Get in touch
085 - 0656234
Login
NL
EN
DE
Close Cookie Popup
Cookie Preferences
By clicking “Accept All”, you agree to the failure of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Strictly Necessary (Always Active)
Cookies required to enable basic website functionality.
Cookies helping us understand how this website performs, how visitors interact with the site, and whether there may be technical issues.
Cookies used to deliver advertising that is more relevant to you and your interests.
Cookies allowing the website to remember choices you make (such as your user name, language, or the region you are in).
Customise
Save
Decline All
Accept All

Data processing agreement

Parties:

  1. the private limited liability company AppyBee LTD (hereinafter: “the Processor”),
  2. the natural person/legal person with whom the processor has entered into a licensing agreement on behalf of the AppyBee (hereinafter: “the Controller”).

take into account that:

  1. As part of the execution of the license agreement applicable between the parties with regard to the AppyBee, the Processor will process personal data on behalf of the Controller;
  2. In this processing agreement, the parties wish to lay down the agreements about the processing of personal data by Processor;


Definitions

  1. GDPR: the General Data Protection Regulation (Regulation (EU) 2016/679) including the Implementing Act of this Regulation
  2. Data subject: the person to whom the Personal Data relates, as referred to in Article 4 (1) GDPR.
  3. Personal Data Breach: a security breach that accidentally or unlawfully leads to the destruction, loss, alteration, unauthorised disclosure or access to transferred, stored or otherwise processed personal data as referred to in Article 4 (12) GDPR.
  4. Main Agreement: the main agreement (s) concluded between Controller and Processor, including annexes, to which this Processor Agreement relates.
  5. Employees: Persons who work for Processing Manager or Processor, either employed or temporarily hired.
  6. Recipient: a natural or legal person, a government agency, a service or other body, whether or not a third party, to whom/to whom the Personal Data is provided.
  7. Parties: Controller and Processor.
  8. Personal data: all information about an identified or identifiable natural person (the Data Subject) that is processed under the Main Agreement as referred to in Article 4 (1) GDPR; an identifiable natural person is considered to be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more elements that characterize the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
  9. Sub-processor: another processor engaged by the Processor to Process Personal Data on behalf of a Data Controller.
  10. Processor: the natural or legal person, a government organization, a service or other body that processes Personal Data on behalf of the Controller as referred to in article 4 paragraph 8 of the GDPR.
  11. Processing/Processing: any operation or set of operations on Personal Data or all of Personal Data, whether or not by automated processes, such as collecting, recording, organizing, structuring, storing, updating or changing, retrieving, consulting, using, providing by transmission, dissemination or otherwise making available, alignment or combination, blocking, deletion or destruction of data as referred to in article 4 paragraph 2 of the GDPR.
  12. Controller: the natural or legal person, a government organization, a service or other body that, alone or jointly with others, determines the purposes and means of the Processing of Personal Data as referred to in Article 4 (7) GDPR.
  13. Data Processing Agreement: this Data Processing Agreement for establishing the agreements as referred to in article 28 paragraph 3 of the GDPR.

Applicability


  1. This Processing Agreement relates to the Processing of Personal Data by Processor on behalf of the Controller in the context of the execution of the Main Agreement.
  2. The nature and purpose of the Processing, the type of Personal Data, the categories of Personal Data, Data Subjects and Recipients are described in Annex 1.
  3. Processor guarantees to comply with the requirements of applicable laws and regulations regarding the Processing of Personal Data.

Duration and termination


  1. This Data Processing Agreement enters into force at the time the Main Agreement commences, or at a time to be determined by the parties.
  2. The Data Processing Agreement ends when the Main Agreement ends.
  3. Neither of the Parties can terminate this Data Processing Agreement prematurely, separately from the Main Agreement.
  4. Obligations that, by their nature, are intended to continue even after termination of this Processor Agreement will continue after termination of this Processor Agreement. These provisions include, for example, those resulting from the provisions concerning confidentiality, liability, dispute resolution and applicable law.

Processing


  1. Processor Processes the Personal Data only on the instructions and on the basis of written instructions from the Controller, subject to different legal regulations that apply to Processor. Processor does not process the Personal Data longer or more extensively than necessary for the execution of the Main Agreement.
  2. If, in the Processor's opinion, an instruction as referred to in paragraph 1 of this article violates a data protection law, it will inform the Controller prior to Processing, unless a legal regulation prohibits such notice.
  3. If Processor is required by law to provide Personal Data, he will inform the Controller immediately, and if possible prior to providing.
  4. Processor ensures that only its Employees have access to the Personal Data. The exception to this is the use of Sub-Processors in accordance with the provisions of article 11 of this Processor Agreement. Processor restricts access to Employees for whom access is necessary for their work, with access limited to Personal Data that these Employees need for their work. Processor also ensures that the Employees who have access to the Personal Data have received accurate and complete instructions on how to handle Personal Data and that they are familiar with the responsibilities and legal obligations.
  5. The controller is legally obliged to comply with current laws and regulations in the field of privacy. In particular, the Controller must determine whether there is a lawful basis for Processing the Personal Data. Processor ensures that it complies with the regulations applicable to him as a Processor in the field of Processing Personal Data and the agreements made in this Processor Agreement.
  6. The Processing takes place under the responsibility of the Controller. Processor has no control over the purpose and means of the Processing and does not make decisions about issues such as the use of Personal Data, the retention period of the Personal Data processed for the Controller and the provision of Personal Data to third parties. Controller must ensure that he has clearly established the purpose and means of the Processing of the Personal Data.
  7. In case of cancellations, AppyBee reserves the right to charge cancellation costs. The costs are €19 excluding VAT per return. These costs are either deducted from the Licensee's current balance, or an invoice with a payment link is sent. The first cancellation is free of charge.

security


  1. Processor has taken the security measures listed in Appendix 2 that accompanies this Processing Agreement. When taking the security measures, the risks to be mitigated, the state of the art and the costs of the security measures were taken into account. In any case, these security measures include:
    1. the ability to ensure the confidentiality, integrity, availability and resilience of processing systems and services on an ongoing basis;

    1. the ability to restore the availability and access to the Personal Data in a timely manner in the event of a physical or technical incident;
    2. a procedure for regularly testing, assessing and evaluating the effectiveness of the technical and organizational measures to secure Processing.
  2. Controller is well informed about the security measures taken by Processor and believes that these measures have a level of security appropriate to the nature of the Personal Data and the scope, context, purposes and risks of the Processing.
  3. The parties acknowledge that ensuring an appropriate level of security can continuously force them to take additional security measures. Processor guarantees a level of security tailored to the current risk. Processor will inform Controller if one of the security measures changes substantially.
  4. Processor offers appropriate guarantees for the application of the technical and organizational security measures with regard to the Processes to be performed. If the Controller wants to have the way in which Processor complies with the security measures inspected, the Controller can make a request to Processor to do so. Processor and Controller will jointly make agreements about this. The costs of an inspection are borne by the Data Controller. Controller provides Processor with a copy of the inspection report.
  5. Processor will not Process or have Personal Data Processed by itself or by third parties in countries outside the European Union (“EU”) unless it has obtained explicit prior written consent from the Controller.

Train athletes, not your administration skills

Stop struggling with your administration. With our all-in-one software for gyms and (combat) gyms, you can save up to 15 hours a week of administrative work, never have to run after payments again, and update your access control.

Try AppyBee free for 14 days
We'll arrange your switch
Schedule a free demo
support@appybee.nlinfo@appybee.nl+31 (0) 85-0656234CoC: 207553379
Sitemap
RatesReferencesBlogAbout usOnline demoGeneral terms and conditionsPrivacy statementAVG
Functions
Agenda & scheduleMember administrationApp & linkMessaging & marketingPayment & InvoicingAccess controlCustomer notes & progressSeparate training coursesStrip cardsSubscriptionsIntake forms
Branches
(Kick) Boxing and Martial Arts
Fitness Studio
Group Lessons and Bootcamp
Yoga and Pilates
Sports clubs
Dance schools
EMS Studios
Personal trainers
Group lessons by Physical Therapists
support@appybee.nlinfo@appybee.nl+31 (0) 85-0656234CoC: 207553379
© 2025 AppyBee