Software as a Service (SaaS) Agreement
Terms and Conditions
For service orders contracted with Shiji Deutschland GmbH.
- Preamble
- Definitions: Except to the extent expressly provided otherwise, capitalized terms used in this Agreement shall have the meaning set forth in Schedule I or this Agreement.
- The subject of these terms and conditions (“T&C”) is the provision of software as a service (“SaaS”) and related services (“Services”) by Shiji Deutschland GmbH (“Company”) to the customer (“Customer”, each a “Party” and together hereinafter referred to as “Parties“), based on service orders by the Customer (“Service Orders” and the Service Orders together with these T&C, the “Agreement”). The Services provided by the Company in fulfilment of one or multiple Service Orders is exclusively based on the Agreement, unless otherwise agreed between the Parties in writing. The Agreement is applicable to all legal transactions on provision of Services between the Parties and in addition thereto, all other legal transactions if expressly agreed between the Parties in writing. If any individual agreements have been made in writing between the Parties, those individual agreements shall have priority over the Agreement on a case-by-case basis. The Customer’s general terms and conditions shall not apply. The Company hereby expressly objects to any counter provisions by the Customer in reference to his own terms and conditions.
- Modification: The Company is entitled, through simple notification, to change or supplement these T&C, to the extent legally permissible, if the changes or supplements are necessary and if the changes or supplements will not inflict a substantial disadvantage on the Customer. Changes or supplements are necessary if their purpose is to comply with legal requirements. The Customer notes and approves this provision.
- Term
- The term of the Agreement (“Term”) shall commence on the Effective Date through the end of the Subscription Period and shall continue until terminated as provided herein.
- The Agreement shall automatically renew for subsequent Subscription Periods unless either Party provides written notice of its election not to renew the Agreement at least thirty (30) days prior to the end of the then-current Subscription Period or otherwise terminates the Agreement pursuant to the Terms and Conditions. The termination shall, in any event, be deemed to have been received if it was sent, optionally by registered letter, to the address indicated on the Service Order at least 30 days prior to the expiry of the period.
- Upon termination of the Agreement for any reason, all rights and subscriptions granted to the Customer shall end and the Customer and all Authorized Users shall cease using the Services.
- Rights Granted
- The Company grants to the Customer and the Customer accepts from the Company for the duration of the Term, a limited, non-exclusive, non-transferable, non-sublicensable right to access, use and permit Authorized Users to access and use the Services solely for the Customer’s internal business use. The Customer may allow Authorized Users to use the Services for this purpose and is responsible for each Authorized User’s compliance with the Agreement.
- Customer acknowledges that the Company has no obligation to deliver or ship copies of the Company’s software (“Software”) to the Customer as part of the Services. The Customer does not acquire under the Agreement any license to use the Software in excess of the scope and/or the duration of the Services.
- The Customer acknowledges that the Customer shall not (i) make the Software or materials resulting from the Services available in any manner to any third party for use in the third party’s business operations, (ii) access or use the Services in order to build or support, and/or assist a third party in building or supporting products or services competitive to the Company’s products or Services, (iii) disclose results of any services or program benchmark tests without the Company’s prior written consent and (iv) license, sell, rent, lease, transfer, assign, distribute, display, host, outsource, disclose, permit timesharing or service bureau use or otherwise commercially exploit or make the Services to any third party.
- No Obligation to use: Nothing in the Agreement shall be deemed to obligate the Customer to use the Services. The initial use, the extent of use and the continuation of use of the Services by the Customer shall at all times be within the sole discretion and control of the Customer. Notwithstanding the foregoing, the Customer’s failure to use the Services shall not relieve the Customer of any of its obligations hereunder, including without limitation to payment obligations.
- Intellectual Property Rights
- The Customer acknowledges that all right, title, and interest in and to the Services and the Software, together with its codes, derivative works, organization, structure, interfaces, any documentation, data, trade names, trademarks, trade secrets, proprietary information or other related materials is, and at all times shall remain, the sole and exclusive property of the Company. Except the right to use the Services, as expressly provided herein, the Agreement does not grant to the Customer any rights to, or in, patents, copyrights, database rights, trade secrets, trade names, trademarks (whether registered or unregistered) or any other rights or licenses with respect to the Services or the Software.
- The Customer shall not remove or modify any program markings or any notice of the Company’s or its licensor’s proprietary rights. The Customer shall not attempt, or directly or indirectly allow any Authorized User or other third party to attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, reverse compile, disassemble, reverse engineer, download, transmit or distribute all or any portion of the Services and/or Software in any form or media or by any means.
- The provisions of this paragraph 4 shall survive termination of the Agreement.
- Accessibility of Services
- The Company shall use commercially reasonable efforts to make the Services available on a 24×7 basis (twenty-four hours per day, seven days per week) during the Term.
The Software is a SaaS-application available on the Internet. The respective scope of performance depends on the used software version. The Customer notes that a functioning Internet access (with adequate bandwidth and reaction speed) for all terminal devices is necessary in order to use all program functions. The Company is not liable for disturbances to the Services which occur due to an insufficient Internet connection. Up time details are outlined in StayNTouch’s global SLA at www.stayntouch.com/servicela - The Company will monitor performance indicators on the systems and network infrastructure, its own and that of third-party suppliers, in order to gauge the overall performance of its hosting services and will take reasonable steps to address systems and network infrastructure as required to maintain satisfactory performance of the Software.
- For the avoidance of doubt, downtime caused directly or indirectly by any of the following shall not be considered a breach of this Agreement: (i) scheduled system back-up or other on-going maintenance as required and scheduled in advance by the Company or (ii) a fault or failure of the Internet or any public telecommunications network or (iii) denial of service attacks or similar attacks or (iv) a fault or failure of the Customer’s computer systems or networks or (v) for any unforeseen cause beyond the Company’s reasonable control or any force majeure events set forth in the Agreement.
- The Customer shall use reasonable endeavours, including reasonable security measures relating to account access details, to ensure that no unauthorized person may gain access to the Services.
- The Customer must not use the Services in any way that causes or may cause, damage to the Services or Platform or impairment of the availability or accessibility of the Services.
- Viruses and Security: It is the Customer’s responsibility to have and maintain in place malware protection software and security for all of its systems and data, which includes firewalls, passwords, physical security, and access control policies. If the Customer’s systems have persistent connections to the Internet, or transmit credit card or gift card transactions over the Internet, or use the Company’s or third party Secure Sockets Layer (SSL) to transmit credit card or gift card transactions, or otherwise have persistent connections to any network where there is potential for unauthorized access, the Customer acknowledges that the security and protection of the network and the data and applications on that network, including protections against unauthorized access, is solely and entirely the Customer’s responsibility. A properly configured firewall is required for each site using a persistent connection to the public Internet or any private network where there is a potential for unauthorized access to the Company’s network. The Customer acknowledges that, to be effective, malware protection software, system passwords and other security software require periodic and routine updates, which the Customer must obtain from its supplier or the manufacturer, as appropriate. The Company does not grant any warranty, express or implied, that, after the initial installation by the Company of any of its proprietary Software, the Software or the Customer’s data will remain virus-free. Support or services hereunder necessitated by computer viruses or by any failure or breach of the Customer’s security for its systems or data, including, without limitation, damage caused by persons lacking authorized access, are not covered under the Agreement. Requests for Services hereunder will only be supplied upon the Customer’s request on a reasonable efforts basis, at the Company’s standard time-and-materials rates. The Customer waives any claims hereunder against the Company to the extent arising from the Customer’s failure to have or maintain current malware protection, or to the extent arising as a result of a failure or breach of the Customer’s security for its systems or data, or as a result of any unauthorized access to the Customer’s systems. If requested by the Customer, the Company shall provide, on a reasonable efforts and time-and-materials basis, support or services to address damage caused by, but not limited to, any of the following: the Customer’s failure to have current malware protection, the Customer’s failure to maintain malware protection, damage arising as a result of a failure of the Customer’s security for its systems or data, damage arising as a result of a breach of the Customer’s security for its systems or data or damage as a result of any unauthorized access to the Customer’s systems. Such support and services shall be billed at the prevailing standard rates of the Company.
- The Company shall use commercially reasonable efforts to make the Services available on a 24×7 basis (twenty-four hours per day, seven days per week) during the Term.
- Maintenance Services
- The Company shall provide the Customer during the Term with maintenance of the Software and/or Services as described in paragraph 6.2 (“Maintenance Services”).
- The Company shall maintain the Software and/or Services and provide all patches and fixes to the Software and/or Services at no additional cost. Provided, however, said maintenance shall not include any major releases of new versions of the Software, additional functionality or custom programming, which the Company, at its discretion, may provide at an additional cost, unless otherwise agreed between the Parties.
- Further details on maintenance and services are outlined in StayNTouch’s global SLA on www.stayntouch.com/servicela
- Support Services
- The Company shall provide the Customer during the Term with support for the Services as described in paragraph 7.2 (“Support Services”).
- The Company shall make available to the Customer a helpdesk in accordance with the provisions of the Agreement. The Company shall provide the Support Services with reasonable skill and care in accordance with the standards of skill and care reasonably expected from a leading service in the Company’s industry.
- The Company shall respond without undue delay to all requests for Support Services made by the Customer through the helpdesk.
- Further details on maintenance and services are outlined in StayNTouch’s global SLA on www.stayntouch.com/servicela
- Customer Data
- The Customer hereby grants to the Company a non-exclusive license to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Customer Data to the extent reasonably required for the performance of the Company’s obligations and the exercise of the Company’s rights under this Agreement, together with the right to sub-license these rights to its hosting, connectivity and telecommunications service providers to the extent reasonably required for the performance of the Company’s obligations and the exercise of the Company’s rights under the Agreement.
- The Customer warrants to the Company that the Customer Data when used by the Company in accordance with the Agreement will not infringe the intellectual property rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.
- The Company shall create a back-up copy of the Customer Data at least daily, shall ensure that each such copy is sufficient to enable the Company to restore the Services to the state they were in at the time the back-up was taken and shall retain and securely store each such copy for a minimum period of 30 days.
- The Company may compile statistical information related to the performance of the services and may make such information publicly available, provided that such information does not incorporate Customer data and/or identify Customer confidential information or include Customer company’s name. The Company retains all intellectual property rights in such statistical information.
- Confidentiality
The Parties are bound by confidentiality obligations in accordance with Schedule II. - Charges and Payments
- The Customer shall pay Charges to the Company in accordance with the Agreement.
- Invoice recipient: The invoice recipient is the Customer. All Services are invoiced to the Customer directly.
- Payment terms: Unless otherwise agreed, the payment term is 30 days from the invoice date.
- Default interest: In case of late payment, a default interest of annually 8 percent will apply.
- Taxes: Except as otherwise set forth in any invoice, all Fees payable by Customer to Company hereunder are exclusive of any sales, use and other taxes or duties, however designated, including without limitation, withholding taxes, royalties, know-how payments, customs, privilege, excise, sales, use, value-added and property taxes (collectively “Taxes”). The Customer shall be solely responsible for payment of any Taxes, except for those taxes based on the income of the Company. The Customer will not withhold any Taxes from any amounts due to the Company. The Company will provide a proper invoice to the Customer based on the billing schedule agreed in the Service Order.
- Setup-Fee: In case a fee for the setup of the Services (“Setup-Fee”) was agreed, the following applies: The Setup-Fee will be due for payment within 14 days after date of invoice. Accounts are rendered after the setup process is completed and after the agreed training. The monthly costs will be due for payment monthly in advance from the first of the month after the installation has been performed.
- Currency: The agreed invoicing currency is in Euro, unless there is a specific agreement between the Parties. Any currency conversion from Euro to an individually agreed upon national currency is based on the exchange rate on the day of the invoice.
- The Company shall be entitled to adjust the Charges for inflation. The customer price index described in the Service Order shall be deemed as agreed. Unless otherwise agreed between the Parties, the customer price index of Germany (Deutscher Verbraucherpreisindex) shall be deemed agreed. The reference month for calculation is the month of the Effective Date on the applicable Service Order.
- Data protection
- The Customer warrants to the Company that it has the legal right to disclose all Personal Data which it discloses to the Company under or in connection with the Agreement. Furthermore, the Customer warrants to the Company that the processing of such Personal Data by the Company for the Company’s purposes in accordance with the Agreement (“Permitted Purpose”) will not breach any applicable data protection or data privacy laws including, but not limited to, the General Data Protection Regulation (EU) 2016/679 of the European Union (“GDPR”) or any other data protection laws or regulations of the European Union and any applicable national data protection laws.
- If GDPR applies to the Processing of Customer Personal Data (as defined below), the Parties acknowledge and agree that the Customer is the Controller of Customer Personal Data and the Company is the Processor of that data.
- The Company will:
- only Process Customer Personal Data on behalf of and in accordance with the Customer’s written instructions and for no other purpose. The Company is hereby instructed to Process Customer Personal Data, for the Term, to the extent necessary to enable the Company to provide the Services (which the parties acknowledges as constituting the subject matter of the Processing), as documented in the form of this Agreement and as further documented in any other written instructions given by Customer and acknowledged by the Company as constituting instructions for purposes of this Agreement;
- promptly notify the Customer if for any reason (including a change in applicable law) the Company becomes unable to comply with any Customer’s instructions, in which case the Company will (a) provide a reasonable level of detail as to the instructions with which it cannot comply and the reasons why it cannot comply, to the greatest extent permitted by applicable law, and (b) cease all Processing of the affected Customer Personal Data (other than merely storing and maintaining the security of the affected Customer Data) until such time as the Customer issues new instructions with which the Company is able to comply (If this provision applies, the Company will not be liable to Customer under the Agreement in respect of any failure to perform the Services due to its inability to process Customer Personal Data until such time as the Customer issues new instructions in regard to such Processing);
- ensure that any person whom Company authorizes to Process Customer Personal Data on its behalf is subject to confidentiality obligations in respect of that Customer Personal Data;
- implement appropriate technical and organizational measures to protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data;
- notify the Customer as soon as practicable after it becomes aware of any Personal Data Breach affecting any Customer Personal Data (provided that Customer shall be solely responsible for complying with any obligations to notify competent authorities or Data Subjects of the Personal Data Breach, where required);
- at the Customer’s request and subject to the Customer paying all of the Company’s fees at prevailing rates, and all expenses, and taking into account the nature of the Processing and the information available to the Company, promptly provide the Customer with all reasonable assistance necessary (A) to enable the Customer to notify any Personal Data Breaches affecting Customer Personal Data to the relevant Data Protection Authorities and/or affected Data Subjects, (B) for the fulfilment of the Customer’s obligation to respond to requests for the exercise of Data Subjects’ rights (provided that the Customer shall be solely responsible for responding to such requests), (C) for the fulfilment of Customer’s obligation to keep Customer Personal Data secure, (D) to facilitate the conduct of data protection impact assessments and consultation with Data Protection Authorities for Customer Personal Data, in each case to the extent that the Customer is required to engage in such activities;
- only transfer Customer Personal Data in accordance with Customer’s instructions and, if requested to do so by Customer, ensure that the Company, as the data importer, enters into standard contractual clauses with Customer (as the data exporter), unless another transfer mechanism is used (such as the Privacy Shield);
- provide the Customer with all information necessary to enable the Customer to demonstrate compliance with its obligations under the GDPR, and allow for and contribute to audits, including inspections, conducted by the Customer or an auditor mandated by the Customer (to the extent that such information is within the Company’s control and the Company is not precluded from disclosing it by applicable law, a duty of confidentiality, or any other obligation owed to a third party) and immediately inform the Customer if, in the Company’s opinion, an instruction infringes the GDPR or other European Union or Member State data protection provisions. The Customer authorizes the Company to engage sub-Processors to perform specific services on the Company behalf which may require such sub-Processors to Process Customer Personal Data, provided that the Company shall enter into an agreement with the sub-Processor that imposes on the sub-Processor the same obligations that apply to the Company hereunder.
- The Company will inform the Customer of any intended changes concerning the addition or replacement of sub-Processors, to the greatest extent permitted by applicable law, and the Customer will have an opportunity to object to such changes on reasonable grounds within fifteen (15) business days after being notified. If the parties are unable to resolve such objection, either party may terminate the Agreement by providing written notice to the other Party. On termination or expiration of the Agreement, the Customer instructs the Company to permanently and securely delete all Customer Personal Data in the possession or control of the Company or any of its sub-Processors, within a reasonable period of time (unless otherwise required by European Union or Member State law), except if the Customer requests an export of Customer Personal Data in a mutually agreed upon format within thirty (30) days of the effective date of such termination or expiration.
- The Customer acknowledges that the Company is reliant on the Customer for direction as to the extent to which the Company is entitled to Process Customer Personal Data on behalf of Customer in performance of the Services. Consequently the Company will not be liable under the Agreement for any claim brought by a Data Subject arising from any action or omission by the Company, to the extent that such action or omission resulted directly from the Customer’s instructions or from the Customer’s failure to comply with its obligations under the applicable data protection law.
- For purposes of this provision, (A) “Controller”, “Data Subjects”, “Personal Data”, “Personal Data Breach”, “Processing”, “Processor” will each have the meaning set out by the GDPR, (B) “Customer Personal Data” means the Personal Data relating to hotel guests contained within Customer Data, the extent of which is determined and controlled by Customer in its sole discretion. Concerning the Processing of Customer Personal Data that is subject to the GDPR, in the event of any conflict or inconsistency between the terms of this Data Protection section and any other terms of this Agreement, the provisions of this Data Protection shall prevail.
- Right to submit a complaint to the supervisory authorities: The Customer notes that it is entitled to submit a complaint to the competent supervisory authority. The competent supervisory authority is listed in Schedule III.
- Warranties and Limitation of Damages
- The Customer acknowledges that complex software is never wholly free from defects, errors and bugs, security vulnerabilities and subject to the other provisions of the Agreement, the Company gives no warranty or representation that the Services will be wholly free from defects, errors and bugs or uninterrupted and will be entirely secure. The Customer acknowledges that the Company does not control the transfer of data over communications facilities, including the Internet, and that the Service may be subject to limitations, delays, and other problems inherent in the use of such communications facilities. The Company is not responsible for any delays, delivery failures, or other damage resulting from such problems.
Neither Party shall be liable to the other Party in respect of any loss of profits or anticipated savings or any loss of revenue or income or any loss of use or production, or any loss of business, contracts or opportunities or any losses arising out of a Force Majeure Event or in respect of any special, indirect or consequential loss or damage.
The Parties agree that any warranty claims and claims for damages against the Company will be limited in the amount to the amount which the Customer has paid or is obligated to pay to the Company within a 12-month period preceding the commencement of the event or events. This limitation of liability also applies in the event of minor negligence. - Where the Company receives payment card data, the Company shall and shall cause its agents and the Services at all times to comply with (i) the Payment Card Industry Data Security Standards (PCI DSS) including the Payment Application Data Security Standards (PA-DSS), as amended or updated from time to time (“PCI Security Standards”), and (ii) the requirements for the handling of Customer Data. The Company and any of its affiliated companies shall comply with the PCI Security Standards with respect to any payment card data they obtain.
Although the Service provided to the Customer is not currently within PCI DSS scope, the Company will maintain compliance with any regulatory requirements that become applicable to the Services, should industry scope definitions change in the future.
It is the responsibility of the Customer to respect and enforce the following operational processes:- If the Customer has access to or will collect, access, use, store, process, dispose of or disclose credit, debit or other payment cardholder information using the services provided by the Company, the Customer shall at all times remain in compliance with the PCI-DSS requirements, including remaining aware at all times of changes to the PCI-DSS and promptly implementing all procedures and practices as may be necessary to remain in compliance with the PCI-DSS.
- At a minimum, the Customer’s safeguards for the protection of personal information shall include
- limiting access
of personal or highly sensitive information to certain authorized employees (“Authorized Employee”) of the Customer; - implementing appropriate personnel security and integrity procedures and practices, including, but not limited to, conducting background checks consistent with applicable law and
- providing appropriate privacy and information security training to the Customer’s employees.
- limiting access
- During the term of each Authorized Employee’s employment by Customer, the Customer shall at all times cause such Authorized Employees to abide by the Customer’s obligations under the Agreement and Customer’s standard policies and procedures. The Customer, further agrees that it shall maintain a disciplinary process to address any unauthorized access, use or disclosure of Personal Data by any of Customer’s officers, partners, principals, employees, agents or contractors.
- National laws for the use of cloud based SaaS: The Company has explicitly pointed out that every country has respective legal provisions concerning the use of Cloud based SaaS. The Company’s cloud based SaaS complies with the legal regulations of German law at the time of execution of the Agreement. The Company is not obligated to modify the Software if any legislative amendments are made after the Agreement was executed. If the Customer informs the Company about the legislative amendments in writing, the Company will endeavour to modify the Software within a reasonable period of time.
- The Customer acknowledges that complex software is never wholly free from defects, errors and bugs, security vulnerabilities and subject to the other provisions of the Agreement, the Company gives no warranty or representation that the Services will be wholly free from defects, errors and bugs or uninterrupted and will be entirely secure. The Customer acknowledges that the Company does not control the transfer of data over communications facilities, including the Internet, and that the Service may be subject to limitations, delays, and other problems inherent in the use of such communications facilities. The Company is not responsible for any delays, delivery failures, or other damage resulting from such problems.
- Indemnification
Either Party agrees to indemnify, defend and hold the other Party harmless from any and all direct and actual damages arising directly from actual infringement of a third party’s intellectual property, patent, patent application or copyright. In such an event, the Company’s sole obligation would be the replacement of the infringing intellectual property with alternate intellectual property with substantially similar functionality that is not infringing, or modification of intellectual property in such a manner that renders it non-infringing. If any action shall be brought against the other Party in respect to which indemnity may be sought from the Party pursuant to this Section (hereinafter in this Section 14, a “Claim”), the other Party shall promptly notify the Party in writing, specifying the nature of the Claim and such relief as is sought therein. The Party may, at its sole discretion, at any time upon written notice thereof to the other Party, undertake to conduct all proceedings or negotiations in connection therewith, assume the defence thereof, and if it so undertakes, it shall also undertake all other required steps or proceedings to settle or defend any such action, including the employment of counsel. In such an event, the other Party shall cooperate with the Party in all reasonable respects in connection with the defence of any such action. The other Party shall have the right to employ separate counsel and participate in the defense thereof at its own expense.
The Company shall have no obligations under this Section 14 if the actual infringement is due to any of the following: (i) the intellectual property or any portion thereof has been modified, altered or changed in any manner by the Customer or any party acting on Customer’s request, if such actual infringement would have been avoided in the absence of the use of such altered intellectual property; (ii) the combination, operation or use of the intellectual property with any Customer’s software, operating system, and/or hardware, if such infringement would have been avoided in the absence of such combination, operation, or use; (iii) Customer’s failure to install or have installed error corrections or modifications that would have avoided the infringement and the Customer had been notified of same; (iv) any unauthorized use of the intellectual property by the Customer or (v) the requirements, specifications or functionalities requested or provided by Customer. - Force Majeure Event
- If a Force Majeure Event gives rise to a failure or delay in either Party performing any obligation under the Agreement (other than any obligation to make a payment), that obligation will be suspended for the duration of the Force Majeure Event.
- Any Party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that Party performing any obligation under this Agreement, must:
- promptly notify the other Party; and
- inform the other Party of the period for which it is estimated that such failure or delay will continue.
- A Party whose performance of its obligations under this Agreement is affected by a Force Majeure Event must take reasonable steps to mitigate the effects of the Force Majeure Event.
- Termination
- Either Party may terminate the Agreement immediately by giving written notice of termination to the other Party if the other Party commits a material breach of the
Agreement, if such material breach is not cured after notice to the other Party and a failure to cure such breach continued 60 days following such notice.
The Company may terminate the Services pursuant to the Agreement upon failure by the Customer to pay invoices when due with respect to the particularService, if such failure is not cured after notice to the Customer and a failure to pay such invoices continued for a period of 30 days following such notice.
Notwithstanding the above, in no event shall the Customer be entitled to any refund of monies paid hereunder in the event the Agreement is terminated. - Either Party may terminate this Agreement immediately by giving written notice of termination to the other Party if:
- the other Party:
- is dissolved;
- ceases to conduct all (or substantially all) of its business;
- is or becomes unable to pay its debts as they fall due;
- is or becomes insolvent or is declared insolvent; or
- convenes a meeting or makes or proposes to make any arrangement or composition with its creditors;
- an insolvency or other administrator, administrative receiver, liquidator, receiver, trustee, manager or similar is appointed over any of the assets of the other Party;
- an order is made for the winding up of the other Party or the other Party passes a resolution for its winding up (other than for the purpose of a solvent company reorganization where the resulting entity will assume all the obligations of the other Party under this Agreement).
- the other Party:
- Either Party may terminate the Agreement immediately by giving written notice of termination to the other Party if the other Party commits a material breach of the
- Effects of termination
- Upon the termination of the Agreement, all of the provisions of this Agreement shall cease to have
effect , save as provided otherwise. - Except to the extent that the Agreement expressly provides otherwise, the termination of this Agreement shall not affect the accrued rights of either Party.
- Within 30 days following the termination of this Agreement for any reason:
- the Customer must pay to the Company any Charges in respect of Services provided to the Customer before the termination of the Agreement; and
- the Company must refund to the Customer any Charges paid by the Customer to the Company in respect of Services that were to be provided to the Customer after the termination of this Agreement,
- In addition, the Company may immediately suspend the Customer’s password, account, and access to or use of the Services if the Customer fails to pay the Company as required under the Agreement and does not cure within the 60 days cure period.
- Upon the termination of the Agreement, all of the provisions of this Agreement shall cease to have
- Subcontracting
- The Company reserves the right to provide the Services from locations, and/or through use of subcontractors, worldwide in accordance with the respective data protection regulations.
- The Company shall remain responsible to the Customer for the performance of any subcontracted obligations.
- Notwithstanding any other provision of this Agreement, the Customer acknowledges and agrees that the Company may subcontract to any reputable third-party hosting business, the hosting of the Platform and the provision of Services in relation to the support and maintenance of elements of the Platform.
- General
- No breach of any provision of this Agreement shall be waived except with the express
written consent of the Party not in breach, in particular, failure to exercise any right shall not result in or be treated aswaiver of such right. - If any provision of this Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions of this Agreement will continue in effect. If any unlawful and/or unenforceable provision would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted and the rest of the provision will continue in effect, unless that would contradict the clear intention of the Parties, in which case the entirety of the relevant provision will be deemed to be deleted. In each of these cases any provision or part thereof which is deemed deleted shall be deemed replaced with effect ex tunc by such provision which in legal and economic terms comes closest to what the Parties intended or would have intended in accordance with the purpose of this Agreement if they had considered the point at the time of conclusion of this Agreement. The same shall apply in case of any gaps.
- This Agreement (including this provision 18.3 ) may not be varied except by a written document signed by or on behalf of each of the Parties.
- Neither Party may without the prior written consent of the other Party assign, transfer, charge, license or otherwise deal in or dispose of any contractual rights or obligations under this Agreement.
- This Agreement is made for the benefit of the Parties and is not intended to benefit any third party or be enforceable by any third party. The rights of the parties to terminate, rescind or
agree any amendment, waiver, variation or settlement under or relating to the Agreement are not subject to the consent of any third party. - The Agreement shall constitute the entire agreement between the Parties in relation to the subject matter of the Agreement and shall supersede all previous agreements, arrangements
and understandings between the Parties in respect of that subject matter. - The Agreement shall be construed in accordance with and be governed by German law excluding its conflicts of law provisions. The Parties consent to the exclusive jurisdiction in Germany and venue of the local courts in Munich, for all claims or actions arising under or relating in any way to the Agreement or the relationship between the Parties.
- No breach of any provision of this Agreement shall be waived except with the express
Schedule I – Definitions
“Authorized User” means an employee of the Customer or such other person identified by the Customer who has been authorized by the Customer to access the Service.
“Charges” means the following amounts
- the amounts specified in the Service Order;
- amounts calculated by multiplying the Company’s standard time-based charging rates (as notified by the Company to the Customer before the date of the Agreement) by the time spent by the Company’s personnel performing the Support Services; and
- such amounts as may be agreed in writing by the Parties from time to time.
“Customer Data” means all data, works and materials: uploaded to or stored on the Platform by the Customer; transmitted by the Platform at the instigation of the Customer; supplied by the Customer to the Company for uploading to, transmission by or storage on the Platform; or generated by the Platform as a result of the use of the Services by the Customer;
“Effective Date” means the relevant date stated on the Service Order.
“Force Majeure Event” means an event, or a series of related events, that is outside the reasonable control of the party affected (including failures of the Internet or any public telecommunications network, hacker attacks, denial of service attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, explosions, fires, floods, riots, terrorist attacks and wars);
“Platform” means the object code format in which the Company’s proprietary SaaS offering is made available via the Internet.
“Services” means subscription to access and use of the Software that the Company provides to the Customer, or has an obligation to provide to the Customer, under the Agreement;
“Subscription Period” means, unless otherwise agreed, a period of twelve (12) months.
Schedule II – Confidentiality Obligations
- Confidentiality Obligations: Each Party must:
- keep the Confidential Information strictly confidential;
- not disclose the Confidential Information to any person without the other Party’s prior written consent, and then only under conditions of confidentiality approved in writing by the other Party;
- use the same degree of care to protect the confidentiality of the Confidential Information as the Party uses to protect the Party’s own confidential information of a similar nature, being at least a reasonable degree of care;
- act in good faith at all times in relation to the Confidential Information; and
- not use any of the Confidential Information for any purpose other than the Permitted Purpose.
- Notwithstanding provision 1 of this Schedule II, the Receiving Party may disclose the Confidential Information to the Receiving Party’s officers, employees, professional advisers, insurers, agents and subcontractors who have a need to access the Confidential Information for the performance of their work and who are bound by a written agreement or professional obligation to protect the confidentiality of the Confidential Information.
- The provisions of this Schedule II impose no obligations upon the Receiving Party with respect to Confidential Information that
- is known to the Party before disclosure under the Agreement and is not subject to any other obligation of confidentiality;
- is or becomes publicly known through no act or default of the other Party; or
- is obtained by the Party from a third party in circumstances where the Party has no reason to believe that there has been a breach of an obligation of confidentiality.
- Except in any proceeding to enforce the provisions of the Agreement or except as otherwise required by law, neither Party shall publicize or disclose to any third party the existence or provisions of the Agreement or any of the fees, terms or conditions herein, without the prior written consent of the other Party. Neither Party shall use the name or logo of the other in publicity releases or advertising regarding or related to the Agreement without securing the prior written approval of the other Party. Each Party may state that it has an agreement with the other.
- The restrictions in the provisions of this Schedule II do not apply to the extent that any Confidential Information is required to be disclosed by any law or regulation, by any judicial or governmental order or request, or pursuant to disclosure requirements relating to the listing of the stock of the Party on any
recognised stock exchange. - The provisions of this Schedule II shall continue in force for a period of 5 years following the termination of the Agreement, at the end of which period they will cease to have
effect .
Schedule III – Data Security
- The Company will transfer Personal Data to the sub-processors if necessary to
fulfil the Agreement. The Customer grants its approval for the transfer of data to the following sub-processor:- Shiji Deutschland GmbH and
it’s affiliates as necessary to support the Customer requirements. - Amazon Web Services
- Shiji Deutschland GmbH and
- Right to submit a complaint to the supervisory authorities: The Customer notes that he is entitled to submit a complaint regarding data security to the competent supervisory authorities. The competent supervisory authorities are:
Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Husarenstr. 30
53117 Bonn
+49 (0)228-997799-0
+49 (0)228-997799-5550
poststelle@bfdi.bund.de
European Data Protection Supervisor
Rue Wiertz 60
B-1047 Brussels
+32 2 283 19 00
edps@edps.europa.eu
www.edps.europa.eu