1. General

The European Athletics website is run by European Athletics Association (EA), an association established under Swiss law with its domicile at Avenue Louis-Ruchonnet 16 in 1003 Lausanne, Switzerland. Hence, EA is the controller of your personal data that is collected through this website.

Your privacy and the protection of your personal data are matters of great importance. All data processing acts are carried out in line with the Swiss Federal Act on Data Protection (FADP) and, where applicable, the EU General Data Protection Regulation (GDPR).

This Privacy Policy explains what personal data of yours is collected through the European Athletics website (Website), how this data is processed, for which purposes and based on which legal bases. Please read this Privacy Policy very carefully.

This Website may link to other EA websites or even third-party websites, please refer to the respective privacy policies of those websites for further information on how your personal data is processed on those websites.

2. What data is collected and processed when you visit our website and why do we process your personal data?

2.1. Use of our website

Whenever you use this website, a variety of personal data will be collected.

We automatically collect and store certain information on our server logs from your browser when you visit our website, in particular:

• your IP address,
• date and time of access,
• name and URL of accessed files,
• the website from which you access our website (URL Referrer),
• the operating system of your computer and your browser,
• the country from which you access our website and your language settings and
• the name of your internet access provider.

We use this information to enable you to access our website, to ensure safety and stability of our website, to customize and optimize our website for you and for statistical purposes. In particular, we use your IP address to optimize settings of the website, e.g., to adapt the language, and to be able to react to attacks to the network infrastructure of EA. All these data processing activities are based on our legitimate interests (art. 6 para. 1 lit. f GDPR).

If any part of the Website links to other websites, those websites are not run by us, and their processing of your personal data is described in their own privacy statements. This is also true, if you choose to visit an advertiser or click on another third-party link, you will be directed to that third party’s website. Therefore, we recommend that you examine the privacy statements posted on these other websites to understand how they collect, use and disclose personal data.

2.2. External Hosting

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host.

The host is used for the purpose of a secure, fast, and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR). Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.

We are using the hosting services of Directus, a brand of Monospace Inc., 680 E Main Street Unit #1117, Stamford, CT 06901, USA. For further information please consult Directus’ privacy policy.

2.3. Integrated Services

2.3.1. Request by email, telephone, fax or our contact form

If you contact us by email, telephone, fax or our contact form, your request, including all resulting personal data (name, email address, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.

The processing of this data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Art. 6 para. 1, lit. a GDPR) and/or on our legitimate interests (Art. 6 para. 1, lit. f GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.

2.3.2. Registration on this website (EA-ID)

You have the option to register on our Website to be able to use additional website functions (EA-ID). For further details on the EA-ID, please also consult the related data protection information at https://www.european-athletics.com/privacy/eaid.

2.3.3. Newsletter-Service

If you would like to receive the newsletter offered on our Website, we require your email address that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data is only collected on a voluntary basis.

We use Brevo as our newsletter service provider. For further details on our Newsletter-Service Brevo please consult the related data protection information at: https://www.european-athletics.com/privacy/newsletter.

Should you decide to subscribe to the newsletter in the course of creating a user profile ("EA-ID"), please also consult the respective data protection information for further details at: https://www.european-athletics.com/privacy/eaid.

You can revoke consent to the storage and processing of your data and email address for sending the newsletter at any time, e.g., through the 'unsubscribe' link in the newsletter.

2.3.4. Google Fonts

To ensure that fonts used on this Website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our Website, your browser will load the required web fonts into your browser cache to correctly display text and fonts.

To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in a uniform presentation of the font on our Website.

Google may also process your personal data based on your consent or another legal basis. For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google's privacy policy for further information

2.3.5. YouTube

Our Website embeds videos of the website YouTube. The website operator is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this Website before they watch a video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.

As soon as you start to play a YouTube video on this Website, a connection to YouTube’s servers will be automatically established. As a result, the YouTube server will be notified, which of our pages you have visited. If you are logged into your YouTube account while you visit our Website, you enable YouTube to directly allocate your browsing patterns to your personal profile YouTube stores about you. You have the option to prevent this by logging out of your YouTube account.

Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g., device fingerprinting), to the extent that you have accepted such cookies. In this way YouTube will be able to obtain information about this Website’s visitors. Among other things, this information will be used to generate video statistics with the aim of improving the user friendliness of the site and to prevent attempts to commit fraud.

Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which are beyond our control.

The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 para 1 lit. f GDPR, this is a legitimate interest of ours so that we can integrate and display YouTube videos correctly. YouTube may also process your personal data based on your consent or another legal basis. For further information please consult Youtube's privacy policy.

2.3.6. Vimeo

This Website uses plugins of the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

Whenever you visit one of our pages featuring Vimeo videos, a connection with the servers of Vimeo is automatically established. In conjunction with this, the Vimeo server receives information about which of our sites you have visited. Vimeo also receives your IP address. However, we have set up Vimeo in such a way that Vimeo cannot track your user activities and does not place any cookies.

We use Vimeo to make our online presentation attractive for you. This is a legitimate interest on our part pursuant to Art. 6 para.1 lit. f GDPR to ensure that videos can be integrated and displayed correctly on our Website. Vimeo may also process your personal data based on your consent or another legal basis. For further information please consult Vimeos's privacy policy.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission.

2.3.7. Qualifio

This Website uses plugins of the Qualifio customer engagement tool. The provider is Qualifio SA Place. de l'Université 25, 1348 Ottignies-Louvain-la-Neuve, Belgium.

Whenever you visit one of our pages featuring plugins from Qualifio, a connection with the servers of Qualifio is automatically established. In conjunction with this, the Qualifio server receives information about which of our sites you have visited. Qualifio also receives your IP address. In addition, Qualifio receives information on whether you are logged in with your EA-ID, as only then will you be able to access Qualifio's functions.

We use Qualifio to make our online presentation attractive for you. This is a legitimate interest on our part pursuant to Art. 6 para.1 lit. f GDPR. Qulifio may process your personal data based on your consent or another legal basis. For further information please consult Qualifio's privacy policy.

2.4. Social media

We have integrated elements of different social network platforms, such as Facebook, Instagram and Twitter. These services are provided by third parties such as Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland or Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

If the social media element is activated by you (e.g., by clicking on it), a direct connection between your device and the service provider's server will be automatically established. As a result, the service provider will receive information confirming your visit to this Website with your IP address. If you, for example, click on the Like button of the service provider while you are logged into your social network account, you can link content of this Website to your profile. Consequently, the service provider will be able to allocate your visit to this Website to your user account. We have to emphasize that we as the provider of the Website do not receive any information on the content of the transferred data and its use by the service provider. For more information, please consult the respective privacy policy of the respective social network platform.

In general, the use of the service is based on our legitimate interest in making our information as comprehensively visible as possible on social media. If your approval (consent) has been obtained the use of the abovementioned service will be based on Art. 6 para. 1 lit. a GDPR. If the service provider also processes your personal data, they may base such processing on your consent or another legal basis. Please refer to their respective privacy policy for more information.

2.5. Analytics and Tracking

We may use analytics and tracking tools such as Google Analytics and Meta Pixel (formerly Facebook Pixel) on our website including cookies. Please refer to our separate cookie policy for more information in this regard: https://www.european-athletics.com/privacy/cookiemain.

2.6. Job applications

We offer you the opportunity to submit job applications to us (e.g., via email, via postal services or by submitting the online job application form).

2.6.1. Scope and purpose of the collection of data

If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, diplomas, references, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment of an employment relationship. The legal grounds for the aforementioned is the establishment of an employment agreement with you according to Art. 6 para. 1 lit. b GDPR.

Within our organisation, your personal data will only be shared with individuals who are involved in the processing of your job application.

If your job application should result in your employment, the data you have submitted will be stored on the grounds of Art. 6 para. 1 lit. b GDPR for the purpose of implementing the employment relationship in our data processing system. If your job application is rejected your personal data will be deleted (see below section 5), unless you provide our consent to the further storage of your personal data in case of new job opportunities in our organisation.

3. With whom do we share your data?

As a principle, only the staff and personnel of EA have access to your personal data who process your data in compliance with applicable data protection laws. We do our best to keep your data confidential at all times, e.g., by confidentiality agreements entered into with the persons who have access to your data and by training them regarding data protection.

We may also share your data with service providers or other organisations such as host providers, IT/software providers, advisors, lawyers, insurances, newsletter provider and social media platforms who work on behalf of or together with European Athletics under confidentiality agreements and/or so-called data processing agreements.

We may furthermore share your data if we are legally obliged to respond to subpoenas, court orders, claims, legal processes or other legal obligations.

We may share your data also if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, emergency situations involving potential threats to the physical safety of any person, violations of European Athletics ‘s terms of use, or as otherwise required by law.

We may also transfer your data to third parties if this is required in the context of analyzing your use of our website and/or to offer customized services to you, as described further above (section 2.2 and 2.5).

4. Will your data be transferred abroad?

EA may transfer your data to third parties domiciled abroad in connection to the purposes described in this Privacy Policy.

The countries that your personal data may be shared are the following:

• France
• Ireland
• The Netherlands
• Spain
• United Kingdom
• USA

If these third parties are domiciled in a country with a lower level of data protection than Switzerland or the European Union, we use contractual agreements, in particular the EU Standard Contractual Clauses (SCC), or other legal arrangements to make sure that your data is adequately protected. This is the case for the US.

5. How long will your data be stored?

Unless a more specific storage period has been specified in this Privacy Policy, your personal data will remain with us until the contract or other purpose for which the data was collected has been fulfilled, unless applicable statutory retention obligations apply. In general, your personal data is stored for ten years after our last interaction with you.

If we are unable to make you a job offer or you reject a job offer or withdraw your job application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6 para. 1 lit. f GDPR) for up to three months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the three-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies. In certain cases, we may ask for your consent (Art. 6 para. 1 lit. a GDPR) to store your application data for future job positions at our organisation.

Longer storage may also take place if you have given your consent (Art. 6 para. 1 lit. a GDPR) or if statutory data retention requirements preclude the deletion.

If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial law retention periods or pending legal proceedings); in the latter case, the deletion will take place after these reasons cease to apply.

6. Is your data safe?

We want you to feel confident about using our Website. For that reason, we have implemented reasonable technical and organizational measures designed to secure your information from accidental loss and from unauthorized access, use, alteration or disclosure. However, the internet is an open system, and we cannot guarantee that unauthorized third parties will never be able to defeat those measures or use and access your personal data for improper purposes.

This website uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator.

In addition, our employees receive training in data protection and are kept up to date by a range of policies and instructions. EA's offices are monitored and subject to video surveillance where necessary and permitted by law.

Our partners, staff and third-party providers who have access to your data (including personal data) are subject to strict confidentiality obligations.

7. Which are your rights under data protection law?

You have the right to receive free of charge information about the personal data that we store about you upon request. In addition, you have the right to correct inaccurate data and the right to delete your personal data, as far as there is no statutory requirement or another legal permission to store and/or record your personal data. In addition, you have the right to demand a restriction of data processing and to object to the processing of your personal data under certain conditions. You also have the right to reclaim from us the personal data you have given us (right to data portability). On request, in such cases, we will also pass your personal data on to a third party of your choice. In addition, you have the right to receive that personal data in a common file format.

If you have provided your consent to the processing of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your personal data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so.

Please note, that we may refuse or limit to grant these rights for legal reasons or based on data protection law, in which case we will inform you of the reasons for our decision as required by the law.

If you wish to exercise any of the above rights, you can reach us via the email address privacy@european-athletics.org. We may, at our sole discretion, require proof of identity to process your requests. When you contact us, we will do our best to provide you with a response as soon as possible and to take the appropriate steps.

8. Right to file complaints with regulatory authorities

If you live in Switzerland, the United Kingdom or a Member State of the EU, you have the right to file a complaint with the competent data protection supervisory authority at any time. In Switzerland this is the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch). A list of data protection officers in the EU member states and their contact details can be found at the following link:

https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en#dataprotectionauthorities. 

9. Data protection officer

We have appointed a data protection officer for EA.

Markus Knipp
European Athletics
Avenue Louis-Ruchonnet 16
CH-1003 Lausanne
Switzerland
Telephone: (41 21) 313 43 50
Email: privacy@european-athletics.org

10. Do you have concerns or questions?

If you have any concerns or questions about how your data is processed or managed, please do not hesitate to contact us at all times via office@european-athletics.org.

11. Updates and changes to this Privacy Policy

We reserve the right to update and change this Privacy Policy from time to time to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Privacy Policy in the future will be posted on this Website. Please check back frequently to see any updates or changes to our Privacy Policy.

As at: 28 August 2023