Last revision: April 14, 2022
individually referred to as a "Party", or collectively as "Parties".
The Agreement consists of these Terms of Service as well as the Service Order. The Agreement enters into force when the Subscriber signs the Service Order.
For the avoidance of doubt, section 3 of the Agreement constitutes the "Data Processing Agreement" between the Parties and otherwise establishes the Parties’ processing roles under applicable privacy law.
The Service is defined in the Service Order. The Subscriber enters into a separate agreement with the Workout Trackers, in order for Provider to offer its Service. "Workout Trackers" shall in this Agreement mean providers of tracking devices and/or services for workouts, such as Garmin, Polar, etc. By using the Workout Trackers, the data from the Users' workouts are submitted to the Provider in order for the Provider to offer its Service. The Provider manages the agreement between the Subscriber and the workout tracker in line with good care and conduct.
Further, the Service is offered on a Software as a Service basis. The Subscriber therefore acknowledges that the functionality in the Service may change. The Service is not tied to any specific version of the underlying software.
A "User" shall mean a physical person who has been invited to the Service or otherwise approved by the Subscriber.
The Initial Term of this Agreement runs from the Effective Date as specified in the Service Order. Initial Term means the term that the Service will be available for Subscriber.
The Subscriber shall pay the agreed upon service fee ("Service Fee") in accordance with the terms specified in the Service Order. The subscription fee will be invoiced periodically as specified in the Service Order.
Payment shall be made no later than 14 days after receipt of an invoice from the Provider. Failure to submit payment within 14 days entitles the Provider to claim interest on any overdue amount in accordance with the Late Payment interest Act (“forsinkelsesrenteloven”) or other applicable law. All prices in the Agreement are excluded VAT.
The Service Fee will be adjusted at the start of every calendar year with the highest percentage of i) 4%, or ii) the increase in the retail price index (the main index) of Statistics Norway for the last calendar year. The Subscriber is not entitled to set off the subscription fee against any claim the Subscriber has towards the Provider.
The terms “personal data”, “sensitive personal data”, “processing”, “controller”, “processor”, “data subject”, “business“, and “service provider“ used herein shall have the meaning assigned to them in applicable data privacy legislation. For purposes of this Agreement, “personal data” shall also mean “personal information” under applicable data privacy legislation. Processing of personal data pursuant to this Agreement is subjected to applicable statutory data privacy regulation, including EU regulation 2016/679 (“GDPR”), the UK Data Protection Act 2018 and the UK General Data Protection Regulation, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) (collectively, the “CCPA“), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, and the Utah Consumer Privacy Act.
This section fulfils the requirements for data processing agreements and shall govern the Provider’s processing of personal data on behalf of the Subscriber.
The Subscriber will act as controller or a business, as applicable, for
The Subscriber agrees and warrants that:
The Provider may only process personal data on behalf of the Subscriber during the term of the Agreement, or as otherwise permitted for processors or service providers under applicable law.
The processing of personal data by the Provider on behalf of the Subscriber shall only cover the categories of personal data that are implied under the Agreement and as facilitated for by the Service, for the purposes specified below and only to the extent necessary to fulfil such purposes.
The Provider will process personal data for the purposes of
The Provider shall anonymize and aggregate data when required to improve the Service pursuant to ii).
Section 3 of the Agreement is valid for as long as the Provider processes personal data on behalf of the Subscriber.
The Service will process personal data on two categories of data subjects. These are i) Subscriber’s personnel who uses the Services, mainly Users and administrators and ii) participants, jointly referred to as the data subjects.
For category i) the purpose is to enable usage, communications, invoicing, support and such that are needed to deliver the service to the subscriber. We process names, phone numbers and email addresses, as well as their current position. For category ii) the purpose is to deliver the core functionality of the service. The Service may receive and process data from sign up forms such as names, email addresses and phone numbers. Furthermore, the Service accepts personal data from multiple work out trackers with varying message formats and content. While the service technically receives workout records including workout duration, energy consumption, distance, elevation gain, location, time of workout, device name and type, max speed, max and min heart rate, steps, activity type, and max cadence, personal data that is not necessary to deliver the Service for the Subscriber is routinely discarded and not object to further processing or storage.
The Provider does not intend to process sensitive or special categories of personal data. Without limiting any other provision contained herein, if the Subscriber and/or Users choose to submit special categories of personal data to the Service, then the Subscriber and/or User shall collect all consents and provide all notices required by applicable law.
The Provider shall process personal data only in accordance with the Agreement or pursuant to written instructions from the Subscriber. The Provider shall immediately inform the Subscriber if, in its opinion, an instruction infringes applicable laws and/or regulations. Upon reasonable written request of Subscriber, the Provider shall, not more than once per calendar year, make available to Subscriber all information in Provider’s possession necessary to demonstrate compliance with applicable data privacy law.
The Provider shall ensure that persons authorized to process the personal are subject to confidentiality obligations.
The Provider shall by appropriate technical and organizational measures, insofar as this is possible, reasonably assist the Subscriber for its:
The Provider shall be entitled to charge the Subscriber for its costs related to such requests.
The Provider shall have and be able to document appropriate technical and organizational measures to protect data from loss, misuse and unauthorized alteration or disclosure, in accordance with applicable statutory data protection regulation. The documentation may be made available to the Subscriber upon request. Furthermore, the Provider shall control access to data on a need-to-know basis and ensure strong authentication for systems allowing access to data. Where data is in transit the Provider shall ensure suitable security measures, such as encryption and integrity protection. The Provider shall ensure procedures are in place for deleting personal data that are no longer relevant for providing the Service.
In case of a personal data breach, the Provider shall notify the Subscriber in accordance with applicable data privacy law. Unless prohibited by law, the Provider shall promptly notify the Subscriber of any request for the disclosure of or access to data by government authorities. The Provider will disclose the Subscriber’s data to government authorities solely when necessary to comply with legally binding requests.
The Provider shall notify the Subscriber of any request received directly from a data subject without responding to that request, unless the Provider has otherwise been authorized to do so in writing, or is obligated to comply pursuant to applicable law.
The Provider may use sub-processors in its processing of personal data on behalf of the Subscriber. The Subscriber accepts the Provider’s use of the following sub-processors:
Sub-processors Google Cloud Platform (Google LLC) utilises designated EU-based facilities as their main location for storage and processing of personal data.
The Provider shall, by written agreement with its sub-processors, ensure that any processing of personal data carried out by a sub-processor is governed by substantially the same obligations and limitations as those imposed on the Provider pursuant to section 3 of this Agreement. To the extent a written agreement between the Provider and a sub-processor designates the Provider as a controller, the Subscriber grants the Provider power of attorney to act as a controller on behalf of the Subscriber within that written agreement. The power of attorney shall be limited by the provisions of the Agreement and Subscriber’s documented instructions.
Use of the sub-processors specified above does not entail transfer of personal data originating from the EEA or United Kingdom to a third country outside the EU/EEA. If the Provider plans to change an existing or add a new sub-processor, it shall notify the Subscriber in writing two weeks prior to any processing by the new sub-processor. The Subscriber is entitled to object to the change of sub-contractors by providing written notification within two weeks from receipt of the written notification. Should the subscriber object to the change, the Agreement shall automatically terminate one week after the Provider received written notification of the termination. To the extent the Subscriber does not terminate the Agreement, the change of sub-processors shall be deemed as accepted.
The Subscriber may subscribe to notifications of new sub-processors by filling out this form.
The Service permits integration with third party services which allows the Subscriber to submit, or make available, data subjects’ personal data directly and automatically from the third party service to the Service. Such submission of, or grant of access to, personal data shall be considered to be based on the candidates’ consent. Personal data submitted to the Service through a third party shall be subject to the same rights and obligations as specified in this Agreement.
All personal data received from the Subscriber will be deleted in accordance with the Provider's retention policy in force at any given time.
Certain types of Service maintenance may imply a stop or reduction in availability of the Service. The Provider does not warrant any particular level of Service availability, but will provide its best effort to limit the impact of any planned maintenance on the availability of the Service.
Provider shall within reasonable time notify the Subscriber of any planned maintenance that may affect Service availability.
There is an error if the Users are not able to access the Service or a material function in the Service, and/or the Subscriber is not able to make use of the Service in accordance with this Agreement, and this is caused by circumstances which are the responsibility of the Provider. The Subscriber acknowledges that errors might occur from time to time and the Subscriber waives any right to claim for compensation as a result of errors in the Service, except when such errors are a result of the Providers gross negligence or intent.
When an error occurs, the Subscriber shall notify the Provider of the error and provide a description of the error situation. The Provider shall use reasonable commercial effort to correct the error within reasonable time. If requested by the Provider, the Subscriber shall provide necessary assistance to reproduce/identify the error situation.
The Subscriber undertakes that it will use the Service in accordance with applicable law and regulations and in accordance with the requirements in the Agreement. The Subscriber is responsible for the material and information that the Subscriber and its Users produce by using the Service.
The Subscriber will not, and will not permit any User or third parties to, directly or indirectly reverse engineer, decompile, disassemble or otherwise make any unauthorized attempt to discover or obtain the source code to any of the Provider's Services. Any such attempt may affect the performance of the Services, of which the Provider is not liable for under such circumstances.
Further, the Subscriber warrants to not use the Services in any illegal, infringing or harmful way by attempting to bypass any measures that the Provider may have put in place to prevent or restrict information within the Services.
The Agreement has an agreed upon Initial Term running from the Effective Date, as defined in the Service Order. The Agreement is automatically renewed for new periods of same duration (each a "Renewal Term"), unless the Agreement is terminated by one of the Parties.
Either Party may terminate the Agreement with effect from the expiry of the Initial Term or any Renewal Term by giving the other Party a written notification within three months before the end of the Initial Term or any Renewal Term.
Upon termination of the Agreement, the Subscriber may in writing request the Provider to hand over all personal data that the Subscriber has stored in the Service. Submission of such personal data shall be done on a suitable data medium chosen by the Provider.
Regardless of the duration of the Agreement as per Section 7.1, the Agreement may be terminated in the following situations:
Any rights, remedies, obligations, or liabilities accrued before the date of termination shall not be affected.
Any prepaid or remaining Service Fees as per the date of termination will not be refunded.
All trademarks, graphics and logos used in connection with the Provider's performance of the Services are trademarks or registered trademarks of the Provider or its licensor. Other trademarks, graphics, logos and other Intellectual Property Rights may be the rights of other third parties.
The Provider warrants to have the right to use the Intellectual Property Rights in connection with the Services, and to keep the Subscriber and its Users harmless of any third-party infringement related thereto.
In the event of the Provider infringing the Intellectual Property Rights of any third-party, either allegedly or factually, the Provider reserves the right to terminate the Agreement with immediate effect.
The Provider retains all rights to all elements of the Service. The Subscriber is granted a limited, revocable, non-exclusive and non-transferable right to use the Services as required in accordance with this Agreement and solely for the purpose of this Agreement. The Subscriber does not receive any license or usage rights to the Service beyond what is explicitly stated in this Agreement.
The Subscriber has no right to sell, lend, sub-license and/or distribute the Provider's Services in any way and acknowledges that any such actions or actions related thereto would represent a violation of this Agreement.
The Provider is entitled to transfer its rights and obligation pursuant to this Agreement to a third party as part of a merger or acquisition process, or as a result of other organizational changes. The Subscriber’s transfer of any rights and obligations shall be subjected to the Provider’s written authorization.
The Provider has the right to refer to the Subscriber’s use of the Service in Provider’s marketing activities. This includes use of Subscriber’s company name and logo on Provider's website, in presentations and in other marketing materials.
If the fulfilment of the Agreement in whole or partly is prevented or to a major degree made difficult by circumstances that are outside the Parties’ control, the Parties’ obligations shall be suspended to the extent the circumstances are relevant, and then for so long time as the circumstances last. Such circumstances include, but are not limited to, strike, lock-out, pandemics, a force majeure situation impacting sub-processors and sub-contractors and any other circumstance that according to the Norwegian law is considered force majeure. Each Party is entitled to terminate the Agreement with one month’s written notice, if the force majeure situation makes it particularly burdensome for such Party to maintain the Agreement.
There is a breach of the Agreement if one of the Parties does not meet their obligations as defined in the Agreement.
The Party in breach of contract has the right and obligation to remedy any breach of contract within reasonable time. To the extent the Provider attempts to repair the relevant errors in the Service within reasonable time, the following shall not be deemed as breach of Provider’s obligations:
In the event a Party in material breach of this Agreement has failed to correct such material breach within thirty (30) days after receiving written notice thereof by the suffering Party, the suffering Party may terminate the Agreement with immediate effect if the material defect has not been remedied within the expiry of the thirty (30) days' period.
Neither Party shall be liable to the other Party for any incidental, special, consequential, or indirect damages of any kind (including without limitation damages for interruption of business, loss of data, loss of profits or the like) regardless of the form of action, whether in contract, tort (including without limitation negligence), strict product liability, or other, even if advised of the possibility of such damages (jointly "Indirect Damages").
The total and maximum liability in each 12-month period of either Party towards the other Party under any provision of the Agreement or any transaction contemplated by the Agreement shall in no event exceed an amount equal to 50 % of the agreed Service Fee.
The above limitations shall not apply to damages attributable to fraud, gross negligence or intentional misconduct.
The Provider is entitled to suspend the Subscriber’s access to the Service if due payment has not been submitted within 15 days after due date. The Provider shall provide at least five days prior written notification before any suspension of the Service is implemented. The Provider may also suspend any other assistance pursuant to the Agreement or other agreement until such payment has been done.
The Provider can with immediate effect close or suspend access to the Service if the Subscriber or any of its Users abuse the Service or if the Subscriber otherwise is in material breach of its obligations pursuant to this Agreement.
To the extent the Service facilitates access to services provided by a third party, the Subscriber shall comply with the terms governing such third-party services. The Provider shall not be held liable for any errors, omissions, inaccuracies, etc. related to such third-party services.
The Provider reserves the right to amend and change the terms of this Agreement with effect from the Customer's next Renewal Term by giving notice at least sixty (60) days prior to any changes.
If the change in the Agreement is due to change in a legal obligation imposed by a governmental or public body, the change in the Agreement will take effect at the same time as the change in the legal obligation.
Notice shall be given by e-mail to the e-mail address in the Service Order (or subsequently updated email address).
If the Subscriber continues to use the change of the Agreement for a Renewal Term, this constitutes the Subscribers acceptance of the change in the Service Fee. Payment of a subsequent invoice shall be deemed as an acceptance of the Agreement. If the Subscriber fails to agree to the new Service Fee, the agreement will terminate with effect from the expiry of the then applicable Service Fee as the case may be.
Both Parties, its sub-processors and other persons acting under the authority of the Parties, agree to keep the terms and conditions of the Agreement confidential and not to inform any third party about its content unless required to do so by law or regulation or if mutually agreed upon in writing by the Parties.
The confidentiality obligations also apply after the termination of the Data Processing Agreement.
The Agreement shall be governed by and interpreted in accordance with Norwegian law.
Disputes arising in connection with or as a result of this Agreement shall be settled by court proceedings, unless the Parties agree otherwise. The Parties agree on Oslo city court as their legal venue.
If any part of this Agreement is found to be invalid due to mandatory statutory law or a final legal judgment, it shall only affect those parts found to be invalid. The remaining parts of the Agreement will still be enforceable.