd Floor Stephen Court, 18-21 St. Stephen's Green, Dublin, 2, Ireland. The provider processes content data (e.g. entries in online forms), contact data (e.g. email addresses, telephone numbers), meta/communication data (e.g. device information, IP addresses) and master data (e.g. names, addresses).
The legal basis for processing is Art. 6 (1) 1 f UK GDPR. Our legitimate interest lies in responding to requests from our users.
Further information can be found in the provider's privacy notice at https://www.intercom.com/de/legal/privacy.
We use Segment for analysis. The provider is Segment.io, Inc, 100 California Street Suite 700 San Francisco, CA 94111, USA. The provider processes meta/communication data (e.g. device information, IP addresses).
The legal basis for the processing is Art. 6 (1) a UK GDPR. Processing takes place on the basis of consent. You can withdraw your consent at any time with effect for the future, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://segment.com/legal/privacy/
We use Sentry to monitor applications and to track errors in applications or on websites. The provider is Functional Software, Inc, 132 Hawthorne Street San Francisco, CA 94107, USA. The provider processes usage data (e.g. interest in content, access times), content data (e.g. entries in online forms) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR. Our legitimate interest is to be able to offer a functioning app.
Further information can be found in the provider's privacy notice at https://sentry.io/privacy/.
We use Amplitude for product analysis. The provider is Amplitude, Inc, 631 Howard St. Floor 5, San Francisco, CA 94105, USA. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) a UK GDPR. Processing takes place on the basis of consent. You can withdraw your consent at any time, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://amplitude.com/privacy.
We use Typeform for questionnaires and forms. The provider is Typeform S.L., 163 Carrer de Bac de Roda, Barcelona, Spain. The provider processes content data (e.g. entries in online forms) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) a UK GDPR. Our legitimate interest lies in particular in enabling user inquiries to our customer service.
Further information can be found in the provider's privacy notice at https://admin.typeform.com/to/dwk6gt.
We use Facebook SDK for analysis. The provider is Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for the processing is Art. 6 (1) a UK GDPR. Processing takes place on the basis of consent. You can withdraw your consent at any time, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://www.facebook.com/policy.php.
We use Zapier for automation between applications. The provider is Zapier, Inc, 548 Market St. #62411, San Francisco, CA 94104-5401, USA. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR. We have a legitimate interest in simply connecting the applications in our company and thus optimizing the way we work.
Further information can be found in the provider's privacy notice at https://zapier.com/privacy.
We use SendGrid to communicate with customers. The provider is Twilio, Inc, 375 Beale Street, Suite 300, San Francisco, CA 94105, USA. The provider processes usage data (e.g. interest in content, access times), contact data (e.g. email addresses, telephone numbers), meta/communication data (e.g. device information, IP addresses) and master data (e.g. names, addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR. We have a legitimate interest in being able to send emails technically.
Further information can be found in the provider's privacy notice at https://www.twilio.com/legal/privacy.
We use Firebase Authentication to authenticate our users. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Dublin, Ireland. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) f UK GDPR. We have a legitimate interest in sufficiently authenticating users of our App.
Further information can be found in the provider's privacy notice at https://policies.google.com/privacy.
We use YouTube videos for videos in the app. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The provider processes usage data (e.g. interest in content, access times) and meta/communication data (e.g. device information, IP addresses).
The legal basis for processing is Art. 6 (1) a UK GDPR. Processing takes place on the basis of consent. You can withdraw your consent at any time, e.g. by contacting us using the contact details provided in this privacy notice.
Further information can be found in the provider's privacy notice at https://policies.google.com/privacy.