Contracting Parties:

Processor:
Name: NINE SPORT, s. r. o.
Registered office: Ambrova 33, 831 01 Bratislava
Company ID: 51 698 994
E-mail: info@healthprofile.digital
(hereinafter referred to as the “Processor”)

Client:
(Identification data provided during registration)
Name:
Registered office:
Company ID:
E-mail:
(hereinafter referred to as the “Controller”)

Article I. Subject of the Agreement

The subject of this agreement is to define the rights and obligations between the Controller and the Processor in the processing of personal data of athletes, which the Controller enters into the platform https://healthprofile.digital/.
The Processor provides the Controller with a platform for data storage and management and ensures its technical operation and support. The Processor does not perform any active data processing operations, such as data analysis, interpretation of results, or decision-making regarding the purpose of processing.
The Controller remains the sole data controller of the personal data entered into the system.

Article II. Purpose and Legal Basis of Personal Data Processing

The purpose of the processing is the storage and availability of athletes’ personal data via the Health Profile platform for the purpose of monitoring and assessing sports performance, health status, and training parameters – all exclusively under the Controller’s supervision.
The legal basis for the processing is the performance of a contract between the Controller and the data subjects (athletes) or their legal guardians.

Article III. Obligations of the Processor

The Processor undertakes in particular to:

• Process personal data only based on the Controller’s instructions,

• Take appropriate technical and organizational measures to ensure data protection,

• Upon the Controller’s request, delete or return all data after the end of the service provision,

• Assist the Controller in fulfilling GDPR obligations, especially regarding data subjects’ rights and security incidents,

• Maintain records of processing activities under Article 30 GDPR, if applicable.

Article IV. Obligations of the Controller

The Controller undertakes to:

• Ensure a legal basis for the processing of athletes’ data (including collecting consent, where applicable),

• Inform the data subjects in time in accordance with Article 13 GDPR,

• Ensure that no personal data are entered into the system unlawfully,

• Carry out appropriate monitoring and supervision of the fulfillment of this agreement.

Article V. Duration of the Agreement

This agreement is concluded for the duration of the client’s account in the healthprofile.digital application. Upon account termination, the Processor will delete or anonymize the data unless there is a legal obligation to retain them.

Article VI. Final Provisions

• The agreement is concluded electronically by clicking consent during client registration on healthprofile.digital. This action is recorded electronically.
• The agreement is governed by the legal system of the Slovak Republic.
• The agreement becomes effective on the date of the client’s registration on healthprofile.digital.