Data & privacy
Member records are personal data — often of minors. Under the GDPR the club is the data controller; by using a club's API key, your integration processes personal data on the club's behalf.
What this means for you
- The club decides. A club administrator creating a key for your integration is the club's decision to share data with it. Only ask for the scopes you actually need.
- Processor agreement. If you build for a club other than your own, the club will typically need a processor (verwerkers-) agreement with you. That is between you and the club — Club-tool is the club's processor for the platform itself.
- Data minimisation is built in. Member lists omit e-mail and birth date; request the detail endpoint only when you need it, and store no more than necessary.
- Deletion is real.
DELETE /members/{id}permanently erases the member. Prefer archiving (status: "archived") unless erasure is the intent (GDPR art. 17). - Audit trail. Every write through the API is logged in the club's
audit log, attributed to the key prefix (e.g.
api:ct_live_3f9K).
Signup forms (kennismakers)
Creating a trial member through the API means you collect personal data (often of minors) on the club's behalf. Show the club's privacy statement on your form, collect only the fields the intake needs, and protect the form against spam (captcha) — the API's rate limits bound abuse but do not replace form-side protection.
Practical checklist
- Store API keys in a secret manager; rotate them periodically.
- Keep synced copies of member data encrypted at rest and delete them when your purpose ends.
- Don't expose member data on public pages (e.g. a website widget should show the calendar — not the member list).
- Report suspected leaks to the club immediately, and see security.txt for the platform's disclosure channel.
The platform's own privacy documentation lives at club-tool.nl/privacy.