Privacy Policy

Last updated: 11 December 2025

We are required to collect and process data concerning individuals for the purposes of our business. The processing of this data is subject to personal data protection regulations, in particular the General Data Protection Regulation (GDPR).

Through this Policy, we inform you about how we use your data and your rights in relation to the use of such data.

  1. Identity of the Data Controller

This Policy applies to the processing of personal data by:

Amissos Sports and Entertainment B.V.
Registered address: Prof. W.H. Keesomlaan 5, 1183DJ Amstelveen, the Netherlands
Chamber of Commerce (KvK) number: 72047100
Email (privacy inquiries): compliance@corexholding.com
Telephone: +31 (0)20 441 19 58

The company is the controller within the meaning of Article 4(7) of the GDPR.

If you have any questions about this Privacy Policy or your rights, you may contact us at the details above.

  1. Types of Personal Data We Process

We may process the following categories of personal data when you use our website:

2.1. Browsing Data

Automatically collected technical information, including:

  • IP address;
  • Browser type and version;
  • Device information;
  • Date and time of access;
  • Pages visited;
  • Referrer URL;
  • Log files and technical identifiers.

2.2. Data Provided Voluntarily

When you submit information through website forms, we may collect:

  • Name;
  • Email address;
  • Telephone number;
  • Any other information voluntarily provided in the message or attachments.

2.3. Cookies and Similar Technologies

We use technical/functional cookies, and—only with your consent—profiling cookies.
For more information, please see our Cookie Policy.

  1. Purposes and Legal Bases of Processing

We process your personal data for the following purposes:

3.1. To Provide Requested Services

  • Handling contact requests or enquiries.
    Legal basis:
  • Performance of a contract or steps prior to entering a contract (Art. 6(1)(b) GDPR);
  • Legitimate interest (Art. 6(1)(f) GDPR) in responding to general enquiries.

3.2. Website Functionality and Security

  • Ensuring the website functions properly;
  • Maintaining server logs for security and fraud prevention.
    Legal basis:
  • Legitimate interest (Art. 6(1)(f) GDPR) in providing a secure and functioning website.

3.3. Website Analytics and Improvement

  • Analysing website usage to improve performance and user experience.
    Legal basis:
  • Consent (Art. 6(1)(a) GDPR) for non-essential cookies;
  • Legitimate interest (Art. 6(1)(f) GDPR) for aggregated/anonymous analytics.

3.4. Compliance with Legal Obligations

  • Record retention, responding to authorities, and fulfilling statutory duties.
    Legal basis:
  • Legal obligation (Art. 6(1)(c) GDPR).

You may withdraw your consent at any time by contacting us or using unsubscribe options where available.

  1. Methods of Processing

Data processing is carried out using electronic and/or manual tools with adequate security measures.

  1. Recipients of Personal Data

We do not sell your personal data. In the course of its activities, the company may transfer certain personal data to third parties when necessary for the performance of contracts, compliance with its legal obligations or the defense of its interests. These third parties may include, as necessary:

  • Service providers (e.g., website hosting, IT support, analytics partners);
  • Professional advisors (e.g., legal or accounting firms);
  • Authorities where legally required;
  • Affiliates or partners only where necessary to provide requested services.

All third parties receiving personal data are bound by contractual confidentiality and data-protection obligations.

  1. 6. International Transfers

The company may transfer personal data to countries outside the European Economic Area (“EEA”). In order for the personal data of the data subject to be transferred to countries outside the EEA, the country to which the personal data is to be transferred must be one of the countries offering an adequate level of protection in accordance with the decisions of the European Commission. If the country to which the personal data is to be transferred is not among the countries offering an adequate level of protection in accordance with the decisions of the European Commission, the company shall transfer the data on the basis of the following, as applicable:

  • standard contractual clauses published and/or approved by the European Commission. If the above conditions are not met, the transfer may be carried out in the following exceptional circumstances, in accordance with the GDPR:
    • if the data subject has given their explicit consent;
    • if the data subject enters into a contractual relationship that requires the transfer of data abroad;
    • if a contract is concluded or performed between a data controller and a third party for the benefit of the data subject;
  • for the purpose of establishing, exercising or defending legal claims.

You may request a copy of the safeguards by contacting us.

  1. 7. Retention Periods

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer period is required by law.

After retention periods expire, data is deleted or anonymized.

  1. 8. Your Rights Under the GDPR

Data protection regulations grant you rights, including those summarized below, but which may be subject to limitations or conditions:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right not to be subject to automated decision-making (Art. 22 GDPR)

To exercise your rights, contact us at compliance@corexholding.com

We will respond within one month, which may be extended by two months for complex requests (you will be informed if extension is necessary).

  1. 9. Right to Lodge a Complaint

If you believe your personal data is not processed in accordance with the GDPR, you have the right to lodge a complaint with the:

Autoriteit Persoonsgegevens (Dutch Data Protection Authority)

Hoge Nieuwstraat 8

2514 EL Den Haag
https://autoriteitpersoonsgegevens.nl/

We encourage you to contact us first so we can address your concerns.

  1. 10. Security Measures

The company implements appropriate technical and organizational measures to ensure the security and confidentiality of personal data. They include:

  • Network security and application security are ensured.
  • Security measures are taken for the provision, development and maintenance of IT systems.
  • Security is ensured for the personal data stored in cloud.
  • Disciplinary regulations are put in place which contain provisions governing data security for employees.
  • Access logs are kept regularly and in a manner that does not allow user intervention.
  • Corporate policies are prepared and started to be implemented for access, information security, usage, retention and disposal.
  • Data masking methods are used when needed.
  • Personal data are shared with third parties upon being anonymized.
  • Confidentiality undertakings are provided.
  • Undertakings are provided regarding the Protection of Personal Data.
  • The authorizations of the employees whose positions have been changed or who quit job are cancelled.
  • Up-to-date anti-virus systems are used/
  • Firewalls are used.
  • Personal data security policies and procedures are defined.
  • Personal data security is monitored.
  • Necessary security measures are taken for access to and exits from physical environments containing personal data.
  • The security of physical environments containing personal data is ensured against external risks (fire, flood, etc.).
  • The security of environments containing personal data is ensured.
  • Personal data are reduced as much as possible.
  • Personal data are backed up, and the security of the backed-up data is also ensured.
  • Attack detection and prevention systems are used.
  • Penetration test is implemented.
  • Encryption is performed.

These measures help protect personal data from unauthorised access, loss or alteration.

  1. Cookies

Our website uses:

  • Technical cookies (required for website functionality)
  • Profiling cookies (with consent)

Full details, including cookie types, retention, and consent management, are available in our Cookie Policy.

  1. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Updates will be published on this page with a revised “Last updated” date.

We encourage you to review this page periodically.

  1. Contact

For any questions or to exercise your GDPR rights, please contact us at the address, email and phone number stated int he beginning of this Policy.