This website is operated by Cube Partnership Limited. Throughout the site, the terms “we”, “us” and “our” refer to Cube Partnership Limited. Cube Partnership Limited operates this website, shop.worldathletics.org (the "Website"), pursuant to agreements with World Athletics (formerly International Association of Athletics Federations) whose registered office is at 6-8, Quai Antoine 1er, BP 359, MC 98007 Monaco Cedex. We offer this website, including all information, tools and services available from this site to you, the user, conditioned upon your acceptance of all terms, conditions, policies and notices stated here.
This Policy set outs our commitments to you, in compliance with and beyond the General Data Protection Regulation (commonly known as the ‘’GDPR’’) and explains how we collect, store and use your personal information.
Collecting specific, relevant personal information is a necessary part of us providing with an excellent service. When we hold or use your personal information, we will provide you with details covering what information we hold, how your personal information may be used, the basis for this use and details of your rights.
Where we collect personal information from you directly, we will provide or signpost you towards this information at the time we collect the personal information from you. Where we receive your personal information indirectly, you will either receive this information at the time your personal information is collected, or when we first contact you.
2. How do we process your personal information?
In most cases we will be a data controller of your personal information. A data controller controls how personal information is processed and used. We will use your personal information as described in section 6 below.
A data processor processes and uses personal information in accordance with the instructions of a third party, i.e. the data controller. In any case where we are not a data controller, this means that you cannot exercise your rights against us directly, but you can do so against the data controller (i.e. the person who controls how we process the personal information). In these cases we will inform you who is the data controller of your personal information so that you can direct any such requests to them.
3. Personal information we may collect from you
When you sign up to access services that we provide, either through shop.worldthletics.org (our ‘’Site’’) or otherwise, you may provide us with or we may obtain personal information about you, such as information regarding your:
- personal contact details which allow us to contact you directly, such as name, title, email addresses and telephone numbers;
- date of birth;
- records of your interactions with us such as telephone conversations, emails and other correspondence and your instructions to us;
- any credit/debit card and other payment details you provide so that we can receive payments from you and details of the financial transactions with you;
- use of and movements through our online portal, passwords, personal identification numbers, IP addresses, user names and other IT system identifying information;
- records of your participation and/or attendance at any events or competitions hosted by us;
- images in video and/or photographic form and voice recordings; and your marketing preferences so that we know whether and how we should contact you.
4. How we use the information
The table below describes the main purposes for which we and, World Athletics process your personal information, the categories of your information involved and the lawful basis for being able to do this.
Personal Information Used
To administer any account(s) you have, manage the relationship with you and dealing with payments and any support, service or product enquiries made by you
All contact and account details, transaction and payment information, records of your interactions with us, and marketing preferences.
This is necessary to enable us to properly manage and administer your account and services with us.
To arrange and manage any contracts for the provision of any merchandise, products and/or services.
All contact and account details. Transaction and payment information.
This is necessary to enable us to properly administer and perform any contract for the provision of merchandise/products/services.
To send you marketing information about or on behalf of commercial partners
All contact and account details and marketing preferences
Where you have given us your explicit consent to do so.
To answer your queries or complaints
Contact details and records of your interactions with us
We have a legitimate interest to provide complaint handling services to you in case there are any issues with your membership.
Retention of records
All the personal information we collect
We have a legitimate interest in retaining records whilst they may be required in relation to complaints or claims. We need to retain records in order to properly administer and manage your membership and in some cases, we may have legal or regulatory obligations to retain records. We process special category personal data on the basis of the “special category reasons for processing of your personal data” referred to above.
The security of IT systems
Your usage of our IT systems and online portals.
We have a legitimate interest to ensure that our IT systems are secure.
For some of your personal information you will have a legal, contractual or other requirement or obligation for you to provide us with your personal information. If you do not provide us with the requested personal information we may not be able to admit you as a member or we may not be able to properly perform our contract with you or comply with legal obligations and we may have to terminate your position as a member. For other personal information you may not be under an obligation to provide it to us, but if you do not provide it then we may not be able to properly perform our contract with you. Where you have given us your consent to use your personal information in a particular manner, you have the right to withdraw this consent at any time, which you may do by contacting us as described in section 15 below.
Please note however that the withdrawal of your consent will not affect any use of the data made before you withdrew your consent and we may still be entitled to hold and process the relevant personal information to the extent that we are entitled to do so on bases other than your consent. Withdrawing consent may also have the same effects as not providing the information in the first place, for example we may no longer be able to provide certain member benefits to you.
5. Direct Marketing
From time to time Cube Partnership may contact you by email or phone with information about products and services we believe you may be interested in.
We will only send marketing messages to you in accordance with the marketing preferences you set. You can then let us know at any time that you do not wish to receive marketing messages.
You can also unsubscribe from our marketing by clicking on the unsubscribe link in the marketing messages we send to you.
6. Disclosure of your personal information
Generally we share information where we need to do so in order to run our organisation (e.g. where other people process information for us or are required to process information for the benefit of World Athletics). In such circumstances, we will put in place arrangements to protect your personal information. Outside of that we do not disclose your personal information unless we are required to do so by law.
- We share personal information with the following parties:
- Any party approved by you or notified to you at the point of data collection;
- Other service providers: for example, email marketing specialists, payment processors, data analysis, promotional advisors, contractors or suppliers and IT services (including CRM, website, video and teleconference services);
- Our supply chain partners and sub-contractors, such as couriers, import/export agents and shippers;
- Our commercial partners: for the purposes of providing you with information on any tickets, special offers, opportunities, products and services and other commercial benefits provided by our commercial partners either as part of your membership package or where you have given your express for us to do so;
- The Government or our regulators: where we are required to do so by law or to assist with their investigations or initiatives;
- Police, law enforcement and security services: to assist with the investigation and prevention of crime and the protection of national security;
- Certain parties who act as joint Data Controllers or Data Processes in relation to services that we provide. You will be notified where this is the case;
- Those who we are required to share your personal information with for the purpose of monitoring betting and/or anti-doping for the purposes of compliance cases.
We do not disclose personal information to anyone else except as set out above.
7. Transferring your personal information internationally
The personal information we collect may be transferred to and stored in countries outside of the UK and the European Union. Some of these jurisdictions require different levels of protection in respect of personal information and, in certain instances, the laws in those countries may be less protective than the jurisdiction you are typically resident in.
When Shopify receive data about a European data subject, that data is initially received from us and/or the data subject by Shopify International Ltd., in Ireland. Shopify Inc. then may use other subprocessors. These subprocessors are located around the world, and the specific subprocessors used will vary depending on specific circumstances (such as the localisation of your store, your store configuration, specific Shopify services you may use, the extent to which you use Shopify support, etc.). Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
In order to offer the global platform, Shopify International Ltd. then transfers this data to Shopify Inc., the parent company. To the extent that the GDPR applies to this transfer, this initial transfer from Ireland to Canada is conducted pursuant to Article 45 – a transfer on the basis of an adequacy decision. In this case, the transfer is to Shopify Inc., a Canadian company subject to Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). Because this transfer is to a company subject to PIPEDA, it is conducted under the European Commission’s adequacy decision 2002/2/EC. Shopify in comply with the export requirements of Canadian privacy law and ensure that all transfers to subprocessors take place under contractual protections. You can access the Shopify DPA here - https://www.shopify.co.uk/legal/dpa
For further details please contact us by using the details set out in section 15 below.
8. How long do we keep personal information for?
We will only hold your information for as long as is necessary. Where you ask us to delete records, we may delete it earlier, subject to any retention requirements.
The duration for which we retain your personal information will differ depending on the type of information and the reason why we collected it from you. However, in some cases personal information may be retained on a long-term basis: for example, personal information that we need to retain for legal purposes will normally be retained in accordance with usual commercial practice and regulatory requirements. Generally, where there is no legal requirement we retain all physical and electronic records for a period of 6 years after your last contact with us.
Exceptions to this rule are:
- Information that may be relevant to personal injury claims, or discrimination claims may be retained until the limitation period for those types of claims has expired. For personal injury or discrimination claims this can be an extended period as the limitation period might not start to run until a long time after you have worked with us;
- Where we have specific internal policies relating to the retention of data for compliance matters;
- Where we have specific internal policies relating to the retention of medical data.
It is important to ensure that the personal information we hold about you is accurate and up-to-date, and you should let us know if anything changes, for example if you change your phone number or email address.
9. Your rights in relation to personal information
You are entitled by law to ask for a copy of your personal information at any time. You are also entitled to ask us to correct, delete or update your personal information, to send your personal information to you or another organisation and to object to automated decision making. Where you have given us your consent to use your personal information in a particular manner, you also have the right to withdraw this consent at any time.
To exercise any of your rights, or if you have any questions relating to your rights, please contact us by using the details set out in section 15 below. You can also unsubscribe from any direct marketing by clicking on the unsubscribe link in the marketing messages we send to you.
You have the following rights in relation to your personal information:
- the right to be informed about how your personal information is being used;
- the right to access the personal information we hold about you;
- the right to request the correction of inaccurate personal information we hold about you;
- the right to request the erasure of your personal information in certain limited circumstances;
- the right to restrict processing of your personal information where certain requirements are met;
- the right to object to the processing of your personal information;
- the right to request that we transfer elements of your data either to you or another service provider; and
- the right to object to certain automated decision-making processes using your personal information.
You should note that some of these rights, for example the right to require us to transfer your data to another service provider or the right to object to automated decision making, may not apply as they have specific requirements and exemptions which apply to them and they may not apply to personal information recorded and stored by us. For example, we do not use automated decision making in relation to your personal data. However, some have no conditions attached, so your right to withdraw consent or object to processing for direct marketing are absolute rights.
If you are unhappy with the way we are using your personal information, we are here to help and would encourage you to contact us to resolve your complaint by using the contact details set out in section 15 below.
10. Linking with third party sites
Our Site may, from time to time, contain links to and from the websites of our commercial partners, World Athletics, advertisers, teams and clubs. If you follow a link to any of these websites, please note that these websites have their own privacy policies and they will be a data controller of your personal information. We do not accept any responsibility or liability for these policies and you should check these policies before you submit any personal information to these websites.
In addition, if you linked to this Site from a third-party site, we cannot be responsible for the privacy policies and practices of the owners or operators of that third-party site and recommend that you check the policy of that third-party site and contact its owner or operator if you have any concerns or questions.
We employ a variety of technical and organisational measures to keep your personal information safe and to prevent unauthorised access to, or use, or disclosure of it. Unfortunately, no information transmission over the Internet is guaranteed 100% secure nor is any storage of information always 100% secure, but we do take all appropriate steps to protect the security of your personal information.
12. Log files
In common with most websites, our Site logs various information about visitors, including internet protocol (IP) addresses, browser type, internet service provider (ISP) information, referring / exit pages and date / time stamp.
We may use this information to analyse trends, administer the Site, track your movement around the Site and gather broad demographic information.
14. Changes to this policy
In the event of any query or complaint in connection with the information we hold about you, our Data Protection Officer can be contacted by email on email@example.com