How to read this document
Welcome to the website of the International University Sports Federation. This privacy notice applies to the use of our website and the services offered on it. This privacy notice informs you about the collection of personal data while visiting the site. By using this website, you consent to the processing of your personal data in accordance with this privacy notice.
We take your privacy and confidentiality seriously. We implement best market practices for protecting your data and ensuring that you can access and control them at any time. This notice provides you with more information about what we do and how we process your personal data.
If the uses of your information change, we will provide you with more information when we are in contact with you, for example, through the Website, by e-mail, in our information materials. Where necessary, we would do that by updating our privacy notice so that you can check it when you visit the Platform or our regular website at https://www.fisu.net/.
Who we are
The International University Sports Federation (“Fédération Internationale du Sport Universitaire“, « FISU », “we“, “us“ or “our“), is an association that operates under the laws of Switzerland with number CHE-114.655.343 and having its registered offices located at Quartier UNIL-Centre, Bâtiment Synathlon, CH-1015 Lausanne, Switzerland.
FISU aims at contributing to the sustainable development and promotion of university sport and physical and sports education for students around the world.
FISU owns and manages a website https://www.fisu-events.com/ (the “Website”), which we use to allow Organising Committee and similar institutions around the world to highlight the sport events they host. When handling personal information about you and your institution, FISU will act as the data controller. If you have any questions related to handling of your personal information by FISU or to exercise your rights to privacy you can contact us at [email protected].
Collection of data and information about you
When navigating on our Website, we will collect information about you via different means and for various purposes. When doing so, we process the data in accordance with our legitimate or private interest in providing you with a great experience in our Website, and where necessary, to comply with our legal obligations and in accordance with applicable data protection laws, in particular with the Swiss Federal Act on Data Protection and its Federal Ordinance (“DPA” and “DPO”).
The information collected may include (1) user contact data such as name, position, titles, phone number and e-mail address, (2) the browser type and versions used, (3) the operating system you use to access our site, (4) the website from which you reach our website (referrer website), (5) the sub-pages you visit on our website, (6) the date and time of your visit, (7) an IP address, (8) your internet service provider, and (9) other similar data and information that serve to prevent risks in the event of an attack on our IT infrastructure.
This data and information is needed to (1) contact you for further information, (2) ensure the content of our website is displayed correctly, (3) optimise the content of our website, (4) guarantee the lasting functionality of our IT infrastructure and our website technology, and to (5) be able to provide the law enforcement agencies with the necessary information in the event of a cyberattack.
In addition, FISU may statistically analyse this data and information in order to enhance the privacy and data security of its IT infrastructure. The data and information collected is only processed for the stated purposes and is subsequently deleted.
With whom do we share information about you
Only limited individuals can access your personal data, which may include the following:
- our duly authorised employees, consultants or workers;
- approved third parties, such as IT service providers or auditors;
- other users of the Website either: (a) on a voluntary basis; or (b) where a feature of the Website allows other users to access information that is already publicly available or that you decide to transmit to us in compliance with applicable data protection laws.
Cross-border personal data transfer
When we receive information about you, we will process your personal information in Switzerland, where the Swiss DPA and DPO principles may slightly differ from your jurisdiction. However, as described below, Switzerland has a comprehensive data protection legal framework which ensures a very high standard for the protection of personal data and privacy of individuals.
a) Transfer within the EEA, Switzerland and approved countries
Switzerland is recognized by the EU Commission as a country with an adequate level of protection equivalent to the European privacy laws, which includes Regulation (EU) 2016/679 (GDPR). If you are located in a country of the European Economic Area (EEA) or in a country that is recognized as having an adequate legislation for the protection of personal data in your country, your rights to privacy are likely to rely on appropriate guarantees with regard to cross-border personal data transfer to Switzerland.
b) Transfer to third country jurisdictions
If you are located in a country, which Switzerland does not recognize as having an adequate level of protection, we will rely on appropriate safeguards with you to send personal data to your country of residence. Most of the time, you will share such personal information with us, via the Website, on a voluntary basis, for the purpose of entering into a contract with FISU or on the basis of your consent.
c) Disclosure with third parties
In certain limited cases, authorized third parties outside our organization may access your data. These may include:
- third parties who provide us with services for the administration of the Website (such as IT services in the event of a breakdown or for the maintenance of our Website);
- other third parties, such as auditors, data centers or other authorised third parties only when required by law or by a court decision, to defend legal claims or in case of an investigation by a supervisory authority;
Where engaging third parties, we have entered into agreements with them for the processing of your personal data about you so that such processing is carried out in accordance with our instructions, in a confidential, secure, transparent manner, to protect your privacy rights and comply with the application data protection laws.
Cookies and other services
Cookies or similar tracking technologies may be used on the Website to automatically collect certain information for statistical purposes only. Cookies are small text files that are placed on your device when you visit a site, which are then used to identify your device for the purposes described below. Cookies set by the owner of a site are called “first party cookies”. Cookies set by other people are called “third party cookies”. Third party cookies enable the third party to provide features or functionality on or through the site (like analytics, advertising and videos). The parties that set these third party cookies can recognize your device both when it visits our website, and when it visits certain other sites.
Such information about use of this website (including your IP address) may be transmitted to servers outside Switzerland and stored there, e.g. for Google Analytics. By using this website, you consent to the disclosure of this data.
Your web browser can be set to manage cookies and even to reject them. Do bear in mind that if you set your browser to automatically reject cookies, your user experience when visiting websites will not be the same: your preferences may not be remembered, some functionality may be lost and you may not be able to access certain areas or features of the sites.
For more information about cookies, you can visit the following website: https://www.allaboutcookies.org.
Via our website you have the option of subscribing to our newsletter. Data that you disclose to FISU for this purpose, in particular your name and email address, can be used for the regular delivery of the newsletter. The newsletter is either sent directly by FISU or by a specialised company. You can unsubscribe from the newsletter at any time (via the link in the newsletter or on the website). You can also do so by email at [email protected].
How de we protect information about you
We have implemented all appropriate technical and organizational measures to protect the personal information in our possession from unauthorized disclosure, use, modification or destruction. In addition, we are committed to protecting to the extent possible all the personal information we process from you from unauthorized access, modification or disclosure and to ensuring confidentiality, integrity and availability of your data. FISU has entered into contracts with providers to build a secure Cloud infrastructure that guarantees industry standards data security measures, including confidentiality.
We have configured our systems to apply industry standard information security measures and used recognized security framework to protect your information, which includes :
- TIER III and IV servers (ISO 27001 and FINMA) where data is hosted exclusively in Swiss data centers with dedicated resources and on-site security;
- All systems are monitored by approved Swiss third party IT service providers;
- Last generation firewalling;
- HTTPS and SSL encryption, file encryption, Password strenght requirements;
- Access controls via privileges and roles;
- Software built in accordance with privacy by design and by default principles;
- Semi-automated audit systems and services.
Where we use third party suppliers to help us with information security measures, they have committed to comply with strict data protection requirements to ensure maximum confidentiality, integrity, and availability of your personal data.
Where do we store your information
The Website is accessible from anywhere in the world and we operate from Switzerland. As a general rule, we do not transmit any information about you outside Switzerland via the Website other than on a voluntary basis or when you use our features and access, download information from the Website or with third parties.
The hosting of the Website is located on the servers of Infomaniak Network SA, a company located in, and operating from, Switzerland, with redundancy servers located in another geographic area in Switzerland. In general, our hosting providers have configured their servers so that they cannot access your data without our express authorisation.
Links to other websites
This website may contain links to the websites of other providers. FISU has no influence on these websites, their content, offerings or availability, or the data privacy notices or policies applicable there. We therefore do not accept any liability whatsoever in this regard.
Social media plugins can be placed on this website, which connect to the servers of social media platforms (e.g. Facebook, Twitter, Instagram). By clicking on one of these buttons, you consent to the disclosure of the necessary data, such as IP address and website visited, to the operator of the relevant social media platform.
How long do we keep your information
We will keep personal information we collect about you for as long as necessary for providing the services via the Website, and to comply with any legal obligations.
Where we have no legitimate business interest to continue to process your personal data or if you ask us for deletion, we will either delete, anonymise it or, if this is not possible (for example, if personal data has been stored in secured archives), we will securely store and isolate your information from any further processing until the deletion becomes possible and delete it as soon as technically possible. We will use any technology or other means to protect your data and mitigate any risks, such as obfuscation, blanking or encryption.
Under applicable privacy law, you may have a right to request a copy of information about you held by FISU. You may also have the right to revise, correct, or delete such information. Your rights to such information may be subject to limited legal and regulatory restrictions.
Under applicable privacy law (e.g. European data privacy law), you may formally object to processing of your personal information. In certain circumstances under applicable law, you may have the additional right to restrict aspects of the processing of your information or ask for a copy of your data to be provided to you, or a third party, in a digital format.
Under the California Consumer Privacy Act 2018 (CCPA), California residents have specific rights regarding their personal information held by private companies. FISU does not sell any personal information from individuals located in California, nor does FISU share any such personal information with third parties for their own commercial benefits. Californian individuals can exercise their rights by contacting us at [email protected].
In the event that any individual located in the EEA countries believes that FISU has processed information in a manner that is unlawful or breaches his/her rights, or has infringed the “General Data Protection Regulation”, such individual has the right to complain directly to the applicable Data Protection Authority. The list of those authorities can be found on the EU Commission website.
To exercise your rights, please contact FISU. If you require any more information on this, please do not hesitate to contact us at: [email protected].
FISU may modify this privacy notice at any time and without prior notice. The latest and applicable version is the one published on our website. If the privacy notice is part of an agreement with you, we will notify you of any updates or modifications by email or by other appropriate means.
We provide easily accessible information via our website or on request. If you have any questions or requests related to data protection, please contact us at the following contact details