Data Protection Guidelines

I. General 

1. Responsible party 

We take the protection of your personal data, as well as the legal obligations underpinning such protection, extremely seriously. Legal requirements demand full transparency regarding the processing of personal data. You are only sufficiently informed of the purpose, type and scope of processing if such processing is clear for you as the data subject. 

Our privacy policy explains in detail what personal data we process when this website is used, all other websites referring to it and in other cases that may also be explained here at this point. 

Within the context of the General Data Protection Regulation (GDPR), the German Data Protection Act (BDSG) as well as other data protection regulations, the controller is: 

Deutscher Olympischer Sportbund e.V. (DOSB) 
Otto-Fleck-Schneise 12
60528 Frankfurt am Main
+49 (0)69-6700-0 
datenschutzREMOVE_THIS@dosbREMOVE_THIS.de 

Hereinafter referred to as “responsible party” or “we”. 

The data protection officer can be contacted at: 

Deutscher Olympischer Sportbund e.V. (DOSB)
Die Datenschutzbeauftragte/data protection officer
Otto-Fleck-Schneise 12
60528 Frankfurt am Main 
datenschutzbeauftragteREMOVE_THIS@dosbREMOVE_THIS.de 

Please note that links from our website will take you to other websites that are not operated by us, but by third parties. Such links are either clearly labelled by us or can be recognised by a change in your browser’s address bar. We are not responsible for compliance with data protection regulations and safely handling your personal data when it comes to these websites managed by third parties. 

2. Definitions 

Definitions from the GDPR 

This privacy policy uses the terms used in the legal text for the GDPR. For example, the definitions (Art. 4 GDPR) can be found at?https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=CELEX:32016R0679. 

Cookies 

Cookies?are text files that are stored or read out on your device by a website. They contain combinations of letters and numbers which recognise the user and their settings so that, for example, a user can remain logged into a customer account or a certain user behaviour can be statistically analysed when the website that sets the cookie is visited once again. 

Web Storage 

Web storage technology?makes it possible for variables and values to be stored locally in the user’s browser cache. This technology consists of what is known as “sessionStorage”, which is saved until the browser tab is closed, as well as “localStorage”, which is saved in the browser’s cache until the user deletes the cache. This localStorage technology makes it possible, amongst other things, to recognise the user and their settings when accessing our website. 

Categories of data 

When stating the data categories that are processed, it is understood to mean the following data in particular:?Master data?(e.g. name, address, date of birth),?contact data?(e.g. email addresses, telephone number, messenger services),?content data?(e.g. text inputs, photos, videos, content from documents/files),?contract data?(e.g. subject of the contract, contract terms, customer category),?payment data?(e.g. bank details, payment history, use of other payment providers),?usage data?(e.g. actions on our website, use of specific content, access times, contact or order history),?connection data?(e.g. device information, IP addresses, URL referrer),?location data?(e.g. GPS data, IP geolocation, access points). 

3. Information about data processing 

We only process personal data if this is permitted in law. Forwarding of personal data only takes place in the situations described below. Personal data is protected via appropriate technical and organisational measures (e.g., pseudonymisation, encryption). 

If we are not legally obliged to store the data or to forward it to third parties (particularly law enforcement authorities) then the decision regarding what personal data is processed by us, how long it is stored and the extent which we inform you of such when required, depend on what website functions you use in individual cases. 

4. Storage period 

Personal data is deleted as soon as the purpose for processing is no longer applicable or a prescribed retention period has elapsed unless it is necessary to continue to store the personal data to conclude or fulfil a contract. If we have to provide information about the storage period of cookies and similar technologies, then such details will be found at the end of this privacy policy. 

Personal data that we process as part of an application (see below) is stored for six months after the application process is completed. 

5. Automated individual decision-making, including profiling 

Automated individual decision-making, including profiling does not take place. 

6. Data subject rights 

As the data subject, you have a right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to deletion pursuant to Art. 17 GDPR, the right to limitation of processing pursuant to Art. 18 GDPR as well as the right to data portability pursuant to Art. 20 GDPR. Restrictions as per Sections 34 and 35 BDSG apply to the right to information and the right to deletion.?You have the right to complain to a data protection authority (Art. 77 GDPR in conjunction with Section 19 BDSG). 

DOSV’s competent data protection authority is: 

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163
65021 Wiesbaden
Phone: +49 611 1408-0 

However, you are also free to send your complaint to another data protection authority. 

A list of the supervisory authorities can be found at: https://www.bfdi.bund.de/?(via Info Centre/Addresses and Links).

7. Controller’s obligations of notification 

We inform all recipients whose personal data is disclosed of all cases of rectification or deletion of your personal data, or a restriction in processing pursuant to Article 16, Article 17 (1) and Article 18 GDPR unless providing information is either impossible or involves disproportionate effort. We inform you about the recipient if you request this. 

8. Duty of provision 

Unless stated otherwise within the below information regarding the legal basis, you are not obliged to provide personal data. However, you are obliged to provide personal data to fulfil or conclude a contract as set out in Article 6 (1) (b) GDPR. If you do not provide the personal data in question, then fulfilment or conclusion of the contract is not possible. If you do not provide personal data in cases set out in Article 6 (1), (a) or (f) GDPR then it is not possible to use the relevant parts of our website. 

9. Right of revocation 

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on Article 6 (1) (f) GDPR. Where personal data relating to you are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing. Revocation is not subject to a particular procedure and should be addressed to the contact details stated above. 

10. Revocation of consent 

Pursuant to Article 7, Para. 3, S 1 GDPR, you have the right to revoke consent for the future at any time. This does not affect the legitimacy of processing conducted based on the consent until such withdrawal. When you revoke consent, we will delete personal data that was previously processed with your consent if there is no other legal basis for processing it.?Revocation is not subject to a particular procedure and should be addressed to the contact details stated above. 

II. Data processing when using our website? 

Use of the website and its functions requires regular processing of personal data. 

1.Functions on our website 

Provision of the website 

Purpose of processing:?Website functionality and optimisation, as well as ensuring the security of our IT systems when our website is used for purely informational purposes. 
Legal basis:?Article 6 (1)(f) GDPR 
Categories of data:?Connection data 
Data recipients:? IT service provider
Intentional transmission into third countries:?none 
Do we store personal data on your end device or read out such data due to your consent??No 

Establishing contact (email and contact form) 

Purpose of processing: Processing your contact inquiry and call-back. 
Legal basis: Article 6 (1)(f) GDPR 
Categories of data: Master data, contact data, content data, usage data, connection data 
Data recipients: IT service provider
Intentional transmission into third countries: In the case of the USA
Do we store personal data on your end device or read out such data due to your consent? No