Privacy Policy

We collect your personal data so that you can benefit from our Services on the Platform.

This privacy policy is designed to help you understand how your data is used, inform you about your rights and how to exercise them.

If you are a parent or guardian of a minor, we recommend that you supervise your children's online activities, and familiarize yourself with the information below [Section “Processing of personal data of minors”] if you have a parental responsibility for a minor who uses our website, plays our Game, participates in the Championship, or is a young journalist.

About controller

AGT-agency limited liability company, incorporated in Russia, whose registered office is 101990, Moscow, Russia, Maroseika str. 3/13, building 1, office 6, Russian Federation (hereinafter referred to as the Company, or “we”), in carrying out its activities, receives personal data from users by the means of this website and handles them. This policy defines the key areas of activity in the field of processing and ensuring the security of personal data controlled by the Company.

The Privacy Policy was developed in accordance with the best practices concerning personal data processing activities, as well as the GDPR requirements, and is aimed at ensuring protection of human rights and freedoms in the processing of their personal data.

Terms used in this Policy:

Platform − Football for Friendship (hereinafter - F4F) platform (available at:, consisting of the Portal and the Game as well as other features on “” domain.

Game − free multiplatform multiplayer online-game.

Portal − F4F website (available at:, a part of the Platform with partial use of ready-made solutions (CMS and Bulletin Board); there is a registration of participants, their personal accounts, a news feed, enabling live broadcasts, an automatic table of player ratings and a grid of games, tabs by topic.

Account − user’s personal profile allowing the user to play the Game and communicate with other users. Your personal Account is available here

Coaches Academy − third party e-Learning service powered by Thinkific platform with a training program for coaches of teams participating in Championship.

User −data subject that uses the Platform.

Personal data − any information related to a natural person (data subject). For example, personal data are surname, e-mail or phone number.

Processing − actions performed with personal data, including: collecting data that the users enters on the Platform (collection), recording this data to our systems (record) and keeping this data so that we don't lose it (storage), using data to generate a list of teams in the Championship (use), modification of data when we receive new information from you (modification), deletion of data when the purpose of its processing is achieved (deletion), transfer data to Google Inc. for statistics analysis purposes (transfer).

Counterparty − a person (natural or legal) with whom we cooperate under the contract for achieving the personal data processing activities purposes.

International transfer of personal data − transfer of personal data to a foreign state that encompasses such activities as collecting from the user their data and transferring it to another state for processing as well as transfer of such data to our counterparties located in other states for achieving processing purposes.

Cookies − data fragments (text files) from the website you have visited. These fragments are stored in the memory of the browser you use and allow the website to identify you and restore your website preferences such as preferred language used on the Platform.

GDPR − Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

What category of data subjects can a user be classified to while using the Platform?

Using our Platform, we can process personal data of:

• Website visitors;

• Signed-in users (verified email and unverified email);

• Online-game players;

• Championship attendees (older than 12 years old);

• Coaches Academy visitors;

• Applicants to Award;

• Applicants to Experts Forum;

• Applicants to Accreditation;

• Parents or guardians of minors (of younger than 16 years old or less in some jurisdictions) and falling under one of the above-specified categories of data subjects.

Why do we need to process personal data (processing purposes)?

We process personal data for several purposes:

• to register users on the Platform;

• to confirm that parents or guardians have consented to the minor user’s personal data processing;

• to ensure the operation of the website services (for example single sign-on for all services on the Platform);

• to confirm the attendee’s status for the purposes of interaction within legal framework regarding the Platform needs;

• to notify users (about e.g. progress and events in the Game; F4F events and news (of neither commerce nor advertising character); Status of data subject’s requests; as well as notifications of such important nature as parental notifications regarding minor’s personal data processing activities subject to changes);

• to collect website visit statistics: to track the availability of our services, and to analyze the use of our services;

• to collect Game analytics data;

• to execute obligations stipulated by law and other legal acts (including the implementation of decisions of courts and other regulatory bodies);

• to teach trainers on the Thinkific platform

What information do we need to achieve the personal data processing purposes?

We process your data that is mostly associated with your Account. To create an Account a user shall submit the registration form on the Portal with some personal information specified. The Account’s credentials are valid for both the Portal and the Game.

The user’s Account contains the following fields to be filled with purposes for data processing envisaged:

Country To follow your country legislation rules we need to know your country of residence to store your personal information properly in accordance with your country applicable legislation.

The country cannot be changed in future

Email Each account on the Platform shall be bound to the user’s own email to allow the user to restore the access and to be able to manage the amount of user’s personal data processed within the Platform.

To play the Game you don’t need to confirm your email, but some features of the Game are available only to those who has confirmed the email.

You can confirm your email later when you decide to express your wish for the use of the Game features that require confirmed email.

The email is required to reset the password and restore access to the Account.

The email is also required to notify the User about:

— Progress and events in the Game;

— F4F events and news (of neither commerce nor advertising character);

— Execute parental rights over a minor user of the Platform;

— Status of data subject’s requests.

Nickname The Nickname is used both for identification in the Game and on the Portal.

To play the Game and / or to be able to communicate with other users on the Portal you need to think over in what way other players will call you. Just type in a desired Nickname in the field.

If you don’t want to share personal information with other players − you should not include any personal details such as name, surname, year of birth, or age as a part of your Nickname.

Password* Create a password for your account.

The password will be used both for authentication in the Game and on the Portal.

* We do not recommend using personal information when creating a password, so that the password cannot be associated with you in any way. The password is used to protect data and should not contain identification information.

Date of birth To follow your Country legislation rules we need to know the user’s date of birth (in format ddmmyyyy) to decide whether or not we need to collect the consents of their parents or other guardians who have the parental rights over a minor user.

If you are older than the age, up to which your country legislation obliges data controllers to collect parental consent, we will not keep storing your exact date of birth but we will keep the records about the fact that you are not a minor and you are able to manage your personal data by your own decision.

Nevertheless, for some activities within the Platform the exact date of birth may be required as well − for example, for the purposes of Football for Friendship eWorld Championship (eF4F) .

That’s why we ask you to specify your date of birth in format ddmmyyyy.

Parental consent If you are a minor in one of some jurisdictions, we need to obtain your parents’ consent to process your personal data.

Taking into account the context, purposes, means and amount of data processed as well as state of art and reasonable efforts to collect parental consents, we do not collect any prove of the parental or guardian’s rights owner identity via some implemented age-verification measures, since it would be excessive for the personal data processing purposes on the Platform having regard to the risks for data subjects.

Avatar You can add an avatar to your profile to facilitate other users to identify you.

Name You can add your name. This field is not required for the Game but is required for the purposes of participating in the Championship, and application to "Academy of coaches".

Surname You can add your surname. This field is not required for the Game but is required for the purposes of participating in the Championship, and application to "Academy of coaches".

Sex You can specify your sex. This field is not required for the Game, but is required for the Championship, since one of the Championship’s purposes is diversity, and having obtained this data we will be able to achieve this purpose − ensure the diversity among teams.

In addition to the data in Sign Up form we process other personal data categories that with the mentioned above data can be grouped in the following manner:

• general information about the user (name, date of birth, age);

• contact information of the user (email, telephone number);

• device technical information of the user (IP, cookies, MAC-address, login and password, UserID, time spent on website, website errors);

• additional information voluntarily provided by data subjects (avatar pic);

• additional information provided by data subjects by our request for identification purposes for some activities within the Platform (passport / ID);

• additional information regarding legal entities that the data subject is associated with (website, name of organization / working group presenting the project, description of the project);

• game data (achieved game levels, rankings, completed game missions, statistics including the game time or game features usage as well as the data concerning any bugs, malfunctions, or violations).

Processing special categories of personal data

By using our Platform, we do not collect information about racial or ethnic origin, political opinion, religious or philosophical beliefs and sex life.

Processing of personal data of minors

We do process personal data of minors (data subjects of below 18 years or other age in other jurisdictions).

Since some jurisdictions impose specific legal requirements of paying special attention to such data processing activities targeted to minors, we properly assess the risks related that may arise because of such processing activities.

Although we do not express any special target to minors providing our Game to the users, but with due account taken of the fact that our F4F Platform, and the Game as a part of it, could be and, due to our efforts, shall be interesting to minors, we have taken additional special measures regarding parental consent management.

Consents of holders of parental rights

Since our Platform is targeted on some jurisdictions (by making the use of the Platform available in such countries), we are obliged to collect consents from the parents or other authorized holders of parental responsibility over the child for the minor’s personal data processing.

Following the best practices of user-friendly privacy and consent collection design, recommendations of supervisory authorities, results of risk assessment, as well as data minimization principle, we decided the following:

We do not collect consents from parents by ourselves, but we require the minors to confirm that they have obtained the required consents from their parents or guardians for the following:

— Receiving emails about the progress and events in the Game and the Platform, as well as other email-notifications within the Platform.

We do collect the required by law consents from parents by ourselves for the following:

— Minor’s sign up on the Platform;

— Minor’s taking part in the Championship.

and ask the minors to specify their parents’ email to allow them to express their consents for the minor’s data processing.

Following privacy obligations set to us by legal requirements of some countries, we are informing parents or minor’s guardians about the minor’s personal data processing activities within services directed to a child and kindly ask parents or minor’s guardians to get acquainted with our Privacy Policy [link] and Cookies Policy [link] statements and decide, whether or not they are agree with these rules, and if they are agree ask them to provide us with their explicit consent for the minor’s personal data processing. Such explicit consent is strictly required for minor’s sign up on the Platform, that’s why we ask the minor the specify email of their parents or guardians. We reach them and ask for a consent providing them with all necessary information. If no decision is taken by parents or minor’s guardians within 24 hours, we will block the minor’s Account for 3 days, within which parents or minor’s guardians still will be able to take a decision regarding the minor’s personal data, and if there is still no decision taken within this period (4 days in sum), we will delete the minor’s Account as well as the associated with it email of parents or minor’s guardians that had been specified.

Since we are collecting the information about date of birth of the minor, we confirm, that after reaching the age, when this data subject can express their own consent in accordance with their national law, we will contact such data subject asking for expressing their own consent for continuing their personal data processing.

At any time, parents or guardians can withdraw their consent for processing personal information about their children associated with a particular Account, and can request the deletion the personal information we have collected in connection with that minor’s Account. Please keep in mind that such a request to deletion may lead to a termination of the Account and associated data e.g. related to taking part in Championship.

Nevertheless, after receiving such a request we restrict the personal data processing for a grace-period of 45-days, during which you can change your mind and cancel your deletion request − this is how you can restore access to your Account. If there is no cancel during grace-period, we will delete all the data associated with the Account, and it would be impossible to restore data.

Where a minor has registered their Account, we use the following method to allow parents or guardians to access, change, or delete the personally identifiable information that we have collected from their child:

Parents can contact us to request access to, change, or delete their child’s personal information by sending an email to us at A valid request to delete personal information will be completed within a reasonable time taking into account the need to verify the legitimacy of parents’ request. Parents are expected to be able to provide some information related to their child to prove their identity. Asking for this information and we are guided by our legitimate interest as a legal basis for such data processing aiming to protect the users of the Platform from unauthorized access to their data.

Our principles of personal data processing

When processing personal data we adhere to the following principles:

• We process personal data in a lawful, fair and transparent manner.

The legal basis for processing may be: consent, or our legitimate interest.

• We limit ourselves to achieving specific, predetermined and legitimate purposes.

This means that we process your personal data only to achieve specific data processing purposes and do not use the data you provide for purposes differing from those that it was collected for − Why do we need to process personal data (processing purposes)?

• We process personal data in a form and in an amount sufficient for the stated purposes.

We collect the minimum amount of personal data necessary to achieve purposes of data processing − What your information do we need to achieve the personal data processing purposes?

• We store personal data in a form, which allows identifying you for no longer, than it is necessary for the purposes for which the personal data is processed.

We ensure the timely destruction of your data and do not store them after achieving the declared purposes or in case of loss of the need to reach the purposes.

• Ensure the accuracy, sufficiency and relevance of personal data.

We take the necessary measures to delete or update incomplete or inaccurate personal data if we become aware of this or you decide to execute your related data subject’s right.

• We ensure the confidentiality of personal data and take all the necessary organizational and technical measures to protect the data.

You can read more about the measures to protect your personal data in the section − What we do to protect your personal data.

In some cases, but only with your consent, we transfer data to our partners. In this case, we carefully monitor compliance with the principles of personal data processing and the application of appropriate security measures.

We are responsible for the compliance of our activities with the above-mentioned principles for the processing of personal data in accordance with applicable law.

Who can get access to personal data?

Your personal data can be transferred to the following categories of recipients in compliance with the listed above principles of personal data processing:

• Google Inc. (USA, processor, for the purposes of Google Analytics.

• Thinkific platform (Canada, controller) for the purposes teach trainers.

We use Single Sign On (SSO) technique to allow you to use Coaches Academy on the Thinkific platform with your current Account on the Platform without going through any additional sign up on the website This feature is available for users who logged into their Account on our Platform, verified their email and filled in their first and last name. To do this, the Platform automatically creates a user Account in the Coaches Academy (if it was not created by you earlier), which means the transfer of your email, first name, and last name from our Platform to Thinkific. If you have previously created a personal Account in the Coaches Academy, then your email, first name and surname will be used to bind this personal Account to your Account on the Platform.

• Amazon Web Services, Inc. (USA, processor), as a provider of AWS (

International transfer of your personal data

Initially, your personal data is collected in your country and is stored in cloud-systems, which servers are physically located in your country in accordance with the country that you specify while registration process.

For your data may be transferred to third countries (for a list of countries, see Who can get access to personal data?, including those that are not recognized by the European Commission as countries ensuring the adequate level of protection of rights and freedoms of data subject.

Our Game’s servers are located in USA, and your data can be transferred to these countries.

Nevertheless, we take all necessary measured to ensure such security level by concluding legally binding contracts that may contain standard contractual clauses approved by the European Commission and, if necessary, we carry out an analysis of the measures adequacy.


We use cookies to facilitate our Platform usage and to adapt the content to the user's preferences.

Websites can read and allocate cookies, which allow them to identify the user and store important information about the user, to make the sites more convenient in use (e.g. via storing the preferred website settings). Cookies also can be used to speed up your future experience with our Platform.

To find out more − get acquainted with our Cookies Policy on the Portal.

Storage periods for various data may differ

Your personal data are deleted as soon as the purposes of processing are achieved, or in case of loss of the need to achieve these purposes.

What do we do to protect your personal data?

To protect your data we perform the following activities:

• we have appointed a person responsible for organizing the personal data processing;

• we evaluate the risks of personal data processing and take measures to ensure the security of your data;

• we carry out assessments of the harm that may be caused to you in case of violation of the requirements for processing and ensuring the security of personal data;

• we have taken appropriate and effective measures to protect you from risks of discrimination, data theft, personal data fraud, financial loss, reputation damage, breach of the confidentiality of your data and any other significant economic or social damage;

• we conduct internal audit of the processes and protection measures of your data every 2 years.

• we provide training to our employees on the issues of information security and data protection;

• we organized the process of receipt and processing control of your requests and appeals.

About the rights of data subjects

If you are a data subject in the European Economic Area, within the framework of the GDPR we guarantee free of charge the granting of the following rights to you exclusively in relation to your personal data:

• correct the provided personal data if they are incomplete and (or) incorrect (Art. 16 GDPR);

• withdraw consent to the processing of personal data with the subsequent deletion of personal data (Art. 7 GDPR);

• receive information relating to the processing of personal data (Art. 15 GDPR);

• restrict processing and delete personal data (Art. 17, 18 GDPR);

• if you consider that your rights and interests have been violated, you can lodge a complaint (Art. 21 GDPR). We will do our best to change the situation for the better. To do this, write to us via the contacts specified below in this section;

• if you consider that your rights and interests have been violated, you have the right to file a claim to the relevant supervisory authority (Art. 21 GDPR).

• receive personal data provided to us in a structured format and transfer this data to other organizations (Art. 20 GDPR);

• receive a copy of the personal data processed by the Company (Art. 15 GDPR);

• to be informed about personal data breach (Art. 34 GDPR).

• to lodge a complaint with a supervisory authority, if data subject’s rights have been violated (Article 77 of the GDPR).

• to compensation and liability (Article 82 of the GDPR).

The execution of the above mentioned rights is possible only in the case of a unique identification of the data subject. We notify you about your obligation to provide us with accurate personal data. If you would like to exercise your data subject rights and / or have privacy-related questions or concerns, please, feel free to ask us − just contact us via


We are welcome to your questions and feedback about this Policy. If you have any questions, please feel free to tell us about it in any convenient way specified below.

Contact information

Mailing address: 101990, Moscow, Russia, Maroseika str. 3/13, building 1, office 6


Phone: +7 (495) 624 03 01

This document may be subject to change

We regularly review the personal data processing activities described above and update the provisions of the Privacy Policy as necessary.

We will notify you about changes to the Privacy Policy by email or by notice on the Platform. We encourage you to periodically review this page for up-to-date information about our Privacy Policy.

Date of publication: 16-Oct-2020

Document version: 1