FIFA World Cup 2026

Privacy Policy

GDPR-Compliant Privacy & Data Protection Policy

FIFO (“we,” “our,” or “us”) operates the livematches.online portal. This Privacy Policy describes how we collect, use, process, and disclose your information, including personal data, when you access and browse the website. We are committed to maintaining strict compliance with the European Union General Data Protection Regulation (GDPR), the UK Data Protection Act, and other global privacy frameworks.

By accessing livematches.online, you acknowledge that you have read and understood the data processing practices described in this policy. We present you with a Cookie Consent Banner on your first visit, enabling you to accept or reject non-essential cookies. We block non-essential cookies until you provide consent.

1. Data Controller Details

The data controller for FIFO operations is the FIFO Digital Sports Media Group, Kurfürstendamm 213, 10719 Berlin, Germany. If you have any questions, concerns, or requests regarding this Privacy Policy, our data collection practices, or your individual rights, please contact our Data Protection Officer at privacy@livematches.online.

2. Information We Collect & Process

We collect information through three primary channels when you visit livematches.online:

A. Technical Log Files (Automatically Collected)

When you browse our pages, our servers automatically log standard network communication details. This information includes:
– Your IP (Internet Protocol) address (anonymized for analytics).
– Browser type, engine version, and language settings.
– Operating system and device viewport dimensions.
– Referring URL (the page you visited immediately before coming to our site).
– Date and time stamps of access, and pages viewed.
– Interaction events, such as button clicks and search queries.
This data is processed to ensure site security, diagnose CSS rendering bugs, detect malicious bot traffic, and optimize server-side caching.

B. User-Submitted Information (Voluntarily Provided)

We collect personal data that you explicitly submit to us:
Contact Form: When you send a query via our contact form, we collect your name, email address, subject, and the contents of your message.
Newsletter: If you subscribe to our World Cup news updates, we collect your email address.
Voting Polls: If you participate in our interactive match polls, we store an anonymized identifier and a local cookie to prevent double-voting.

C. Cookies and Local Storage Data

We use cookies to save your theme preferences (light/dark mode toggle) and to manage voting cookies for our fan polls widget, preventing multiple submissions. We also serve third-party cookies for analytics and advertising networks. For detailed details, please consult our Cookie Policy.

3. Legal Basis for Data Processing

Under the GDPR, we process personal data under the following legal bases:

  • Consent (Art. 6(1)(a) GDPR): When you explicitly consent to non-essential cookies via our consent banner, or submit information through our contact form. You may withdraw consent at any time.
  • Legitimate Interests (Art. 6(1)(f) GDPR): To maintain site stability, analyze traffic aggregates for content planning, protect site resources against DDoS attacks, and display relevant context.
  • Legal Compliance (Art. 6(1)(c) GDPR): To comply with obligations under European business, taxation, and privacy regulations.

4. Data Sharing & Third-Party API Integrations

FIFO integrates third-party services to deliver live stats and monetization. We do not sell or lease your personal data. Below are the details of our third-party integrations:

  • API-Football (api-sports.io): All fixtures, standings, and player stats are loaded from API-Football. These queries are made server-to-server; your IP address or personal data is never transmitted to the API provider.
  • Google AdSense: We display programmatic advertisements. Google uses cookies (such as the DART cookie) to serve ads based on your visits to our site and other internet portals. You can opt out of personalized ads by visiting Google Ad Settings.
  • Google Analytics: We collect anonymous traffic metrics to understand how users interact with the site. We configure Google Analytics with IP anonymization, ensuring that your full IP address is never stored.
  • Google Site Kit: A WordPress integration plugin used to manage search console metrics and traffic flows. No personal data is stored by this plugin.

5. Data Security and Caching Layers

We implement secure HTTPS encryption across the entire livematches.online domain to prevent data interception. Our servers are protected by web application firewalls (WAF) and malware scanners. To protect the site from traffic surges during matches, we use advanced server-side caching (transients and page caching). This caching does not store user-specific personal data.

6. Comprehensive Data Processing Map & Data Transfer Safeguards

Our hosting infrastructure is located in secure datacenters in Europe, which comply with strict ISO 27001 standards. If we transfer personal data to countries outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission. We conduct regular privacy audits to verify that our third-party vendors manage your information securely. We do not sell, rent, or lease your data, and we restrict administrative access to a minimal number of engineers who have signed confidentiality agreements.

7. California Consumer Privacy Act (CCPA) Compliance

For visitors residing in California, USA, the California Consumer Privacy Act (CCPA) provides specific privacy rights. You have the right to request details about the categories of personal information we collect, the sources of that information, and the commercial purpose for our collection. You also have the right to request the deletion of your personal information, and the right to opt-out of the “sale” or “sharing” of your personal information. Under the CCPA, we do not sell your personal data. You can exercise these rights by emailing us at privacy@livematches.online. We will not discriminate against you for exercising your CCPA rights.

8. Data Retention Period

We retain technical log files for a maximum of 90 days, after which they are automatically deleted or anonymized. Personal data submitted via contact forms is retained for up to 2 years to facilitate continuous support, unless you request deletion sooner.

9. Your Rights Under the GDPR

If you reside in the European Economic Area (EEA), you possess the following statutory rights under the General Data Protection Regulation:

  • Right of Access (Art. 15 GDPR): You have the right to request copy of the personal data we hold about you.
  • Right to Rectification (Art. 16 GDPR): You can request that we correct inaccurate or incomplete personal details.
  • Right to Erasure (Art. 17 GDPR): You can request the deletion of your personal data (“Right to be Forgotten”).
  • Right to Restriction of Processing (Art. 18 GDPR): You can request that we limit how we process your data.
  • Right to Data Portability (Art. 20 GDPR): You can request a structured, machine-readable copy of your data.
  • Right to Object (Art. 21 GDPR): You can object to data processing based on our legitimate interests.
  • Right to Withdraw Consent (Art. 7(3) GDPR): You can withdraw consent at any time, with future effect.

To exercise any of these rights, please contact our Data Protection Officer at privacy@livematches.online. We will respond to your request within 30 days. You also have the right to lodge a complaint with a data protection authority in your country of residence.