Sideline Sports a Islandi ehf, org. no. 520601-2790 (“Sideline Sports” or “we”) provides digital services in the form of website, mobile and desktop applications for registering members, enabling coaching organization, communication and session scheduling and other sport club and coaching functions (“the Services”) to sports clubs and other organizations (“the Customer”).
Welcome, and thank you for your interest in Sideline Sports, our web sites at https://sidelinesports.com, https://xpsnetwork.com (the “Site(s)”) and all related web sites, downloadable software, mobile applications (including tablet applications), and other services provided by us and on which a link to this Privacy Policy (“Policy”) is displayed, and all other communications with individuals though from written or oral means, such as email or phone.
By the use of the Services, Customers can conduct their operations, keep member registers, collect fees, communicate with members, schedule training sessions and matches, register and analyse performance results and athlete evaluations, analyze video of competition matches and other functions of a sports club. The Customer’s members can be athletes, trainers and athletes’ guardians (“Registered Users”).
In order to provide Customers the Services, Sideline Sports must process personal data on Registered Users. Such processing activities are undertaken on behalf of Sideline Sports’ Customers, where the Customers act as data controllers and Sideline Sports as a data processor, in the meaning of applicable data protection legislation, including the General Data Protection Regulation (“GDPR”). Processing undertaken by Sideline Sports in relation to Registered Users is subject to a data processing agreement with the Customers and this Policy does not apply to such processing activities.
This Policy applies to processing activities where Sideline Sport’s acts as a data controller, that is in relation to the company’s processing of personal data on Customer’s representatives, visitors of the Sites and on job applicants (collectively referred to as “you” in this Policy).
1. Personal Data Processed by Sideline Sports
For the purposes of this Policy, personal data means any information relating to an identified or identifiable individual, i.e. information that can be traced directly or indirectly to a specific individual. Personal data does not include anonymous data or non-personal data (i.e., information that cannot be associated with or tracked back to a specific individual).
1.1 Representatives of Customers
Sideline Sports processes data on representatives of Customers, such as name, e-mail address, phone number, correspondence history etc.
The company processes the data to explore the possibilities of entering into agreement with the Customer, to provide free trial of the Services, to fulfill contractual obligations with the Customer in question, to provide support services (incl. via email or phone) and/or for marketing purposes (incl. newsletters).
The processing is based on the legitimate interests of Sideline Sports.
Data on Customers’ representatives is preserved for 5 years from the end of the business relationship with the Customer in question.
1.2 Website
When you visit the Sites we collect IP address, browser version and session details in relation to our use of cookies. Cookies are small text files placed on the user’s computer or other devices when visiting certain web pages. They store small amounts of information about the user’s visit. The processing is partly necessary for the Sites to work, but in other instances we use the data for analytical and marketing purposes subject to your consent.
Users can always change settings in their web browser for the management of cookies. However, if certain cookie features are disabled, the function and experience of Sideline Sports’s Services may be impaired. Further information on what cookies we use, the basis for the processing and information on how to turn off the cookies can be found here:
If you contact us via a contact form on the Sites, or via sales@sidelinesports.com or info@sidelinesports.com we also process the personal data you provide, including name, e-mail address and the subject of the request. The processing is necessary for Sideline Sports to reply to such a request.
1.3 Job applicants
When individuals apply for a job at Sideline Sports the company processes the applicant’s personal data. That includes the applicant’s name, title, gender, national ID number, address, postal code, town/city, country, e-mail address, telephone, education and training data, work experience, previous employers, curriculum vitae, as well as other information voluntarily submitted by an applicant.
The company processes the data to be able to select the best candidate for the position and for communication with the applicants.
The processing is based on the applicant’s request to enter into a contract with Sideline Sports.
The company retains information submitted by job applicants for six months, unless a specific consent is requested for a longer retention period.
2. Data Security
Sideline Sports endeavors to maintain physical, technical and procedural safeguards which are designed to protect personal data from loss and unauthorized access, copying, use, modification or disclosure.
Sideline Sports has, among other things, implemented strict and continuous security routines concerning the processing of personal data. Appropriate and reasonable standards for technical data protection and so-called built-in data protection are also applied to secure and protect personal data, including the following:
- All employees are bound by a confidentiality agreement,
- All employees have undergone security and personal data training,
- All employees, by being placed in appropriate access groups, only have access to systems and personal data necessary for them to carry out their work tasks,
- Access to personal data is limited to the persons and purposes required for Sideline Sports to provide the Services and ensure their operation and security,
- Logging and continuous monitoring ensure that no employee misuses rights or permissions,
- Only a few key individuals have knowledge of, access to, and the ability to influence how the security system is structured,
- Assessment, evaluation, and revision of routines and security are continually performed,
- Encryption, firewalls, and other security mechanisms are used to minimize the risk of unauthorized access, and
- Storage takes place on highly secure servers with daily data backups to avoid the risk of destruction. These are also protected from unauthorized access through strict access controls.
In case of a data breach, the company will inform data subjects and the authorities of the occurrence of the breach in accordance with applicable law.
3. Your Rights
It is important that personal data in our records is both accurate and current. You are entitled to request rectification of inaccurate data on you. Taking into account the purpose of the processing, you also have the right to have incomplete personal data completed.
You are entitled to request access to the personal data we process on you and information on the processing. You may also be entitled to a copy of the personal data undergoing processing. Where you have provided us with your personal data which we process based on your consent or our contract with you, you may have the right to receive such data in a machine-readable format and to have the data transferred to a third party.
Under certain circumstances you may have the right to request us to erase personal data concerning you with undue delay, such as where the personal data is no longer necessary in relation to the purpose for which they were collected or otherwise processed or if you withdraw your consent and where there is no other legal ground for the processing. You may also have the right to restrict further processing of your data where certain requirements are fulfilled, such as if the processing is unlawful and you prefer the restriction of data processing instead of erasure of the data.
Please note that your rights relating to your personal data are not all absolute. In the event Sideline Sports cannot approve your request in relation to your personal data, the company will endeavor to inform you of the reasons why, subject to any legal or regulatory restrictions.
If your request is approved, the necessary action will be taken within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests.
If you want to use any of your rights referred to in this Policy or if you have any questions regarding our processing of your personal data, please contact Sideline Sport’s Data Protection Officer at dpo@sidelinesports.com.
If you are not satisfied with our response, you are entitled to make a written submission to the applicable data protection authority, including the Icelandic Data Protection Authority (www.personuvernd.is).
4. To Whom We Disclose Information
Sideline Sports works with third party service providers who provide website, application development, hosting, maintenance, and other services for the company. These third parties may have access to, or process personal data as part of providing those services for the company. Sideline Sports limits the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and the company’s contracts with them require them to maintain the confidentiality of such information.
Sideline Sports may also disclose personal data or other information if required to do so by law, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
The company also reserves the right to disclose personal data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Services and any facilities or equipment used to make the Services available, or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others.
Information on you may furthermore be disclosed and otherwise transferred to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
5. Your California Privacy Rights
We will not share any Personal Data with third-parties for their direct marketing purposes to the extent prohibited by California law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance.
6. Revisions of this Policy
Sideline Sports may from time to time make changes to this Policy to reflect changes in our legal or regulatory obligations or in the manner in which we deal with your personal data. We will communicate any revised version of this Policy. Any changes to this Privacy Policy will be effective from the time they are communicated.
7. How to Contact Us
Please contact us with any questions or comments about this Policy, your Personal Data, our use and disclosure practices, or your consent choices by email at support@sidelinesports.com. If you have any concerns or complaints about this Policy or your Personal Data, you may contact Sideline Sports’s Data Protection Officer by email at dpo@sidelinesports.com.
For the personal data that the Customer processes about Registered Users, where Sideline Sports acts as a data processor, we ask you to contact the Customer with your questions and concerns.
Last updated: February 21, 2024
