CourtPass - Sports Booking Platform

We are very pleased that you are interested in our organization. The protection of your personal data is particularly important to our management. You can generally use our websites without disclosing personal data to us. However, if you wish to use more specific services via our websites, other online presences, applications, and social media pages operated by us, we may need to process your personal data. If we wish to process data about you and cannot rely on any other legal basis, we will always first ask for your consent (for example, via a cookie banner).

We always comply with applicable data protection laws when handling your personal data (such as name, address, e-mail address, or telephone number). With this privacy policy, we inform you about which data we process. In addition, this privacy policy explains which rights you have as a data subject.

We have taken various technical and organizational measures to protect your data on our websites as best as possible. Nevertheless, there are always risks on the Internet, and complete protection cannot be guaranteed. Therefore, if you prefer, you can also provide us with your personal data by other means, for example, by telephone.

This privacy policy serves not only to fulfill the obligations of the GDPR and to comply with the laws of the member states of the European Union (EU) and the European Economic Area (EEA). This privacy policy is also intended to comply with the legal provisions of countries such as the United Kingdom (UK-GDPR), the Swiss Federal Data Protection Act and the Swiss Data Protection Ordinance (DSG, DSV), the California Consumer Privacy Act (CCPA/CPRA), China's Personal Information Protection Law (PIPL), the Delaware Personal Data Privacy Act (DPDPA), the Tennessee Information Protection Act (TIPA), the Minnesota Consumer Data Privacy Act (MCDPA), the Iowa Act Relating to Consumer Data Protection (ICDPA), the Maryland Online Data Privacy Act (MODPA), the Nebraska Data Privacy Act (NDPA), the New Hampshire Consumer Data Privacy Law (SB255), the New Jersey Data Privacy Law (SB332), the South Carolina Consumer Privacy Bill (House Bill 4696) and other global data protection regulations, and should be interpreted accordingly.

For reasons of better readability, we refrain from using gendered language (male, female, diverse, and other gender identities (m/f/d/other)) simultaneously on our websites, in publications, in communication, and in this privacy policy. All terms used apply equally to all genders.

Definitions

In our privacy policy, we use specific terms from various data protection laws. We want our statement to be easy to understand and therefore explain these terms in advance.

a) Personal data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller, a processor, an international organization, or another data recipient.

c) Processing

Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of processing

Restriction of processing means the marking of stored personal data with the aim of limiting its future processing.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization

Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures.

g) Controller

Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

h) Processor

Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient

Recipient means a natural or legal person, public authority, agency, or another body to which personal data is disclosed, whether a third party or not.

j) Third party

Third party means any natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

k) Consent

Consent means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.

Name and Address of the Controller

Controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and the European Economic Area, is:

Digital Tribe GmbH

Alte Landstraße 237

22391 Hamburg

E-mail: support@digitaltri.be

Website: https://www.digitaltri.be/

Name and Contact Details of the Data Protection Officer

Prof. Dr. h.c. Heiko Jonny Maniero

Franz-Joseph-Str. 11

80801 Munich

Germany

Tel.: +49 (0)178 - 6264376

E-mail: info@dg-datenschutz.de

Collection of General Data and Information

Our websites collect a series of general data and information with each access of the websites by a data subject or an automated system. This general data and information are stored in the log files of the respective server. Collected may be, among other things, (1) the types and versions of browsers used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our websites (so-called referrer), (4) the sub-websites accessed, (5) the date and time of access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information used for security purposes.

When using this general data and information, we generally do not draw any conclusions about the data subject. This information is needed to (1) deliver the contents of our websites correctly, (2) optimize the content of our websites, (3) ensure the long-term functionality of our information technology systems, and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.

Rights of the Data Subject Under the GDPR

a) Right of Confirmation

Every data subject has the right to obtain confirmation from the controller as to whether or not personal data concerning them are being processed.

b) Right of Access

Every data subject has the right to obtain from the controller, at any time and free of charge, information about the personal data stored about them and a copy of such data.

c) Right to Rectification

Every data subject has the right to obtain the rectification of inaccurate personal data concerning them without undue delay.

d) Right to Erasure ("Right to be Forgotten")

Every data subject has the right to obtain from the controller the erasure of personal data concerning them without undue delay where one of the legal grounds applies and insofar as the processing is not necessary.

e) Right to Restriction of Processing

Every data subject has the right to obtain from the controller restriction of processing where specific conditions apply.

f) Right to Data Portability

Every data subject has the right to receive the personal data concerning them in a structured, commonly used, and machine-readable format.

g) Right to Object

Every data subject has the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them.

h) Automated Individual Decision-Making, Including Profiling

Every data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them.

i) Right to Withdraw Data Protection Consent

Every data subject has the right to withdraw consent to the processing of personal data at any time.

Third-Party Service Providers

We use various third-party services to provide and improve our services. Below is information about the main service providers:

Hetzner

Provider of hosting services and data center infrastructure. More information: hetzner.com

Cloudflare

Services for security, performance, and reliability of websites. More information: cloudflare.com

Google Cloud Platform

Cloud computing services for hosting and data processing. More information: cloud.google.com/privacy

Firebase

Platform for developing mobile and web applications. More information: firebase.google.com/support/privacy

Stripe

Payment service provider for processing online payments. More information: stripe.com/privacy

Twilio

Cloud-based communication services (SMS, voice, messaging). More information: twilio.com/legal/privacy

OpenAI

Artificial intelligence models and APIs. More information: openai.com/privacy

Right to Lodge a Complaint

Every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or place of the alleged infringement, if the data subject considers that the processing of personal data relating to them infringes the General Data Protection Regulation.

Final Provisions

We reserve the right to adapt this privacy policy to ensure that it always complies with current legal requirements or to reflect changes in our services. The new privacy policy will then apply to your next visit.

If you have any questions about data protection or would like to exercise your data subject rights, you can contact us at any time via the contact details provided in this privacy policy.