These General Terms and Conditions ("T&Cs") govern the legal relationship between Club Planner BV, a company incorporated under Belgian law with registered office in Aalst, Belgium under company number BE1004.220.610 ("Club Planner", "we", "us"), and the business entity or individual using Club Planner's software platform and associated services ("Client").
For the purposes of these T&Cs, the following definitions apply:
1.1. These T&Cs apply to all contracts, licences, and relationships between Club Planner and the Client. By activating or using the Platform, the Client represents that it has read, understood, and expressly agrees to these T&Cs.
1.2. Where the Client is a business entity, the individual accepting these T&Cs warrants that they have the authority to bind that entity.
1.3. These T&Cs do not govern the relationship between the Client and its Members. The Client remains independently responsible for its own terms of service and privacy notices towards its Members, consistent with its obligations as a data Controller.
1.4. Club Planner may refuse, suspend, or terminate access to the Platform for any Client that materially violates these T&Cs, without prejudice to Club Planner's other legal remedies.
The data processing terms set out in Clause 3 of these T&Cs constitute a Data Processing Agreement ("DPA") as required by Art. 28 GDPR and are incorporated into and form part of the overall contract between the Parties. The Client, as Controller, instructs Club Planner to process Personal Data only in accordance with these T&Cs and any additional documented instructions provided in writing.
Club Planner shall process Personal Data on behalf of the Client for the duration of the contract and in accordance with the documented instructions of the Client. The subject matter, nature, purpose, type of Personal Data, and categories of data subjects are as set out in Schedule 1 (Data Processing Details), which forms part of these T&Cs.
Club Planner shall, in its capacity as Processor:
3.3.1. The Client hereby grants Club Planner general written authorisation to engage the Subprocessors listed in Schedule 2 (Subprocessor List). Club Planner shall maintain Schedule 2 and make it available to the Client at all times via Club Planner's website or upon written request.
3.3.2. Club Planner shall notify the Client of any intended addition or replacement of a Subprocessor at least 30 days in advance by posting an update to the Subprocessor List and notifying the primary account contact by email. The Client may object to any new Subprocessor within 14 days of notification on reasonable grounds related to data protection. If the Client objects and Club Planner cannot reasonably accommodate the objection, either Party may terminate the affected services with 30 days' notice without penalty.
3.3.3. All Subprocessors are bound by data processing agreements no less protective than this DPA. Club Planner remains fully responsible to the Client for the performance of its Subprocessors' data protection obligations.
3.4.1. Club Planner shall not transfer Personal Data to a country or international organisation outside the European Economic Area (EEA) without the Client's prior written authorisation and without ensuring that one of the following safeguards applies:
3.4.2. Where applicable, Club Planner shall execute the relevant SCCs with the Client and/or Subprocessors as required. Details of current international transfers and applicable safeguards are set out in Schedule 2.
4.1. The Client, as Controller, is responsible for managing and responding to data subject requests under Arts. 15-22 GDPR (access, rectification, erasure, portability, restriction, and objection).
4.2. Club Planner provides technical functionality within the Platform to assist the Client in fulfilling the following data subject rights:
4.3. Where a data subject submits a request directly to Club Planner, Club Planner shall promptly forward the request to the Client's designated contact without undue delay, and in any event within 3 business days.
4.4. Club Planner maintains a dedicated data protection contact point, reachable at info@clubplanner.be, for data protection enquiries, data subject requests inadvertently received, and regulatory correspondence.
Club Planner shall implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Art. 32 GDPR. These measures include, at minimum:
In the event of a Personal Data Breach (as defined in Art. 4(12) GDPR), Club Planner shall:
Club Planner shall maintain a Personal Data Breach register documenting all security incidents, including those not qualifying as reportable breaches, available for inspection by the Client upon written request.
6.1. Personal Data shall not be retained by Club Planner for longer than necessary for the purposes for which it is processed, in accordance with the Art. 5(1)(e) GDPR storage limitation principle.
6.2. The following default retention periods apply, unless the Client specifies otherwise in writing:
6.3. Clients may request deletion of specific Member data at any time via the Platform's administrative tools or by written request to Club Planner. Club Planner shall confirm completion of deletion in writing within 10 business days.
6.4. TERMINATION. Upon termination of the licence agreement for any reason:
7.1. The Client acknowledges that the nature of a fitness management platform means the Platform may be used to process health-related, biometric, or other Special Category Data as defined in Art. 9(1) GDPR, including but not limited to: fitness performance data, injury or medical condition records, body composition metrics, dietary information, and biometric access data.
7.2. The Client, as Controller, is solely responsible for ensuring it has a valid legal basis under Art. 9(2) GDPR before processing Special Category Data through the Platform. The Client warrants that it will obtain explicit, informed consent from Members for any Special Category Data processing not covered by another Art. 9(2) exemption.
7.3. Club Planner will not process Special Category Data except as strictly instructed by the Client, and will implement additional technical safeguards for such data including enhanced encryption and restricted access controls.
7.4. The Client should conduct a Data Protection Impact Assessment (DPIA) under Art. 35 GDPR prior to processing Special Category Data at scale. Club Planner will provide reasonable assistance to the Client in completing such assessments upon written request.
8.1. Where Club Planner supplies hardware devices (including access control terminals, check-in kiosks, payment terminals, scanners and IoT modules), the Client acknowledges that such hardware may collect and transmit Personal Data, including access logs, biometric identifiers, and payment data.
8.2. All hardware-to-cloud data transmission is encrypted using TLS 1.2 or higher. Local data storage on hardware is minimised and encrypted.
8.3. Proprietary hardware manufactured by Club Planner BV remains the property of Club Planner BV and may not be altered, tampered with, or reprogrammed. Any evidence of hardware tampering will result in termination of the warranty and may trigger a fine of up to €2,500.
8.4. Hardware warranty: 12 months from invoice date. Hardware defects affecting Personal Data security must be reported to Club Planner immediately and will be treated as a potential Personal Data Breach for notification purposes.
9.1. Club Planner grants the Client a non-exclusive, non-transferable licence to use the Platform for the Client's internal business operations for the duration of the contract.
9.2. The minimum licence term is 24 months unless otherwise specified in the applicable order form. After the initial term, the licence auto-renews for consecutive 3-month periods.
9.3. The Client may terminate the licence at any time after the initial 24-month term by providing written notice (email or letter) at least 3 months before the end of a renewal period.
9.4. Licences are issued per physical location or per company entity. Multi-site arrangements require a separate licence per location unless a multi-site agreement is in place.
9.5. Upon termination for any reason, data portability and deletion rights under Clause 6.4 apply unconditionally, irrespective of any commercial dispute regarding licence fees.
10.1. Licence fees are denominated in Euros and exclude VAT unless stated otherwise. Prices are subject to change based on index adjustments, scope changes, or significant infrastructure cost increases, with minimum 60 days' advance written notice.
10.2. Fees are invoiced monthly unless otherwise agreed. Invoices are payable within 30 days of issuance.
10.3. Disputed invoices must be raised in writing within 30 days of issuance. Undisputed portions remain payable.
10.4. Overdue undisputed amounts accrue interest at the applicable Belgian statutory commercial rate. Club Planner may suspend access to the Platform following 15 days' written notice of an overdue balance.
11.1. Standard support is available Monday to Friday, 09:00-17:00 CET, via telephone and email. Fair use applies: a maximum of 2 designated contacts per Client, each with a reasonable volume of daily support requests.
11.2. GDPR AND DATA PROTECTION ESCALATION. Separate from general support, Club Planner maintains a dedicated data protection channel at info@clubplanner.be. Data subject rights requests, personal data breach reports, and regulatory correspondence must be submitted via this channel and are not subject to standard support fair use limitations. Club Planner will acknowledge GDPR escalations within 24 hours on business days.
11.3. Club Planner may prioritise support requests at its reasonable discretion but shall not unreasonably withhold assistance that affects the Client's ability to fulfil its own GDPR obligations.
12.1. Club Planner reserves the right to update, modify, and improve the Platform at its discretion. Minor updates, bug fixes, and security patches will be applied without prior notice.
12.2. Updates that materially change the nature, scope, or security of Personal Data processing will be communicated to the Client at least 30 days in advance. The Client may raise objections in writing within 14 days of such notice.
12.3. Club Planner shall ensure that all Platform updates maintain compliance with applicable data protection law. Where an update requires changes to data processing operations, Club Planner will provide an updated Schedule 1 for the Client's records.
13.1. The Platform supports integration with third-party applications via Club Planner's API. All API access to Personal Data requires: (a) a valid data processing agreement between Club Planner and the third-party integrator; (b) explicit authorisation from the Client and (c) a signed NDA of the party using the API access.
13.2. Club Planner maintains a register of approved API integrators. The Client may request the current list at any time.
13.3. Third-party integrations not listed as approved Subprocessors must not have access to Member Personal Data. The Client is responsible for ensuring that any third-party integrations it enables comply with GDPR requirements.
13.4. Club Planner is not responsible for the data protection practices of third-party integrators acting under the Client's direct instruction, provided Club Planner has fulfilled its Subprocessor management obligations under Clause 3.3.
14.1. Club Planner may send operational communications to Client account contacts, including service updates, security alerts, and contractual notices. These communications are sent on the basis of contractual necessity.
14.2. Marketing communications will only be sent to Client contacts who have provided explicit opt-in consent. Consent can be withdrawn at any time via the Platform settings or by emailing info@clubplanner.be.
14.3. Club Planner will not include commercial messages from third parties in any communications sent to Clients or Members.
14.4. Clients using Club Planner's email infrastructure to communicate with their Members must comply with applicable ePrivacy requirements (including obtaining prior consent for marketing emails) and are solely responsible for their compliance with such requirements.
14.5. Club Planner's email infrastructure imposes a maximum of 1,000 outbound emails per day per account (00:00-23:59 CET). Clients requiring higher volumes should configure their own email server.
15.1. GENERAL CAP. Subject to Clause 15.2, Club Planner's total aggregate liability to the Client for any and all claims arising under or in connection with these T&Cs shall not exceed the lesser of: (a) the total licence fees paid by the Client to Club Planner in the 6 months immediately preceding the claim; or (b) €5,000.
15.2. CARVE-OUTS. The liability cap in Clause 15.1 does NOT apply to:
15.3. DATA BREACH INDEMNIFICATION. Club Planner shall indemnify the Client against reasonable, documented third-party claims, regulatory fines attributable to Club Planner's own non-compliance as Processor, and direct costs of mandatory breach notification, to the extent such liability arises directly from Club Planner's material breach of its obligations under Clause 3 (DPA) of these T&Cs. This indemnification is capped at €10,000 per incident.
15.4. In no event shall either Party be liable for loss of revenue, loss of profits, loss of anticipated savings, loss of goodwill, or indirect or consequential losses, except where such losses arise from a data breach caused by the other Party's material non-compliance with its GDPR obligations.
16.1. The Platform is not intended for direct use by individuals under 16 years of age (or such other age as applicable under national law, which in Belgium is 13). Clients who provide services to minors are responsible for obtaining appropriate parental or guardian consent in accordance with Art. 8 GDPR.
16.2. Club Planner does not knowingly process the personal data of individuals under 13 as Controller. If Club Planner becomes aware that data of a child under 13 has been collected without appropriate consent, Club Planner will promptly notify the Client and take steps to assist in its deletion.
17.1. All intellectual property rights in the Platform (including software, interfaces, brand elements, and documentation) remain the property of Club Planner BV.
17.2. The Client retains ownership of all data uploaded to, stored within, or generated by use of the Platform, including Member Personal Data. Club Planner acquires no ownership rights over Client or Member data.
17.3. The licence granted under Clause 9 does not transfer any intellectual property rights to the Client.
18.1. Club Planner's data protection contact: info@clubplanner.be.
18.2. Clients should assess whether they are required to appoint a Data Protection Officer under Art. 37 GDPR. Club Planner recommends that Clients processing Special Category Data or carrying out large-scale systematic monitoring of Members obtain independent legal advice on this question.
18.3. The competent supervisory authority for Club Planner BV is the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données), Rue de la Presse 35, 1000 Brussels, www.dataprotectionauthority.be.
19.1. Club Planner reserves the right to update these T&Cs. Material changes will be communicated to the Client at least 30 days in advance by email to the primary account contact. Continued use of the Platform after the effective date of the update constitutes acceptance of the revised T&Cs.
19.2. Where a modification to these T&Cs materially affects the Data Processing Agreement in Clause 3, the Client may object within 14 days of notification. If the objection cannot be resolved, either Party may terminate the contract with 60 days' notice, with data portability rights under Clause 6.4 applying.
20.1. These T&Cs are governed by Belgian law. Any disputes shall be subject to the exclusive jurisdiction of the courts of Ghent, Belgium, without prejudice to Club Planner's right to seek injunctive relief in any competent jurisdiction.
20.2. These T&Cs replace all prior agreements, understandings, and commitments between the Parties relating to their subject matter.
20.3. If any provision of these T&Cs is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.
The following details apply to Club Planner's processing of Personal Data as Processor:
| Subject matter | Management of fitness club members, their memberships, reservations, communications, payments, and access control via the Club Planner platform. |
| Duration | For the term of the licence agreement and as specified in Clause 6.4 (post-termination). |
| Nature of processing | Collection, storage, retrieval, updating, deletion, disclosure (to Client's authorised staff), and backup of Member Personal Data. |
| Purposes | Membership management; reservation and booking; payment processing; access control; member communications; analytics and reporting for the Client; hardware access management. |
| Types of Personal Data | Identification data (name, date of birth, address, email, phone); financial data (payment method, transaction history); fitness and health data (workout history, body metrics, health conditions where provided); access logs; photographs (where used for access control); communications content. |
| Categories of data subjects | Fitness club members and prospective members; Client's staff and administrators. |
| Special Category Data | Health and fitness-related data where provided by the Client or Member; biometric data where used for access control. Processing requires Client to establish a valid Art. 9(2) legal basis. |
The following Subprocessors are currently engaged by Club Planner to assist in delivering the Platform. This list is updated as Subprocessors are added or replaced, with prior notice to Clients as described in Clause 3.3.
| Sub processor | Service | Location / Transfer Mechanism | Data Processed |
|---|---|---|---|
| [Cloud Hosting Provider: Microsoft Azure] | Infrastructure / Database Hosting | EU / EEA — Adequacy / SCCs where applicable | All Member Personal Data |
| [Payment Processor: Mollie] | Payment Processing | EU / EEA | Payment data only |
