PRIVACY POLICY
This privacy notice tells you in simple words what to expect us to do with your personal
information when you make contact with us through our website.
We’ll tell you:
❖ Who we are and how to contact us
❖ what data we are processing
❖ why we are processing it, the purpose of our processing it and how long we keep it
❖ whether we will share it with anyone else
❖ whether we will transfer it outside of the European Economic Area (EEA)
❖ how we keep your data safe and
❖ your rights
❖ Who we are and how to contact us.
We are the TATOI CLUB TC LIMITED, with registered address at Erythraeas 22, Acharnes 136 77, Greece, one of the best private members clubs in Europe providing state of the art tennis and sports facilities. We also function as an international training hub for wellknown world class athletes, by offering an integrated fitness programme of the highest standards and a complete wellbeing experience.
We are IMG, International Merchandising Company, LLC, with it registered address at c/o Corporation Service Company, 50 West Broad Street, Suite 1330, COLUMBUS OH 43215 , a subsidiary of Endeavor (NYSE:EDR), a global entertainment, sports and content company. We are a global leader in sport, events, fashion, and media. We manage some of the world’s greatest athletes (Serena Williams, Novak Djokovic, Maria Sharapova, Naomi Osaka, Kei Nishikori, Daniil Medvedev, Andrey Rublev & Denis Shapovalov) and fashion icons; We own and operate hundreds of live events annually including the Miami Open, San Jose, Rio, Abu Dhabi. We also specialize in licensing, sports training and league development.
Both companies are joint controllers of the processing of your personal data.
We comply with the U.S. Children’s Online Privacy Protection Act (“COPPA”), (ii) other
U.S. federal and state laws, including the Federal Trade Commission Act and the California Consumer Privacy Act, (iii) Personal Information Protection and Electronic Documents Act (“PIPEDA”), (iv) European Union law, including member state regulations, instruments, data protection laws, applicable codes of conduct or practice, the General Data Protection Regulation EU (2016/679), and the ePrivacy Directive (as implemented in each member state and as amended from time to time, or as it may be superseded by an EU regulation), and (v) all regulations and other laws enacted pursuant to, or amending, replacing or superseding the foregoing.
You can contact the TATOI CLUB at our postal address: Erythraeas 22, Acharnes, 13677, helpline number: +30 214 4166000, Email address: iam@tatoiclub.com
Our Data Protection Officer is Mr Pericles Paschakis, Advocate of the Supreme Court of Greece, specialized in the G.D.P.R. You can contact him via mail at pp@paschakislaw.com or by phone 210-3647810, 9.00-16.00 Monday- Friday.
You can contact the IMG at dataprivacy@IMG.com.
❖ what data we are processing
We try to minimize the data we keep and to keep the data that is exclusively necessary for the purpose we keep it. We keep this data within our computer systems. These are data coming from you.
When you visit our web page we use cookies. Please read more details about our cookies policy on our website.
We process the following data: first and last name, email address, phone number, contact details, unique online identifiers.
More personal information is collected when you apply for the FUTURE STARS tournament through our apply button.
Before you apply we will give you more details about what other information we collect and what we do with it.
❖ why we are processing it, the purpose of our processing it and how long we keep it.
In the main, we process your data when you contact us , when you fill in forms or by corresponding with us by , phone, email or otherwise. As you interact with our website we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We collect your data which are essential for our legitimate interests, in order to provide you with more information and more details about the FUTURE STARS tournament and our venues , to keep you updated about the tournament and our events and to support your enquires.
We only keep your data for as long as we need it for, which will be at least for the duration of the FUTURE STARS tournament and 1 year after.
❖ Who we share your data with
Employees within our companies who have responsibility for the FUTURE STARS tournament and administration will have access only to your data which is relevant to their function. Our relationship to them is governed by binding rules concerning their liability for the use of such data.
We may disclose your information to third-party service providers for the purposes of providing services to us or directly to you on our behalf. When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions. We have a data processing agreement in place with such third parties to ensure data is not compromised. Third parties are obliged to implement appropriate technical and organisational measures to ensure the security of your data.
Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.
Many of Our external third parties are based outside the European Economic Area (the “EEA”) so their processing of your personal data will involve a transfer of data outside the EEA. Such destinations may not have laws which protect your information to the same extent as in the EEA.
Whenever We, or a third party to whom we transfer your personal data, transfers your personal data out of the EEA, We ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
(a) your personal data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in nonEU countries;
(b) specific contracts approved by the European Commission are put in place which give personal data the same protection it has in the EU. For further details, see European Commission: Model contracts for the transfer of personal data to third countries; or
(c) where we transfer your personal data to a country outside of the EEA (including, the United States of America) we shall ensure that we will rely on the Standard Contractual Clauses.
Please contact us if you want further information on the countries to which personal data may be transferred and the specific mechanism used by Us when transferring your personal data out of the EEA.
❖ Automated decision making
Automated decision making means making decision about you using no human involvement e.g. using computerised filtering equipment. No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement) which has a significant impact on you.
❖ How we keep your data safe
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such. We have adopted the technical and organisational measures necessary to ensure the security of the personal data we collect, use and maintain, and prevent their alteration, loss, unauthorised processing or access, having regard to the state of the art, the nature of the data stored and the risks to which they are exposed by human action or physical or natural environment.( e.g security audits, encryption of sensitive information, restricted access) Where we have given you (or where you have chosen)a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
❖ Your rights
✓ Your right to access data
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process. We always aim to be as open as we can and allow people access to their personal information. Where we hold your personal data, you can make a ‘subject access request’ to us and we will provide you with:
a description of it;
an explanation of why we are holding it;
information about who it could be disclosed to; and
a copy of the information – unless an exception to the disclosure requirements is
applicable.
If you would like to make a ‘subject access request’ please make it in writing to [the DPO whose contact details are set out above] or at the mail addresses that are listed above and mark it clearly as ‘Subject Access Request’
✓ Right to stop marketing messages
You always have the right to stop marketing messages. We will usually include an unsubscribe button in any marketing emails. If you do wish to unsubscribe, please just click the unsubscribe button and we will promptly action that request. Alternatively, you can update your marketing preferences by contacting us at any-time.
✓ Right to be forgotten
If we hold personal data about you, but it is no longer necessary for the purposes that it was collected and cannot otherwise be justified, you have the right to request that we delete the data in certain circumstances .
✓ Right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
✓ Right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances.
✓ Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us to someone else, or give it to you. The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated. We will action this request, usually by sending the data in a CSV file.
✓ 9.7 Right to complain
If you are unhappy with how we have handled your request, you should first complain to us iam@tatoiclub.com, dataprivacy@IMG.com, or το our D.P.O pp@paschakislaw.com
❖ What we do with children’s data.
We are committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children’s online activities and interests. We do not provide services directly to children (under the age of 15). We collect their personal information from the holders of their parental responsibility and we provide services to them only under the written consent of the proven holders of parental responsibility. We strictly limit the personal information that is publicly viewable about a member who is known by us to be a child. We do not subject children to decisions based solely on automated processing (including profiling). The information in the relevant parts of this notice applies to children as well as adults.
❖ Review of our privacy notice
We keep our privacy notice under regular review to make sure it is up to date and accurate. Our last update 31/7/2021.