ATHLETE APP

CAIS

Register

Privacy Policy

1.       DATA CONTROLLER

 

Croatia Athletic Care and Development Center

University of Zagreb, Faculty of Kinesiology

Horvaćanski zavoj 15

10000 Zagreb, Republic of Croatia

 

Phone: +385 (1) 3658 666

Telefaks: +385(1) 3634 146

E-mail: dekanat@kif.unizg.hr

Web: http://www.kif.unizg.hr

OIB: 25329931628

 

2. DATA PROTECTION OFFICER

Croatia Athletic Care and Development Centre

 

If you will have further questions about the protection of personal data or wish to exercise any of your rights in the protection of personal data, please contact us on following contact: Data Protection Officer, Igor Barlek, CIPP/E-mail: bi@biconsult.hr

 

3.       PURPOSE AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process your personal data in fulfilment of our legal obligations in the sense of Article 6, paragraph 1, point (c) of the General Regulation for the purpose of:

• responding to a request to exercise the right to access information.

 

We process your personal data based on consent in the sense of Article 6, paragraph 1, point (a) of the General Regulation, for the purpose of:

  •      improving dual career (DC) supporting services for elite athletes
  •     monitoring of athletes and all elements of their sports and educational/professional development  
  •     comparison of results before and after using services through CAIS

In addition, there are several purposes for processing:

Providing education, support and additional services of the Centre, Keeping records on student-athletes’ personal, study and athletic background; registering study and athletic results; issuing student-athlete status; concluding contracts with student-athletes; formulating policy on dual career ‘elite sport and education’ matters; developing and writing policy and management reports; being able to provide advice, guidance, and counselling; settling disputes, etc.


Performing academic research: The researchers affiliated with WE_CARE project gather, analyse, and manage significant quantities of data, necessary for the advancement of dual career in each Member State- Croatia, Serbia, Slovenia. Many of the activities carried out by researchers involve processing personal
data, but in anonymized and statistical form.

       Valorisation and communication 

     Attracting prospective student-athletes; concluding and fulfilling contracts with other educational institutions; managing and improving our services and promoting the results of WE_CARE project.

4.       PERSONAL DATA WE PROCESS

Categories of personal data processed by CAIS software:

  • Name

  • Address

  • Place of Birth

  • Telephone number

  • Date of Birth

  • Gender

  • Email-address                

  • Information regarding study background, study programme, and study performances

  • Information regarding athletic background, athletic level, athletic performances and athletic programme

  • Personal data about parents and coaches

  • Information regarding user
    interaction (e.g. IP address, cookies)

  • Images (photos)

  • Health data of athlete – injuries

  • Data gathered in the context of providing healthcare services

  • Professional development/status – profession, working status

  • Data gathered in the context of counselling sessions

  • Data gathered in the context of improving our services

  • Data gathered in the context of academic research

5.       YOUR RIGHTS REGARDING PERSONAL DATA PROCESSING

To exercise your rights, you can contact us in writing or by e-mail using our contact information listed in the section 2. As the Data subject you have the following rights in relation to the processing of his personal data:


The Right to Information: The right to information allows individuals (data subjects) to know what personal
data is collected about them, why, who is collecting data, how long it will be kept, how they can file a complaint, and with whom will they share the data.

The Right of Access: You have the right to access your personal data that we process about you and you can request detailed information, in particular, about the purpose of their processing, about the type/categories of personal data that are processed, including insight into your personal data, about recipients or categories of recipients, and about the intended period in which personal data will be
stored. Access to personal data can be limited only in cases prescribed by Union law or our national legislation, i.e. when such a limitation respects the essence of the fundamental rights and freedoms of others.

The Right to Erasure („the right to be forgotten“): you have the right to request the Data Controller to delete your personal data. The Data Controller has the obligation to delete personal data without delay. It can happen in case:

    • personal data are no longer necessary for the
      purposes for which they were collected or otherwise processed,
    • Data subject withdraws consent on which the
      processing is based, and there is no other legal basis for processing,
    • Data subject objects to the processing, and
      legitimate reasons for exercising the right to erasure outweigh the legitimate
      interest of the Data Controller for processing and/or storing personal
      data,
    • personal data is illegally processed or if
      personal data must be deleted in order to comply with the legal
      obligations of the Data Controller.

* Exceptions related to the exercise of the aforementioned right are provided for in Article 17, Paragraph
3 of the General Regulation:

The aforementioned rights are not applicable to the extent that processing is necessary:

      – in order to exercise the right to freedom of expression and information;

   – to comply with a legal obligation requiring processing under Union law or the law of a Member State to which the data controller is subject, or for the performance of a task in the public interest or in the exercise of official authority of the data controller;

       – for the purposes of archiving in the public interest, for the purposes of scientific or historical research or for statistical purposes in accordance with Article 89, paragraph 1, to the extent that it is likely that the right from paragraph 1 can prevent or seriously threaten the achievement of the goals of that processing; or in order to establish, realize or defend legal claims.

 

  • The Right to Rectification:
    You have the right to request the correction or addition of personal data
    if your data is not correct, complete and up-to-date. To do this, send
    your request to us in writing. Please note that in the request it is necessary
    to specify what is not accurate, complete or up-to-date and in what sense
    the above should be corrected. In addition, please submit the necessary
    documentation in support of your allegations.

 

  • The Right to Data Portability: You have the right to receive a printout of your
    personal data and pass it on to another data controller.

 

  • The Right to Restriction of Processing: You have the right to request a restriction on
    the processing of personal data in case:

–   you dispute the accuracy of the data

   if the processing is illegal, and you object
to their deletion

   if the data controller no longer needs the
personal data, but you have requested it in order to establish, exercise or
defend legal claims

   if you objected to the processing of your
personal data.

 

· The Right to Object: If we process your data for the purposes of performing tasks of public interest or in the exercise of our official powers, or when processing them we refer to our legitimate interests, you can file a complaint against such processing.

 

· The Right to Avoid Automated Decision-Making: You have the right not to be subject to automated
decision-making if it is producing a legal effect that significantly affects you.

 

6.       PROVISION OF DATA TO THIRD PARTIES

We may forward your personal data for use by providers of IT and communication solutions and services who act as processors. We have entered into contracts with the aforementioned processors in which the treatment of personal data is prescribed in detail, therefore they are not able to process your personal data without our order and pass them on to third parties. Additional 3rd parties that might have access to your data are partner Centres in project as this is international scientific project where statistical data are compared and used to improve sports activities, prevent injuries and improve educational status of participants. Your data are used as statistical data without disclosing full personal details of any sportsman in particular. In certain circumstances, we have a legal obligation to forward your personal data, and the processing of personal data may include the international transfer of the same. The legal obligation may arise from national regulations or from EU regulations. Your personal data will not be passed on to third parties for marketing purposes.

 

7.       PERSONAL DATA SECURITY

We collect and process personal data in a way that ensures adequate security and confidentiality in their processing and enables effective application of data protection principles, reduction of the amount of data, scope of their processing, storage period and their availability. We take all appropriate technical and organizational security measures to prevent accidental or illegal destruction, loss, alteration, unauthorized use, disclosure, insight or access to data. Everyone involved in processing activities of the data controller undertake to keep personal data by signing a confidentiality statement.

 

The data categorized as sensitive data according to the General Data Protection Regulation (for example, health data) is specially protected and additional data protection measures have been taken. The data entered by the user is visible only to the user, and depending on the service provided to him through the application, it will also be visible to the service provider as well as Admins of Centres. For each additional access to your personal data, you will be asked for your express consent to share personal data. Likewise, your personal data will be used to create overall statistical inputs for scientific research.

 

8.       PERSONAL DATA RETENTION PERIOD

We process your personal data until the purpose of personal data processing is fulfilled. After the end of the purpose for which they were collected, we no longer use your personal data, and they remain in our storage system, and we keep them as long as we are obliged by the legal regulations on the preservation of archival material.

 

9. SOCIAL NETWORKS

If you are a member of various social networks such as Facebook, Twitter, Instagram, LinkedIn and the like, you should be familiar with the tools that these sites provide and choosing how to share personal information on social network profiles.

In addition, depending on your choices regarding settings on various social networks, certain personal data may be shared with broad public via social media profiles, such as information about your sport status, sport results and similar. Making those data public will be only when we have way to have your
explicit consent, if applicable.

 

10. MINORS

WE_CARE project avoids communicating in any sense with children and/or minors. If there is contact and/or data collection and processing, all contact and communication with children and minors is carried out in a way that communicates, talks, negotiates and contracts exclusively with the parent/guardian. The contract, consent, and any other legally binding document is signed exclusively by the parent/guardian.

 

11.   CONTACT INFORMATION

If you have questions regarding the processing of your personal data, you can contact us at one of
the contacts listed in section 1. and 2.

 

12. PRIVACY POLICY CHANGES

We regularly update the privacy policy so that it is accurate and up-to-date, and we reserve the right to change its content if we deem it necessary. You will be informed about all changes and additions in a timely manner through our website in accordance with the principle of transparency.