Last updated: 16 May 2026
The Apex Lab ("we", "us", "our") processes personal data with care. This Privacy Policy explains what data we collect, why we collect it, and what rights you have under the GDPR.
Controller: The Apex Lab — trade name of Pro Performance Therapy — Dutch Chamber of Commerce (KvK): 87119722.
We have not appointed a Data Protection Officer (DPO).
Our role may vary: for the website, intake, scheduling, and our own reporting we act as controller. For assignments commissioned by employers we may act (in part) as processor on behalf of the employer (under a data processing agreement).
Data: name, email, phone, message; technical data (IP, device, browser).
Source: provided by you (contact/appointment). Our website is a static site hosted on Cloudflare Pages; the contact option opens your own email client (a "mailto" link) and is not processed through a third-party form tool. We do not use third-party website analytics or tracking.
Purpose: contact, quotation/appointment, and site security.
Data: name, email, phone, organisation/department, role, invoicing and payment details.
Purpose: performance of the agreement, scheduling, invoicing, account management.
Data (special category personal data): questionnaire responses (e.g. stress/sleep), wearable datasets (e.g. heart rate, stress/HRV indicators, sleep duration/stages), timestamps, task types/work context.
Source: provided by you, via systems you connect (e.g. Garmin → Labfront) or upload (CSV/Excel) to Google Drive or Labfront.
Purpose: analysis and advice on workload, recovery, and vitality; reporting to you (and, if contractually agreed, summarised/anonymised to the commissioning party).
Important: do not share medical information via a regular contact route. For questionnaires/wearables we use a protected environment. Health data is processed only with explicit consent and kept separate from regular administration.
Before participating you receive our Informed Consent form, which sets out exactly what data we collect, how we process it, and what rights you have.
You can withdraw consent at any time via info@apexlab.nl (not retroactively).
We do not share data with third parties outside the categories below, unless necessary for delivery, with your consent, or as legally required.
(Sub)processors we use:
We enter into data processing agreements with all processors. Third parties do not use the data for their own purposes.
Your rights remain in force in the event of international transfers. On request we provide information about the relevant safeguards and sub-processors.
You have the right to access, rectification, erasure, restriction, portability, objection (where based on legitimate interest), and withdrawal of consent.
You can submit requests via info@apexlab.nl. We respond within 30 days. We may request additional identification.
Our services are aimed at adults/working professionals. We do not knowingly request data from minors. If we nevertheless receive such data, we delete it as soon as reasonably possible, unless a legal obligation requires otherwise.
We do not make decisions based solely on automated processing with legal effect. Analyses and scores (stress/sleep indices) are always interpreted by a professional.
Our static marketing site does not set analytics, marketing, or tracking cookies. Strictly necessary security cookies may be set by our hosting/CDN provider (Cloudflare). See our Cookie Statement for details.
Do you have a complaint about our data processing? Let us know via info@apexlab.nl. If we cannot resolve it together, you can contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
We may amend this Privacy Policy. The date of the most recent update is always shown at the top. We will inform you of material changes via the website and/or by email.
Questions or requests about privacy? Email: info@apexlab.nl