Data Protection and Privacy Policy

Data Protection and Privacy Policy

Last updated: 24 January 2022


This is the Data Protection and Privacy Policy ("Privacy Policy") of the Athlyts website (the "website"), operated by Athlyts AG (together with our affiliates and subsidiaries, "Athlyts", "we", "us", "our" and terms of similar meaning) and our related products and services.

This Privacy Policy explains how the information and personal data we collect about you is used and kept securely. It also explains your privacy choices when using our website as well as your right to access your information under the applicable Data Protection Legislation.

We take the protection of the data that we hold about you very seriously and we ensure that data is collected, stored, processed, maintained, cleansed and retained in accordance with the highest data protection and privacy standards, including the General Data Protection Regulation ("GDPR") from May 25, 2018 ("Data Protection Legislation").

Please read this Privacy Policy carefully to see how Athlyts will treat the personal information that you provide to us either when using these websites (www.athlyts.com, coach.athlyts.com, or any subdomain in the form of [subdomain_name] .athlyts.com), corresponding mobile or PWA Apps, portal (the "Athlyts" portal) or in other circumstances when we collect data from you (including via email).

We will take reasonable care to keep your information secure and to prevent any unauthorized access.

By accepting this Privacy Policy, registering for the service, or by visiting and using the website and related Apps, you expressly consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy.


1. What type of information do we collect?

1.1 When you open an Athlyts account as an athlete, coach, administrator or health practitioner, we will collect certain information about you which will include your name, date of birth, gender, email address, telephone number, residential country and address, name and details of legal guardian or parent in the case of minors, and names of the affiliated sports federations or clubs that you are a member of ("User Data").

1.2 If you are an athlete, we will also collect data provided by you or entered by your coaches, administrators and health professionals about daily wellness, training sessions, illnesses, injuries, etc. ("Performance Data"). You may also choose to provide us with other information on your online user profile.

Athletes

1.3 We only collect information that you and our customers allow us to collect, that you allow through your consent, or that our customers want us to process from their athletes.

1.4 Generally, this information about you is related to your sports performance, health data, wellness data and sport related activity.

1.5 The information is controlled by our athletes/organizations/federations/clubs, collected by them through the use of our products, and is processed and used by us as described below.

1.6 We use and process the information in this fashion as it is necessary in order to perform our end of the contracts we have with our athletes/organizations/federations/clubs.

1.7 In addition, we will be obtaining your specific consent to use the information in this manner.

Customers and their internal (non-athlete) representatives and personnel

1.8 We only collect the following information: name, contact details and information related to our professional work with you.

1.9 Our legal basis for the collection, use, and processing of this information is that we collect, use, and process the information types listed above to perform our legitimate business of maintaining necessary employee, contractor, and applicant information for the operations of our company.

Suppliers, consultants and contractors

1.10 We only collect the following information: name, contact details, account and payments arrangements, and information related to and reasonably required for our professional work with you.

1.11 Our legal basis for the collection, use, and processing of this information is that we collect, use, and process the information listed above to perform our legitimate business of maintaining necessary employee, contractor, and applicant information for the operations of our company.


2. How do we collect the information?

2.1 We collect the information when you directly use our products or services.

2.2 Either yourself or someone else acting on your behalf can enter information about you into the software.

2.3 Where possible we however always try to collect your personal information directly from you.

2.4 Regardless of how your personal information is collected – whether it is directly from you, from your interactions with us or from third parties – we will deal with your personal information in accordance with this Privacy Policy.


3. Why do we collect the information?

3.1 We collect the information for three purposes:

Providing and Maintaining the Services That Relate to this Product ("Services")

3.2 We use the information for fulfilling our contractual terms as product and service providers to your organization, federation, club or team and for product development and enhancement. For example, by allowing coaches, administrators and health professionals to administer performance programs, provide quality coaching, manage testing data and manage sports medicine services.

Improving and Developing the Services

3.3 We also use the information we collect to improve the Services and to develop new ones. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys; and develop new features and Services.

Communicating with You (including Marketing)

3.4 We use your information when needed to send you notifications and respond to you when you contact us.

3.5 We also use your information to promote new features that we think you would be interested in.

3.6 You can control marketing communications and most Service notifications by using your notification preferences in account settings or via the "Unsubscribe" link in an email.

3.7 We use your information to provide customer service or assistance to you or to our customers about their instances of our products and Services.


4. Our Disclosure of Your Information

4.1 We will disclose your personal information with third parties only in the ways that are described in this Privacy Policy.

4.2 The following describes some of the ways that your information may be disclosed in the normal scope of business to provide our services.

a) If you are an athlete, the information you decide to share will be viewable with the owner of the Athlyts account, as well as all coaches, administrators, parents or legal guardians, and health professionals linked to your account. Athlete users can only access their own data.

b) If you are a system administrator, health professional, or account owner user, the information you decide to share will be viewable by the account owner and system administrators only.

c) If you are a coach or a manager user, the information you decide to share will be viewable by the account owner, system administrators and other coaches linked to the same teams as you.

4.3 If not mentioned otherwise in this Privacy Policy, we do not share, lend or sell personally identifiable data with and to any third party.

4.4 If we are required to do so by law, we however share your personal information with the police and other law enforcement agencies for the purposes of crime prevention, detection or other relevant purposes.

4.5 If we disclose your information, we ask the organization to demonstrate that the data will assist in the prevention or detection of crime, or that Athlyts AG is legally obliged to disclose it. This is done on a strictly case by case basis and through a tightly controlled process to ensure we comply with applicable Data Protection Legislation.

4.6 Technologies such as: cookies, beacons, tags and scripts are used by Athlyts and our partners (e.g., advertising, marketing and analytics), affiliates, or other service providers.

4.7 These technologies are used in analyzing trends, administering the website, tracking users' movements around the website and to gather demographic information about our user base as a whole.

4.8 We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

4.9 We use cookies to remember users' settings, store login addresses, authenticate users, run website experiments, and store analytics data.

4.10 Users can control/restrict the use of cookies at the individual browser level.

4.11 If you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited.

4.12 Third parties with whom we may partner to provide certain features on our website or to display advertising based upon your Web browsing activity use Local Storage Objects (LSOs) such as HTML 5 to collect and store information.

4.13 Various browsers may offer their own management tools for removing HTML5 LSOs.

4.14 We may partner with a third party to either display advertising on our website or to manage our advertising on other websites.

Payment Information

4.16 We do not store credit card or other payment method information on the website.

4.17 We use a third-party provider ("Stripe", https://www.stripe.com) to deliver and process invoices and credit card payments. Please consult the Data Protection Policy of each provider for more details about their data protection measures.

4.18 Our payment processors have the sole and complete responsibility for the storage of credit card and payment information.

Forum and Blog

4.19 If you post on our forum or blog your username and other information you include is displayed in your postings or comments and is therefore available to the public.

4.20 All of your activities in the public areas of the forum will be identifiable to your User ID, and other people can see your published content.

4.21 If you disclose personal information in any posting in our forum or blog and wish to have it removed, please contact us at the support contact information listed below and posted on the website.

4.22 Our blog commenting system is also managed by a third party application that may require you to register to post a comment.

4.23 You will need to contact or login into the third party application if you want the personal information that was posted to the comments section removed. To learn how the third party application uses your information, please review their Privacy Policy.

Legal Requests and Business Transitions; Emergencies.

4.24 We may disclose your personal information

a) to any governmental authority as part of an investigation to determine our compliance with any applicable law, rule, or regulation (including privacy laws, rules, and regulations),

b) in response to a court order, subpoena, discovery request, or other lawful judicial or administrative proceeding,

c) as otherwise required under any applicable law, rule, or regulation, and

d) in good faith, to protect or defend the rights or property of Athlyts and other users and

e) if Athlyts is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.


5. Your Use of Other Persons' Information

5.1 In order to facilitate the services provided by the website, the website allows you in certain circumstances to give other Users limited access to the personal information of other persons. For example, if you are an Account Owner, an Administrator, a Team Manager, you may use the website to give access to a staff member to the personal information of your Athletes.

5.2 By accepting our General Terms and Conditions, you agree that, with respect to the personal information of other persons that you collect, use and disclose on the website, you have all necessary consents and rights to collect, use and disclose that information as described in this Privacy Policy from time to time, and you agree that the indemnity you give to us in the Terms of Use applies to any non-compliance by you with the foregoing.

5.3 If you choose to use our referral service to tell a friend about our website, we will ask you for your friend's name and email address. We will automatically send your friend a one-time email inviting him or her to visit the website. Athlyts stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program. Your friend may contact us at privacy@athlyts.com to request that we remove this information from our database.


6. Protecting your information

Encryption

6.1 To ensure a maximal security of data traveling from you to our server and from the server to you, we use the latest Transport layer security (TLS) protocol, which provides bidirectional encrypted communication security between client/server.

6.2 The encryption process protects your information, by scrambling it before it is sent to us from your device or computer. Once Athlyts receives your transmission, we make commercially reasonable efforts to ensure its security on our system.

Data Storage Location

6.3 If you access the service from the athlyts.com domain and related mobile apps, all the information collected will be transmitted to and stored on servers located in Switzerland. We use a third party cloud services supplier called "Firebase", owned by "Google". To find out more information about how Google uses the information stored and processed on behalf of Athlyts, you can read more at https://policies.google.com/technologies/partner-sites

Information transmitted to third parties for statistical analysis and product improvement purposes

6.4 This application uses the Mixpanel analytics service ("Mixpanel"), a service of Mixpanel Inc., a company incorporated under the laws of the State of Delaware in the United States. We are sending analytics data, including your account details, to Mixpanel as it enables us to optimize product features, measure user behaviours and better understand how users interact with the product, leading to product improvement. To make this possible, log data is transferred to Mixpanel (and Mixpanel Inc.). We do not use any cookies from Mixpanel. All data sent by us is stored on Mixpanel's servers in the EU. You can find more information on the use of your data on the English privacy page of the Mixpanel service (http://mixpanel.com/privacy) in the paragraphs provided for this purpose. Athlyts has no control over how Mixpanel may use the collected or stored information and is therefore not responsible for their privacy practices. We recommend that you read their privacy policies carefully to better understand their practices.


7. Other Information Collectors

7.1 Except as otherwise expressly included in this Privacy Policy, this document only addresses the use and disclosure of information we collect from you.

7.2 To the extent that you disclose your information to other parties through the website, whether they are Athletes, Customers and their internal (non-athlete) representatives and personnel, Suppliers, Consultants and Contractors or otherwise, different rules may apply to their use, collection and disclosure of the personal information you disclose to them.

7.3 Since we do not control the information use, collection or disclosure policies of third parties, you are subject to their Privacy Policies. We encourage you to ask questions before you disclose your personal information to others.


8. Correcting and Updating Your Personal Information

8.1 To review, delete and update your personal information to ensure it is accurate, you may login into your account to make the changes, or you may contact us at privacy@athlyts.com and:

a) provide us with enough information to identify you; and

b) specify the information that is incorrect and what it should be replaced with.


9. Data portability

9.1 You can export a copy of your personal data for you to reuse for your own purposes across different services by contacting us at privacy@athlyts.com


10. Data Retention

10.1 We will retain your information for as long as your account is active or as needed to provide you services.

10.2 We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

10.3 Once you deactivate your account, any data that we collect from you will be deleted in accordance with timescales set out below:

a) User Data : This information is deleted two years after account deactivation by a user or following a 365 days period of inactivity.

b) Performance Data: This information is anonymized after the 365 period referred to above. We may retain anonymized data for research and product and service development purposes.

Legal archiving regulations to which we are subject to and which stipulate a longer retention period are reserved.


11. Right to be forgotten

11.1 In certain circumstances you can request us to delete all information we hold which identifies you. You can make this request at any time by emailing privacy@athlyts.com but please note we may be compelled to maintain your information due to specific legislative or regulatory requirements.


12. Additional Policy Information

Service and marketing messages

12.1 If you are currently receiving service messages or marketing communications from Athlyts and no longer wish to do so, you may revoke your consent to receiving such emails by clicking the Unsubscribe link, found at the bottom of every email, or by contacting privacy@athlyts.com.

Invitations

12.2 You have the opportunity to invite others to work with you through your Athlyts account. To do that, Athlyts asks you to import or to manually enter your contacts' email addresses. As you direct, we then send them an invitation on your behalf or other notices reflecting changes you make to their status in your account.

12.3 If you click on a link to a third-party website, you will leave the Athlyts website and go to the website you selected. If you elect to use a third-party product or service in conjunction with Athlyts, you yourself enter into a license agreement with the third party for use of their product or service and their use of your data.

12.4 Because we cannot control the activities of third parties, we cannot accept responsibility for any use of your personal information by such third parties, and we cannot guarantee that they will adhere to the same privacy practices as Athlyts.

12.5 We encourage you to review the privacy policies of any other service provider from whom you request services.

12.6 If you visit a third party website that is linked to a Athlyts website, you should carefully read that website's Privacy Policy before providing any personal information.

Testimonials

12.7 With your prior written consent we may post your testimonial along with your name and photo.

12.8 If you want your testimonial removed please contact us at privacy@athlyts.com.

Social Media Features

12.9 Our website may include Social Media Features, such as the Facebook and Twitter buttons and Widgets, such as the Share this button or interactive mini-programs that run on our website. These Features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly.

12.10 Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Your interactions with these Features are governed by the Privacy Policy of the company providing it.


13. Changes to our Data Protection and Privacy Policy

13.1 We may update this privacy statement to reflect changes to our information practices. We will notify you by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.


14. Complaints and contacts

14.1 It is our goal to make our privacy practices easy to understand. If you have any concerns or complaints in relation to how Athlyts collects and/or processes your personal data, please contact the Athlyts data protection officer at privacy@athlyts.com.


15. GDPR details

Responsible, service provider and data protection officer:

Athlyts AG
Im Ebnet 8
8700 Küsnacht
Switzerland
privacy@athlyts.com