THE BREDASE SINGELLOOP FOUNDATION
These privacy regulations pertain to the processing of personal data by the Bredase Singelloop Foundation, P.O. Box 9523, 4801 LM Breda (CoC S.41104417). Processing of personal data includes the collection, storage, recording, amendment, accumulation, retrieval, consultation or destruction of personal data of private individuals and officials at our sponsors, suppliers and relations.
The Bredase Singelloop Foundation collects personal data from individual participants, contact persons of companies participating in the company run, invited athletes, volunteers, officials of suppliers and sponsors, guests & other stakeholders, schools, entertainment and visitors to our websites.
General Data Protection
The GDPR (General Data Protection Regulation), also known as the Algemene Verordening Gegevensbescherming (AVG), is European legislation that has direct effect within the European Economic Area. As of 25 May 2018, these regulations will replace the Personal Data Protection Act.
GDPR and protection of personal data
In view of the introduction of this law, the Board of the Bredase Singelloop Foundation has set up an information security policy. The introduction of this policy was accompanied by an awareness programme for board and committee members on privacy and information security.
It includes technical and organisational security measures and procedures for incident reporting, control mechanisms, training, evaluation of activities and continuous improvement.
The Bredase Singelloop Foundation is responsible for almost all processing; some data is collected and/or processed by third parties on behalf of the Bredase Singelloop Foundation. For this processing, the Bredase Singelloop Foundation has a data processing administration. Relevant aspects can be found in these privacy regulations. This register is part of the Information Security Policy and, like other documents, is regularly reviewed and updated as necessary.
The protection of privacy has always played a very important role in our organisation. In all of our organisation’s processes, we treat personal data and customer information with great care, based on the principles set out in the GDPR. This means, among other things, that the Bredase Singelloop Foundation:
- informs you in an understandable and transparent manner about how and for what purposes personal data are processed;
- processes personal data only for justified, specified purposes and bases the data processing on one of the bases listed in the GDPR;
- implements appropriate organisational and technical security measures to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.
- informs you about your rights with regard to the personal data processed by the Bredase Singelloop Foundation.
- does not process or store more than necessary.
Purposes and bases
The Bredase Singelloop Foundation collects personal data for different purposes and on different bases. We have a legitimate interest to process your data: the processing of the data is necessary for the organisation of the event, for the proper handling of your request or for the fulfilment of our obligations towards you.
You will be asked to provide personal data when registering, but also in the case of certain activities, for example if you want to get in touch with us, request information or become a volunteer. We carry out certain processing operations only with your consent, which you can withdraw at any time.
In the following chapters we will inform you in more detail
What are cookies?
Cookies are small, simple text files that your computer, tablet or cell phone receives when you visit a website. Cookies make visiting the website of the Bredase Singelloop Foundation more user-friendly.
What happens when cookies are disabled?
If you turn off your cookies, we have less insight into the (website) use, so we cannot optimise it to serve you better in the future.
Turning off cookies
III. Your personal data – purposes, bases and use of your data
Providing (pre-)contractual services
The Bredase Singelloop Foundation processes your personal data to provide our services to you or to procure services or products from you. We use the data, for example, to process the payment of the registration and the related delivery of goods and services (such as sending the starting number to the home address, engraving of the medal, ordering the Singelloop shirt, sending digital pre/post magazines, newsletters, etc.), for the administration of volunteers (e.g. approaching in connection with participation in the next event), for the physical organisation of the event (contracts with sponsors and suppliers, delivery of services, payments), for relationship management towards invitees and other stakeholders or for analysis purposes of participants or website visits. According to the new guidelines, these reasons provide us with a legitimate interest to process your personal data for this purpose.
Involvement and sharing with third parties
The Bredase Singelloop Foundation, as the data controller, engages other parties to perform an aspect or part of the services for you; this may include, for example, an external option for registration of submissions, registration and communication of times run, processing production and sending the starting numbers or sending newsletters and digital pre- and after magazines.
To the extent that these third parties need access to personal data in order to perform these services, the Bredase Singelloop Foundation has put in place appropriate contractual, technical and organisational security measures to ensure that these third parties only use or process your data for the intended purposes and in accordance with the instructions we have agreed with these third parties.
sharing personal data with third parties for legal reasons
We may share your personal data with third parties if we believe that access to and use of the personal data is reasonably necessary to (i) comply with applicable laws, regulations and/or court orders; (ii) prevent, detect or resolve fraud, (future) security issues or technical problems; and/or (iii) protect the interests, properties or safety of the Bredase Singelloop Foundation, our participants, associates or the public to the extent consistent with the law.
Marketing and promotional activities
The Bredase Singelloop Foundation would like to inform interested parties about developments, collaborations, offers, innovations and other relevant content related to our event, either in compliance with applicable regulations or because you have given your explicit consent to do so. We can do this by telephone, e-mail, newsletters or direct personal contact. Of course, you always have the right to say that you do not or no longer wish to receive this.
The Bredase Singelloop Foundation does not share personal data with or sell personal data to third parties for commercial or other purposes.
Processing of your data on our website
Applications for vacancies at the Bredase Singelloop Foundation
The Bredase Singelloop Foundation may in exceptional cases offer the possibility to send us your motivation letter and CV as part of (open) applications for volunteer positions at the Bredase Singelloop Foundation via the website or e-mail. Your data will then be temporarily stored on a shielded and secured server that is fully managed by the foundation. It is then also our legitimate interest to process your personal data. The processing is necessary for the application procedure to run smoothly. These data are destroyed immediately after completion of the procedure.
III. Retention periods
The Bredase Singelloop Foundation will not store your personal data longer than is necessary for the purposes for which the data was collected. The retention period depends on the nature of the information and the purposes of the processing. Below we list the retention periods of personal data for different purposes and services.
- Personal data of individual participants (name, zip code, place of residence and e-mail address) will be kept indefinitely in connection with the publication of the results and sending digital newsletters as well as the pre- and post-magazines and/or for analysis purposes.
- Other data of individual participants will be deleted within 6 months after the event or anonymised and used for general analysis purposes.
- Personal data of contacts from the company run, group registrations, schools and entertainment will be destroyed within 6 months after the event with the exception of the e-mail address. The e-mail address will be included in our database in accordance with the consent given. Of course, you always have the right to indicate that you do not or no longer wish is this information to be stored and you can unsubscribe. General data of groups, schools, bands/artists and companies will be kept indefinitely.
- Personal data of invited top athletes will be kept indefinitely with the exception of personal data related to the tax retention obligation. This is subject to a period of 7 years.
- Personal data of volunteers are kept indefinitely until cancellation. After cancellation, this data will be completely deleted within 1 month. The clothing size will be removed within 6 months after the end of the event.
- Personal data of sponsors, suppliers, guests and other stakeholders will be stored without limitation until the moment of cancellation. After cancellation, this data will be completely deleted within 1 month.
IV. Your rights
You have the right to request us in writing for:
Inspection of your personal data You can ask us whether we process personal data about you. If so, we will explain which of your personal data we are processing, how we do this and for what purposes. You can also ask us for a copy of the personal data we process about you;
Rectification of your personal data
If you believe that the personal data we are processing about you is incorrect or incomplete, you can request us to complete or amend your data;
Deleting of your personal data You may request us to delete the personal data we process about you. We will delete your data without unreasonable delay after receiving a request to do so if: the data is no longer necessary for the purpose for which we have processed it; you no longer give us permission for processing, if that was the basis for processing; the data has been processed by us for direct marketing purposes; you object to the processing and there is no reason why we should continue to process the data (any longer); there is a legal reason for deleting the personal data.
Limitation of the processing of your personal data.
In some cases, you may wish to limit the processing of your personal data. In this case, you can ask us to limit the data processing. We will comply with such a request if it appears after examination that this is possible, for example, if you do not wish to have all your data deleted but other data are no longer required for the original purpose.
Transfer of your personal data (data portability)
You may request a copy of the personal data we process about you from us.
You can also express your right to object to us if you do not agree with our processing of your data.
V. Questions, requests or complaints
Submitting questions, requests or complaints to the Bredase Singelloop Foundation
You may have a question, request or complaint about the processing of personal data by the Bredase Singelloop Foundation. To do so, please contact us using this form or the contact information below:
The Bredase Singelloop Foundation
PO Box 9523
4801 LM Breda
Addressed to Jolanda Verwegen, secretary
You will receive a written response within 4 weeks.
Submit a complaint to the Authority for the Protection of Personal Data
The Autoriteit Persoonsgegevens (AP) is the Dutch regulator that monitors compliance with the AVG (GDPR). You have the right to complain to the AP if you believe that your rights have been violated. The website of the Dutch Data Protection Authority (www.autoriteitpersoonsgegevens.nl) provides an entry point for this.
Version control of these privacy regulations
The Bredase Singelloop Foundation reserves the right to amend these privacy regulations. Modified versions are published on our website with a date.
These privacy regulations were last updated on 2 June 2018.