IBL Ltd (“IBL”, “we”, “us”, “our” or “the Company”) respects your privacy, and is committed to protecting the privacy, confidentiality and security of the personal data you provide us when you use or visit our website, when you participate to the event, when you contact our office, or when you otherwise interact with us.
Please read this privacy notice carefully as it contains important information on how IBL, as a registered data controller, treat the personal data that you provide us.
1. Who are we?
This website is owned and operated by IBL.
One of the Company’s activity is to organize and manage the “Ze Dodo Trail” event which is an international trail run on the beautiful island of Mauritius in the Indian Ocean. Details of the trail run are provided on our website.
The Company is registered in Mauritius under registration number C07001778, and our registered office is at IBL House, Caudan Waterfront, Port-Louis, Mauritius.
2. Which personal data we collect?
We collect personal information of participants and volunteers directly from you or via an external registration platform set up by ROAG (Race Organisers Admin Group) which is an event administration system. We may collect, store and use the following personal data for the purposes of our activities (refer to section 3 below):
- information relating to any event registration, as participant or volunteer, or any other transactions that you enter into through our website (including your name, address, telephone number, email address, gender, date of birth, nationality, preferences, medical details, photos and videos);
- information on an emergency contact to ensure the runner’s safety or to obtain any information that may be useful when providing medical care during the competition;
- medical certificate;
- information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (including your name and email address);
- information contained in or relating to any communications that you send to us or send through our website;
- information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
- information that you provide to us when registering with our website (including your email address);
- any other personal data necessary to fulfil your special requests; and
- any other personal data that you choose to provide to us.
Also, when you choose to receive our marketing communications (including newsletters, promotional and special offers), we ask that you provide us with your email address. The provision of this information is purely voluntary, and you can inform us at any time if you no longer want to receive our marketing communications.
We do not collect or have access to your credit card details.
We may also collect personal data on participants who are children or minors subject to parents’ consent.
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this notice.
3. How and why we use your personal data?
We mainly collect data when you visit our website or register as participant or volunteer for The Dodo Trail races to ensure a proper handling of participations, supplying bibs, rankings, smooth-running of the event and for everybody’s safety.
We can also use your personal information:
- to prepare the event with our partners;
- for videos and pictures that will be used for marketing, communication and on social medias;
- to ensure your safety during the trail run;
- to identify an emergency contact and be able to obtain any information that may be useful when providing medical care during the competition;
- to identify runners during their race;
- To follow up and communicate on runners’ ranking;
- to enable your use of the services available on our website;
- to supply to you third party services accessed through our website;
- to send you non-marketing communications, including information necessary for the smooth running of the event;• to send you email notifications;
- to send you our email newsletter (you can inform us at any time if you no longer want to receive the newsletter);
- to send you marketing communications relating to our business or the businesses of carefully-selected third parties/ sponsors, which we think may be of interest to you, by post, by email or similar technology (you can inform us at any time if you no longer require marketing communications);
- to administer our website and business;
- to personalise our website for you;
- to deal with your queries or complaints;
- to provide third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information);
- to keep our website secure and prevent fraud;
- to verify compliance with the rules governing the race and the event.
4. To whom do we disclose personal data?
Your personal data may be shared as follows:
- We may disclose your personal information to any of our employees, directors, officers, insurers, professional advisers, agents, suppliers (such as event doctors, rescue team, the companies responsible of the races’ registration and equipment), volunteers or subcontractors insofar as reasonably necessary for the organization of event and for the other purposes set out in this notice.
- We may disclose your personal data to other participants or any other person for public health and safety reasons.
- Your personal data may also be shared with the public and the medias when you have consented to it (such as your race ranking or photos and videos)
- Your personal data may also be processed by external parties which are necessary to accomplish certain important tasks related to the proper organisation of the event.
- Your personal data may also be shared with our subsidiaries if you are an employee of an IBL Group company.
- On this last point, as Ze Dodo Trail is generally recognised by the International Trail Running Association (ITRA) and Rando Trail and Nature (RTN), we transmit trail results to these associations but these associations are solely responsible for the processing of your personal data.
- Otherwise, personal data is only transmitted to external parties for the mission they carry out for the Company. Under no circumstances does the Company authorise external parties to use these data for any other purpose.
Some disclosures do not require your consent. This happens when we share your personal data with (i) law enforcement bodies/agencies and other statutory authorities, if required by law and (ii) if required or authorized by law or if we suspect any unlawful activities on your part.
5. Overseas transfers of your personal data
In some cases, we may need to transfer your personal data with organisations located in countries outside our territorial limits in order to provide our services to you. We will take appropriate safeguards in order to secure the personal data being transferred.
Please note that:
- The anti-spam and anti-virus filtering are done by a service provider located in South Africa.
- E-mails servers and e-filling system servers are transferred on Microsoft data cloud based in Ireland and Denmark.
- Personal data collected through our website is transferred to servers based in the United Kingdom.
- Information that we collect will be stored and processed via the registration platform set up by ROAG which is situated in South Africa.
- Information that we collect may be transferred in Europe, South Africa, Reunion Island and other participants’ countries.
6. Direct Marketing
From time to time, we could use your name and contact details to send you either via emails, post, or social media, information or marketing communications relating to our products, services or new events or those of carefully-selected third parties/ sponsors, that we think may be of interest to you. We can only do so only with your consent.
You can inform us at any time if you no longer want to receive these communications by contacting us in accordance with the section “Contact Us” below.
7. How long do we keep your information?
Your personal data will be stored for as long as required to fulfil the purposes detailed in section 3 and for the period of time required by law. To the extent required by law, we will take reasonable steps to destroy or anonymise personal data in a secure manner when we no longer need it for the purposes for which it was collected and retention is no longer necessary for legal or business purposes.
Notwithstanding the other provisions of this Section 7, we will retain documents (including electronic documents) containing personal data:
- if we believe that the documents may be relevant to any ongoing or prospective legal proceedings; and
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).
8. Processing of personal data must be justified
We will only process your personal data where we are satisfied that we have an appropriate legal basis to do so, such as (i) your participation to Ze Dodo Trail event and ancillary services; (ii) for the performance of any other engagement we have towards you; (iii) where you have provided us with your express consent to process your personal data for a specific purpose; (iv) our use of your personal data is necessary to fulfill our statutory obligations with relevant authorities (regulators, tax officials, law enforcement bodies) or otherwise meet our legal responsibilities; (v) our use of your personal data is in our legitimate interest as a commercial organisation, and (vi) for your vital interest;
9. Security of personal data
We have in place reasonable technical and organisational measures to prevent unauthorised or accidental access, processing, erasure, loss or use of your personal data and to keep your personal data confidential. These measures are subject to ongoing review and monitoring.
We cannot guarantee that our website will function without disruptions. We shall not be liable for damages that may result from the use of electronic means of communication, including, but not limited to, damages resulting from the failure or delay in delivery of electronic communications, interception or manipulation of electronic communications by third parties or by computer programs used for electronic communications and transmission of viruses.
All financial information and transactions relating to your participation to this event are processed through ROAG’s website and not on our website.
All personal information and electronic financial transactions entered into through ROAG’s website will be sent over an encrypted secure connection with 256-bit encryption.
No credit card details are entered or stored on our website.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
10. Children and Minors
We may also collect personal data on participants who are children or minors subject to parents’ consent. If you are a minor, you may only use our website and services with the permission of your parent or guardian.
11. Links to other websites
12. Access to your personal data
You have the right to request a copy of the personal data we hold about you. To do this, simply contact our Data Protection Officer and specify what data you would like. We will take all reasonable steps to confirm your identity before providing details of your personal data.
You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
13. Correction of your personal data
You have the right to ask us to update, correct or delete your personal data. We will take all reasonable steps to confirm your identity before making changes to personal data we may hold about you. We would appreciate it if you would take the necessary steps to keep your personal data accurate and up-to-date by notifying us of any changes we need to be aware of.
14. Withdrawal of consent and request for deletion of personal data
You may also withdraw your consent to receiving direct marketing communications, or more generally to our processing of your personal data, at any time, and you may in certain circumstances ask us to delete your personal data. However, we may not be able to fulfil our contractual obligations to you if you entirely withdraw your consent or ask us to delete your personal data entirely. To protect your personal data, we shall require that you first prove your identity to us at the time the request is made, for instance by providing a copy of your national identification card, contact details or answering some other security questions to satisfy ourselves of your identity before we may proceed with your request(s).
Whenever reasonably possible and required, we will strive to grant these rights within 30 days, but our response time will depend on the complexity of your requests. We will generally respond to your requests free of charge unless if your request involves processing or retrieving a significant volume of data, or if we consider that your request is unfounded, excessive or repetitive in which case we reserve the right to charge a fee (as mentioned above regarding access).
There may be circumstances where we are not able to comply with your requests, typically in relation to a request to erase your personal data or where you object to the processing of your personal data for a specific purpose or where you request that we restrict the use of your personal data where we need to keep your personal data to comply with a legal obligation or where we need to use such information to establish, exercise or defend a legal claim. To make these requests, or if you have any questions or complaints about how we handle your personal data, or would like us to update the data we maintain about you and your preferences, please contact our Data Protection Officer at the address set out under section 18 below.
15. Cookies policy
- What is a cookie?
Cookies are small data files that your browser places on your computer or device. Cookies help your browser navigate a website and the cookies themselves cannot collect any data stored on your computer or your files. When a server uses a web browser to read cookies they can help a website deliver a more user-friendly service. To protect your privacy, your browser only gives a website access to the cookies it has already sent to you.
- Necessary cookies help make a website usable by enabling basic functions linked page navigation and access to secure areas of the website. The website cannot function properly without these cookies;
- Preferences cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in;
- Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously;
- Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.
- How are third party cookies used?
- How do I reject and delete cookies?
16. Amendments to this Privacy Notice
We may amend this privacy notice from time to time. Any amendment will be posted on our website so that you are always informed of the way we collect and use your personal data. Any changes to this privacy notice will become effective upon posting of the revised privacy notice on the website. Use of our website following such changes constitutes your acceptance of the revised privacy notice then in effect but, to the extent such changes have a material effect on your rights or obligations as regards our handling of your personal data, such changes will only apply to personal data after the changes are applied.
This privacy notice is governed by and shall be construed in accordance with the laws of the Republic of Mauritius. This privacy notice is written in the English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this privacy notice, the English version shall prevail.
18. How to contact us?
We have appointed a Data Protection Officer to oversee compliance with and questions in relation to this notice. If you have any questions about this notice, including any requests to exercise your legal rights, please contact our Data Protection Officer using the details set out below:
If you believe we have not handled your request in an appropriate manner, you may lodge a complaint with the Data Protection Commissioner (DPC) (The Data Protection Office, 5th floor, SICOM Tower, Wall Street Ebène, Mauritius).However we ask that you please try to resolve any issues with us first before referring your complaint to the DPC.
Version dated 15 September 2021