Privacy Policy

A FEW WORDS ABOUT OUR PRIVACY POLICY

Your privacy is very important to us, and we believe that you should always keep the control over your personal information. This privacy policy informs you about how we access and use the information related to your use of the services offered on the EOC Digital Ecosystem, through one of the assets: www.european-games.org and subdomains associated (the “EOC Digital Ecosystem”). We recommend that you read this privacy policy in its entirety.

 

WHO WE ARE

EOC is the Controller of the data collected through the EOC Digital Ecosystem. Its registered office is in Via della Pallacanestro, 19, Palazzina CONI – “Villino Giulio Onesti” – 00135 Rome – Italy, Tel.(+39) 06 36 85 78 28, Fax (+39) 06 36 85 76 66.

HOW YOU CAN CONTACT US

If you would like to access, rectify or erase your personal information, you can do so by contacting our data protection officer here:

Data Protection Officer,

European Olympic Committees

Via della Pallacanestro 19 – 00135 Rome – Italy

Email: [email protected]

This Privacy Policy, as updated from time to time, explains what information about you is collected and how it is processed when you use digital services offered on the EOC Digital Ecosystem. When you use the EOC Digital Ecosystem, information about you will be collected and processed in accordance with this Privacy Policy by the EOC.

SERVICES COVERED BY THIS PRIVACY POLICY

This Privacy Policy applies to personal data collected through the use of the EOC Digital Ecosystem.

REGISTRATION

In order to access the content of the EOC Digital Ecosystem and the services provided through it, registration will be necessary.

Registration is possible either by filling in the online form or through a social media account.

THE INFORMATION WE COLLECT

Upon registration, we collect the following data:

• Email address (required): necessary for registration and access to the EOC Digital Ecosystem.
• Username (required): used to identify the user inside the EOC Digital Ecosystem.
• Country: used to display the EOC Digital Ecosystem sponsors correspondent to the selected country (the sponsors of the EOC Digital Ecosystem can vary depending on the country) and to identify the content to be displayed in the EOC Digital Ecosystem (some content can be geo-blocked due to exclusivity agreements with broadcasters in some countries).
• Identification data: name, last names, contact information, postal address.
• Personal data: age, date and place of birth, social and demographic information, as well as tastes and preferences.
• Social media profile data (if registered through social media)

When the access/registration are performed through a social media account, we collect the following data:

• Data shared through Facebook:
• Name and profile picture (Required to register)
• E-mail address (Required)
• Birthday (Optional)
• Biography posts (Optional. Your public and private posts in your biography, including pictures and videos, information about the places mentioned or tagged to them and the type of reactions they receive).
• Sex (Optional)
• Likes (Optional)
• Current city (Optional)
• Data shared through Google:
• Name and Last Name (Required to register)
• Email address (Required to register)
• Data shared through Apple:
• Apple ID or email address (Required to register)
• Name (Required to register)

EOC DIGITAL ECOSYSTEM

Is the architecture of online platform that enables the EOC and to manage the staging the games and provide its online services, in cooperation with the Organising Committees (“OCs”) of each event.

DATA CONTROLLER

The EOC is the main controller of the data collected by registration into the EOC Digital Ecosystem.

In case data are collected by the OCs in the local context and in execution of the services provided directly by them, the EOC and the OCs shall be considered the joint controllers of those data. Detailed information about the terms and shared responsibilities of such joint controllership will be provided from time to time.

HOW WE USE YOUR INFORMATION

We use the personal information we collect to deliver and promote our services and events in conformity with the Terms and Conditions of the EOC Digital Ecosystem, to communicate with you and to perform promotional initiatives such as online contest, sweepstakes, games, etc.

More specifically, we collect data for the following purposes:

1. Registration and access to the EOC Digital Ecosystem

The data that you share in the registration process will be processed in order to facilitate your registration and access to the EOC Digital Ecosystem.

2. In-app notifications related to the EOC Digital Ecosystem

If you access the EOC Digital Ecosystem’s mobile application, you may receive in-app notifications related to the EOC Digital Ecosystem (for example, about changes in the privacy policy, legal notice or terms and conditions, announcements about new functionalities, etc.). You can oppose to the reception of such communications at any time, through the corresponding section on the EOC Digital Ecosystem.

3. Push notifications about the content of the EOC Digital Ecosystem

In the event that you access the EOC Digital Ecosystem’s mobile application, with your consent you may receive push notifications regarding the content of the EOC Digital Ecosystem through the usual notification system of your Smartphone or Tablet (e.g. alerts about new programs, reminders of competitions and sports fixtures, etc.).

4. Volunteers’ recruitment

Additional data will be collected if you decide to work as a volunteer during one or more EOC events, with the purpose to correctly manage the recruitment process. Additional data collected: name, surname, gender, permanent residence, correspondence address, date of birth, nationality, ID or passport number, telephone contact, email address, status, highest educational attainment, field of study, level of language skills, driving license, level of computer skills, photography, volunteer position, personality traits and experience, social network profile, information about food allergy or other health condition.

5. Ticketing services and Sale and Pre-Sale Campaigns

The data that you share in the registration process will be processed in order to provide access to the online platform providing ticketing services through EOC Digital Ecosystem. Such platforms are managed by third-party companies, which provide the service pursuant to specific Terms and Conditions defined by them. The EOC and such third-party process data as joint controllers.

Invoicing and “Collector Tickets”

In case you request the issuing of and invoice for your tickets purchase or request the upgraded “Collector Ticket”, the data you provided will be used to this end and may be communicated to third parties in charge of the invoicing service, as well as to governmental institutions if required by local laws.

6. E-commerce services

The data that you share in the registration process will be processed in order to provide access to the e-commerce platforms accessible within EOC Digital Ecosystem. Such platforms are managed by third-party companies, which provide the service pursuant to specific Terms and Conditions defined by them. The EOC and such third-party process data as joint controllers.

Invoicing

In case you request the issuing of and invoice for your purchase on the e-commerce platform, the data you provided will be used to this end and may be communicated to third parties in charge of the invoicing service, as well as to governmental institutions if required by local laws.

7. Participation to marketing and promotional initiatives

The data you provide in the registration form or in specific forms associated to a specific initiative you decided to participate (contest, sweepstake, lottery, etc.) will be processed for the purposes of facilitating, managing, maintaining, and controlling your participation to such initiative.

8. EOC newsletter and commercial communications

With your consent, the data you provide in the registration will be processed In order to send you a newsletter and commercial communications via email, push notifications, in-app or SMS or other instant messaging channels about its activities, (the competitions it organizes, campaigns, public viewings, shows or live events), products, services, contests, offers, sweepstakes and/or promotions, or contests, offers, sweepstakes and/or promotions carried out by us on products and services promoted jointly with our official sponsors, national or international federations and national and international television channels or media, among other collaborators, with the scope of promoting the European Games (“EG”) and the European Youth Olympic Festival (“EYOF”) upcoming editions.

9. Internal reports

We will process in aggregate form the data you have provided through the registration or social login, data on your usage of the EOC Digital Ecosystem (user ID, device ID, device model, operating system and telemetry, for example, clicking on a particular content or the time you stay in the EOC Digital Ecosystem environment) and finally, interactions with communications of any kind that you receive (e.g., clicking on the content of a communication) or in the communication with the EOC Digital Ecosystem support, for the development of relevant metrics and statistics that allow us to analyse the use made of the EOC Digital Ecosystem  by the different user segments generated and the impact of the campaigns, assessing the interest that the campaigns have aroused among the aforementioned segments based on the data analysed. Data stored and processed under this purpose will be retained as anonymised data.

Use of the advertiser identifier (“IDFA”) on iOS devices (Apple)

The use of IDFA for the purpose of “Internal Reporting” requires the user’s tracking permission within Apple’s iOS operating system. In case the user has not given permission for the use of IDFA, the EOC will be able to carry out such purpose using the device’s IDFV.

The user can, at any time, accept or reject the tracking permission in the iOS settings of the user’s Apple device.

10. Simple profiling

With your consent, the data you provide to enable us to send you targeted communications via email, SMS or other instant messaging channels about our services and events, sponsors or partners.

The aforementioned information will be directed to simple segments (groupings of users that are made based on the information provided by them in their profile) that we can elaborate taking into account the following:

• Low-level of profile detail, by creating simple segments such as, for example, segments on women over 25 years of age.
• Barely thorough profile. To make the segments, we will only process the personal data that you have provided in this EOC Digital Ecosystem.
• Positive consequences for the user. We may send you commercial communications that best fit the profile you have declared, avoiding unwanted commercial communications or uninteresting content. 

11. Thorough profiling

With your consent, the data you provide will be used to develop a thorough profile of you in order to offer you personalized experiences, information and products by sending you personalized commercial communications via email, SMS or other instant messaging channels, send you personalized push or in-app notifications (provided that you have granted consent for this purpose) or show you banners with personalized advertising on websites, apps or social networks about our services and events or its sponsors or partners

Thus, the aforementioned information will be directed to the segments (groupings of users that are made based on the information obtained from them or the use made of the EOC Digital Ecosystem that we can develop based on the following data sources:

• The information you provide us during registration;
• The information obtained through social login;

12. Over-the-top services (OTT)

The data you provide in the registration will be processed in order to provide access to the online broadcasting and streaming platforms accessible within EOC Digital Ecosystem. Such platforms are managed by third-party companies, which provide the service pursuant to specific Terms and Conditions defined by them. The EOC and such third-party process data as joint controllers.

13. Metaverse

The data you provide in the registration will be processed in order to provide access to the digital online environment (“Metaverse”), where all the contents of the EOC Digital Ecosystem will be accessible through a three-dimensional VR interface. The Metaverse will be accessible through the same Single Sign-on (SSO) system necessary to register in the EOC Digital Ecosystem.

LEGAL BASIS

1. Execution of a contract

Pursuant to this legal basis, the data processing is necessary for the execution of a contract in which the interested is one of the parties under the provisions of Art. 6.1 b) of Regulation (EU) 2016/679 (GDPR).

Purposes concerned:

• Registration and access to the EOC Digital Ecosystem
• In-app notifications related to the EOC Digital Ecosystem
• Volunteers’ recruitment
• Ticketing services and Sale and Pre-Sale Campaigns
• E-commerce services
• Participation to marketing and promotional initiatives
• OTT
• Metaverse

2. Consent

Pursuant to this legal basis some data you provide are processed on the base of the consent you have expressly given us to process your data for the specific purposes selected pursuant to the provisions of art. 6.1 a) of Regulation (EU) 2016/679 (GDPR).

The consent may be freely withdrawn at any time by writing an email to the address: [email protected] 

Purposes concerned:

• Push notifications about the content of the EOC Digital Ecosystem
• EOC newsletter and commercial communications
• Simple profiling
• Thorough profiling

3. Legitimate interest

Pursuant to this legal basis, the data processing is necessary for the satisfaction of an EOC legitimate interest under the provisions of art. 6.1 f) of Regulation (EU) 2016/679 (GDPR), consisting of the analysis of the users’ usage of the EOC Digital Ecosystem and the impact of its campaigns to improve the services offered to users.

Purpose concerned:

• Internal reports

Use of the advertiser identifier (“IDFA”) on iOS devices (Apple)

The legal basis for the aforementioned purpose is that the processing is necessary for the satisfaction of EOC’s legitimate interest under the provisions of art. 6.1 f) of the General Data Protection Regulation consisting of extracting learnings from the information provided and obtained from users that allows it to improve the EOC Digital Ecosystem and optimize the communication campaigns it carries out based on the interest that these generate among the different groupings of users.

Fulfilment of legal obligation

Pursuant to this legal basis, the data processing is necessary under the provisions of art. 6.1 c) of Regulation (EU) 2016/679 (GDPR), for compliance to legal obligations to which the controller is subject. under the provisions of art. 6.1 f) of Regulation (EU) 2016/679 (GDPR)

Purpose concerned:

• Ticketing services and Sale and Pre-Sale Campaigns

FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?

The personal data we process will be kept as long as the purposes for which they were collected persist and/or you do not revoke the consent you have given, or you do not exercise your rights of deletion, opposition or limitation of processing.

In this sense, we will keep your personal data duly blocked for the following retention periods for the sole purpose of meeting the responsibilities of any kind that may arise:

• Registration and access to the EOC Digital Ecosystem: the data provided for registration and access to the EOC Digital Ecosystem will be retained as long as you are registered on it, this purpose persists and, once it is finished, during the period of limitation of legal actions that may arise from it.
• In-app notifications: the data provided for in-app notifications related to the EOC Digital Ecosystem will be kept as long as you are registered to the EOC Digital Ecosystem and, once this purpose has ended, for the period of limitation of legal actions that may arise from it.
• Push notifications: the data provided for push notifications on the content of the EOC Digital Ecosystem will be kept as long as you are registered to the EOC Digital Ecosystem, you do not request the deletion of your data, this purpose persists, you do not revoke the consent granted or limit the processing. Once this purpose has been fulfilled, during the period of limitation of legal actions that may arise from the same.
• Volunteers’ recruitment: the data provided will be retained for the entire duration of the volunteering program and for the mandatory retention period for documentation related to the volunteering agreement and personal files, established in accordance with separate regulations.
• Ticketing services and Pre-Sale and Sale Campaigns: the data provided for purchasing tickets will be retained for the time required to perform the sale, as long as this purpose persists and, once it is finished, during the period of limitation of legal actions that may arise from it.
• E-commerce: the data provided for purchasing online will be retained for the time required to perform the sale, as long as this purpose persists and, once it is finished, during the period of limitation of legal actions that may arise from it.
• Participation promotional initiatives: the data provided for the participation to the initiatives promoted through the EOC Digital Ecosystem will be kept for the entire duration of the initiatives themselves, as long as you do not request the deletion of your data, this purpose persists, you do not revoke the consent granted or limit the processing and, once this purpose has been fulfilled, data will be kept during the period of limitation of the legal actions that may arise from it.
• Commercial communications: the data provided for commercial communications made by EOC will be kept for the period of the organisation and promotion of the upcoming and future editions of EG and EYOF, being retained for a generally longer amount of time, as long as you do not request the deletion of your data, this purpose persists, you do not revoke the consent given or limit the processing and, once this purpose is fulfilled, during the period of limitation of legal actions that may arise from it.
• Internal reports: the data provided for internal reports will be kept as long as you do not request the deletion of your data, this purpose persists, you do not oppose the processing and, once this purpose is fulfilled, during the period of limitation of legal actions that may arise from it.
• Simple profiling: the data provided for the preparation of simple profiles will be kept as long as you are registered to the EOC Digital Ecosystem and do not request the deletion of your data, this purpose persists, you do not revoke the consent granted or limit the processing, once this purpose has been fulfilled, during the period of limitation of legal actions that may arise from the it.
• Thorough profiling: the data provided for the elaboration of exhaustive profiles will be kept as long as you are registered in the EOC Digital Ecosystem, you do not request the deletion of your data, this purpose persists, you do not revoke the consent granted or limit the processing and, once this purpose has been fulfilled, during the period of limitation of the legal actions that may arise from it.
• OTT: the data processed in order to provide online broadcasting and streaming service will be retained for the time required to perform such service, as long as this purpose persists and, once it is finished, during the period of limitation of legal actions that may arise from it.
• Metaverse: the data processed in order to provide online Metaverse will be retained for the time required to perform such service, as long as this purpose persists and, once it is finished, during the period of limitation of legal actions that may arise from it.

JOINT CONTROLLERS AND THIRD RECIPIENTS

 Certain data may be collected by third parties, such as OCs or other service providers, for certain specific purposes. In that case, the EOC and the third party are to be considered joint controllers of those data.

The processing jointly controlled between EOC and OCs are:

• Volunteering programs
• Ticketing services and Pre-sale and Sale Campaign
• E-Commerce
• OTT

As already mentioned, certain data may be shared to local third-party organisations that provide specific services (e.g. invoicing) or to governmental offices or institutions if required by local law.

More generally, we will provide your information to third parties in the following circumstances:

1. we share certain user information with our affiliates and service providers who work with us to offer you the Services;
2. we may share your information with authorities or third parties when we believe that we have a legal obligation to do so; and
3. we may share your information with third parties when you have given us your prior authorisation to do so.

From time to time, we may offer you the possibility to receive communications (including communications related to products and services) from selected third parties, such as our commercial partners and members of the Olympic Movement. In case you opt-in or can lawfully receive such communications, we may share your information with the relevant third parties, while giving you the possibility to opt-out at any time.

We reserve the right to disclose personal information we hold about you if we are required to do so under applicable laws or pursuant to any judicial or administrative process, and to the extent necessary to investigate, prevent, or take action regarding unlawful activities, or violation of our Terms of Service under the legal basis described in this Privacy Policy.

In the future, we may share your data with national authorities and administration offices, national Olympic committees or organising committees involved in the organisation of our events. To the extent in which your data will be further processed by these entities, you will be specifically informed pursuant to articles 13.3 and 14.4 of Regulation 2016/679 (GDPR).

YOUR RIGHTS

You have the right to access, rectification, deletion, limitation, opposition, refusal as well as to withdraw your consent at any time, through the procedure and means referred to in this document in which the email of the data protection officer is provided, without affecting the lawfulness of the processing based on consent prior to its withdrawal. Moreover, when the processing in based on articles 6.1.a) or b), you have the right to data portability.

More specifically, your rights consist of:

• Right of access: you have the right to obtain confirmation as to whether EOC processes your personal data, as well as to access it;
• Right of rectification: you may request EOC to modify or rectify personal data that is inaccurate.
• Right of deletion: you may request EOC to delete your personal data.
• Right of limitation of processing: In certain circumstances, you may request the limitation of the processing of your data, in which case it will only be kept for the exercise or defence of claims.
• Right to object: You may object to the processing of your data for the purpose you specify. EOC will cease processing the data, except for compelling legitimate reasons, or the exercise or defence of possible claims.
• Right of portability: if permitted by the EOC Digital Ecosystem, you may exercise your right to data portability, in a structured, commonly used and machine-readable format, and to transfer it to another data controller.

HOW DO YOU EXERCISE YOUR RIGHTS?

Sending an email to: [email protected]. The exercise of your rights is completely free of charge.

Likewise, you may revoke the consent granted or object to the processing of data based on legitimate interest at any time, through the corresponding section of the EOC Digital Ecosystem or by sending an email to the address: [email protected].

The opposition to a certain purpose or the revocation of the consents granted will not affect the use you can make of the application or the lawfulness of the processing prior to the opposition or revocation of consent.

On the other hand, if you have registered on the EOC Digital Ecosystem through a social network or similar service, you can exercise your right to delete of your data by deactivating the service within the services connected to your profile on the social network. For more information, please consult the conditions of each service:

Google: https://myaccount.google.com/permissions

Facebook: https://facebook.com/help/218345114850283

Apple: https://support.apple.com/es-es/HT210426

Supervisory Authority: finally, should you intend to lodge a complaint regarding the processing of your personal data, you have the right to do so by reaching the Italian Data Protection Authority, Garante della Protezione dei Dati Personali (https://www.garanteprivacy.it/).

HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

1.- Data security

We use technical and organisational measures to protect your personal information against the risks of damage, destruction, loss or unauthorised access, in accordance with applicable laws.

2.- International transfer

The information we collect will usually be processed in the European Union or in the Extra-European Union Countries of EOC’s Members, some of which do not provide in their laws for a level of protection of your privacy equivalent to the one applied within the European Union. Before transferring data from the European Union to Extra-European Union countries, we implement safeguard mechanisms recognized by European regulators such as standard contractual clauses or seek your express consent.

3.- Age limitation

The Services are intended for users who are 16 years old (or older) and we will not knowingly collect personal information about users below that age.

If we become aware that a child has provided us with personal information without parental or guardian consent, we will take steps to delete this information. If you become aware that your child has provided us with personal information without your consent, please contact us at

Data Protection Officer,

European Olympic Committees

Via della Pallacanestro 19 – 00135 Rome – Italy

Email: [email protected]

3.- Data retention

We will retain your information only for the duration necessary for the purposes identified in this Privacy Policy or as required to meet our legal requirements.

 CHANGES TO THIS PRIVACY POLICY

When we make changes to this Privacy Policy, we will do our best to inform you in advance of such change, for example by posting a notice on the EOC Digital Ecosystem or by sending you an email communication, so you can review our revised policy and decide whether to continue to use the EOC Digital Ecosystem or not.  Your continued use of the EOC Digital Ecosystem after the entry into force of the revised Privacy Policy will constitute your confirmation of your reading and understanding of such changes. We encourage you to review our Privacy Policy regularly.

COOKIES POLICY

Users are informed that this website uses its own and third-party cookies.

WHAT ARE COOKIES

Cookies are small data files that are generated in the user’s computer and that allow the user himself to store the information generated by his activity in the network. Cookies allow EOC, among other things, to store and recover information about the browsing habits of a user or their equipment and, depending on the information they contain and the way in which they use their equipment, they can be used to recognize the user.

First-party cookies are sent to the user’s terminal equipment from a computer or domain managed by EOC and from which the service requested by the user is provided. On another note, third-party cookies are sent to the user’s terminal equipment from a computer or domain that is not managed by EOC, but by another entity that processes the data obtained through the cookies.

The Web uses session cookies (they collect and store data when the user accesses and browses the Web) and persistent cookies. Persistent cookies are stored in the user’s terminal so that the data collected can be accessed and processed for a period defined by the person responsible for the cookie, which can range from a few minutes to several years.

THE COOKIES WE USE ACCORDING TO ITS PURPOSES

• Strictly necessary cookies: These cookies are necessary for the website to function and cannot be disabled on our systems. They are usually only set in response to your actions when requesting services, such as setting your privacy preferences, logging in or completing forms. You can set your browser to block or alert you to these cookies, but some areas of the site will not function. These cookies do not store any information of personal identification.
• Performance Cookies: These cookies allow us to count visits and traffic sources in order to evaluate the performance of our site and improve it. They help us to know which pages are the most or least visited, and how visitors navigate the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies to be used, we will not know when you visited our site and will not be able to assess whether it worked properly.
• Functional Cookies: These cookies allow the website to provide better functionality and personalization. They may be set by us or by external suppliers whose services we have added to our pages. If you do not allow these cookies to be used, some of these services may not function properly.

This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

You can see the cookie details in the following domain: https://www.european-games.org/cookie-policy/

COOKIE MANAGEMENT

You can enable or disable the cookies we use through the Privacy Preference Center accessible through the corresponding section of the website.

Notwithstanding the foregoing, the user may, at any time, set the cookies allowed in your browser. However, disabling cookies may affect the proper functioning of certain sections of the Web.

Depending on the browser used, the installation options may be found in different sections. To this effect, the user should consult the instructions of his/her browser if he/she wishes to know how to block or allow the installation of cookies. For the following browsers, the user can find more information in the following links:

• Chrome: http://support.google.com/chrome/bin/answer.py?hl=es&answer=95647
• Explorer: http://windows.microsoft.com/es-es/windows7/how-to-managecookies-in-internet-explorer-9
• Firefox: http://support.mozilla.org/es/kb/habilitar-y-deshabilitar-cookiesque-los-sitios-we
• Safari: http://support.apple.com/kb/ph5042

MORE INFORMATION

Finally, we inform you that you have the possibility of revoking at any time the consent given for the use of cookies by us, by changing the configuration of the Privacy Preference Center or by configuring your browser for this purpose.

We may modify this Cookies Policy according to legislative or regulatory requirements, or in order to adapt said policy to the instructions dictated by the Italian Data Protection Agency. Therefore, users are advised to periodically visit this page to know the changes made to them.

If you have any doubts about the present Cookies Policy, you can contact the EOC through the mailbox [email protected]. Likewise, if you consider that you have not obtained satisfaction in the exercise of your rights or that the processing of your data has not been carried out in accordance with the applicable regulations, you can contact the data protection officer through the mailbox [email protected] or file a complaint with the Italian Data Protection Agency through its web page (https://www.garanteprivacy.it/).