JUGS Ventures Limited and its affiliated entities (collectively, “TMM”, “We”, “us”, and “our”) value the privacy of those who provide personal information to us. TMM shall process all personal data collected in connection on this site in accordance with the Data Protection Act (Chapter 586 of the Laws of Malta) and the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
This Policy applies to both personal information supplied to us either by an individual or by others. We may use personal information supplied to us for any of the purposes as set out in this Policy, or as otherwise disclosed at the point of collection.
This Policy is an important document. We recommend that you read it carefully and print and keep a copy for your future reference.
In this Policy, we use the terms:
“Data Controller” shall mean TMM acting as the data controller as defined by GDPR;
“Personal Information” is any information relating to an identified or identifiable natural person;
“identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors; and
“you” and “your” (and other similar terms) refer to event participants, customers and visitors to the TMM websites.
- This Policy aims to give you information on how we collect and process your personal data through your use of the site, including any data you may provide through the site for the reasons specified below.
- We may collect data relating to children for the reasons detailed below.
- It is important that you read this Policy together with any other privacy notice or fair processing notice We may provide on specific occasions when We are collecting or processing personal data about you so that you are fully aware of how and why We are using your data. This Policy supplements the other notices and is not intended to override them.
YOUR RIGHTS IN RELATION TO PERSONAL INFORMATION AND HOW TO EXERCISE THEM
Under certain circumstances you have the following rights:
- the right to ask us to provide you, or a third party, with copies of the Personal Information we hold about you at any time and to be informed of the contents and origin, verify its accuracy, or else request that such information be supplemented, updated or rectified according to the provisions of GDPR;
- the right to request erasure, anonymisation or blocking of your Personal Information that is processed in breach of the law;
- the right to object on legitimate grounds to the processing of your Personal Information. In certain circumstances we may not be able to stop using your Personal Information, if that is the case, we’ll let you know why; and
- withdrawal of consent – while we do not generally process Personal Information on the basis of consent when Personal Information is processed on the basis of consent an individual may withdraw consent at any time. In the event that you no longer want to receive any marketing material from us, please use the unsubscribe option (which is in all of our marketing emails to you), or contact the Data Controller as set out below.
To exercise such rights and if you have any questions about how we collect, store and use Personal Information, then please contact us using the details [email protected]
WHAT BASIS DO WE HAVE FOR PROCESSING YOUR PERSONAL INFORMATION?
We will only process personal Information where we have a lawful reason for doing so. The lawful basis for processing Personal Information by us will be one of the following:
- the processing is necessary for the performance of a contract you are party to or in order to take steps at your request prior to you entering into a contract;
- the processing is necessary in order for us to comply with our legal obligations (such as compliance with anti-money laundering legislation);
- the processing is necessary for the pursuit of our legitimate business interests (including that of the delivery and the promotion of our services); and
- processing is necessary for the establishment, exercise or defence of legal claims.
WHAT PERSONAL INFORMATION DO WE COLLECT AND PROCESS?
We aim to be transparent about why and how we process Personal Information. For further information on our processing activities please review the relevant section below:
Customer Information: TMM, on behalf of itself and its affiliated entities, is a Data Controller of the personal data you (data subject) provide us. We collect the following types of personal data from you, you give us by filling in forms or by corresponding with us:
- Email Address
- Mailing Address
- Phone number
- Date of Birth
- Emergency contact name and number
- Tough Mudder event series participation history
Information we collect automatically
As you interact with the site, We may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites.
Use: For contact and communication purposes: we may use your contact information to send you updates that we may circulate from time to time, news about any events we are organising or you are participating in, and/or other information about us and the services that we provide that we believe may be of interest to you. We may also use such information for performing analytics such as trends, sales intelligence, marketing effectiveness (such as click and open rates) uptake and progress.
Retention: We will not retain your data for longer than necessary for the purposes set out in this Policy. To determine the appropriate retention period, we consider the categories, amount, nature and sensitivity of personal data, the potential risk of harm from unauthorized use of disclosure of the personal data, the purposes for which we process the personal data, if we can achieve the purposes through other means, and the applicable legal requirements.
Our services are not directed to or intended for use by children, except for children who are registered for Tough Mudder events by their parents or guardians. We will only collect information about children when we have the express consent from the child’s parent or guardian. The information we collect will only be used by Tough Mudder and our partners to provide relevant event entries and participation. We need to use the information that you give us about your children to fulfil our agreement with you to provide our services. If we learn that we have received information directly from a child under age 16 (or age 13 in certain jurisdictions) without his or her parent’s or legal guardian’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use our services. Subsequently, we will delete such information.
WHO ELSE MAY HAVE ACCESS TO YOUR PERSONAL INFORMATION?
On occasion, we may need to share your Personal Information with third parties. We will only share Personal Information where we are legally permitted to do so. We may pass your Personal Information to third parties such as:
- events: we may need to pass on your Personal Information (e.g. name, age) to a third party in connection with management of an event, in which case the details will only be used by the third party for that specific purpose;
- business partners, service providers and other affiliated third parties: to enable us to provide our services to you
- disclosures required by law or regulation: in certain circumstances, please note that we may be required to disclose Personal Information under applicable law or regulation, including to law enforcement agencies or in connection with proposed or actual legal proceedings.
- emergency or health incidents
- in case of change of ownership of control of Tough Mudder as a merger, sale, acquisition or bankruptcy
HOW WE USE YOUR INFORMATION
- General (for contract performance)
- Promotion communications (by subscription)
- Web banner advertising
- Use of site (may share this with third parties like AWIN)
We need your personal data in order to provide you with event information and operational information.
INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION (INCLUDING TO OUTSOURCED SERVICE PROVIDERS)
From time to time, we may need to transfer your Personal Information between Tough Mudder affiliated entities, who may have offices that are located in territories outside of the European Economic Area (“EEA”), including the UK and the USA, in order to provide you with the services required.
Please note that the legal regimes of some territories outside of the EEA do not always offer the same standard of data protection as those inside the EEA, although we will ensure that your Personal Information is only ever treated in accordance with this Policy.
Where necessary, we have entered into standard European Commission approved form model data protection clauses (if a transfer is to the United States a service provider must either enter into the standard European Commission form approved data protection clauses or be Privacy Shield certified) to provide you with the service required and with our external service providers and business partners in relation to services that they may provide that involve processing data from locations outside of the EEA for which we are Data Controller.
HOW WE LOOK AFTER YOUR PERSONAL INFORMATION
We have in place appropriate technical and organisational security measures to protect your Personal Information against unauthorised or unlawful use, and against accidental loss, damage or destruction.
We put in place strict confidentiality agreements (including data protection obligations) with our third party service providers.
LINKS TO OR FROM OTHER WEBSITES
Our website may link to other, unaffiliated third party websites. Please note that TMM is not, and cannot, control or be responsible for the content or privacy and confidentiality practices of any third party websites. You must always carefully review the privacy and confidentiality policy of any third party website that you may visit in order to understand how the operators of that website may collect, store and use your Personal Information.
UPDATES TO THIS POLICY
Please check back regularly to keep informed of updates to this Policy.
While we hope that you will not need to, if you want to complain about our use of Personal Information please send an email detailing your complaint to TMM’s Data Protection Officer at [email protected]
You also have the right to lodge a complaint with the relevant supervisory authority. Please see further details below:
The Information and Data Protection Commissioner (IDPC)
Floor 2, Airways House,
Triq Il-Kbira, Tas-Sliema SLM 1549, Malta
Tel: +356 2328 7100
Email: [email protected]