FC Shakhtar Donetsk is a Ukrainian company that is based in Ukraine, being the developer and owner of various products and services branded FC Shakhtar Donetsk and FСSD, including the Shakhtar Tickets application (hereinafter referred to as the Services). The FC Shakhtar Donetsk Company is a controller of the personal data of the Users of the Services. The personal data controller is a person who determines for what purpose and how to collect personal data.
The Company has developed this Policy taking into account the requirements of the General Data Protection Regulation (GDPR).
By creating an account and using the Services, the User confirms that he/she is 18 years old and has reached the appropriate age allowing him/her to independently enter into contracts.
In the event that the Company asks the User to consent to the processing of his/her personal data, he/she may do so independently after reaching the appropriate age. By registering and using the Services, the User confirms that he/she is 18 years old and has reached the appropriate age allowing him/her to independently consent to the processing of his/her personal data.
If the User doubts whether he/she can independently give his/her consent to the processing of personal data, he/she shall contact the personal data protection authority.
The Company may request the User to provide additional documents or to complete additional procedures to make sure that he/she is already 18 years of age. If the Company has reasonable doubts about the User’s age, the Company may also contact his/her parents or guardians for the purpose of obtaining the consent or approval for the processing of the User’s personal data if he/she has not reached the appropriate age. In the course of clarifying the circumstances or obtaining consent or approval from the parents or guardians, the Company may restrict the processing of the User's data by temporarily blocking the account.
The Company receives the User’s personal data in several ways:
- directly from the User;
- as a result of the use of the Services by the person;
- as a result of monitoring the User’s activity in the Services.
Below, we have described in more detail those three ways of receiving information about the User.
The Company collects information provided by the User independently, namely:
- the name and surname of the User;
- nickname/display name of the User;
- age, date of birth of the User;
- gender of the User;
- email address (e-mail) of the User;
- phone number of the User;
- avatar of the User.
If the User contacts the Company by e-mail (for example, to contact the support service), the Company is entitled to collect the User data necessary for replying: the name, email address and any other information contained in an e-mail. The Company may use the information provided in the messages to contact the User and provide him/her with a reply.
The Company collects information when the User is using the Services, and observes his/her behaviour in the Services. When the User uses the Services, the Company collects and processes such personal data and information as:
- how much time the User spent in the Services,
- the time and date of the last visit in the Services,
- the User data that verified the User,
- a list of the Users which the User interacted with, including correspondence.
We also collect information about the pages and features of the Services most frequently used by the User, which ads he/she viewed, what goods he/she viewed and purchased on shakhtar.com, shop.shakhtar.com, and Shakhtar Tickets.
Data processing bases and methods
FC Shakhtar Donetsk collects and processes the User data based on the following grounds:
- The Company collects and processes the User data on the basis of an agreement between the User and the Company. By registering and using the Services, the User concludes a service provision contract with the Company. In order to provide services as a whole, as well as an individual service component (such as shakhtar.com and the mobile application Shakhtar Tickets, etc), the Company must collect and process certain data of the User;
- The Company may process the User data if required by the law applicable to the Company's activities. The Company may also provide the User data at the request of judicial authorities, authorised law enforcement agencies or when the collection of information and identification is required by the legislation on financial monitoring and prevention of the laundering of money obtained in criminal ways, and as well as by other applicable legislation.
Use of information
The Company collects and processes personal User data for:
- the direct operation of the Services and the provision of the appropriate services to the Users;
- elimination of deficiencies in operation of the Services and ensuring their uninterrupted operation;
- improvement and optimisation of the Services operation, aswell as development and creation of new functions and Services;
- ensuring the safety of users of the Services and the safe operation of the Services;
- realization of profiling of the User and acceptance on its basis of automatic decisions (including completely automatic decisions);
- implementation of User profiling and using the User profile for displaying targeted advertising;
- advertising and marketing activities;
- control over the compliance of the Users with the requirements of the rules for the use of the respective Services;
- maintaining communication with the User via e-mail, SMS, message services (e.g. Viber) and answering questions, sending news, special offers, promotions and other information that, in the opinion of the Company, may be of interest to the User.
The Company retains the User's personal data only as long as he/she or the Company needs it for the purpose specified in this Policy. The latter also applies to any other third person who performs certain actions on behalf of the Company. In case the Company does not need any specific information about the User and does not need to store it under the law requirements, it will delete or store it in the way that makes it impossible to identify the User.
The Company passes and can pass the User data to:
- the third party processors, that is, the companies that help the Company to collect, store, analyze, structure, and otherwise store and process information or to perform other custom actions;
- the third parties - companies integrated with certain products and services of the Company;
- the third parties - advertisers, and in this case information is provided in a generalized and aggregated form, which makes it impossible to identify a specific person;
- its subsidiaries and affiliated companies;
- the other users who receive certain information about the User with the help of information displayed in the profile;
- the third parties in the event of presence of a legitimate reason (for example, disclosure of certain contact information of the User who has distributed the illegal content at the request of the rights holder for such content);
- the third parties in case of implementation of the Company merger and acquisition agreements;
- the state and judicial bodies if there is a legal basis and a corresponding requirement.
Setting up access, editing and deleting personal information
The company takes seriously the confidentiality of the User data and seeks to ensure the proper level of transparency of its operation. Therefore, by providing sufficient data to identify the User (in order to protect the privacy of other Users), he/she may ask the Company about their personal information and correct any inaccuracies in the data.
The User is entitled to access the data the Company collects about him/her. In order to exercise this right, he/she can email to firstname.lastname@example.org. The Company may ask the User to carry out additional verification or verification procedures in order to ensure that the information is provided to the right User. The company will process and respond to the request within 30 calendar days from the receipt of the relevant request.
Saved data will be deleted by the Company after the expiration of the storage period established by law or agreement, as well as when the Company no longer needs to store certain data. The User is entitled to request at any time the deletion of information about him/her from the Company's database, and has the right to withdraw his/her consent to the use or processing of personal data at any time. In such cases, it is necessary to send an e-mail to email@example.com. By withdrawing their consent for data processing, the User will continue to be able to use the Services, but some functions may be unavailable.
The User is entitled to change his/her data if the data available at the Company is outdated or inaccurate. If the User has difficulty changing his/her information, they must contact the Company by emailing to firstname.lastname@example.org.
The services belong to the FC Shakhtar Donetsk Private Joint Stock Company, which is located in Ukraine. The Company is a controller of the personal data of the Users of Services, that is, the Company determines what data to collect about the Users of the Services and for what purpose the data are used.
In case the User needs to ask the Company about something, he/she may contact it by using the following contact information: https://shakhtar.com/en/club/contacts/.
In case of making changes in this Policy, the Company will inform the Users about that by publishing the updated Policy on the official site of shakhtar.com.