Netatoo : designates Netatoo S.A.S. SIRET 48782045800015; also called "us", "our", "our" in this document.
Club(s) : designates an entity represented by one or more directors (association, municipality, company, etc.).
Utilisateur(s) : designates the persons who have an account in the club's database.
Administrateur(s) : designates the persons responsible for the club, having total or partial access to the -Administration- section of the application (president, manager, secretary, monitor, etc...).
We attach great importance to the trust you place in us by choosing our solution to make your reservations online. Therefore, we diligently protect the privacy and confidentiality of your personal data.
This document concerns the processing of data relating to users of the clubs registered on our application. The user of a club is also referred to as "you" and "your" throughout this document.
3. Processing of personal data
Netatoo processes your personal data for the following purposes :
Create your user account in the club in which you are registered.
Verification of your identity using authentication mechanisms.
Share your personal data with the administrators and users of the clubs with which you are associated (i.e. the clubs that include you in their user list).
Management of your reservations in the club where you make reservations.
Inform club administrators about your reservation interactions (creating a reservation, cancelling a reservation, changing a reservation).
Recording audit information about your booking interactions (for club audit purposes).
To process your enquiries and provide technical support by e-mail or phone.
Contact you about relevant questions associated with your personal or club user account.
To control unauthorized use or abuse of our services, or to detect, investigate or prevent activities that may violate our policies or be fraudulent/illegal.
Prevent fraudulent, illegal or malicious activities against the application and Netatoo's servers.
To process payments that you may make in clubs (purchase of reservation tickets, payment of dues, etc.).
Analyze trends, administer or optimize our offers, monitor usage or traffic patterns.
4. Personal data collected
Netatoo collects the following personal data :
First and last name (mandatory),
Login ID (mandatory),
Password, hashed using industry standard hashing algorithms (BCRYPT),
E-mail address (optional),
Full postal address, and in case of online payment, a delivery address and/or a billing address (optional),
Phone number(s) (optional, depending on context),
Date of birth (optional),
Federal licence number (optional),
Ranking / play level (optional),
Date of medical certificate (optional),
Game Partner Search Ad (optional),
Proof of address / residence certificate (optional),
Medical certificate (optional),
File to be downloaded at the club's request (optional),
Technical information about the device and web browser used (collected only to provide effective customer support, to prevent malicious attacks on our services and to provide anonymous statistics to club and Netatoo managers),
IP address (this information is kept for 6 months and then destroyed).
If required by the club, Netatoo also provides interfaces that control the collection of credit card information (including billing address information). However, the collection of this payment information is hosted directly by the relevant payment gateway, and Netatoo never sees or stores this data. Netatoo never processes raw credit card or payment information - it is managed exclusively by the payment gateway account of the club with which you have a reservation contract.
We undertake that no data will be exchanged or sold on any medium to third parties.
5. Club control over the data
Club administrators are able to add new user accounts to their database, these users then have the ability to log into the application from the dedicated club page to make reservations.
6. Rectification, modification and deletion of your personal data
6.1. Correction and modification of personal data
You can view and change the personal information you store with us in the "My Account > Account Details" section of your account.
For security reasons, the last name and first name entered on your account cannot be corrected directly by the user. In case you wish to correct this information, you must contact the club and, in case the club does not respond to your request for rectification within 7 days, we invite you to contact us at email@example.com. Our team will then contact the club and we will advise according to the response provided by the club.
6.2. Deletion of certain personal data
Some personal information can be deleted without completely deleting your account, such as your postal address, e-mail address or phone numbers. Note however that depending on the configuration of the club account, this information may be required to confirm a reservation.
6.3. Deleting the account and all data
Netatoo stores your data as an intermediary between you and the club. Each club is responsible for its own database and therefore, if for any reason you wish to delete your account entirely, you can do so by contacting the club in which you have that account. The club administrators, after ensuring that this is legally permissible, may then permanently delete your account and all associated data. To contact the club, go to its login page and click on the "Contact" menu.
If the club does not respond to your account deletion request within 7 days, please contact us at firstname.lastname@example.org. Our team will contact the club and we will advise according to the response provided by the club.
You accept the possibility that all or part of your account information may not be deleted if Netatoo or the club demonstrate that it is legally necessary to retain it (e.g. for compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of public authority vested in the controller).
You agree that your account information will continue to exist in our backup files for a maximum period of 90 days after your account is deleted.
Please note that some data such as your reservations will not be deleted from the club's database, these data will be "anonymized" so that it is no longer possible to make the link between you and the reservations. This can be useful to the club so as not to alter its statistical data.
7. Data Processors
From time to time, we may use third party service providers as data processors for the purposes specified above. The processing by these third parties takes place according to our instructions. These parties are bound by data processing agreements and confidentiality agreements.
You can view the complete list of third party entities that we engage to provide services on our behalf by going to the "Our Subcontractors and Third Party Providers" page.
In accordance with data protection laws, strict security procedures are observed within Netatoo to prevent the misuse of personal data and unauthorized access.
In order to protect and safeguard the personal and club data provided to us, we have put in place and use appropriate professional systems and procedures. In addition, we have security procedures in place and use technical and physical restrictions to access and use the club's users information. Only authorized employees can access personal information in the course of their duties with respect to our services.
For more details on how to secure and protect your data, go to the data security section.
9. Data protection breaches
If we learn that data protection has been breached, we will notify the data subjects and the competent supervisory authorities no later than 72 hours after becoming aware of the breach.
Netatoo exchanges several cookies with your browser. A session cookie is stored to authenticate you; another cookie helps us protect your account from malicious access. The content of these cookies are tokens generated by machines and used for authentication and security purposes. Without these cookies, we would not be able to provide our basic services reliably.
Please note that other "secondary" cookies are also created by the application to provide you with an optimal browsing experience. For example, we store a cookie to remember which clubs you have already logged into. Thus, you can easily access the different clubs during your next visits on the application.
Finally, through our subcontractors, "third-party cookies" may be exchanged with your browser when you use our application. These cookies are not required for the use of our services and can be easily disabled from your web browser preferences.
See the "Data Processors" section of this document for more information about our subcontractors and third-party providers.
11. Credit Card Information
The raw credit card information does not come into contact with the servers on which our application is hosted. All credit card information is managed by online payment gateways such as PayPal or Paybox, via a secure connection with the TLS protocol. Netatoo and clubs are not able to access unmasked credit card data.
12. Competent authorities
We may share and disclose details and information about you to a government or investigative authority if the law (or any regulation having the force of law), a legal proceeding, a criminal investigation, a court order or a summons to appear requires it. We may also disclose your personal information if it is strictly necessary for the prevention and detection of criminal acts.
13. Changes to this statement
Our application is constantly evolving and as such we may change the way we collect, transmit and process personal data and any other information we deem necessary. This statement may be amended from time to time to reflect the latest changes.
If you have any questions or require further information, please contact us by one of the following means:
Postal address :
54016 NANCY CEDEX