Artboard 2 Privacy Policy

Tennis Integrity Unit Privacy Policy


WHO ARE THE TIU AND WHAT DO WE DO?

The Tennis Integrity Unit ("TIU", "we", "us", “our”) is the dedicated anti-corruption unit for professional tennis and is charged with enforcing the sport's zero tolerance policy towards gambling related corruption world-wide.

The TIU is an unincorporated association, based in Roehampton, London and is operationally independent from the sport of tennis. It receives its funding from tennis’ major stakeholders (the "Governing Bodies"), being: ATP Tour, Inc. ("ATP"); the International Tennis Federation ("ITF"); the Women's Tennis Association ("WTA"); and the Grand Slam Board (being Australian Open, Roland-Garros, US Open and, in the case of Wimbledon, a joint Committee of Management consisting of AELTC) (the "Grand Slam Board"). The TIU reports to the Tennis Integrity Board (“TIB”), which comprises a representative from each of the Governing Bodies and the Grand Slam Board. Members of the TIB each in turn appoint a Professional Tennis Integrity Officer (“PTIO”). The TIU liaises with the TIB and the PTIOs in respect of its day to day functioning.

WHAT THIS PRIVACY POLICY TELLS YOU

  1. Who we collect personal data about;
  2. What types of personal data you provide to us when using the http://www.tennisintegrityunit.com/ website (the “Website”), when you use our app or when you otherwise directly interact with us on other occasions. We also explain what types of personal data the TIU may collect from you or receive about you from third parties; 
  3. How and why we use this data and the reasons we are legally allowed to do so;
  4. Who we share your data with;
  5. Your rights over your data and how you can exercise those rights; and
  6. How to contact us if you have any issues or want to find out more.

When we refer to “personal data” in this Privacy Policy, this covers any information from which you can be personally identifiable (whether directly or indirectly). This includes things like your name, email, date of birth, address, phone numbers, online identifiers and device IDs, financial information, certain special categories of information (such as your religious beliefs, health related data, marital status, sexual history etc.) and data relating to your criminal convictions and offences.

For the purposes of the General Data Protection Regulation (EU) 2016/679 or “GDPR” (and all other laws relating to the use your personal data), the TIU is the “data controller”, meaning that we are responsible for deciding how your personal data is used and more importantly, for keeping your data safe and only using it for legitimate reasons. We are committed to protecting your privacy and will take all steps necessary to comply with our legal obligations when collecting and using your personal data. This Privacy Policy explains how we fulfil this commitment, so please read this carefully.

If we update our Privacy Policy, we will post any changes on our Website and through our app.

WHO DO WE COLLECT INFORMATION ABOUT?

We collect personal data about tennis players, courtsiders, gamblers and other people in the tennis community, including tournament officials, coaches, physiotherapists, match supervisors, umpires, media representatives and other individuals who have obtained accreditation for the purposes of attending a professional tennis match or other competition organised, sanctioned or recognised by any of the Governing Bodies as a player guest or as tournament support provider.

We may also collect information about other individuals who have directly interacted with us as part of an investigation (i.e. witnesses), people who have downloaded a copy of the Tennis Anti-Corruption Program (“TACP”) or who otherwise browse or use our Website or app and business contacts of the TIU.

WHAT INFORMATION DO WE COLLECT AND HOW?

Data which you provide directly to us:

You may provide personal data directly to us:

  • When you sign-up to, access and use the Tennis Integrity Protection Programme (“TIPP”), which personal data may include your name, date of birth, nationality, email address, password, WTA, ITF or ATP player portal log-in details and International Player Identification Number (“IPIN”).
  • When you download a copy of the TACP, which personal data shall be your name and email address.
  • In the context of an anti-corruption investigation where we may request personal data from you, including telephone records, bank details and credit card transactions. We will also obtain other personal data about you from a recorded interview with you.
  • If you communicate directly with us, whether that is by email, phone, the Website, our app or if you send us a letter.
  • If you make a complaint or grievance to the TIU.
  • When you attend an education workshop, conference or seminar organised by the TIU, which personal data may include registration information such as your name, address and other contact information.

Data which the TIU collects itself or receives from third parties:

The TIU collects and receives personal data about you through various different methods and third party sources including, without limitation:

  • Where you are subject to an investigation, we may extract information from your devices.
  • We may collect personal data from 'open source' media (e.g. Facebook, Twitter etc.) relating to players and other individuals of interest in the context of investigating alleged corruption.
  • Player information that is publicly available from Governing Body websites, for example player photographs and statistics.
  • Information about players' match performance, physical fitness and ability, which we may receive from tournament officials, open source information, tournament physiotherapists/doctors.
  • We may receive by email or other forms of communication, personal data relating to individuals who are the subject of an allegation of corruption, including from anonymous sources.
  • Betting Operators and Betting Regulators may share account and/or other personal data relating to gamblers exhibiting unusual or suspicious behaviour. 
  • The European Sports Security Association (“ESSA”) may send us limited personal data relating to players who have been involved in a suspicious match.
  • The ITF and/or ATP may provide us with scorecard/match related data (which includes certain personal data relating to players, Match Supervisors and Chair Umpires) to enable us to verify a betting alert receiving from a Betting Operator, Betting Regulator or ESSA.
  • Match Supervisors (and/or other tournament accredited personnel, including Chair Umpires) may provide names/contact details of players and match-related information requested by the TIU, including information relating to: (i) the scorecard; (ii) any potentially significant acts such as injuries/illness; (iii) a break in play; (iv) the names of a player's medical team; and (v) details of any treatment provided.
  • The TIU is provided with access to Governing Body portals through which it may access names and contact information of Match Supervisors and Chair Umpires and various personal data relating to players.
  • The ITF provides the TIU with access to its database, to enable the TIU to obtain various player data, including name, contact details, IPIN account information, IP address and device information, passport details and details of associated persons (such as friends, family and agent).
  • Tournament Officials provide the TIU with various player data relevant to that particular tournament and photographs and other personal data relating to courtsiders.
  • Players and officials may provide the TIU with personal data relating to individuals who have set up bogus social network pages in the name of a particular player, or who send abusive/threatening messages to a player or make a corrupt approach.
  • Tournament broadcasters may provide us with match recordings where relevant to our investigation.
  • The Governing Bodies may provide us with courtsider information, including name, date of birth, aliases, contact details and photographs and videos of their activity, any reasons for their exclusion from tournament grounds and information about their presence at a particular match.
  • Witnesses may reveal personal data about individuals who are subject to a corruption investigation.
  • Tournaments provide us with names/contact details of accredited persons and/or their behaviour/activities at a particular tournament, which may be used for the purpose of registering such individuals for TIPP.
  • Governing Bodies may provide us with copies of players' disciplinary records.
  • When you attend a conference or seminar organised by one of the Governing Bodies or another third party, we may receive registration information such as your name, address and other contact information (provided in each case the Governing Bodies or third parties are legally entitled to share such information with us).
  • We may obtain business contact details through our interactions and dealings with various businesses and organisations.

Data collected through cookies/other tracking technologies:

We may collect the following types of information from you when you use our Website or our app (using Cookies or other tracking technologies):

  • Usage – information about how you browse, including time spent on page, click-throughs, download errors
  • Technical – IP address, browser type, hardware type, network and software identifiers, device information, operating system and system configuration

For more information on the above, please read our Cookies Policy.

SPECIAL CATEGORIES OF DATA / CRIMINAL CONVICTIONS AND OFFENCES DATA

Certain information which we collect and use are categorised as “special categories of personal data” or “personal data relating to criminal convictions and offences” under GDPR. These categories of data are seen as being more "sensitive" and are therefore afforded greater levels of protection.  This includes information revealing an individual's racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric or health data, data about an individual’s sexual life or sexual orientation and data relating to criminal convictions and offences. We may collect and use some or all of this data as part of our anti-corruption investigations. We will only collect and use this data where we have a legal basis for doing so, as set out in the table below.

WHAT DO WE USE YOUR DATA FOR AND HOW ARE WE LEGALLY ALLOWED TO DO SO?

Purpose
Legal ground(s)
To prevent or detect corruption and/or other breaches of the TACP – our primary function is to prevent and detect corruption in professional tennis. On such basis, we process the majority of personal data in connection with such purpose


Personal Data – necessary for the legitimate interests pursued by the TIU (being to achieve the TIU’s core purpose of preventing/tackling corruption in tennis)
Special Categories of Personal Data and Criminal Convictions and Offences related Data – necessary for reasons of substantial public interest (to maintain and uphold standards of behaviour in sport)


To operate the 'no credentials' list of individuals who are subject to exclusion from tournaments sanctioned or recognised by the Governing Bodies


Same as above
In connection with the detection or prevention of crime or the apprehension or prosecution of offenders


Same as above
In addition, in relation to the processing of Special Categories of Personal Data and Criminal Convictions and Offences related Data, this is also necessary for the establishment, exercise or defence of legal claims or preventing or detecting unlawful acts


To administer TIPP


Necessary for the legitimate interests pursued by the TIU (being to achieve the TIU’s core purpose of preventing/tackling corruption in tennis)


To defend the legal rights, property and/or safety of the TIU or others


Personal Data – necessary for the legitimate interests pursued by the TIU (being to achieve the TIU’s core purpose of preventing/tackling corruption in tennis or to detect and prevent criminal activity or the infringement of other legal rights)
Special Categories of Personal Data and Criminal Convictions and Offences related Data – necessary for reasons of substantial public interest (to maintain and uphold standards of behaviour in sport or preventing or detecting unlawful acts), necessary for the establishment, exercise or defence of legal claims


To communicate with you generally (e.g. dealing with your inquiries, comments and requests)


Personal Data – necessary for our legitimate interests (to ensure that we effectively deal with your inquiries, comments and requests) 
Special Categories of Personal Data and Criminal Convictions and Offences related Data – necessary for reasons of substantial public interest (to maintain and uphold standards of behaviour in sport or preventing or detecting unlawful acts), necessary for the establishment, exercise or defence of legal claims


To deal with your complaint or grievance


Personal Datanecessary for the legitimate interests pursued by the TIU (being to investigate your complaint or grievance)
Necessary to comply with a legal obligation
Special Categories of Personal Data and Criminal Convictions and Offences related Data – necessary for reasons of substantial public interest (to maintain and uphold standards of behaviour in sport or preventing or detecting unlawful acts), necessary for the establishment, exercise or defence of legal claims


Investigate bogus social network page or threatening/abusive messages


Personal Data – necessary for the legitimate interests pursued by the TIU (being to protect players from threats and actual harm)
Necessary to comply with a legal obligation
Special Categories of Personal Data and Criminal Convictions and Offences related Data – necessary for reasons of substantial public interest (to maintain and uphold standards of behaviour in sport or preventing or detecting unlawful acts), necessary for the establishment, exercise or defence of legal claims


To register you for a conference or educational seminar
Performance of a contract with you
Enable you to download a copy of the TACP
Performance of a contract with you 
Notify you of changes to our Privacy Policy and/or Cookies Policy
Performance of a contract with you
Necessary to comply with a legal obligation
Administer our Website and our app, including trouble shooting, testing and analysis and to enable you to participate in interactive features of our Website and the app
Performance of a contract with you 
Necessary for our legitimate interests (to ensure that our Website and app fully functional and operating in the most effective way for you)


Improve and personalise your experience of our Website and app 
Performance of a contract with you 
Necessary for our legitimate interests (to ensure that our Website and app operate in the most effective way for you)


We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

DO WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES?

We may share personal data with third parties, including but not limited to:

  • Betting Operators and Regulators to ascertain whether individuals subject to the TACP have betting accounts and to obtain further information where required in connection with an investigation.
  • Law Enforcement Agencies and Regulators in connection with the prevention or detection of crime or the apprehension or prosecution of offenders.
  • Governing Bodies and/or Governing Body lawyers for the following purposes: (i) in connection with any investigation into a breach of the TACP; (ii) for onward transmission to various tournaments in connection with protecting the intellectual property rights (i.e. the scorecard data) of the Governing Bodies at a particular event; (iii) to report on whether a player has registered for/completed TIPP; (iv) to report on whether a player or covered person has attended an education workshop, conference or seminar; and/or (v) for accreditation purposes (in the context of the non-credentials list).
  • United Kingdom's Gambling Commission and other Betting Regulators in the event of an actual or suspected gambling offence under applicable laws.
  • Grand Slam Board for accreditation purposes.
  • PTIOs and TIB in connection with our investigations.
  • Our service providers and suppliers who provide services to us or on our behalf (e.g. translation and transcriber service providers, forensic service providers, IT providers, website and app hosting company etc.).
  • Other bodies in connection with specific data sharing activities consistent with the role of the TIU from time to time (e.g. Olympic committees).

We also may share your information in response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; as otherwise required by law; when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities otherwise than in the context of the TACP; and to protect and defend the rights, property, or safety of TIU and others. If we are organised or restructured to another organisation, we may transfer personal data we hold to that organisation.

If we share personal data with third parties, we will ensure that access is limited on a strictly need to know basis and is subject to suitable obligations relating to confidentiality and security (and in each case, there are suitable contractual provisions in place to cover our respective data protection obligations). 

HOW LONG DO WE KEEP YOUR DATA FOR?

We will store your personal data securely in accordance with our obligations under GDPR and will regularly review the purposes for which we are retaining your data. We will cleanse data periodically to the extent it is (or part of it is) no longer relevant for the legitimate purposes for which it was originally collected. 

Please be aware that the maximum period for which we may retain your data aligns with the limitation period for bringing an action under TACP.  Where your data is not relevant for TACP investigations (e.g. business contact information) we will retain this data for as long as we are actively engaged with you (i.e. where you or your company is providing a service to the TIU) or for such longer period as may be required by law.

HOW WE KEEP YOUR DATA SECURE?

Given the highly sensitive nature of certain of the data which we process, we have implemented appropriate security and organisation measures to protect against the unauthorised use of, access to, disclosure and loss of data. We also make sure that third parties who need to handle your data are subject to robust confidentiality and security standards. 

Despite the security measures we implement, please be aware that the transmission of data via the internet is not completely secure. As such, we cannot guarantee that information transmitted to us via the internet will be completely secure and any transmission is at your own risk.

TRANSFERS OF DATA OUTSIDE OF THE EEA

The European Economic Area or “EEA” is deemed to have good standards when it comes to data privacy. As such, we limit the occasions when we need to transfer your personal data outside of the EEA. These may cover, without limitation, the follow situations which are linked to a TIU anti-corruption investigation:

  • As part of the TIU’s communications with foreign Betting Operators or foreign Betting Regulators in relation to suspicious betting activity, to determine whether individuals subject to the TACP have betting accounts and to obtain further information where required.
  • In order to determine whether an investigation should proceed to the hearing stage, we disclose the relevant investigation file to the PTIOs representing each Governing Body, two of which (i.e. the ATP and the WTA) are established in the USA. We also send personal data to the ATP and WTA in the context of the operation of the 'no-credentials' list. 
  • To facilitate the exchange of information with the Grand Slam Board (two members of which are located outside of the EEA, in the US and Australia) as part of an investigation or in connection with the no-credentials list. We may also be required to share data with the ATP and WTA in connection with other tournaments for the same purposes.
  • We may be required to transfer your personal data to law enforcement agencies, regulatory bodies, lawyers, Europol and Interpol as part of a TIU investigation, legal claim or criminal matter, and certain of these may be located outside of the EEA.
  • As part of our investigations, TIU investigators may handle certain of your personal data outside of the EEA (i.e. when they work on an investigation whilst based in a country outside of the EEA), to the extent that this is not deemed to be “in transit”.

Where we do transfer your personal data outside of the EEA, we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place all necessary safeguards for such arrangement).

Where relevant, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Please contact us if you would like to find out more.

LINKS TO THIRD PARTY WEBSITES

Our Website may contain links to enable you to visit other websites easily (including the ATP, ITF and WTA websites/portals). However, once you have used these links to leave our Website we do not have any control over these third party websites and are not responsible for the protection and privacy of any information which you provide whilst visiting such websites. Your use of these third party sites are not governed by this Privacy Policy. You should exercise caution and examine the privacy policies and terms of use applicable to the websites in question.

YOUR RIGHTS

In certain situations, you are entitled to: 

  • access a copy of your personal data;
  • correct or update your personal data; 
  • erase your personal data; 
  • object to the processing of your personal data where we are relying on a legitimate interest (as set out in the above table); 
  • restrict the processing of your personal data; 
  • request the transfer of your personal data to a third party; or 
  • where you have provided your consent to certain of our processing activities, in certain circumstances, you may withdraw your consent at any time (but please note that we may continue to process such personal data if we have legitimate legal grounds for doing so). 

If you want to exercise any of these rights, please contact us. You don’t have to pay a fee to exercise your rights, unless your request is clearly unfounded, repetitive or excessive (in which case we can charge a reasonable fee). Alternatively, we may refuse to comply with your request in these circumstances. Where your request is legitimate, we will always respond within one month (unless there is a legal reason to take longer, such as where your request is particularly complex). We may also need you to confirm your identity before we proceed with your request if it is not clear to us who is making the request.

In addition to the above, you may get in touch with the ICO (Information Commissioner’s Office) if you are concerned about the way in which we are handling your personal data. 

HOW TO CONTACT US

If you have any requests concerning your personal data or any queries with regard to this Privacy Policy or our privacy practices more generally please contact us at: 

Email: info@tennisintegrityunit.com

Please write to us at: FAO Data Protection Officer, Tennis Integrity Unit, Bank Lane, Roehampton, London, SW15 5XZ, United Kingdom

Telephone: +44 208 392 4762

LAST UPDATED: MAY 2018