Il testo legale ufficiale è attualmente disponibile in inglese. Stiamo preparando traduzioni con revisione umana.

Data Processing Addendum (DPA)

Last updated: 27/10/2025

1. Parties & scope

This DPA forms part of the agreement between Pitch Time ("Processor") and you ("Controller") for use of the Service. It governs our processing of personal data on your behalf.

If your organization is subject to GDPR/UK GDPR, this DPA applies to personal data you upload or collect through the Service about your players, parents/guardians, or staff.

2. Roles

You are the Controller. We are the Processor. We process personal data solely on your documented instructions as described in the Agreement and this DPA.

3. Processing details

Subject matter: Providing the Service (lineup planning, playing time tracking, team management).

Duration: For the term of your use plus backup retention.

Nature & purpose: Hosting, storage, analysis, and transmission of data to deliver and improve the Service.

Categories: Players, parents/guardians, coaches, club admins. Data types: names, contact info, jersey numbers, game events, minutes played, device data.

4. Instructions

We will process personal data only on your documented instructions. You can provide additional instructions via support; if they conflict with the Agreement, we may notify you and seek clarification.

5. Security measures

We implement appropriate technical and organizational measures as described in our Security Overview. You are responsible for configuring and using the Service securely.

6. Sub-processors

We use sub-processors listed at Sub-processors. We will notify you of changes where legally required and give you an opportunity to object.

7. International transfers

If we transfer personal data internationally, we will use appropriate safeguards (e.g., Standard Contractual Clauses) unless an adequacy decision applies.

8. Confidentiality

We ensure personnel processing personal data are bound by confidentiality obligations.

9. Data subject rights

We will assist you in responding to requests from data subjects, taking into account the nature of processing and available tools.

10. Data incidents

We will notify you without undue delay after becoming aware of a personal data breach affecting your data, including details to help you meet notification obligations.

11. Return or deletion

Upon termination or at your request, we will delete or return personal data unless retention is required by law. Backup copies will be deleted per our retention schedule.

12. Audits

We will provide information reasonably necessary to demonstrate compliance with this DPA and allow audits as required by applicable law, subject to confidentiality and frequency limits.

13. Priority

If there is a conflict between this DPA and the Agreement, this DPA prevails for data protection matters.