Privacy policy

§ 1 Information on the collection of personal data

(1) In the following, we inform you about the processing of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behavior. In this way, we would like to inform you about our processing operations and at the same time comply with the legal obligations, in particular from the EU General Data Protection Regulation (GDPR).

(2) The controller pursuant to Art. 4 No. 7 GDPR is Red&Gold Football GmbH, Säbener Str. 51-57, D-81547 Munich, e-mail: info@rg-football.com (see our imprint).

(3) When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context, if the inquiry is assigned to a contract, after the time limits for the term of the contract, otherwise after the storage is no longer necessary, or restrict the processing if there are legal obligations to retain data.

(4) If we use contracted service providers for individual functions of our offer or wish to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail about the respective processes below. In doing so, we also state the defined criteria for the storage period.

 § 2 Processing of personal data when visiting our website

During informational use of the website, i.e. mere viewing without registration and without you otherwise providing us with information, we process the personal data that your browser transmits to our server or that is required by technically necessary or functional cookies. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis is Art. 6 para. 1 lit. f GDPR:

  • IP address

  • Date and time of the request

  • Time zone difference from Greenwich Mean Time (GMT)

  • Content of the request (page visited)

  • Access status/HTTP status code

  • Data volume transferred in each case

  • previously visited page

  • Browser

  • Operating system

  • Language and version of the browser software

A combination of this data with other data sources is not made. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use. More information about cookies and similar technologies can be found here.

§ 3 Cookies and similar technologies

(1) What are cookies and similar technologies?

Part of our online services requires us to use so-called cookies or similar technologies such as pixels (together: "cookies"). Cookies in this sense are small files or other technologies that store information on or receive information from your device when you browse the Website.

(2) What cookies are used on this website and how to set them with the cookie consent solution?

A list of the cookies we use, descriptions of the purposes of the cookies, and further information about the respective cookies can be found here in our cookie consent solution.

You can accept or reject individual cookies or all cookies separately when you first visit our website and then at any time in our cookie consent solution by placing a green check mark next to the respective cookie or removing it and then clicking on "Save settings".

Your settings made in the cookie consent solution are stored on your computer or mobile device. Therefore, you will have to make them again if you delete your browsing history or use another device or Internet browser.

§ 4 Data deletion and storage period

For the processing operations carried out by us, we indicate below in each case how long the data will be stored by us and when it will be deleted or blocked. If no explicit storage period is specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer applies.

However, storage may take place beyond the specified time in the event of a (threatened) legal dispute with you or other legal proceedings or if storage is provided for by legal regulations to which we are subject as the responsible party (e.g. § 257 HGB, § 147 AO). If the storage period prescribed by the statutory provisions expires, the personal data will be blocked or deleted unless further storage by us is necessary and there is a legal basis for this.

§ 5 Data transfer

Insofar as we pass on your personal data specifically within the scope of data processing described above, we have described this accordingly at the respective point in this data protection declaration. In addition, we pass on your personal data in general as follows:

a) Processor

All personal data that we process within the scope of this website is processed by us or our service providers. We may transfer your personal data to external service providers, such as IT and website optimization service providers, advertising agencies or analytics providers, in order to provide you with our services. We have carefully selected these service providers and concluded data processing agreements with them.

b) Third parties (so-called transferees)

Contractors

We pass on your personal data to other responsible parties who process the personal data for their own purposes, insofar as this is necessary for the execution of the contract or the provision of services. Our contractual partners may use the data thus transmitted exclusively for the purpose for which we transmitted it.

The transfer of your personal data for these purposes takes place for the performance of the contract (Art. 6 para. 1 lit. b GDPR) or due to our legitimate interest (Art. 6 para. 1 lit. f GDPR) to make our operation efficient.

Legal obligation or enforcement of legal claims

We otherwise only transfer your personal data to third parties if and to the extent that this is required or permitted by law or in order to enforce legal claims or to investigate or prevent suspected or actual illegal activities. In these cases, we will inform you separately about the respective transfer if and to the extent this is legally required.

Website service provider

Some functionalities on our website require service providers to process your personal data on their own responsibility. Our contractual partners may use the data thus transmitted exclusively for the purpose for which we transmitted it.

c) Transfer to third countries

If we transfer your personal data to countries outside the European Economic Area (EEA) or data processors in such countries (for example, in the USA), we implement the legally required standards and security mechanisms. We achieve this, for example, by transfers under an adequacy decision according to Art. 45 GDPR or the agreement of the so-called EU standard contracts. Please contact us as described in section 1 to learn more about the specific security mechanisms we use.

§ 6 Secure data transmission

All personal data that you transmit to us during the surfing process in general and in particular during the ordering process are transmitted in encrypted form. We establish a so-called SSL connection for every transaction. SSL (Secure Socket Layer) is a procedure in which your data is encrypted so that it cannot be read by unauthorized persons during transmission on the Internet.

You can recognize the SSL connection by the fact that the Internet address has changed from http:// to https://. Also, the secure connection is usually indicated by a closed padlock in the status bar of your web browser.

§ 7 Your rights

You have the following legal rights vis-à-vis FC Bayern München AG with regard to the personal data concerning you, provided that the respective prerequisites are met. You can find more information about your rights and the relevant prerequisites on the website of the EU Commission at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_de.

a) Right to information

As a data subject, you have the right to request confirmation as to whether we are processing personal data relating to you. If this is the case, you have the right to obtain information about this personal data as well as further information, e.g. the purposes of processing, the recipients and the planned duration of storage or the criteria for determining the duration.

b) Right to rectification and completion

As a data subject, you have the right to request the rectification of inaccurate personal data without undue delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data.

c) Right to erasure ("right to be forgotten")

As a data subject, you may have the right to have your personal data deleted. This is the case, for example, if your personal data is no longer necessary for the original purposes, you have revoked your declaration of consent under data protection law or the personal data was processed unlawfully.

d) Right to restriction of processing

As a data subject, you have a right to restrict processing in the cases prescribed by law.

e) Right to data portability

As a data subject, you have the right, in the cases prescribed by law, to receive the personal data concerning you in a structured, common and machine-readable format.

f) Right of objection

As a data subject, you have the right to object at any time, on grounds relating to your particular situation, to the processing of certain personal data concerning you.

In the event of direct marketing, you as the data subject have the right to object at any time to processing of personal data concerning you for the purposes of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

g) Right to revoke your consent under data protection law

You can revoke your consent to the processing of your personal data at any time with effect for the future. However, the lawfulness of the processing carried out until the revocation is not affected by this.

h) Right to complain to a data protection authority

You have the right to complain to a supervisory authority, in particular in the member state of your residence, workplace or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR. The competent supervisory authority for Red&Gold Football GmbH is the Bavarian State Supervisory Authority for Data Protection (https://www.lda.bayern.de/de/kontakt.html).