Swiss Runners – data protection

Entwurf Datenschutz-Policy, 06.03.2009

1. Swiss Runners Association data protection policy

Members of the Swiss Runners association are obliged to respect the following data protection standards in terms of the organisation and development of running events.

2. Commitment to personal data protection

We take the protection of our runners’ personal data very seriously. Violation of data protection standards may damage our runners’ loyalty and public opinion of us and compromise the organisation of running events.

3. Minimal data use

We only process the data that is strictly necessary. For the registration and organisation of the running event, runners are only required to provide their name, surname, year of birth and, if registering online, their email address. Further information can be provided optionally or only if required in order to provide an additional service. Only your name, surname, year of birth, place of residence, category and race time will be published in the rankings. Your complete address will not be published. The rankings are only published online via the organiser’s website and the Datasport website. Data that is no longer required is cancelled and not archived.

4. Transparent information

We are justified in assuming that, by registering for the event, runners consent to all data processing procedures directly connected to the organisation and running of the event, such as bib collection and the provision of information regarding the running event. When registering online, runners are advised of all data processing procedures that are not directly connected to the organisation and running of the event or related goals. These procedures include the publication of data including times and bib numbers online and in printed media, as well as the disclosure of data to third parties, among others.

5. Disclosure to third parties

We only disclose personal data to third parties that are contractually obliged to precisely process that data exclusively for a determined and defined purpose. We request permission from the runner concerned before disclosing personal data to third parties that will process it for their own ends (photographic services, sponsors, newspapers, TV stations, Internet services, etc.). To this end, during registration (online or registration form), we refer to the Swiss Runners Association data protection declaration and also provide detailed information on our website. The Declaration concerning the protection of personal data and information on the website are periodically verified and, if necessary, updated to reflect the current situation. The runner can forbid or limit the disclosure of their personal data to third parties. During registration we provide an email address and postal address where the runner can contact us should they not wish to provide consent for the disclosure of data. Data will only be disclosed to third parties if we do not receive specific communication to the contrary from the runner.

6. Forms of disclosure

We disclose data on printed materials and via electronic means. Personal data disclosed via printed materials is sent by registered post or delivered personally. We use encrypted email to send personal data electronically.

7. Outsourcing of data processing

The companies employed by us for the organisation and running of events, such as those responsible for timing, online registration, etc., process data on our behalf and only for our purposes. The law requires us to monitor the data processed by these companies and guarantee that they are not using data for their own ends and not disclosing it to third parties. We are aware that we are directly responsible to runners for any data processing errors committed by these companies.

8. Right to information

Runners are entitled to request any information regarding personal data that concerns them and that will be processed. Our data-processing procedures are organised so as to guarantee runners a right to information within an appropriate amount of time. We guarantee the modification or deletion, upon request, of personal data. The release of information, modification or deletion of data can only be refused if the processing of that data is required by law or if we can claim a prevailing interest. During registration, we provide an email address and a postal address where the runner can contact us should they have any questions.

9. Data security

We adopt technical and organisational measures to protect our runners’ data from destruction or intentional or accidental falsification, as well as access from unauthorised third parties. Where data is processed by an outsourced partner, such as Datasport or Mikatiming, we can guarantee that these partners respect, constantly monitor and improve data security standards.

10. Responsibility

All collaborators authorised to process data are responsible for ensuring that this data protection policy is respected. The OK commission regularly monitors collaborators to ensure they are respecting the data protection policy and applies sanctions in cases of abuse or violation. Notification of data collection with IFPDT. We inform the Federal Office for the Protection of Data and Transparency of all our data collection activity.

11. Sphere of application

The data protection policy was issued by the Swiss Runners Association board of directors and is carried out by the OK commission of each organiser within their sphere of activity.

March 2009