Back to Terms of Service
AthleteDockAthleteDock

Data Processing Agreement

GDPR-compliant agreement between the Organization and AthleteDock

This Data Processing Agreement forms part of the Terms of Service between the Organization using the Platform and AthleteDock Ltd., the Platform Provider.

Controller

The Organization using the Platform

Processor

AthleteDock Ltd.

The Platform Provider

01

Subject Matter

The Processor provides a software platform that enables sports organizations to manage operational and administrative activities including player records, scheduling, and team management.

02

Duration

Processing will occur for the duration of the Organization's use of the Platform.

03

Nature and Purpose of Processing

Processing activities may include:

  • Collection

  • Storage

  • Organization

  • Retrieval

  • Transmission

  • Deletion

These activities occur solely to enable the functionality of the Platform.

04

Categories of Data Subjects

Data subjects may include:

  • Players

  • Coaches

  • Staff members

  • Parents or guardians

05

Types of Personal Data

Personal data processed may include:

  • Names

  • Email addresses

  • Phone numbers

  • Date of birth

  • Height and weight

  • Team membership

  • Attendance records

  • Emergency contact details

06

Processor Obligations

The Processor shall:

  • Process personal data only on documented instructions from the Controller

  • Ensure persons authorized to process personal data are bound by confidentiality

  • Implement appropriate security measures in accordance with GDPR Article 32

  • Assist the Controller in responding to data subject rights requests

  • Notify the Controller without undue delay after becoming aware of a personal data breach

07

Sub-processors

The Controller authorizes the use of sub-processors necessary for the operation of the Platform.

Current sub-processors include:

Provider

Purpose

Supabase

Database and authentication infrastructure

Vercel

Application hosting and content delivery

The Processor will ensure that sub-processors provide appropriate data protection safeguards.

View full sub-processor disclosure
08

International Data Transfers

Where personal data is transferred outside the European Economic Area, the Processor will ensure appropriate safeguards such as Standard Contractual Clauses.

09

Data Breach Notification

The Processor shall notify the Controller without undue delay after becoming aware of a personal data breach affecting personal data processed under this Agreement.

10

Assistance to Controller

The Processor shall assist the Controller, where reasonably possible, with:

  • Data subject rights requests

  • Data protection impact assessments

  • Security obligations under GDPR

11

Data Deletion or Return

Upon termination of services, the Processor shall delete or return all personal data to the Controller unless retention is required by applicable law.

12

Audit

The Controller may request reasonable information necessary to demonstrate compliance with this Agreement.

13

Governing Law

This Agreement shall be governed by the laws of Bulgaria and applicable European Union data protection law.

© AthleteDock. All rights reserved.

Back to Terms of Service