Sport Heroes offers a digital Service Platform aiming to encourage sport among its Users. The Platform is accessible from SPH Sites and through SPH Applications. These Services are developed by SPH on their own behalf (Running Heroes, Cycling Heroes, Swimming Heroes and United Heroes) or on behalf of third parties (“Partners”).
SPH guarantees continuity of access through all media to the Platform that we offer, both for SPH Sites and for SPH Applications. As such, SH is responsible for processing your Personal Data, its integrity, security and respect for your privacy in accordance with the Applicable Regulations.
Its contacts details are as follows:
18/20 rue du Faubourg du Temple
75011 Paris – France
SPH is committed to respecting your right to privacy and shares your concerns about the security of the data you transmit to us through the SPH Sites, SH Applications and third-party Applications. This Policy sets out the guidelines established by SPH to protect the information you provide to SPH when you visit the Platform.
As part of the provision of the Services, SPH is required to collect personal data, within the meaning of Article 4 of the RGPD, concerning Visitors as well as Users (hereinafter "Personal Data") under the conditions detailed below.
In particular, SPH may collect the following Personal Data:
- Concerning Visitors:
● Browsing data collected for the purpose of audience and traffic measurement under the conditions detailed in point 4 below relating to Cookies.
● Information constituting Personal Data voluntarily entered by the Visitor in the contact form and enabling contact to be made with SPH in order to respond to and follow up on his request.
- Concerning Users:
● The identification data provided by the User when creating his/her User Account, including in particular the surname, first name, e-mail address and password for the purposes of creating the account and managing SPH's relationship with Users, including in the context of evaluations by Users of the Services.
● Data voluntarily and optionally provided by the User on their User Account, such as gender, city and photograph, for the purpose of customizing the Services and Rewards.
● Data collected via third-party applications if the User chooses to connect them to the Platform, such as GPS and training data and navigation data collected under the conditions detailed in point 4 below relating to Cookies, in order to provide the Services to Users.
None of the data collected by SPH, nor those resulting from their processing, fall within the scope of health data as defined by the GDPR.
SPH may use this data by aggregating it in order to no longer allow the identification of the persons concerned for statistical purposes and to improve the quality of its Services.
Finally, GPS data is kept pseudo-anonymized in order to minimize as much as possible any potential impact on the privacy of Users.
SPH keeps the Personal Data of Visitors and Users only for as long as is strictly necessary for the fulfilment of the above purposes, subject to compliance with its legal and regulatory obligations. In particular, User Data is deleted immediately after a User Account is closed or after three years of inactivity.
Like most standard website servers, the Sites use log files built on the basis of Cookies. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyse trends, administer the Sites, track Visitors’ movement in the aggregate, and gather broad demographic information for aggregate use. SPH may use your IP address to identify you, to administer the Site and the Applications to assist in diagnosing problems with SPH’s server.
You can find a list of the cookies we use on our Sites and Applications below.
These cookies are strictly necessary to provide access to services via the Sites and Applications and to secure the Sites and Applications.
As these cookies are strictly necessary for the operation of the Sites, you cannot refuse them. You can block or delete them by changing your browser settings, but this may affect your browsing of the Sites.
These cookies help us to better understand how our Sites andApplications are used and help us to improve them
5.1. Transfer outside the European Union
All data is automatically backed up every 12 hours and is securely stored by MongoDB Inc. in the United States, adhering to the Privacy Shield. The Privacy Shield is a self-certification mechanism for companies based in the United States, which has been recognized by the European Commission as providing an adequate level of protection for personal data transferred by a European entity to companies based in the United States.
5.2. Transfer to third parties
A list of all third parties to whom we transfer subsets of data is attached.
In addition, in the context of certain Challenges, and subject to the User's express consent, SPH may transfer the User's contact details to the partner company in the organisation of the Challenge. This partner company may then, in accordance with the consent given by the User, contact the User again for promotional and advertising purposes.
Finally, in the context of a Partner Platform, ownership of the data is shared between SPH and the Partner concerned. They are therefore transferred to this third party.
The Sites use industry standard Transport Layer Security (TLS) technology to allow for the encryption of personal information such as your name and address. The Sites are also registered with site identification authorities so that your browser can confirm SPH’s identity before any Personal Data is sent.
Finally, the banking data collected by our online sales service providers (Stripe, Njuko) is subject to a level of security appropriate to the risk associated with the processing of these data. SPH only stores an identifier specific to our online sales service providers (Stripe, Njuko) and does no thave unencrypted access to these data.
To help ensure that these measures are effective in preventing unauthorized access to your private information, we invite you to familiarise yourself with the security features available to you through your browser. You should use a security-enabled browser to submit your personal information at the Sites. Please note: if you do not use an SSL-capable browser, you are at risk of having data intercepted by unauthorised third parties. SH will not be responsible for any compromise of data that is intercepted due to your use of an unsecured browser. Most browsers have the ability to notify you if you change between secure and insecure communications, receive invalid site identification information for the site you are communicating with, or send information over an unsecured connection. SH recommends that you enable these browser functions to help ensure that your communications are secure. You can also monitor the URL of the site you are visiting (secure URLs begin with https:// rather than the normal http://), along with the security symbol of your browser (a green or red padlock in GoogleChrome for example) to help identify when you are communicating with a secure server. You can also view the details of the security certificate of the site to which you are connected. SPH encourages you to use this to check the validity of any site you connect to using secure communications.
Yes. If you no longer wish to receive emails from SPH, please:
• follow the unsubscribe instructions available in every e-mail; or
• send an email to: email@example.com
If you do so, SPH will not provide or share its mailing lists or other information about you with any other company or service for promotional purposes.
In accordance with the Applicable Regulations, you have the right to access, rectify, modify, delete (right to forget), limit processing, object to and, where applicable, limit processing and portability (in JSON format) of personal data concerning you at any time and at no cost, subject to the rights and freedoms of third parties and the obligations incumbent on SPH.
You also have the right to define directives regarding what should happen to your Personal Data after your death. Where processing is based on consent, the Client may, at any time, notify their withdrawal of that consent, it being specified that any processing carried out prior to the withdrawal remains lawful.
Clients may exercise their rights:
• By sending an email to the following address: firstname.lastname@example.org; or
• By writing to the postal address: Sport Heroes Group 18/20 rue du Faubourg du Temple, 75011 Paris – France;
• Regarding the rights of rectification, modification and deletion, by configuring or updating their profile in “Edit your profile” from their Sport Heroes User Account.If you believe that SHG has failed to comply with its legal obligations under the Applicable Regulations, you, or an organisation mandated for this purpose, may file a complaint with the CNIL or the supervisory authority of the European Union Member State in which you are ordinarily resident.
SPH may change this Policy at any time, and you are therefore requested to review it regularly on the SPH Sites and/or SPH Applications you visit or use. In the event of a substantial change in the Policy concerning your rights, SPH will inform you as soon as possible.
SPH welcomes your questions and comments. Send us your questions or comments by e-mail to the following address: email@example.com or contact our Data Protection Officer at the following e-mail address: firstname.lastname@example.org
- First name/public
- Last name/public
- Facebook/private (ID - Access token)
- Google/private (ID - Access token)
- Places/public (Location ID - City - Country - Time zone - Zip code - Lat. - Lng.)
- Apps / public (Profile id - Profile URL - Access token)
- Company / private
- Business unit / private
- Bib number / private
- Phone number / private
- Mailing address / private
- Shoe size / private
- T-shirt size / private
2. Activities - public or private (user choice)
- Start date
- Time zone
- Active time
List of all third party providers to which we transfer data:
● AWS - Cloud Computing Services
● Algolia – Search service
● Braze – CRM
● MongoDB - Cloud hosted databases
● CloudAMQP - Cloud hosted databases
● Mailjet – Email as a Service
● Typeform – Online form
● Zendesk – Support service
● Adjust – Mobile marketing measurement
● Facebook, Twitter, Instagram and Google (in the context of marketing campaigns for consumer platforms, or after a contact with Sport Heroes on one of those providers website)
● Mixpanel – Product and User Behavioral Analytics for Mobile & Web
● Stream – Feed and Chat as a service