Effective: June 7, 2024
Overview
Personal Data We Collect
Categories of Personal Data We Collect
How We Use Your Personal Data
How We Obtain Your Personal Data
Who We Share Your Personal Data With
Your Rights Regarding Personal Data
Accessing, Modifying, Rectifying, and Correcting Collected Personal Data
Your California Privacy Rights
Your Nevada Rights
Your Virginia, Colorado, Connecticut and Utah Rights
Your Canadian Privacy Rights
Your EU and UK Privacy Rights
Your Choices
Communications Opt-Out
Location Information
Cookies, Web Tracking, and Advertising
Protecting Personal Data
Retention of Personal Data
Other Important Information About Personal Data and the Services
Collection of Personal Data from Children
Third-Party Websites and Services
Business Transfer
Do Not Track
International Use
Modifications and Updates to this Privacy Notice
Applicability of this Privacy Notice
Additional Information and Assistance
Overview
Excel Sports Management, LLC, Game Seven Marketing & Productions, LLC, and Nolan Partners Limited (collectively, the “Company,” “we,” “us,” “our”) respect your privacy and are committed to protecting the personal data we hold about you. If you have questions, comments, or concerns about this Privacy Notice or our processing of personal data, please see the bottom of this Privacy Notice for information about how to contact us.
This Privacy Notice explains our practices with respect to personal data we collect and process about you. This includes information we collect through, or in association with, our website with located at www.excelsm.com, www.gameseven.agency, and www.nolanpartners.com, our apps that we may provide, our products and services that we may offer from time to time via our website and/or related apps, our related social media sites, or otherwise through your interactions with us (the website, apps, products, services, and social media pages, collectively, the “Services”).
If you are located in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“UK”), we are subject to the EU General Data Protection Regulation (“EU GDPR”) and the UK General Data Protection Regulation (“UK GDPR”) and are the “controller” of your data.
Please review the following to understand how we process and safeguard personal data about you. By using any of our Services, whether by visiting our website or otherwise, and/or by voluntarily providing personal data to us, you acknowledge that you have read and understand the practices contained in this Privacy Notice. This Privacy Notice may be revised from time to time, so please ensure that you check this Privacy Notice periodically to remain fully informed.
Personal Data We Collect
We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal data”). In addition, we may collect data that is not identifiable to you or otherwise associated with you, such as aggregated data, and is not personal data. To the extent this data is stored or associated with personal data, it will be treated as personal data; otherwise, the data is not subject to this notice.
Categories of Personal Data We Collect
The types of personal data we collect about you depends on your interactions with us and your use of the Services. In the past twelve (12) months, we collected the below categories of personal data from our users:
- Identifiers such as a real name, alias, postal address, title, and email address. If you become an employee of the Company, we may also collect your social security number, driver’s license number, passport number, or other similar identifiers.
- Characteristics of protected classifications under federal law.
- Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Biometric information. For example, when you enter our building, you are required to present an ID badge. In addition, we may collect physiological, biological, and behavioral information and analytics from our athlete clients for performance management and tracking.
- Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
- Employment related information if you apply for a job with us, such as, your resume, and background check related information.
- Geolocation data related to your IP address.
- Financial information from our vendors and subcontractors.
- Inferences drawn from any of the information above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
- Sensitive personal data, such as health information and medical information from athlete clients who volunteer it.
We will not collect additional categories of personal data other than those categories listed above. If we intend to collect additional categories of personal data, we will provide you with a new notice at or before the time of collection.
How We Use Your Personal Data
We collect and process your personal data for the following purposes:
- Providing, predicting, or performing, including maintaining or servicing accounts, providing customer service, processing, or fulfilling orders and transactions, verifying customer information, and processing payments.
- Marketing our Services to you, including sending you email messages regarding invite-only events. In addition, we may conduct sweepstakes and contests either directly or through our third-party administrator, which may include special offers for Services. Also, we may post our events on our client’s social media sites.
- Communicating with you by email about Services and information tailored to your requests or inquiries.
- Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of the services or devices owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the services or devices owned, manufactured, manufactured for, or controlled by us.
- Complying with applicable laws, regulations, rules, and requests of relevant law enforcement and/or other governmental agencies, or for other purposes, as permitted or required by law.
- As necessary or appropriate to protect the rights, property, and safety of our users, us, and other third parties.
We will not use the personal data we collected for materially different, unrelated, or incompatible purposes without providing you with notice and obtaining your consent.
How We Obtain Your Personal Data
We collect your personal data from the following categories of sources:
- Directly from you. When you provide it to us directly whether online, by email, phone, or in-person.
- Automatically or indirectly from you. For example, through logging and analytics tools, cookies, and as a result of your use of and access to the Services (such as Google Analytics and WordPress), or through your interactions with us on social media websites.
- From our Service Providers. For example, payment providers and other service providers we engage. In addition, we may receive information from vendors that we may engage for athlete performance metrics.
- From Third Parties. For example, analytics and similar technologies to collect information about your online activity. Please refer to our Cookie Notice [hyperlink] for more information.
- Compliance with Legal Obligations and Protection of Individuals. We may process personal data to comply with the law and our legal obligations, as well as to protect you and other individuals from certain harms.
Who We Share Your Personal Data With
We disclose your personal data with the following categories of third parties:
- Our service providers.
- Our affiliated entities.
- Our partners or prospective partners in order to provide us and/or our partners with information about the use of the Services and levels of engagement with the Services, to allow us to enter into new business relationships, and to allow us to market Services on their behalf. In addition, we may share completed participant waivers with our clients with your consent.
- Government agencies or regulations when permitted or required to do so by law; in response to a request from a law enforcement agency or authority or any regulatory authority; and/or to protect the integrity of the Services or our interests, rights, property, or safety, and/or that of our users and others.
Your Rights Regarding Personal Data
Accessing, Modifying, Rectifying, and Correcting Collected Personal Data
We strive to maintain the accuracy of any personal data collected from you and will try to respond promptly to update our records when you tell us the information in our records is not correct. However, we must rely upon you to ensure that the information you provide to us is complete, accurate, and up-to-date, and to inform us of any changes. Please review all of your information carefully before submitting it to us and notify us as soon as possible of any updates or corrections.
Depending on the laws that apply to you, you may obtain from us certain personal data in our records. If you wish to access, review, or make any changes to personal data you have provided to us through the Services, please contact us at the information provided at the end of this Privacy Notice. We reserve the right to deny access as permitted or required by applicable law.
Your California Privacy Rights
California’s “Shine the Light” law permits our users who are California residents to request and obtain from us a list of what personal data (if any) we disclosed to third parties for their own direct marketing purposes in the previous calendar year and the names and addresses of those third parties. Requests may be made only once per year per person, must be sent to the email address below, and are free of charge. However, we do not disclose personal data protected under the “Shine the Light” law to third parties for their own direct marketing purposes. Requests may be sent through the contact methods listed below.
Please refer to our California Privacy Notice [hyperlink] to see your rights under the California Consumer Privacy Act (“CCPA”).
Your Nevada Privacy Rights
Nevada law permits our users who are Nevada consumers to request that their personal data not be sold (as defined under applicable Nevada law), even if their personal data is not currently being sold. Requests may be sent through the contact methods listed below.
Your Virginia, Colorado, Connecticut, and Utah Rights
If you are located in Virginia, Colorado, Connecticut, and Utah, you have certain rights regarding your personal data. The section describes how we collect, use, and share your personal data under the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act (“CPA”), the Connecticut Act Concerning Personal Data Privacy and Online Monitoring (“PDPOM”), and the Utah Consumer Privacy Act (“UCPA”) and your rights with respect to that personal data.
As a Virginia, Colorado, Connecticut, or Utah resident, you have some or all of the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by law. You can ask to appeal any denial of your request in the same manner through which you may submit a request.
- Right to Access and Portability. You have right to access your personal data and/or receive a copy of the personal data that we have collected about you.
- Right to Correct. You have the right to correct inaccurate personal data that we have collected about you.
- Right to Delete. You have the right to delete the personal data we have obtained about you or that you have provided to us with certain exceptions.
- Right to Opt-out of Tracking for Targeted Advertising Purposes. You have the right to opt-out of certain tracking activities for targeted advertising purposes.
- Right to Opt-out of Profiling. If we process your personal data for profiling purposes as defined by the VCDPA, CPA, PDPOM, and/or UCPA you can opt-out of such processing.
- Right to Non-discrimination. You have the right to be free from discrimination as prohibited by the VCDPA, CPA, PDPOM, and/or UCPA.
Your Canadian Privacy Rights
Residents of Canada are permitted to request and obtain from us information respecting the existence, use, and disclosure of their personal data as well as access to that information (subject to certain exceptions pursuant to applicable laws). Without limiting the above, residents of Canada will, upon request:
- Be informed of whether we hold personal data about you;
- Be provided with an account of third parties to which we have disclosed your personal data;
- Be able to challenge the accuracy and completeness of your personal data and have it amended as appropriate; and
- Be provided with information about our policies and practices with respect to the management of personal data, including: the name or title, and address, of the person who is accountable for our privacy policies and practices; the means of gaining access to personal data; a description of the type of personal data held by us, including a general account of its use; a copy of any brochures or other information that explain our policies, standards, or codes; and what personal data is made available to related organizations.
Your EU and UK Privacy Rights
If you are located outside the United States, we transfer personal data for processing in the United States, including personal data sent via e-mails. Under the GDPR, we are considered a “controller” of the Personal Data. By using the Services outside the United States, you acknowledge that we will transfer your data to, and store your personal data in, the United States, which may have different data protection rules than in your country, and personal data may become accessible as permitted by law in the United States, including to law enforcement and/or national security authorities in the United States. For transfers of data into and out of the EEA, Switzerland, and the UK, pursuant to Article 46 of the GDPR, we use standard contractual clauses adopted by the European Commission or applicable regulator.
Under the GDPR, you may have the following rights with respect to your personal data, including to:
- Right to Access and Portability. You have right to access your personal data and/or receive a copy of the personal data that we have collected about you in a portable format.
- Right to Object to Processing. You have the right to object to the continued processing or use of your personal data.
- Right to Correct. Right to update and correct inaccuracies in your personal data.
- Right to Object. Right to object to the continued processing or use of your personal data in certain situations, including for direct marketing.
- Right to Erasure. Right to have the personal data blocked, anonymized, or deleted, as appropriate in certain situations.
- Right to Complain. You have the right to complain to a supervisory authority, and your personal data may be blocked, anonymized, or deleted, as appropriate. If you are in the EU, you may find information about your supervisory authority here and if you are in the UK, you may find it here.
- Right to Withdraw Consent. If you have provided us with a consent to use your personal data, you have a right to withdraw that consent easily at any time. Please contact us to do so. Withdrawing a consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn.
The right to access personal data may be limited in some circumstances by local law. If you qualify, in order to exercise these rights, please contact us as set forth below.
Excel Sports Management
1700 Broadway, 28th Floor, New York, NY 10019
Attn: General Counsel
(646) 454-5900
We may ask you to provide additional information for identity verification purposes, or to verify that you are in possession of an applicable email account.
Please understand, however, that we reserve the right to retain an archive of such personal data for a commercially reasonable time to ensure that its deletion does not affect the integrity of our data; and we further reserve the right to retain an anonymous version of such Information.
This section of the Privacy Policy is applicable to individuals located in the EEA, Switzerland, and the United Kingdom (“European Data Subjects”).
Our purpose for collecting and processing personal data from European Data Subjects is to provide them with the features and functionalities of our Services and information regarding our Services. The legal basis for processing personal data is as follows:
- It is necessary for performance of a contract between us to provide you with the Services.
- It is related features and functionality and in other circumstances may be necessary for our legitimate interests in making the Services available and secure.
- To exercise our rights or comply with legal obligations.
- We also rely on your consent to receive information about our Services.
You may withdraw consent from receiving marketing and promotional communications by clicking the “Unsubscribe” link on the communication or sending an email to [email protected] with the subject line “Opt Out.” If European Data Subjects do not provide personal data to us or withdraw consent for processing such personal data, we may not be able to provide such individuals with certain features or functionalities of the Services or information regarding the Services. Note that we do not collect any sensitive personal information about you.
European Data Subjects may obtain information about the personal data that we hold about them by contacting us at [email protected].
Your Choices
You have choices about certain information we collect about you, how we communicate with you, and how we process certain personal data. When you are asked to provide information, you may decline to do so, but if you choose not to provide information that is necessary to provide some of our Services, you may not be able to use those Services. In addition, it is possible to change your browser settings to block the automatic collection of certain information.
Communications Opt-Out. You may opt out of receiving marketing or other communications from us at any time through a given communications channel (such as email or telephone) by following the opt-out link or other unsubscribe instructions provided in any email message received or by contacting us as provided at the end of this Privacy Notice.
Note that if you do business with us in the future, you may not, subject to applicable law, opt out of certain automated notifications based on business transactions.
Location Information. If you want to limit or prevent our ability to receive location information from you, you can deny or remove the permission for certain Services to access location information or deactivate location services on your device. Please refer to your device manufacturer or operating system instructions for instructions on how to do this.
Cookies, Web Tracking, and Advertising. Consult our Cookie Notice for more information about how to control and/or opt out of certain web tracking technologies and/or advertising providers from collecting information about you.
Protecting Personal Data
We use reasonable and appropriate physical, technical, and organizational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability, and resilience of personal data. Those safeguards include (i) endpoint protection software; (ii) taking steps to ensure personal data is backed up and remains available in the event of a security incident; (iii) multi-factor authentication; (iv) firewall; (v) proofpoint email security; (vi) VPN; and (vii) drive and 256-bit AES encryption.
However, no method of safeguarding information is completely secure. While we use measures designed to protect personal data, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that Internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
Retention of Personal Data.
We retain personal data to the extent we deem necessary to carry out the processing activities described above, including, but not limited to, compliance with applicable laws, regulations, rules, and requests of relevant law enforcement and/or other governmental agencies, and to the extent we reasonably deem necessary to protect our and our partners’ rights, property, or safety, and the rights, property, and safety of our users and other third parties.
Other Important Information About Personal Data and the Services
- Collection of Personal Data from Children. We do not knowingly collect information from children under the age of 18. By using the Services, you represent that you are 18 years of age or older or have valid parental consent to do so.
- Third-Party Websites and Services. As a convenience and as part of our Services, we may reference or provide links to third-party websites and services. When you directly access these third-party services, you leave our Services, and we are not responsible for, and do not control, the content, security, or privacy practices employed by any third-party websites and services. You access these third-party services at your own risk. This Privacy Notice does not apply to any third-party services; please refer to the privacy notice or policies for such third-party services for information about how they collect, use, and process personal data.
- Business Transfer. We may, in the future, sell or otherwise transfer some or all of our business, operations or assets to a third party, whether by merger, acquisition or otherwise. Personal data we obtain from or about you via the Services may be disclosed to any potential or actual third-party acquirers and may be among those assets transferred.
- Do Not Track. We use analytics systems and providers and participate in ad networks that process personal data about your online activities over time and across third-party websites or online services, and these systems and providers may provide some of this information to us. We do not currently process or comply with any web browser’s “do not track” signal or similar mechanisms. Please refer to our Cookie Notice [hyperlink] for more information.
- International Use. Your personal data will be stored and processed in the United States. If you are using the Services from outside the United States, by your use of the Services you acknowledge that we will transfer your data to, and store your personal data in, the United States, which may have different data protection rules than in your country, and personal data may become accessible as permitted by law in the United States, including to law enforcement and/or national security authorities in the United States.
Modifications and Updates to this Privacy Notice
This Privacy Notice replaces all previous disclosures we may have provided to you about our information practices with respect to the Services. We reserve the right, at any time, to modify, alter, and/or update this Privacy Notice, and any such modifications, alterations, or updates will be effective upon our posting of the revised Privacy Notice. Your continued use of the Services following our posting of any revised Privacy Notice will constitute your acknowledgement of the amended Privacy Notice.
Applicability of this Privacy Notice
This Privacy Notice is subject to the Terms of Use [hyperlink] that govern your use of the Services. This Privacy Notice applies regardless of the means used to access or provide information through the Services.
This Privacy Notice does not apply to information from or about you collected by any third-party services, applications, or advertisements associated with, or websites linked from, the Services. The collection or receipt of your information by such third parties is subject to their own privacy policies, statements, and practices, and under no circumstances are we responsible or liable for any third party’s compliance therewith.
Additional Information and Assistance
If you have any questions or concerns about this Privacy Notice and/or how we process personal data, please contact us at:
Excel Sports Management
1700 Broadway, 28th Floor, New York, NY 10019
Attn: General Counsel
(646) 454-5900
For more information about how users with disabilities can access this Privacy Notice in an alternative format, please contact us through the above contact methods.