For Sellers & Buyers
Elsässer IT GmbH, Schlüterstr. 70, 10629 Berlin, registered in the commercial register of Berlin-Charlottenburg under the number HRB 207461 B, represented by the Managing Director Till Elsässer. The service provided by Elsässer IT GmbH – hereinafter the "Provider“ intends to record article data of the manufacturer, wholesaler or legal entity – hereinafter the "Customer“ – very quickly and simply, and to collect orders for these articles via an order interface. The primary focus of the order software is pre-orders of goods which are produced or delivered at a later date.
The Provider has developed a software solution (hereinafter the "order software"), which allows the recording of article data and order processes between manufacturers/wholesalers and retailers in a user-friendly, time-saving and effective manner.
The Customer has extensively tested the order software and wants to use it in their company.
With this contract, the contract partners agree that the Provider shall provide the Customer with the option to use the order software within the scope of accessing an internet connection, as well as the memory required for the usage of their order software and data.
1.1 The subject matter of this contract is the provision of the order software for the use of the scope of services agreed in Annex 1, as well as the granting of usage rights and the provision of memory for the data generated by the Customer through the use of the order software and/or the data necessary to use the order software (hereinafter the "customer data") for the payment of the agreed fee.
1.2 Within the scope of this contract, the Customer is permitted to access the order data and the data stored by the browser via access to the order software issued by the Provider. The requirements / data generated by the Customer by accessing the order software are saved on servers of a server provider commissioned by the Provider. The Provider indicates that the order software as well as the customer data are saved at a computer centre within the EU or the EEA.
1.3 As personal data can be processed by business partners of the Customer within the scope of an order request (hereinafter a "drop"), the contract parties conclude an agreement on commissioned data processing, which is Annex 2 of this contract.
1.4 The Provider's offer is exclusively for companies and not for consumers. The Provider shall allow the Customer to use the order software exclusively on the basis of this contract. Contract conditions of the Customer do not apply, even if the Provider has not explicitly rejected them. By using the order software, the Customer declares their agreement with the terms and conditions of this contract.
1.5 Access to the order software is designed as a single user licence for employees of the Customer. The Customer is therefore not permitted to work with the order software in parallel at several workstations.
1.6 This contract does not include any service or customer service from the Provider.
2.1 The Provider shall keep the latest version of the order software available for use according to the following provisions, from the registration on order41.com, and after the expiry of the test version (the "moment of provision").
2.2 The Provider shall transfer to the Customer the access data necessary to use the order software on a virtual server, in accordance with the contract. All usernames and passwords are to be changed by the Customer immediately to names and passwords that only the Customer knows. In particular, the Customer shall take suitable measures to prevent unauthorised third party access to the order software and/or to the virtual server of the Customer.
2.3 The Provider is permitted to create updates to the order software, at their discretion.
2.4 If and to the extent that the provision of a new version or a modification involves a change to the functions of the order software, the working processes of the Customer supported by the order software and/or restrictions on the usability of previously generated customer data, the Provider will notify the Customer of this at the latest six weeks before the change comes into effect. If the Customer does not reject the change in writing within a period of two weeks from the receipt of the notification of change, the change shall become an integral part of the contract. In every notification, the Provider shall make the Customer aware of changes to the aforementioned deadline and the legal consequences of their elapsing if the option to reject is not asserted.
2.5 The Provider shall give the Customer memory space for the customer data on any service provided by the Provider for the Customer, for use in accordance with the contract.
2.6 The Provider carries out regular back-ups of the customer's data held on a server which the Provider is responsible for on an external back-up server. The Provider is under no obligation to do this.
2.7 The point of transfer for the order software and the customer data is the router output of the computer centre of the service provider commissioned by the Provider. The Provider is not responsible for the establishment and maintenance of the data connection between the IT systems of the Customer and the point of transfer.
3.1 The Provider shall indicate to the Customer that restrictions or impairments on the services provided could occur, which are outside of the sphere of influence of the Provider. This includes, in particular, actions by third parties, which are not acting on behalf of the Provider, technical conditions of the internet which the Provider has no influence on and force majeure. The hardware and software, as well as the technical infrastructure, used by the Customer can also have an influence on the services of the Provider. If the aforementioned conditions have an influence on the availability or functioning of the services performed by the Provider, this has no effect on whether the services have been provided in accordance with the contract.
3.2 Access restrictions to the order software normally do not represent a violation of the Provider's service obligations. The Provider shall remove defects in their IT infrastructure immediately within the scope of what is technically and operationally possible. The Customer shall be notified of necessary interruptions to the usability of the order software for preventative or necessary maintenance work, once they become known, as quickly as possible by email.
4.1 The order software made available by the Provider is copyright protected (Section 2, paragraph 1 (1), 69a, German Copyright Law - UrhG).
4.2 The Customer will be granted a simple, non-exclusive, non-sublicensable right to use the order software, which is limited and non-transferrable for the term of this contract, on a virtual server provided by the Customer.
4.3 A physical transfer of the order software to the Customer, as well as a transfer of the source code of the order software, does not happen. The Customer is only allowed to use the order software for their own business activities within the scope of a single-user licence, and to have it used by their employees for the contractual purpose.
4.4 If the Provider makes new versions, updates, upgrades or other new deliveries with regards to the order software, the afore-mentioned rights also apply to them.
4.5 The customer is not entitled to rights which have not been explicitly granted to the Customer in the above. In particular, the Customer is not permitted to use the order software beyond the scope of the agreed usage, or to have it used by third parties, or to make the order software available to third parties. The Customer is, in particular, not permitted to reproduce, sell or transfer, for a period of time, the order software, and in particular not to rent or loan it, not to transfer the order software or to create derived works, to reverse engineer the software, to decompile, disassemble or attempt to make the source code accessible in any other way.
4.6 If the Customer violates the provisions set out in point 4.5 for reasons that are their fault, the Provider can block the access of the Customer to the order software or the customer data, if the violation can be verifiably stopped by doing so.
4.7 If the Customer continues to violate the provisions set out in point 4.6 or violates them repeatedly, despite a corresponding written warning by the Provider, and if they are at fault for doing so, the Provider can terminate the contract extraordinarily without notice.
5.1 The Provider shall notify the Customer immediately about third-party rights or about the assertion of third-party rights and any resulting impairments on the performance of agreed services and allow the Customer full access to the customer data in a suitable way.
5.2 The Customer is not obliged to pay remuneration if, and to the extent, that third party rights impair the use of the order software.
5.3 The Provider is not liable for a violation of third-party rights by the Customer, if and to the extent that this violation arises from the scope of the rights of use granted according to this contract being exceeded. In this case, the Customer shall indemnify the Provider, upon first demand, from all third party claims.
6.1 The usage-dependent licence remuneration for the services to be performed to grant the usage of the order software and the provision of memory for customer data is calculated as follows:
The licence fee per single user licence is set individually.
6.2 The licence fee is always due monthly, in advance. Unless otherwise agreed, payment obligations of the Customer are due immediately and are to be paid within 14 days of the date of invoice. If the agreed payment deadlines are not met, the Provider is entitled to a claim for default interest, without a further demand, of 8 percentage points above the base rate of interest of the ECB. The Provider is permitted to revoke the right of usage, if the Customer is in default of payment of the due licence fee despite a written payment reminder being sent.
6.3 All prices are quoted excluding the legally-applicable VAT.
6.4 Any service and communication costs incurred for the connection between the IT infrastructure of the Customer and the point of transfer, are to be borne by the Customer.
6.5 The Provider is permitted to suitably increase the agreed prices for the contractual services, in order to compensate personnel and other cost increases. The Provider shall notify the Customer in writing or by email about these price increases; the price increases do not apply to the periods for which the Customer has already paid. If the price increase is more than 10% of the previous price, the Customer is permitted to terminate the contract in full with a period of notice of one month, effective from the end of a calendar month; if the Customer asserts this right of termination, the non-increased prices shall be charged until the termination comes into effect. The Provider shall notify the Customer of this right of termination with every message.
7.1 The Customer shall support the Provider with the performance of the contractual services, to a suitable degree.
7.2 The proper and regular back-up of customer data by the Customer or a third-party commissioned by the customer lies within the Customer's obligations. The Provider recommends a daily back-up of customer data.
8.1 Information to be treated as confidential is information marked as confidential by the contract partner issuing the information, as well as information which is clearly confidential based on the conditions of its transfer. In particular, customer data is to be treated confidentially by the Customer, if they obtain knowledge of it.
8.2 Information is not deemed to be confidential, if the party receiving the information can prove that they were aware of the information before the date of receipt, or that the information was publicly known; the information was publicly known or generally available before the date of receipt; the information was made publicly known or generally available after the date of receipt, without the contract partner receiving the information being responsible for it.
8.3 The contract partners shall maintain confidentiality about all confidential information they gain knowledge of within the scope of this contractual relationship or only use the information in dealings with third parties - whatever the reason - with the prior written approval of the other contract partner.
8.4 The Provider is permitted to mention the Customer as a reference in advertising materials and other business documents.
9.1 The contract relationship begins upon the commencement of the contract and is concluded for an indefinite period of time.
9.2 The contract can be terminated by the contract parties with a period of notice of 3 months, effective from the end of the month.
9.3 The contract can be terminated by the contract partners without notice for good cause. A good cause is given, in particular, if the Customer is in default of payment of the due licence fee for more than two months, despite receiving a reminder.
9.4 Any termination has to be made in writing to have effect.
10.1 The Provider hereby indicates that it is not possible, based on the current technology, to create hardware and software that works error-free in all application combinations or which can be protected from any manipulation by third parties. The Provider does not guarantee that the supplied software and hardware meets the requirements of the Customer sufficiently, that it is suitable for particular applications and furthermore, that it is crash-free, error-free as well as free of viruses and other malware.
10.2 The Customer is obliged to notify the Provider immediately and as precisely as possible in written form (email: email@example.com) or by telephone (+49 - 030 - 895 498 00) about malfunctions, functional disorders or impairments to the order software.
10.3 Defects to the order software shall be removed by the Provider, after a corresponding notification about the defect from the Customer, within a suitable reaction time, depending on the severity of the defect, during support hours (Mon. - Fri. 9 am - 6 pm, excluding public holidays in Berlin).
10.4 Defects reported to the Provider by the Customer shall be classified and processed by the Provider as follows:
The defect concerns an error to the contractual services, which makes the use of the contractual services, in particular the order software, impossible, or means it is only possible with serious restrictions. The Customer cannot suitably avoid the problem or as a result cannot complete tasks that cannot be postponed.
The defect concerns an error to the contract services, which is just an insignificant restriction on the use of the contractual services by the customer, in particular the order software, without being a serious defect.
|within 3 hours
There is no obligation to remove insignificant defects.
10.5 The right of termination of the Customer due to the non-granting of usage as per Section 543, paragraph 2 (1), clause 1 of the German Civil Code (BGB) is excluded, provided the provision of the contractual usage is not deemed to be defective. The provision of the contractual usage is deemed to be defective at the earliest after an unsuccessful second attempt at rectifying the defect.
11.1 The Provider is liable to the Customer for damage, which has been caused wilfully or with gross negligence, the consequences of the lack of a guaranteed characteristic which is due to a culpable breach of duty (material contractual obligation), the consequences of culpable injury to life, limb or health, or for which liability is intended according to the German Product Liability Law, in accordance with legal provisions.
11.2 Material contractual obligations are obligations whose fulfilment is what allows the contract to be executed in the first place and on whose fulfilment the customer can routinely rely upon, and the violation of which jeopardizes the other party in achieving the contractual goal.
11.3 In the event of a violation of a material contractual obligation - if the damage is merely due to ordinary negligence - the liability is limited to damage which could typically be expected when using the order software. The Provider is liable in the event of material damage caused culpably, up to 3.5 times the licence fee as per point 6.1, per damage event, although up to max of € 10,000 per contract year.
11.4 The liability of the Provider regardless of culpability for errors already present upon the conclusion of the contract as per Section 536a, paragraph 1, German Civil Code (BGB) is explicitly rejected.
11.5 If damage incurred by the Customer results from the loss of customer data, the Provider is not liable for this, provided the damage could have been avoided by the regular and complete back-up of customer data by the Customer (see point 7.2).
11.6 The Provider is not liable if customer data is changed by the customer, or deleted or otherwise lost due to the improper use of the software (e.g. changing/deleting article data in an active order).
11.7 If the Provider is not liable in accordance with the provisions of points 11.1 to 11.3, the liability of the Provider in general is excluded, regardless of the grounds.
The assignment of the rights and obligations in this contract is only permitted with the prior written approval of the Provider. The Provider is permitted to entrust third parties with the fulfilment of the obligations from this contract.
13.1 German material law applies to the contractual relationship, excluding the UN Convention on the International Sale of Goods.
13.2 Annexes are an integral part of this contract, in their valid version, i.e. signed by both contract partners.
13.3 There are no side agreements to this contract and its annexes. Modifications or supplements to this contract and the annexes must be made in writing in order to be valid. This also applies to the waiver of the written form requirement.
13.4 If individual provisions of this contract become invalid, this shall not affect the validity of the content of the contract in general.
13.5 If there are loopholes in the practical order software of this contract, which the contract partners had not foreseen, or if the invalidity of a provision as per point 12.4 is established legally or mutually by both contract partners, they are obliged to fill or replace this loophole or ineffective provision in a proper manner, which is based on the financial purpose of the contract.
13.6 Provided there is no standard that requires another jurisdiction, the exclusive place of jurisdiction shall be the court responsible at the registered office of the Provider.
The order software is used by manufacturers or wholesalers to record article data very quickly and easily, and then to collect the orders for these articles via an order interface. The primary focus of the order software is on the pre-order of goods which can only be produced or delivered with a time lag.
Performance specifications in bullet points:
Recording specific deliveries (drops) and a list overview of them.
Recording specific article data per drop. Download of the article data in a format specified by the Provider.
Provision of an order interface in which the articles can be ordered by a drop using a specific link. The order interface can only be opened with a saved email address and a PIN.
List of all orders per drop. Download of the order data in a specified format.
Download of a supply order of all the articles ordered per drop.
This annex specifies the obligations of the contract partners regarding data protection, which arise from the SaaS agreement about the software (hereinafter the "main contract"), described in detail in the data processing agreement. It applies to all actions which are associated with the contract and where the employees of the contractors or people commissioned by the contractor come into contact with personal data.
The Customer (hereinafter the "Client") and the Provider (hereinafter the "Contractor") hereby conclude the following data processing agreement in accordance with Art. 28 GDPR.
1.1 The Contractor shall process the personal data of the Client according to their instructions as per Art. 4 (2) and Art. 28 GDPR.
1.2 The subject matter and duration of the order as well as the scope and type of data collection, processing or usage are based on the main contract. The data processing includes but is not limited to the following types of data:
|Type of data:
|Email address, first name and surnames
|Type of data collection, processing and usage:
|Execution of contract, processing of orders
|Group of data subjects:
|Business partners, employees of the Client / the Client's business partners
The term of this data processing agreement is based on the term of the main contract, provided no further obligations arise from the provisions of this annex.
2.1 The Contractor processes personal data on behalf of the Client. This comprises activities which are specified in the contract and the performance description. The Client is solely responsible, within the scope of this contract, for observing the provisions of the data protection law, in particular for the legality of the data transfer to the Contractor, as well as the legality of the data processing, and is therefore the "data controller" as per Art. 4 (7) of the GDPR.
2.2 The instructions are initially specified by the main contract and can then be amended, supplemented or replaced in written or electronic form (text form) by individual instructions sent to the indicated office of the Contractor (individual instruction). Instructions which are not intended in the contract, are treated as an application for a service change. Verbal instructions are to be confirmed immediately in writing or text form.
3.1 The Contractor is only permitted to process data of data subjects within the scope of the order and the instructions of the Client, unless it concerns an exception as per Article 28, paragraph 3 a), GDPR. The Contractor shall notify the Client immediately if they believe that an instruction violates the applicable laws. The Contractor is allowed to suspend the implementation of the instructions until they have been confirmed or amended by the Client.
3.2 The Contractor shall organise their company within their area of responsibility, so that the special data protection requirements are met. The Contractor shall take technical and organisational measures to ensure adequate protection of the Client's data, which meets the requirements of the General Data Protection Regulation (Art. 32 GDPR). The Contractor shall take technical and organisational measures that ensure the confidentiality, integrity, availability and capacity of the systems and services associated with the processing, in the long term. The Client is aware of these technical and organisational measures and shall bear the responsibility for ensuring that this provides a suitable degree of protection for the risks of the data to be processed. While the Contractor is entitled to change the technical and organisational measures, they have to ensure that the contractually-agreed level of protection is still met.
3.3 The Contractor shall support the Client, if agreed and within the scope of what is possible, when fulfilling the requests and claims of data subjects as per Chapter III of the GDPR, as well as observing the obligations in Art. 33 to 36 GDPR.
3.4 The Contractor guarantees that the employees who deal with the processing of the Client's data and other people who work for the Contractor are not permitted to process the data beyond the scope of the instructions. Furthermore, the Contractor guarantees that the people authorised to process personal data have been obliged to observe confidentiality or are subject to a suitable legal non-disclosure obligation. The confidentiality/non-disclosure obligation continues to exist after the end of the order.
3.5 The Contractor shall notify the Client immediately, if they become aware of violations of the protection of personal data of the Client. The Contractor shall take the necessary measures to back up the data and to reduce the possible negative consequences for the data subjects, and shall discuss this immediately with the Client.
3.6 The Contractor appoints the Client as the contact partner for data protection related questions arising within the scope of the contract.
3.7 The Contractor guarantees to meet their obligations as per Art. 32, paragraph 1 (d) GDPR, and to implement a process for the regular verification of the effectiveness of the technical and organisational measures to ensure the safety of the processing.
3.8 The Contractor shall correct or delete the data which is the subject matter of this contract, if the Client instructs them to do this and it is covered by the scope of the instructions. If the deletion or corresponding restriction of data processing is not possible in a manner which conforms with data protection, the Contractor shall undertake the data protection conform destruction of data carriers and other materials, based on an individual order from the Client, or they shall give these data carriers back to the Client, provided nothing else has already been agreed in the contract. In particular cases to be determined by the Client, data will be stored or transferred. The remuneration and protective measures for this have to be agreed separately, provided nothing has already been agreed in the contract.
3.9 Data, data carriers and all other materials are to be either handed back or deleted at the end of the order, at the Client's request.
3.10 In the event of the assertion of any claims against the Client by a data subject as per Art. 82 GDPR, the Contractor is obliged to support the Client in the defence of the claim within the scope of what is possible.
3.11 The processing of data is generally done within the EU or the EEA. Any relocation to a third country is only allowed to be done in accordance with the provisions contained in Chapter V of the General Data Protection Regulation, as well as observing the provisions of this contract.
4.1 The Client has to notify the Contractor immediately and in full, if they identify any errors or irregularities in the results of their work concerning the data protection law provisions.
4.2 In the event of the assertion of any claims against the Client by a data subject as per Art. 82 GDPR, point 3.10 shall apply accordingly.
4.3 The Client shall appoint the Contractor as the contact partner for data protection questions arising within the scope of the contract.
5.1 If a data subject contacts the Contractor with requests for correction, deletion or information, the Contractor shall refer the data subject to the Client, if it is possible to allocate them to the Client based on the details provided by the data subject.
5.2 The Contractor shall forward the application of the data subject immediately to the Client. The Contractor shall support the Client, as per the instructions, within the scope of what is possible, if agreed.
5.3 The Contractor is not liable if the request of the data subject is not replied to at all, not correctly or not on time.
6.1 The Contractor shall prove to the Client that they observe the obligations specified in this contract, using suitable means.
6.2 If inspections are necessary, in individual cases, by the Client or an investigator commissioned by them, they shall be done during normal working hours, without interrupting the business operations, after prior registration and considering suitable advance notice. The Contractor is allowed to make these inspections dependent on the prior registration with a suitable advance notice, and on the signing of a non-disclosure statement regarding the data of other customers and the established technical and organisational measures. If the investigator commissioned by the Client is in competition with the Contractor, the Contractor has the right to reject them. The amount of work involved in an inspection is generally limited to one day per calendar year for the Contractor.
6.3 If data protection authorities or other supervisory authorities undertake an inspection of the Client, point 6.2 applies accordingly. The signing of a non-disclosure obligation is not necessary, if these supervisory authorities are subject to professional or legal non-disclosure, whereby a violation is punishable under the German Criminal Code.
7.1 The Contractor is allowed to commission other order processors ("subcontractors") without the separate prior approval of the Client, within the scope of data processing as per point 1.2 (Art. 28, paragraph 2, clause 1, GDPR). Before enlisting further subcontractors, or replacing existing ones, the Contractor shall notify the Client at the latest 14 days before the planned commissioning. If the information is not provided on time, approval is not deemed to be issued. The Contractor shall notify the Client of the name and address of the subcontractor as well as the contents of the planned sub-contract. The Contractor shall document this information in a suitable manner.
7.2 The Client can object to the replacement/enlisting - within a suitable deadline of 7 days - on important grounds - by notifying the office specified by the Contractor. If the Client does not use their right to object within this period of time, the approval will be deemed to have been issued.
7.3 The Contractor shall conclude agreements with subcontractors that have a suitable scope and which correspond to the requirements on confidentiality, data protection and data privacy of this agreement, to ensure suitable data protection and information security measures.
7.4 Subcontractors are to be selected carefully, in particular taking into account the technical and organisational measures they have taken as per Art. 32 GDPR. They are to be checked before the commissioning and during the term of the contract to ensure they comply with the legal and contractual data protection law provisions and the agreed technical and organisational protective measures. The results of these checks are to be documented and sent to the Client on request.
7.5 The transfer of personal data to the subcontractor is only permitted, if the subcontractor meets the obligations as per Art. 28 GDPR. The commissioning of subcontractors is done in writing (electronic form is also possible, Art. 28, paragraphs 4 and 9, GDPR).
7.6 The Contractor shall ensure that the Client is entitled to the rights to check specified in point 6, even concerning subcontractors already used.
7.7 Subcontracting services as per this contract are only services which have a direct link with the performance of the main service. Incidental services, such as transportation, maintenance and cleaning, as well as the use of telecommunications services or the user service, are not included. The Contractor is, however, obliged to also make suitable and legal contractual agreements and take verification measures to ensure data protection and the data security of the Client's data, including for outsourced incidental services.
7.8 At the moment, the Client uses Host Europe GmbH, Hansestr. 111, 51149 Cologne, Germany as a subcontractor for the saving of (personal) data on data processing equipment (the renting of hardware and software, the provision of connections to the internet, other services). The Client declares their agreement with the commissioning.
The Client and Contractor are liable to data subjects in accordance with the provisions set out in Art. 82 GDPR.
9.1 If the Client's data held by the Contractor, endangers third parties due to assignment or seizure, due to insolvency or settlement proceedings, or due to other events or measures, the Contractor has to notify the Client immediately about it. The Contractor shall immediately notify the data controllers in this context that the authority and the ownership of the data lies exclusively with the Client, as the data controller in accordance with the General Data Protection Regulation.
9.2 Changes and supplements to this agreement and all its components - including any assurances of the Contractor - require a written agreement, which can also be provided in electronic form (text form) and the explicit reference that it concerns a change or supplement to these conditions. This also applies to the waiver of this written form requirement.
9.3 If individual parts of this agreement are invalid, this shall not affect the validity of the rest of the agreement.
9.4 German law applies.