Please find below iRama’s privacy notice.
iRama respects your privacy and is committed to protecting your personal data.
This privacy notice informs you how we manage your personal data when visiting and using our website (regardless of where you visit it from) and tell you about your privacy rights and how the law safeguards you.
Download a pdf version of the policy here.
The Services that iRama provide can be used by Children over the age of 16 and under the age of 18. This website is not intended for children under the age of 16 and we do not knowingly collect data relating to children under the age of 16 unless the permission of the Child’s parent or guardian has been provided.
iRama’s website can be accessed throughout the world and different legal rules apply in different parts of the World. iRama seeks to comply with the Children's Online Privacy Protection Act 1998 (“COPPA”) which is a United States law and other frameworks like the General Data Protection Regulation (“GDPR”) which applies in Europe. Our goal is to minimize the information gathered from and disseminated about Children while permitting Children over 16 years of age active use of our Service with their Parent or Guardian’s approval.
The Site is controlled and operated by us from Singapore.
If a Child wants to register to become a registered user of our Site, we require the Child’s Parent or Guardian to access the U18 Player Registration link on the Home page of the Website. This page will take the Parent or Guardian to the U18 Player Registration Form which requires the following information to be provided:
U18 Player Registration
Main Football playing Position
Date of Birth
Status as professional if applies
Enter WhatsApp Number
We may use information collected from Children during the registration process and in account configuration in the following manner:
To create and maintain the Child's account;
To determine the Child's current age
Use of anonymous information. If the information collected from a Child does not identify or allow contact with him or her or his or her device (including, for example, aggregated information), we may use and disclose it for any purpose, to the extent permitted by applicable law.
No advertisements! We do not display advertising based on information collected from Children.
No newsletters! Our email newsletters are for parents and guardians of Children only – they are not designed for, or targeted at, Children. Children should not attempt to sign up for our email newsletters. We encourage parents to discuss with their Children the importance of not signing up to receive our email newsletters.
Ensure that the Sites function properly;
Enable us to conduct research and analysis to understand, address and improve the use and performance of the Sites; and
Diagnose and respond to problems.
We strictly limit the personal information that is publicly viewable about a person who has registered who is known by us to be a Child. Although the Child may create a Profile for his or her account (which includes only a username, password, birth month and year, and parent's email address), no portion of the Child's Profile other than the Child's age is publicly viewable.
If the Child accesses and uses the Social Media elements of the Site
When a Child posts a review or comment on the Sites, only the Child's age is posted, along with the content of the Child's posting.
Parental consent is required in respect of our use of a Child’s personal information to obtain our Services through the iRama website. When setting up an account, the Child must provide their parent’s email address. We use that email address to contact the Child’s parent to ask for their consent as required – we also explain to the parent:
What personal information we collect about their Child;
How we use it and why; and
How the parent can revoke their consent and/or ask that we delete their Child’s account and personal information.
If at this stage, the parent gives us their consent, we will carry out the activity for which that consent was required. If not, we won’t.
Deleting your Children’s information and their account.
If you are a parent, and we need your consent to certain processing of your Children’s personal information, if you:
Wish us to cease further collection of personal information from your Children;
Believe your Children are participating in an activity on the Site that uses their personal information without the parental consent required by law;
wish us to make no further use of, or delete, the personal information we have collected online from your Children; and/or
No longer wish for your Children to participate as members of the Site,
We will delete your Child’s Profile, and any parental contact information we may hold, on request.
Parents of European Children can exercise these rights through our Privacy Requests Portal.
Parents of non-European Children can exercise these rights by contacting us at email@example.com
Accessing or changing your Children’s account and any personal information we have collected online.
Parents may at any time:
Access or make changes to their Children’s account; or
Make changes to the personal information that we have collected online from their children,
By clicking on their Child's "My Account" link, by contacting us at firstname.lastname@example.org, or by writing to us at the address provided below.
For your Child's protection, we may need to verify your identity before implementing any request described in this Section E. We will try to comply with your request as soon as reasonably practicable.
If a parent has any questions or concerns about his or her Child's use of the Sites, we encourage the parent to contact us at email@example.com or:
Who does this Section G apply to? It applies to Children based in Europe. All references to “Child” or “Children” in this Section G are references to such European Children only. References to such European Children’s “parents” should be understood in the same light.
Who is our EU representative? Our EU representative can be contacted at firstname.lastname@example.org.
EU-specific rights. Under certain circumstances, Children may have certain rights – including those set out below:
Access. Request access to their Personal Data.
Correction. Request correction of inaccurate or incomplete Personal Data that we hold about them.
Erasure. Request erasure of their Personal Data.
Objection. Object to our reliance on our Legitimate Interests (see below) as the legal basis of processing of their Personal Data
Restriction. Request the restriction of processing of their Personal Data until we address their request establish its accuracy or our reasons for processing it.
Portability. Request the transfer of their Personal Data in a portable format.
Withdraw consent. Withdraw their consent to any Processing that relies on it as a legal basis (see below). Their parents have the same right to withdraw any parental consents that we have been given.
How to exercise these rights? These rights can be exercised by using our Privacy Requests Portal. Typically, there is no fee for this. However, we may charge a reasonable fee if the request is clearly unfounded, repetitive or excessive – or, in these circumstances, we may refuse to comply with the request. We may need to ask for information in relation to any request to help us confirm the identity of the person making it and to speed up our response.
The right to complain. We would love to be able to resolve all questions, requests and complaints about Personal Data directly. However, if a Child or their parent feels we have not been able to satisfactorily resolve an issue, they may contact their local data protection supervisory authority. For the contact information of the Data Protection Authorities for each European Union Member State, please click here.
Our “Legal Bases” for using Personal Data. The GDPR requires us to have a “legal basis” for each way that we use Personal Data. Most commonly, we will rely on one of the following legal bases:
Where we need to perform a contract we are about to enter into or have entered into with a Child (“Contractual Necessity”).Where a Child engages iRama’s Services with the approval of their Parent or Guardian that is an example of Contractual Necessity.
Where it is necessary for our legitimate interests and the Child’s interests and fundamental rights do not override those interests (“Legitimate Interests”).
Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).
Where we have specific consent to carry out the processing for the Purpose in question (“Consent”), in these cases we would need to get a Child’s parent’s consent which we obtain when the Parent completes the Registration Form and/or engages our Services for the Child. .
Purposes for Processing.
Purposes for Processing. We have set out below, in a table format, the legal bases we rely on in respect of the relevant Purposes for which we use Children’s Personal Data:
Examples of how we use relevant Personal Data for a Purpose
Our legal basis for this use of data
When you and your Parent/Guardian engage our Services we provide essential information about you to the third party such as the Intermediary or Scout who will contact you and your parent/guardian
Account set-up and Maintenance
To register a Child’s account on the Sites, and to populate their profile. To provide the core elements of the Sites.
We might use the Personal Data we collect to keep our Sites and associated systems operational and secure.
Compliance with Law.
Troubleshooting and Service improvement
We might use the information associated with the Persistent Identifiers above to track issues that might be occurring on our Sites and systems, or to test and improve them.
It is in our legitimate interests that we are able to monitor and ensure the proper operation of our Sites and associated systems and services.
Anonymised Data creation
We may create ‘Anonymous Data’ – this might include aggregated data such as statistical or demographic data. Anonymous Data may be created or derived from any of the Personal Data we collect, but once in anonymous / aggregated form it will not directly or indirectly reveal a Child’s identity (i.e., it’s no longer Personal Data).
We may use or disclose Anonymous Data for any purpose permitted by law, and do not require a legal basis to do so.
It is in our legitimate interests that we are able to ensure that our Sites and how we use information about our users is as un-privacy intrusive as possible.
For all Children who are under 13:
Children under 13 and Parents of Children under 13 should never provide Personal Data. we will moderate any communications from those Children to remove Personal Data from them; and we will not knowingly pass on or provide such Children's Personal Data to a third party. We consider this practice to be in the interests of the Children themselves, their parents, and ourselves.
What happens when you do not provide necessary Personal Data or you withdraw consent? Where we need to process a Child’s Personal Data either to comply with law, or to perform the terms of a contract we have with them and they fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into as part of our Services. Similarly, if we rely on Consent to process Children’s Personal Data, they or their parent may withdraw that Consent, but if this happens, we may not be able to provide certain Services or features.
International transfers. We are headquartered in Singapore. The Personal Data information that we collect from and about Children will be stored and processed in Singapore and may be stored and processed in other countries outside of Europe. However, it is our policy to ensure that adequate contractual or other safeguards are applied to Personal Data transferred outside of the European Union where required by European data protection law. If you have questions about the safeguards applied to Children’s Personal Data, you may contact us at email@example.com
We do not collect any Personal Data about Children from any third parties or publicly-available sources, other than from their parents (where they choose to give it to us) or a third party such as an Intermediary or a Scout where that third party has been engaged as part of the Services.
PURPOSE OF THIS PRIVACY NOTICE
IRama collects and handles your personal data when you use this website, this is data you provide when you register, subscribe to our service, and/or when you report an issue with our site.
Information you give us includes your personal details such as name, address, e-mail address and phone number, Date of birth, photos and video.
It is essential that you read this privacy notice so you are fully aware and understand how your personal data is being used. It is important you read this together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data.
This privacy notice is in addition to other notices and is not intended to override them.
iRama is responsible for your personal data (collectively referred to as ”the company”, “we”, “us” or “our” in this privacy notice).
Should you have any inquiries about this privacy notice, including any requests to exercise your legal rights, please contact;
Contact details are:
Arc 380, 05-10, 380 Jalan Besar , Singapore 209000.
To make a complaint, you may do so at the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). However, before doing so we would like to take the chance to deal with the matter.
CHANGES TO THE PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
This privacy notice was created on 30th April 2020.
Under the new laws, this privacy notice outlines most of your rights.
It your duty to make sure all personal data we have about you is correct and current. Please keep your details up to date.
Partnerships and other links.
iRama website may incorporate links to third-party websites, plug-ins and applications. Accessing those links or enabling those connections may allow third parties to collate or share data about you. iRama does not take any responsibility for the third party privacy policies and has no control over their websites. It is advisable you read the privacy notices of all websites you visit.
Any information which an individual can be identified by is known as personal data, or personal information. It does not include data where the identity has been removed (anonymous data).
The following variety of personal data that be may collected about you, transferred, used and stored has been grouped together:
FAILURE IN PROVIDING PERSONAL DATA
iRama may not be able to execute any contract or registration we have or are trying to enter into with you, if you fail to provide personal data which we need to collect by law, or under the terms of a contract we have with you. (For example, to provide you with goods or services). In this situation, iRama may have to cancel a product or service you have with us if this situation arises however we will inform you if this is the case at the time.
We use a variety of ways to gather information from and about you including through:
Personal information is only used when the law allows us to. Generally, your personal data is used in the following situations:
Commonly we do not rely on permission as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to retract permission to marketing at any time by contacting us.
INTENTIONS FOR WHICH WE WILL EMPLOY YOUR PERSONAL INFORMATION
Set out below, is an explanation of all the methods we plan to use your personal data for, and which of the legal bases we rely on to do so. Our legitimate interests have been identified where appropriate.
Your personal data maybe processed for more than one lawful ground depending on the specific objective for which we are using your information.
Where your data maybe used;
(Lawful basis: performance of a contract with yourself)
(Lawful basis: performance of a contract with yourself necessary for our legitimate reasons, to recover debts due to us.)
(Lawful basis: performance of a contract with yourself, complying with a legal obligation, required for legitimate interests, keeping records updated, research on how customers use our services and products).
(Legal basis: performance of a contract with yourself, required for our legitimate reasons to study how customers use our services and or products to help them develop and better grow iRama.
(Lawful basis: Required for our legitimate interests to run the business, technical services to include security to prevent fraud. Also for reorganising and structuring to grow a better product. Necessary to comply with legal obligations).
(Legal basis: required for our legitimate reasons to see how members use our site, services and products to help them, this allows us to develop our business to better provide key services.
(Legal basis: Required for our legitimate reasons to understand types of customers for our services and products, to stay updated and better our marketing).
(Legal basis: required for legitimate reasons and grow our business and products.
iRama aims to deliver you with options regarding certain personal data uses, particularly around advertising and marketing.
PROMOTIONAL OFFERS FROM US
We may use your profile, contact, Identity, Technical Usage to help us establish a view on what we think you may want or require, or what may be of significance to you. This enables us to decide which offers, services and products may be of interest for you (we call this marketing).
On requesting information from us or supplying information of your details when you register for a promotion or enter a competition or purchased goods or services from us you will acquire marketing communication, in each case, you have not opted out of receiving that marketing.
For marketing purposes iRama will obtain your express opt-in consent prior to sharing your personal information with any company outside iRama, unless as otherwise stated.
SELECTING TO OPT OUT
At any time you may request us or third parties to stop sending you marketing messages by emailing firstname.lastname@example.org and state “unsubscribe”
Where you opt out of getting these marketing messages, will not apply to personal information given to us as a result of a product/service experience, product/service purchase or other transactions.
CHANGE OF PURPOSE
Your personal information will only be used for the purposes for which we collected it, unless we reasonably recognise that we require to use it for another reason and that reason is congenial with the primary purpose. Please contact us if you wish to get an explanation as to how the processing for the new purpose is congenial with the primary purpose.
You will be informed if we require to use your personal data for an unrelated reason and we will explain the legal basis which allows us to do so.
Where required or permitted by law, we may process you personal information without your consent or knowledge, in compliance with the above rules.
Your personal data may have to be shared with the parties set out below for the purposes set out above.
We will get your approval if agents, clubs, related parties require your personal information outside of the European Economic Area (EEA). Your personal information is not transfer outside of the EEA.
To prohibit your personal data from being accessed in an unwarranted way, used, changed, disclosed or accidentally lost, we have established appropriate security measures. Only individuals such as employees, contractors, agents and other third parties who have a business need to know can access your personal data, they are subject to a duty of confidentiality and can only handle your personal data on our direction.
Procedures have been set up to deal with any suspicious personal data breach we will inform you and any relevant regulator of a breach where we are legally required to do so.
Your personal data is only retained for as long as it is required to fulfill the purposes we acquired it for, in addition to satisfying any accounting, legal, or reporting requirements.
To establish the reasonable retention time for personal data, we determine the nature, amount and sensitivity of the personal data, the conceivable risk of harm from unwarranted use or disclosure, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
See Request erasure below for further information, as in some situations you can ask us to delete your data.
In some situations we may anonymise your personal data (whereby it can no longer be associated with you) for research or statistical purposes in which case we may use this data indefinitely without further notice to you.
Under certain situations, under data protection laws you have rights in relation to your personal data which are as follows and further detailed, in the section marked “Your Legal Rights” below. Please click on the links below to find out more about these rights:
If you wish to exercise any of the rights set out above, please Contact us.
There is no fee to access your personal data (or to exercise any of the other rights). Although, a reasonable fee may be required if your request is undoubtedly excessive, repetitive or unfounded. Alternatively, we may decline to comply with your request in these circumstances.
INFORMATION WE MAY NEED FROM YOU
To help us substantiate your identity and make sure your right to access your personal data (or to use any of your other rights) we may require specific information from you. This is a security measure to safeguard that personal data is not divulged to any individual who has no right to obtain it. In relation to your request we may contact you for more information to speed up our response
All legitimate inquires we try to respond to within one month. If your request is particularly complicated or you have made numerous requests, then it may take us longer than a month, in which case we will inform you and keep you updated.
Legitimate Interest means the interest of our business in administrating and operating our business to ensure we provide you with an outstanding service/product and an outstanding and most guarded experience. Any conceivable consequence on you (both positive and negative) and your rights are deliberated and balanced before we process your personal data for our legitimate interests. Your personal data is not used for processes where our interests are overridden by the effects on you (unless we are allowed by law or we have obtained your consent). You may contacting us if you require more information about how we assess our legitimate interests against any unforeseen results on you in regards of specific activities by you.
Performance of Contract means processing your information where it is required for the performance of a contract to which you are a party or to make sure at your request before entering into such a contract.
Comply with a legal or regulatory obligation means your personal data is processed where it is require for compliance with a legal or regulatory requirement that we are subject to.
EXTERNAL THIRD PARTIES
YOUR LEGAL RIGHTS
You have the right to:
Request access. Commonly known as a “data subject access request” you may request access to your personal data. This allows you to obtain a copy of the personal data we have regarding you and to verify that we are lawfully processing it.
Request amendments This allows you to have any incorrect or incomplete data we have about you corrected, however we may need to authenticate the accuracy of the new data you give to us.
Request deletion This allows you to request us to remove or delete personal data where there is inadequate reason for us continuing to process it. If you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law you have the right to request deletion or remove of you personal data. We will contact you, if applicable at the time of the request that we may not always be able to grant your request of deletion for specific legal reasons.
Object to processing This allows you to object to the processing of your personal data where we are depending on a legitimate interest (or those of a third party) or on the grounds you perceive it impacts on your fundamental rights and freedom. If your personal data is processed by us for direct marketing purposes you have the right to object. In some instances, we may show that we have compelling legitimate grounds to process your information which over-ride your rights and freedoms.
Request restriction of processing This allows you to ask us to discontinue the processing of your personal data in the following situations: (a) where our handling of the data is unlawful but you do not want it deleted; (b) if you want us to determine the data's accuracy; (c) where we no longer need you data but you need it to exercise, establish or defend legal claims; or (d) We need to verify whether we have overriding legitimate grounds to use your data, if you object to is use.
Request the transfer This allows you to request the transfer of your personal data to you or to a third party. Your personal data will be given in a machine-readable, commonly used and structured format to you or the third party you select. This right only refers to automated information which you originally gave consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time This allows you to withdraw consent where we are depending on consent to process your personal data. Before withdrawal of your consent any processing of information carried out will not affect the lawfulness. If you withdraw your consent, we may not be able to provide certain products or services to you if you withdraw your consent, however you will be informed if this is the case at the time.