Privacy Policy

The protection of personal data is of particular importance to the operator of this website (GFL Bowl – American Football Verband Deutschland e.V.). The use of this website is generally possible without providing personal data. If special services are used (e.g. ticket purchases), the processing of personal data may become necessary.

Personal data is processed in accordance with the General Data Protection Regulation (GDPR) and the German Telecommunications and Telemedia Data Protection Act (TTDSG). This Privacy Policy informs you about the nature, scope and purpose of the processing and about the rights of data subjects.

1. Controller

American Football Verband Deutschland e.V.
Richard-Herrmann-Platz 1
60386 Frankfurt am Main, Germany
Phone: +49 69 87001593
Email: office@afvd.de
Web: www.afvd.de

2. Data Protection Officer

Email: datenschutz@afvd.de
(Further contact details will be added as soon as available.)

3. Hosting

The hosting of this website is provided by:

ALL-INKL.COM – Neue Medien Münnich
Hauptstraße 68, 02742 Friedersdorf, Germany

A data processing agreement pursuant to Art. 28 GDPR has been concluded.

4. Cookies and Consent Management

We use a consent management tool (Borlabs Cookie) to obtain and document legally required user consent for cookies and similar technologies.

Legal basis for the use of non-essential cookies: Art. 6 (1) a GDPR
Legal basis for essential cookies: Art. 6 (1) f GDPR (legitimate interest — operation of the website)

5. Server Log Files

When accessing this website, the hosting provider automatically collects log files such as:

• Browser type and version
• Operating system used
• Referrer URL
• Host name of the accessing device (IP address, anonymised)
• Date and time of server request

The processing is based on Art. 6 (1) f GDPR (legitimate interest in system security and error analysis).

6. Google Tag Manager

Google Tag Manager is used to manage services such as Google Analytics. The Tag Manager itself does not store personal data but enables the integration of tools that may do so.

Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

7. Google Analytics (IP anonymization enabled)

This website uses Google Analytics (via Google Site Kit) to analyse website usage — only after active user consent through Borlabs Cookie. IP addresses are anonymized before being transmitted to Google (“anonymizeIP”).

Categories of processed data:

• Anonymised IP address
• Usage behaviour (clicks, duration, pages viewed)
• Device and browser information
• Referrer URL

Legal basis: Art. 6 (1) a GDPR (consent)

You may revoke consent at any time by adjusting your cookie settings.

Further information:

• Google Privacy Policy
• Browser Add-on to deactivate Analytics

8. Embedded Ticket Shop (iFrame)

An external ticketing service provider is embedded via iFrame for processing ticket orders. When loading the iFrame, personal data (such as your IP address) may be automatically transmitted to the provider.

Ticketing provider: Will be added once confirmed.

Legal basis: Art. 6 (1) b GDPR (contract fulfilment) or Art. 6 (1) a GDPR (consent through Borlabs Cookie).

9. Contacting Us

If you contact us via email or a contact form, the data you provide will be stored for the purpose of processing your request (Art. 6 (1) b GDPR). Data will not be shared with third parties without consent.

10. Storage Duration

Personal data is stored only as long as necessary for the relevant purposes or as required by legal retention periods.

11. Rights of Data Subjects

You have the following rights under the GDPR:

• Right of access
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to object
• Right to data portability

To exercise these rights, simply send an email to:
datenschutz@afvd.de

12. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your residence or the place of the alleged infringement.

Example authority for Hesse, Germany:
Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1, 65189 Wiesbaden
https://datenschutz.hessen.de

13. SSL / TLS Encryption

This website uses SSL/TLS encryption for security reasons. You can recognize an encrypted connection by the “https://” prefix and the lock symbol in the browser address bar.

14. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy in line with legal requirements and technical changes.

Version: December 2025