Privacy Policy My Football Space GmbH

This Privacy Policy explains the processing of your personal data by My Football Space GmbH, Richard-Wagner-Str. 7d, 60318 Frankfurt (“ we“ or “ MyFS“) as the controller (Art. 4 no. 7 GDPR) and your rights under the GDPR.

1. Purposes of processing

1.1. Processing of personal data you provide

We process personal data that you provide in the context of using certain content and functions on our website or app. For example, if you use the contact form, we process your personal data to respond to your inquiry. The same applies to contact by other means, such as email, messenger or telephone. The legal basis for this processing of your personal data is Art. 6 (1) b) GDPR.

1.2 Creation of FAN.BADGES

If a Creator creates a FAN.BADGE for you, we store it in your Wallet. We generate the respective private key and transfer it to your wallet. We only store the Private Key in plain text in the Wallet App. At MyFS, only an encrypted backup of the respective is stored. The key for decrypting this encryption lies exclusively with you. The legal basis is Art. 6 (1) b) GDPR.

1.3. Purchasing of FAN.COLLECTIBLES

When you buy FAN.COLLECTIBLES, the cryptographic key is stored in your wallet. This will include your blockchain address and other information necessary to complete the transaction. Subsequently, the purchased FAN.COLLECTIBLE will be displayed in your account. The legal basis is Art. 6 (1) b) GDPR.

1.4. Trade with FAN.COLLECTIBLES

This cryptographic key is transferred to the buyer's wallet during a trade. The legal basis for the related processing is Art. 6 (1) b) GDPR as well.

1.5. Member participation via FAN.VOICE

When casting votes via FAN.VOICE, the personal data you provide will be used to conduct polls. When voting via FAN.VOTING, we store this in an audit-proof manner on a blockchain. The legal basis in each case is Art. 6 (1) b) GDPR.

1.6. Log data

When using the website, certain personal data, including data sent by the browser (e.g., IP address, type of cookies, previous website, time and date, content displayed) are temporarily stored. We use this log data to enable you to use our website and, if necessary, to check and enforce our rights and the rights of third parties in the event of damage or infringement of legal regulations, our terms of use and the rights of third parties. The legal basis is Art. 6 (1) f) GDPR. The log files are stored for as long as is necessary for the respective purpose, generally no longer than 14 days.

1.7. Google Analytics

We use Google Analytics with your consent (Art. 6 (1) a GDPR) to better understand our visitors and their interests and to continuously improve our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“ Google“). Google Analytics allows us to analyze traffic and usage patterns of individual users (without further identifying them) or groups (which offers are used how often, how often users return, how long they stay, from which websites users come, from which regions, etc.). Google acts as our processor. The cookies used for this purpose expire after 14 months.

1.8. Google Web Fonts

Our pages use so-called Google Fonts, i.e. fonts from the third-party provider Google. These web fonts can either be retrieved locally from our server or from the server of the respective third-party provider. In this case, personal data may be transferred to Google, in which case Google's Privacy Policy applies. The legal basis for this processing is Art. 6 (1) b GDPR.

1.9. Google Tag Manager

Google Tag Manager is a tag management system provided by Google that we use on our websites. Google Tag Manager allows us to add code snippets, pixels or similar, to our web pages. Google will only process your IP address as a processor and in accordance with the EU standard contractual clauses. Google will not combine your IP address with personal information from other sources. The legal basis is Art. 6 (1) f) GDPR.

1.10. Google Ads

With your consent (Art. 6 (1) a GDPR), we use various Google services for marketing measures.

We use Google Ads to display ads in the Google search engine or on third-party websites. Google Ads can be used to display targeted ads based on the user data available at Google (so-called “target group targeting“). As a website operator, we can evaluate this data by analyzing, for example, which search terms led to the display of our ads. This allows us to optimize our offer and our advertisements.

DoubleClick is used to show you interest-based advertising across the Google advertising network. For example, our advertising may be displayed in Google search results or in advertising banners associated with DoubleClick. For this, DoubleClick must be able to recognize the respective viewer and assign to him, among other things, the web pages visited. For this purpose, DoubleClick uses cookies or other recognition technologies.

1.11. Payment service providers

We use PayPal and Stripe as payment service providers. In addition to your IP address and browser data, they have access to your payment data (esp. credit card number). Paypal is an offer of PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. The provider of Stripe is Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. The legal basis is Art. 6 (1) b) GDPR.

1.12. Other purposes for which we process your personal data

We process your personal data for:

  • fulfill existing and implement new business relationships. We will retain these for the duration of our business relationship. During our business relationship, we may collect contact information, professional qualification data (publications, etc.). Some data is obtained from public sources and websites. Legal basis: Art. 6 (1) b) and f) GDPR.
  • To meet our legitimate interests (Art. 6 (1) f) GDPR), including the following:
    • Enter into corporate transactions (e.g., restructuring, sale or assignment of assets, merger); and
    • Protect our rights or property, enforce our terms of use and legal notices, and provide for the establishment, exercise and defense of legal claims.
  • to fulfill our legal obligations, court orders or other binding decisions. The legal basis is Art. 6 (1) c) GDPR.
  • with your consent (Art. 6 (1) a GDPR) for other purposes, such as subscription to a newsletter; in this case, you have the option to revoke your consent at any time.

2. Recipients of personal data

In addition to the recipients of personal mentioned above, we also use other companies to process personal data on our behalf, for example for hosting, technical support of our website, sending newsletters or for analysis and advertising purposes. Such service providers only process the data on our behalf as so-called processors (Art. 28 GDPR). A processor is in particular our wallet provider Quantoz N.V., Europalaan 100, 3526 KS Utrecht, The Netherlands.

Furthermore, we will share your name and email address as necessary with our cooperation partners, in particular Associazione Calcio Milan and HDR Global Trading Ltd. (BitMEX). This serves the implementation of the cooperation (e.g. for the allocation of rewards).

Furthermore, we transmit personal data to third parties if this is required by law, if this is necessary for the exercise and defense of legal claims or if third parties provide certain services for us (e.g., lawyers, tax consultants).

Insofar as we transfer personal data to third countries outside the EU, we ensure an appropriate level of data protection through contractual measures. You have the right to receive copies of these contracts.

3. Cookies use

In addition to the processing purposes mentioned above, we also use cookies when technically necessary to provide our website or certain content or when we are obliged to do so. For example, we set a cookie to store which cookies you have agreed to or which you have refused. This cookie expires after six months. The legal basis for the use of necessary cookies is Art. 6 (1) b) GDPR or Art. 6 (1) c) GDPR for legally obligatory processing of personal data.

Furthermore, we also use cookies to provide certain functionalities that are not technically necessary but make the use of our website more user-friendly. For example, cookies can be used to save certain preferences of the user, e.g. the display language, and to load them automatically the next time our website is called up. The legal basis for the use of functional cookies is Art. 6 (1) f) GDPR.

Non-required and non-functional cookies (e.g. for marketing purposes), on the other hand, are only processed with your consent. The legal basis for this is Art. 6 (1) a) GDPR.

Unless otherwise stated in this Privacy Policy, cookies remain stored for as long as necessary to fulfill the respective processing purposes. You can prevent the storage of cookies by browser preferences and delete them manually in your browser settings. Please note, however, that some cookies may be mandatory for the use of our website or individual functions.

You can find more information about the cookies set on this website and the possibility to revoke or give your consent here.

4. Retention periods

Unless a specific duration of data storage is specified in this Privacy Policy, we will only process your data as long as this is necessary for the respective purposes or as long as there are legal retention obligations. After the respective processing purpose ceases to apply and retention obligations end, your data will be routinely deleted.

5. Your rights

You can request information about your stored data. If you have provided personal data on the basis of a contract or consent, you have the right to receive this data in a standard and machine-readable format.

In addition, in justified cases, you can also request the deletion, correction or restriction of the processing of your data.

You can revoke your consent at any time with effect for the future.

You can object to the processing of data processed on the basis of our legitimate interests at any time under the conditions of the GDPR.

6. Contact; complaint to supervisory authority

Please address your questions or concerns regarding the processing of your personal data to:

My Football Space GmbH Richard-Wagner-Str. 7d 60318 Frankfurt, Germany

[email protected]

In case of questions and in case of possible concerns about the data processing, you can also contact a supervisory authority. The responsible supervisory authority for myfs is:

The Hessian Commissioner for Data Protection and Freedom of Information

Gustav-Stresemann-Ring 1

65189 Wiesbaden

[email protected]


We use cookies to personalize content and ads, provide social media features, and analyze traffic to our website. We also share information about your use of our website with our social media, advertising and analytics partners. Our partners may combine this information with other data that you have provided to them or that they have collected in the course of your use of the Services.