Processing of personal data — Coach12
Version: 2.1
The Dutch version (dpa-nl.md) is the primary; this English version is a translation provided for non-Dutch-speaking users. In case of conflict, the Dutch version prevails.
1. Short answer: you don’t need to sign a data processing agreement
Coach12 is used by private individuals: a team manager, trainer or parent organising the team of their own child. You are a consumer, not a business, and you do not need a Chamber of Commerce (KvK) registration to use Coach12.
A separate data processing agreement (DPA) is meant for the situation where an organisation engages a supplier to process personal data on that organisation’s behalf. That situation does not apply here:
- Coach12 is itself the data controller for the personal data in the app. We determine how and why data is processed, for example the fair duty distribution, the retention periods and the security. We record this in our Privacy Policy, not in a contract that you have to sign.
- You use Coach12 in a personal context, for your child’s team. No obligation to enter into a data processing agreement applies to that.
In other words: everything a data processing agreement normally covers, we have already set out in our Privacy Policy and Terms of Service. You don’t need to sign anything or fill anything in.
2. Transparent all the same
Even though you don’t need to sign anything, we think it’s important that you know exactly how we handle data. Below are the same commitments that normally appear in a data processing agreement, here given as our undertaking.
2.1 What we use data for
Solely to provide the Service: duty assignment, match and training management, and communication with team members. We do not use personal data for our own purposes such as marketing or profiling outside the Service.
2.2 What data we process
- Identifying data: name, email address
- Role information within the team
- Preferences and availability (availability status, task preferences)
- Player information: name, age category, caretaker relationship
- Activity data: duty assignments, attendance records
- Technical data: IP address, browser user-agent (in logs)
We are not designed for special categories of personal data (such as health, race, religion or political beliefs). Please do not enter those, not even in a free-text notes field.
2.3 Security
We take appropriate technical and organisational measures, including at least:
- Encryption in transit (TLS 1.2+)
- Encryption at rest (Azure level)
- Access control and least-privilege
- Audit logging on administrative actions
- Secrets in a secrets manager
- Regular, encrypted backups
2.4 Data breaches
Should a data breach unexpectedly occur, we handle it in accordance with the GDPR and, where necessary, inform the Dutch Data Protection Authority and the data subjects, without undue delay.
2.5 Retention and erasure
We keep minimal personal data and delete everything automatically within 30 days after the end of the season or the trial period. You can also have your data deleted sooner via info@coach12.nl.
2.6 Processing within the EEA
All sub-processors that process personal data from the application do so within the European Economic Area (EEA). The cookieless website analytics on the marketing site (Microsoft Clarity) processes no app or customer data and may process data outside the EEA on the basis of the EU Standard Contractual Clauses (SCCs) and the EU–US Data Privacy Framework.
2.7 Your rights
You have the right to access, rectify and erase your data. How to exercise those rights is set out in our Privacy Policy.
3. Sub-processors
We engage a limited number of sub-processors to provide the Service. A data processing agreement with at least the same level of protection is in place with each of them.
| Sub-processor | Purpose | Processing location |
|---|---|---|
| Microsoft Azure (Container Apps + PostgreSQL) | Hosting + database | EU (North Europe, Ireland) |
| Resend | Transactional email | EU (Ireland) |
| Mollie | Payment processing | EU (Netherlands) |
| Microsoft Clarity | Cookieless website analytics on the marketing site (no app or customer data) | US / global (Microsoft; SCCs + EU–US Data Privacy Framework) |
Microsoft Clarity processes only anonymised visitor data from the marketing site coach12.nl and does not touch any personal data covered by this data processing agreement. A current list is available on request via info@coach12.nl.
4. For clubs and federations
Are you acting on behalf of a club, foundation or federation that does formally need a data processing agreement, for example because the club is itself the controller for a larger membership administration? Then please get in touch via info@coach12.nl. For those kinds of B2B situations (the Club plan) we make a suitable bespoke arrangement. For ordinary use by a team manager, trainer or parent it is not needed.
5. Contact
- Email: info@coach12.nl
Last updated: 2026-06-13 Version: 2.1