TERMS AND CONDITIONS OF USE OF THE PLAYTOMIC PLATFORM
These terms and conditions govern the use of the Playtomic platform that Syltek Solutions S.L. makes available to its customers (hereinafter the “Customer” or the “Customers”).
The platform is administrated by SYLTEK SOLUTIONS S.L., with Spanish TIN B-84604792, registered in the Companies Register of Madrid, volume 35650, book 0, folio 84, section 8, sheet M-430240 and with registered offices at Paseo de la Castellana 93, planta 10, Edificio Cadagua, 28046 Madrid (hereinafter “Syltek”).
The parties being bound by these terms and conditions are Syltek and the Customers that hire Playtomic, in accordance with the provisions of this document (hereinafter the “Parties”).
ONE. GENERAL SERVICES OF THE PLATFORM
Syltek has developed and is the owner of all the rights to the software application for comprehensive sports centre management (hereinafter “Playtomic Manager”), as well as an online platform for managing bookings and other services to promote the Customer’s offerings (hereinafter “Playtomic App”).
TWO. OBLIGATIONS OF THE PARTIES
Syltek undertakes to:
- Make the contracted services available to the Customer.
- Train the Customer, if necessary, in the use and operation of the service.
- Offer a support service during business hours for the contracted services.
- Provide the Customer with information on the latest news regarding the platform.
The Customer undertakes to:
- Have the technical elements necessary for the correct functioning of the service and particularly including but limited to the following: Internet access, computers.
- Understand and comply with the operating conditions of Playtomic, of which it has been previously informed.
- Respect, accept and comply with the technical indications and other instructions for the proper functioning of the services and implement at its own expense the components and technical specifications required during the term of these Terms and Conditions for the use of new versions of the platform.
- Guarantee that any user who performs any action on the platform’s management program, Playtomic Manager, has sufficient powers to act on behalf of the Customer, exonerating Syltek from any dispute arising from a negligent attitude on the part of the Customer.
- Respect and comply with all the agreements contained in this document.
- Pay Syltek the agreed upon price in accordance with the financial terms described in the special conditions detailed in the signed agreement.
- Guarantee that any use and manipulation of the platform must be carried out by a natural person employed by the Customer, or a professional collaborator of the Customer. The use of any type of robotic tool, whether its own or that of a third party, is strictly prohibited.
- Not transfer the rights and/or obligations acquired under these Terms and Conditions to any third party, including subrogating its contractual position, without the express written permission of Syltek.
- Not use the services to carry out activities contrary to the law, morality, public order or use the services for purposes or effects that are unlawful, prohibited, or harmful to the rights and interests of third parties; Syltek accepts no liability that may derive therefrom.
THREE. CUSTOMER’S AUTHORISATION AND CONSENT
To promote the recruitment of new users for the Customer’s sports facilities and services, said party expressly authorises Syltek to post in real time and manage the online sale of and collection of payments for products and services offered by the Customer to all users of the Playtomic App.
To this end, the Customer expressly undertakes to have all bookings and services in their sports facilities that are marketed online marketed exclusively on the Playtomic App.
Using the software application provided by Syltek, the Customer will configure the appropriate parameters for their sports centre and all the terms and conditions related to the services offered to Playtomic App users.
Similarly, the Customer authorises Syltek to show information and specific terms to the user of the sports centre such as: special conditions, passes, discounts, promotions, membership, etc.
Finally, the Customer authorises Syltek to use non-personal data for purely statistical purposes which may help to improve the service provided.
These Terms and Conditions shall have a duration of one year from the date of signature and be automatically renewable for periods of one year, unless the party concerned notifies the other in writing at least sixty days prior to their initial expiration or the expiration of any extensions.
FIVE. FINANCIAL TERMS RELATING TO PLAYTOMIC
The costs associated with the services rendered and the method of payment are detailed in these Terms and Conditions.
The services related to the management program, Playtomic Manager, will be billed monthly in advance. The Customer shall provide payment pursuant to the conditions set out in the agreement via direct debit. In the event of a refund, a delay of more than 30 days or non-payment of invoices, Syltek may suspend all or part of the Services at any time and without the need for prior notice.
Moreover, Syltek manages the online sale of and collection of payments for bookings and sports offers for the Customer on the Playtomic App, earning commissions pursuant to the financial and payment conditions as detailed in the agreement.
The Customer will issue an invoice detailing the products sold via the Playtomic App, specifying the units and price, deducting the corresponding commission percentage.
In accordance with Article 164.Two of Law 37/1992, of 28 December, on Value-Added Tax, Syltek may issue the invoice on behalf of the Customer, provided that all the requirements set out in said article and those set out in Article 5 of Royal Decree 1619/2012, of 30 November, approving the Regulation that governs billing obligations are fulfilled.
The Customer therefore authorises Syltek to carry out the following: Issue and Send Invoices (or “Self-invoices”), issued by Syltek on behalf of and in the name of the Customer. Each transaction carried out by the user on the Playtomic App shall amount to the Customer’s acceptance of the issue of the corresponding invoice by Syltek. The invoices shall be issued on behalf of the Customer that received the booking of a Playtomic App user.
All of the financial conditions shall be subject to an update in January of each year, increasing or decreasing in the same measure as the consumer price index (CPI).
SIX. INTELLECTUAL AND INDUSTRIAL PROPERTY
All the information contained on the platform is protected by copyright or other protection rights contained in Royal Legislative Decree 1/1996, of 12 April, approving the Consolidated Text of the Intellectual Property Act. These rights belong exclusively to Syltek, therefore, any act of reproduction, distribution, transformation or public communication, as well as any type of transfer, of all or part of the elements of the Software owned by Syltek, and in general of any object that according to current legislation is protectable by intellectual property rules, is expressly excluded.
All the elements of the software application and the platform are the exclusive property of Syltek, with all rights reserved. None of the elements may be modified, copied, distributed, framed, reproduced, downloaded, extracted, displayed, published, transmitted or sold in any form or by any means, in whole or in part, without Syltek’s prior written consent. Insofar as the user is entitled to use the service offered, Syltek grants a license to use the Software, provided that all notices regarding copyright and intellectual property remain intact. Any other use is strictly prohibited.
This document does not give the Customer any intellectual property rights to the Software.
Use without prior consent of any Syltek component that is subject to protection pursuant to applicable industrial property law is expressly prohibited. Especially brands, trade names, corporate logos, names, trademarks, slogans and any other distinctive signs belonging to Syltek cannot be used.
SEVEN. DATA PROTECTION
7.1 Processing of the personal data of the signatories and employees.
Pursuant to Organic Law 3/2018, of 5 December, on Personal Data Protection and the Guarantee of Digital Rights (hereinafter LOPDGDD) and Regulation (EU) 2016/679, of 27 April 2016 (hereinafter GDPR), the Parties, based on the legitimate interest arising from the performance of the services rendered and as personal data is necessary to provide said services, Syltek shall be able to process the personal data of the administrator of the club and its partners on systems and files duly reflected in the processing log. All of this is carried out in strict compliance with the applicable personal data protection regulations.
By signing these Terms and Conditions, the Parties accept the processing of their personal data and of confidential data under the terms and conditions indicated herein.
The Customer is hereby informed that the contact details of the administrator and their partners will be processed by Syltek in order to allow for the development, fulfilment, and monitoring of the service provision relationship entered into, with the legal basis for the processing being the performance of a contract and the legitimate interest of both Parties being the ability to satisfy these purposes; the data shall be stored for the duration of said relationship and, even after it ends until the liabilities arising therefrom expire.
The data being processed will be contact details. The personal data provided or collected by virtue of the execution and performance of these Terms and Conditions will not be shared with third parties unless required by law.
The personal data that may be accessed will not be subject to international transfers.
The data subjects may revoke their consent and exercise their rights to access, rectification, erasure, opposition, restriction, portability, and to not be subject to automated individual decision-making, by writing to Syltek’s registered offices providing a photocopy of a government-issued ID and specifying the request.
In the event any of the Parties believe their right to personal data protection has been violated, they may file a claim with the Spanish Data Protection Agency (www.aepd.es).
7.2 Processing of personal data of which Syltek is the data controller.
Syltek is the data controller of the data of registered users of the Playtomic App and once said data are received by the Customer, the Customer shall acquire responsibility thereof and apply the data protection laws in force to said database.
Users’ personal data will be shared with the Customer for the exclusive purpose of managing the bookings made by the users on the Playtomic App. The Customer also undertakes to inform users pursuant to the provisions of Article 14 of the GDPR and, where applicable, to receive their consent to send users commercial information.
7.3 Processing of personal data of which the Customer is the data controller.
The Customer shall be responsible for the personal data of any users whose data have been collected directly by the Customer and managed thereby on Playtomic Manager; where Syltek will acquire the status of data processor. Therefore, the Parties undertake to sign a data processing agreement, attached to these Terms and Conditions in APPENDIX I.
The Parties expressly undertake to maintain absolute and strict confidentiality regarding all the information and documentation provided to each other, as well as in relation to all the information obtained, directly or indirectly, which is related to the activity of any of the Parties. In this sense, and except as otherwise provided for by law, the Parties undertake during the term of these Terms and Conditions and upon their termination, not to directly or indirectly disclose, facilitate, provide or use, either to third parties or for their own interests, the information derived from the contractual relationship entered into by and between the two Parties. They are reciprocally liable for all damages that may be caused by any action or omission of diligence that could give rise to any breach of the duty of confidentiality assumed that damages their own interests.
The confidentiality obligations assumed by the Parties shall be respected by all their employees, suppliers and, in general, by all persons who, by reason of the services rendered, have access to confidential information even after their contractual relationship has ceased.
Moreover, any information that relates to the software application, the platform, its functionalities, specifications or technical characteristics, as well as information on products and services, commercial and financial information, Customer presentations or documentation that the Customer obtains exclusively through its relationship with Syltek and that is not in the public domain shall be considered confidential. The Customer, therefore, undertakes to: (i) preserve and safeguard it with due diligence; (ii) not disclose it, divulge it or make it known to third parties, either in full or in part, by any means, in any format or medium, for the duration of the term of these Terms and Conditions, or after their termination; and (iii) return it in the format it is in at the time of the termination of these Terms and Conditions, regardless of the reason for said termination.
Syltek will apply the best practices in terms of security and data recovery procedures and will make its best efforts to provide an optimal and quality service to the Customer.
Syltek shall not be liable for any network deficiencies attributable to telephone and/or telecommunication operators. It shall not be liable for particularly, but not limited to, the following: interference due to atmospheric conditions, lack of coverage for the user’s mobile terminal, deficiencies in the user’s terminals, deficiencies in the network supply by the operator or operators, improper or fraudulent manipulation of the user’s terminals or computer or telecommunications elements, power outages, suspension by the internet access provider or communication network provider.
Syltek will not be responsible for the correction of anomalies attributable exclusively to the computer or computers used by the Customer, to deficiencies in the surrounding working conditions, or to breakdowns in the main alternating current network or variations thereof or in the communications provider that, therefore, bear no causal relationship to the Application.
Syltek’s liability under these Terms and Conditions shall be limited to the sum of all amounts paid by the Customer during the last six (6) months preceding the occurrence of the damaging event, both for each incident and for the sum of all incidents occurring during that period.
TEN. BUSINESS RELATIONSHIP.
These Terms and Conditions and the relationship between the Parties constitute a business relationship, governed by the Civil Code and the Laws of Commerce. The Parties establish that, at no time will there be an employment relationship between Syltek and the Customer and Syltek will therefore be exonerated from any kind of responsibility of an employment nature.
Any taxes accruing from the performance of these Terms and Conditions shall be paid by each of the Parties.
These Terms and Conditions may be terminated in the event that either Party does not comply with its obligations, where not remedied within 10 calendar days, provided that the other party has requested it do so.
In derogation of the above, if the Customer fails to pay any of the agreed upon payments, 48 hours have passed since the second notification of non-payment and the amount due has still not been received, Syltek shall be fully entitled to terminate the contract, and will shut down the Customer’s contracted service at the same time as it provides notice of the termination.
In the event the Customer fails to comply with payment obligations, Syltek may, in addition to the amounts due, claim by way of compensation for damages, the monthly maintenance instalments contracted by the Customer, until the expiration of the contract. This compensation shall not exclude any other claim for damages suffered by Syltek due to any other non-compliance by the Customer.
Likewise, the Customer may terminate these Terms and Conditions, in the event of deficiencies on Playtomic Manager that prevent its use for 48 hours, starting from the receipt of notification of the incident by Syltek. The Customer may also claim compensation for damages attributable to Syltek for breach of contract.
The termination for any reason of these Terms and Conditions, including its non-renewal upon expiry, shall not exempt the Parties from paying the amounts already accrued in favour of the other party, until the very moment of the effective termination of these Terms and Conditions. These amounts must be paid in all cases in accordance with the established payment criteria. However, in the event of termination of these Terms and Conditions for breach of contract by the Customer, all amounts that had accrued up to that time will automatically become due in advance.
Notwithstanding the foregoing, the Parties may terminate these Terms and Conditions at any time if:
(a) The other party seriously or repeatedly fails to fulfil the obligations assumed in this document;
(b) The Customer does not use Playtomic Manager properly and this may endanger the platform or affect the rights of third parties, including Syltek, or access to the Playtomic App is given to third parties without Syltek’s express consent.
(c) The other party enters or decides to enter into some type of legal transaction or proceeding whereby all or a significant part of its assets are transferred to the benefit of its creditors in general or some in particular;
(d) Any of the causes provided for by law are applicable.
THIRTEEN. MODIFICATION OF THE SERVICES.
Syltek reserves the right to modify the services in order to adapt them to: (a) the technical evolution of the market; (b) any technical, functional and operational improvement that allows an improvement in the provision of the same; (c) changes in the laws, regulations and standards applicable to the provision of these services and/or aspects related to them.
SEVENTEEN. APPENDICES AND AMENDMENTS
These Terms and Conditions comprise the entire contract between the Parties and replace any previous communications or documentation related to the purpose thereof.
The following appendices are an inseparable part of these Terms and Conditions:
- APPENDIX I: PERSONAL DATA PROCESSING SERVICE PROVISION CONTRACT
EIGHTEEN. CONFLICT RESOLUTION.
These Terms and Conditions shall be governed by and construed in accordance with Spanish law.
The Parties agree that any dispute, discrepancy, question or claim resulting from the performance or interpretation of this contract or related to it, either directly or indirectly, will be resolved through the Courts and Tribunals in Madrid.
© SYLTEK SOLUTIONS S.L. 2019. All rights reserved.
PERSONAL DATA PROCESSING SERVICE PROVISION CONTRACT
The services commissioned by the Customer through Playtomic Manager involve access and processing by SYLTEK SOLUTIONS S.L. (hereinafter the Data Processor or the Processor) into different automated filing systems owned by the Customer (hereinafter the Data Controller or the Controller), governed by the following clauses.
ONE. PURPOSE OF THE PROCESSING AND IDENTIFICATION OF THE INFORMATION AFFECTED.
By signing these Terms and Conditions, the Customer authorises SYLTEK SOLUTIONS S.L. as the Data Processor to single-handedly process the personal data necessary to provide data processing services by contracting Playtomic Manager.
The processing will consist specifically of managing and maintaining the software application contracted, Playtomic Manager, and consequently access to the personal data managed by the Customer via Playtomic Manager.
To perform the provision of services arising from compliance with the purpose of this order the Data Processor provides SYLTEK SOLUTIONS S.L. with the information described below:
- Type of data subject: customers, employees and suppliers.
- The processing carried out by SYLTEK SOLUTIONS S.L. is restricted to the following information: identifying data, personal characteristics, social circumstances, employment details, financial, economic, and insurance information, property and service transactions and login credentials.
TWO. OBLIGATIONS OF THE DATA PROCESSOR
The Data Processor and all of its personnel undertake to:
- Use the personal data subject to processing exclusively for the purposes of the order specified in the Terms and Conditions. Under no circumstances may the data be used for its own purposes or for purposes other than those expressly stated.
- Process the data in accordance with the instructions of the Data Controller.
- If the Data Processor believes that any of the instructions violate the GDPR or any other provision, the Processor shall immediately inform the Data Controller.
- Keep a written record of all the categories of processing activities carried out by the Controller, containing:
- The name and contact details of the data processor or processors and each data controller on whose behalf the processor acts and, where applicable, the representative of the controller or processor and the Data Protection Officer.
- A description of the types of processing carried out by the Processor.
- Where applicable, personal data transfers to a third country or international organisation.
- A general description of the appropriate technical and organisational security measures regarding:
- Secure data storage.
- The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
- The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
- A process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
- Not disclose the data to third parties, unless they have express authorisation from the Controller in the scenarios permitted by law. The Processor, where applicable, shall be able to share the data with other data processors working under the same Controller, in accordance with the Controller’s instructions. In this case, the Controller shall identify the company the data should be disclosed to, the data to be disclosed, and the security measures to be applied to said procedure in writing and in advance.
- If the Processor must transfer personal data to a third country or an international organisation, by virtue of Union or Member State law, the Processor shall inform the Controller of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest.
- The Processor shall be able to subcontract the provision of services hired, provided this has been previously authorised by the Controller. In such cases, the Processor shall inform the Controller of the identity of the subcontractors in writing. Moreover, the Processor shall inform the Controller of any changes with regard to subcontractors, and the Controller shall have a period of 15 days to present its reasoned objections in writing. The Processor shall only be able to perform said subcontracting if the Controller has not objected within said period of time.
The subcontractor, who will also have the status of data processor, shall equally undertake to fulfil the obligations set out in this document for the Data Processor and the instructions provided by the Controller.
The Processor is responsible for governing the new relationship so that the new processor is subject to the same conditions (instructions, obligations, security measures) and has the same formal requirements as said party with regard to the proper processing of personal data and the guarantee of the rights of the persons concerned. In the event of failure to comply by the subprocessor, the initial Processor shall remain fully liable to the Controller with regard to fulfilling the obligations.
- Carry out the duty of secrecy with regard to any personal data accessed by virtue of the provision of services contracted.
- Guarantee that the people authorised to process personal data will expressly undertake in writing to respect confidentiality and comply with the corresponding security measures.
- Make the documentation accrediting GDPR compliance available to the Controller.
- Guarantee the necessary training with regard to personal data protection for the people authorised to process personal data.
- The Data Processor shall notify the Data Controller of any breaches of the personal data under its charge, immediately and without undue delay from the time it learns of the breach, where it is probable that said breach entails a high risk for the rights and freedoms of natural persons. The notification shall be provided in clear and simple language and must at least:
- Explain the nature of the data breach.
- Indicate the name and contact details of the data protection officer or of another contact person from whom more information can be obtained.
- Describe the potential consequences of the personal data breach.
- Describe the measures adopted or proposed to remedy the personal data breach, including, where applicable, the measures adopted to mitigate any potential negative effects.
- Provide support for the Controller in preparing the documents legally required regarding data protection, where applicable.
- Provide support to the Controller in preparing the prior consultations for the Supervisory Authority, where applicable.
- Provide the Controller with any information necessary to demonstrate compliance with the obligations set out in Article 28 of the GDPR.
- Implement the technical and organisational measures necessary to guarantee the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. The Processor offers sufficient guarantees to apply the appropriate technical and organisational measures, pursuant to the requirements of Regulation (EU) 2016/679 and Organic Law 3/2018 of 5 December on Data Protection and the Guarantee of Digital Rights, guaranteeing the protection of data subjects’ rights. The security measures implemented by the Processor will be those appropriate to the level of risk in accordance with the Risk Analysis carried out by the Processor.
- The Processor will help the Controller to fulfil its obligation to respond to the data subjects’ requests to exercise their rights.
- Where necessary, the Processor shall appoint a Data Protection Officer (hereinafter DPO) and notify the Controller of their identity in writing at the address indicated in clause six.
- Once the service has been rendered, the Processor undertakes to return the personal data to the Controller and, where applicable and required, any software or hardware where they are kept.
Said return must comprise the full erasure of the data existing on equipment used by the Processor. Nevertheless, the Processor may keep a copy, with the data duly blocked, while any liability relating to the provision of the services may arise.
THREE. OBLIGATIONS OF THE DATA CONTROLLER
The Data Controller must:
- Apply the appropriate technical and organisational measures so as to guarantee and be able to demonstrate that the processing is GDPR compliant.
- Assume legal control over properly obtaining different consents from users, pursuant to the stipulations of the GDPR.
- Assume legal control over compliance with the duty to report pursuant to Articles 13 and 14 of the GDPR.
- Ensure GDPR compliance before and during the processing.
- Guarantee the Processor’s respect for the obligations set out in the GDPR before and during the processing, especially the provisions of Article 25 of said Regulation.
- Ensure that the processing and its purposes are in accordance with the GDPR and LOPD-GDD.
- Provide the Processor with the instructions necessary to render the service.
- Respect the principle of restricting the personal data necessary for the purposes of processing. Therefore, the Data Controller undertakes to make the data anonymous or apply pseudonymisation to the extent possible and to always provide the Data Processor solely with the personal data strictly required to render the service.
- Make prior consultations with the corresponding Supervisory Authority.
- Respond to the queries and requests of the Processor.
- Appoint a DPO where necessary and notify the Processor of their identity and contact details.