PUERTO VALLARTA MÉXICO by UTMB Data Privacy Policy
Privacy protection is very important to us and we are committed to protecting and respecting your privacy. This privacy policy sets out information about how we collect, store, process, transfer and use data that identifies you or makes you identifiable as a natural person (hereinafter “personal data“).
1. Who is data controller of your personal data?
OSM (OCHOA SPORTS MAGANEMENT S.A. de C.V.) and UTMB International are the data controller for PUERTO VALLARTA MÉXICO by UTMB® event. We are responsible for, and control, the processing of your personal data.
If you wish to contact us, if you have any questions or concerns about our Privacy Policy or if you want to exercise your rights, please send an email to ablanco@grupoochoa.com.mx
2. What personal data do we collect?
In the context of rendering our Services, we may collect personal data about you. This personal data regularly includes the following:
- If you register for an Event. Username, password, name, nationality, email address, phone number, address, birth date, gender, emergency contact information, registration number, club affiliation and other information you provide during registration. We may add the age category (automatically calculated) and Performance Index.
Registrations and bank details
When paying for registrations, no bank details relating to the client are kept by UTMB International or its service provider for the management of registrations. Only a bank reference is kept (used to make refunds if necessary). https://www.activenetwork.com/information/privacy-policy
Within the framework of the DSP2 regulations, the following data are transmitted to the bank service provider: surname, first name, email address and postal address.
The bank data and its associated processing are then governed by the privacy policy of the bank provider.
- If you contact us via our website, email, phone or mail. We may collect your name, email address, phone number, and other information you provide.
-** If you subscribe to our newsletter.** Name, email address, marketing campaign information such as your reaction to our marketing and your interest in our Services.
- If you merely use our website. IP address, network file system, access times, domain name, browser data, browser type and language, device type, device ID, Uniform Resource Locators (URL), operating system, language preferences, information on your usage of our websites and online activities.
- Information we collect during your participation of our Event. Information on your performance, such as your starting number, your place in the rankings, your time in each checkpoint and your forecast time in the next check point and other information in the context of your ranking and any other information you provide us during the Event.
- Information we collect from social networks. When you interact with our Services through various social media, such as when you login through Facebook or when you follow or share our content on Facebook, Twitter, Instagram or other sites, we may receive information from those social networks including your profile information, picture, user ID associated with your social media account, friends list, and any other information you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings.
3. How do we collect your personal data?
Personal data is collected in many ways and may include:
- Personal data you provide to us: Most of the personal data we receive comes to us voluntarily from our users in the course of using our Services, such as when visiting our website, registering and participating in our Events or communicating with us.
You are free to choose which information you want to provide to us or whether you want to provide us with personal data at all. However, some information, such as information requested in the registration procedure and information collected during the Event may be necessary for the performance of our contractual obligations in the context of your Event participation. Without providing this data, you will not be able to enter into a contract with us, such as registering for our Events.
Personal data collected via technology: As you use our websites, we may collect information through the use of cookies. Please see Section 9 for more information.
Personal data we receive from others: We may receive personal data about users from third parties such as our Registration Partners, social media sites, Marketing Partners (as defined below) and law enforcement agencies.
4. Why and on which legal basis do we collect and use your personal data?
The reasons for using your personal data may differ depending on the purpose of the collection. Regularly we use your data for the following purposes and on the following legal grounds:
We use your personal data in order to perform our contractual services or for the preparation of entering into a contract with you. If you register for our Events or if you contact us to register for our Events, we use your data to conduct our Events and make your participation in our Events possible. Information we use includes: information we need to contact you or otherwise communicate with you, e.g. to send you administrative information, registration and Event information to process your Event registration and participation; information for payments processing; information to respond to your comments and questions and provide customer service; if you are a registered user: information to manage and create your account.
We use your personal data if justified by our legitimate interests. The usage of your personal data may also be necessary for our own business interests. For example, we may use some of your personal data to evaluate and review our Events and overall business performance, create financial statements, understand you and your preferences to enhance and individualize your experience and enjoyment of our Services, improve our Services, and identify potential cyber security threats. If necessary, we may also use your personal data to pursue or defend ourselves against legal claims. We may use your personal data to provide you with individualized marketing. For instance, we deliver targeted advertising messages to you on our websites and elsewhere on the Internet. If you have participated in our Events before, we may use your email address to provide you with information on similar events.
We use your personal data after obtaining your consent. In some cases, we may ask you to grant us separate consent to use your personal data. You are free to deny your consent and the denial will have no negative consequences for you. You are free to withdraw your consent at any time with effect for the future. If you have granted us consent to use your personal data, we will use it only for the purposes specified in the consent form.
This also includes our marketing campaigns. If you sign up to our email newsletter or when providing us with your email address allow us to use this email address for email marketing, we will use your personal data in our email marketing campaigns. You may unsubscribe from our email newsletter at any time by using the link contained in every e-mail we send. You may also contact us via email, phone or mail at the addresses provided at the beginning of this document to request that we remove you from our email list.
- We use your personal data to comply with legal obligations. We are obligated to retain certain data because of legal requirements, for example, tax or commercial laws or we may be required by law enforcement to provide personal data on request.
We will only use your personal data for the purposes for which we have collected them. We will not use your personal data for other purposes. We do not use your personal data for automated individual decision-making.
5. With whom do we share your personal data?
As required in accordance with how we use it, we will share your personal data with the following third parties:
Service providers and advisors: Third party vendors and other service providers that perform services for us and on our behalf, which may include marketing campaign services, providing mailing or email services, tax and accounting services, services related to the registration and organization of our Events, payment processing, data enhancement services, fraud prevention, web hosting, or providing analytic services. These third parties include: the companies in charge of printing the race bib, the people in charge of the safety of the race (doctors, first-aiders…), Athletes for Transparency Agency (Quartz Program), commercial partners for animations, timing and race follow up company, UTMB Group (overall organizer of UTMB World Series)… Any such service providers will by appropriate data processing agreements be bound to only process the data on our behalf and under our instructions.
Special case of Personal Data & Health: In the course of the registration, you will be asked to create an health space to fill in your health profile. You will be asked voluntarily to add some medical information that could be usefil if we have to rescue you during the race. This information is regulated by our partner’s privacy policy (https://www.quartzprogram.org/fr/accueil/)
The data processing is intended to:
- Recording, before the start of the PUERTO VALLARTA MÉXICO by UTMB the race and civil status information (bib number, first name, surname, gender, date of birth, email, postal address, phone number, emergency contact, etc.) of the participants in order to speed up their care if necessary (this does not apply to spectators). This data is provided to LOGEVER HEALTHCARE by DOKEVER.
- To collect, on a voluntary basis, the medical history of the persons attending the races of the PUERTO VALLARTA MÉXICO by UTMB . The questions asked concern allergies, hospitalizations, past or chronic illnesses, chronic treatments, as well as recent signs of contagiousness. For this purpose, your e-mail address will be shared with the logicoss.com platform, which will send you a maximum of 2 e-mails (initial e-mail and follow-up if necessary), in order to invite you to answer an online health questionnaire (more information on https://www.logicoss.com/care/).
- Assess the individual and collective health risk induced by the presence of each person at the Event. o Before the Event, it allows to evaluate the risk of epidemic propagation. o During or after the event, it allows to follow with more attention the most fragile persons.
- To know the medical history of the persons taken in charge, in order to improve the treatment in particular for the most serious accidents and faintings.
- To ensure traceability of the care given to each patient, which is a medico-legal obligation.
- Centralize data, in order to create and calculate anonymized statistical analyses. These analyses can be used for research and development purposes. In particular, they aim to better understand the cause of an accident or illness. The ultimate goal is to improve the safety and quality of health care on the Event. All research projects based on data collected on the Logicoss platform are and will remain available for consultation in the coming years on the https://www.logicoss.com/recherche/ Only projects based on
- coded and/or pseudonymized Data will be conducted. Any processing of Data requiring the removal of anonymization on the part of the Data Controller may only be carried out after having obtained a Declaration of Consent concerning access to the medical file, signed by the patient.
All the health data collected will be available only to a) the medical director of the event b) the caregivers who will examine you during the event, in compliance with professional and medical confidentiality.
The Personal Data are deposited to the Claranet company, holder of the Health Data Host Certification (HDS), in accordance with the provisions of Article L.1111-8 of the Public Health Code.
Pursuant to Articles 15 and following of the GDPR, each person has the right to object to the deposit of his or her data with this certified host, subject to the expression of a legitimate reason. Similarly, each person has the right to access and rectify information concerning him or her.
Any person wishing to exercise these rights of access, rectification, or opposition to the deposit of his data with this host, is requested to address his/her request by post mail to Mr. the Data Protection Officer. Société DOKEVER, 109 boulevard de l’Europe, 69310 PIERRE BENITE, FRANCE. An answer will be given to you within the legal deadlines (European citizen: 8 days to 60 days; Canadian citizen: 30 days to 60 days).
As a last resort, any person having difficulties in exercising their rights may also contact medecin.hebergeur@fr.clara.net, mentioning in the subject line:
"rights relating to personal data, logicoss application edited by logever healthcare".
- Marketing Partners. Provided you have granted your consent, we may disclose your personal data to our third-party sponsors and marketing partners (collectively, “Marketing Partners“) to allow them to market their products or services to you, and measure the effectiveness of their marketing campaigns, promotions, endorsements and sponsorships or for other marketing purposes.
- Event Photographers. If you participate in our Events and have given us consent to do so, we will disclose your bib number, name, email address and phone number to the Event photographer, who may contact you with photos from the attended Event.
- Purchasers and third parties in connection with a business transaction: Personal data may be disclosed to third parties in connection with a transaction, such as a merger, sale of our assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business, or in the event of a bankruptcy or similar proceedings.
- Law enforcement, regulators and other parties for legal reasons: Third parties as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our legal claims or to protect the security or integrity of our Services; and/or (c) to exercise or protect the rights, property, or personal safety of UTMB International, our athletes, visitors, or others.
- The public: The official rankings and information justifying the ranking will be disclosed the visitors of our event and on our website. Further a Tracking function can allow public users the (estimated) location of an athlete during a race. If you rent a GPS device, your location will be displayed on our website.
6. How long do we keep your data?
We will store personal data for as long as necessary to fulfil the purposes for which we collect the data, in accordance with our legal obligations and legitimate business interests. Afterwards, or at the end of the statutory retention times, the personal information will be deleted. For example, national commercial or financial codes may require to retain certain information for up to 10 years.
7. How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal data when you use our Service. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose personal data may have been compromised and take other steps, in accordance with any applicable laws and regulations.
8. How do we safeguard your personal data when there is an international transfer?
In certain cases, we transfer personal data to countries outside the European Union or the European Economic Area. This may mean that your personal data will be stored in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal data than the jurisdiction you are typically a resident in.
For this reason, we have entered into guarantees to ensure appropriate safeguards. If we transfer information from the European Union to third parties outside the European Union and to countries not subject to schemes which are considered as providing an adequate data protection standard, we will enter into contracts which are based on the EU Standard Contractual Clauses with these parties.
If you wish to inquire further about the safeguards we use, please contact us using the details set out at the beginning of this Privacy Policy.
We will take reasonable steps to ensure that your personal data is treated securely and in accordance with applicable law and this Privacy Policy.
9. Cookies and Similar Technologies
The Services uses cookies, flash objects, web beacons, file information and similar technology similar technologies to distinguish you from other users of the Services. This helps us to provide you with a good experience when you browse the Services and also allows us to improve the Services.
Cookies are pieces of code that allow for personalization of the Services experience by saving your data such as user ID and other preferences. A cookie is a small data file that we transfer to your device’s hard disk (such as your computer or smartphone) for record-keeping purposes.
We use the following types of cookies: Strictly necessary cookies. These are cookies that are required for the essential operation of the Services such as to authenticate users and prevent fraudulent use. Analytical/performance cookies. These allow us to recognize and count the number of visitors and to see how visitors move around the Services when they are using it. This helps us to improve the way the Services works, for example, by ensuring that users are finding what they are looking for easily. Functionality cookies. These are used to recognize you when you return to the Services. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region). Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it, and the marketing messages we send to you more relevant to your interests. We may also share this data with third parties who provide a service to us for this purpose. Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you click on an advertisement or link on our website. These third parties are responsible for setting out their own cookie and privacy policies.
How to manage cookies? The cookies we use are designed to help you get the most from the Services but if you do not wish to receive cookies, most browsers allow you to change your cookie settings. Please note that if you choose to refuse cookies you may not be able to use the full functionality of the Services. These settings will typically be found in the “options” or “preferences” menu of your browser. In order to understand these settings, the following links may be helpful, otherwise you should use the “Help” option in your browser for more details.
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari web and iOS
We also use clear gifs in HTML-based emails sent to our Customers to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of our Service. You can set your e-mail options to prevent the automatic downloading of images that may contain these technologies that would allow us to know whether you have accessed our e-mail and performed certain functions with it.
If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org or the Network Advertising Initiative’s online sources at www.networkadvertising.org.
10. What rights and choices do you have?
We want you to understand your rights and choices regarding how we may use your personal data. Depending on how you use your data, these rights and choices may include the following:
- Individual Rights. You have specific rights under applicable privacy law in respect to your personal data that we hold, including a right of access and erasure and a right to prevent certain processing activities.
If you are a resident in the European Union, you have the following rights in respect to your personal data that we hold:
- Right of access. The right to obtain access to your personal data.
- Right to rectification. The right to obtain rectification of your personal data without undue delay where that personal data is inaccurate or incomplete.
- Right to erasure. The right to obtain the erasure of your personal data without undue delay in certain circumstances, such as where the personal data is no longer necessary in relation to the purposes for which it was collected or processed.
- Right to restriction. The right to obtain restriction of the processing undertaken by us on your personal data in certain circumstances, such as, where the accuracy of the personal data is contested by you, for a period of time enabling us to verify the accuracy of that personal data.
- Right to portability. The right to portability allows you to move, copy or transfer personal data easily from one organization to another.
- RIGHT TO OBJECT. YOU HAVE A RIGHT TO OBJECT TO ANY PROCESSING BASED ON OUR LEGITIMATE INTERESTS WHERE THERE ARE GROUNDS RELATING TO YOUR PARTICULAR SITUATION. YOU CAN OBJECT TO MARKETING ACTIVITIES FOR ANY REASON WHATSOEVER.
If you wish to exercise one of these rights, please contact us using the contact details below. For cookies or e-mail marketing, we provide the following easily usable option:
- Cookies Settings and Preferences. You may disable cookies and other tracking technologies through the settings in your browser.
- E-Mail Settings and Preferences. If you no longer want to receive marketing e-mails from us, you may choose to unsubscribe at any time using the link provided in every e-mail we send.