OL GROUPE is a major player in the sports, entertainment and media industry in France. Its activity and that of its subsidiaries is mainly centred on the Olympique Lyonnais football club, and on the development of infrastructures and reception facilities for sports and cultural events and the marketing of related rights. In this context, OL Groupe owns several infrastructures including the Groupama Stadium, the Groupama OL Training Center, the LDLC Arena and the OL Academy.
Eager to protect the privacy of its users and customers, OL Groupe has taken steps to comply with the General Data Protection Regulation (GDPR), which came into force on 25 May 2018, and the Regulation. This document describes the measures taken by OL Groupe to protect the personal data we collect.
OL Groupe recommends that you read this document carefully and regularly check for changes. These changes are made without prior notice and published online.
This document was last modified in October 2022.
If you have any questions about our policy or the processing of your personal data, please contact us at the following address: [email protected]
The OL Group may collect some of your personal data mainly within the framework of our commercial relationship, and in particular during :
The OL Group undertakes to specify which data is necessary and/or optional for the proper functioning of the service, each time your data is collected.
The majority of data that is processed is :
Other data that may be collected for specific services will be named explicitly in clear statements when collected.
Some personal data is also collected automatically after using one of our services. These are :
We also have information on the persons designated as beneficiaries of access to a sports event or an event organised by Olympique Lyonnais or hosted in its facilities.
This policy (hereinafter the "Policy") aims to inform you about the way in which we, as data controller, collect your Personal Data by means of cookies present on our Website.
WHAT IS A COOKIE?
A cookie is a small text file deposited on a terminal when visiting the Site. OL Groupe uses cookies in order to
WHAT DATA DO WE COLLECT?
All data relating to a terminal at a given moment is collected via cookies, and in particular
WHAT TYPES OF COOKIES DO WE USE?
We use cookies to collect information on the Users of our Site, in order to memorise them either for the duration of your visit (so-called "session" cookies) or for repeated visits (so-called "persistent" cookies).
There are also so-called "third-party" cookies and so-called "proprietary" cookies. A proprietary cookie is the one installed by the website that the User is visiting. Conversely, a third-party cookie is a cookie installed by a domain other than that of the website the User is visiting.
Thus, when a User visits a website or platform, and another entity sets a cookie through that website or platform, the cookie is a third-party cookie.
We use several types of cookies on our Site, the characteristics of which are described below.
HOW TO MANAGE YOUR COOKIES?
With regard to the deposit of cookies strictly necessary for the operation of our Site, these are activated by default and do not require your consent. However, you can find information about these cookies on our CMP or in this Policy. The lifetime of these cookies is limited in time to thirteen (13) months, and is not automatically extended on new visits. You may modify these cookies on our site in the "Cookie Settings" tab in order to choose among the three types of cookies that OL Groupe may use (technical cookies (mandatory for the proper functioning of the site), performance and tracking cookies, advertising tracking cookies). Other cookies are subject to your consent. You may therefore consent to the deposit of these cookies, or refuse them, from the CMP at the bottom left of your screen, which is available at any time during your visit to our Site.
SET YOUR BROWSER SETTINGS:
If you are browsing on Google Chrome: you can manage your settings via the following link https://support.google.com/chrome/answer/95647?hl=en
If you are using Safari : : you can manage your settings via the following link : https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
If you are using Firefox: you can manage your settings via the following link: https://support.mozilla.org/fr/kb/options-preferences-parametres-firefox#w_panneau-vie-privee-etsecurite
If you are using Internet Explorer, you can manage your settings via the following link: https://support.microsoft.com/en-us/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16- ede5947fc64d
The purposes for which your data is processed include
We also process your data, within the limits and in compliance with the provisions of Article L. 332-1 of the French Sports Code, to ensure the safety of sporting and commercial events by refusing or cancelling, where applicable, the issue of access tickets or access to persons who have contravened or are contravening the provisions of the general terms and conditions of sale or of the internal regulations relating to the safety of these events.
The purposes of each processing operation are exhaustively specified in special notices.
The OL Group undertakes not to use your personal data for any other purpose than the one specified.
The OL Group has defined a retention period for personal data for each processing operation in a register of its processing operations. The retention period does not exceed the period necessary for the purposes for which the data is processed.
The length of time your data is kept is specified with the category of data and the purposes for which it is processed by the OL Group.
The OL Group has a strict management of access to your data. Thus, only the personnel whose functions require the use of your data are authorized to consult the personal data you have entrusted to us.
In cases where the OL Group has hired a subcontractor to process personal data of users and clients on its behalf, the OL Group ensures that the subcontractor presents sufficient guarantees as to the implementation of appropriate technical and organizational security measures so that the processing meets the requirements of the GDPR and guarantees the protection of your rights.
The OL Group may transfer your personal data to :
On the other hand, no data concerning you will be transferred to partners for marketing or commercial prospecting purposes without your consent.
The OL Group is convinced that the data of minors must be subject to special protection, and therefore implements more advanced security mechanisms for them.
We encourage parents to make their children aware of the protection of their privacy and the way they communicate on the Internet.
In addition, we comply with the relevant legal provisions and do not allow children under the age of 16 to register on our sites and applications.
In order to protect minors as much as possible, they cannot buy tickets on their own, and a child ticket must be purchased with an adult ticket.
All of Olympique Lyonnais' establishments are placed under video surveillance, in the legitimate interest of security, as indicated by signage on all sites (including the stadium, the training centre, the academy, the shops, and in the future the LDLC Arena).
This system has been subject to prior prefectural authorisation.
The joint managers of this processing are, depending on the sites concerned
The image of all visitors to the above-mentioned sites, as well as OL employees, may therefore be captured by this system.
The purpose of this system is to protect property and people and the images are kept for 15 days.
The images can only be viewed by authorised personnel from the OL GROUPE security department and by the police. Finally, the company's staff in charge of maintaining the video protection equipment may also have access to the images, for this sole purpose.
Nevertheless, in the event of an incident, the video surveillance images may be used in the event of criminal proceedings and/or in the event of a stadium ban club sanction within the limits of the legislation and regulations in force. The images may then be extracted from the system and stored on another medium for the time required to settle the proceedings relating to this incident and be accessible only to persons authorised in this context, in particular within the stadium's security department.
In accordance with the legislation in force, you may access the data concerning you or request their deletion. Under certain conditions, you also have the right to object to and limit the processing of your data. If applicable, you have the right to give us instructions to organise the fate of your data after your death, and the right to lodge a complaint with a supervisory authority such as the CNIL online or by post.
To exercise these rights or if you have any questions about the processing of your data under this scheme, you can contact our Data Protection Officer (DPO) at [email protected].
Your data may be processed outside the European Union. In this case, we take the necessary measures with regard to our service providers to guarantee an adequate level of protection of your data in full compliance with the regulations in force.
If the service providers concerned are not located in a country whose legislation is considered to offer adequate protection, they will have signed the European Commission's standard contractual clauses beforehand so that the level of protection guaranteed by the regulations in force is not compromised.
In accordance with the French "Informatique et Liberté" law in force and the European regulations concerning the protection of personal data, you have the following rights
These requests can be made by e-mail to [email protected] or by post to the attention of the DPO of Olympique Lyonnais Groupe, 10 Avenue Simone Veil 69150 Décines Cedex, accompanied by a copy of an identity document.
If you have an OL client account, you may also access, modify, correct or delete your personal data directly via the "My OL Client Area" page of your account (https://auth.ol.fr/Account/Login). In this space, you may also modify your consent to receive communications and/or offers from OL and its partners.
The OL Group undertakes to respond to your request within a maximum of one month after receipt. If your right cannot be exercised, the OL Group will inform you of the reasons within a maximum of one month.
Furthermore, any message sent to you includes the option (notably by clicking on a hypertext link) to oppose the further processing of your data for commercial purposes. Finally, you are reminded that you have the right to lodge a complaint with a supervisory authority and in particular with the CNIL (https://www.cnil.fr/fr/plaintes).
The OL Group has put in place security measures to protect your personal data as much as possible against accidental or illicit destruction, accidental loss, alteration, distribution or unauthorized access to your data. access to your data.
These security measures are furthermore reinforced when the OL Group processes data
considered sensitive. As the security of your data is a priority, the OL Group undertakes to comply with the security standards security standards in accordance with the regulations.
"Collecting" means collecting personal data. This collection may be done, for example, by means of questionnaires or online forms.
"Consent" means any free, specific, informed and unambiguous expression of will by which you agree, by a declaration or by a clear positive act, that personal data concerning you may be processed.
"Minor" is a child or adolescent who has not reached the age of 16. A minor is subject to parental authority; he or she does not have all the rights of an adult and cannot exercise the rights he or she holds.
"OL Groupe" means Olympique Lyonnais Groupe, a public limited company with a board of directors, registered with the Lyon Trade and Companies Register under number 421 577 495, whose registered office is located at 10, avenue Simone Veil - 69150 DECINES Cedex, as well as :
(i) any profit-making entity controlled by the Olympique Lyonnais Groupe, the term "control" having the meaning given to it in Article L.233-3 of the French Commercial Code,
(ii) any non-profit entity (association, foundation, endowment fund, etc.) of which Olympique Lyonnais Groupe or one of the entities it controls is a member, director or officer,
(iii) OL Association whose relationship with Olympique Lyonnais is defined under the terms of an agreement entered into pursuant to Article L.122-14 of the French Sports Code.
"Regulation" means, for the purposes of this Code, all the regulations in force applicable to the processing of personal data and, in particular, the RGPD as defined in the introduction, Law 78-17 of 6 January 1978 relating to information technology, files and freedoms as amended by Law 2004-801 of 6 August 2004 relating to the protection of individuals with regard to the processing of personal data, as well as Law 2018-113 of 14 May 2018 relating to the protection of personal data.
"Sub-processor" means the natural or legal person, public authority, service or other body that processes personal data on behalf of the controller.