Privacy Policy
General Data Protection Regulation (GDPR)
We attach great importance to the protection of your data. This page details how Doinsport collects, uses, stores, and secures personal data in accordance with the GDPR.
Last updated: August 12, 2025
Summary
1 – Commitments
DOINSPORT SAS is committed to processing all transmitted or collected data in compliance with applicable legislation, including the amended French Data Protection Act (Loi n°78-17) of January 6, 1978, the General Data Protection Regulation (EU) 2016/679 (GDPR), the ePrivacy Directive, and associated national texts.
This policy applies to: professionals/partners, employees, job applicants, customers and prospects, visitors browsing www.doinsport.com, as well as users of the v3.doinsport.club platforms and the custom mobile applications published by Doinsport.
2 – GDPR Glossary
Personal Data: Any information identifying an individual, directly or indirectly.
Processing: Any operation performed on data (collection, storage, modification, communication, erasure, etc.).
Data Subject: An individual identified or identifiable by the processed data.
Data Controller: The entity that determines the purposes and resources of the processing.
Processor: The entity processing data on behalf of the data controller.
Recipient: The person or organization receiving communication of the data.
Cookie: A small file stored on a device to facilitate navigation and/or measure audience engagement.
Biometric Data: Data relating to physical, physiological, or behavioral characteristics that allow unique identification.
Pseudonymization: Separating identifying information from the main data to minimize exposure risks.
3 – Categories of Data Collected
In accordance with the principle of data minimization, only strictly necessary data is collected:
Identity: Last name, first name, profile picture/logo.
Contact Details: Mailing address, telephone number(s), email address(es).
Professional Details: Job title, status, remuneration, insurance/benefits.
Connection Data: IP address, device type, browser, cookies.
Service Usage: Booking history, payment methods, sports preferences.
Technical/Specific Data: Access control logs, automated court lighting, and data from integrated third-party APIs.
4 – Purposes of Data Processing
Compliance with legal and regulatory obligations.
Human resources management and recruitment.
Customer, supplier, and partner relationship management.
Provision, improvement, and personalization of online and on-site club services.
Security, maintenance, and optimization of systems.
Invoicing, payments, and accounting.
Statistical analysis and user experience optimization.
Fraud prevention and secure transaction management.
Marketing and communications (with prior consent where legally required).
5 – Data Access
Access to personal data is strictly restricted to authorized staff and service providers bound by confidentiality obligations. Selected processors provide sufficient guarantees regarding security and GDPR compliance.
No data is sold, rented, or shared with third parties outside the legal/contractual framework. In the event of data transfers outside the European Union, appropriate safeguards are put in place (standard contractual clauses or equivalent).
6 – Data Retention Periods
Data is retained only for the period strictly necessary to fulfill the intended purposes:
Processing Type | Maximum Retention Period |
|---|---|
Recruitment | 3 years if the candidate is not hired |
HR Management | 5 years after employee departure |
Payroll | 5 years after payment |
Sales Leads | 1 year after the last contact |
IT Data and Court Access | 1 year after the user departs |
Biometric Data | Duration linked to the specific purpose, immediate deletion upon withdrawal of consent |
7 – Individual Rights
You hold the following rights: access, rectification, erasure, restriction of processing, objection, data portability, withdrawal of consent at any time, protection against automated decision-making with significant legal effects, and notifications in the event of personal data breaches.
To exercise your rights, please see DPO Contact.
8 – Security
Data encryption in transit and at rest.
Strong multi-factor authentication and strict access controls.
Regular backups and restoration tests.
Continuous surveillance and security incident detection.
Employee training and data security awareness sessions.
Official notification procedures to regulatory authorities (CNIL) and proactive communication to affected parties in the event of high-risk data breaches.
9 – DPO Contact
DOINSPORT SAS – Data Protection Officer
7, rue François Moisson – 13002 Marseille – France: support@doinsport.com
Please specify the right you wish to exercise, include your full name and contact information, and provide a valid proof of identity.
© 2026 DOINSPORT SAS — All rights reserved.
