The processing of personal data, such as the name, email address, or gender of a data subject is in line with the General Data Protection Regulation (GDPR). By means of this data protection declaration, we would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.
As the controller, the International Quidditch Association has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed.
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
International Quidditch Association
Collection of general data and information
The Website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using these general data and information, the International Quidditch Association does not draw any conclusions about you. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the International Quidditch Association analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
You have the possibility to register on the website of the controller with the indication of personal data. For this reason you may enter your email address. The entered email address is publicly visible on your referee profile. You are free to ask us to change your email address or to delete your referee profile including your email address.
We will provide information upon request to you as to what personal data are stored about you. In addition, we will correct or erase personal data at your request or indication, insofar as there are no statutory storage obligations.
After the registration with your email address, you are free to add additional personal data to your referee profile, which are not required to use Referee Hub (but may be required to prove your identity to tournament organizers). These include your name, your pronouns, your National Governing Body affiliations and additional information about yourself. All information entered is visible to anyone on your public referee profile and you can change and remove it at any time. You also have the choice to not show your pronouns on your public referee profile.
You have the right granted by the European legislator to obtain our confirmation as to whether or not personal data concerning you are being processed, to ask us which data we store about you, to rectify inaccurate personal data, to complete data, to ask us to erase your data, to get your data in machine-readable format for portability, to object to the processing of your personal data and to withdraw your consent. If you wish to avail yourself of this rights, you may, at any time, contact the IQA.
Legal basis for the processing
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. If we are subject to a legal obligation by which processing of personal data is required, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).