3.1. Scope of the Services
The services include, but are not limited to:
Last updated January 2026
Terms of use document by adhesion: acceptance occurs through registration, account activation, effective use or continued use of the platform.
0.1. Acceptance
Accessing, registering, activating, using, or continuing to use the UNIFIT platform constitutes full, express, and unconditional acceptance of these Terms and Conditions (hereinafter, the “Terms”). If the USER does not agree, they must refrain from accessing or using UNIFIT.
0.2. Scope
These Terms govern the use of:
(i) the UNIFIT platform in SaaS mode;
(ii) the associated mobile or web applications;
(iii) the management panel (CMS); and
(iv) the related support, maintenance, and security services.
0.3. Binding Documentation
Annexes II, III, and IV, along with their appendices, form an integral part of these Terms. All references to pricing, payments, invoicing, taxes, or other financial conditions are expressly excluded.
0.4. Precedence
In the event of any conflict between these Terms and any specific agreement signed between UNIFIT and a USER, the provisions of such specific agreement shall prevail to the extent that they are explicit and applicable.
1.1. Provider
UNIFIT is the trade name of SEDUNI TORCAR, S.L. (hereinafter, UNIFIT or the PROVIDER), with Tax Identification Number (CIF) B-67244327 and registered office in Barcelona.
General contact: info@unifit.es
1.2. Definitions
For the purposes of these Terms, the following terms, when written with an initial capital letter, shall have the meaning attributed to them below, whether used in the singular or plural:
(a) User / Client: the legal entity that accepts these Terms and uses UNIFIT.
(b) Platform: the UNIFIT SaaS solution, its software, applications, CMS, integrations, infrastructure, and associated documentation.
(c) Services: the services provided by UNIFIT in accordance with these Terms and Annexes (support, maintenance, updates, etc.).
(d) Confidential Information: as defined in clause 17.
(e) Results: the results generated by the USER from the use of the granted licenses, as defined in clause 9.2.
UNIFIT provides the USER with access to the platform and services described in these Terms, primarily consisting of the granting of a license to use and access the UNIFIT SaaS solution, as well as technical support, ongoing maintenance, and associated services such as initial configuration and onboarding support, where applicable.
3.1. Scope of the Services
The services include, but are not limited to:
(a) License to use and implement the UNIFIT Platform and, where applicable, the USER’s apps.
(b) Maintenance and updating of the apps/platform to ensure their proper functioning and constant alignment with new technologies, devices, and versions.
(c) Monitoring of proper use and advising the USER’s team on optimizing platform use.
(d) Access to functionalities included in UNIFIT, described in detail in Annex IV – Included Functionalities, which forms an integral part of these Terms.
3.2. Service levels, support, and availability
These will be governed by Annex III (Service Level Agreement – SLA).
4.1. License Grant
UNIFIT grants the USER a non-exclusive, non-transferable license to use the UNIFIT Platform and its App for the duration of the USER’s access to the Platform or for such period as the Parties may agree, within the limits permitted by applicable law.
4.2. SaaS Configuration
The Platform is provuded in SaaS (Software as a Service) mode.
4.3. User Obligations
The USER agrees to use the Platform in compliance with applicable law, these Terms, and industry best practices.
4.4. Prohibition on Assignment and Third-Party Use
The USER may not assign or transfer the licensed rights to the Platform to third parties in any way, and its use for any purpose other than the exclusive satisfaction of the USER’s own needs is prohibited. Therefore, the USER shall refrain from leasing, lending, selling, or sublicensing the Platform to third parties.
4.5. Prohibition on Copying and Reverse Engineering
The USER shall not copy, reproduce, redistribute, reverse engineer, decompile, disassemble, modify, create derivative works from, transfer, communicate, translate, version, commercialize, duplicate, or otherwise transform the Platform, whether for profit or not. This includes any new usability features, improvements, developments, integration developments, updates, new functionalities, or added utilities. The USER shall also not remove, manipulate, or alter any physical or digital notices or labels indicating the PROVIDER’s intellectual property rights over the Platform.
All clauses relating to price, payments, invoicing, taxes, price updates, and the financial consequences of non-payment are expressly excluded from these Terms. Any financial matters will be governed, if applicable, by separate commercial or contractual documentation.
6.1. UNIFIT’s Obligations
UNIFIT:
a) Guarantees that the Services will be provided in full compliance with all applicable technical and legal regulations and in accordance with industry best practices.
b) Undertakes to maintain a professional team, adequately staffed and qualified, to satisfactorily perform the Services. UNIFIT employees who provide services at the USER’s facilities will remain under the exclusive control and supervision of UNIFIT, which will assume all social, administrative, or criminal liability for such employees. UNIFIT will retain full authority over its employees and will be responsible for communicating all instructions related to the provision of the Services.
c) Is obligated to strictly comply with all applicable labor, social security, occupational health and safety, tax, and any other legal provisions. The USER may, at any time, require UNIFIT to provide proof of compliance with these obligations. UNIFIT shall indemnify and hold harmless the USER from all amounts that may arise from salary and Social Security obligations claimed against the USER in relation to UNIFIT personnel.
d) The USER agrees, where applicable, to comply with the service levels set forth in Annex III.
6.2. USER Obligations
THE USER:
a) Agrees to provide, in a timely manner, all information and documentation available to them that may be required by UNIFIT for the proper provision of services.
b) Declares that they have been informed, prior to using/accepting these Terms, about the essential characteristics of the services provided under these Terms and/or all information regarding how and/or under what conditions they are provided or performed, in addition to any other necessary pre-contractual information.
c) Will provide any other data, relevant information, or segmentation necessary for the usability of the applications and the deployment and maintenance of the Platform.
6.3. Representations and Warranties of the Parties
Each Party represents and warrants that:
(a) It is an independent entity from the other, and its respective employees are not, in fact or in law, employees of the other Party.
(b) It is not subject to any obligation that would prevent it from accepting, performing, and complying with these Terms and is therefore free to accept and perform them.
(c) Its business is lawful under applicable regulations and it will not use the services to commit fraud, incite hatred, promote violence or obscenity, invade privacy, or engage in unsafe, illegal, or deceptive business practices.
These Terms constitute a service agreement as defined in Article 1544 et seq. of the Civil Code and other applicable provisions. Acceptance of these Terms does not create or constitute, under any circumstances, a partnership, joint venture, or employment relationship between UNIFIT and the USER.
The Parties shall act independently, and each shall be solely responsible for its own suppliers, employees, and clients, without prejudice to the rights and obligations established in these Terms.
UNIFIT may not subcontract the provision of the Services to third parties without the prior written consent of the USER, except for subcontractors already listed in Appendix II of Annex II, who are deemed authorized.
UNIFIT must notify the USER of the identity of any subcontractors at least thirty (30) days in advance. Upon receiving this notification, the USER must confirm within ten (10) days whether they authorize such subcontracting. Failure to respond within this period will be understood as consent.
In the event of subcontracting, UNIFIT will be liable to the USER for the actions of the subcontractors and will indemnify the USER against any claim, damage, or liability arising from the subcontractor’s breaches.
9.0. Ownership of UNIFIT
UNIFIT is the sole and exclusive owner of the intellectual and industrial property rights to the Platform, the software, the App, and all related documentation, including developments, adaptations, or modifications. The license to use does not imply the transfer of any rights beyond the license granted.
The license is limited to the duration of the use or relationship, to the applicable territory, and to the USER as the designated recipient.
9.1. USER Prohibitions
The USER shall refrain from copying the Platform, whether for profit or not, and, without limitation, shall not:
(a) perform reverse engineering, decompile, disassemble, copy, or reproduce the Platform;
(b) redistribute, rip, record, modify, or create derivative works of the Platform;
(c) transfer, communicate, translate, version, commercialize, duplicate, or transform the Platform, including new usability features, improvements, developments, integration developments, updates, new functionalities, or added utilities;
(d) remove, manipulate, or alter in any way any physical or logical notice or label that includes the PROVIDER’s proprietary rights to the Platform.
9.2. Assignment of Rights over the Results
UNIFIT grants to the USER, exclusively with respect to the results generated by the use of the granted licenses, for the maximum legally recognized protection period, without the right to assign these rights to third parties, and without territorial or temporal limitations, all industrial and intellectual property rights associated with and/or related to the documentation generated by the USER in connection with the provision of the services (the Results).
This assignment does not include the intellectual and industrial property rights to the methodology and know-how used by UNIFIT for the preparation and production of the results, which belong to UNIFIT.
9.3. Warranties and Liability
UNIFIT guarantees to the USER that the Services, the Platform, the license to use, and any elements made available to the USER (including the Results) shall:
(a) not infringe the rights of third parties;
(b) not contain offensive or discriminatory elements;
(c) comply with applicable regulations regarding unfair competition and the protection of trade secrets;
(d) respect confidentiality obligations towards third parties.
UNIFIT shall hold harmless the USER from any claims, damages, costs, or expenses arising from any breach of the foregoing. Likewise, the USER shall indemnify and hold harmless UNIFIT from any claims, damages, costs, or expenses arising from any breach by the USER.
9.4. Use of Trademarks and Other Rights
Each Party agrees not to use the name, trademarks, trade names, and/or any other industrial and/or intellectual property rights of the other Party without its prior written consent.
If such use is authorized, the authorized Party agrees to:
(a) not alter distinctive signs;
(b) not harm the reputation or image of the other Party;
(c) not use trademarks with unauthorized symbols;
(d) use the rights for the agreed purpose and in the agreed manner;
(e) comply with the corporate image guidelines provided by the other Party.
These Terms become effective upon acceptance and remain in force as long as the USER maintains active use of the Platform.
When a service relationship has an initial term, it will be for twelve (12) months. After this period, the relationship will automatically renew for successive one (1) year periods, unless either Party provides formal written notice of non-renewal at least sixty (60) calendar days prior to the end of the current term.
Notwithstanding the foregoing, access to and use of the Platform may be terminated early in the following cases:
(a) Mutual agreement: by written agreement between the Parties.
(b) Breach of contract: either Party may terminate pursuant to Article 1124 of the Civil Code in the event of a material breach not remedied within ten (10) calendar days of proper notification.
(c) Serious breach: in the event of a serious breach affecting material obligations, the performing Party may terminate immediately, without any period for remedy, without prejudice to any claim for damages.
In the event of termination, the Parties shall return to each other any documentation, information, or materials belonging to the other Party.
12.1. UNIFIT Liability
UNIFIT will provide the Services under its sole and exclusive responsibility and will be liable to the USER for their proper execution.
12.2. Mitigation Efforts
UNIFIT will make its best efforts to avoid or mitigate any harmful effects that may arise for the USER as a result of the provision of the Services.
12.3. Compliance and Indemnification
Each Party agrees to comply with its contractual and legal obligations and to indemnify the other against any claims from third parties or public authorities related to the Services, resulting from its own actions or omissions.
12.4. Declaration of Legal Compliance
Each Party declares that it is aware of its legal obligations and agrees to indemnify the other against any damages, losses, expenses (including attorneys’ fees), civil liability, fines, or penalties arising from claims related to its own breach, actions, or omissions, as well as those of related third parties or subcontractors.
UNIFIT will contract with a reputable insurance company and will maintain, for the entire applicable period, liability insurance with sufficient coverage to cover any potential damages that may arise from the provision of services.
14.1. Legal and Ethical Compliance
The Parties reject any breach of applicable law, irregular practices, or actions contrary to their code of conduct or ethics.
14.2. Conflict of Interest
The Parties declare that they have no connection with individuals holding senior management or executive positions in the other Party with the capacity to influence contracting or the setting of economic terms, and undertake to notify each other of any circumstance that could give rise to a conflict of interest.
14.3. Ethical Conduct and Regulatory Compliance
The Parties declare that they have acted ethically and professionally throughout the negotiation/relationship and undertake to comply with laws and regulations combating corruption, preventing money laundering, and counter-terrorism financing.
14.4. Prohibition of Improper Payments
The Parties will not make any payments, directly or indirectly, to public officials, political parties, intermediaries, or third parties if such payments are intended to influence or induce improper actions.
14.5. Financial Records
The Parties will maintain accurate and reasonably detailed financial books and records related to the relationship.
14.6. Reporting of Unlawful Conduct
The Parties undertake to inform each other of any conduct they deem to be criminal under the Spanish Criminal Code or applicable international law.
14.7. Investigation and Cooperation
The Party that becomes aware of such conduct shall conduct appropriate investigations, prepare a report, and cooperate with the authorities to determine responsibility.
14.8. Consequences of Non-Compliance
Failure to comply with the provisions of this clause shall entitle the affected Party to terminate the relationship and claim compensation for damages.
15.1. Information for Signatories/Contacts
In compliance with Article 13 of the GDPR, the Parties inform the signatories/contacts and any other persons whose data is collected for notification purposes that their personal data, as well as data generated during the performance of the relationship, will be processed for the purpose of managing, developing, fulfilling, and monitoring the relationship; sending and personalizing documentation by electronic or postal means; maintaining a contact list; and proper financial, accounting, and tax management; invoicing and administration; developing and managing the business relationship; and maintaining records, for the legally established periods.
The legal basis for processing is the performance of a contract (Article 6.1 b) GDPR) and legitimate interest (Article 6.1 f) GDPR). Processing is mandatory, and the data may be disclosed to judges and courts, banks, the Tax Agency, and other third parties when required by law. as well as financial auditors, competent Public Administrations for control, registration, and inspection, and public notaries.
The data will be processed for the duration of the relationship and, once it has ended, will be stored in a blocked state for the period during which liabilities may arise. To exercise rights of access, rectification, objection, erasure, portability, and restriction of processing, the Parties may contact:
They may also file a complaint with the Spanish Data Protection Agency (www.aepd.es).
15.2. Role as Data Processor
UNIFIT will act as the Data Processor with respect to the personal data it accesses through the use of the service and will be governed by Annex II – Data Processing Agreement, which forms an integral part of these Terms.
16.1. Information Security and Business Continuity
UNIFIT is committed to protecting and ensuring the security of USER information. UNIFIT will provide the USER with risk analyses upon request, demonstrating UNIFIT’s commitment to information security.
UNIFIT states that it has a Business Continuity Plan in place.
16.2. Security Incident Reporting
UNIFIT must have an established incident management procedure, including investigation procedures. It is obligated to report any threat or incident immediately upon detection, informing the USER of:
(a) How it was investigated;
(b) What escalation procedure was followed;
(c) The measures taken;
(d) Legal actions;
(e) Measures taken to prevent recurrence;
(f) Feedback within the security management system.
UNIFIT will immediately notify the USER of any incident or threat that may affect their information assets, such as unauthorized access, disclosure, or use without consent, including security breaches of systems, LANs, or networks that contain, process, or transmit sensitive or confidential information.
16.3. Reversion Plan
In the event of termination or dissolution, the Parties will mutually agree upon a reversion plan that guarantees continuity of service for the USER, including, where applicable, an orderly transfer to another provider. An assessment and planning of the necessary activities for service termination will be carried out, and updated and accessible documentation will be ensured. An exit committee will be established. The actions necessary for service termination will not incur any costs for the USER.
17.1. Confidential Nature
The Parties consider the existence, purpose, and content of these Terms, as well as any information disclosed by one Party (Disclosing Party) to the other (Receiving Party) in connection with the relationship, to be confidential, and shall take reasonable measures to prevent its dissemination and access by unauthorized persons.
17.2. Scope of Confidential Information
Confidential Information includes, but is not limited to, ideas, software applications and their content, processes, structures, databases, concepts, methods, drawings, drafts, techniques, inventions, operations, methodologies, systems, plans or intentions, know-how, source code, designs, trade secrets, opportunities, financial or business matters, and any economic, financial, technical, commercial, strategic, administrative, personnel, or business information, whether oral or written, in any format, including analyses, reports, forecasts, and studies.
17.3. Exceptions
Information shall not be considered Confidential Information if it:
(a) is obtained from public sources or third parties without breach;
(b) is generated by a Party without using Confidential Information; or
(c) is made public without breaching these obligations.
17.4. Disclosure to Authorities
Confidential Information may be disclosed to authorities if required by law or mandate. The Receiving Party must inform the Disclosing Party as soon as possible and take measures to prevent disclosure to the extent legally possible.
17.5. Obligations of the Parties
Consequently, the Parties agree to:
(a) Exercise the utmost diligence to protect Confidential Information, ensuring secure means and internal organization.
(b) Limit the number of people with access to what is strictly necessary.
(c) Maintain secrecy and not disclose it, in whole or in part, without written consent, except to employees of the work team. The Parties will inform their employees of the confidential nature of the information. Documentation demonstrating the commitment to confidentiality may be requested.
(d) Not reproduce, transform, or use the Confidential Information outside of its intended purpose.
(e) Return or destroy, upon termination and upon request, all materials containing Confidential Information.
17.6. Duration of the Obligation
The confidentiality obligation will remain in effect even after termination for a period of five (5) years.
18.1. Limitation of Liability
Neither Party shall be liable for any failure to perform due to Force Majeure, understood as unforeseeable or unavoidable causes that result in non-performance.
18.2. Notification
The affected Party shall immediately notify the other Party of the occurrence of such an event, providing details.
18.3. Effect on Obligations
Force Majeure shall suspend obligations. If the provision of Services is interrupted for thirty (30) days or more, whether continuously or intermittently, either Party may terminate this Agreement.
Notifications sent by any of the following means shall be valid:
(a) Courier with proof of delivery;
(b) Certified mail; or
(c) Email.
Addresses for notification purposes:
Notifications will be considered validly delivered upon acknowledgment of receipt by email, either express or automated.
Either Party may notify changes of contact information or email address. The notification will take effect 10 calendar days after it is deemed delivered or on a later date specified.
20.1. Modifications
These Terms may not be modified except by a written document duly accepted by the Parties or by an update published by UNIFIT with acceptance by use in accordance with clause 0.
20.2. Assignment
The relationship is based on personal trust. UNIFIT may not assign its contractual position or rights or obligations (including rights of receivable) without the prior written authorization of the USER, except for assignments to companies within the UNIFIT Group, in which case notification to the USER will suffice.
Any assignment by either Party must be formalized in writing, and the assignee will be subrogated to the rights and obligations of the original parties.
20.3. Entire Agreement
These Terms and their Annexes constitute a single agreement with respect to the matters governed herein and supersede all prior agreements.
20.4. Severability
If any provision becomes illegal, invalid, or unenforceable, it will be severed without affecting the validity of the remaining provisions. The Parties agree to replace it with another provision having more similar economic effects (to the extent applicable, without prejudice to the economic exclusion in clause 5).
20.5. Waiver
A waiver of any provision shall not be binding unless made in writing.
20.6. Headings
The headings are used for convenience and do not affect the interpretation.
The Parties agree that acceptance of these Terms may occur by electronic means, provided that the authenticity of the USER’s will and the integrity and unalterability of the document are proven, including platform acceptance mechanisms, audit records, logs and/or equivalent evidence.
These Terms shall be governed by Spanish law.
The Parties agree to attempt to resolve any dispute amicably.
If no agreement is reached within one month of notification of a dispute, either Party may resort to legal action.
By expressly waiving any other jurisdiction, the Parties submit to the jurisdiction of the Courts of the city of Barcelona for the resolution of any dispute, claim, or controversy arising out of or in connection with these Terms.
On the one hand, the Party referred to as “USER/Client” (hereinafter, the Data Controller or the Controller).
Hereinafter, each “Party” individually, and collectively, the “Parties.”
Both Parties, acknowledging their legal capacity,
DECLARE:
I. That, for the provision of the services regulated in these Terms, the Processor needs to access and process personal data under the responsibility of the Controller.
II. That, to regulate such access and processing, both Parties agree to this Agreement, which shall be governed by the GDPR, the LOPDGDD, and other applicable regulations (hereinafter, the Applicable Regulations), and by the following:
1.1. Define the conditions under which the Processor will carry out the processing of personal data necessary for the proper provision of the Services provided to the Controller.
1.2. In particular, the Processor will process the data necessary to fulfill the processing activities required to achieve the purpose defined in these Terms.
1.3. The provision of the Service implies the Processor’s performance of the Processing described in Appendix I.
This Agreement shall remain in effect for the entire duration of the Service. However, any stipulations that, by express or implied intent, continue after termination or expiration shall remain in force.
The processing will be limited to the actions necessary to provide the Services.
The Processor will process Personal Data in accordance with the instructions of the Controller and applicable regulations.
The Processor undertakes not to carry out any other processing or to apply or use the data for any other purpose.
If the Processor deems processing for a different purpose necessary, it must request prior written authorization. Without authorization, it may not carry out such processing.
The Controller undertakes to make available to the Processor the personal data and/or information necessary for the processing for the provision of the Service.
The Processor undertakes to:
a. Purpose and Compliance with Instructions
Process personal data solely for the purpose of providing the contracted Service, in accordance with the instructions of the Controller (unless otherwise required by law, in which case prior notification will be given, unless prohibited by law).
b. Confidentiality
Maintain confidentiality regarding personal data, even after termination of the Service, and ensure that all personnel under its supervision undertake to maintain confidentiality in writing.
c. Security
Ensure appropriate technical and organizational measures are in place to provide an adequate level of security, taking into account the state of the art, costs, nature, scope, context, purposes, and risks.
d. Custody and Non-Disclosure
Keep personal data under its control and custody and not disclose, transfer, or communicate it, even for storage purposes, to third parties.
e. Return and Destruction
Return the personal data and, if applicable, the storage media to the Controller upon completion of the Service, which entails the complete erasure of data from the Processor’s equipment.
The Processor may retain the data in a blocked state if liability could arise. The Data Controller shall provide certification of the return or confidential destruction of the data and the absence of copies within the maximum period established by the Data Controller from the date of the request.
f. Cooperation with Authorities
Cooperate with the Spanish Data Protection Agency (AEPD) or other Supervisory Authority, upon request, in the performance of its duties.
The Processor shall notify the Controller without undue delay and no later than 24 hours after becoming aware of any security breaches, providing support in notifying the Supervisory Authority and, where applicable, the data subjects, as well as support in impact assessments and prior consultation where appropriate.
The Processor shall provide, at a minimum:
(a) A description of the nature of the breach, categories and approximate number of data subjects and records affected.
(b) The name and contact details of the Data Protection Officer (DPO) or other point of contact.
(c) A description of the potential consequences.
(d) A description of the measures taken or proposed, including mitigation measures.
If it is not possible to provide all the information at once, it may be provided in stages, without undue delay.
If data subjects exercise their rights with the Data Processor, the Processor shall immediately forward the request to the Data Controller and, at the latest, within three (3) calendar days of receiving it.
The Data Processor shall take the necessary measures to address these rights, following the instructions of the Data Controller. The Data Processor shall be liable for any negligence in failing to address these rights and for any resulting damages.
As a general rule, subcontracting of the Service is prohibited. Notwithstanding the foregoing, the Controller may expressly authorize in writing the use of a Sub-processor, whose details and the services to be provided must be notified at least one (1) month in advance and shall be included in Appendix II.
The Processor will inform the Controller of any planned changes, including additions or replacements, and will provide an opportunity for objection.
The Controller will transfer the obligations of this Agreement to the Subprocessor and ensure appropriate safeguards. A GDPR-compliant contract must be executed, and the Subprocessor will be subject to the same conditions.
The Processor will provide the Controller, within thirty (30) days of the request, with the information necessary to demonstrate compliance, and may provide a copy of the contract with the Subprocessor.
The Controller reserves the right to conduct follow-up, monitoring, reporting, audits, and procedures to ensure compliance.
Access to data is authorized for individuals who provide services to the Processor in a commercial (non-employment) relationship within its organizational framework, and for general services or maintenance companies/professionals (IT, consulting, auditing, etc.) provided that the Service is not subcontracted.
The Processor shall not carry out international transfers outside the EEA without the prior written authorization of the Controller. In the absence of such authorization, no third party may access the data.
If authorized, the Processor will facilitate procedures to formalize the transfer and ensure appropriate safeguards. If Standard Contractual Clauses are used, they will be attached.
The Processor will be fully liable and will indemnify for damages arising from any breach. The Processor will indemnify the Controller for damages caused by any Sub-processor due to breaches, including unauthorized transfers.
If there are Sub-processors outside the EEA, an appropriate recognized mechanism will be applied. In the absence of an adequacy decision, Standard Contractual Clauses will be signed in accordance with Decision 2021/914/EU, using Module 3 (processor to processor) and selecting compatible clauses.
The Processor shall permit and cooperate with audits of its information systems, including inspections, by the Controller or an authorized auditor, with seven (7) days prior notice.
The Controller may conduct as many audits as it deems necessary. These audits shall be conducted during business hours and shall not interfere with business operations unless absolutely necessary. The Processor shall receive a copy of the audit report.
The Controller shall bear the cost of the audit, unless non-compliance is detected, in which case the Processor shall bear the cost of the audit and mitigation measures.
The Parties undertake to comply with all obligations set forth in this Agreement and in the Applicable Regulations.
If the Processor or any Subprocessor breaches this Agreement or the applicable regulations by determining the purposes or means of the processing, it shall be deemed a data controller.
The Processor shall be liable for infringements where it:
(a) uses the data for purposes other than those authorized;
(b) discloses the data to unauthorized third parties;
(c) uses the data improperly; or
(d) fails to implement the appropriate security measures provided for in this Agreement.
The Processor shall indemnify the Controller against any claim, damage, debt, loss, fine, penalty, cost, or expense, including reasonable attorneys’ fees, arising from breaches of its obligations.
Both Parties shall be equally liable for damages arising from negligent or culpable conduct in the performance of their obligations.
Any breach of the provisions of this Agreement may constitute grounds for termination and shall give rise to compensation for the damages incurred.
If they are required to have a Data Protection Officer (DPO), the Parties shall identify the following contacts:
This Agreement is governed by Spanish and European data protection regulations and guidelines from competent authorities. In the event of any disputes, the Parties submit to the jurisdiction of the Courts of Barcelona.
I. Services to be provided to the Controller that involve access to the Data:
The Processor will process the Data as necessary to provide the services in accordance with the Agreement, using Data owned by the Controller for the provision of the Service.
II. Categories of personal data:
☒ Identifying data (name and surname, NIF/DNI, address, telephone, image/voice).
☐ Academic and professional data.
☐ Employment details.
☐ Data on transactions of goods and services.
☐ Other: [________________________________________________]
III. Categories of data subjects:
☐ Clients.
☐ Prospective students.
☐ Students.
☐ Alumni.
☐ Employees.
☐ Candidates.
☐ Website users
IV. Duration of treatment:
The treatment will continue for the duration of the contractual relationship between the Controller and the Processor.
Name of the entity | Tax ID | Address | Place of provision of the Services | Guarantee (in case of international transfers) | Description of the Services.
1. Digital Ocean | EU528002225 | 101 Avenue of the America, New York 10013 | Europe (Amsterdam) – Data center Amsterdam 3 | – | Server hosting
2. Firebase (Google Cloud) | IE3668997OH | Ireland, Clanwilliam Place | Europe, Ireland | – | Push notification service
The cost of the platform license includes maintenance and updates, which will be carried out directly by the UNIFIT team whenever necessary.
Scope of Service
(a) Regular app updates according to app store requirements.
(b) Regular app updates according to operating system and programming language requirements.
(c) Maintenance of servers and databases necessary for the proper use and operation of the platform.
UNIFIT offers first-line technical support for platform operational issues and defines the communication flow with the center for other types of incidents.
Service Scope
(a) Direct access widget from the platform for reporting incidents or suggestions for improvement.
(b) Incident management and user response.
(c) Definition of FAQs and key messages.
(d) Rerouting to the center’s key teams or departments for day-to-day incidents (attendance, schedules, etc.).
Critical Issue:
Problems that prevent basic use of the application, seriously affecting the user experience or compromising data security.
Estimated resolution time:
A maximum of 24 hours from the time the issue is reported until its resolution, not including platform validation times by the App Stores (Apple Store and Google Play) if the issue requires an update.
Minor Issue:
Minor problems that do not significantly affect core functionality. These may include minor errors or features that do not operate as expected, but do not prevent general use.
Estimated resolution time:
Between 24 hours and a maximum of 4 days from the time the issue is reported until its resolution, not including platform validation times by the App Stores (Apple Store and Google Play) if the issue requires an update.
Under these Terms, the service includes access to and use of the UNIFIT platform with the following functionalities (according to the scope configured for the USER):
These functionalities are part of the standard scope of the UNIFIT solution and are considered included in the license, except in the case of technological advancements or custom development requested by the USER (to be regulated in separate documentation, excluding financial terms in these Terms).