PRIVACY POLICY

LAST UPDATED

8 April 2026

CONTROLLER

Kofi Schulz

Leopold Gattringer-Straße 42/1
2345 Brunn am Gebirge

Austria

Email: info@kofifootball.com

SCOPE

This policy applies when you:

visit the website
create an account
use the member area
take the Elite Standards Test
purchase or use the Pillar Reset
subscribe to PlayerZone
subscribe to emails
contact us

Personal data means any information that can identify you.

DATA WE PROCESS

Account data:

name
email address
encrypted or hashed password

Profile data:

profile picture, if uploaded

Training and performance data:

training progress
performance records created by you

Test data:

email address for report delivery
answers to the Elite Standards Test
generated report

Technical data:

IP address
device and browser information
log data such as time, page, and referrer

Marketing and analytics data:

cookie identifiers
interaction events, only after consent

PURPOSES AND LEGAL BASES

Website operation and security:

Purpose: delivery, stability, abuse prevention
Legal basis: legitimate interest (Art. 6(1)(f) GDPR)
Legitimate interest pursued: ensuring the secure and stable operation of the website and preventing misuse

Account and member access:

Purpose: account creation, access, progress display
Legal basis: contract (Art. 6(1)(b) GDPR)

Elite Standards Test:

Purpose: process answers, generate and deliver a report
Legal basis: contract (Art. 6(1)(b) GDPR). By submitting the test, you agree to the test terms: you provide your answers and email address, and we generate and deliver your report.
Marketing follow-up only with consent (Art. 6(1)(a) GDPR)

Pillar Reset:

Purpose: process purchase, deliver programme content, manage access
Legal basis: contract (Art. 6(1)(b) GDPR)

PlayerZone:

Purpose: process subscription, deliver content, manage access and subscription status
Legal basis: contract (Art. 6(1)(b) GDPR)

Newsletter and marketing:

Purpose: send updates and offers
Legal basis: consent (Art. 6(1)(a) GDPR)
You can withdraw consent at any time via the unsubscribe link or by contacting us.

Legal duties:

Purpose: tax, accounting, legal defence
Legal basis: legal obligation (Art. 6(1)(c) GDPR) and legitimate interest (Art. 6(1)(f) GDPR)
Legitimate interest pursued: establishing, exercising, or defending legal claims
Retention: 7 years under Austrian law (§132 BAO)

MANDATORY OR OPTIONAL DATA

Providing personal data is required to create an account, use member features, take the Elite Standards Test, purchase the Pillar Reset, subscribe to PlayerZone, or receive reports. If the required data is not provided, we may not be able to deliver the service.

Providing data for marketing purposes is optional. You can use the service without subscribing to marketing emails.

COOKIES

We use:

Essential cookies required for:

required for login
security
core site functions
These cookies cannot be disabled.

Optional cookies used for:

analytics
advertising
They are set only after your consent via the cookie banner.

You can change your cookie preferences at any time via the banner or browser settings.

GOOGLE ANALYTICS

Used to analyse website usage.

Data processed:

visited pages
time on site
interactions
approximate location
device data

Legal basis: consent (Art. 6(1)(a) GDPR)

Runs only after consent.

META PIXEL

Used for advertising measurement and targeting.

Data processed:

page views
actions
cookie or device identifiers

Legal basis: consent (Art. 6(1)(a) GDPR)

Runs only after consent.

EMBEDDED CONTENT

We embed content from:

YouTube
Instagram

When loaded, these providers may receive your IP address and device data and may set cookies.

Embeds that require cookies load only after consent.

EMAIL SERVICES (BREVO)

Used for:

account-related emails
test report delivery
newsletters

Data processed:

email address
delivery status
interaction data, if enabled

Legal basis: contract (Art. 6(1)(b) GDPR) for account and report emails. Consent (Art. 6(1)(a) GDPR) for newsletters.

PAYMENTS

Payments are processed via Wix.

We do not receive or store full payment card details.

We may receive:

payment status
purchased product
billing details for invoices

PROCESSORS

We use GDPR-compliant processors with Art. 28 agreements, including:

Wix (hosting, accounts, CMS, payments)
Brevo (email services)
Google (Analytics, if enabled)
Meta (Pixel, if enabled)
YouTube and Instagram (embedded content)

Only data necessary for each service is shared.

TRANSFERS OUTSIDE THE EU OR EEA

Some providers may process data in third countries, such as the United States.

Safeguards include:

The EU-US Data Privacy Framework, where the provider is certified
EU Standard Contractual Clauses
adequacy decisions, where available
additional technical measures where required

RETENTION

We store personal data only as long as necessary:

Account data: while active, then up to 3 years
Training and performance data: while active, then up to 12 months
Test data for non-members: up to 12 months
Purchase and subscription data: for the duration of the contract, then as required for invoicing (7 years under §132 BAO)
Newsletter data: until unsubscribe, then up to 3 years
Invoices: 7 years
Logs: up to 30 days unless required for security

YOUR RIGHTS

You have the right to:

access your personal data (Art. 15 GDPR)
rectification of inaccurate data (Art. 16 GDPR)
erasure of your data (Art. 17 GDPR)
restriction of processing (Art. 18 GDPR)
data portability (Art. 20 GDPR)
object to processing based on legitimate interest (Art. 21 GDPR)
withdraw consent at any time, without affecting the lawfulness of processing before withdrawal (Art. 7 GDPR)

Right to object to direct marketing:
You have the right to object at any time to the processing of your personal data for direct marketing purposes. If you object, your data will no longer be processed for that purpose. You can exercise this right by using the unsubscribe link in any email or by contacting us.

Requests can be sent to: info@kofifootball.com

We will respond to your request within one month. If your request is complex, we may extend this by up to two further months, but we will inform you within the first month.

COMPLAINTS AUTHORITY

Österreichische Datenschutzbehörde

Barichgasse 40–42

1030 Wien

Austria

Email: dsb@dsb.gv.at

SECURITY

We use appropriate technical and organisational measures to protect personal data.

No system can be guaranteed to be fully secure.

DATA BREACH

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay in accordance with Art. 34 GDPR.

AUTOMATED DECISION-MAKING

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects within the meaning of Art. 22 GDPR.

The Elite Standards Test generates a report based on your answers. This is an informational tool and does not produce legal effects or restrict your access to any service.

CHILDREN

Under Austrian law (§4(4) DSG), users who have reached the age of 14 can consent independently to the processing of their personal data for online services. Users under 14 require the consent of a parent or legal guardian.

We do not knowingly collect personal data from children under 14 without parental consent. If we become aware that we have collected data from a child under 14 without valid parental consent, we will delete that data.

If you are a parent or guardian and believe your child under 14 has provided personal data without your consent, please contact us at info@kofifootball.com.

Note:
Other EU Member States may set different age thresholds (between 13 and 16). The threshold that applies to you depends on where you live.

UPDATES

This privacy policy may be updated. The current version is always published on this website.

WE USE COOKIES

This site uses cookies to see how it performs. Nothing is shared or sold. Read our Privacy Policy.

This site uses cookies to see how it performs.
Nothing is shared or sold. Read our Privacy Policy.