1. Legal Entity
Music on the Block (“Service Provider”) operates the platform under the domain mijnmotb.
Legal details
- Music on the Block
- Graafschapstraat 34, 2033JM Haarlem, Netherlands
- KvK: 54390052
- Email: info@musicontheblock.nl
The Service Provider enters into agreements with the School as defined below.
________________________________________
2. Definitions
Platform
A software system providing administrative and operational tools for music education management.
School / Client
Music on the Block, being the sole organization using and contracting the Platform.
End Users
Teachers, students, parents, and staff accessing the Platform under the School’s account structure.
Personal Data
Any information relating to identified or identifiable natural persons processed through the Platform.
3. Platform Structure (Single-Client System)
The Platform is a single-client, dedicated system operated exclusively for Music on the Block.
It is not a multi-tenant SaaS environment and is not shared with other organizations or customers.
The Service Provider delivers the Platform as a managed, custom-configured system, including freelance-style service delivery where applicable.
4. Scope of Service
The Platform provides administrative tools for music education operations, including
- Scheduling and lesson planning
- Student, teacher, and staff management
- Communication and file sharing
- Invoicing support and administrative financial tooling
The Platform is strictly an administrative system.
The Service Provider does not provide:
- Educational services
- Financial services
- Payment processing services
- Legal or tax advisory services
5. Account Structure and Responsibility
- End Users may create accounts via self-registration and enrollment request.
- All accounts and enrollments require review and approval by the School before activation.
- Teachers and staff are invited by the School.
- The School is responsible for validating eligibility, authorization, and access rights for all End Users, including minors.
- The School is responsible for managing permissions and internal access control.
6. Subscription and Financial Structure
- The Platform is provided under a subscription agreement with the School.
- Fees are billed monthly unless otherwise agreed.
- Payments may be processed via third-party service providers (e.g. Moneybird).
- The Service Provider is not a payment processor or merchant of record for lesson fees.
- Invoices generated through the Platform are created on behalf of the School.
- The School is the sole issuer of invoices and is fully responsible for legal, fiscal, and tax compliance.
7. Third-Party Services and Subprocessors
The Platform uses third-party service providers, including
- Hetzner (hosting infrastructure)
- Google Workspace (communication services)
- Cloudinary (media storage)
- Umami Analytics (usage analytics)
- Moneybird (invoicing and accounting)
These providers act as subprocessors where applicable.
The Service Provider:
- uses subprocessors as part of Platform operation
- retains operational responsibility for their integration
- is not liable for third-party outages or failures
- will use reasonable efforts to mitigate and restore service disruptions
- will notify the School personally of material subprocessor changes
- does not provide an opt-out mechanism due to the single-client nature of the Platform
- requires consent for onboarding and continued use of necessary subprocessors
8. Data Protection and Roles (GDPR)
8.1 Roles
- The School is the Data Controller for End User data.
- The Service Provider acts as a Data Processor when processing data on behalf of the School.
- The Service Provider acts as an independent Data Controller for operational data (including billing records, security logs, system telemetry, and support communications).
The Service Provider does not determine the purposes of processing for End User data.
8.2 Processing Scope
Personal data processed may include
- identity and contact information
- scheduling and attendance data
- communication data
- financial and invoicing information
- uploaded documents and media
8.3 Children’s Data
The Platform may be used by individuals under 16.
The School is responsible for ensuring lawful processing, including parental consent where required under applicable law.
9. Data Subject Rights and Assistance
- End Users may exercise rights including access, correction, deletion, restriction, objection, and portability via the School.
- The School is responsible for handling all data subject requests.
- The Service Provider will provide reasonable assistance to the School in fulfilling obligations under applicable data protection law.
- Data retention and deletion rules are governed by the Privacy Policy.
10. Acceptable Use
Users may not
- Access unauthorized data or systems
- Disrupt or overload the Platform
- Reverse engineer, copy, or exploit the Platform
- Use the Platform for unlawful purposes
- Circumvent authentication or access controls
11. Availability
The Platform is provided on a best-effort basis.
No guarantees are made regarding uninterrupted availability or error-free operation.
Maintenance or updates may temporarily affect access.
________________________________________
12. Security
The Service Provider implements appropriate technical and organizational measures, including
- HTTPS encryption
- Role-based access control
- Secure authentication systems
- Monitoring and logging
- Backup and recovery mechanisms
Security practices are further described in the Privacy Policy.
________________________________________
13. Liability
13.1 Liability Cap
Total liability is limited to fees paid by the School in the six (6) months preceding the event giving rise to the claim.
13.2 Exclusion of Damages
The Service Provider is not liable for
- loss of profit or revenue
- business interruption
- incorrect data entered by users
- third-party service failures
- indirect or consequential damages
13.3 Service Limitation
The Service Provider is not responsible for
- execution or quality of lessons
- teacher or student conduct
- educational outcomes
- financial arrangements between the School and End Users
13.4 Legal Limitation
Nothing in these Terms excludes liability where such exclusion is prohibited by applicable law.
14. Force Majeure
The Service Provider is not liable for failure or delay caused by events outside reasonable control, including
- infrastructure outages
- cyberattacks despite reasonable safeguards
- natural disasters
- government actions or legal restrictions
15. Termination and Suspension
- The agreement is recurring monthly.
- Either party may terminate with 30 days written notice.
- Fees remain payable during the notice period.
The Service Provider may
- immediately suspend access in case of abuse, security risk, or non-payment
- revoke access upon termination
Upon termination
- access may be disabled immediately
- data export may be made available for a minimum period of 14–30 days, unless legal retention obligations or security constraints prevent this
16. Changes to Terms
The Service Provider may update these Terms.
Material changes will be communicated to users.
You must explicitly accept the updated Terms before continuing to use the Platform. Continued use without acceptance does not constitute consent to updated Terms.
17. Data Protection Alignment
18. Governing Law and Jurisdiction
These Terms are governed by the laws of the Netherlands.
All disputes shall be submitted to the exclusive jurisdiction of the competent court in the Netherlands.
19. Contact
Music on the Block
Graafschapstraat 34
2033JM Haarlem
Netherlands
info@musicontheblock.nl
1. Introduction
Music on the Block ("we", "our", or "us") is committed to protecting the privacy and personal data of students, parents, teachers, staff members, and other users of our internal management systems.
2. Data Controller
Data Controller
- Music on the Block
- Business Address: Graafschapstraat 34, 2033JM, Haarlem
- Email: info@musicontheblock.nl
- Phone: +31 85 12 48 792
- Chamber of Commerce (KvK): 54390052
3. Personal Data We Collect
We may collect and process the following categories of personal data
- Account Information
- First and last name
- Email address
- Phone number
- Postal address
- Date of birth
- Profile photo
- Encrypted password credentials
- Student and Parent Information
- Student details
- Parent or guardian details
- Contact information
- Enrollment information
- Lesson participation records
- Internal administrative notes
- Scheduling Information
- Availability information
- Lesson schedules
- Attendance records
- Calendar events
- Lesson history
- Financial Information
- Billing details
- Invoices
- Payment status
- VAT information where applicable
- Uploaded Content
- Documents
- Contracts
- Images
- Other files uploaded by authorized users
4. Purpose of Processing
We process personal data for the following purposes
- Managing student enrollments
- Scheduling lessons and events
- Communicating schedule changes
- Managing teacher availability
- Maintaining administrative records
- Managing financial information and invoicing
- Maintaining platform security
- Providing technical support
- Complying with legal obligations
5. Legal Basis for Processing
We process personal data based on one or more of the following legal grounds
- Performance of a contract
- Compliance with legal obligations
- Legitimate interests related to operating and improving our educational services
- Consent where required by law
6. Children's Data
Our services involve students under the age of 16.
Where required, personal information relating to minors is collected and managed through a parent or legal guardian.
We take additional care to protect information relating to children and process such information only for educational and administrative purposes.
7. Cookies and Authentication
The CRM uses essential cookies and similar technologies required for
- User authentication
- Session management
- Security purposes
- These technologies are necessary for the operation of the platform and cannot be disabled without affecting functionality.
8. Analytics
We use privacy-focused analytics tools to understand usage of our systems and improve our services.
Analytics data is used in aggregate form and is not intended to identify individual users.
9. Service Providers
We may use trusted third-party service providers to operate our systems, including
- Hetzner (hosting infrastructure)
- Google Workspace / Gmail (email communication)
- Cloudinary (file and image storage)
- Umami Analytics (website analytics)
- Moneybird (financial administration, invoicing, and accounting)
- These providers process data only as necessary to provide their services and are subject to appropriate contractual and security obligations.
10. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.
Security measures include
- HTTPS encryption
- Password protection
- Access controls based on user roles
- Secure hosting infrastructure
- Regular backups
11. Data Retention
Personal data is retained only for as long as necessary for the purposes described in this Policy.
In general
- Active user information is retained while the user maintains a relationship with Music on the Block.
- Inactive records may be retained for up to two years following the end of the relationship.
- Financial records are retained for the period required by applicable tax and accounting laws.
- System backups may be retained for operational and disaster recovery purposes.
- Deleted records may remain temporarily in backup systems until those backups are automatically removed.
12. Your Rights
Subject to applicable law, individuals may request
- Access to their personal data
- Correction of inaccurate information
- Deletion of personal data
- Restriction of processing
- Objection to certain processing activities
- A copy of their personal data
- Requests may be submitted using the contact details listed above.
13. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), appropriate safeguards will be implemented in accordance with applicable data protection laws.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
Any material changes will be communicated through appropriate channels and reflected by updating the effective date at the top of this document.
15. Contact
For privacy-related questions or requests, please contact
- Email: info@musicontheblock.nl
- Address: Graafschapstraat 34, 2033JM, Haarlem