Privacy Policy

Protecting your personal data is especially important to us. We therefore process your data exclusively in accordance with the legal regulations (GDPR, TKG 2003). In this privacy policy, we inform you about the most important aspects of data processing in connection with our website.


Controller

RIESPO Education & Sportbetriebs GmbH
Bahnhofstraße 65/2
4810 Gmunden
Upper Austria
Austria
office@riespo.com


Membership

We process your personal data that falls under the following data categories: Profile picture, name, website, club (name, country, league, team, end of contract), positions (primary, secondary), academy, leagues played, gender, date of birth, height, weight, foot, nationality, languages, residence, videos, photos, links, subscription, email address, password, Google account, Facebook account. Newsletter settings, summaries, app language, profile visibility, subscription. Messages to members, searches in database, time when actions were performed.

You have voluntarily provided us with data about yourself and we process this data based on your consent for the following purposes:

  • Support of the member
  • Presentation on the platform
  • Contact mediation of players, coaches, to clubs as well as
  • for our own advertising purposes, for example to send offers, advertising and newsletters (in electronic form), as well as for the purpose of reference to the existing or former business relationship with the customer (reference).

You can revoke this consent at any time. A revocation has the consequence that we no longer process your data for the above-mentioned purposes from this point on. For a revocation, please contact: office@riespo.com

The data provided by you are furthermore necessary for fulfillment of the contract or for the implementation of pre-contractual measures. Without this data we cannot conclude the contract with you.

We store your data, which is not to be kept for tax reasons, for 3 years. Data which must be kept for tax reasons, we store for 7 years.


Contact

If you contact us by email, the data you provide will be processed for the purpose of handling your inquiry and any follow-up questions. This data will not be shared without your consent.

  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest)

Hetzner

We use Hetzner as a hosting provider to provide the technical infrastructure for the operation of this website.

  • Provider: Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany
  • Privacy Policy: https://www.hetzner.com/legal/privacy-policy/
  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in security and operation)
  • Data processing agreement: A data processing agreement pursuant to Art. 28 GDPR is part of the customer contract.

Scaleway

We use additional servers from Scaleway to store data, which may include personal information.

  • Service provider: Scaleway S.A.S., 8 rue de la Ville l’Évêque, 75008 Paris, France
  • Privacy policy: https://www.scaleway.com/en/privacy-policy/
  • Legal basis: Art. 6 (1) (f) GDPR (legitimate interest in maintaining a stable infrastructure)
  • Data processing agreement: A data processing agreement pursuant to Art. 28 GDPR is part of the customer agreement.

Postmark

We use Postmark to send automated emails related to the use of our services.

  • Provider: ActiveCampaign, LLC, 1 North Dearborn St, 5th Floor, Chicago, IL 60602, USA
  • Privacy Policy: https://postmarkapp.com/eu-privacy
  • Legal basis: Art. 6(1)(b) GDPR (contract / inquiry)
  • Data processing agreement: A data processing agreement pursuant to Art. 28 GDPR is part of the customer contract. Postmark ensures appropriate safeguards pursuant to Art. 46 GDPR (Standard Contractual Clauses).

Stripe

We use the payment service provider Stripe to process payments on our website.

  • Provider: Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland
  • Privacy Policy: https://stripe.com/at/privacy
  • Legal basis: Art. 6(1)(b) GDPR (performance of contractual obligations)
  • Data processing agreement: A data processing agreement pursuant to Art. 28 GDPR is part of Stripe’s terms of use. Stripe ensures appropriate safeguards pursuant to Art. 46 GDPR (Standard Contractual Clauses).

Cloudflare Turnstile

To protect our forms against automated access (bots), we use the “Turnstile” service provided by Cloudflare.

  • Provider: Cloudflare Inc., 101 Townsend St, San Francisco, CA 94107, USA
  • Privacy Policy: https://www.cloudflare.com/de-de/privacypolicy/
  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in the security of our systems)
  • Data processing agreement: A data processing agreement pursuant to Art. 28 GDPR is part of the customer contract. Cloudflare ensures appropriate safeguards pursuant to Art. 46 GDPR (Standard Contractual Clauses).

Server Logs

Server logs store the IP address of the requesting device, as well as the time, target of the request, data volume transferred, status messages, browser and operating system information, and the referring website. These logs are used solely for the technical security and administration of the website and are deleted after a maximum of 30 days.

  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in system security)

Technical Support

To ensure operations, maintain our systems, and support troubleshooting, we use external IT service providers who may access personal data in the course of their work. These providers act solely on the basis of a data processing agreement pursuant to Art. 28 GDPR and follow our instructions.

  • Legal basis: Art. 6(1)(f) GDPR (legitimate interest in maintenance and security)

Your Rights

You have the right to access, rectification, erasure, restriction of processing, data portability, and to object to the processing of your data. If you believe your data is being processed unlawfully, you may lodge a complaint with the Austrian Data Protection Authority.