Privacy policy

Privacy Policy

1. Controller

The controller responsible for data processing on this website is:

TIO TIO Social Sports GmbH Schreiberhauer Str. 48, 10317 Berlin, Germany Email: hello@tiotio.club · Phone: +49 173 6341510

2. General information

We take the protection of your personal data seriously. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). This policy explains what data we collect, how we use it, and what rights you have.

3. Hosting and the online store (Shopify)

This website is operated on the Shopify platform (Shopify International Limited, Ireland). Shopify processes data on our behalf to display the store, process orders and payments, and ensure security and stability. A data processing agreement is in place. Data may be transferred to third countries on the basis of EU Standard Contractual Clauses.

4. Data we process

  • Order data: name, billing/shipping address, email, phone, order contents.
  • Payment data: processed by our payment providers (see section 5); we do not store full card details.
  • Account data (if you create an account): login credentials and order history.
  • Communication data: content of inquiries you send us.
  • Usage data: IP address, browser type, device, pages visited (see sections 6–7).
  • Newsletter data: email address and consent record.

Legal bases: Art. 6(1)(b) GDPR (contract performance), Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests), Art. 6(1)(c) GDPR (legal obligations such as tax retention).

5. Payment providers

Depending on the payment method you choose, data is transmitted to the relevant provider:

  • Shopify Payments / Stripe
  • Klarna (Klarna Bank AB)
  • PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A.)

These providers act as independent controllers for the payment transaction. Please consult their respective privacy policies.

6. Cookies and consent

We use technically necessary cookies to operate the store. Analytics and marketing cookies (see section 7) are only set after you give consent via our cookie banner. You can change or withdraw your consent at any time through the cookie settings.

7. Analytics and marketing

Subject to your consent:

  • Google Analytics 4 (Google Ireland Ltd.) — reach and usage analysis.
  • Meta Pixel (Meta Platforms Ireland Ltd.) — conversion measurement and advertising.
  • Klaviyo (Klaviyo Inc.) — email marketing and newsletter management.

These services may transfer data to the USA on the basis of EU Standard Contractual Clauses and/or the EU-US Data Privacy Framework.

8. Newsletter

If you subscribe, we use your email address to send marketing communications based on your consent (Art. 6(1)(a) GDPR). We use the double opt-in procedure. You can unsubscribe at any time via the link in each email or by contacting us.

9. Retention

We retain personal data only as long as necessary for the stated purposes or as required by statutory retention periods (e.g. commercial and tax law: up to 10 years).

10. Your rights

You have the right to access, rectification, erasure, restriction of processing, data portability, and to object to processing. Where processing is based on consent, you may withdraw it at any time with effect for the future. To exercise these rights, contact hello@tiotio.club.

You also have the right to lodge a complaint with a supervisory authority. The authority responsible for us is: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Alt-Moabit 59–61, 10555 Berlin.

11. Changes

We may update this privacy policy to reflect changes in our processing or legal requirements. The current version is always available on this page.