Our Principles
Hellenic Athletics Federation (SEGAS) recognizes the importance of the protection of its stakeholders (natural persons) with regards to the processing of their personal data as a fundamental right.
In this context, SEGAS, as Data Controller, complies with the requirements of the General Data Protection Regulation (EU 2016/679 – GDPR) and the national legislation, respects the rights and freedoms of the data subjects and secures that their personal data is:
– collected for specified, explicit and legitimate purposes, as these stated in the records of processing activities (data flow map) that SEGAS maintains
– processed lawfully, fairly and in a transparent manner, on the basis of consent, legitimate interest, legal obligation or contract performance
– stored safely to safeguard their confidentiality, integrity and availability.
All members of SEGAS personnel, associates, volunteers, as well as third parties that process personal data on behalf of the Federation are contractually committed to comply with the aforementioned framework.
It is important to note that the maintenance of archives of sport-event results and participants’ performances for historical, statistical and informational purposes, lays within the ground of legitimate interests of SEGAS, as the official institutional entity responsible for the development of athletics in Greece since 1897.
Data Subjects
The categories of data subjects whose personal data are being processed by SEGAS, include:
(i) athletes (registered in sport clubs that are members of the Federation),
(ii) independent runners (participants in road-races open to the public),
(iii) trainers,
(iv) medical and physio staff,
(v) personnel (permanent and on contract basis),
(vi) personnel’s family members,
(vii) job candidates,
(viii) volunteers,
(ix) judges,
(x) suppliers / associates (sole proprietors and freelancers),
(xi) business executives (working for suppliers, sponsors, and partners),
(xii) members of the Administrative Board of the Federation,
(xiii) officials of sport-clubs, authorities and other institutional entities,
(xiv) media representatives
(xv) sports fans and other individuals.
Personal Data Categories
Depending on the data subject’s capacity, the categories of personal data being processed by SEGAS might include:
- a) Unique identifiers (e.g. ID/Passport number, Social Security number, TIN),
b) Basic data (e.g. name/surname, sex, age),
c) Sport-club name,
d) Sport-performance data,
e) Communication data (e.g. Email, phone number),
f) Financial data (e.g. IBAN, registration fee); please note that in case of registration fee payment via credit card, SEGAS does not process any information related to your card
g) Image data (e.g. photo, video),
h) Data of special categories (e.g. health data)
Retention period of Personal Data
The personal data of the subjects are maintained for the purposes of SEGAS as follows:
- For the data subjects of categories (i) and (ii), those data necessary for the compilation of race results and, in particular, the surname, name, patronymic, gender, date of birth, nationality and date of registration of the athlete or runner, are kept without deletion for the purposes of the history of the SEGAS races, for the conduct of which the only competent body is SEGAS according to Law 2725/1999. All other data are kept until three (3) years after the last participation of the athlete or the runner in SEGAS races.
- For the data subjects of categories (iii) to (vi), the data are retained for the entire duration of the contract and an additional five (5) years
- For the data subjects of categories (vii) to (xv), the data are retained for the duration of the cooperation in any form with the SEGAS and three (3) years after its termination.
Data Transfers outside EU
Our aim is to restrict personal data transfers only to countries that have been deemed by the European Commission as destinations that provide an adequate level of protection for personal data; you may see the relevant decisions of the European Commission here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
However, due to the global nature of sports, and in the context of participation of SEGAS athletes, trainers, and members of the Administrative Board in official delegations, it may be required to transfer personal data to other countries, under the provisions of the Article 49(1) of the GDPR.
Your Rights
According to the GDPR, you have the following rights toward the processing of your personal data:
– access to your data,
– correction of your data, in cases where the data we hold about you are incorrect or insufficient,
– request to delete your data (‘right to be forgotten’), if there is no legal obligation or claim, and do not relate with any official result of a sport event,
– withdraw your consent, in cases where consent is the legitimate basis for the processing of your data; please note that for races open to independent runners, this request has to be made within the specific timelines as set in the application form which has to be read carefully,
– object to processing for a specific reason,
– request the restriction of the processing,
– request to transfer your data to another Controller.
To exercise any of your rights, you can address the respective request to the Data Protection Officer of SEGAS (pls. see below ‘Contact Person’). Our response to your request will take place within (1) one month of its receipt, unless an extension of up to two (2) months is required after having taken into account the complexity and the number of requests, and informed you in due time, accordingly.
If you do not have a response to your request, you have the right to lodge a complaint to the Hellenic Data Protection Authority (www.dpa.gr).
Delete data
The above data are kept for the above purpose by SEGAS as follows:
- a) Everything necessary for the results of the races, specifically the surname, first name, father’s name, gender, date of birth, nationality and date of registration of the runner, are kept without deletion for reasons of history of SEGAS races, for the conduct of which SEGAS is the only competent body in accordance with law 2725/1999
- b) All other data are deleted three years after the last participation of the runner in SEGAS races.
Cookie Policy
This site uses “cookies” to facilitate and improve your online experience. A cookie is a text file that is placed on your computer or other device by a Web page server. Cookies cannot be used to run programs or deliver viruses to your device. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.
In the present site, functional cookies are placed and read by SEGAS itself; third party cookies include research & analytic cookies (Google), and social media cookies (Facebook).
Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the web sites you visit. For more information about cookies, you may visit: http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm#section_2
Changes to this Notice
SEGAS will occasionally update this Privacy Notice to reflect any changes in its operational environment, legislation, and/or communication with data subjects. You are encouraged to periodically review this Notice to be informed about Personal Data Management policies applied in SEGAS.
Contact Person
SEGAS welcomes any questions and comments regarding Data Privacy and Protection. For this purpose, you may contact our certified Data Protection Officer at: This email address is being protected from spambots. You need JavaScript enabled to view it.