CONI Svizzera
Sign inSign up
← Home

Privacy Policy

CONI Svizzera (Italian National Olympic Committee — Swiss Delegation) is the controller of personal data collected through the portal portale.conisvizzera.ch. This policy describes what data we collect, why, how we protect it and what rights you have. It complies with the Swiss Federal Act on Data Protection (FADP, 2023 revision) and the EU General Data Protection Regulation (GDPR).

Effective from 27 May 2026.

1. Data controller

Controller: CONI Svizzera — Delegation of the Italian National Olympic Committee in Switzerland.

Privacy contact: sport@conisvizzera.ch

2. Personal data collected

We collect only the data strictly necessary for the operation of the portal and the management of applications to CONI Svizzera initiatives.

• Account data: email address, password (encrypted, never stored in plain text), account type (family or organizer).

• Family data: name and surname of the reference parent, role (mother/father/other), phone, address, city, postal code, canton, country.

• Athlete data (children): name, surname, date of birth, nationality, sport practiced, club, level (amateur/competitive), federation card.

• Uploaded documents: medical certificate, ID copy, photo, federation card. Documents of minors are stored in a private area accessible only to authorized CONI Svizzera staff.

• Application data: form answers, application status, communications sent.

• Technical data: IP address and access logs, retained for 30 days for security purposes.

3. Purposes of processing

Data is processed exclusively to:

• Manage registration and access to the personal area.

• Manage applications for competitions, gatherings, sports weekends and other initiatives organized by CONI Svizzera.

• Communicate with families about application status, events and news.

• Comply with legal and administrative obligations (e.g. travel logistics, safety during events).

• Improve the portal (in aggregated and anonymous form).

We do not use data for profiling, advertising or transfer to third parties for commercial purposes.

4. Legal basis

Processing is based on:

• Your consent given at registration (Art. 6 FADP / Art. 6.1.a GDPR), revocable at any time.

• Performance of pre-contractual and contractual measures necessary for participation (Art. 6.1.b GDPR).

• The legitimate interest of CONI Svizzera in organizing its sports activities (Art. 6.1.f GDPR).

• For minors under 16, parental consent (Art. 8 GDPR) is mandatory.

5. Data retention

• Account data remains active as long as the user keeps the account.

• Application data is kept for 3 years after the closure of the competition.

• Sensitive documents of minors are deleted no later than 90 days after the end of the event.

• Technical logs are kept for 30 days.

• Upon request, the account and all associated data can be deleted immediately.

6. Hosting and data transfers

• Data is hosted on Supabase (primary servers in the EU — Frankfurt) and Vercel (servers in Europe).

• Transactional emails are sent via Resend (servers in Europe).

• For address autocomplete we use Photon (European service based on OpenStreetMap).

• No data transfers outside the EEA without adequate safeguards.

7. Security

We apply appropriate technical and organizational measures: encrypted HTTPS/TLS connections, bcrypt-hashed passwords, access to sensitive documents limited to authorized staff, regular backups, clear separation between public and personal area.

8. Protection of minors

The portal is aimed at families with children aged 8 to 18. Athlete profiles are created and managed exclusively by parents or guardians. Minors' data is handled with particular care: restricted access, minimal retention, immediate deletion possible.

9. Your rights

In accordance with FADP and GDPR you have the right to:

• Access your data and obtain a copy in readable format.

• Rectify inaccurate or incomplete data.

• Delete your data ("right to be forgotten").

• Restrict or object to processing.

• Receive data in structured format (portability).

• Withdraw consent at any time.

• File a complaint with the Federal Data Protection and Information Commissioner (FDPIC, Switzerland) or the supervisory authority of your EU country.

10. Cookies and similar technologies

The portal uses only essential technical cookies (authentication, session, language preference). No profiling cookies, no third-party advertising tracking.

11. Policy updates

We may update this policy to adapt to legal or organizational changes. The current version is always available at portale.conisvizzera.ch/privacy.

Contact to exercise your rights

For any request regarding the processing of personal data — access, rectification, deletion, portability, objection or withdrawal of consent — write to sport@conisvizzera.ch. We will reply within 30 days.