Status: July 2023

The website business.sport1.de (hereinafter "Website") is operated by Sport1 GmbH (hereinafter "SPORT1" or "we"). The protection of your personal data is of Important concern to us. Within the scope of this privacy policy, we inform you about the type, scope and purpose of the collection, processing and use of your personal data.

Content:

I. Principles

II. Scope of data collection

III. Data processing processes and tools

(1) Technically necessary processing of data by Sport1 GmbH and our service providers for the operation of the website.  

(2) Processing of data by Sport1 GmbH and our service providers for the analysis of the website and the statistical processing of user behavior.

(3) Processing of data by Sport1 GmbH and our service providers to optimize our website.

(4) Processing of data by Sport1 GmbH and our service providers for communication with our website visitors

IV. Duration of storage

V. External links

VI. Right of information, objection and revocation

VII. Security

VIII. Responsible entity and contact details

I. Principles

• We collect, process and use your personal data exclusively in compliance with the principles described below as well as the requirements of the EU General Data Protection Regulation (hereinafter "GDPR") and the Federal Data Protection Act applicable to SPORT1 (hereinafter together with GDPR "applicable data protection provisions").
• Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). This includes, for example, inventory data such as your name, postal address, e-mail address and telephone number, but also usage data, such as information about the time of your visit to our pages, the browser you used, and other data generated when visiting our pages.

II. Scope of data collection, processing and use

• We collect, process and use your personal data (hereinafter also referred to as "data") from data subjects exclusively for the performance of our own business purposes.
• Your personal data is processed on the basis of the applicable data protection provisions, specifically - depending on the case - on the basis of your consent, a legal obligation, the conclusion of a contract with you or after weighing the legitimate interests in the individual case.
• Insofar as we process personal data on the basis of consent, we will only do so as long as you do not object or revoke your consent.
• For a large part of the visit to the website, it is not necessary for you to provide us with personal data. For individual services, it is necessary to provide personal data (e.g. download area).
• The personal data of the visitor to the website (hereinafter "data subject") will be deleted or blocked as soon as the purpose of storage ceases to apply. However, storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. Data will also be blocked or deleted if a storage period defined by the aforementioned regulations expires, unless in individual cases there is a need for further storage of the data for the conclusion or performance of a contract.
• We would like to tell you exactly what data we collect and process about you in the following data protection information. If you have any questions about data protection, please contact us at datenschutz@sport1.de. You will find the full contact details at the end of this privacy policy.

III. data processing processes and tools

(1) Technically necessary processing of data by Sport1 GmbH and our service providers for the operation of the website.

Cookies

We use cookies to make your visit to our website more attractive. Cookies are small text files that are stored on your terminal device and allow us, among other things, to recognize your browser. Cookies allow us to improve the comfort and quality of the services provided on the website.

Cookies are also used to analyze in anonymized form the use of the Website, in particular online advertising, to store general preferences of a user in the cookie placed on the terminal device and to provide the respective user with special, interesting offers and services on the Website based on his preferences.

Some of the cookies we use are deleted after the end of your browser session, i.e. after you close your browser (so-called "session cookies"). Other cookies remain on your terminal device during their respective validity period (see below) and enable us to recognize your browser on your next visit.

When calling up our website, we inform users by means of an info banner about the use of cookies (technically necessary / essential cookies and tracking cookies) and have technically set up the consent required under data protection law for the setting of cookies for which consent is necessary. Except for the technically necessary or essential cookies, consent must always be given in advance for cookies to be set on your end device. The user is also referred to this privacy policy via the info banner.

In the following, we provide you with an overview of the cookies used, their validity period and the respective opt-out options. In addition, we would like to point out that you can adjust your cookie settings at any time and revoke your consent at any time for the future.

Technically necessary/essential cookies:

We use cookies to make our website https://business.sport1.de/ more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. In the following technically necessary cookies, the closing of the cookie banner is stored and the registration/login to our customer area is enabled and protected:

• sessionid: Allows to authorize to use the website without explicit login, Validity: Duration of session/end of session,
• fe_typo_user: The frontend user cookie of Typo3 is used to enable the session-bound display within the protected area (customer area), validity: duration of the session, end of session or at least 1 hour 20 minutes,
• _cfduid: Used to identify individual clients behind a shared IP address and apply security settings to each client. It does not correspond to any user ID in your web application and does not store any personal data, Validity: 1 year.
• Cookieconsent_status: Stores the interaction with our cookie banner. Validity: 1 year.

These cookies are transmitted to us each time a page is accessed, do not contain any personal data and are therefore not used for personal identification.

Analysis - Cookies:

We use cookies on our website that enable an analysis of the surfing behavior of our users. In this way, search terms entered, the frequency of page views or the use of website functions can be analyzed. The user data collected in this way is anonymized during collection by means of a technical precaution that has been set up. Therefore, an assignment of the data to the calling user of the website is no longer possible. This anonymized data is not stored together with personal data of the users.

The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our offer to the respective user. For a description of the cookies, how they work, their purpose and how to object to them, please refer to the information provided under "AT-Internet (Piano Analytics)".

The legal basis for the processing of personal data using technically necessary cookies and for range measurement is Art. 6 para. 1 p. 1 lit. f GDPR and § 25 para. 2 TTDSG. The legal basis for the processing of personal data using cookies for marketing purposes (advertising and tracking cookies) based on your consent is Art. 6 para. 1 p. 1 lit. a GDPR and § 25 para. 1 TTDSG.

You can restrict or deactivate the use of cookies in your browser settings at any time. In addition, we offer you at the end of this privacy policy to change the settings made via our cookie banner at any time or to revoke your given consent for the future. It is also possible to use our offers without cookies. However, this may lead to certain restrictions in the functions and user-friendliness of our offers on the website.

Server logs

During the mere informational use of the website, we only collect the personal data that your browser automatically transmits to our server on which our websites are located (hereinafter referred to as "web server") and that are technically necessary for the purpose of displaying our website to you and ensuring its stability and security.

We have contracted the company Hetzner Online GmbH (Industriestrasse 25, 91710 Gunzenhausen, Germany, hereinafter "Hetzner") for the hosting and technical provision of our website. We have concluded the required data protection agreement with Hetzner for commissioned processing in accordance with Art. 28 GDPR. According to this agreement, Hetzner undertakes to ensure the necessary protection of your data and to process it exclusively on our behalf in accordance with the applicable data protection provisions. You can find more information about Hetzner on the website: https://www.hetzner.de/.

The web server automatically detects certain data such as

• Proxy IP address (client IP address of the gateway)
• Date and time of access
• The operating system used
• Browser type and version
• Use protocols
• URL of the document page the user came from
• Language choice
• http status (return code) and
• Amount of data in bytes

The data is stored on Hetzner servers hosted and certified in Germany. Hetzner uses this information for the specified purpose on our behalf as well as its own for service optimization. Hetzner does not use the data independently or pass it on to third parties. This data is not stored together with other personal data of the user.

There is a legitimate interest on our part for the temporary storage of the data and the server logs. The legal basis for the data processing is therefore Art. 6 para. 1 lit. f GDPR.

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the respective end device used by the user. For this purpose, the IP address of the user must remain stored for the duration of the session.

The storage of all the above information in log files (server logs) is additionally carried out to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the necessary security of our information technology systems. We regularly evaluate the server logs, which are made available to us by Hetzner in anonymized form, for statistical purposes. The data has no personal reference. An evaluation of the data for marketing purposes does not take place in this context.

These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.

The server logs are deleted again no later than 52 days after they are collected by Hetzner, unless there is a suspicion of misuse or external attack or other system security error.

The collection of data for the provision of the website and the storage of the data in server logs is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

(2) Processing of data by Sport1 GmbH and our service providers for the analysis of the website and the statistical processing of user behavior.

AT-Internet (Piano Analytics)

In order to statistically record the use of our services and offers and for the purpose of optimizing our offer, we use an analysis tool from the company Applied Technologies Internet GmbH, Leonrodstraße 52-58, 80363 Munich, Germany (hereinafter "AT-Internet").

We have concluded an agreement with AT-Internet on commissioned processing as required by data protection law (AV agreement within the meaning of Article 28 GDPR), in which AT-Internet undertakes to protect the data of our users and to process it exclusively on our behalf in accordance with the applicable data protection provisions.

AT-Internet uses so-called cookies, which are text files placed on your computer, to help the website analyze how users use the site. The following cookies are set by AT-Internet in your browser used:

• atreman: Includes any existing attribution campaign. Validity 30 days.
• atredir: Holds the - in case of a JS redirection - information to be transferred. Validity 30 seconds.
• atsession: list of campaigns - collected during the visit. Validity: 30 minutes
• atuserid: Visitor ID. Validity: 13 months

When using AT-Internet's solution, a distinction is made between raw data (a) and processed usage data (b):

(a) The following information (raw data) is collected:

• Either via a cookie, i.e. a small text file stored by a website on your terminal device, the following information is collected: the name of the server that deposited the cookie, an anonymous identification in the form of a unique number, a validity period,
• or a mobile identifier (a unique number that allows the device to be recognized), any navigation data collected in relation to these identifiers, and the IP address used for geolocation.

(b) After processing the raw data, we speak of processed usage data, which provides the following information:

• IP address
• Unique Visitor ID (either via the CookieID or the Mobile Identifier)
• Web page address of the referring web page,
• The name and screen path of the viewed page,
• The number of viewed pages,
• The exact navigation path that a visitor takes on the pages,
• The time the visitor spends on a page or the entire site,
• Date and time of the page view,
• The HTTP response code of the WebServer, and the amount of data in bytes.
• Language choice
• Browser type and version,
• Width and height of the browser window,
• Color depth,
• Operating system,
• Geo Location,
• Visitor ID,
• Customer ID,
• Usage data about the use of the site (teaser tracking (impressions, clicks), page / screen tracking, event tracking),
• Additionally defined analysis parameter.

The following applies to both the raw data and the usage data: The IP address is anonymized immediately after collection by the data collection server for the tool provider's data collection and before further processing. Consequently, your complete IP address is not stored permanently and cannot be linked to other usage data. The usage data is additionally stored separately from other data that you enter in the course of using our offer. The assignment of the usage data to a specific person is not possible due to the system-side separation.

Data from the data collection server is automatically deleted within 24 hours. After six months, the collected raw data is automatically deleted. AT-Internet automatically deletes the usage data six months, after the end of the term of the contract between Sport1 and AT-Internet.

AT Internet has been certified annually by TÜV Saarland since 2010. TÜV Saarland confirms that the data collection and processing by AT Internet's solution meets the applicable standards for data protection and security. The service provider's servers are located in member states of the EU; predominantly in France in compliance with the requirements of the French supervisory authority (CNIL).

AT-Internet uses the following providers as data centers:

• SFR - France
• TDF - France
• Amazon Web Services, Inc. - Storage exclusively within the EU

Snowflace Computing, Inc. - Storage exclusively within the EU

You can object to data processing by AT-Internet at any time by using the following link: https://www.xiti.com/de/optout.aspx.

For more information on AT-Internet's analysis tool, please visit: https://www.atinternet.com/de/unternehmen/datenschutz/ressourcen/.

We use the analysis and tracking technologies or third-party technologies of AT-Internet on the basis of Art. 6 para. 1 p. 1 lit. f) GDPR:

• For the purpose of monitoring the correct functioning of our website or our offer.
• For the purpose of KPI reporting within our annual reports as well as to our partners.
• For the purpose of automated content playout.
• For the purpose of statistically recording usage and performing data analysis in order to optimize the usability, performance and content of our website.
• For the purpose of debugging technical errors.
• For the purpose of evaluating key performance indicators.
• For the purpose of product optimization.
• The use of specialized processors and the resulting economic and technical advantages.

From the aforementioned points (1. - 8.) and taking into account that the technically necessary data processing cannot be separated from the data processing for product optimizations, our legitimate interest follows in the sense of Art. 6 para. 1 p. 1 lit. f) GDPR.

The processing of the data is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

(3) Processing of data by Sport1 Medien AG and our service providers to optimize our website

Google reCAPTCHA

On our website, we use Google reCAPTCHA to check and prevent interactions on our website by automated access, e.g. by so-called bots. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google". We have concluded the agreement required by data protection law with Google in accordance with Art. 28 GDPR.

Through certification under the EU-US Privacy Shield ("EU-US Privacy Shield") https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI, Google guarantees that EU data protection requirements are also complied with when processing data in the USA.

Through this service, Google can determine from which website a request is sent as well as from which IP address you use the so-called reCAPTCHA input box. In addition to your IP address, Google may also collect other information that is necessary for offering and guaranteeing this service.

The legal basis is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest lies in the security of our website as well as in the defense against unwanted, automated access in the form of spam or similar and thus also serves the security of a visitor to our website.

The legal basis for the use of Google reCAPTCHA and the processing operations required for this is Art. 6 (1) p. 1 lit. f GDPR:

- Verification and prevention of interactions through automated access.

Google offers further information on the general handling of your user data at https://policies.google.com/privacy. Via the link Opt-Out: https://adssettings.google.com/authenticated. You can opt out of the service.

(4) Processing of data by Sport1 Medien AG and our service providers for communication with our website visitors

Newsletter Sendinblue GmbH

On our website you have the possibility to register for a newsletter to receive news, developments and information about the content and topics of our website, but also quota communication, coverage developments or the purchase of new rights and event information. With the newsletter we also inform you about the latest advertising opportunities on our website.

If you register for our newsletter, we will only use the data voluntarily provided by you for this purpose within the scope of the consent granted within the meaning of Art. 6 (1) sentence 1 a) GDPR.

Sendinblue is used as newsletter software. Your data will be transmitted to Sendinblue GmbH. Sendinblue is prohibited from selling your data and using it for purposes other than sending newsletters. Sendinblue is a German, certified provider, which was selected in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

For more information, click here: en.sendinblue.com/information-newsletter-receivers/

If you have subscribed to our newsletter (business.sport1.de/newsletter) by confirming the button provided for this purpose and entering your required personal data, we will process this data exclusively for the purposes communicated here.

Which personal data are processed when ordering the newsletter, results from the input mask (name, first name, title, company and e-mail address are mandatory data). This information is necessary to send you the newsletter and to address you personally. If you do not provide us with your personal data, in particular your e-mail address, we will not be able to offer you this service.

The registration for our e-mail newsletter takes place in a double opt-in process, i.e. after providing your data, you will receive an e-mail to the e-mail address provided to us with a confirmation link. This confirmation e-mail serves to authorize the receipt of the newsletter by the owner of the specified e-mail address. Only after successful confirmation, the e-mail address will be included in the distribution list. Stored are: Registration data, registration, confirmation, unsubscription time, IP address as well as changes to the stored data. The collection of this data is necessary, among other things, in order to be able to trace any misuse of the e-mail address of the data subjects and to safeguard the data controller.

Your registered data is stored on certified servers of Sendinblue exclusively in the European Economic Area. Sendinblue uses this information to send and evaluate the newsletter usage on our behalf, as well as for service optimization. An independent use of the data by Sendinblue, such as for contacting, as well as a transfer to third parties does not take place. For more information on data protection and data security at Sendinblue, please visit: https://de.sendinblue.com/datenschutz-uebersicht/?rtype=n2go

In order to further improve the offer via the newsletter, data on the use and the associated interests of the recipients are collected and statistically processed.

For this purpose, the newsletters sent contain so-called web beacons. The web beacons are used to collect the IP address, access location (via the characteristics of the IP address), time of request, content of the request, access status, amount of data transferred in each case, number of openings and clicks, mailings received, browser, operating system and its interface. This information is assigned to your e-mail address and linked to its own ID. If the newsletter cannot be successfully sent (bouces) twice in a row, the entire data record is deleted after 2 days.

With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. linking to an event) has taken place after clicking on the link in the newsletter. For more information on data analysis by Sendinblue Newsletter, please visit: https://de.sendinblue.com/funktionen/e-mail-marketing/reports-oeffnungen-klicks/?rtype=n2go

You can revoke your consent to receive the newsletter at any time for the future. You will find a link to revoke and thus unsubscribe from the newsletter at the end of each newsletter. By revoking your consent to the continued receipt of the newsletter, no further processing of your data for this purpose will take place.

The legal basis for the data processing is based on your consent Art. 6 para. 1 sentence 1 lit. a) GDPR.

Contact form/ Email

On our website, it is possible to contact us via the e-mail address provided or the contact form. In both cases, the transmitted personal data of the user will be stored. In this context, the data is not passed on to third parties. The data is used exclusively for processing the conversation.

If you send us an inquiry via our contact form, your name and e-mail address (optionally company, telephone number) will be used exclusively for the respective correspondence and reply with you. This also applies to an inquiry via e-mail.

The data will be deleted immediately as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified. Inquiries received via the contact form are sent via the form to the e-mail address anmeldung@sport1.de and stored within the CMS for a maximum of 4 weeks and then automatically deleted.

The legal basis for the processing of data transmitted in the course of sending an e-mail or via the contact form is Art. 6 (1) lit. a and f GDPR. If the contact aims at the conclusion of a contract, additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

The processing of your personal data voluntarily provided to SPORT1 by e-mail is solely for the purpose of processing the contact. This also constitutes the necessary legitimate interest in processing the data.

The user has the option to revoke his consent and the processing of personal data at any time. If the user contacts us by e-mail or via the form, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

The revocation can be made at any time via the contact details in the imprint of the online presence, as well as at the following e-mail address anmeldung@sport1.de. All personal data stored in the course of contacting us will be deleted in this case.

Please note that when communicating via contact form, data security on the Internet cannot be guaranteed by SPORT1 and SPORT1 recommends sending confidential information by mail to prevent the loss of this confidential information.

Protected area

Within our website, you have the option to voluntarily register for our free protected area. Protected means that only a certain group of people can access this area and that it is protected from access by third parties, i.e. non-registered persons, by prior registration.  Your registration is required here for the use of certain content and services within our website, within the protected area. We process the data provided by us for this purpose, the registration, in order to create a profile for you and to enable the technical requirements for the registration to the customer area. The sole purpose of the profile creation is to technically enable a registration and thus a use of the protected area.

Registration

As part of the registration process, we require the following information from you (hereinafter "Minimum Information"):

• E-mail address
• Password
• Password repetition
• Salutation
• First name
• Last name
• Company

• Confirmation of the privacy policy
• Confirmation of the terms of use

In addition, the following data is automatically collected and assigned to your profile:

• Country
• Region / Continent
• IP address (The IP address is anonymized after determining the country, region, continent).
• (End) device used for registration

We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed if you have previously confirmed your registration via a confirmation e-mail sent to you for this purpose to the e-mail address provided by you to SPORT1 by clicking on the link contained therein. If your confirmation in this regard is not received within four weeks, your registration and all data provided for the registration will be deleted from our database.

Login

When you authenticate yourself to the website with your access data, it is necessary for us to process the data you provide for verification. A storage of the data does not take place.

The following data is processed as part of this authentication:

• E-mail address

• Password for access

In addition, the following data is automatically matched with your profile:

• Country
• Region / Continent
• IP address (The IP address is anonymized after determining the country, region, continent).
• device used for registration

User management

For changes to your user profile, if you would like to have your user data deleted or for any other adjustments, please contact us via datenschutz@sport1.de.

Your data provided for the purpose of registration, login, or user administration will be processed exclusively in a data center in Munich.

The legal basis for the processing of your data for the purpose of registration, login or user administration is your consent according to Art. 6 para. 1 p. 1 lit. a GDPR. If you delete your user account, your data with regard to the user account will be deleted, unless their retention is necessary for commercial or tax reasons pursuant to Art. 6 para. 1 lit. c GDPR.

Registration and participation in events

On our website and on selected SPORT1 forms, you have the opportunity to register for one of our events (such as customer events, (digital) roadshows, training sessions and events - hereinafter collectively "Events"). The offers of SPORT1 are exclusively aimed at customers and business partners of Sport1 GmbH and its employees, unless otherwise agreed.

We collect and process personal data when registering for an event and when participating in an event. The scope of the personal data processed varies depending on the respective event. Further information on the scope of data processing within the scope of an event can be found in the registration forms of the respective event. However, the following data will be collected in any case:

• Your first and last name;
• Your provided e-mail address;
• Your company, incl. location / state.

We will contact you in the run-up to the event via the e-mail address provided in the registration form in order to send you further notes and information about the event and the venue. In addition, we may contact you after the event to send you giveaways and other information material. We also send our feedback surveys to our participants at the contact details provided.

In the case of sending giveaways to participants of events, the address information (street, house number, postal code, city) required for sending the giveaway may be requested separately by us in individual cases, if this has not already been done by you at the time of the declaration of participation. The provision of address information is voluntary, but the delivery of a giveaway is not possible without the processing of personal data.

The data is deleted from our web server by the system and the forms used are destroyed as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data provided to us for the event, this is the case when the respective event has ended and, in individual cases, legal retention periods have expired.

If you participate in an event, you consent to us processing your provided data for the purpose of conducting the event (Art. 6 para. 1 lit. a GDPR). We process your data in connection with a specific event in order to carry it out successfully (Art. 6 para. 1 lit. b GDPR). Participation in such events is voluntary, but not possible without the processing of personal data.

In addition, we transfer all collected business contact details to our customer relationship management system in order to inform you about further events, offers and events. The transfer of your data provided to us is therefore based on our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. Access to the system is restricted to the sales staff of the companies of the Sport1 Medien Group, taking into account an established authorization concept. The data will be deleted from our system in the event of a deletion request or if the data is no longer needed.

The user has the possibility to revoke his consent to the processing of personal data at any time. In the event of revocation of his data in the context of participation in an event, the revocation shall have the effect of terminating the service relationship entered into.

If the user contacts us by e-mail, he can also object to the storage of his personal data in our customer relationship management system at any time.

The revocation as well as an objection can be made at any time via the contact details in the imprint of the online presence, as well as under the following e-mail address datenschutz@sport1.de. All personal data stored in the course of the event will be deleted in this case.

Conduct webinars and events with Zoom

To conduct webinars as well as online events, e.g. our digital road show, (hereinafter collectively referred to as "Event") we use the webinar technology "Zoom", a service of Zoom Video Communications, Inc., 55 Almaden Blvd. Suite 600, San Jose, CA 95113, USA (hereinafter referred to as "Zoom").

The following data may be collected in the course of the implementation of events. The scope of the data also depends on what data you provide before or during participation in an event...:

• User details: first name, last name, phone (optional), e-mail address, password (if "single sign-on" is not used), profile picture (optional), department (optional).
• Meeting metadata: Topic, description (optional), attendee IP addresses, device/hardware information.
• For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
• When dialing in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data, such as the IP address of the device, can be stored.
• Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an event. To this extent, the text entries you make are processed in order to display them in the event and, if necessary, to log them. To enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can turn off or mute the camera or microphone yourself at any time via the Zoom applications.

To participate in an event webinar, you must at least provide information about your name to enter the webinar.

Zoom processes the data provided in compliance with the necessary data security measures as a contractor within the meaning of Art. 28 GDPR for us. The contractual relationship was agreed in compliance with data protection law. The data will be used by Zoom exclusively for the provision of the service (execution of the webinar). This contract (Data Processing Addendum based on the EU standard contractual clauses) can be viewed at any time under the following link: https://zoom.us/docs/doc/Zoom_Data_Processing_Addendum_Processor_Form_Final-SIGNED.pdf.    

Please note that when you are redirected to Zoom, you will leave our website and cookies and tracking technologies will be used on Zoom's website. We therefore recommend that you read Zoom's privacy policy and terms of use before visiting. After leaving our website, we have no possibility of influencing Zoom and the technologies it uses. However, Zoom undertakes vis-à-vis SPORT1 on the basis of the order processing agreement concluded to comply with the provisions of the GDPR in relation to us and the data we provide.

For more information about Zoom, as well as Zoom's data processing practices, please see the Privacy Policy and Terms of Use at https://zoom.us/de-de/privacy.html and zoom.us/de-de/terms.html. 

We use Zoom to hold events. If we want to record individual events, we will transparently communicate this to you in advance and - if necessary - ask for consent. The fact of recording will also be displayed to you in the Zoom app. If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will usually not be the case. In the case of events, we may also process questions asked by event participants for the purposes of recording and follow-up.

If you are registered as a user with Zoom, then reports on events (meeting metadata, phone dial-in data, questions and answers in webinars, polling function in webinars) can be stored by Zoom for up to one month. In Zoom there is the possibility of software "attention monitoring" ("attention tracking"), but this is disabled.

Personal data processed in connection with participation in an event will not be disclosed to third parties unless it is intended for disclosure. Please note that the content of events and personal meetings is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.

Other recipients: Zoom necessarily obtains knowledge of the above data to the extent provided for under our order processing agreement with Zoom.

The legal basis for the processing of data collected in the course of participation in a meeting or event organized by us is Art. 6 (1) lit. b GDPR. If Zoom is not used for participation in an event, we will obtain your consent for the processing of the data in advance for the implementation of an event with Zoom (Art. 6 para. 1 lit. a GDPR).

The processing of personal data by us as well as our service provider Zoom serves us solely for the implementation of the events.

Your data is stored on Zoom servers in the EU / EEA. Zoom uses this information to provide the webinar on our behalf, as well as for service optimization. An independent use of the data by Zoom, for example to contact you, as well as a transfer to third parties does not take place.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.

You have the option to cancel your participation in the event at any time. Alternatively, cancellation and deletion is possible at any time via our contact details (see section VIII).

IV. Duration of storage

We store your personal data as long as this is necessary to achieve the respective storage purpose or your consent to storage has been given. Afterwards, your data will be deleted by us, unless we are obliged to store it for a longer period of time according to Art. 6 para. 1 p. 1 lit. c GDPR due to tax, commercial or other legal storage or documentation obligations or you have agreed to a storage beyond this according to Art. 6 para. 1 p. 1 lit. a GDPR in case the purpose of storage is no longer applicable.

V. External links

You may find links on our pages that refer to third-party pages. SPORT1 has no influence whatsoever on whether their operators comply with data protection regulations.

VI. Right of information, objection and revocation

According to the General Data Protection Regulation, you have a right to free information about the data stored about you. In addition, you can object to the creation of user profiles for purposes of advertising, market research or optimization of our website. You can revoke your consent to the collection, processing or use of your personal data at any time with effect for the future.

You have the right,

information as well as information about the data stored about you - also insofar as it relates to the origin or recipient of this data - and the purpose of the storage of this data. To do so, please send a written request to the address of our data protection officer given below. In your letter, please describe as precisely as possible the type of personal data about which you would like to be informed;

have your data corrected if it is incorrect. To do so, please send a written request to our data protection officer at the address below. In your letter, please specify as precisely as possible the type of personal data you wish to have corrected;

Have your data deleted or blocked if the data storage was inadmissible or is no longer required for the further fulfillment of our tasks. To do so, please send a written request to our data protection officer at the address below. In your letter, please specify as precisely as possible the type of personal data that you would like to have deleted or blocked;

to have your data transferred. To do so, please send a written request to our data protection officer at the address below. In your letter, please specify as precisely as possible the type of personal data you would like to have transferred;

to object to the use of your data, e.g. for newsletters or advertising and market research purposes, or to revoke any consent given. To do so, please use the opt-out links mentioned above, the unsubscribe link in the newsletter or contact our data protection officer. Please note that, for organizational reasons, there may be an overlap between your revocation and the use of your data in the context of an already ongoing campaign;

complain to a supervisory authority if you are of the opinion that the processing of your personal data is unlawful. To do so, please contact the data protection authority responsible for your place of residence or federal state or the data protection authority responsible for us. This is:

BayLDA Bavarian State Office for Data Protection Supervision

Promenade 18

91522 Ansbach

Phone: +49 (0) 981 180093-0

This data protection notice can be accessed and printed out at any time under the link https://business.sport1.de/datenschutzerklaerung. Since changes in the law or changes in our internal processes may make it necessary to adjust this data protection notice, which we reserve the right to do, we ask you to check this data protection notice regularly.

VII. Security

We take the necessary security measures to protect your personal data against unlawful or accidental access, deletion, alteration or loss and against unauthorized disclosure. We encrypt your data during transmission via our website, app as well as to third-party providers and use so-called SSL connections (Secure Socket Layer). We secure our website and our other systems and personal data by appropriate technical and organizational measures, in particular against loss, destruction, unauthorized access, modification or disclosure to third parties.

VIII. Responsible entity and contact details

We will be happy to answer any further questions you may have on the subject of data protection and the processing of your data.

You can get information about the data we have stored about you at any time. In these cases, please contact the office responsible for the website:

Sport1 GmbH

Privacy

Münchener Str. 101 g

85737 Ismaning

Tel.: +49 (0) 89 99500 0

Fax: +49 (0) 89 99500 111

Data Protection Officer:

BAY GmbH Wirtschaftsprüfungsgesellschaft Rechtsanwaltsgesellschaft, Attorney at Law Dirk Seeburg

Hultschiner Strasse 8, 86177 Munich

Email: datenschutz@sport1.de