We – BRP-Rotax GmbH & Co KG and the race organizers (link to list) – jointly operate the Rotax Event Management System including the corresponding mobile app ("Rotax Global App") to provide you with information about races, events, products and services.
If our privacy policy does not answer all your questions, we will be happy to provide you with additional answers at the mail address privacy.rotax@brp.com.
Or you can write us:
BRP-Rotax GmbH & Co KG
c/o data protection
Rotaxstrasse 1
4623 Gunskirchen
Austria
(These are the contact details of the office responsible for all data protection issues relating to the Rotax Event Management System and Mobile App).
The following information relates to data processing activities carried out within the framework of our jointly provided Rotax event management system and the associated "Rotax Global App".
You may come across race organizer websites during your browsing experience in the Rotax Global App. The respective race organizers are solely responsible for the data processing that takes place directly on their websites.
The protection of your personal data is our special concern. We therefore process your data exclusively on the basis of legal provisions (DSGVO, öDSG, öTKG 2021 and any mandatory legal provisions at the location of the event).
Any data processing requires a legal basis. Within the framework of our Rotax Event Management System and the associated "Rotax Global App", we only process your data if at least one of the following conditions applies:
When you use the event registration / race entry provided by us on the race organizer websites or directly in the Rotax Global App, various personal data are collected and processed. "Personal data" are information about an individual that is linked to his or her identity, such as name, phone number, email address, or other identity identifier (e.g., race license). Our privacy policy explains what data we collect, for what purpose and how we use it.
On the one hand, your data are collected when you provide them to us. This can be, for example, data that you enter in the registration form and upload. Other data are collected automatically or after your consent when visiting the event registration / race registration on the websites of the race organizers and the Rotax Global App by our IT systems. These are mainly technical data (e.g. internet browser, operating system or time of page view). These data are collected automatically as soon as you call up the registration forms or use the Rotax Global App.
Purposes for data use may vary: from processing your registration, to ensuring that there is no unauthorized access to the Rotax Event Management System and the Rotax Global App, to marketing. Detailed information on the processing purposes can be found below in the description of the respective data processing activities.
Unless a more specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose of the data processing has been achieved. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be used only for these purposes foreseen by law and will be deleted once these reasons no longer apply.
We take great care in our selection of systems and tools to ensure that they comply with the principles of the GDPR. Almost all systems and solutions we use are developed in Europe and hosted on European servers.
Push messages that are displayed directly in the Rotax Global App are created via Google's US solution "Firebase" and delivered via Google's and Apple's US push providers or Huawei's Chinese providers. In order for push messages to be delivered to your mobile phone, the Mobile Device ID must be processed. Push messages in the Rotax Global App will only be displayed with your consent. "Firebase" is a Google tool based in the USA. The USA does not have a data protection law equivalent to the EU data protection law. If you have activated push messages, it is possible that your personal data, insofar as it is related to the push message, may be transferred to the USA or other third countries and processed there. For example, US companies may be required by US law to release personal data to US security authorities. We have no influence on these processing activities.
For some data processing we rely on the support of service processors. We have concluded a contract on commissioned processing (data processing agreement) with them. This is a contract required by data protection law, which is intended to ensure that they process the personal data of our users, customers and interested parties only according to our instructions and in compliance with the GDPR.
According to Art. 12–22 GDPR you have the following rights:
If you have given your consent to certain data processing operations, you can revoke this consent at any time with the effect that future use of this data is prohibited. Furthermore, you have a right to lodge a complaint to the data protection supervisory authorities.
For this, as well as for further questions on the subject of data protection, you can contact us at any time.
By e-mail to privacy.rotax@brp.com
Or by mail to:
BRP-Rotax GmbH & Co KG
c/o Data Protection
Rotaxstrasse 1
4623 Gunskirchen
Austria
These are the contact details of the responsible party for all data protection issues relating to the Rotax Event Management System and the Rotax Global App. If you have any questions regarding privacy issues related to your customer relationship with a race organizer, please contact them directly. (Link to overview page)
We protect your personal information from unauthorized access, use or disclosure. We ensure that your personal data stored by us is used in a controlled, secure environment that prevents unauthorized access and disclosure.
The event registration / registration for the race always takes place via a website that uses SSL or TLS encryption for security reasons. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and that the lock symbol appears in your browser line.
In the Rotax Global App there is an optional registration possibility for you. Passwords set during registration are encrypted in our database.
The provider of the event registration pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: IP address, date and time of access, country and a corresponding information if logged in incorrectly. These data will not be combined with other data sources.
We have a legitimate interest (Art. 6(1) lit. f GDPR) in the technically error-free presentation and optimization of our event registration pages – for this purpose, the server log files must be collected.
Storage period: 365 days
Log files are also created and stored in the Rotax Global App for the last login: IP address, date and time of access, username/email, errors and warnings.
We have a legitimate interest (Art. 6(1) lit. f GDPR) in the technically error-free presentation and optimization of our Rotax Global App – for this purpose, the server log files must be collected.
Storage period: 365 days
If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, contact details, content of the inquiry) will be processed by us for the purpose of dealing with your request. We do not pass on these data to third parties without your consent.
The processing of these data is based on Art. 6 (1) lit. b GDPR if your request is related to pre-contractual measures or to the performance of a contract between you and us. In all other cases, the processing is based on our legitimate interest in the effective handling of the requests addressed to us (Art. 6 (1) lit. f GDPR).
Data from inquiries will be stored by us for as long as is necessary to process your request, but for no longer than six months, unless mandatory statutory provisions – in particular statutory retention periods – require longer storage or where it is necessary for the establishment, exercise or defense of legal claims.
The data collected during your event registration / race registration (name, contact information such as email address, phone number, address, country, date of birth, class, body weight, race license, photo, etc.) will be processed based on our legitimate interest to provide a professional event experience (Art. 6(1) lit. f GDPR). If necessary, this data may be passed on to the event location for smooth processing on site.
Some of the data you provide is necessary for the organization and execution or your participation in the race and is therefore mandatory. Other data you can provide voluntarily (e.g. sporting CV, best results or hobbies). You can change your data after the event registration / registration for the race by using the "edit code" sent to you by e-mail.
Data from the event registration will be stored by us as long as this is necessary for the processing of the event, but no longer than one year after the event, unless mandatory legal provisions – in particular legal retention periods – require longer storage.
We store the email address and name you provide in the registration form or app registration in our customer and prospect database. These data will be included in newsletter communications about our events, services and products around Rotax Kart. You have the option to object to this at any time, in each newsletter by using the unsubscribe link or by sending an email to privacy.rotax@brp.com. This data processing is based on our legitimate interest to provide you as a customer or interested party with relevant information about Rotax Kart (Art. 6(1) lit. f GDPR). Your data will be stored until you object or for a maximum of two years after our last contact.
If you have given your consent (Art. 6(1)(a) GDPR) for push messages in the Rotax Global App, we will provide you with news and information about the races and events you have selected. The primary purpose of these messages is to keep you up to date before, during and after the races and events directly in the Rotax Global App and to inform you about possible changes promptly.
The push messages are created via Google's "Firebase" tool and delivered directly to your mobile phone. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, is responsible for all Google services in Europe.
Where Firebase is used, Google processes personal data like the Mobile Device ID. The processing of the Mobile Device ID is technically necessary, otherwise no push messages can be delivered to your mobile phone.
Data collected through Firebase is stored on Google's own servers distributed around the world. Most servers are located in the United States. Google currently transfers and processes data to/in the United States based on the standard contractual clauses of the EU Commission (Article 46(2) and (3) of the GDPR) and thus undertakes to largely comply with the European level of data protection when processing your data. However, the fact that US authorities may request access to this data cannot be avoided. You can find details about this here: https://policies.google.com/privacy/frameworks?hl=en
Depending on whether you use Google tools (e.g., a Google account), and depending on which Google services you have consented to Google using, Google may combine data collected through the Rotax Global App with information Google already has about you and create profiles about you. This enables Google to subsequently offer services and benefits tailored to you.
The storage period depends on the type of data collected and the particular tool used for processing.
Further useful links:
As a user, you also have the possibility to register in the Rotax Global app. Your data (e-mail address and password), which you provide in the registration process, will be processed on the basis of our legitimate interest (Art. 6(1) lit. f GDPR) for the purpose of providing the following functions in the Rotax Global App: You can
Your registration data will remain stored until you delete the Rotax Global App. Data that you have entered during an event registration / race registration remains unaffected. The above storage period applies to this data.
In the Rotax Global App, personal data are processed in some areas, and the processing is the sole responsibility of the respective race organizer. This may concern the following:
Live timing and live streaming
If you have any questions, please contact the race organizer (link to list) directly. You can find his contact details in his imprint too – available in the section "Entry Form".
During the events, recordings may be made of the visitor area to document the events and the mood of the participants for the interested public. No photographs will be published that depict participants in a way that they might find objectionable. If individual participants are to be separately photographed or interviewed, this will only be done with their consent. For more information, please contact the race organizer (link to list).