Sorare is a sports entertainment platform where sports fans (“you,” or “User”) can engage with their favorite athletes and teams and build connections with the global sports community.
We collect and process a limited amount of Personal Data for specific purposes, such as allowing you to access the Services, making the Services fun and easy to use, improving your experience and preventing fraud. Whenever we collect your Personal Data, and for whatever purposes, we are committed to always collecting the minimum amount of Data that is necessary for the relevant purpose.
This section provides more information regarding what Personal Data we collect, what we process that Personal Data for and the legal basis for each specific processing purpose.
NFT. Blockchain is at the core of the Services that Sorare provides. This technology in the form of non-fungible-tokens (NFT) creates the verifiable authenticity, scarcity, and interoperability of your Collectibles.
Layer 2 and ZKP. To provide you with the best experience, Sorare has partnered with Starkware to further build on the Ethereum public blockchain with Zero Knowledge Proof (“ZKP”) technology. This infrastructure allows Sorare to benefit from a Layer 2on top of the Layer 1 Ethereum public blockchain. This Layer 2 employs a ZKP data rollup which processes transaction data, updates the Layer 2 state and then offloads the compressed Layer 2 state to the Layer 1 Ethereum blockchain for reference. From a data protection perspective, the rollup generates cryptographic receipts that confirm the authenticity of transaction data without publishing or storing Personal Data about the transaction participants on the Layer 1 Ethereum public blockchain.
Account Information. Sorare will keep your Personal Data until the closure of your account. However, where required or allowed by applicable law, if Sorare needs to retain certain Personal Data beyond the date of closure of your account, then the maximum applicable retention period will apply, pursuant to the applicable statutory limitation periods. This period will not exceed the period for which the Company must retain the Data.
Website Use. Personal Data processed by or on behalf of Sorare for the purposes of analytics or other study or analysis will not be retained by Sorare after such studies have been completed and the relevant reports, outputs and/or insights have been produced.
Access to the Services. Personal Data processed for the use of the Services will only be kept for fifteen (15) months from the date of the relevant activity.
Blockchain Technology. Personal Data processed and logged on a blockchain in connection with your transactions on Sorare will be stored in an immutable way. Please see “Blockchain technology” section above to better understand what categories of information are logged on the public Ethereum blockchain and what measures have been implemented by Sorare to protect your Personal Data.
Terms Compliance. Website and Account Security. Personal Data processed for fraud prevention will be kept for three (3) years after the relevant data has been included on an alert list. Personal Data processed for security matters will be kept for five (5) years from the last account login or suspicious activity.
User Requests and Communication. For management of your questions and/or requests, Sorare will retain your Personal Data for a maximum of three (3) years after the last time you reached out to us.
Notwithstanding the above, Sorare may store some Personal Data for a longer duration pursuant to its legitimate interests and applicable legal obligations. When the relevant retention period expires, Sorare will delete your Personal Data or apply adapted measures to the relevant data to ensure that you can no longer be identified. If Sorare concludes that it is not necessary to keep your Personal Data in its active database, it will archive the relevant Data. For all active and archived Data, Sorare will ensure that access to the relevant Data is restricted to a limited number of persons with a genuine need to access it.
Sorare may use Third-Party Service providers and other third parties (“Processors”) to facilitate, maintain, improve, analyze, and secure the Website, App, and Services. Processors may have access to Personal Data for the sole and exclusive purpose of carrying out the processing activity assigned to the relevant Processor by Sorare. Sorare ensures that the service providers have sufficient guarantees for the performance of the processing activity and comply with the applicable laws and regulations.
Personal Data may be processed outside the European Economic Area (“EEA”). When Data is transferred outside of the EEA, Sorare will take all necessary precautions, and alternatively or cumulatively: (i) ensure that the European Commission has taken an adequacy decision regarding the country of destination, (ii) that model contractual clauses adopted by the European Commission or the supervisory authority have been signed with the recipient, (iii) that the recipient adhered to an approved code of conduct or certification mechanism, etc.
The Company shares your Personal Data with Third-Party Service providers and suppliers which assist the Company for fulfilling the purposes specified in this Policy.
At Sorare, we are committed to providing an open platform for our community of Users and developers to build upon new services, games, or applications. To this end, we provide access to an Application Programming Interface (API) allowing authenticated and authorized users to access more conveniently to some public Users’ information published on Sorare’s Website:
Please note that the following information is never shared through our API:
Partner Sports Leagues, Teams, and Clubs
Judicial and Governmental Authorities
We take sharing your Data seriously. Whenever we share your Personal Data with any of the above recipients, we do so on a strictly need-to-know basis and only as necessary for fulfilling identified processing purposes.
The Website, App, and Services are intended for use by individuals eighteen (18) years old or older. Pursuant to the Terms and Conditions, the Website, App and Services are not available for Users under 18 years old.
Most applicable data privacy laws (including the European Union’s GDPR, and some American states’ laws, including but not limited to the CCPA) have granted individuals rights in connection with their Data and how that Data is processed. The below section is intended to inform you of your rights in connection with your Personal Data. Please note that all requests pursuant to this section will be processed in accordance with the applicable European laws (notably GDPR) disregarding your location or country of residence but our answers may be adapted to comply with local laws requirements.
You have the right to access your Personal Data, correct it, move it, delete it and a right to restrict how your Data is processed. You also the right to specify instructions defining the way Personal Data shall be managed after your death.
Deletion of User account
Protecting your Personal Data and complying with the applicable data protection legal framework are two of Sorare’s top priorities and we need your help to be successful. By agreeing to this Policy, you agree to keep your Data on Sorare up-to-date, and only provide accurate and current Personal Data. Additionally, if you send us any information that would allow us to identify, directly or indirectly, any other individuals, you represent and warrant that, prior to sharing this information, such other natural persons have been provided with this Policy and, to the extent applicable, have consented to the processing of their Data.
Sorare has implemented and maintains measures to protect the confidentiality, security, and integrity of your User account and Personal Data against unauthorized access and disclosure, modification, alteration, damage, accidental loss or accidental or illicit destruction, as well as against any other form of unauthorized processing or disclosure.
We recommend you observe security best practices, including storing your account information securely and not sharing account information. Please note that our backup services will not make a backup of your data to your personal, local storage or drive; we recommend you use a secondary backup source and/or other best practices for the preservation of data. Additionally, we recommend you enable two-factors-authentication, choose a strong password and/or use a password manager for any and all password protected features of your User account and your User account itself.
Sorare recognizes the importance and value of security researchers’ efforts in helping keep our community safe. We encourage responsible disclosure of security vulnerabilities via our bug bounty program (“Bug Bounty Program”) described on this page.
Sorare reserves the right to change this Policy as necessary, as the Service evolves or as required by applicable laws. Any material Policy changes will be communicated to you. When using the Services, you are deemed to have accepted the terms of the Policy, as published on our Website.
The Policy is governed and interpreted according to French and European law. However, if you are a consumer and resident of any European Union country you will benefit from mandatory provisions of, and legal rights available to you under, the laws of that country. Nothing in this Policy affects your rights as a consumer to rely on these local law mandatory provisions and legal rights.
Where allowed or required by applicable law, you agree that the courts of France will have exclusive jurisdiction. However, if you are a consumer and a resident of any other European Union member, you and Sorare may also bring proceedings in that country.