By choosing our Artificial Intelligence computer vision software and adjacent services, your organisation has appointed Studio Automated Sport & Media B.V. (Studio Automated) to assist you with the processing of information on your behalf. Because a large part of the information which Studio Automated shall be requested to process for you is expected to consist of video images of sporting events, it is very likely that this information will also contain personal data of people that partake in such events.
The General Data Protection Regulation (GDPR) strengthens the rights of people’s privacy. The use of personal data is regulated within the European Union by the GDPR. As a data processor for your organisation, Studio Automated will take its legal responsibilities very serious. We shall continue to meet the requirements that the GDPR imposes on data processors and honour our contractual obligations with your organisation in this respect.
When you upload, store or otherwise process any personal data through use of our
software or any of our additional services, we expect your organisation to equally
observe your obligations as a data controller under the GDPR and honour your
contractual obligations with Studio Automated.
For what purpose do we process personal data
Studio Automated shall only process information received from you, including any personal data contained therein, to facilitate your use of our software and of the additional services as provided to your organisation under our agreement. We shall not process this information for any other purpose. As soon as our agreement with you organisation ends, Studio Automated shall delete all such information from its data storages.
How we protect personal data
We take appropriate measures to protect the personal data that we receive from your organisation, such as the following.
- Any video content which is placed on our local physical servers are encrypted at rest and cannot be decrypted when our machines get physically stolen;
- Any communication with our API is encrypted (HTTPS) and only works with valid (JWT) tokens in connection to hierarchical roles and rights;
- All services (API, Dashboard, Video on Demand, Virtual Coach Assistant, Cloudboxes and local Virtual Director servers) use the AIP with authentication and authorisation;
- Pictures for calibration, top-views, overlays are stored in Azure Blob storage in containers which are not public and can only be accessed via our API;
- Video on demand and Virtual coach assistant recordings are secured with (JWT) tokens and requested data will be logged in audit trails; Usernames and encrypted passwords are stored in MongoDB Atlas, which is secured with credentials and only accessible from whitelisted IP-addresses.
Sharing of data
Information received from you, including any personal data contained therein, may be shared with the employees of Studio Automated and with companies that have been subcontracted by Studio Automated for the provision of services to our clients. Studio Automated shall ensure that the processing of personal data by each of the above subcontractors shall comply with the requirements that the GDPR imposes on data processors.
QUESTIONS AND COMPLAINTS
If you have any questions about this privacy statement, please contact the Data Protection Officer of StudioAutomated at firstname.lastname@example.org. You can also send a letter to:
Data Protection Officer
1019 HD Amsterdam
If you have a complaint, you can contact us in the same way. In addition, you are always entitled to submit a complaint to the Dutch Data Protection Authority.