We are very pleased about your interest in our company. Data protection is of particular importance to the management of Turnierplan.eu. The use of the Turnierplan.eu website is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in compliance with the country-specific data protection regulations applicable to Turnierplan.eu.

As the controller, Turnierplan.eu has implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed through this website. However, internet-based data transmissions may generally have security gaps, so absolute protection cannot be guaranteed.

1. Controller

2. Purposes and categories of data processing

• Operation and provision of the website
• Contract fulfillment & payment processing (e.g. Stripe)
• Analysis of user behavior & website optimization
• Delivery of personalized advertising (Google Ads / AdSense)
• IT security, abuse and fraud prevention
• Communication via email / contact form
• Compliance with legal obligations

3. Legal basis

• Art. 6 para. 1 lit. a GDPR – Consent
• Art. 6 para. 1 lit. b GDPR – Contract performance
• Art. 6 para. 1 lit. c GDPR – Legal obligation
• Art. 6 para. 1 lit. f GDPR – Legitimate interest (IT security, economic operation)

4. Categories of recipients & processors

• Hosting provider: Strato
• Payment provider: Stripe Payments Europe Ltd. (data may be transferred to the USA, EU-US Data Privacy Framework)
• Analytics & marketing: Google LLC (Analytics, Ads, AdSense; possible third country USA, EU-US Data Privacy Framework)
• reCAPTCHA: Google LLC (USA, EU-US Privacy Framework)
• Authorities & public bodies where legally required

All service providers process data on the basis of data processing agreements (Art. 28 GDPR) or their own legal basis.

5. Cookies & consent management

We use cookies and similar technologies. They are divided into the following categories:

• Essential cookies – required for functionality, security, Stripe, reCAPTCHA
  • PHPSESSID – session cookie, duration: session
  • turnierplan-consent – consent storage, duration: 13 months
  • remember_token – login storage, duration: 30 days
• Analytics / statistics – e.g. Google Analytics
  • _ga, _gid, _gat – duration: 13 months
• Marketing / advertising – e.g. Google Ads / AdSense
  • IDE, NID, ANID, FCCDCF – duration: 6 months

Consents are collected via Klaro (consent management). You can withdraw your consent at any time via cookie settings .

6. Tracking technologies & objection

You can disable tracking at any time:

• Browser settings / add-ons / plugins
• Opt-out links:
  • Google Analytics opt-out
  • Google Ads opt-out

Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

7. Storage duration

• Server logs / sessions: 14 days
• Cookies: 6–13 months depending on category
• Invoices / accounting: 10 years
• Contact forms: 24 months
• Consent logs: 24 months

8. Your rights

• Access (Art. 15 GDPR)
• Rectification (Art. 16 GDPR)
• Erasure (Art. 17 GDPR)
• Restriction (Art. 18 GDPR)
• Data portability (Art. 20 GDPR)
• Objection (Art. 21 GDPR)
• Withdrawal of consent at any time (Art. 7 para. 3 GDPR)

9. Right to lodge a complaint

You can lodge a complaint with the competent supervisory authority at any time:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 27, 91522 Ansbach
Phone: 0981 53-1300
Fax: 0981 53-1320
Email: poststelle@lda.bayern.de
Website: https://www.lda.bayern.de

10. Limitation of liability

11. Data security

SSL/TLS encryption, encrypted database access, admin panels, and organizational & technical measures protect your data against unauthorized access, loss, or manipulation.