The DNA website is run by European Athletics Association (EA), an association established under Swiss law with its domicile at Avenue Louis-Richmond 16 in 1003 Lausanne, Switzerland. The EA is represented by its CEO, Mr. Christian Milz.
Your privacy and the protection of your personal data are matters of great importance. All data processing acts are carried out in line with the Swiss Federal Act on Data Protection (LPD) and, where applicable, the EU General Data Protection Regulation (GDPR). This document explains which of your personal data is processed through the DNA website, how this is done, for which purposes and based on which legal permissions. Please read it very carefully.
1 Which of your data is collected and processed when you visit our website?
Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Policy explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
We herewith advise you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third party access.
We automatically receive and record certain information on our server logs from your browser when you visit our website, in particular:
(i) your IP address,
(ii) date and time of access,
(iii) name and URL of accessed files,
(iv) the website from which you access our website (URL Referrer),
(v) the operating system of your computer and your browser,
(vi) the country from which you access our website and your language settings and
(vii) the name of your internet access provider.
We use this information to enable you to access our website, to ensure safety and stability of our website, to customize and optimize our website for you and for statistical purposes. In particular, we use your IP address to optimize settings of the website, e.g. to adapt the language, and to be able to react to attacks to the network infrastructure of EAA. All these data processing activities are based on our legitimate interests (art. 6 para. 1 lit. f GDPR).
2 Where is our website hosted?
This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include but are not limited to the types of data mentioned in the previous section.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR).
Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data.
In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.
3 How do we protect the transfer of data between our website and your computer?
This website uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by unauthorized third parties.
4 Integrated Services
If you contact us by e-mail or any other way, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We do not pass these data on without your consent.
The processing of these data is based on Art. 6 para. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us.
The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to art. 6 para. 1 lit. f GDPR. If your browser does not support web fonts, a standard font is used by your computer.
This site uses the Google Fonts service via an API. It is operated by The operator of this service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Our website uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when you visit our website or do not have a Vimeo account. The information is transmitted to a Vimeo server in the US, where it is stored.
If you are logged in to your Vimeo account, Vimeo allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your Vimeo account.
5 Analytics and Tracking
What are cookies and are cookies used on our website?
For Google Chrome: http://www.google.com/support/chrome/bin/answer.py?answer=95647
For Microsoft Edge: https://support.microsoft.com/en-us/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd
For Mozilla Firefox: http://support.mozilla.com/en-US/kb/Enabling%20and%20disabling%20cookies
For Apple Safari: https://support.apple.com/en-gb/guide/safari/sfri11471/mac
6 Who has access to your data?
As a principle, only the staff and personnel of EA has access to your data. We do our best to keep your data confidential at all times, e.g. by confidentiality agreements entered into with the persons who have access to your data. We may provide data also to companies who work on behalf of European Athletics under confidentiality agreements and/or so-called data processing agreements.
7 Will your data be transferred abroad?
8 How long will your data be stored?
We store your data only for so long as it is necessary
(i) to use the mentioned tracking tools,
(ii) to render services as you required them or as you have given us your consent and
(iii) to meet our legal obligations, in particular in what concerns statutory require-ments to keep accounting and business records.
9 Is your data safe?
We want you to feel confident about using our website. For that reason, we have implemented reasonable technical and organizational measures designed to secure your information from accidental loss and from unauthorized access, use, alteration or disclosure. However, the internet is an open system and we cannot guarantee that unauthorized third parties will never be able to defeat those measures or use your information for improper purposes.
If you communicate with us by e-mail, you should note that the secrecy of internet e-mail is uncertain. By sending sensitive or confidential e-mail messages or information which are not encrypted, you accept the risk of such uncertainty and possible lack of confidentiality over the internet. We also ask you to always treat your payment information (in particular credit card information) confidentially at all times. We recommend you to always close the internet browser after having communicated with us, in particular if you share your computer with other persons.
10 Which are your rights under data protection law?
You have the right to receive free of charge information about the personal data that we store about you upon request. In addition, you have the right to correct inaccurate data and the right to delete your personal data, as far as there is no statutory requirement or another legal permission to store and/or record data. In addition, you have the right, in accordance with Articles 18 and 21 GDPR, to demand a restriction of data processing and to oppose to data processing. You also have the right to reclaim from us the data you have given us (right to data portability). On request, we also pass the data on to a third party of your choice. You have the right to receive the data in a common file format.
If a data processing is based on your consent, you can revoke this consent at any time.
You can reach us for the aforementioned purposes via the e-mail address email@example.com. You can also tell us what to do with your information after you die by giving us instructions. We may, at our sole discretion, require proof of identity to process your requests. When you contact us, we will do our best to provide you with a response as soon as possible and to take the appropriate steps.
11 Data protection officer
We have appointed a data protection officer for our Association.
Avenue Louis-Ruchonnet 16
Telephone: (41 21) 313 43 50
12 Right to file complaints with regulatory authorities
If you live in an EU country, you have the right to complain to a data protection supervisory authority at any time. A list of data protection officers in the EU member states and their contact details can be found at the following link: https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en#dataprotectionauthorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of Switzerland in which our Association is headquartered. For details follow this link: https://www.edoeb.admin.ch/edoeb/de/home.html
13 Important information concerning “Phishing”
Identity theft and the practice known as “phishing” are of great concern to us. Safeguarding information to help protect you from identity theft is a top priority for us. We do not and will not, at any time, request your credit card information, your account ID, login password or national identification numbers in a non-secure or unsolicited e-mail or telephone communication.
14 Do you have concerns or questions?
If you have any concerns or questions about how your data is processed or managed, please do not hesitate to contact us at all times via firstname.lastname@example.org