Eversports Logo
RechercherModifier la recherche
RechercherModifier la recherche

Data protection

This translation is for informational purposes only and may not accurately reflect the meaning of the German original. The meanings of the terms, conditions, provisions, and warranties contained herein are subject to their respective definitions and interpretations in the German language. In the event of any discrepancy or inconsistency between the German version of this text and any translations, the German version shall prevail.

Status: 04.07.2024

Introduction

In this document you will find all the necessary information in accordance with Articles 13 and 14 of the General Data Protection Regulation.

What might interest you the most

Contact us at [email protected] if you have any questions about data protection.

This policy applies to more than one group of individuals (data subjects):

Eversports and its subsidiaries are jointly responsible for the processing of your personal data.

Details of cookies and other tools used on our websites can be found here: Technical information.

Sommaire

Important definitions

GDPR: The EU General Data Protection Regulation.This privacy policy uses terms such as data subject, personal data, processing, controller, processor and recipient as defined in Article 4 GDPR.

Consent: Refers to the legal basis from Article 6 1. (a) of the GDPR.

Performance of a contract and initiation of a contract at the request of the data subject: Refers to the legal basis in Article 6 1. (b) of the GDPR.

Compliance with a legal obligation: Refers to the legal basis in Article 6 1. (c) of the GDPR.

(Our) Legitimate interest: Refers to the legal basis in Article 6 1. (f) of the GDPR.

Eversports: Eversport GmbH with the business address Jakov-Lind-Strasse 13 / Tür 6 / 5. Stock, 1020 Vienna, Austria. Also referred to as "We", "Us", and "Our".

Eversports DE: Eversports Germany UG (haftungsbeschränkt) with the business address Bremer Heerstraße 117, 26135 Oldenburg, Germany. A subsidiary of Eversports.

Eversports NL: Eversports NL B.V. with business address at Korte Leidsedwarsstraat 12, 1017 RC Amsterdam, The Netherlands. A subsidiary of Eversports.

Eversports Group: Eversports and all its subsidiaries.

Eversports employees: employees of the individual members of the Eversports Group.

Eversports Processors: Processors (as defined in Article 4, GDPR) under contract with Eversports. A list of current Eversports Processors can be found here.

Eversports websites: Websites provided by Eversprots, such as www.eversports.com (or country-specific domains such as www.eversports.at and www.eversports.de), and www.eversportsmanager.com

Eversports platform: The sports search engine and booking platform operated by Eversports online, in its apps and on its websites.

Sports offers: Various offers in the area of sports and leisure activities as well as sports facilities that can be searched for, booked and reserved via the Eversports platform.

Users: People who have registered online with Eversports in order to be able to use sports offers.

Sports providers: Partner companies that offer sports offers via their own sales channels.

Eversports service: Provision of the Eversports platform and mediation of the associated sports offers to users.

Contact us

If you have any questions about data protection, please contact us at [email protected]<a195

Data protection officer

We have appointed a data protection officer. You can contact him as follows: Thorsten Brendel, ViCoTec IT-Sicherheit & Datenschutz GmbH & Co. KG, Im Technologiepark 12, 26129 Oldenburg, Germany, e-mail: [email protected]

Your rights as a data subject:

You have the right to information about the personal data concerning you. You can contact us at any time for information.

In the case of a request for information that is not made in writing, we ask for your understanding that we may require proof from you that you are the person you claim to be.

Furthermore, you have a right to rectification or erasure or to restriction of processing, insofar as you are legally entitled to do so.

Finally, you have the right to object to the processing within the framework of the legal requirements.

You also have the right to data portability within the framework of the data protection regulations.

Who is responsible for data processing?

All members of the Eversports Group are "Joint Controllers" in relation to the processes described in this Privacy Policy. This means that they are all responsible for how, why and for how long your personal data is processed. To this end, employees of the members of the Eversports Group are deployed in teams that cross the boundaries of the individual business units. The members have signed a written agreement between them (in accordance with Article 26 GDPR) to manage their respective responsibilities. You have the right to contact any of the Members with your data protection concerns, however [email protected] is a common point of contact to which your concerns will be directed to the relevant company and/or department.

The Eversports Group is a "group of companies", where Eversports is the "controlling company" as defined in Article 4 (19) and further described in Recital 37 of the GDPR.

Who has access to or receives my data?

Access to your data is handled according to the need-to-know principle. This means that only Eversports employees, Eversports processors and/or third parties will have access to or receive your personal data for as long as and to the extent necessary for the processing that has a legal basis. Further details of who these recipients are and what data they receive are set out at the end of each processing activity below.

What exactly is a processor?

We commission external service providers to carry out various tasks for us. If one of these assignments involves the processing of your personal data, each of these service providers is a processor within the meaning of the GDPR. We have written agreements with them (in accordance with Article 28 GDPR) that govern the handling of personal data and oblige the processors to comply with appropriately high security standards. A current table with all processors of the Eversports Group can be found here.

Other controllers:

Some recipients are themselves controllers in relation to the data transferred to them, so this processing does not constitute order processing. Payment service providers, for example, are controllers in their own right. Sports providers are also data controllers in their own right for the data transmitted to them (e.g. to arrange your booking). You can view which personal data is transferred and the data protection provisions of the sports provider before completing a booking.

Third countries:

When transferring data to recipients in third countries (countries outside the EU/EEA), there is either an adequacy decision by the EU Commission for the country in question, or we have signed standard contractual clauses with the recipients to ensure an adequate level of protection for your data.

Links to third party websites

The websites of Eversports contain links to websites of sports providers and others. Eversports is not responsible for the privacy and data protection on these websites. If you click on a link to visit one of these websites, please read the privacy policy of the website owner.

Information for website visitors

If you visit one of the Eversports websites, the following information is relevant for you.

Note: The Eversports websites are hosted on servers in Germany. Our e-mail servers are located within the EU. Further details on information security at Eversports can be found here.

Website visit

When you visit one of our websites, the following processing takes place.

What data we collect:

Visitation Data
Required cookie data

See Technical information for detailed information.

Analytics cookie data

See Technical information for detailed information.

Advertising cookie data

See Technical Notes for detailed information.

Error & crash report data:

Why and how we use this data:

Purpose: To operate a commercial website. Legal basis: Our legitimate interest in operating a commercial website.

Purpose: To ensure information security. Legal basis: Our legitimate interest in ensuring information security.

Purpose: To optimize our online offering by detecting and resolving technical issues. Legal basis: Our legitimate interest in providing a functioning, error-free product.

Purpose: Optimization of our services. Legal basis: Your consent to analytics.

Purpose: Personalization of advertising for our own products on third-party websites. Legal basis: Your consent to personalized advertising.

Note: You are not obliged to consent to this! If you have done so, you can withdraw your consent at any time by reopening the consent options and unchecking the boxes. You will find a link to these options at the bottom of each page. Withdrawal of your consent will not affect the lawfulness of processing based on your consent before its withdrawal. Not giving or withdrawing your consent will not affect your future relationship with Eversports or the sports providers.

You can find more information about cookies and other tools we use here.

How we store this data:

Who receives this data:

Third parties:

Contacting us

If you contact us by e-mail, the following data processing takes place.

What data we collect:

Why and how we use this data:

The purpose of the processing depends on the content of your message and is (in most cases) customer support or business initiation.

Purpose: Supporting customers on request. Legal basis: Our legitimate interest in operating a business.

Purpose: Business initiation at the request of the data subject. Legal basis: Initiation of a contract at the request of the data subject.

In any case, we will forward your email to the responsible Eversports employee so that your question, request or other message can be properly processed.

How we store this data:

Who receives this data:

Information for Eversports users

If you have or want to have an Eversports user account in order to use the Eversports services (e.g. by booking a course), the following information is relevant for you. As you (as a user) naturally also visit our websites, please also read the section "Information for website visitors" carefully.

Information for app users: If you use the Eversports app to access our services, the same information applies as for website visitors, with the exception that no cookies are used.

Note: The Eversports platform is hosted on servers in Germany. Further details on information security at Eversports can be found here.

Creating an Eversports account

You can join the Eversports platform by creating a user account with your e-mail address and a password (e-mail login) or by registering and logging in with one of your existing accounts (e.g. Facebook, Apple, Google) ("Single Sign-On", "SSO" or also "Social Login"). When you do this, the following data processing takes place. Further information on social logins at Eversports can be found in the technical information.

What data we collect:

If you use the e-mail login:

If you use Social Login, the provider transmits the following of your data to us:

The following data is collected automatically:

Why and how we use this data:

Purpose: To provide you with an Eversports account Legal basis: Performance of a contract (user agreement between you and Eversports).

Purpose: Ensuring information security Legal basis: Our legitimate interest in ensuring information security.

How we store this data:

Who receives this data:

Your Eversports profile

You can add, edit or delete certain information in your Eversports profile. In addition, your name, username and profile picture (if available) are visible to other users. Here you can find information on how these are processed.

What data we collect::

Further information:

In addition, you can provide further voluntary information (sports experience, short bio, favorite sports facilities, upcoming activities). These serve as the basis for creating the detailed profile.

The profile data is grouped into so-called "profile sections" (personal details, sports experiences, upcoming activities, favorite sports facilities).

Additional profile information helps you to be found by other users who share your interests and with whom you can network. However, it is your decision whether you enter personal data in your profile and make it public. You should not add any personal data to your profile that you do not want to be publicly available.

In addition, so-called "profile views" can be set up, the visibility of which can be restricted to certain user groups (public, private, for friends). For each of these profile views, you can specify which profile sections you want to share.

The following information is visible to other users by default and can subsequently be restricted in your profile in the settings:

Why and how we use this data:

Purpose: To provide you with the regular functionalities of an Eversports account Legal basis: Performance of a contract pursuant to Art. 6 (1) lit. b GDPR (the user agreement between you and Eversports), if applicable your consent pursuant to Art. 6 (1) lit. a GDPR

Purpose: Provision of the regular functionalities of an Eversports account for you Legal basis: Performance of a contract pursuant to Art. 6 (1) lit. b GDPR (the user agreement between you and Eversports), if applicable your consent pursuant to Art. 6 (1) lit. a GDPR

How we store this data:

Who receives this data:

Duration of storage:

We only store your data for as long as is necessary to fulfill the purpose. In addition, we comply with statutory retention periods, which must be observed before deleting personal data.

Logging in

Whenever you log in to your Eversports account, the following data processing takes place.

What data we collect:

Depending on how you log in, the following data is collected:

The following data is also collected:

Why and how we use this data:

Purpose: To ensure information security Legal basis: Our legitimate interest to ensure information security.

How we store this data:

Who receives this data:

Registration with Facebook Connect

Instead of registering directly on this website, you can register with Facebook Connect. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

If you decide to register with Facebook Connect and click on the "Login with

Facebook"/"Connect with Facebook" button, you will be automatically redirected to the Facebook platform.

Facebook platform. You can log in there with your user data. This will link your

Facebook profile with this website or our services. This link gives us access to your data stored on Facebook. These are above all

This data is used to set up, provide and personalize your account.

Registration with Facebook Connect and the associated data processing operations are based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time with effect for the future.

If personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing.

You can find the text of the agreement at https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law.

Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

Further information can be found in the Facebook Terms of Use and the Facebook Privacy Policy. These can be found at: https://de-de.facebook.com/about/privacy/ and https://de-de.facebook.com/legal/terms/.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards.

Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active

Registration with Google

Instead of registering directly on this website, you can register with Google. The provider of this service is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

To register with Google, you only need to enter your Google name and password. Google will identify you and confirm your identity to our website.

When you sign in with Google, we may be able to use certain information in your account to complete your profile with us. You can decide whether and what information this is as part of your Google security settings, which you can find here: https://myaccount.google.com/security and https://myaccount.google.com/permissions.

The data processing associated with Google registration is based on our legitimate interest in making the registration process as simple as possible for our users (Article 6(1)(f) GDPR). As the use of the registration function is voluntary and the users themselves can decide on the respective access options, no conflicting overriding rights of the data subjects are apparent.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

Booking

Whenever you use the Eversports platform to book a sports offer (book a course, rent a tennis court, etc.), you enter into a service contract with the sports provider of this offer and the following data processing takes place.

What data we collect:

Why and how we use this data:

Purpose: To enable you to book a sports offer Legal basis: Performance of a contract (the service contract between you and the sports provider)

How we store this data:

Who receives the data:

Third parties:

Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter referred to as "Stripe"). Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation.

You can find details on this in Stripe's privacy policy at the following link: https://stripe.com/de/privacy<a331

Display of YouTube for course bookings

When booking a course, in individual cases you have the option of watching YouTube videos directly via the Eversports website after logging in to our website. These videos are provided as part of the fulfillment of the contract.

This website integrates videos from the YouTube website. The operator of the website is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

If you book one of these courses on which YouTube is integrated, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

We use YouTube in extended data protection mode. According to YouTube, videos that are played in extended data protection mode are not used to personalize surfing on YouTube. Ads that are played in extended data protection mode are also not personalized. No cookies are set in extended data protection mode. Instead, however, so-called local storage elements are stored in the user's browser, which contain personal data similar to cookies and can be used for recognition. Details on the extended data protection mode can be found here: https://support.google.com/youtube/answer/171780.

After activating a YouTube video, further data processing operations may be triggered over which we have no influence.

The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.

Further information about data protection at YouTube can be found in their privacy policy at: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Act

Social media

Facebook

Elements of the social network Facebook are integrated on this website. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

You can find an overview of the Facebook social media elements here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

When the social media element is active, a direct connection is established between your device and the Facebook server. Facebook receives the information that you have visited this website with your IP address. If you click on the Facebook "Like" button while you are logged into your Facebook account, you can link the content of this website to your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at https://de-de.facebook.com/privacy/explanation.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time. Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook.

The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the text of the agreement at https://www.facebook.com/legal/controller_addendum

According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://de-de.facebook.com/help/566994660333381 and https://www.facebook.com/policy.php.

The company is certified in accordance with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards.

Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active

Instagram

Functions of the Instagram service are integrated on this website. These functions are offered by Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

When the social media element is active, a direct connection is established between your device and the Instagram server. Instagram thereby receives information about your visit to this website.

If you are logged into your Instagram account, you can link the content of this website to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to this website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Instagram. The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

Insofar as personal data is collected on our website using the tool described here and forwarded to Facebook or Instagram, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook or Instagram. The processing carried out by Facebook or Instagram after forwarding is not part of the joint responsibility.

The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the text of the agreement at https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing data protection information when using the Facebook or Instagram tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook and Instagram products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook or Instagram directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://privacycenter.instagram.com/policy/ and https://de-de.facebook.com/help/566994660333381.

Further information on this can be found in Instagram's privacy policy: https://privacycenter.instagram.com/policy/<a129

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with

European data protection standards for data processing in the USA. Every company certified in accordance with the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active

Hosting and content delivery networks (CDN)

Amazon Web Services (AWS)

The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg (hereinafter referred to as AWS).

When you visit our website, your personal data is processed on the servers of AWS. Personal data may also be transferred to the parent company of AWS in the USA. The data transfer to the USA is based on the EU standard contractual clauses. Details can be found here: https://aws.amazon.com/de/blogs/security/aws-gdpr-data-processing-addendum/

Further information can be found in AWS's privacy policy: https://aws.amazon.com/de/privacy/?nc1=f_pr

The use of AWS is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in displaying our website as reliably as possible. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards.

Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000TOWQAA4&status=Active

Order processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract required by data protection law, which ensures that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.

Cloudflare Turnstile

We use Cloudflare Turnstile (hereinafter referred to as "Turnstile") on this website. The provider is Cloudflare Inc, 101 Townsend St., San Francisco, CA 94107, USA (hereinafter referred to as "Cloudflare").

Turnstile is used to check whether data is entered on this website (e.g. in a contact form) by a human or by an automated program.

To do this, Turnstile analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters a website with Turnstile activated. For the analysis, Turnstile evaluates various information (e.g. IP address, time spent on the website by the website visitor or mouse movements made by the user). The data collected during the analysis is forwarded to Cloudflare.

The data is stored and analyzed on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in protecting its website from abusive automated spying and SPAM. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG.

Consent can be revoked at any time. Data processing is based on standard contractual clauses, which you can find here: https://www.cloudflare.com/cloudflare-customer-scc/.

Further information about Cloudflare Turnstile can be found in the privacy policy at https://www.cloudflare.com/cloudflare-customer-dpa/.

The company is certified according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards.

Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnZKAA0&status=Active

Analysis tools and advertising

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website.

The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards.

Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

Meta pixel (formerly Facebook pixel)

This website uses the Facebook/Meta visitor action pixel to measure conversions. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the data collected is also transferred to the USA and other third countries.

This allows the behavior of site visitors to be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. This allows the effectiveness of Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website; we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook Data Usage Policy (https://de-de.facebook.com/about/privacy/ ). This enables Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the website operator.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. Consent can be revoked at any time.

We use the advanced matching function within the meta pixels.

Advanced matching enables us to transmit various types of data (e.g. place of residence, state, zip code, hashed email addresses, name, gender, date of birth or telephone number) of our customers and prospects that we collect via our website to Meta (Facebook).

This activation allows us to tailor our advertising campaigns on Facebook even more precisely to people who are interested in our offers. In addition, the extended matching improves the allocation of website conversions and extends Custom Audiences.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the collection of the data and its transfer to Facebook. The processing carried out by Facebook after forwarding is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in an agreement on joint processing. You can find the text of the agreement at https://www.facebook.com/legal/controller_addendum.

According to this agreement, we are responsible for providing the data protection information when using the Facebook tool and for the secure implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g. requests for information) regarding the data processed by Facebook directly with Facebook. If you assert your data subject rights with us, we are obliged to forward them to Facebook.

The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381 .

You can find further information on protecting your privacy in Facebook's privacy policy: https://de-de.facebook.com/about/privacy/

You can also deactivate the remarketing function "Custom Audiences" in the settings for

Ads settings under https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.

You must be logged in to Facebook to do this. If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

The company is certified in accordance with the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link:

https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt0000000GnywAAC&status=Active .

Valuation of a company

If you review or rate one of our sports providers, the following processing takes place:

What data we collect:

Evaluation data:

Rating data:

Why and how we use this data:

Purpose: Publication of your review Legal basis: Consent

Note: This means that the data is effectively transferred to anyone who visits our website, including parties in non-EU/ECR countries. Whether personal data is actually published, i.e. whether you can be identified by someone visiting our website, depends heavily on two factors: who reads your review and what information you have provided. We (Eversports) can always attribute the review to you personally. Others only see the rating data, which may be anonymous. However, someone who already knows you could, for example, identify you from your profile picture alone or from the content of your written review.

Note: You are not obliged to agree to this! If you have done so, you can withdraw your consent at any time by contacting us. The withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal. The non-granting or revocation of your consent has no effect on your further dealings with Eversports or the sports providers, but your rating will not be published without your consent.

Purpose: Content moderation Legal basis: Performance of a contract (the Eversports Terms of Use)

How we store this data:

Who receives this data:

Subscribe to our news and offers

If you choose to receive marketing-related messages from us (e.g. by checking the box when you sign up), we will send you messages about upcoming offers and events to your email address. At the bottom of each of these emails you will find a link to unsubscribe from these messages.

What data we collect:

As a user, you have already provided us with the data we use: Your e-mail address and your name.

Why and how we use this data:

Purpose: Advertising (promoting our own products) Legal basis: Consent

Note: You are not obliged to consent to this! You can withdraw your consent at any time by clicking on the unsubscribe link at the bottom of every marketing email. Withdrawing your consent will not affect the lawfulness of processing based on your consent before it was withdrawn. The non-granting or withdrawal of your consent will not affect your further relationship with Eversports or the sports providers.

Who receives this data:

The Eversports Family Account

If you use the Eversports Family Account function and add members to your account and book sports offers for them, the following processing takes place:

What data we collect:

Note: As stated in the Eversports T&Cs, if the family member you are adding is a minor (under the age of 18), you must be a parent or legal guardian of the child. Otherwise, you must have the consent of the person you are adding and have shown them this Privacy Policy.

Why and how we use this data:

Purpose: To provide you with the regular functionalities of an Eversports account Legal basis: Consent (yours or that of the added member)

Note: This consent is not mandatory! It can be revoked at any time by deleting the member from your account. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The non-granting of consent or the withdrawal of consent has no effect on other transactions with Eversports or the sports providers.

Purpose: To enable you to book a sports offer Legal basis: Performance of a contract (the service contract between you and the sports provider)

How we store this data:

Who receives this data:

Third parties:

Plugins and tools

Google Fonts (local hosting)

This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. Google Fonts are installed locally. There is no connection to Google servers.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited ("Google"), GordonHouse, Barrow Street, Dublin 4, Ireland. With the help of this service, we can integrate map material on our website.

To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there, and the provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of uniform display of fonts. When you access Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA, which is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further

For more information, please contact the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participantdetail?contact=true&id=a2zt000000001L5AAI&status=Active

Information for business partners & customers

If you are a business partner or business customer of Eversports, or an employee of someone who is, the following information is relevant to you. If you also visit our websites, please read the section "Information for website visitors" carefully.

Doing business with Eversports

If you or your employer wish to enter into or have entered into a contract with a member of the Eversports Group, some (standard) business transactions involve the processing of personal data and the following information is relevant to you.

What data we collect:

Why and how we use this data:

Purpose: Regular course of business Legal basis: Performance or preparation of a contract at the request of the data subject (contract between you and Eversports, or, if you are an employee, your employment contract)

How we store this data:

Who receives this data:

Filling out a form

If you decide to contact us by filling out a form (on one of our websites, e.g. the free online demo form), the following processing will take place.

What data we collect:

Why and how we use this data:

Purpose: Business initiation at the request of the data subject. Legal basis: Initiation of a contract at the request of the data subject.

Purpose: Advertising (promoting our own products). Legal basis: Our legitimate interest to do business with you.

Note: You have the right to object to this processing without giving reasons. You can object by clicking on the link at the bottom of each email.

How we store this data::

Who receives this data:

Use of the Eversports platform

If you offer your sports services on the Eversports platform, the following information is relevant for you.

Note: The data you enter in your Eversports sports provider profile (company name and address, names and pictures of employees, etc.) is processed by Eversports on your behalf. This means that you are the controller and Eversports is the processor (for the process of storing and publishing your sports provider profile data on the Eversports platform). This processing is covered by the processing agreement that you have signed with Eversports. Other data processing that falls under the responsibility of Eversports (Eversports is the controller and you are the data subject) is described here:

What data we collect:

Login data:

Rating data:

Why and how we use this data:

Purpose: To publish user reviews and ratings to improve the overall quality of services offered on the Eversports platform Legal basis Basis: Our legitimate interest in operating an e-commerce platform.

Purpose: Ensuring information security Legal basis: Our legitimate interest in ensuring information security.

How we store this data:

Who receives the data:

Third parties:

Use of the Eversports Manager software

If you use the Eversports Manager software in one of its variants, the following information is relevant for you.

Note: The data you enter into Eversports Manager (customer name and contact details, employee schedule, etc.) is processed by Eversports on your behalf. This means that you are the controller and Eversports is the processor (for the process of storing your customer and employee data). This processing is covered by the processing agreement that you have signed with Eversports. Other data processing that falls under the responsibility of Eversports (Eversports is the controller and you are the data subject) is described here:

What data we collect:

Login data:

Why and how we use this data:

Purpose: To ensure information security Legal basis: Our legitimate interest to ensure information security.

How we store this data:

Who receives this data:

The Eversports webshop

Eversports offers a wide range of products for business customers via its webshop (store.eversportsmanager.com). If you shop in our webshop, the following information is relevant for you. Also take a look at the section Doing business with Eversports above.

What data we collect:

Why and how we use this data:

Purpose: Performance of a contract of sale Legal basis: Performance of a contract (contract of sale between you and Eversports)

How we store this data:

Who receives this data:

Third parties:

Information for applicants

So you want to become part of the Eversports team! That's great! Here you can find out what you need to know about data protection.

Filling out an application form

If you fill out an application form on one of our websites, the following data processing takes place.

What data we collect:

Application data

Subsequent data (if the application process is continued)

Why and how we use this data:

Purpose: Applicant management Legal basis: Preparation of a contract at the request of the data subject.

Purpose: Retention of the application Legal basis: Consent (when completing your application, you can opt for an extended retention period so that we can contact you when a position becomes available)

Note: You are not obliged to agree to this! If you have done so, you can withdraw your consent at any time by contacting us. The withdrawal of your consent will not affect the lawfulness of processing based on your consent before its withdrawal. If you do not give or withdraw your consent, this will not affect your application or other relationship with Eversports.

How we store this data:

Who receives this data:

Your rights

In principle, you have the rights to information, rectification, erasure, restriction of processing, data portability and objection. To exercise these rights, you can contact Eversports or another member of the Eversports Group. For example, if you wish to delete your account, simply send an email to [email protected].

Details on your right to object: Whenever "our legitimate interest" is the legal basis for processing, you have the right to object to this processing. If the processing relates to marketing activities in our legitimate interest, you can simply object without any further requirements. In all other cases, we ask you to state the reasons (in relation to your particular situation) for your objection.

Details on withdrawing consent: Where "consent" is the legal basis for processing, you have the right to withdraw your consent at any time with effect for the future, either by contacting Eversports directly or by doing what is described above for each processing operation (e.g. clicking a link to unsubscribe from marketing messages). Withdrawal of your consent will not affect the lawfulness of processing based on your consent before its withdrawal.

Under the GDPR, you have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you. The Eversports Group will not subject you to such decisions.

If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, please contact Eversports at [email protected]. We will always endeavor to resolve your concern to your satisfaction. You have the right to contact the supervisory authority at any time and lodge a complaint. In Austria, this is the Data Protection Authority. Data Protection Authority. A list of the competent supervisory authorities outside Austria can be found here.

You can prevent data processing for the purpose of Google Ads Conversion Tracking by opting out via this link.