How we use your information
This website and the associated apps are operated by The ID Band Company Limited (IDBandCo).
Throughout the site, the terms “we”, “us” and “our” refer to IDBandCo in connection with the provision of ID bands and related services and we areindependent data controllers of the information collected through our site (sportsguardian.com).
This policy sets out how we each use your personal data.
Please note that if you purchase an ID Band and related services affiliated with a third part organisation (for example, Beyond Swim), the privacy policy will vary: please see the privacy policy on the relevant affiliate page of our website for more information.
This privacy notice applies to information we collect about:
- Individuals who purchase an unaffiliated band; and
- Users of the associated Band App.
1.1 Our commitment to protecting your personal information
Whenever you provide personal information to a third party, that party is legally obliged to use your information in line with data protection law.
This privacy policy explains the following:
- the services available via the Band App and who is involved;
- who the controller is for the personal data processed when you use the Band App;
- what information is collected about you;
- what information is held about you;
- how your personal data is used and why;
- where your data is stored;
- your rights;
- points of contact for queries, objections and complaints.
In this privacy policy the following terms have the following meanings:
Controller: "The person or entity which alone or with others determines the purposes or means or processing of personal data".
Processor: "Any person or legal entity who processes personal data on behalf of the controller".
2. The Band App services
The Band App allows you to use the following services with a secure login:
- Access and update your personal information including your name, address and email address and:
- Medical conditions (one primary and unlimited secondary conditions);
- Allergies;
- Medications;
- Medical history;
- Additional information/notes;
- ICE contacts (name, relationship, contact numbers);
- Check into and out of Band zones set up by participating venues;
- View your attendance record and timings (how long they were checked into a venue zone);
- Show the participating venues that you attend;
- Disable the QR code on the Band in the event it is lost or stolen.
3. Personal data - who controls its use
IDBandCo is the controller of your personal data. The processor of your personal data will depend on the service to which it relates. For example:
3.1 Paramedics and Emergency Services
In the event of a medical incident or emergency while you are checked in at a participating venue, attending paramedics will have access to your personal data via the personalised QR code on your Band and the data printed thereon for the purposes of:
- Identifying you;
- Identifying any pre-existing medical conditions;
- Identifying any allergies;
- Being made aware of any additional information provided by you;
- Contacting your ICE contacts.
3.2 General Public
In the event of a medical incident or emergency while you are checked in at a participating venue, and in the absence of any venue staff, paramedic or emergency services, members of the public can access your personal information via the personalised QR code on the Band and the data printed thereon for the purposes of:
- Identifying you;
- Identifying any pre-existing medical conditions;
- Identifying any allergies;
- Being made aware of any additional information provided by you;
- Contacting your ICE;
- Conveying any or all of this information to venue staff, paramedics and emergency services.
3.3 Processors
When organisations are engaged to process your personal information on behalf of a different controller organisation, there will always be a contract in place. These processor organisations must have agreed to keep your information secure and only use it for the purposes they have been instructed to.
4. Features
4.1 Band App messaging
Band App messaging enables us to send you general communications and updates relating to the Band App and services available within it.
4.2 User research panel
We would like to contact you about taking part in user research to improve the Band App and connected services. We will ask you if you would like to join our user research panel when you register for the Band App or on a subsequent login. If you choose to do so, we may ask you to:
- try new features;
- answer questions by email;
- talk to our researchers about your experience of using the Band App or connected services.
You can always say no to an invite, and you can leave the user research panel at any time.
5. What information we collect about you and how it is used
The information processed for the purposes of the Band App can be split into a number of different categories:
- Band App audit data: information captured about your use of the Band App, such as the time of use, actions you took using the Band App, and associated technical log events.
- Band App messaging: if we send messages, we will use your Band App account to do this.
- Band App mailing list membership(s) We contract a specialist organisation to send out bulk emails and manage our lists of email subscribers. We use only your email address and mailing preferences needed to operate this service.
- Band App feedback & surveys: the personal data you provide if you provide feedback such as responding to one of our surveys.
6. How we use your personal data and why
The processing of your personal data is necessary to provide you with Band services and ensure the functionality of the Band App works.
You will not be able to use the Band App unless you have agreed to its terms of use and this privacy policy.
The organisation that is the processor of your personal data will depend on the information in question.
We may need to share your personal information if we are required to do so by law.
How and why we use your personal data
Under data protection law, we can only use your personal data if we have a proper reason, eg:
- where you have given consent;
- to comply with our legal and regulatory obligations;
- for the performance of a contract with you or to take steps at your request before entering into a contract; or
- for our legitimate interests or those of a third party.
The table below explains what we use your personal data for and why.
What we use your personal data for |
Our reasons |
Providing products and services to you |
To perform our contract with you or to take steps at your request before entering into a contract |
Other activities necessary to comply with professional, legal and regulatory obligations that apply to our business |
To comply with our legal and regulatory obligations |
Statistical analysis to help us manage our business |
Legitimate interest in relation to [our financial performance, customer base, product range or other efficiency measures |
For our legitimate interests or those of a third party |
Legitimate interest to be as efficient as we can so we can deliver the best service to you at the best price |
Preventing unauthorised access and modifications to systems |
For our legitimate interests or those of a third party |
Marketing our products and services |
For our legitimate interests |
Marketing
We may use your personal data to send you updates (by email, text message, telephone or post) about our products or services], including exclusive offers, promotions or new products or services.
We have a legitimate interest in using your personal data for marketing purposes (see above ‘How and why we use your personal data’). This means we do not usually need your consent to send you marketing information. However, where consent is needed, we will ask for this separately and clearly.
You have the right to opt out of receiving marketing communications at any time by:
- contacting us at sales@theidbandco.com; or
- using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts
We may ask you to confirm or update your marketing preferences if you ask us to provide further products or services in the future, or if there are changes in the law, regulation, or the structure of our business.
Who we share your personal data with
We routinely share personal data with:
- third parties we use to help deliver our products and services to you, e.g. payment service providers, Royal Mail, marketing services and agencies, email marketing providers, website hosts, app hosts and data processors.
We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.
We may also need to:
- share personal data with external auditors;
- disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations;
- share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring—usually, information will be anonymised but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).
6.1 Legal basis for using each category of information and how long IDBandCo hold the data for
Category of information |
Legal basis for using this data |
Personal information |
Provision of Band products and services to you |
Medical information |
Provision of Band products and services to you |
ICE contacts |
Provision of Band products and services to you |
Band App mailing list membership(s) |
Your consent specifically provided when you opted to join a mailing list |
Feedback and surveys |
Your consent via acceptance of our privacy policy and giving your agreement to take part in a survey |
Where this data is stored and processed
We only store and process your personal data within the UK, European Economic Area (EEA) and USA. Whenever your data is transferred outside the EU we will make sure the organisation receiving the personal data has provided adequate safeguards.
7. Your rights
Under the Data Protection Act 1998 and General Data Protection Regulation, you have rights as an individual which you can exercise in relation to the information we hold about you. You can read more about these rights at https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/.
Your rights include:
- your right to request access to the personal information that we hold about you by making a subject access request;
- if you believe that any of your personal information is inaccurate or incomplete, you have a right to request that we correct or complete your personal information;
- your right to request that we restrict the processing of your personal information for specific purposes; and
- if you wish us to delete your personal information, we will do so at your request.
Access to personal information
We try to be as open as we can in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’. If we do hold information about you, we can:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
To make a request to us for any personal information we may hold, please contact us using the contact details provided below. This description on your rights will not limit any other right granted to you as a ‘data subject’ under GDPR or any other applicable law.
Complaints or queries
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. Please contact us using the contact details provided further down this page.
You also have the right to lodge a complaint with a supervisory authority, which, in this instance, is the Information Commissioner’s Office (ICO). If you want to make a complaint about the way we have processed your personal information, you should do so on the ICO website: https://www.ico.org.uk/concerns.
8. Points of contact for queries
If you have any queries in relation to the use of your personal data within the Band App or if you would like to register a complaint, or simply want more information contact:
IDBandCo: Privacy Compliance Officer at
sales@theidbandco.com or by mail at Privacy Compliance Officer, The ID Band Company, Unit 9 Oak Drive, Lionheart Enterprise Park, Alnwick, NE66 2EU, United Kingdom.
9. Changes to the privacy policy
The terms of our privacy policy may change from time to time. We will inform you via the Band App and request your continued agreement if we make any significant changes to our privacy policy, cookies policy or terms of use.