At otilloswimrun.com, we are committed to safeguarding your privacy online. We want to assure our users that otilloswimrun.com will not willfully disclose any specific individual information about you to any third party unless you give us your express permission to do so.
Last updated: January 22nd, 2019
Who is data controller of your personal data?
We, that is Swimrun AG (“ÖTILLÖ” or “we”) are the data controller. We are responsible for, and control, the processing of your personal data.
The registration for our Events is provided by third-party event registration services, such as racezoo.com (“Registration partners”). Our Registration Partners process the payment for our Events independently, ÖTILLÖ does not have any access to information concerning the payment.
What personal data do we collect?
In the context of rendering our Services, we may collect personal data about you. This personal data regularly includes the following:
- If you register for an Event (Registration with a Registration Partner): Username, password, name, email address, phone number, address, birth date, gender, information on medical condition, emergency contact information, registration number and other information you provide during registration.
- If you buy our insurance: Username, password, name, email address, phone number, address, birth date, gender, information on medical condition, emergency contact information, registration number and other information you provide during registration.
- If you contact us via our website, email, phone or mail: Name, email address, phone number, address and other information you provide.
- If you subscribe to our newsletter: Name, email address, marketing campaign information such as you reaction to our marketing and your interest in our Services.
- If you merely use our website: IP address, network file system, access times, domain name, browser data, browser type and language, device type, device ID, Uniform Resource Locators (URL), operating system, information on your usage of our websites and online activities.
- Information we collect during your participation of our Event: Information on your performance, such as your starting number, your team mate, your team name, your place in the rankings, other information in the context of your ranking and any other information you provide us during the Event.
- Information we collect from social networks: When you interact with our Services through various social media, such as when you follow ÖTILLÖ or share ÖTILLÖ content on Facebook, Twitter, Instagram or other sites, we may receive information from those social networks including your profile information, picture, user ID associated with your social media account, friends list, and any other information you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings.
How do we collect your personal data?
Personal data is collected in many ways and may include:
- Personal data you provide to us: Most of the personal data we receive comes to us voluntarily from our users in the course of using our Services, such as when visiting our websites, registering and participating in our Events or communicating with us.
You are free to choose which information you want to provide to us or whether you want to provide us with personal data at all. However, some information, such as information requested in the registration procedure and information collected during the Event may be necessary for the performance of our contractual obligations in the context of your Event participation. Without providing this data, you will not be able to enter into a contract with us, such as registering for our Events.
- Personal data we receive from others: We may receive personal data about users from third parties such as our Registration Partners, Timing Partners, social media sites and Marketing Partners (as defined below).
Why and on which legal basis do we collect and use your personal data?
The reason for using your personal data may differ depending on the purpose of the collection. Regularly we use your data for the following purposes and on the following legal grounds:
- We use your personal data in order to perform our contractual services or for the preparation of entering into a contract with you. If you register for our Events or if you contact us to register for our Events, we use your data to conduct our Events and make your participation in our Events possible. Information we use includes: information we need to contact you or otherwise communicate with you, e.g. to send you administrative information, registration and Event information to process your Event registration and participation; information for payments processing; information to respond to your comments and questions and provide customer service; if you are a registered user, information to manage and create your account.
- We use your personal data if justified by our legitimate interests. The usage of your personal data may also be necessary for our own business interests. For example, we may use some of your personal data to evaluate and review our Events and overall business performance, create financial statements, understand you and your preferences to enhance and individualize your experience and enjoyment of our Services, improve our Services, and identify potential cyber security threats. If necessary, we may also use your personal data to pursue or defend ourselves against legal claims. We may use your personal data to provide you with individualized marketing. If you have participated in our Events before, we may use your email address to provide you with information on similar events.
- We use your personal data after obtaining your consent. In some cases, we may ask you to grant us separate consent to use your personal data. You are free to deny your consent and the denial will have no negative consequences for you. You are free to withdraw your consent at any time with effect for the future. If you have granted us consent to use your personal data, we will use it only for the purposes specified in the consent form.
This also includes our marketing campaigns. If you sign up to our email newsletter or when providing us with your email address allow us to use this email address for email marketing, we will use your personal data in our email marketing campaigns. You may unsubscribe from our email newsletter at any time. You may also contact us via email, phone or mail at the addresses provided at the end of this document to request that we remove you from our email list.
- We use your personal data to comply with legal obligations. We are obligated to retain certain data because of legal requirements, for example, tax or commercial laws or we may be required by law enforcement to provide personal data on request.
We will only use your personal data for the purposes for which we have collected them. We will not use your personal data for other purposes. We do not use your personal data for automated individual decision-making.
With whom do we share your personal data?
As required in accordance with how we use it, we will share your personal data with the following third parties:
- Service providers and advisors: Third party vendors and other service providers that perform services for us and on our behalf, which may include marketing campaign services, providing mailing or email services, insurance, tax and accounting services, services related to the registration and organization of our Events, payment processing, data enhancement services, fraud prevention, web hosting, or providing analytic services. These third parties include: Racezoo, EQ Timing, Lloyds’s Insurance Company S.A. represented by Tokio Marine Kiln Europe S.A. and Google Analytics. Any such service providers will by appropriate data processing agreements be bound to only process the data on our behalf and under our instructions.
- Marketing Partners: Provided you have granted your consent, we may disclose your personal data to our third-party sponsors and marketing partners (collectively, “Marketing Partners”) to allow them to market their products or services to you, and measure the effectiveness of their marketing campaigns, promotions, endorsements and sponsorships or for other marketing purposes.
- Event photographers: If you participate in our Events and have given us consent to do so, we will disclose your bib number, name, email address and phone number to the Event photographer, who may contact you with photos from the attended Event.
- Purchasers and third parties in connection with a business transaction: Personal data may be disclosed to third parties in connection with a transaction, such as a merger, sale of our assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business, or in the event of a bankruptcy or similar proceedings.
- Law enforcement, regulators and other parties for legal reasons: Third parties as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our legal claims or to protect the security or integrity of our Services; and/or (c) to exercise or protect the rights, property, or personal safety of ÖTILLÖ, our athletes, visitors, or others.
- The public: The official rankings and information justifying the ranking will be disclosed to visitors of our event and on our website.
How long do we keep your data?
We will store personal data for as long as necessary to fulfil the purposes for which we collect the data, in accordance with our legal obligations and legitimate business interests. Afterwards, or at the end of the statutory retention times, the personal information will be deleted. For example, national commercial or financial codes may require to retain certain information for up to 10 years.
How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal data when you use our Service. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose personal data may have been compromised and take other steps, in accordance with any applicable laws and regulations.
How do we safeguard your personal data when there is an international transfer?
In certain cases, we transfer personal data to countries outside the European Union or the European Economic Area. This may mean that your personal data will be stored in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal data than the jurisdiction you are typically a resident in.
For this reason, we have entered into guarantees to ensure appropriate safeguards. If we transfer information from the European Union to third parties outside the European Union and to countries not subject to schemes which are considered as providing an adequate data protection standard, we will enter into contracts which are based on the EU Standard Contractual Clauses with these parties.
Cookies and similar technologies
Cookies are pieces of code that allow for personalization of the Services experience by saving your data such as user ID and other preferences. A cookie is a small data file that we transfer to your device’s hard disk (such as your computer or smartphone) for record-keeping purposes.
We use the following types of cookies:
- Strictly necessary cookies. These are cookies that are required for the essential operation of the Services such as to authenticate users and prevent fraudulent use.
- Analytical/performance cookies. These allow us to recognize and count the number of visitors and to see how visitors move around the Services when they are using it. This helps us to improve the way the Services works, for example, by ensuring that users are finding what they are looking for easily.
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the marketing messages we send to you more relevant to your interests. We may also share this data with third parties who provide a service to us for this purpose.
- Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you click on an advertisement or link on our website. These third parties are responsible for setting out their own cookie and privacy policies.
How to manage cookies?
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari web and iOS
If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org or the Network Advertising Initiative’s online sources at www.networkadvertising.org.
What rights and choices do you have?
We want you to understand your rights and choices regarding how we may use your personal data. Depending on how you use your data, these rights and choices may include the following:
- Individual Rights. You have specific rights under applicable privacy law in respect to your personal data that we hold, including a right of access and erasure and a right to prevent certain processing activities.
If you are a resident in the European Union, you have the following rights in respect to your personal data that we hold:
- Right of access. The right to obtain access to your personal data.
- Right to rectification. The right to obtain rectification of your personal data without undue delay where that personal data is inaccurate or incomplete.
- Right to erasure. The right to obtain the erasure of your personal data without undue delay in certain circumstances, such as where the personal data is no longer necessary in relation to the purposes for which it was collected or processed.
- Right to restriction. The right to obtain restriction of the processing undertaken by us on your personal data in certain circumstances, such as, where the accuracy of the personal data is contested by you, for a period of time enabling us to verify the accuracy of that personal data.
- Right to portability. The right to portability allows you to move, copy or transfer personal data easily from one organization to another.
- Right to object. You have a right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. You can object to marketing activities for any reason whatsoever.
If you wish to exercise one of these rights, please contact us using the contact details below. For cookies or e-mail marketing, we provide the following easily usable option:
- Cookies Settings and Preferences. You may disable cookies and other tracking technologies through the settings in your browser.
- E-Mail Settings and Preferences. If you no longer want to receive marketing e-mails from us, you may choose to unsubscribe at any time.
In addition to the foregoing listed rights, as an EU resident, you also have the right to lodge a complaint with your local data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
How to contact us?
ÖTILLÖ welcomes your comments or questions regarding this Policy.