Privacy Policy
Our Privacy Policy was last updated on 01 August 2022
Our Privacy Policy (the “Policy”) explains how we and some of the companies we work with collect, use, disclose, share, store, dispose of and protect information about your use of our website and platform located at https://uww.org/ and through our mobile application (individually the “Platform” and together the “Platforms”) owned by United World Wrestling, a company located at Rue du Château 6, 1804 Corsier-sur-Vevey Switzerland, registered under CHE-108.227.795 (“UWW”, “we”, “us”, “our”) which acts as Data Controller for the Processing of Personal Data mentioned in this Policy, your privacy rights and how the law protects you.
In this Policy, “you”, “your”, “yours” means the visitors to our Platforms, which are also designated as the “Users”.
By using our Platforms and/or communicating to us via the contact form on our Platforms, email or other channels, you understand, agree and consent that we are collecting, using and disclosing your personal data in accordance with this Policy.
UWW cares about privacy and protecting the Personal Data handled by us. This means that we care about your personal integrity and actively work to protect it.
- Definitions
"Applicable Law" refers to the legislation applicable to the Processing of Personal Data, including the GDPR, supplementary national legislation, the Swiss Federal Act on Data Protection, as well as practices, guidelines and recommendations issued by a national or EU supervisory authority.
"Controller" is the company/organization that decides for what purposes and in what way personal data is to be processed and is responsible for the Processing of Personal Data in accordance with Applicable Law.
"Data Subject" is the living, natural person whose Personal Data is being processed.
"Personal Data" is all information relating, directly or indirectly, to an identifiable natural person. An “identifiable natural person” is a natural person who can be identified, directly or indirectly, by reference to a user ID such as a name, an identification number, location data, an online identification, or to one or more specific elements proper to his physical, physiological, genetic, mental, economic, cultural or social identity.
"Processing" means any operation or set of operations that is performed on Personal data, e.g. transfer, storage, modification, reading, handover and similar.
"Processor" is the company/organization that processes Personal Data on behalf of the Controller and can therefore only process the Personal Data according to the instructions of the Controller and the Applicable Law.
“Users” means any person who accesses and uses the features of the site.
The definitions above shall apply in the Policy regardless of if they are capitalized or not.
- The Personal Data we collect and process
Within the framework of the processing of Personal Data, UWW collects and processes the following data in its capacity as data Controller:
- identity (name, first name), identification (e-mail address, postal address, and telephone number);
- connection data (IP addresses, event logs);
- payment method data (bank details, credit card details, Paypal or Apple Pay account details, other payment method details);
- information on your usage of the Platforms, such as the pages you have visited, the products you have purchased through the Platforms, and your location;preferences to UWW PPlatforms (favorite athlete, country, wrestling style, etc.)
It may also happen that Users communicate other Personal Data (which are then processed) by contacting UWW by email, at the following address info@uww.org
- Tracking technologies and Cookies
When you browse our Platforms, cookies are placed on your terminal, either directly or after having obtained your consent when required by the regulations on cookies.
Cookies are pieces of information placed on the Internet user's terminal equipment by the server of the Platforms visited. They are used by a Platforms to send information to the Internet user's browser and to allow this browser to send information back to the Platforms of origin (for example, a session identifier or the choice of a language).
Only the sender of a cookie can read or modify the information contained in it.
There are different types of cookies:
- session cookies that disappear as soon as you leave the Platforms;
- permanent cookies that remain on your terminal until their lifetime expires or until you delete them using your browser's functions.
You are informed that, during your visits to the site, cookies may be installed on your terminal equipment. We use Cookies to help make your experience with the Platforms better for you and to perform analyses and reviews of the performance of the Platforms.
To learn more about the use of cookies on our site and, please see the cookie policy here
- The purposes of our processing
The Processing that we implement is to ensure the following purposes:
- to allow you to register on the personal space;
- to allow you to place an order on our Platforms;
- to confirm your identity ;
- to verify your personal and contact details;
- to communicate with you;
- the management of payment and transactions;
- the management of your orders and your refunds;
- the follow-up of the prospect/customer relationship, such as answering your contact requests, the realization of satisfaction surveys, the management of complaints;
- to send you personalized emails to the email address you provide to notify you of a movement in your personal space;
- to send you newsletters;
- to send you progress and other updates of our services and upcoming launch;
- to send you commercial solicitations, promotional operations and alerts corresponding to your criteria of choice, by email or by telephone;
- the elaboration of customer and / or prospect files;
- the management of requests to exercise your rights;
- the improvement of the quality of our services;
- to resolve any disputes or problems that may arise in connection with the use of our Platforms.
- The lawfulness of our processing
We only carry out data Processing if at least one of the following conditions is met:
- your consent to the Processing operations has been obtained;
- the existence of our legitimate interest, or that of a third party, which justifies us carrying out the Processing of Personal Data concerned;
- the performance of a contract between us and you or of pre-contractual measures require us to carry out the processing of Personal Data concerned;
- compliance with a legal or regulatory obligation to which we may be subject.
The legitimate interests pursued by UWW may in particular consist in the management of our activity, the follow-up of our contracts, the performance of our services, answering your questions and providing you with our services.
- The data we collect indirectly
To enable us to provide our services to you, we may receive personal information about you from other sources, including:
- social media platforms such as Facebook, Twitter, Instagram, VK and Youtube;
- service providers;
- UWW newsletter registration;
- UWW digital services : mobile application, e-learning platform, e-commerce, and other services.
- The recipients of your data
The Personal Data we collect, as well as those collected subsequently, are intended for us as Data Controller.
We ensure that only authorized persons have access to this Personal Data.
Your Personal Data might be transmitted or made visible to different people.
The content you publish is made visible to other Users. You can choose which type of User can see the content you publish, or the information available on your profile. We remind you that you can set your privacy preferences, by going to the edit profile section of your account management. It is always possible to adopt different settings for each content you share.
Please note that if you share certain content on third party platforms or applications, such as on social media platforms, the privacy policy and terms of use of the third party platforms or application will apply.
The Data can be transmitted to our various collaborators, internal or third parties. Indeed, we use external service providers for the operation of our Payment Services, such as the company InPlayer based in 37-41 Mortimer Street, London, W1T 3JH, United Kingdom. Our VAT number is UK993758843Certain Personal Data may be sent to Advertising agencies and suppliers of print and advertising or to legally authorized authorities in order to meet our legal, regulatory or contractual obligations.
We may also transfer your Data to other categories of recipients, including partners, not necessarily service providers, who use our analysis services in order to improve their products and adapt their commercial prospecting. These may be platforms on which we have social plugins to ensure the compatibility of their products or services with the Platforms. In such cases, we provide statistical data that in no way allow you to be personally identified: we do not communicate your name or contact details. We simply communicate activity data and technical data, such as your actions on the Platforms or your geographical position.
In order to meet certain legal obligations, we may communicate your Personal Data to the authorities upon request, duly and legally justified in our opinion. In particular, this will be the case when the request comes from a jurisdiction, which it is reasonable to believe that a response is required under the law to which that jurisdiction is subject.
We may also disclose your Personal Data to the competent authorities when we believe that such disclosure would help prevent fraud, money laundering or any other severely punishable offence, including criminal offences, or any act that may have consequences for the physical integrity or life of others.
- The transfer of your data
We transfer your Personal Data to partners located in the following countries:
- Spain;
- United Kingdom;
- France.
Each of these transfers is governed by legal instruments that comply with the applicable legal framework.
Indeed, Switzerland benefits from an adequacy decision, which means that they offer your Personal Data a degree of protection equivalent to that in force in the European Union and in the United Kingdom.
All transfers to other countries are governed by standard contractual clauses approved by the European Commission.
- How long do we keep your data
The retention periods we apply to your Personal Data are proportionate to the purposes for which they were collected.
Personal Data that is subject to processing is not kept beyond the time necessary to fulfill the obligations defined at the time of the conclusion of the contract or the predefined duration of the contractual relationship. Thus, as soon as you delete the content you completed or uploaded on the Platforms, this Personal Data no longer appears on the Platforms. However, it may be kept later on as an archive, in particular to meet certain legal obligations of conservation, to comply with applicable legislation, to manage claims and/or disputes, to defend our interests or assert our rights or to respond to requests from authorities.
- The security of your data
UWW has implemented measures to protect the confidentiality, security and integrity of your Personal Data, against unauthorized access and disclosure, modification, alteration, damage, accidental loss or accidental or illicit destruction, as well as against any other form of illicit processing or communication to unauthorized persons.
Access to Personal Data is restricted to those employees, partners and service providers who need to know the information, to whom we impose strict security and information protection rules.
However, UWW cannot guarantee you against any loss, destruction or damage of your Personal Data. UWW is not held, or able to carry out a safeguard of your data present on your personal space.
Our backup services will not make a backup of your data present on your personal space; consequently, you must use a secondary backup source. In other words, unless it is caused by our negligence or willful misconduct, we take no responsibility for the loss of data.
In addition, when you need to choose a password to access certain parts of the site that require you to log in to your personal space, it is your responsibility to choose a secure password (strong, unique (i.e. not used for another site and/or application, etc.) and to keep it confidential. An access control level, an access log and a two-step verification have also been implemented through technical solutions.
You acknowledge that the use of the Internet is inherently insecure and involves certain risks to Personal Data. It is the User's responsibility to ensure that the computer he or she uses is properly secured and protected against malicious software such as Trojan horses, computer viruses and worms.
The User is aware that without adequate security measures (including a secure web browser configuration and up-to-date anti-virus software), there is a risk that the Data and passwords he or she uses to protect access to his or her Personal Data could be communicated to unauthorized third parties and/or that Personal Data transmitted electronically could be intercepted.
- Personal Data breach
In the case of a Personal Data breach, the Data Controller will without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the Personal Data breach to the supervisory authority competent in accordance with the applicable law, unless the Personal Data breach is unlikely to result in a risk to the rights and freedoms of the User.
The notification will at least (i) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned; (ii) communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; (iii) describe the likely consequences of the personal data breach; (iv) describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
The Data Controller documents any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken.
When the Personal Data breach is likely to result in a high risk to the rights and freedoms of the User, the controller will communicate the Personal Data breach to the data subject without undue delay.
However, the communication to the User will not be required if any of the following conditions are met:
- the Data Controller has implemented appropriate technical and organizational protection measures, and those measures were applied to the Personal Data affected by the Personal Data breach;
- the Data Controller has taken subsequent measures which ensure that the high risk to the rights and freedoms of Users is no longer likely to materialize;
- it would involve disproportionate effort. In such a case, there will instead be a communication by e-mail whereby the Users are informed in an equally effective manner.
- The rights you have
All the rights you have are detailed below:
-
- Right to information
You acknowledge that this Privacy Policy informs you of the purposes, legal framework, interests, recipients or categories of recipients with whom your Personal Data is shared.
If we decide to process data for purposes other than those stated, you will be given full information about the new purposes.
-
- Right of access and rectification of your data
You have the right to access and correct your Personal Data, which you can exercise electronically at info@uww.org or by post at UWW’s address.
In this respect, you have the right to confirm whether or not your Personal Data is being processed and, if so, to request access to it, as well as, upon request, information concerning:
- the purposes of the Processing;
- the categories of Personal Data concerned;
- the recipients or categories of recipients as well as the international organizations to whom the Personal Data have been or will be communicated, in particular recipients who are established in third countries;
- where possible, the period of time for which the Personal Data will be kept or, where this is not possible, the criteria used to determine this period;
- the existence of the right to ask the data Controller to rectify or erase your Personal Data, the right to request a limitation of the Processing of your Personal Data, the right to object to such Processing;
- the right to lodge a complaint with a supervisory authority;
- information about the source of the data when it is not collected directly from the Data Subjects;
- the existence of automated decision-making, including profiling, and in the latter case, relevant information about the underlying logic and the significance and intended consequences of such Processing for the Data Subjects.
You can ask us to correct or complete your Personal Data if they are inaccurate, incomplete, ambiguous or out of date.
-
- Right to the deletion of your data
You may request that we delete your Personal Data when any of the following reasons apply:
- the Personal Data are no longer necessary for the purposes for which they were collected or otherwise processed;
- you withdraw the consent previously given;
- you object to the Processing of your Personal Data when there are no legal grounds for such processing;
- the Processing of Personal Data does not comply with the provisions of the applicable laws and regulations;
- your Personal Data has been collected in the context of offering information society services to children under the age of 16.
However, the exercise of this right will not be possible when the conservation of your Personal Data is necessary with regard to the legislation or the regulation and in particular for example for the establishment, the exercise or the defense of rights in court.
-
- Right to limit data processing
You may request the restriction of the Processing of your Personal Data provided that no other interest requires their processing or storage.
-
- Right to object to data processing
You have the right to object to the processing of your personal data where the processing is based on the legitimate interests of the Data Controller.
-
- Right to data portability
Since May 25, 2018, you have the right to portability of your personal data, when:
- the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a), or on a contract pursuant to Article 6(1)(b) of the GDPR; and
- the Processing is carried out by means of automated processes.
In this case, we may provide you with the data that you have submitted to us or that we have received from you in connection with a contract that we have entered with you. You will receive your information in a commonly used and machine-readable format that you can transfer to another Personal Data manager, or we will send directly to them, on your request, if that’s possible.
-
- Right to withdraw your consent
Where the data Processing operations we carry out are based on your consent, you may withdraw it at any time. We will then stop processing your Personal Data without affecting the previous operations to which you have consented. Please note that you can only withdraw your consent for future Processing of Personal Data and not for Processing that has already taken place.
-
- Right to appeal
If you consider that UWW does not respect its obligations with regard to your Personal Data, you can send a complaint or a request to the competent authority.
In Switzerland, the competent authority is the Federal Data Protection and Information Commissioner (FDPIC), to which you can send a request electronically by clicking on the following link: https://www.edoeb.admin.ch/edoeb/en/home/documentation/oeffentlichkeitsgesetz/sample-letters--mediation-procedure.html
-
- How to exercise your rights
You can exercise your rights electronically at info@uww.org or by mail at UWW’s address with proof of your identity.
To do so, you must clearly indicate your name(s) and surname(s), the address to which you wish the reply to be sent and, if needed, attach a photocopy of an identity document bearing your signature.
As a matter of principle, you may exercise all of your rights free of charge. However, with respect to the right of access, you may be required to pay a reasonable fee based on administrative costs for any copy of the data you request.
Concerning the right of information, UWW will not be obliged to follow up when you already have the information you are requesting.
UWW will inform you if it is unable to satisfy your request.
UWW company would like to inform you that the non-information or the modification of your data are likely to have consequences in the treatment of certain requests within the framework of the execution of the contractual relations and that your request under the exercise of your rights will be preserved for follow-up purposes.
- Automated individual decision-making, including profiling
-
- All automated individual decision-making, including profiling
If we carry out automated decision-making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate your profile), you will be given information about the processing. UWW carries out regular checks to make sure that their systems are working as intended.
Profiling can be part of an automated decision-making process.
You have the right to request human intervention or challenge a decision made by automated individual decision-making.
-
- Solely automated individual decision-making, including profiling
UWW carries out a Data Protection Impact Assessment (DPIA) to identify the risks to Users.
UWW can carry out solely automated decision-making with legal or similarly significant effects if the decision is:
- is necessary for entering into, or performance of, a contract between the User and a Data Controller;
- is authorised by law to which the Data Controller is subject and which also lays down suitable measures to safeguard the User’s rights and freedoms and legitimate interests; or
- is based on the User’s explicit consent.
If the decision is based on the first two cases mentioned at clause 13.2, you have the right to obtain human intervention on the part of the Data controller, to express your point of view and to contest the decision.
- Changes to this Policy
This Policy is effective as of 01 August 2022and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Policy at any time and you should check this Policy periodically. Your continued use of the Services after we post any modifications to the Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Policy.
If we make any material changes to this Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our Platforms.
- Contact us
For any question concerning this Privacy policy and, in general, on the collection and processing of your Personal Data by UWW, you can contact us electronically at info@uww.org or by post at UWW’s address.