1) What Do We Do?
The Swiss Underwater Sports Federation (SUSV), headquartered at Talgutzentrum 27, 3063 Ittigen (hereafter referred to as “we”), operates the website www.susv.ch. On this website, you can find information about the federation (structure, contacts, projects), the associated underwater sports, the respective offers/competitions, and news about the underwater world in Switzerland.
Protecting your personal data is of great importance to us. In this data protection declaration, we transparently and clearly inform you about the data we collect via our website and how we handle it.
2) What Do We Inform You About?
- Which data is collected on www.susv.ch;
- Under what conditions we process your data and for what purpose;
- How long we retain your data;
- When sharing your data with third parties is permitted;
- How we process your data (“individual data processing operations”);
- When and how you can object to data processing;
- Your rights and how you can exercise them.
3) Definitions of Terms
3.1) What are personal data?
Personal data (also referred to as “personal information”) include any information relating to an identified or identifiable natural person. This includes, for example, name, address, date of birth, email address, or telephone number. Information about personal preferences such as hobbies or memberships also counts as personal data.
3.2) What are particularly sensitive personal data?
Data about religious, ideological, political, or union-related views or activities; health information, and possibly details about administrative or criminal prosecutions and sanctions as well as data about social assistance measures are considered particularly sensitive personal data. If necessary and appropriate, we may collect and process such sensitive personal data. In this case, their processing is subject to stricter confidentiality requirements.
3.3) What is processing personal data?
Processing refers to any handling of personal data, regardless of the means and methods used. This includes, in particular, collecting, storing, retaining, using, modifying, disclosing, archiving, deleting, or destroying data.
3.4) What does disclosing personal data mean?
This refers to transmitting or making personal data accessible, e.g., publishing or sharing them with a third party.
4) What Data Do We Collect About You, and From Whom Do We Receive This Data?
Primarily, we process personal data that you provide to us or that we collect during the operation of our website. Under certain circumstances, we may also receive personal data about you from third parties. These could include the following categories:
- Personal master data (name, address, date of birth, etc.);
- Contact details (mobile number, email address, etc.);
- Financial data (e.g., bank account information);
- Online identifiers (e.g., cookie IDs, IP addresses);
- Location and traffic data;
- Audio and visual recordings;
- Particularly sensitive data (e.g., biometric data or information about your health);
- Information on discipline-specific training.
4.1) Under What Conditions Do We Process Your Data?
We process your data in good faith and in accordance with the purposes outlined in this data protection declaration. We ensure transparent and proportionate processing.
Should we be unable to comply with these principles in exceptional cases, data processing may still be lawful if a justification exists. Justifications may include:
- Your consent;
- The execution of a contract or pre-contractual measures;
- Compliance with legal obligations;
- Our legitimate interests, provided your interests do not prevail.
In some cases, you are required to provide us with certain personal data to initiate a business relationship. Without such data, we are generally unable to process a contract.
Furthermore, the website cannot usually be used if certain information, such as your IP address, is not disclosed to ensure data transmission.
4.2) How Can You Withdraw Your Consent?
If you have given us your consent to process your personal data for specific purposes, we will process your data within the scope of that consent unless we have another legal basis.
You can withdraw your consent at any time by sending an email to the address listed in the imprint. Processing that has already taken place is not affected by the withdrawal.
If you have subscribed to our newsletter, you can unsubscribe by clicking the link provided in the newsletter.
4.3) In What Cases Can We Share Your Data with Third Parties?
a) General Principle
We may need to engage the services of third parties or affiliated companies to process your data (so-called processors). Categories of recipients include:
- Accounting, fiduciary, and auditing companies;
- Consulting firms (legal, tax, etc.);
- IT service providers (web hosting, support, cloud services, web design, etc.);
- Payment service providers.
We ensure that these third parties and our affiliated companies or associations comply with data protection requirements and treat your personal data confidentially.
Under certain circumstances, we may also be required to disclose your personal data to authorities.
b) Visiting Our Social Media Channels
Our website contains links to our social media channels. These are recognizable (typically through corresponding symbols). Clicking on these symbols will direct you to our social media channels.
Social media providers will then know from where you are accessing their network. They may use the collected data for their own purposes. Please note that we have no knowledge of the content of the transmitted data or how the operators use it.
c) Transfer Abroad
In the course of processing, your personal data may be transferred to companies abroad. These companies are obligated to the same level of data protection as we are. Transfers may occur worldwide.
If the level of data protection does not correspond to that of the EEA/Switzerland, we conduct a prior risk assessment and contractually ensure equivalent protection (e.g., using the EU Commission’s new standard contractual clauses or other legally required measures). Should our risk assessment yield a negative result, we implement additional technical measures to protect your data.
You can view the EU Commission’s standard contractual clauses here:
https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en.
4.4) How Long Do We Retain Your Data?
We retain personal data only as long as necessary to fulfill the purposes for which the data was collected.
Data collected during your visit to our website is stored for twelve months. An exception applies to analysis and tracking data, which may be retained longer.
We retain contractual data for a longer period due to legal obligations. In particular, we must keep business communications, concluded contracts, and accounting records for up to 10 years. Once we no longer require such data to provide our services, it is locked and used only for accounting or tax purposes.
4.5) How Do We Protect Your Data?
We store your data securely and take all reasonable measures to protect it from loss, unauthorized access, misuse, or modification.
Our contractual partners and employees who have access to your data are obligated to comply with data protection laws. In some cases, it may be necessary to forward your inquiries to affiliated companies. Your data will also be treated confidentially in such cases.
Within our website, we use SSL (Secure Socket Layer) technology with the highest level of encryption supported by your browser.
4.6) What Are Your Rights?
a) Right to Information
You can request information about the data we store about you at any time. Please send your request along with proof of identity to gpk-ccg@susv.ch.
You also have the right to receive your data in a commonly used format if:
- You have consented to the processing of this data; or
- You disclosed the data in connection with the conclusion or execution of a contract.
We may limit or deny the release of information if it conflicts with our legal obligations, legitimate own or public interests, or the interests of third parties.
Your request will be processed within the statutory 30-day period. However, we may extend this period due to high request volumes, legal or technical reasons, or the need for further clarification from you. You will be informed of any extension in a timely manner, at least in text form.
b) Deletion and Correction
You can request the deletion or correction of your data at any time. We may deny your request if legal provisions require us to retain or keep your data unchanged or if another justification opposes your request.
Please note that exercising your rights may conflict with contractual agreements and affect contract execution (e.g., early contract termination or associated costs).
c) Legal Recourse
If you are affected by the processing of personal data, you have the right to enforce your rights in court or file a complaint with the competent supervisory authority. In Switzerland, this is the Federal Data Protection and Information Commissioner: http://www.edoeb.admin.ch.