Mobile apps - Ensuring Users’ Privacy and Data Protection

The physical safety of spectators, is of paramount importance for every sports venue operator around the world. Along with physical safety, the protection of users’ privacy is also very important. The operation of mobile apps is subject to compliance with applicable privacy and data protection regulations, such as the GDPR (General Data Protection Regulation) in Europe. Hence, venue operators must safeguard users’ trust on the app, while avoiding the risks of regulatory penalties. In this direction, the apps must be designed and implemented in-line with privacy and data protection principles (e.g., privacy-by-design). GDPR provides a good framework for identifying and embedded appropriate best practices in the design of the mobile apps.


Specifically:

  • The Spectator’s app should be compliant with the privacy-by-design principle of the GDPR regulation. As such it should not gather, use, process or forward any user information such as personal information or the network address of the user’s smartphone. Furthermore, the location of the fan must not be tracked even when the application is active. User location will be tracked only when an evacuation alert is issued. As soon as this happens a relevant message (i.e., that an emergency has been declared) will be send to the application. Moreover, all the data collected will be deleted as soon as they are no longer needed (e.g., after the end of an emergency). The information gathered from the app must be shared with first responders, only for the duration of evacuation and following the official issue of an evacuation alert. It must be also noted that the application will be functional only in the premises of the stadium’s operator. No data will be collected for any reason outside the stadium. Leveraging the above-listed principles a GDPR compliant operation of the app can be guaranteed.

  • The Steward’s app should operate with its users informed about the operations of the app. The basic functionality of the steward’s app is to advance the communication and cooperation between the safety personnel. To coordinate the activities of the stewards, the security operator needs to know their location in the venue. The stewards will all be informed about the app’s functionality, the need for tracking their location, and the way their personal data will be handled. Based on this information, stewards will give their consent for the operation of the app.