1. Allianz Arena
  2. Privacy Policy – Allianz Arena App

Privacy Policy – Allianz Arena App

Increase font size Text size

This Allianz Arena app is operated by FC Bayern München AG ("App"). In this privacy policy you will find information concerning the handling of your personal data when the app is used.

You can use the app perfectly well without logging in. If you do not log in, only technical usage data (e.g. via cookies, see point 2. a.) will be processed, and we will not link this data to your name or email address. However, in that case not all functions will be available to you. The login works via your myFCB access data.

If we offer you functions in the app through which you depart from the app (e.g. links to external websites), we will either inform you of this fact or otherwise you will become aware of it because your device's browser opens.

Overview of this privacy policy

  1. Controller and data protection officer
  2. When you use the app without logging in
  3. Registering for and use of myFCB - General information about data processing
  4. Parking in the Allianz Arena
  5. Tickets in the wallet
  6. Notifications by push message
  7. Environament map
  8. Integration of social embeds from Facebook and Twitter in the app
  9. Data transfer
  10. Your rights

This privacy policy in detail

  1. Controller and data protection officer

The controller with responsibility for processing personal data in connection with this app is:

FC Bayern München AG, Säbener Straße 51-57, D-81547 Munich

Telephone: +49 89 699 31-0

Fax: +49 89 64 41 65

E-mail: service@fcbayern.com

 

If you have any questions concerning data protection, you may also contact our data protection officer at any time at datenschutz@fcbayern.com.

  1. When you use the app without logging in

If you simply install and use the app but do not log in and do not access any webview content, we will only process a minimum amount of technical information from you. It is theoretically possible for some information to identify you, and such data is "personal data" from the legal point of view. However, we only use this information to make the app and its functionalities available to you. We do not process this information in a way that would enable us to assign this information to your name or email address or to analyse your behaviour. 

You will find more detailed explanations in the following sub-sections of this Section 2.

   a. Cookies and similar technologies

We process data with the help of cookies or other technologies ("cookies"). You can view and set your cookie preferences whenever you first open our app and subsequently at any time in our cookie consent solution (under the "Cookie settings" menu item in the app). The settings you make in this way are saved in your device. You must therefore make these settings again if you delete app data on your device or if you reset or reinstall the app or use a different device.

You will find more information about the processing of personal data by means of cookies and similar technologies, the legal basis for our processing as well as the options for making adjustments under Settings -> Cookie Settings

   b. App permissions on your device

In order to operate, the app needs certain ways to communicate with your device. These so-called "permissions" are mainly of a technical nature, e.g. they make it possible to connect to the internet or to save files on your device. We do not receive any personal data from you via these permissions and the permissions only have a local effect on your end device. The following app permissions are relevant from the data protection point of view:

  • Access to your camera and device memory so that your credit card information can be directly recorded and transferred to us at your request (if you don't release the data, we will not have access to it - see section 3b below);
  • Show notifications to provide you with push messages via the app (see section 4 below); and
  • Access to your location so that we can ensure that you have better navigation within the Arena Map.
  • Access to touch ID or face ID to save the login data on the device for convenient access.

You can adjust these permissions in the settings on your device. The app will essentially work even if you switch off these options but you will not be able to use all the app's functions.

  1. Registering for and use of myFCB 

   a. General information about data processing

myFCB is not a core function of the app. However, you can log in to myFCB via the app (or register if you do not have an account yet) to use the myFCB functionalities and, for example, to process payments for parking tickets (see section 4 below).

When you use myFCB, we process your following personal data: place of residence, language of communication, e-mail, password for your login and other information that you provide voluntarily, e.g. name, date of birth, information about your favourite player as well as newsletter preferences.

When you use myFCB, we also process the following information in particular that you provide us with in the registered area of myFCB or which arises during your time of use, if these functions are available in the version of the app used: Information about your address, telephone numbers, account or credit card information, your name, your car registration number (only if you purchase parking tickets), information about your memberships of FC Bayern München eV, the Kids Club, the Fan Club, the purchase of tickets (including parking tickets for the Allianz Arena) or products in the Fan Shop and subscriptions to FC Bayern.tv. You can always view and amend the specific data at myFCB.

We process this data in order to offer you the myFCB area, in particular to provide you with exclusive and personalised content, easy participation in competitions and easy access to offers and services (Art. 6 (1) b GDPR).

We process your personal data until you have deleted your myFCB account and for as long as necessary to comply with our mutual obligations in connection with myFCB. Beyond that, we only store your personal data for the assertion of, or defence against, legal claims or as long as legal obligations to store the data apply.

We also process technical information about your use of myFCB, for example IP address and time of logging in to myFCB, for the purposes and in the interest of IT security (Art. 6 (1) f GDPR). We erase this information 18 months after the respective myFCB registration.

   b. Photographing your credit card

You have the option of taking a picture of your credit card with your mobile phone camera, provided you grant the app the corresponding authorisation - see point 2. b.
This means you do not have to enter all the details manually when you add this data to myFCB or wish to pay for something via the app (e.g. parking tickets as described in point 4).

No data processing is carried out by us during this process, which means we cannot view your credit card data. The processing of your credit card information, i.e. the conversion of the image into text, takes place exclusively on your device. Data processing only takes place as soon as you save your credit card details in your myFCB account or use them in the context of processing a payment to us.

   c. Storage of the login data

To provide a convenient way of logging into the app, we offer you the option of saving your login data in your device via the specific functions of the operating system of that device (touch/face ID, fingerprint). During future login processes, your login data will be loaded from the device’s internal memory. This eliminates the need for manual data entry. The data is stored locally and exclusively on your device. Consequently, this data is not processed by us.

  1. Parking in the Allianz Arena

You can use the app to purchase parking permits for parking spaces on the Allianz Arena grounds ("parking ticket"). You can also use your myFCB access to make a booking. We process your personal data in connection with parking tickets on behalf of Allianz Arena München Stadion GmbH ("MSG"), Werner-Heisenberg-Allee 25, 80939 Munich. Data relating to the actual parking process with the parking ticket will then be processed by MSG. Further information about how to buy parking tickets and the associated processing of personal data can be found here, in the general terms and conditions for online booking of MSG parking tickets under Section 6: https://allianz-arena.com/binaries/content/assets/downloads/allianz-arena/parken/agb-onlinebuchung-parkgebuehr-kennzeichenerkennung_25072019.pdf?v=1564053749488.

  1. Tickets in the wallet

We provide you with a "wallet function" in the app. You can store your tickets for home matches and parking tickets for the Allianz Arena in the wallet so that you can access them easily at any time without having to search for them.

By storing the home match tickets and park tickets you have purchased in your Wallet, data is processed locally on your end device. In this respect, we do not process any additional data beyond the data processing within the scope of ticket purchase, ticket provision and ticket use. To end local data processing on your end device, you simply need to remove the relevant ticket from your Wallet.

However, this does not end the processing of your data in connection with the ticket purchase, ticket provision and ticket use by us. This takes place as long as it is necessary for the fulfillment of the contractual or debt relationship existing with you (Art. 6 para. 1 p. 1 lit. b DSGVO). A longer storage of your personal data will only take place for the assertion of or defense against legal claims or as long as legal obligations to store exist. You can find more details on this in the data protection information that you received in connection with the ticket purchase.

  1. Notifications by push message

If you wish, you will receive news about the Allianz Arena in general (e.g. about events, admission, catering) and about your arena visit, e.g. about promotions in the arena, competitions or Mega Store promotions via push message direct to your device. For this purpose, we process your push message ID, your settings for push messages for provision of the push message - if you have activated location services for the app in the settings in your device, then also your location - as well as your push message history (i.e. which push messages you have received from us).

Receiving push messages is only possible with your consent. You give this consent via the "Notifications" setting in the app. The legal basis for the processing is Art. 6 (1) a GDPR (consent). You can unsubscribe from push notifications via the app settings at any time. 

We process your personal data for this purpose until you revoke your consent, i.e. when you deactivate the receipt of push messages in the app settings. Beyond this, we store your personal data only to the extent that is legally permissible and necessary, e.g. for the assertion of, or defence against, legal claims or for as long as there are legal duties to store the data.

  1. Environment map

The environment map in the app allows you to search for and display fan stores, food stands and other locations near a place you specify in the Allianz Arena (e.g. a specific block in the Allianz Arena) on a map. This function does not process GPS or other location data. Search and display work on the basis of your location input. 

By entering a location on the provided field on the environment map, we process your following data:  IP address, the location you entered, device data (e.g. operating system, browser type), installation ID number (UUID) of the app, app version number and usage data about your request (date, time, URL of the map, map section displayed). Google Ireland and Google LLC US support us as the responsible party in searching and displaying the map sections via an interface. The legal basis for the data processing is the fulfillment of the contract (Art. 6 para. 1 lit. b GDPR). The contract is your request for the map search and map display function.  We process this data only as long as it is necessary to show you the desired location on the map. In addition, we store the data for technical reasons for a maximum of nine months.

  1. Integration of social media content from Facebook and Twitter

In some places in the app we provide you with social embeds from the social networks Facebook and Twitter. Social embeds are content from these two social networks which is displayed directly from the respective social network in our app. It referred to as "embed". This is the embedding of posts, videos or other content from the social platforms.

  • Facebook Ireland Ltd. (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; however, personal data may also be processed by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA), and
  • Twitter International Company (One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland; however, personal data may also be processed by Twitter Inc., 1355 Market Street, Suite 900, San Francisco CA 94103, USA).

You can recognise the social embeds by the respective logos of the companies beside an image or post or other content that is recognisable as external. After activating these social embeds, you can see the content from the respective network which we have included in our app. Consent for one network will not apply for another network.

Before you click on the relevant "Show content" button ("Activation button"), our privacy-friendly activation solution prevents your personal data, e.g. your IP address, from being transferred to the respective social network. As long as you do not click on the activation button, you remain invisible to the relevant social network operators but you cannot then view the relevant content.

We use this privacy-friendly alternative (activation solution) to prevent social networks from tracking and storing internet behaviour without active input from the user.

By clicking the activation button, you agree to be connected directly to the relevant network and to the network processing your personal data. The respective social network will be responsible for data collection and processing by the social network, including the use of cookies and similar technologies by the social network. Please assume at least the following: Information about which of our websites you have visited as well as your IP address will be transferred to the social network, even if you do not have a profile/account with the relevant network or are not currently logged on there. If you are logged on as a member of the social networks, the networks will assign the information to your personal user account. We do not receive any of this information.

We therefore recommend that you read the privacy policy of the respective network before clicking on the activation button:

 

  1. Data transfer

Insofar as we forward your personal data specifically within the scope of data processing described above, we have described this accordingly at the relevant point in this privacy policy. In addition, we forward your personal data in general as follows:

   a. Processor

All personal data which we process within the scope of this app is processed by us here or by the facilities of our service providers. We may transfer your personal data to external service providers, such as IT service providers, to provide you with our services. We have selected these service providers with great care and concluded processing agreements with them.

   b. Third parties (data recipients)

Otherwise, we will transfer your personal data to third parties only if and insofar as this is required or permitted by law or in order to assert legal claims or to investigate or prevent suspected or actual illegal activities. In such cases we will notify you separately about the relevant transfer if and insofar as this is legally required.

   c. Transfer to third countries

If we transfer your personal data to countries outside the European Economic Area (EEA) or use processors in such countries (e.g. in the USA), we comply with the legally required standards and apply the legally required security mechanisms. We achieve this, for example, by agreeing to the EU standard contracts or other legally accepted security mechanisms. Please contact us as explained in Section 1 to learn more about the specific security mechanisms we employ.

  1. Your rights

You have the following legal rights in relation to FC Bayern München AG in respect of personal that relates to you, provided that the respective requirements exist. You can find more information about your rights and the relevant requirements in the privacy policy on our website or on the website of the EU Commission at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_de.

   a. Right to information

You will receive information about whether we process your personal data and if so which data.

   b. Right to rectification and completion

If your personal data is incorrect or incomplete, we will correct it.

   c. Right to erasure ("right to be forgotten")

In certain cases we will have to erase your personal data.

   d. Right to restriction of processing

We restrict the processing of your data.

   e. Right to data portability

You will receive your data in a structured, common and machine-readable format.

   f. Right to object

You may object to the processing because of your specific situation.

You may object to direct advertising and the profiling associated with it at any time.

   g. Right to withdraw data protection consent

You may revoke your consent at any time with effect for the future. Our processing prior to that remains legal.

   h. Right to complain to a data protection authority

You may lodge a complaint with a data protection authority. FC Bayern München AG falls under the jurisdiction of the Bavarian State Supervisory Authority for Data Protection (https://www.lda.bayern.de/de/kontakt.html).

 

Version: April 2022

Online Store FC Bayern Tours
Back to top
OUR PARTNERS
FCBayern.com FC Bayern Museum Press Service
News
Pictures & Videos
Services
Arena Tours
Events & Hospitality
Online Store FC Bayern Tours
© FC Bayern München AG 2000 - 2023
Allianz Arena