Terms of Use – Innovatise GmbH

 

1. General – Scope

• The following terms of use apply to all business between the Customer and Innovatise UG (limited), hereinafter referred to as “us” or “we”. If these terms of use are updated, the version that applies is that which was current when the contract was completed.
• Differing, conflicting or additional customer terms and conditions, even if known, are not part of this contract, unless their validity is expressly agreed. Their validity is expressly excluded.

2. Contract

• Our offers are non-binding. Technical and other changes remain reserved within reasonable
• With the order the Customer makes a binding contract offer. We will confirm receipt of the Customer’s order immediately. The receipt does not constitute a binding acceptance of the order. The receipt can be combined with the declaration of The contract is made with the confirmation of the acceptance.
• The deadline for submission of the declaration of acceptance in paragraph 2.2 is 14 days, starting at the receipt of the contract offer by us. For a rejection the same rules apply. The confirmation of receipt and acceptance shall be made by letter, fax or If you do not send us an acceptance and you take up the Services we provide, it shall be assumed that you have accepted this contract as if you had sent an acceptance.

3. Scope of Services

• The contract is to allow the use of the software solution myFitApp for customer retention and acquisition by leisure operators. The Services consist of a Private Label application for iPhone and Android smartphone and an online web cockpit content management platform. The Customer can make online content available to their members, which can be accessed through the phone application.
• The Services include Smartphone applications provided free for end users to download from the Apple App Store and Google Play Store (“App Stores”), unless otherwise agreed or specified in the product information. The phone applications appear under the product name and product icon provided by the Customer which are shown on the Smartphone Home screen of the end user. The compatibility with Smartphone devices is indicated in the application description in the App Stores.
• The smartphone applications load content via the Internet. The speed of updating of the applications may therefore vary because it depends on the current reception quality of the mobile phone or WiFi connection.
• The web cockpit content management platform can be used with the following Internet browsers: Internet Explorer 0, 10.0, Firefox 3.6, 3.5, Google Chrome 7 / 8, Safari (Mac)

5. Use requires an Internet connection of at least 1Mbps.

• We provide availability of the product content management system of 99% as an annual average. If the security of the system operation or maintenance of system integrity is compromised, we may restrict access to the Services or temporarily block access and this shall not count against the 99% availability.

• The scope of the Services may vary depending on the order information, the order and any available special offers.
• Support services and services for managing the content are not included in our standard services. If these are desired, they can be agreed on separately and/or delivered by partner
• The Customer can use the product for the licensed number of clubs. Any further use, such as use of a club license for an additional club is not permitted, unless specifically agreed in writing. In the event of violations of these license terms, we have the right to restrict access to the Services or to terminate them.
• The Private Label Edition is provided as part of the myFitApp solution which uses the Customer’s own phone app icon and start logo, and limits the club search to only the Customer’s clubs. Improvements and updates to the standard version of myFitApp are incorporated into the Private Label Therefore, no further customization or other changes are required and we is not obliged to make such changes.
• We have a copyright in the administration view that lists the product name and company name. This is also present in the Private Label Edition.
• From time to time we may offer to the Customer optional upgrades or add-on features to the Services. We may at our discretion choose to levy additional charges for these upgrades or new
• Some features in the Services may use APIs (application programming interfaces) or web functionality from 3rd The Customer may need to purchase a license from the 3rd party to use such an API or web functionality to enable these features in myFitApp. It the Customer fails to do this or if a 3rd party withdraws access to an API or web functionality, we shall not be liable for any resulting damage to the Customer and this does not release the Customer from their obligation to pay for the Services.

 

4. Customer Data

• “Customer Data” means all content (including articles, documents, brochures, presentations, pictures, images, videos, audio visual works, other informational materials and any comments) uploaded to or stored on the Platform by the Customer; transmitted by the Platform at the instigation of the Customer; supplied by the Customer to us for uploading to, transmission by or storage on the Platform; or generated by the Platform as a result of the use of the Services by the Customer.
• The Customer hereby grants us for the duration of the Term a non-exclusive license to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Customer Data to the extent reasonably required for the performance of our obligations and the exercise of our rights under this Agreement, together with the right to sub-license these rights to our hosting, connectivity and telecommunications service providers, to the extent reasonably required for the performance of our obligations and the exercise of the our rights under the Agreement.
• When Customer Data is transmitted to us, the Customer should retain a backup copy. Customer Data in the content management system is regularly backed up, the Customer accepts that it is its responsibility to maintain a back-up copy of the Customer Data that is uploaded onto the Platform, and that, in the circumstances where the Customer or we accidentally delete from the Platform some or all of the Customer Data in error it is the Customer’s responsibility to reload the data back onto the Platform at no charge to us. The provisions of Section 8 below are also explicitly pointed out.

• In order to manage the Services the Customer shall receive a user ID and password. the Customer is obliged to treat these as confidential and shall be liable for any misuse resulting from the unauthorized use of the If the Customer becomes aware that unauthorized third parties know the password, they must inform us immediately. If, through the fault of the Customer a password is used by a third party, the Customer is liable to us for all user fees and damages. If the Customer has doubt about the security of a password, they may request a new password which we shall then send to them.

5. Privacy Policy

• Personal data of Customers will only be collected and used for the fulfilment of the contract. The Customer undertakes to promptly inform us about changes in the contract data (such as bank details, contact person).

• We shall use the e-mail addresses of Customers only for communicating information relating to the orders, invoices and, if the Customer does not object, for Customer care and a Customer newsletter.
• We will not share personal Customer information to third parties except our distribution partners and service partners who may be located in non-European countries where this is necessary for determining fees, Customer billing and operation and development of the
• Customers can find our Privacy Notice on our website at here.

6. Published content and Use

• The Customer agrees that connected with the contract it shall not publish any content that violates the rights of third parties or otherwise violates the law. The placement of pornographic, extremist or immoral content is expressly forbidden. We have the right to terminate Customer’s access in the event that they violate this. The same applies in the event that the Customer publishes content that is likely to injure the reputation of a third party, to offend or disparage individuals or groups or to compete with A mere suspicion is sufficient reason for us to block content. We are not obliged to check the Customer contents, not even when we are posting that content on behalf of the Customer.
• The Customer is solely responsible for the content they This also applies to any material posted or published through the phone application. In the phone application any published content is publicly available over the Internet just like publishing it on a Web page. The provisions of Section 8 below are also explicitly pointed out.
• The Customer agrees to only set-up and use the product for the purpose intended in the product description and consistent with industry Inappropriate use is, amongst other things, any use or integration of product interfaces to other systems or resale of the product, if not agreed upon by us before in writing. In the case of inappropriate use we are entitled to limit access to the Services or to terminate this contract and the Services.

• The Customer agrees to meet the requirements of the provisions laws in their territory relating to Tele-Media, Telecommunications and Data Protection.
• Publicity: Unless agreed otherwise in writing, (a) we may refer to the Customer’s name, logo, screenshots and any created App, for promotional and marketing purposes, and (b) we may display Customer Data on our websites, marketing collateral and social media in a manner reasonably acceptable to you. We agree that, as between the parties this Agreement does not confer on us any right of ownership in the Customer Data and all uses by us of logos will inure to the benefit of the respective owners of the logos.
• The Customer shall not reverse engineer or access the Services in order to (a) build or engage a third party to build a competitive product or service, (b) build a product using our intellectual property, or (c) copy any ideas, features, functions or graphics of the Services except as provided for in writing by The provisions of this Paragraph 6.6 shall survive the termination or expiry of this Agreement.

7. Intellectual Property Ownership

• We alone shall own all right, title and interest, including all related Intellectual Property Rights, in and to the Services including any suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by Customer or any other party relating to the Service if incorporated into the Services. This Agreement is not a sale and does not convey to the Customer any rights of ownership in or related to the object code or source code for the Services, our technology or the Intellectual Property Rights owned by us. Our myFitApp name, our myFitApp logo, and the product names associated with the Services are our trademarks or third parties, and no right or licence is granted to use them, except as permitted herein or in other written agreement executed by us. The provisions of this Clause 7.1 shall survive the termination or expiry of the Agreement.

8. Liability

• If our contracted service specified in paragraph 3.1 is subject to errors, which significantly affect the usability of the service for the Customer, then the Customer shall request that we correct the errors and will allow us up to three attempts at repair over a reasonable grace
• If we fail to correct the errors notified as in paragraph 8.1 despite three attempts within a reasonable period, the Customer is entitled to choose to pay a reduced fee or to rescind the
• We are not responsible for errors that are attributable to a breach of the Customer’s obligations under Section 6 or for errors caused by third parties (for example, a communication network operator).
• We shall are not be liable to the Customer in respect of any loss or corruption of any Customer Data, or other information belonging to the Customer or any other third party.
• We are only liable for damages to the Customer, if the damage was caused by us, our employees, legal representatives or other agents deliberately or through gross negligence. Otherwise we are liable only for foreseeable damages that are an essential breach of our contractual obligations, including obligation to provide the content management system. Liability is excluded for the Customer loss of profit, the Customer incurring additional costs, indirect damages, consequential damages, damages that are caused by third-party telecommunications infrastructure, as well as damage caused by irregular behaviour of the Customer listed in Sections 4 and 6 of this agreement.

• The foregoing limitations of liability do not apply to cases of mandatory product liability as well as harm to life, limb or health.
• We are not liable for damages resulting from Force These are caused by natural events, military actions, contract disputes or similar events.
• The provisions of this Section 8 shall survive the termination or expiry of the

 

9. Force Majeure

• The obligations of each party under this Agreement shall be suspended during the period and to the extent that that party is prevented or hindered from complying with them by any cause beyond its reasonable control including (insofar as beyond such control but without prejudice to the generality of the foregoing expression) strikes, lock-outs, labour disputes, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, failure of computers and computer systems, fire, flood, storm, difficulty or increased expense in obtaining workmen, materials, goods or raw materials in connection with the performance of this Agreement.
• In the event of either party being so hindered or prevented, such party shall give notice of suspension as soon as reasonably possible to the other party stating the date and extent of the suspension and its Any party whose obligations have been suspended as aforesaid shall resume the performance of those obligations as soon as reasonably possible after the removal of the cause and shall so notify the other party. In the event that the cause continues for more than 6 months either party may terminate this Agreement on 30 days’ notice.

10. Terms of payment

• The prices quoted in the order shall
• Charges for the Services shall be invoiced annually by email to the nominated Customer representative and are non-refundable. The first year’s Services shall be invoiced once the Customer has access to their account on the web cockpit.
• Payment to us shall be made in the agreed currencies by electronic bank transfer to the account notified on the Order.
• Charges shall be payable within 10 (ten) business days of the date of the invoice issued by
• We shall be entitled, without further notice, to charge interest on late payments at the Bank of England base rate plus 8%.
• We are also entitled, in case of default by a significant portion of the fee by more than 1 month to lock and suspend all Services to the Customer.
• Invoices are sent by e-mail as
• We reserve the right to change the prices and/or nature of our Services by giving you 30 days written notice of those changes. Notice of changes to prices and/or Services will be given by email to the email address we hold for your account. Any price change will take effect automatically upon a renewal of the Agreement.

11. Term / Termination / Performance

• Unless otherwise contractually agreed, the contract has a term of 36 months (“Term”).
• Unless otherwise agreed, the contract may be terminated without reason by either party giving notice within a period of three months of the end of the Term and shall be automatically extended by 12 months if not A termination notice can only be made in writing by letter or email.
• Either party has the right to terminate the contract for good Such causes for us would be, for example, if the Customer is in default for two consecutive months with a significant portion of the fees unpaid, or is in breach of its obligations under section 6.
• The place of law for all disputes arising under this contract is England and We are also entitled to sue in the location of the Customer.
• If the Customer intends to assign its contractual rights to another entity, the Customer requires our consent. A request to transfer contractual rights can only be made in writing by letter or The request must be signed in person by both the current and the new parties.

12. Cancellation

• Withdrawal: You may withdraw your contractual statement within 7 working days by notifying us in writing (e.g. letter, e-mail) without giving reasons. The time limit begins after receipt of this notification in writing, but not prior to closing and fulfils our obligations under the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations The revocation period is sufficient to send the revocation. The revocation must be sent to: Innovatise UG (limited), Wallstrasse 12a, 61440 Oberursel, Germany.
• Consequences of Cancellation: In the event of an effective cancellation or termination, there may be mutually received If we have provided the Services in whole or in part, or only in deteriorated condition, you must pay us compensation for these Services. This may mean that you must fulfil the contractual payment obligations for the period until the cancellation. Obligations to reimburse payments must be made within 30 days. The 30 day period begins for the canceller with the dispatch of the cancellation notice for the recipient with the receipt of the cancellation notice.

• Special Notes: Your right of cancellation expires prematurely if the contract is fulfilled by both sides on your specific request, unless you have exercised your right of cancellation.

13. App Store Service Provision

• The Customer wishes us to submit, maintain and administer apps on its behalf in the Google Play Store and Apple App Store (the “App Stores”).
• Apple requires that the Customer applies for its own Apple Developer Account and pay the appropriate fees (currently £79 per annum including VAT). The Customer agrees to obtain such an account and to invite us to have a login with administrator role on its Apple Developer Account and iTunes Connect account and to ensure we can create the certificates and resources required to submit the apps.

• When acting as a Service Provider to the Customer as defined in the Apple Developer Program License Agreement we agree to act in accordance with the terms of the Apple Developer Program License Agreement.
• We may submit one or more apps to the App Stores and manage them on the Customer’s behalf. The Customer hereby authorizes us to manage the App Stores entries on its
• The Customer acknowledges that if it makes changes to the settings of the app in its App Store Account that result in the app no longer working as required or prevents our normal processes from operating and we are required to remedy the situation, we may charge to do
• The Customer acknowledge that it needs to renew its Apple Developer Account annually, pay for this and accept changes in Terms and Conditions made by Apple from time to time and if it fails to do this the app may become unavailable and/or we may not be able to submit
• The apps must be tested and approved by Google and Apple (the “App Store Owners”) before they are permitted in the App The testing times and the results of this approval are not predictable. We shall not be liable for damages caused by the duration of this process or non- approval by an App Store Owner.
• If for whatever reason an App Store Owner rejects the app submission or resubmission, the Customer and we shall use reasonable endeavours to modify the app and/or content to gain approval in a timely Should an App Store Owner require major changes in the app as determined by us this shall be considered a Force Majeure event as defined in section 9 of these Terms of Use.
• We shall not be liable to the Customer in respect of any loss incurred through us having access to the your Apple Developer Account including any changes made to other apps which may be managed on the same Apple Developer Account.

DATA PROCESSING

 

14. DEFINITIONS

• The terms “process/processing”, “data subject”, “data processor”, “data controller”, “personal data”, “personal data breach”, and “data protection impact assessment” shall have the same meaning ascribed to them in Data Protection Laws;
• “Authorised Sub-processors” means (a) those Sub-processors (if any) set out in Annex 2 (Authorised Sub-processors); and (b) any additional Sub- processors consented to in writing by the Customer in accordance with section 18.1;
• “Contract” means the contract as defined in section 2;
• “Data Protection Laws” means in relation to any Personal Data which is Processed in the performance of the Contract i) until 25 May 2018, EU Directive 95/46/EC, as transposed into domestic legislation of each Member State; ii) on and from 25 May 2018 the General Data Protection Regulation (EU) 2016/679 (“GDPR”); iii) EU Directive 2002/58/EC on privacy and electronic communications, as transposed into domestic legislation of each Member State; and

1. iv) any applicable decisions, guidelines, guidance notes and codes of practice issued from time to time by courts, supervisory authorities and other applicable government authorities; in each case together with all laws implementing, replacing, amending or supplementing the same and any other applicable data protection or privacy laws;

• “EEA” means the European Economic Area;
• “Personal Data” means the personal data described in Annex 1 (Details of Processing of Personal Data) and any other personal data processed by us on behalf of the Customer pursuant to or in connection with the Contract;
• “Services” means the services described in section 3;
• “Standard Contractual Clauses” means the standard contractual clauses for the transfer of personal data to processors established in third countries, as approved by the European Commission in Decision 2010/87/EU, or any set of clauses approved by the European Commission which amends, replaces or supersedes these;
• “Sub-processor” means any data processor (including any of our affiliates) appointed by us to process personal data on behalf of the Customer;
• “Supervisory Authority” means (a) an independent public authority which is established by a Member State pursuant to Article 51 GDPR; and (b) any similar regulatory authority responsible for the enforcement of Data Protection Laws;

 

15. PROCESSING OF THE PERSONAL DATA

• The Parties agree it is their intention that the Customer is a data controller and that we are a data processor for the purposes of processing Personal Data.
• Each party shall at all times in relation to processing connected with the Contract comply with Data Protection Laws.
• We shall only process the types of Personal Data relating to the categories of data subjects for

the purposes of the Contract and for the specific purposes in each case as set out in Annex 1 (Details of Processing of Personal Data) and shall not process, transfer, modify, amend or alter the Personal Data or disclose or permit the disclosure of the Personal Data to any third party other than in accordance with the Customer’s documented instructions (whether in the Contract or otherwise) unless processing is required by applicable law to which we are subject, in which case we shall to the extent permitted by such law inform the Customer of that legal requirement before we process that Personal Data.

• We shall immediately inform the Customer if, in our opinion, an instruction pursuant to the Contract infringes Data Protection Laws.
• The Customer warrants to us that all data subjects of the Personal Data have been or will be provided with appropriate notices and information to establish and maintain for the relevant term the necessary legal grounds under Data Protection Laws for transferring the Personal Data to us to enable us to process the Personal Data in accordance with this Contract.

 

16. PROCESSOR PERSONNEL

• We shall treat all Personal Data as strictly confidential and shall inform all its employees, agents, contractors and/or Authorized Sub- processors engaged in processing the Personal Data of the confidential nature of such Personal Data.
• We shall take reasonable steps to ensure the reliability of any employee, agent, contractor and/or Authorized Sub-processor who may have access to the Personal Data, ensuring in each case that access is limited to those persons or parties who need to access the relevant Personal Data, as necessary for the purposes set out in section 15.1 above in the context of that person’s or party’s duties to us.
• We shall ensure that all such persons or parties involved in the processing of Personal Data are subject to:
  • confidentiality undertakings or are under an appropriate statutory obligation of confidentiality; and
  • user authentication processes when accessing the Personal

17. SECURITY

• We shall implement appropriate technical and organisational measures to ensure a level of security of the Personal Data appropriate to the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed.

 

18. SUB-PROCESSING

• As at the date of the Contract the Customer hereby authorises us to engage those Sub- processors set out in Annex 2 (Authorised Sub-processors).
• We shall only engage additional Sub-processors to process Personal Data that meet the criteria in paragraph 18.4.

• In the case of general written authorisation, we shall inform the Customer of any changes concerning the addition or replacement of other processors, thereby giving the Customer the opportunity to object to such changes, such objections to be limited to grounds related to the processor’s ability to comply with appropriate privacy regulations.
• With respect to each Sub-processor, we shall:

• carry out adequate due diligence on each Sub-processor to ensure that it is capable of providing the level of protection for the Personal Data as is required by this Contract including without limitation sufficient guarantees to implement appropriate technical and organisational measures in such a manner that Processing will meet the requirements of Data Protection Laws and this Contract;
• include terms for protection of Personal Data in the contract between us and each Sub-processor which are the same as those set out in this Contract, and shall supervise compliance thereof;
• insofar as that contract involves the transfer of Personal Data outside of the EEA, incorporate the Standard Contractual Clauses or such other mechanism as directed by the Customer into the contract between us and each Sub-processor to ensure the adequate protection of the transferred Personal Data, or such other arrangement as the Customer may approve as providing an adequate protection in respect of the processing of Personal Data in such third country(ies); and
• remain fully liable to the Customer for any failure by each Sub-processor to fulfill its obligations in relation to the Processing of any Personal Data.

 

19. DATA SUBJECT RIGHTS

• We shall co-operate as reasonably requested by the Customer to enable it to comply with any exercise of rights by a data subject under any Data Protection Laws in respect of Personal Data and to comply with any assessment, enquiry, notice or investigation under any Data Protection Laws in respect of Personal Data or the Contract, which shall include:
  • the provision of all information reasonably requested by the Customer within any reasonable timescale specified by the Customer in each case, including full details and copies of the complaint, communication or request and any Personal Data it holds in relation to a data subject;
  • where applicable, providing such assistance as is reasonably requested by the Customer to enable it to comply with the relevant request within the timescales prescribed by Data Protection Laws; and
  • making commercially reasonable efforts to implement any additional technical and organisational measures as may be reasonably required by the Customer to allow it to respond effectively to relevant complaints, communications or requests.
• If an affected party such as an app user with claims for rectification, deletion or blocking contacts us, the Customer agrees that we should refer them to the Customer.

20. INCIDENT MANAGEMENT

• In the case of a personal data breach, we shall without undue delay notify the personal data breach to the Customer’s Support team by providing the Customer with sufficient information to allow it to meet any obligations to report a personal data breach under Data Protection Laws. Such notification shall as a minimum:
  • describe the nature of the personal data breach, the categories and numbers of data subjects concerned, and the categories and numbers of Personal Data records concerned;
  • communicate the name and contact details of our data protection officer or other relevant contact from whom more information may be obtained;
  • describe the likely consequences of the personal data breach; and

• describe the measures taken or proposed to be taken to address the data breach, including, where appropriate, measures to mitigate its possible adverse effects.

• We shall fully co-operate with the Customer and take such reasonable steps as are directed by the Customer to assist in the investigation, mitigation and remediation of each personal data breach, in order to enable the Customer to (i) perform a thorough investigation into the personal data breach, (ii) formulate a correct response and to take suitable further steps in respect of the personal data breach in order to meet any requirement under Data Protection
• The parties agree to coordinate and cooperate in good faith on developing the content of any related public statements or any required notices for the affected We shall not inform any third party without first obtaining the Customer’s prior written consent, unless notification is required by law to which we are subject, in which case we shall to the extent permitted by such law inform the Customer of that legal requirement, provide a copy of the proposed notification and consider any comments made by the Customer before notifying the personal data breach.

 

21. DATA PROTECTION IMPACT ASSESSMENT AND PRIOR CONSULTATION

• We shall, at the Customer’s request, provide reasonable assistance to the Customer with any data protection impact assessments and any consultations with any Supervisory Authority as may be required in relation to the processing of Personal Data by us on behalf of the

 

22. DELETION OR RETURN OF CONTROLLER PERSONAL DATA

• Upon written request by the Customer and written confirmation from the Customer within thirty (30) days of the earlier of: (i) cessation of processing of Personal Data by us; or (ii) termination of our contract, we shall delete all Personal Data for the Customer (except to the extent that any applicable law requires us to retain a copy of such Personal Data) and the Customer acknowledges that we will have no obligation to maintain or provide such Personal
• Irrespective of any other deletion rules, the deletion of the data in backup systems and files

(“Backups”) will take place in accordance with the regular period of deletion of these Backups.

 

23. AUDIT RIGHTS

• We shall make available to the Customer on request all information we deem necessary to demonstrate compliance with this Contract and Data Protection Laws and allow for and contribute to audits, including inspections by the Customer or another auditor mandated by the Customer of any premises where the processing of Personal Data takes place.
• We shall permit the Customer or another auditor mandated by the Customer during normal working hours and on reasonable prior notice to inspect, audit and copy any relevant records, processes and systems solely for the purpose of the Customer satisfying itself that the provisions of Data Protection Laws and this Contract are being complied with.
• We shall provide commercially reasonable co-operation to the Customer at the Customer’s expense in respect of any such audit and shall at the request of the Customer, provide the Customer with evidence of compliance with its obligations under this Contract and Data Protection Laws.

 

24. INTERNATIONAL TRANSFERS OF CONTROLLER PERSONAL DATA

• As at the date of the Contract the Customer hereby authorises us to engage those Sub- processors set out in Annex 3 (Authorised Sub-processors Outside the EEA).
• We shall not (permanently or temporarily) process the Personal Data nor permit any Authorised Sub-processor to (permanently or temporarily) process the Personal Data in a country outside of the EEA without an adequate level of protection, other than, and subject to clause 11.3, in respect of those recipients in such countries listed in Annex 3 (Authorised Transfers of Personal Data), and we shall inform the Customer of any changes concerning the addition or replacement of such other processors, thereby giving the Customer the opportunity to object to such changes, such objections to be limited to grounds related to the recipient’s ability to comply with appropriate privacy regulations.
• When requested by the Customer, we shall promptly enter into (or procure that any of our relevant Sub-processors enters into) an agreement with any Authorised Sub-processor, on Standard Contractual Clauses and/or such variation as Data Protection Laws might require, in respect of any processing of Personal Data in a country outside of the EEA without an adequate level of protection.

 

25. COSTS

• The Customer shall pay any reasonable costs and expenses incurred by us in meeting the Customer’s requests made under this Contract.

 

26. MISCELLANEOUS

• If the provision of the Services owed by us is rendered impossible or substantially more difficult by instructions from the Customer or if the Customer requests the deletion of data before the end of the contract, and we are wholly or partly hindered due to the deletion of the further service provision, we shall be released from its performance obligations. Our claim on the agreed remuneration remains unaffected.

• Any obligation imposed on us under this Contract in relation to the processing of Personal Data shall survive any termination or expiration of the Contract.

ANNEX 1: DETAILS OF PROCESSING OF PERSONAL DATA

This Annex 1 includes certain details of the processing of Personal Data as required by Article 28(3) GDPR.

 

Subject matter and duration of the processing of Personal Data

We will be the processor of personal data for the Customer under the legal basis of the signed contract. We will process personal data for the duration of the agreement, unless otherwise agreed upon in writing.

The nature and purpose of the processing of Personal Data

We will process personal data as necessary to perform the Services pursuant to the agreement, as further specified in the documentation, and as further instructed by the Customer in its use of the Services.

The types of Personal Data to be processed

The Customer may submit personal data to the Services, the extent of which is determined and controlled by the Customer in its sole discretion, and which may include, but is not limited to the following categories of personal data:

 

Client and Cockpit User (employee or agent of the customer)

• Personal details such as name, title, company, gender, date of birth
• Contact information such as e-mail address, telephone number, postal address
• Credentials such as user name, password, IP addresses, cookies, tracking codes authorization tokens, user IDs
• Usage data such as cockpit usage, navigation history, login history, marketing preferences
• Financial information such as customer account credit card and payment information, billing history

App user data

• Personal details data such as name, title, company, gender, date of birth
• Contact information such as e-mail address, telephone number, address
• Membership data such as type of membership
• Credentials such as username, password, phone type, model, operating system, IP addresses, cookies, tracking codes, authorization tokens, user IDs, member IDs,
• Usage data and interests such as booking and appointment history, gym visits, app usages, marketing preferences, app favourites, location history, training data and history
• Personal messages such as birthday greetings, event reminders, booking confirmations
• Financial information such as direct debit history, credits, cashless account balance, loyalty points, credit card and payment information.

Lead Generation Prospect data

• Personal details such as name, title, gender, date of birth,
• Contact information such as e-mail address, telephone number, address,

The categories of data subject to whom the Personal Data relates

The Customer may submit Personal Data to the Services, the extent of which is determined and controlled by the Customer in its sole discretion, and which may include, but is not limited to Personal Data relating to the following categories of data subjects:

• the Customer staff who are Cockpit Users (who are natural persons)
• the Customer prospects & customers who are App users (who are natural persons)
• Friends and relatives sent referrals by App users (who are natural persons)

ANNEX 2: CATEGORIES AND AUTHORISED SUB-PROCESSORS

 

Categories of processing	Names of third countries or international organisations that personal data are transferred to (if applicable)
Development and support services	Innovatise Technology Private Ltd ,India
Development and support services	Google Firebase/Crashlytics, US
Development and support services	WilliamsIP Ltd, UK
Development and support services	Atlassian, Germany
Development and support services	ZenDesk
Web cockpit usage	Hetzner Online GmbH, Germany
Web cockpit usage	Amazon AWS Germany & Ireland
Anonymous app usage	Apple, US
Anonymous app usage	Google, US
Anonymous app usage	Hetzner Online GmbH, Germany
Anonymous app usage	Amazon AWS Germany & Ireland
Gym Finder in the app	Google Maps API, US
Identified app usage	Apple, US
Identified app usage	Google, US
Identified app usage	Hetzner Online GmbH, Germany
Identified app usage	Amazon AWS Germany & Ireland
Lead Generation in the app	Hetzner Online GmbH, Germany
Lead Generation in the app	Amazon AWS Germany & Ireland
Native Booking in the app	Hetzner Online GmbH, Germany
Native Booking in the app	Amazon AWS Germany & Ireland
Local Marketing in the app	Hetzner Online GmbH, Germany
Local Marketing in the app	Amazon AWS Germany & Ireland
Personal Comms in the app	Apple, US
Personal Comms in the app	Google, US
Personal Comms in the app	Hetzner Online GmbH, Germany
Personal Comms in the app	Amazon AWS Germany & Ireland

ANNEX 3: AUTHORISED SUB-PROCESSORS OUTSIDE THE EEA

 

Categories of processing	Names of third countries or international organisations that personal data are transferred to (if applicable)
Development and support services	Innovatise Technology Private Ltd, India
Development and support services	Google Firebase/Crashlytics, US
Development and support services	ZenDesk
Anonymous app usage	Apple, US
Anonymous app usage	Google, US
Gym Finder in the app	Google Maps API, US
Identified app usage	Apple, US
Identified app usage	Google, US
Personal Comms in the app	Apple, US
Personal Comms in the app	Google, US