SportHosting services (web interfaces, client portals, and related mobile applications).
This policy describes how we process personal data in connection with the SportHosting software platform for sports clubs and organizations (the “services”). The operator responsible for the services towards portal users and contractual customers is referred to as the “operator”. Up-to-date contact details for privacy inquiries are published on sporthosting.cz or provided in customer communications.
Depending on how you use the services, we may process in particular:
Account user data (club administrators, coaches, contact persons): name, email, phone, login identifiers, roles, activity records required for security and auditing, and support communications.
Member and athlete data entered by the club: identification and contact details, membership, attendance, payments, health restrictions or consents where the club records them – scope depends on club configuration and applicable law.
Technical data: IP address, device and browser type, timestamps, diagnostic logs to ensure stability and security.
Processing is carried out mainly for:
Contract performance (Art. 6(1)(b) GDPR) – providing services under a license or similar agreement with the customer (club), account administration, invoicing as contractually agreed.
Legitimate interests (Art. 6(1)(f) GDPR) – securing services, preventing abuse, internal statistics in anonymized or aggregated form, direct marketing of our own services to existing customers within legal limits.
Legal obligation (Art. 6(1)(c) GDPR) – accounting, retention of tax records, responses to authorities.
Consent (Art. 6(1)(a) GDPR) where required – e.g. newsletters beyond the contract, certain cookies, or special categories of data where mandated by law.
The sports club using the services often acts as controller of its members’ personal data. The operator then typically processes such data as a processor on the club’s instructions and under a data processing agreement / terms of business. The club is responsible for having a valid legal basis and for informing members in line with GDPR.
We disclose data only as necessary: hosting and cloud providers, email and payment infrastructure, monitoring and support tools, under data processing agreements where applicable. Transfers outside the EEA take place only with appropriate safeguards (e.g. standard contractual clauses).
We retain data for the duration of the contractual relationship and thereafter as required by law (e.g. accounting) or as necessary to establish, exercise, or defend legal claims. Security logs may be kept for shorter or longer periods according to our security policy and proportionality.
Under GDPR you may have the right of access, rectification, erasure, restriction, data portability, and objection to processing based on legitimate interests. You may lodge a complaint with a supervisory authority. Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
Websites and apps may use cookies or local storage for sign-in, language preferences, analytics, and service improvement. Details may be provided in a separate cookie notice if published on the site.
We apply technical and organizational measures appropriate to the risks (encrypted transport, access control, environment segmentation, backups). No system is risk-free; please protect your credentials and use strong passwords.
We may update this policy; the current version will always be available at this URL. For material changes we will notify you in a reasonable manner (e.g. in-app notice or email to club administrators).
Short version: privacyen-short.html · Czech: privacy.html
Last updated: April 2026