UTMB WORLD SERIES PRIVACY NOTICE

UTMB® World Series is a set of international trail running events hosted around the world for star and amateur athletes. UTMB World Series events may be hosted directly by SAS UTMB Group or its subsidiaries (collectively “UTMB Group”), World Triathlon Corporation and its subsidiaries (collectively, “IRONMAN"), or by UTMB Group’s third party licensees. References to “we,” “us,” or “our” refer to UTMB Group.

UTMB Group is dedicated to protect your privacy and your personal data. In such, we value each one of our existing and potential athletes and aim to maintain appropriate protection of your personal data (“Data”).

The present Privacy Notice has been thought so as to comply with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”). This regulation was drafted and passed by the European Union (EU) and imposes obligations about privacy and security data law onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018.

According to article 2 of the GDRP, personal data means any information relating to identified or identifiable natural person. An identifiable naturel person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This Privacy Notice describes our processing of personal information (i) obtained through the UTMB World Series website, https://utmb.world; (ii) collected in relation to UTMB World Series events hosted directly by the UTMB Group, and (iii) received from third parties or IRONMAN in relation to the UTMB World Series. UTMB Group may share personal information subject to this Privacy Notice with IRONMAN or with third party hosts of UTMB World Series events in accordance with this Privacy Notice and applicable law. This Privacy Notice does not govern how third parties, including independent hosts of UTMB World Series events and IRONMAN, process your personal information.

This Notice explains how the UTMB GROUP collects and processes your Data when you use utmb.world website (the “Website”) and all UTMB related sites, applications and other medias (the “Sub-sites”) (collectively named “Websites”).

List of the Sub-sites concerned:

• xxx.utmb.world
• accounts.utmb.world
• in.register-utmb.world/xxx
• endurancecui.active.com/new/events/xxx
• shop.utmb.world
• eushop.utmb.world
• live.utmb.world

By purchasing a product, including merchandise, or otherwise accessing, visiting or using the Websites, you acknowledge your understanding of this Privacy Notice. If you do not agree with the contents of this Privacy Notice, you should not access, visit and/or use the Websites, or request a product.

UTMB Group has other privacy policies which may supplement or supersede this Privacy Notice, including but not limited to:

• Our California Privacy Policy, for California residents please refer on https://utmb.world/tig-privacy-policy-california.
• Our Virginia Privacy Policy, for Virginia residents https://utmb.world/tig-privacy-policy-virginia

We acquire personal information from you directly, automatically, and from other sources. We may combine information that we receive from you with information from other sources.

1. INFORMATION WE COLLECT DIRECTLY FROM YOU

You may directly provide us personal information, such as when you create an account on our Websites, register for an event, or contact us through email or social media platforms. The categories of personal information that we may collect include personal details (e.g. name, title, last name, middle name, maiden name, suffix, date of birth, nationality); biographic information (e.g. age, gender); contact details for you and your emergency contacts (e.g. phone number, email address, postal address, postcode, state/country or mobile number); identity information (e.g. passport, ID card, residence permit…); financial information; purchase data (e.g. purchase history, such as the transaction date, customer ID, transaction ID, shop ID, total quantity, delivery amount, taxes, net sales amount, number of products purchase…), including payment history for races and events; loyalty program data; your connection data (IP address); social media data; and anything else that you provide to us.

2. INFORMATION WE COLLECT AUTOMATICALLY

Certain information may be collected automatically, i.e. without your express consent, such as when you interact with our Websites, some of which may be deemed personal information. The information may include, for example, information about your device including device identifiers, , IP address, webpages visited and actions taken on webpages (See Strictly Necessary Cookies)

The following cookies may be exempt from your consent and your information will be collected automatically:

• Cookies that preserve users’ expressed choices about the deposit of trackers;
• Cookies intended for authentication to a service, including those intended to ensure the security of the authentication mechanism, for example by limiting robotic or unexpected access attempts;
• Cookies designed to keep track of the contents of a shopping basket on a shopping site or to invoice the user for the products and/or services purchased;
• Cookies for personalising the user interface (e.g. for the choice of the language), where such personalization is inherent element and an expected one for the service given;
• Cookies allowing paying sites to limit free access to a sample of content requested by users;
• Certain cookies measuring the audience on our Websites.

3. INFORMATION WE COLLECT FROM OTHER SOURCES

We may also acquire your personal information from third parties as long as your Data has been collected in compliance with the GDPR. For example, we may receive your personal information from IRONMAN or from third party hosts of World Series events, from data supplementation services, or from social media. The categories of information that we may receive include personal details (e.g. name, date of birth); biographic information (e.g. age, gender); contact details for you and your emergency contacts (e.g. phone number, email address, postal address or mobile number); financial information or purchase history, including payment history for races and events; and loyalty program data.

We may use your personal information for various purposes depending on the nature of your relationship with UTMB Group. For example, we may process personal information for the following purposes:

• Organizing and hosting events, including offering registration, pre-event communications, check-in, and post-event communications and rankings to perform our contract with you or in furtherance of our legitimate interests in pursuing our commercial activities;
• Marketing and advertising in furtherance of the legitimate interests in pursuing commercial activities or with consent where required;
• Recording or photographing events, which might include your likeness, in furtherance of our legitimate interests in memorializing our events;
• Analyzing data about individuals who interact with our offerings in furtherance of our legitimate interests in understanding the interests and demographics of people who interact with our offerings;
• Sharing the results of World Series events, including publishing results publicly, as necessary to perform our contract with you or in furtherance of legitimate interests in supporting the global endurance race ecosystem;
• Improving our operations and offerings and developing new offerings in furtherance of our legitimate interests of pursuing our commercial activities;
• Providing our Running Stones program as necessary to perform our contract with you or, where required, based on your consent;
• Supporting event participants before, during, and after an event, including to arrange for medical services where necessary or processing refunds, as necessary to perform our contract, to protect the vital interests of a natural person, or in furtherance of our legitimate interests in providing a positive customer experience;
• Communicating with individuals regarding subjects that we think may be of interest, including with respect to World Series and related events, in furtherance of the legitimate interests in promoting content of interest or with consent where required;
• Seeking sponsorship for events in furtherance of our legitimate interests of pursuing our commercial activities;
• Complying with applicable legal requirements.
• Processing purchases -- including initiating payment processes, shipping products, coordinating with participating partners to ship products, and managing returns and reimbursements -- initiated via shop.utmb.world to perform our contract with you or in furtherance of our legitimate interests in pursuing our commercial activities

We will also use personal information for any other purposes that are necessary to fulfil our contract with you or that are agreed upon with you and where we determine in good faith that it is reasonably necessary to protect, restore, or preserve the rights, property, health, safety, or vital interests of any person or to prevent, investigate, or prosecute illegal conduct.

Where we rely on your consent to process your personal information, you may withdraw your consent by clicking on the Cookies Management tab on our Websites.. We may also use your information to prepare anonymous, deidentified, or aggregate information.

To the extent permitted by the law and in regards to the protection of your rights and freedom with respect in the processing of your Data and the consent you have given, we may share each of the categories of personal information described above with the following third parties:

• Our affiliates: We may provide your personal information with affiliated corporate entities for the purposes described in this Privacy Notice.
• IRONMAN: As mentioned above, we may provide your personal information to IRONMAN. IRONMAN will use that information as described in its Privacy Policy.
• Service providers and professional advisors: We may share your personal information with our service providers such as data storage providers, digital service tool providers, email messaging providers and more generally in relation to IT maintenance, and entities that conduct marketing on our behalf.
• Business partners: We may share your personal information with business partners such as those who host UTMB World Series events or provide related services.
• When required to do so by law.
• Where reasonably necessary for the rights, safety, or vital interests of us, you, or a third party.
• In the context of a corporate transaction.
• At your direction or with your consent.
• In the event of a merger or sale, your Data will permanently be transferred to the successor company.

You may have certain rights regarding our processing of your personal information. These rights may include rights to:

• give your consent on whether we process your personal information;
• access your personal information, including potentially in a portable format;
• receive information about our processing of your personal information as well as receive the data you have provided to us
• rectify, correct, or supplement the information we hold about you;
• delete, block, or anonymize your personal information;
• withdraw your consent at any time, without affecting the legality of the previous processing and transfer to your Data to third parties;
• opt out of certain disclosures of your personal information to third parties;
• opt out of certain profiling activities
• restrict or limit our use of your personal information;
• object to our use of your personal information;
• not be unlawfully discriminated against for exercising your rights;
• lodge a complaint with your local data protection authority.

If you are a French resident, you have the right to determine what happens to your data after your death.

These rights may be limited or denied in some circumstances within the scope of the article 23 of the GDPR. For example, we may retain your personal information where required or permitted by law even if we receive a request to delete.

You may refer to the section CONTACT DETAILS to exercise your rights or, where permitted by law, to appeal how we have handled your request.

Your consent to process your personal information will be saved for a period of 6 months.

We will keep your Data for the period during which it is necessary to fulfil the aforementioned purposes, and with regard to the data used in the context of UTMB World Series events marketing communications if you have consented to it, for a maximum period of 3 years after your last interaction with us.

At the end of these periods, your Data will, if necessary, be archived for a period not exceeding the legal limitation periods or the applicable archiving obligations or for the duration of the proceedings in the event of litigation. Once these deadlines have expired, we will destroy the Data.

We and our third-party partners automatically collect certain types of usage information when you visit our Websites, apps or social networking pages, when you read our e-mails, or when you otherwise engage with us. Cookies, flash objects, web beacons, file information and similar technologies (“Cookies”) are used to distinguish you from other users of our Websites and other digital offerings. You can usually change the settings of your browser to modify the permissions you give to us and third parties for the storing of and gaining access to cookies on your device.

Cookies are pieces of code that allow for personalization of our Website experience by saving some of your personal data, such as user ID and preferences. A cookie is a small data file that is transferred to your device's hard disk (such as your computer or smartphone) for record-keeping purposes. Cookies and similar technologies do lots of different jobs, like helping us understand how our Websites are being used, letting you navigate between pages efficiently, remembering your preferences and language settings and generally improving your browsing experience. Cookies can also help us to ensure that marketing you see online is more relevant to you and your interests.

The types of Cookies used on our Websites can generally be put into one of the following categories: strictly necessary; analytics; functionality; advertising; and social media.

• Strictly Necessary: These Cookies are essential to make our Websites work. They enable you to move around the Websites and use their features. Without these Cookies, services that are necessary for you to fully use our Websites may not be available. We do not provide you with the ability to disable strictly necessary Cookies. Blocking these Cookies through your browser may impair the functionality of our Websites.

• Functionality Cookies: These Cookies allow us to remember choices you make and tailor our Websites to provide enhanced features and content to you. For example, these Cookies can be used to remember your username, language choice or country selection, and they can also be used to remember changes you have made. We may ask for your consent to deploy these cookies, where required by law.

• Analytics Cookies: These Cookies collect information about how people are using our Websites, for example which pages are visited the most often, how people are moving from one link to another and if a user experiences error messages on certain pages. All information these Cookies collect is grouped together with information from other people's use of our Websites. Overall, these Cookies provide us with analytical information about how our Websites is performing and additional information on the users of our Services. We may ask for your consent to deploy these cookies, where required by law.

• Advertising Cookies: These Cookies are used to deliver advertisements that are more relevant to you and your interests. We may ask for your consent to deploy these cookies, where required by law.

• Social Media Cookies: In order to enhance your internet experience and to make the sharing of content easier, some of the pages on our Websites may contain tools or applications that are linked to third-party social media service providers such as Facebook or Twitter. Through these tools or applications, the social media service provider may set its own Cookies on your device. We do not control these Cookies and you should check the social media service provider's website for further details about how they use Cookies. We may ask for your consent to deploy these cookies, where required by law.

If you enter our Websites or apps via a mobile device with activated location-based services, we may collect information about your current location as well as the kind of mobile device in use. Most of the mobile devices provide the possibility to disconnect from location-based services or to deactivate those.

If you would prefer not to accept Cookies, browsers will allow you to (i) change your browser settings to notify you when you receive a Cookie, which lets you choose whether or not to accept it; (ii) disable existing Cookies; or (iii) set your browser to automatically reject Cookies. Please note that doing so may negatively impact your experience using our Websites and apps, as some features and services on our Websites and apps may not work properly. Depending on your mobile device and operating system, you may not be able to delete or block all Cookies. Your Cookie settings can typically be adjusted in the "options" or "preferences" menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the "Help" option in your browser for more details.

• Cookie settings in Internet Explorer

• Cookie settings in Firefox

• Cookie settings in Chrome

• Cookie settings in Safari web and iOS

We also use clear gifs in HTML-based e-mails sent to our newsletter subscribers to track which e-mails are opened and which links are clicked by them. The information allows for more accurate reporting and improvement of our Services. You can set your e-mail options to prevent the automatic downloading of images that may contain these technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it.

In order to obtain your consent, you will have to expressly consent to the deposit of cookies by a clear positive act from you. Thus, you will have to click on ‘I accept’ in the cookie banner you will find once you enter on the Websites.

If you do not consent, no non-essential cookies will be placed on your device.

If you refuse, no non-essential cookies will be placed on your device.

On the same banner, you will have the choice on the types of cookies to be applied (analytics, functionality, analytics, advertising and social media cookies).
You can also choose to opt out of the collection of information about your online activities over time and across third-party Websites for online interest-based advertising purposes by participating organizations through industry opt out tools.

If you want to place an "opt-out" cookie on your device indicating that you do not want to receive interest-based advertisements click here and follow the advices. The effectiveness of the industry tool might be limited if your browser is configured to block third party cookies.

Opt-out cookies only work on the internet browser and device they are downloaded onto. Please note that when you "opt-out" of receiving interest-based advertisements, this does not mean you will no longer see advertisements from us or on the Services. It means that the online ads that you do see should not be based on your interests. We are not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs. In addition, third parties may still use cookies to collect information about your use of the Services, including for analytics and fraud prevention

To limit interest-based advertising on your mobile device, you can review and adjust the settings provided by your device manufacturer, such as “Limit Ad Tracking” for iOS or “Opt-out of interest-based ads” for Android.

We have implemented reasonable technical and organizational security to protect personal information. However, no information shared online can be guaranteed 100% safe at all times. We will retain personal information as reasonably necessary to fulfil the purposes for which it we collected it, including for any legal requirements.

Your personal information may be processed in servers and databases located outside of the jurisdiction in which you reside and where the privacy laws may not be as protective as your jurisdiction of residence. Where legally required we have put in place appropriate safeguards (such as contractual commitments) to protect your data. We rely on the European Union’s standard contractual clauses to send data that is subject to the EU General Data Protection Regulation to a recipient located in a country that is not deemed to provide “adequate” safeguards to that information.

You can contact our data protection officer at the following contact details if you have queries or complaints regarding the way in which your personal information has been used and generally to exercise your rights :

• By post, to the following address: DPO UTMB SAS UTMB 31 rue du Lyret 74400 Chamonix France

• By sending an email to the following address: dpo@utmb.world. Any request for access, modification or deletion of personal data will be processed as soon as possible after receipt of the request, within a maximum period of 1 month.

You are reminded that we may, in accordance with the regulations, be required to refuse to grant certain requests concerning some of these rights (in particular the right of erasure), for legitimate reasons such as the need to defend legal claims or the requirements of a legal obligation to retain certain data.

If you have any unresolved issues, you may lodge a complaint with the competent supervisory authority, which is, in France, the National Data Protection Authority (CNIL).

We also inform you that if you are a French consumer, you can register on the Bloctel cold calling opposition list.

In addition, if you wish to assert your rights with the recipients of your data as listed in paragraph 3, it is your responsibility to contact them in accordance with the procedures indicated in their privacy policies.

We may update this Privacy Notice from time to time. The updated Privacy Notice will be available on each of the Websites. We invite you to regularly consult our Privacy Notice, the date of the last online publication of which will appear at the top of this document. Your continued use of our Websites constitutes acceptance to the updated Privacy Notice.

Privacy protection is very important to us and we are committed to protecting and respecting your privacy. This privacy policy sets out information about how we collect, store, process, transfer and use data that identifies you or makes you identifiable as a natural person (hereinafter “personal data“).

1. Who is data controller of your personal data?

OSM (OCHOA SPORTS MAGANEMENT S.A. de C.V.) and UTMB International are the data controller for PUERTO VALLARTA MÉXICO by UTMB® event. We are responsible for, and control, the processing of your personal data.

If you wish to contact us, if you have any questions or concerns about our Privacy Policy or if you want to exercise your rights, please send an email to ablanco@grupoochoa.com.mx

2. What personal data do we collect?

In the context of rendering our Services, we may collect personal data about you. This personal data regularly includes the following:

• If you register for an Event. Username, password, name, nationality, email address, phone number, address, birth date, gender, emergency contact information, registration number, club affiliation and other information you provide during registration. We may add the age category (automatically calculated) and Performance Index.

Registrations and bank details

When paying for registrations, no bank details relating to the client are kept by UTMB International or its service provider for the management of registrations. Only a bank reference is kept (used to make refunds if necessary). https://www.activenetwork.com/information/privacy-policy

Within the framework of the DSP2 regulations, the following data are transmitted to the bank service provider: surname, first name, email address and postal address.

The bank data and its associated processing are then governed by the privacy policy of the bank provider.

• If you contact us via our website, email, phone or mail. We may collect your name, email address, phone number, and other information you provide.

-** If you subscribe to our newsletter.** Name, email address, marketing campaign information such as your reaction to our marketing and your interest in our Services.

• If you merely use our website. IP address, network file system, access times, domain name, browser data, browser type and language, device type, device ID, Uniform Resource Locators (URL), operating system, language preferences, information on your usage of our websites and online activities.
• Information we collect during your participation of our Event. Information on your performance, such as your starting number, your place in the rankings, your time in each checkpoint and your forecast time in the next check point and other information in the context of your ranking and any other information you provide us during the Event.
• Information we collect from social networks. When you interact with our Services through various social media, such as when you login through Facebook or when you follow or share our content on Facebook, Twitter, Instagram or other sites, we may receive information from those social networks including your profile information, picture, user ID associated with your social media account, friends list, and any other information you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings.

3. How do we collect your personal data?

Personal data is collected in many ways and may include:

• Personal data you provide to us: Most of the personal data we receive comes to us voluntarily from our users in the course of using our Services, such as when visiting our website, registering and participating in our Events or communicating with us.

You are free to choose which information you want to provide to us or whether you want to provide us with personal data at all. However, some information, such as information requested in the registration procedure and information collected during the Event may be necessary for the performance of our contractual obligations in the context of your Event participation. Without providing this data, you will not be able to enter into a contract with us, such as registering for our Events.

• Personal data collected via technology: As you use our websites, we may collect information through the use of cookies. Please see Section 9 for more information.

• Personal data we receive from others: We may receive personal data about users from third parties such as our Registration Partners, social media sites, Marketing Partners (as defined below) and law enforcement agencies.

4. Why and on which legal basis do we collect and use your personal data?

The reasons for using your personal data may differ depending on the purpose of the collection. Regularly we use your data for the following purposes and on the following legal grounds:

• We use your personal data in order to perform our contractual services or for the preparation of entering into a contract with you. If you register for our Events or if you contact us to register for our Events, we use your data to conduct our Events and make your participation in our Events possible. Information we use includes: information we need to contact you or otherwise communicate with you, e.g. to send you administrative information, registration and Event information to process your Event registration and participation; information for payments processing; information to respond to your comments and questions and provide customer service; if you are a registered user: information to manage and create your account.

• We use your personal data if justified by our legitimate interests. The usage of your personal data may also be necessary for our own business interests. For example, we may use some of your personal data to evaluate and review our Events and overall business performance, create financial statements, understand you and your preferences to enhance and individualize your experience and enjoyment of our Services, improve our Services, and identify potential cyber security threats. If necessary, we may also use your personal data to pursue or defend ourselves against legal claims. We may use your personal data to provide you with individualized marketing. For instance, we deliver targeted advertising messages to you on our websites and elsewhere on the Internet. If you have participated in our Events before, we may use your email address to provide you with information on similar events.

• We use your personal data after obtaining your consent. In some cases, we may ask you to grant us separate consent to use your personal data. You are free to deny your consent and the denial will have no negative consequences for you. You are free to withdraw your consent at any time with effect for the future. If you have granted us consent to use your personal data, we will use it only for the purposes specified in the consent form.

This also includes our marketing campaigns. If you sign up to our email newsletter or when providing us with your email address allow us to use this email address for email marketing, we will use your personal data in our email marketing campaigns. You may unsubscribe from our email newsletter at any time by using the link contained in every e-mail we send. You may also contact us via email, phone or mail at the addresses provided at the beginning of this document to request that we remove you from our email list.

• We use your personal data to comply with legal obligations. We are obligated to retain certain data because of legal requirements, for example, tax or commercial laws or we may be required by law enforcement to provide personal data on request.

We will only use your personal data for the purposes for which we have collected them. We will not use your personal data for other purposes. We do not use your personal data for automated individual decision-making.

5. With whom do we share your personal data?

As required in accordance with how we use it, we will share your personal data with the following third parties:

Service providers and advisors: Third party vendors and other service providers that perform services for us and on our behalf, which may include marketing campaign services, providing mailing or email services, tax and accounting services, services related to the registration and organization of our Events, payment processing, data enhancement services, fraud prevention, web hosting, or providing analytic services. These third parties include: the companies in charge of printing the race bib, the people in charge of the safety of the race (doctors, first-aiders…), Athletes for Transparency Agency (Quartz Program), commercial partners for animations, timing and race follow up company, UTMB Group (overall organizer of UTMB World Series)… Any such service providers will by appropriate data processing agreements be bound to only process the data on our behalf and under our instructions.

Special case of Personal Data & Health: In the course of the registration, you will be asked to create an health space to fill in your health profile. You will be asked voluntarily to add some medical information that could be usefil if we have to rescue you during the race. This information is regulated by our partner’s privacy policy (https://www.quartzprogram.org/fr/accueil/)

The data processing is intended to:

• Recording, before the start of the PUERTO VALLARTA MÉXICO by UTMB the race and civil status information (bib number, first name, surname, gender, date of birth, email, postal address, phone number, emergency contact, etc.) of the participants in order to speed up their care if necessary (this does not apply to spectators). This data is provided to LOGEVER HEALTHCARE by DOKEVER.
• To collect, on a voluntary basis, the medical history of the persons attending the races of the PUERTO VALLARTA MÉXICO by UTMB . The questions asked concern allergies, hospitalizations, past or chronic illnesses, chronic treatments, as well as recent signs of contagiousness. For this purpose, your e-mail address will be shared with the logicoss.com platform, which will send you a maximum of 2 e-mails (initial e-mail and follow-up if necessary), in order to invite you to answer an online health questionnaire (more information on https://www.logicoss.com/care/).
• Assess the individual and collective health risk induced by the presence of each person at the Event. o Before the Event, it allows to evaluate the risk of epidemic propagation. o During or after the event, it allows to follow with more attention the most fragile persons.
• To know the medical history of the persons taken in charge, in order to improve the treatment in particular for the most serious accidents and faintings.
• To ensure traceability of the care given to each patient, which is a medico-legal obligation.
• Centralize data, in order to create and calculate anonymized statistical analyses. These analyses can be used for research and development purposes. In particular, they aim to better understand the cause of an accident or illness. The ultimate goal is to improve the safety and quality of health care on the Event. All research projects based on data collected on the Logicoss platform are and will remain available for consultation in the coming years on the https://www.logicoss.com/recherche/ Only projects based on
• coded and/or pseudonymized Data will be conducted. Any processing of Data requiring the removal of anonymization on the part of the Data Controller may only be carried out after having obtained a Declaration of Consent concerning access to the medical file, signed by the patient.

All the health data collected will be available only to a) the medical director of the event b) the caregivers who will examine you during the event, in compliance with professional and medical confidentiality.

The Personal Data are deposited to the Claranet company, holder of the Health Data Host Certification (HDS), in accordance with the provisions of Article L.1111-8 of the Public Health Code.

Pursuant to Articles 15 and following of the GDPR, each person has the right to object to the deposit of his or her data with this certified host, subject to the expression of a legitimate reason. Similarly, each person has the right to access and rectify information concerning him or her.

Any person wishing to exercise these rights of access, rectification, or opposition to the deposit of his data with this host, is requested to address his/her request by post mail to Mr. the Data Protection Officer. Société DOKEVER, 109 boulevard de l’Europe, 69310 PIERRE BENITE, FRANCE. An answer will be given to you within the legal deadlines (European citizen: 8 days to 60 days; Canadian citizen: 30 days to 60 days).

As a last resort, any person having difficulties in exercising their rights may also contact medecin.hebergeur@fr.clara.net, mentioning in the subject line:

"rights relating to personal data, logicoss application edited by logever healthcare".

• Marketing Partners. Provided you have granted your consent, we may disclose your personal data to our third-party sponsors and marketing partners (collectively, “Marketing Partners“) to allow them to market their products or services to you, and measure the effectiveness of their marketing campaigns, promotions, endorsements and sponsorships or for other marketing purposes.
• Event Photographers. If you participate in our Events and have given us consent to do so, we will disclose your bib number, name, email address and phone number to the Event photographer, who may contact you with photos from the attended Event.
• Purchasers and third parties in connection with a business transaction: Personal data may be disclosed to third parties in connection with a transaction, such as a merger, sale of our assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business, or in the event of a bankruptcy or similar proceedings.
• Law enforcement, regulators and other parties for legal reasons: Third parties as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our legal claims or to protect the security or integrity of our Services; and/or (c) to exercise or protect the rights, property, or personal safety of UTMB International, our athletes, visitors, or others.
• The public: The official rankings and information justifying the ranking will be disclosed the visitors of our event and on our website. Further a Tracking function can allow public users the (estimated) location of an athlete during a race. If you rent a GPS device, your location will be displayed on our website.

6. How long do we keep your data?

We will store personal data for as long as necessary to fulfil the purposes for which we collect the data, in accordance with our legal obligations and legitimate business interests. Afterwards, or at the end of the statutory retention times, the personal information will be deleted. For example, national commercial or financial codes may require to retain certain information for up to 10 years.

7. How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal data when you use our Service. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose personal data may have been compromised and take other steps, in accordance with any applicable laws and regulations.

8. How do we safeguard your personal data when there is an international transfer?

In certain cases, we transfer personal data to countries outside the European Union or the European Economic Area. This may mean that your personal data will be stored in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal data than the jurisdiction you are typically a resident in.

For this reason, we have entered into guarantees to ensure appropriate safeguards. If we transfer information from the European Union to third parties outside the European Union and to countries not subject to schemes which are considered as providing an adequate data protection standard, we will enter into contracts which are based on the EU Standard Contractual Clauses with these parties.

If you wish to inquire further about the safeguards we use, please contact us using the details set out at the beginning of this Privacy Policy.

We will take reasonable steps to ensure that your personal data is treated securely and in accordance with applicable law and this Privacy Policy.

9. Cookies and Similar Technologies

The Services uses cookies, flash objects, web beacons, file information and similar technology similar technologies to distinguish you from other users of the Services. This helps us to provide you with a good experience when you browse the Services and also allows us to improve the Services.

Cookies are pieces of code that allow for personalization of the Services experience by saving your data such as user ID and other preferences. A cookie is a small data file that we transfer to your device’s hard disk (such as your computer or smartphone) for record-keeping purposes.

We use the following types of cookies: Strictly necessary cookies. These are cookies that are required for the essential operation of the Services such as to authenticate users and prevent fraudulent use. Analytical/performance cookies. These allow us to recognize and count the number of visitors and to see how visitors move around the Services when they are using it. This helps us to improve the way the Services works, for example, by ensuring that users are finding what they are looking for easily. Functionality cookies. These are used to recognize you when you return to the Services. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region). Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it, and the marketing messages we send to you more relevant to your interests. We may also share this data with third parties who provide a service to us for this purpose. Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you click on an advertisement or link on our website. These third parties are responsible for setting out their own cookie and privacy policies.

How to manage cookies? The cookies we use are designed to help you get the most from the Services but if you do not wish to receive cookies, most browsers allow you to change your cookie settings. Please note that if you choose to refuse cookies you may not be able to use the full functionality of the Services. These settings will typically be found in the “options” or “preferences” menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the “Help” option in your browser for more details.

• Cookie settings in Internet Explorer
• Cookie settings in Firefox
• Cookie settings in Chrome
• Cookie settings in Safari web and iOS

We also use clear gifs in HTML-based emails sent to our Customers to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of our Service. You can set your e-mail options to prevent the automatic downloading of images that may contain these technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it.

If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org or the Network Advertising Initiative’s online sources at www.networkadvertising.org.

10. What rights and choices do you have?

We want you to understand your rights and choices regarding how we may use your personal data. Depending on how you use your data, these rights and choices may include the following:

• Individual Rights. You have specific rights under applicable privacy law in respect to your personal data that we hold, including a right of access and erasure and a right to prevent certain processing activities.

If you are a resident in the European Union, you have the following rights in respect to your personal data that we hold:

• Right of access. The right to obtain access to your personal data.
• Right to rectification. The right to obtain rectification of your personal data without undue delay where that personal data is inaccurate or incomplete.
• Right to erasure. The right to obtain the erasure of your personal data without undue delay in certain circumstances, such as where the personal data is no longer necessary in relation to the purposes for which it was collected or processed.
• Right to restriction. The right to obtain restriction of the processing undertaken by us on your personal data in certain circumstances, such as, where the accuracy of the personal data is contested by you, for a period of time enabling us to verify the accuracy of that personal data.
• Right to portability. The right to portability allows you to move, copy or transfer personal data easily from one organization to another.
• RIGHT TO OBJECT. YOU HAVE A RIGHT TO OBJECT TO ANY PROCESSING BASED ON OUR LEGITIMATE INTERESTS WHERE THERE ARE GROUNDS RELATING TO YOUR PARTICULAR SITUATION. YOU CAN OBJECT TO MARKETING ACTIVITIES FOR ANY REASON WHATSOEVER.

If you wish to exercise one of these rights, please contact us using the contact details below. For cookies or e-mail marketing, we provide the following easily usable option:

• Cookies Settings and Preferences. You may disable cookies and other tracking technologies through the settings in your browser.
• E-Mail Settings and Preferences. If you no longer want to receive marketing e-mails from us, you may choose to unsubscribe at any time using the link provided in every e-mail we send.