ICF Privacy Policy

We, the International Canoe Federation (ICF), an association under Swiss law, with a registered office at Maison du Sport International, Avenue de Rhodanie 54, 1007 Lausanne, Switzerland, operate the organisation governing the sport of canoe worldwide and the website www.canoeicf.com.

In this context, we are responsible for the collection, processing and use of your personal data and for handling this data in accordance with the law.

We take the topic of data protection seriously and pay attention to the protection of your personal data. We comply with the legal requirements of the Swiss Federal Act on Data Protection (FADP), the Ordinance to the Federal Act on Data Protection (FADP) and other provisions of data protection law that may be applicable, in particular the EU General Data Protection Regulation (GDPR).

We would like to inform you below about how we process your personal data both in connection with our website and otherwise.

Please note that the following information may be reviewed and amended from time to time. We therefore recommend that you consult this Privacy Policy regularly.

 

SUMMARY OF HOW WE USE YOUR DATA

Our approach is based on the following four data principles:

  1. We process your data lawfully, fairly and transparently.
  2. We collect data for a specific purpose. Once we’ve fulfilled that purpose, we won’t process your data again.
  3. We keep your data accurate and up to date, only retaining it for as long as we need it.
  4. We keep all personal data confidential, accurate and available.

 

INFORMATION USE AND THE LEGAL BASIS FOR THIS USE

ICF uses information collected for the following purposes:

  • To perform our contractual obligations when you use or buy certain ICF products or services.
  • As required by ICF to conduct our activities and pursue our legitimate interests, in particular:
    • we will use your information to provide products, content and services you have requested and respond to any comments or questions you may send us.
    • we use the information you provide to personalise our website, products or services for you.
      • Where you give us consent:
        • we will send you direct marketing in relation to our relevant products and services, or other products and services provided by us, our affiliates and carefully selected partners.
        • we place cookies and use similar technologies in accordance with our Cookies Policy and the information provided to you when those technologies are used.
        • on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.
        • For purposes which are required by law:
          • In response to requests by government or law enforcement authorities conducting an investigation.

         

        WITHDRAWING CONSENT OR OTHERWISE OBJECTING TO DIRECT MARKETING

        Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.

         

        INFORMATION SHARING AND DISCLOSURE

        ICF may send your personal data to third parties when:

        • ICF has your consent to share the information.
        • ICF needs to share your information to provide the product or service you have requested.
        • ICF needs to send the information to third parties who work on behalf of ICF to provide a product or service to you (unless otherwise stated, these third parties do not have any rights to use the personal data ICF provides to them beyond what is necessary to provide a product or service to you).
        • Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws; or
        • ICF finds that your actions on the website violate any ICF's guidelines or rules applicable to specific services.

        Your information is transferred and hosted outside the European Economic Area, i.e. in Switzerland, a country which offers an adequate level of data protection according to the European Commission.

         

        TRANSFER OF PERSONAL DATA ABROAD

        We may transfer your data to third parties (contracted service providers) based abroad for the purposes of the data processing described in this Privacy Policy.

        Such third party companies are obliged to protect the privacy of individuals to the same extent as we do. If the level of data protection in a country does not correspond to the Swiss or EU standard, we contractually ensure that the protection of your personal data corresponds to that in Switzerland or the EU at all times. To this end, we agree on the EU standard contractual clauses with our partners and implement additional technical and organisational measures if necessary.

        Certain third-party providers mentioned in this Privacy Policy are based in the USA (see in particular the chapter on social media plugins below). For the sake of completeness, we would like to point out to users who are resident or domiciled in Switzerland or the EU that there are US authority surveillance measures in place in the USA which generally allow the storage of all personal data of all persons whose

        data has been transferred from Switzerland or the EU to the USA. This is done without any differentiation, limitation or exception based on the objective pursued and without any objective criterion that would make it possible to limit the access of the US authorities to the data and their subsequent use to specific, strictly limited purposes that are capable of justifying the intrusion associated with both the access to and the use of this data. Furthermore, we would like to point out that in the USA, data subjects from Switzerland or the EU do not have any legal remedies that allow them to obtain access to the data concerning them and to obtain their correction or deletion, and that there is no effective judicial legal protection against general access rights of US authorities. We explicitly draw the attention of data subjects to this legal and factual situation so that they can make an appropriately informed decision to consent to the use of their data.

        We would like to point out to users who are residents in Switzerland or a Member State of the EU that the USA does not have a sufficient level of data protection from the point of view of the European Union and Switzerland – among other things due to the issues mentioned in this section.

         

        INFORMATION COLLECTION FROM THE WEBSITE

        ICF automatically receives and records information on our server logs from your browser including your Internet Protocol address (IP address), which identifies your device, ICF's cookies (or similar) information and the page you requested.

        ICF collects personal data when you register for certain sections of the website, when you use or buy certain products or services on the website and when you enter promotions, sweepstakes or similar services sponsored by ICF or its business partners.

         

        COOKIES AND SIMILAR TECHNOLOGIES

        When you access our website, we collect information using cookies and tracking tools. Cookies are information files that your web browser automatically stores on the hard drive of your terminal device when you visit our websites. Cookies do not damage the memory of your terminal device, nor do they transmit the users’ personal data to us.

        Among many other aspects, cookies help to make your visit to our websites easier, more pleasant and more meaningful.

        Most internet browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your end device or so that a message always appears when you receive a new cookie.

        Please note that disabling cookies may prevent you from using all features of our website.

        International Olympic Committee Widgets

        NameCookiesCookies purpose in detailCategory
        IOC Behavioural Data Trackerdl_anonymous_idhis cookie is used by the IOC to identify the user so that user actions on the site may be collected and used by the IOC to build a holistic view (profile) of the user, thereby contributing to a data model. This enables us to improve marketing efforts on the Olympics digital properties. Particularly, data derived from this cookie is used by the International Olympic Committee (“IOC”) to build a profile of you and your interests, to build campaign audiences that include you or people who share a similar profile to you, and to deliver relevant advertising and other content to those audiences on IOC digital platforms as well as sites and apps owned by other organisations. For more information on how the IOC processes personal data, please see https://olympics.com/en/privacy-policyMarketing and Advertising
        IOC Behavioural Data Trackerdl_anonymous_id PerfThis cookie is used by the International Olympic Committee (“IOC”) to measure this platform’s traffic, and to better understand how Olympics-related content is being consumed by the platform’s visitors. For more information on how the IOC processes personal data, please see https://olympics.com/en/privacy-policyPerformance and Analytics
        IOC Behavioural Data Trackerdl_user_idThis cookie is used by the IOC to identify the user so that user actions on the site may be collected and used by the IOC to build a holistic view (profile) of the user, thereby contributing to a data model. This enables us to improve marketing efforts on the Olympics digital properties. Particularly, data derived from this cookie is used by the International Olympic Committee (“IOC”) to build a profile of you and your interests, to build campaign audiences that include you or people who share a similar profile to you, and to deliver relevant advertising and other content to those audiences on IOC digital platforms as well as sites and apps owned by other organisations. For more information on how the IOC processes personal data, please see https://olympics.com/en/privacy-policyMarketing and Advertising
        IOC Behavioural Data Trackerdl_user_id PerfThis cookie is used by the International Olympic Committee (“IOC”) to measure traffic on this platform, and to better understand how Olympics-related content, goods and services are being consumed by the platform’s visitors. For more information on how the IOC processes personal data, please see https://olympics.com/en/privacy-policyPerformance and Analytics
        Akamai CDNak_bmsc, bm_mi, bm_svThis strictly essential technology and cookie is required for the operating of the OCS Widget. This cookie is used by the IOC in order to ensure the delivery of the content (and the Olympic Family Widget), ensure traffic performance and troubleshooting. IP Cookie is collected and automatically deleted after 90 days.Strictly Essential

         

         

        SOCIAL MEDIA PLUGINS

        We have integrated social media plugins of various social networks on our website. These social media plugins may be, for example, the “Like button” or other functionalities, e.g. sharing content of the websites on social networks. You can recognise the social media plugins by the logos of the social networks concerned.

        To ensure data protection on our websites, we only use these plugins together with the so-called “Shariff” solution. This application prevents the plugins integrated on our website from transmitting data to the respective provider the first time you enter the sites.

        Only when you activate the respective plugin by clicking on the associated button (consent) is a direct connection to the provider’s server established. As soon as you activate the plugin, the respective provider receives the information that you have visited our website with your IP address. If you are logged in to your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to our website to your user account. If you want to prevent this, you should log out before clicking on the plugin. An assignment is made in any case when you log in to the respective network after clicking on the plugin.

        Activating the plugin constitutes a form of consent. You can revoke this consent at any time with effect in the future.

        We have integrated plugins from the following social networks into our website:

        • Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA
        • YouTube LLC. 901 Cherry Ave. San Bruno, CA 94066, USA
        • Twitter Inc. 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
        • Instagram Inc. 181 Fremont St San Francisco, CA 94105, USA
        • TikTok Inc. 5800 Bristol Pkwy Culver City, CA 90230 United States

         

        NEWSLETTER

        By registering for our newsletter on our website, you give us your consent to process the personal data provided within the meaning of Art. 6 para. 1 lit. a GDPR for marketing purposes, such as sending emails with advertising or marketing content (newsletter), invitations and customised advertising.

        Your email address will be used for promotional and marketing purposes until you withdraw your consent. You can withdraw your consent at any time and unsubscribe from all marketing activities at any time by contacting us (or by unsubscribing via the unsubscribe link at the end of each newsletter or other communication.

         

        CHILDREN'S PRIVACY

        ICF does not knowingly collect personal data from children under the age of 16. ICF does not take specific steps to protect the privacy of children who disclose their personal data to ICF.

         

        CENTRAL STORAGE OF DATA

        We store the personal data affected by and mentioned in this data privacy policy in a centralised electronic data processing system. For this purpose, for the data entered in Sports Data Platform (SDP) we work with the Azure SQL Database, software platform of Microsoft and the servers of the cloud storage where the data is stored are located in The Netherlands.

         

        DATA SECURITY

        We use appropriate technical and organisational security measures to protect personal data from loss, misuse or alteration. Nevertheless, it is not possible to guarantee the absolute security of personal data. In this context, please also note that data transmitted over an open network such as the Internet

        or an e-mail service is openly accessible. We cannot guarantee the confidentiality of messages or content shared over these networks. If you share personal data over an open network, you should be aware that third parties may access this data and collect and use it for their own purposes.

        We also take internal data protection very seriously. Our employees and the service companies commissioned by us are obliged to maintain confidentiality and to comply with the provisions of data protection law.

         

        YOUR RIGHTS

        You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured machine-readable format, and to ask us to share (port) this data to another controller.

        In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

        These rights may be limited, for example, if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the GDPR and applicable local data protection legislation. We will inform you of relevant exemptions we rely upon when responding to any request you make.

        To exercise any of these rights, or to obtain other information, such as a copy of a legitimate interests balancing test, you can get in touch with us – or our data protection officer – using the details set out below. If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred.

         

        RETENTION PERIODS

        We only retain personal data for as long as necessary to provide you with services that you have requested or for purposes to which you have given your consent.

        Please note that special statutory retention periods may apply to certain data. We must store this data until the end of the retention period. Accordingly, business communications or concluded contracts, for example, must be stored for up to 10 years. We block access to such data in our system and use it exclusively to fulfil our legal obligations.

         

        QUESTIONS OR SUGGESTIONS & DATA CONTROLLER

        We hope that we can satisfy any queries you may have about the way we process your data. If you have any concerns about how we process your data, you can get in touch at info@canoeicf.com or by writing to ICF, Maison du Sport International, Av. de Rhodanie 54, 1007 Lausanne, Switzerland.

         

        Date: June 2023

        Download the PDF copy