Legal · Privacy
Privacy Policy
Who We Are
daxaa, s. r. o. — operating the Turnio platform
| Registered office | Mierová 654/70, 821 05 Bratislava, Slovak Republic |
| Company ID / IČO | 47329122 |
| Tax ID / DIČ | 2023823813 |
| VAT ID / IČ DPH | SK2023823813 |
| VAT registration | Registered under §4, from 19 January 2016 |
In these Terms, "Turnio", "we", "us", or "our" means daxaa, s. r. o., operating the Turnio event registration and management platform.
Turnio provides software and technical services for event organizers. Turnio is not normally the organizer of events published on the platform. The event organizer remains responsible for the event itself, event content, registration conditions, participant communication, refunds, safety, competition rules, and the lawful use of participant data.
GDPR Roles
For participant registration data, the event organizer is normally the Data Controller. The organizer decides why participant data is collected, which event it is collected for, how the event is managed, and how official competition information is used.
Turnio acts as a Data Processor for participant registration data when it provides the technical platform, stores the registration, sends event-related emails, generates QR codes, and allows the organizer to manage the event.
Turnio acts as an independent Data Controller for its own platform-related processing, including organizer accounts, login security, billing, publishing codes, invoicing links, system administration, fraud prevention, support, and legal compliance.
In practice
- Participant registration data: Organizer is Data Controller, Turnio is Data Processor.
- Organizer account, billing, security, and platform administration data: Turnio is Data Controller.
- Exported files and organizer-managed archery databases: Organizer is responsible as Data Controller.
- Marketing use of participant data: Not allowed unless the organizer obtains separate valid consent or has another lawful basis.
Personal Data We Process
Depending on the event configuration, Turnio may process the following participant data:
- Registration number, first name, last name, and email address
- Club name or club code
- Division, class, category, or similar competition classification
- Preferred group or session
- Ticket or order information
- Ordered extras or add-ons
- QR code token and check-in status
- Cancellation, refund, and registration status
- Para flag, where enabled by the organizer
Turnio may also process organizer account data, including name, email, phone number, website, country, company and invoicing details, VAT or tax details, and platform role and permissions.
Turnio may process technical and security data, including IP address, session cookies, login and rate-limit records, audit and email delivery logs, and error logs and security events.
Purpose of Processing
Participant data is processed for the following purposes:
- Creating and managing event registrations
- Confirming participation and sending transactional event emails (confirmation, cancellation, refund, QR codes)
- Managing attendee lists, check-in, and event administration
- Exporting competition data for use in systems such as IANSEO
- Preparing start lists, attendance records, and official event results
- Managing cancellation and refund processes
- Supporting organizers and participants
- Protecting the platform against abuse, fraud, and unauthorized access
Organizer data is processed for: creating and maintaining organizer accounts, managing event publishing and platform access, handling publishing codes and invoice links, providing support and service notifications, maintaining security and platform integrity, and complying with legal and accounting obligations.
Legal Basis
For participant registration data, the usual legal basis is performance of a contract or steps taken before entering into a contract, because the data is needed to register the participant and administer the event.
In some cases, the organizer may rely on legitimate interest, especially for maintaining event records, protecting the integrity of the competition, handling disputes, preserving start lists and results, or ensuring platform security.
Where marketing communications are involved, separate consent is required.
Registration Is Not Marketing Consent
Registering for an event through Turnio does not constitute consent to receive newsletters, advertising, promotional offers, or other marketing communications.
Organizers are required to respect this rule. They may not use participant registration data for marketing unless they have obtained separate, explicit, and valid marketing consent from the participant.
If an organizer wants to send marketing messages, invitations to future events, sponsor messages, newsletters, or promotional offers, the organizer must use a separate consent mechanism outside the normal registration process.
No Sale of Personal Data
Turnio does not sell, rent, or trade personal data. Participant data is used only for the purposes described in this Privacy Policy, for providing the platform, supporting the organizer, complying with legal obligations, and protecting the platform.
Official Results and Historical Records
Archery competitions often require start lists, rankings, results, and historical records. Some information may therefore be retained or published where necessary for official sporting purposes, transparency, records, rankings, or legitimate event administration.
A participant may request deletion of personal data. However, complete deletion may not always be possible where data is part of official competition results, legal obligations, accounting records, dispute records, or legitimate historical sporting records.
Data Deletion Requests
Participants may contact the event organizer directly with data access, correction, or deletion requests.
Participants may also contact Turnio at privacy@turnio.com. Where Turnio acts as Data Processor, Turnio will forward or coordinate the request with the relevant organizer.
The organizer remains responsible for deciding how to respond to requests concerning participant registration data, unless Turnio processes the data for its own independent purposes.
Data Retention
Participant registration data is retained only as long as necessary for event administration, support, security, dispute handling, legal obligations, and official sporting records.
Organizer account and billing data may be retained for as long as the organizer account is active and for any additional period required by law, accounting rules, security needs, or legitimate business purposes.
Security logs are retained for a limited period necessary to detect abuse, investigate incidents, and protect the platform.
Security
Turnio uses reasonable technical and organizational measures to protect personal data, including access controls, authentication, secure sessions, rate limiting, server-side storage, protected uploads, and administrative permissions.
No system can be guaranteed to be completely secure, but Turnio aims to protect data against unauthorized access, loss, misuse, or alteration.
Data Subject Rights
Individuals may have the right to:
Requests concerning event registration data should normally be addressed to the event organizer. Turnio may assist with such requests where technically possible.
Registration Form Privacy Notices
For individual registration, the registration form displays:
For club or group registration where one person submits data on behalf of other archers:
Website Analytics and Service Improvement
Turnio may use analytics tools to understand how users interact with the website and platform, improve usability, identify errors, measure performance, and develop better event management features.
Analytics data may include pages visited, approximate location, browser type, device type, operating system, referral source, session events, feature usage, and similar technical information. Where possible, Turnio uses aggregated or pseudonymized analytics data.
Non-essential analytics cookies or similar technologies will only be used where legally permitted and, where required, after the user has given consent. Analytics data is not used as event registration consent and is not sold to third parties.
Marketing and Communication Preferences
Turnio may send service-related messages to organizers, including account notifications, security alerts, platform updates, billing information, publishing code messages, and important changes to the service or legal terms.
Turnio may send marketing communications about its own services only where it has a lawful basis to do so. Recipients can opt out of marketing messages where required by law.
Participant registration for an event does not give Turnio or the organizer permission to send marketing communications to the participant. Organizer marketing to participants requires separate valid consent or another lawful basis that clearly permits such communication.
Third-Party Service Providers and Subprocessors
Turnio may use trusted third-party service providers to operate and protect the platform. These may include hosting providers, email delivery services, analytics providers, support tools, security tools, payment or invoicing services, and professional advisers.
These providers may process limited personal data only where necessary to provide their services to Turnio or to support the platform. Turnio requires service providers to protect personal data and to process it only for authorized purposes.
Where Turnio acts as Data Processor for organizer participant data, relevant service providers may act as subprocessors.
Payments and Invoicing
Where Turnio uses payment processors, banks, accounting tools, or invoicing services, those providers may process payment, billing, or transaction data. Some payment providers may act as independent data controllers for fraud prevention, regulatory compliance, payment security, and financial processing.
Turnio does not intentionally store full card numbers unless explicitly stated. Payment details are normally handled by specialized payment providers.
International Transfers
Turnio aims to process and store personal data within the European Union or European Economic Area where practical. However, some service providers may process data in other countries.
Where personal data is transferred outside the EU or EEA, Turnio will use appropriate safeguards where required by law, such as adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms.
Aggregated and Anonymous Data
Turnio may create aggregated, statistical, or anonymous data from platform usage, event activity, or technical logs. This data does not identify individual users and may be used for reporting, service improvement, product development, security analysis, business planning, and public statistics.
Aggregated or anonymous data is not treated as personal data where it cannot reasonably identify an individual.
Links to External Websites and Third-Party Tools
Events published on Turnio may contain links to external websites, maps, documents, payment pages, federation pages, organizer websites, or other third-party services. These external services are not controlled by Turnio unless explicitly stated.
Users should review the privacy policies of external websites and services before submitting personal data to them.
Changes to This Privacy Policy
Turnio may update this Privacy Policy from time to time to reflect changes in the platform, legal requirements, service providers, security practices, or business operations.
Where changes are material, Turnio may notify organizers or users through the platform, by email, or by another appropriate method.
Contact
For privacy-related questions, data deletion requests, or GDPR inquiries:
privacy@turnio.com
For event-specific questions, participants should contact the organizer listed on the event page.
Ready to get started?
Run your event on Turnio.
Your data is in safe hands.
Publish your first archery event for €39. No subscription. No hidden fees.