top of page

PRIVACY POLICY

LAST UPDATED

19 January 2026

CONTROLLER

Kofi Schulz

Leopold Gattringer-Straße 42/1
2345 Brunn am Gebirge

Austria

 

Email: info@kofifootball.com

SCOPE

This policy applies when you:

 

  • visit the website

  • create an account

  • use the member area

  • take the Elite Standards Test

  • subscribe to emails

  • contact us

 

Personal data means any information that can identify you.

DATA WE PROCESS

Account data

 

  • name

  • email address

  • encrypted or hashed password

 

Profile data

 

  • profile picture, if uploaded

 

Training and performance data

 

  • training progress

  • performance records created by you

 

Test data

 

  • email address for report delivery

  • answers to the Elite Standards Test

  • generated report

 

Technical data

  • IP address

  • device and browser information

  • log data such as time, page, and referrer

 

Marketing and analytics data

  • cookie identifiers

  • interaction events, only after consent

PURPOSES AND LEGAL BASES

Website operation and security
 

Purpose: delivery, stability, abuse prevention

Legal basis: legitimate interest (Art. 6(1)(f) GDPR)

 

Account and member access
 

Purpose: account creation, access, progress display

Legal basis: contract (Art. 6(1)(b) GDPR)

 

Elite Standards Test
 

Purpose: process answers, generate and deliver report

Legal basis: contract (Art. 6(1)(b) GDPR)

Marketing follow-up only with consent (Art. 6(1)(a) GDPR)

 

Newsletter and marketing
 

Purpose: send updates and offers

Legal basis: consent (Art. 6(1)(a) GDPR)

You can withdraw consent at any time via the unsubscribe link or by contacting us.

 

Legal duties
 

Purpose: tax, accounting, legal defence

Legal basis: legal obligation (Art. 6(1)(c) GDPR) and legitimate interest (Art. 6(1)(f) GDPR)

Retention: 7 years under Austrian law

MANDATORY OR OPTIONAL DATA

Providing personal data is required to create an account, use member features, or receive reports. If the required data is not provided, we may not be able to deliver the service.

COOKIES

We use:

 

Essential cookies

Required for:

 

  • login

  • security

  • core site functions

    These cookies cannot be disabled.

 

Optional cookies

Used for:

 

  • analytics

  • advertising

    They are set only after your consent via the cookie banner.

 

You can change your cookie preferences at any time via the banner or browser settings.

GOOGLE ANALYTICS

Used to analyse website usage.

 

Data processed:

 

  • visited pages

  • time on site

  • interactions

  • approximate location

  • device data

 

Legal basis: consent (Art. 6(1)(a) GDPR)

Runs only after consent.

META PIXEL

Used for advertising measurement and targeting.

 

Data processed:

 

  • page views

  • actions

  • cookie or device identifiers

 

Legal basis: consent (Art. 6(1)(a) GDPR)

Runs only after consent.

EMBEDDED CONTENT

We embed content from:

 

  • YouTube

  • Instagram

 

When loaded, these providers may receive your IP address and device data and may set cookies.

Embeds that require cookies load only after consent.

EMAIL SERVICES (BREVO)

Used for:

 

  • account-related emails

  • test report delivery

  • newsletters

 

Data processed:

 

  • email address

  • delivery status

  • interaction data, if enabled

 

Legal basis:

 

  • contract for account and report emails

  • consent for newsletters

PAYMENTS

Used for:

 

  • account-related emails

  • test report delivery

  • newsletters

 

Data processed:

 

  • email address

  • delivery status

  • interaction data, if enabled

 

Legal basis:

 

  • contract for account and report emails

  • consent for newsletters

PROCESSORS

We use GDPR-compliant processors with Art. 28 agreements, including:

 

  • Wix (hosting, accounts, CMS, payments)

  • Brevo (email services)

  • Google (Analytics, if enabled)

  • Meta (Pixel, if enabled)

  • YouTube and Instagram (embedded content)

 

Only data necessary for each service is shared.

TRANSFERS OUTSIDE THE EU OR EEA

Some providers may process data in third countries, such as the United States.

 

Safeguards include:

 

  • EU Standard Contractual Clauses

  • adequacy decisions, where available

  • additional technical measures

RETENTION

We store personal data only as long as necessary:

 

  • Account data: while active, then up to 3 years

  • Training data: while active, then up to 12 months

  • Test data for non-members: up to 12 months

  • Newsletter data: until unsubscribe, then up to 3 years

  • Invoices: 7 years

  • Logs: up to 30 days unless required for security

YOUR RIGHTS

You have the right to:

 

  • access (Art. 15 GDPR)

  • rectification (Art. 16 GDPR)

  • erasure (Art. 17 GDPR)

  • restriction (Art. 18 GDPR)

  • data portability (Art. 20 GDPR)

  • objection (Art. 21 GDPR)

  • withdraw consent (Art. 7 GDPR)

 

Requests can be sent to: info@kofifootball.com

COMPLAINTS AUTHORITY

Österreichische Datenschutzbehörde

Barichgasse 40–42

1030 Wien

Austria

Email: dsb@dsb.gv.at

SECURITY

We use appropriate technical and organisational measures to protect personal data.

No system can be guaranteed to be fully secure.

AUTOMATED DECISION-MAKING

We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

CHILDREN

Our services are intended for users aged 16 and above.

We do not knowingly collect personal data from children under 16.

UPDATES

This privacy policy may be updated.

The current version is always published on this website.

bottom of page