Virgil van Dijk in Liverpool FC kit standing in front of Anfield stadium - represented by ROOF Football Agency.
Mohammed Kudus in West Ham United kit standing in front of London Stadium - represented ROOF - Representatives of Outstanding Footballers.
Serge Gnabry in FC Bayern Munich kit celebrating in front of Allianz Arena - represented by ROOF Football Agency.
ai Havertz in Arsenal kit celebrating a goal in front of Emirates Stadium - represented by ROOF - Representatives of Outstanding Footballers.
I
I

01 ABOUT US

Unlocking

Ademola Lookman in Atalanta Bergamo kit celebrating a goal in front of Gewiss Stadium - represented by ROOF - Representatives of Outstanding Footballers.

Full
Potential

AT ROOF WE WORK IN PARTNERSHIP TOGETHER WITH OUR CLIENTS TO UNLOCK THEIR FULL POTENTIAL, BOTH ON AND OFF THE PITCH.

BETTER

Leon Goretzka in FC Bayern Munich kit celebrating a goal in front of Allianz Arena - represented by ROOF - Representatives of Outstanding Footballers.

TOGETHER

SUCCESS ISN’T ACHIEVED ALONE, 
IT IS BUILT THROUGH WORLD CLASS TEAM WORK.

02 OUR MISSION

ON YOUR TEAM

Using our extensive and industry leading network we work closely with all of our clients to provide an unrivalled and world class service, supporting them on every step of their journey.

AMBITION WITHOUT LIMITS

We are proud to represent some of the most exciting talents in world football. We work with the very best players, coaches, managers, broadcasters and executives, supporting them across all areas of their life and career to allow them to focus on what matters most. 

More than
just a game

We believe responsibility extends beyond performance on the pitch. Whilst we guide and support our clients throughout their professional careers, we also recognise the wider role football can play in society. We work alongside our clients and partners to support initiatives that create meaningful and lasting change, using the reach and influence of football to do this. From local community programmes to international humanitarian projects, ROOF Charity is committed to raising awareness and directing resources where they are needed most. Together, we aim to demonstrate that football’s most lasting impact is often made beyond the game itself.

IMPRINT

ROOF GmbH
Bavariafilmplatz 7
82031 Grünwald
Germany

Phone 
+49 (0) 89/62189902
E-Mail
[email protected]

Managing Director
Thorsten Wirth, Steffen Asal, Daniel Delonga, Andreas Sadlo, Hannes Winzer, Tobias Sander, Björn Bezemer, René vom Bruch

Registry Court
Amtsgericht München

Registry Court Number
HRB 210859

VAT Number according to § 27a
DE 294491038

DATA PRIVACY POLICY

I. Controller

The controller in terms of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) is:

ROOF GmbH

Managing Director: Thorsten Wirth, Steffen Asal, Daniel Delonga, Andreas Sadlo, Hannes Winzer, Tobias Sander, Björn Bezemer
Bavariafilmplatz 7, 82031 Grünwald, Germany

Phone: +49 (0)89 820 400 30
E-Mail: [email protected]

For Privacy inquiries:

Data Privacy Officer: Dr. Philipp Wehler
c/o ROOF GmbH -Datenschutz-
Bavariafilmplatz 7, 82031 Grünwald, Germany
Email: [email protected]

II. General Information on Data Processing

1. Scope of processing of (personal) data

Every time our website is accessed, our system automatically records information from the computer system which accesses it, logging the following data: IP address, Browser type and version, Operating system, Referrer URL, Date and time of access, and Pages visited.

We never use this data to identify you personally or to create user profiles. We process the data only to the extent necessary for the presentation and optimisation of a functional website as well as our content and services. The processing of personal data of our users normally takes place only with their consent. An exception applies in those cases where the data processing is permitted by law.

2. Legal basis for processing personal data

Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR) to ensure system security and website functionality.

2.1 Cookies and Tracking Technologies

Cookies are used on our pages. These Cookies are necessary for technical reasons, so that our pages work correctly and to prevent any manipulation by third parties. We only use „Session-Cookies“, which will be deleted automatically after you close your Browser-Session. We use cookies and similar technologies for Technically necessary cookies (session management, security).

Legal Basis: Technically necessary cookies: Legitimate interest (Art. 6(1)(f) GDPR); Analytics cookies: Consent (Art. 6(1)(a) GDPR) via cookie banner.

You can disable cookies in your browser settings. Some website features may not function without cookies.

Duration of storage and rights to objection and deletion: Cookies are stored on the user’s computer and transmitted to our site from there. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transfer of cookies. Previously stored cookies can be deleted at any time.

III. E-MAIL CONTACT

1. Description and Scope of Processing Data

When you contact us via email, we process: Email address, Name (if provided), Content of your message, and Any other data you voluntarily provide.

2. Legal Basis

Pre-contractual measures or legitimate interest in responding to your inquiry (Art. 6(1)(b) or (f) GDPR).

3. Purpose of data processing

The processing of personal data is used solely for us to handle the contact request. The other personal data processed during the sending process is intended to prevent misuse of the contact form, and to ensure the security of our information technology systems.

3. Data erasure and storage duration

Your personal data will be erased or blocked, as soon as the purpose for which it was stored no longer applies, as explained in the relevant sections below.

4. Sharing of and international transfers of personal data

If you contact us by email and the nature of your message requires that we involve a third party, for example an affiliated group company in the USA or the UK, your message will be shared accordingly. These third-countries may not provide the same level of data protection as the EU.

Safeguards: We may transfer your data to third-countries based on: EU Commission Standard Contractual Clauses (SCCs), EU-US Data Privacy Framework (if certified) [Check: www.dataprivacyframework.gov/], and Other appropriate safeguards: Intragroup Data Transfer Agreements.

You have the right to request copies of the safeguards we use for international transfers.

5. Right to withdrawal and deletion

The user has the right to withdraw their consent to the processing of personal data at any time. In such cases, the conversation cannot be continued. In this event, all personal data that has been stored in the course of the contact will be deleted, unless we are legally obliged or permitted to keep the data.

IV. PRESENTATION OF THE WEBSITE AND CREATION OF LOG FILES

1. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Article 6 (1) point f) of the GDPR.

2. Purpose of data processing

The temporary storage of the IP address is necessary to enable delivery of the website to the user’s computer. The IP address is recorded in the log file of the load balancer for 30 days. This ensures smooth operations and protection against attacks (e.g. DDoS). Your IP address is only personal data for us where we have a right to demand from your internet service provider your identity, for example because of illegal behaviour conducted by you.

3. Duration of storage

The log files are stored centrally and deleted after 30 days.

4. Right to object and deletion

The collection of data to present the website and storage of the data in log files is absolutely necessary for the operation of the internet presence. There is therefore no right to objection for the user.

V. INFORMATION ON YOUR RIGHTS

If your personal data is processed, you are a data subject under the provisions of the GDPR and have the following rights that you can demand from your controller:

1. Right of access by the data subject – Art. 15 GDPR

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her is being processed. Where this is the case the data subject is entitled to obtain extensive information from the controller regarding purposes, categories of data, recipients, storage period, and the right to lodge a complaint. The right also covers information on whether pertinent personal data is transferred to a third country or international organisation and the appropriate safeguards used (Art. 46 GDPR).

2. Right to rectification – Art. 16 GDPR

The data subject shall have the right to obtain from the controller the rectification and/or completion of incorrect or incomplete personal data concerning him or her without undue delay.

3. Right to erasure – Art. 17 GDPR (Right to be forgotten)

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where grounds such as necessity, withdrawal of consent, or unlawful processing apply. Exceptions apply (e.g., for exercising freedom of expression, legal obligations, or archiving purposes).

4. Right to restriction of processing – Art. 18 GDPR

The data subject shall have the right to obtain from the controller restriction of processing where conditions such as contesting the accuracy of the data, unlawful processing, or objection to processing apply.

5. Right to data portability – Art. 20 GDPR

The data subject shall have the right to receive personal data concerning him or her in a structured, commonly used and machine-readable format and have the right to have the data transmitted directly to another controller, where technically feasible.

6. Right to object – Art. 21 GDPR

The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on legitimate interest (Art. 6(1) point f) GDPR).

7. Right to withdraw consent – Art. 7 (3) GDPR

The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

8. Right to lodge a complaint with a supervisory authority – Art. 77 GDPR

Every data subject shall have the right to lodge a complaint with a supervisory authority (e.g., of permanent residence, workplace, or company headquarters), if the processing of personal data infringes the provisions of GDPR.

To exercise these rights, please submit your request here, or contact us at: [email protected]

Responsible supervisory authority of our company headquarters:

Der Bayerische Landesbeauftragte für Datenschutz, Wagmüllerstraße 18, 80538 München, Germany,
Website: https://www.datenschutz-bayern.de

Version Updated: December 2025