THE CUSTOMER AND CA ARE ALSO REFERRED TO HEREIN INDIVIDUALLY AS A “PARTY” OR COLLECTIVELY AS THE “PARTIES”.
1. Performance Obligations of CA
(1) Scope of Functions. The Services include, in particular, the provision of a software platform (hereinafter the “Platform”) by means of which the Customer can collect, process, implement and/or share feedback from its (prospective) clients, guests, visitors, etc. (hereinafter collectively the “Clients”). CA does not participate in the networking and communication between the Customer and its Clients with respect to the contents thereof, but CA does only provide the Platform as a technical enabler of such networking and communication. In accordance with the stipulation in the Order, the Platform can be used exclusively as a web application via the CA websites designated therein. All data of the Customer and its Clients are stored online on the cloud infrastructure provided by CA and can thus be used with different end devices at any time and from any location with sufficient Internet access. The specific scope, type of provision and functionality of the Platform, the system requirements and the content and scope of further Services are specified in detail in the Order.
(2) Provision of the Platform. CA will make available the Platform and all information required under the Order on the start date designated in the Order (hereinafter the “Start Date”). CA will also: (a) subject to any different availability specified in the Order, provide the Platform 24 hours a day, 365 days a year with at least 97% annual average availability; and (b) provide Services to the Customer as agreed. CA will take reasonable steps to back up the Customer’s data.
(3) Protection of Customer Data. CA shall, when providing the Services take appropriate technical and organizational measures to ensure an adequate level of data and information security. These security measures include, but are not limited to, measures to prevent the destruction, loss, or alteration, whether accidental or unlawful, or unauthorized disclosure of or access to the Customer’s data transmitted, stored, or otherwise processed using the Platform.
(4) System Restrictions. CA will notify Customer in text form of any work that may lead to a restriction or failure of the cloud infrastructure and therefore affect the Customer’s access to the Platform, and, where possible, coordinate the start and expected end with the Customer. Depending on whether the necessity, start and expected end of the required works are known to CA in advance, CA shall either give reasonable notice thereof in advance, or as early as possible upon becoming aware of the relevant circumstances and adverse effects.
(5) Subcontractors. Without prejudice to the Customer’s rights under Article 28(2) of the GDPR or the data processing agreement concluded between the Parties (Section 8(1)) with respect to subcontractors, CA is entitled to subcontract Services to third parties, unless such subcontracting would be unreasonable for the Customer.
2. Rights of Use and Restrictions on Use
(3) Extended Use. If the Customer desires to extend its or its Authorized Affiliates’ use of the Platform (e.g. with respect to Customer locations or the Authorized Affiliates), it may request such extension at any time during the term. If CA accepts this request, the Parties shall execute an amendment to the then existing Order, and CA will invoice the Customer for the balance between the Customer’s advance payment for the original Order and the additional fees due for the extended use (if any), which will be charged pro rata for the remaining term.
(5) Anonymization of Data. The Customer grants CA a non-exclusive right of use for the duration of the Order to anonymize the Customer’s data accruing during the use of the Platform and to use it as described below. Anonymization in this context means both the anonymization of personal data and the anonymization of company-related data with regard to the Customer or the Customer Affiliates. CA may use the data anonymized in this way for the purpose of providing reporting and benchmarking functions within the Platform, i.e. in particular to make it accessible to other users of the Platform. CA will ensure that the necessary legal basis for this use of data is observed. CA will inform the Customer in good time in advance of any changes or extensions to the purposes associated with the anonymization of personal data in order to enable the Customer to adapt data protection notices if necessary.
3. Customer Account and Platform Access
(1) Customer Account; User Invitation. Prior to the Start Date, CA shall setup and make available for Customer an online account through which Customer may access and manage the Platform (hereinafter the “Account”). The Customer may use its Account to grant permission to its own or its Authorized Affiliates’ directors, managers, employees, or external consultants (hereinafter collectively the “Users”) to access the Platform and make use of the Services at its own discretion, but must always observe the restrictions as set forth in the Order. Setting up a User requires the provision of a valid e-mail address. CA will send an invitation e-mail with a registration link to the User’s e-mail address provided by the Customer. CA is not obliged to check whether the e-mail address provided by the Customer is valid or whether the owner or each user of this e-mail address is actually authorized to access the Platform and the Customer’s data. The Customer may delete individual Users at any time and at its own discretion in order to exclude certain Users from further access to the Customer’s data within the Platform.
4. Further Obligations of the Customer
(1) Responsibility for Customer Data. The Customer is responsible for all data that it or Users import, upload, or otherwise create and process in the Platform. In particular, it is the sole responsibility of the Customer to ensure that data is collected and processed in accordance with applicable data protection laws.
(2) Compliance with Laws. The Customer is responsible for, and agrees to comply with, all applicable laws, regulations, and other legal and regulatory requirements, however designated, relating to the use of and access to the Platform, including, without limitation, applicable laws and regulations regarding the (re)export of software, technical data and information, or derivatives of such software, or technical data and information from other countries. The Customer will not permit Users to access or use the Platform in any country under embargo or in violation of any export control laws or regulations. In the context of the use of the Platform, the Customer is further responsible for addressing Clients exclusively in a manner that complies with applicable competition law and preserves the privacy rights of the Clients concerned.
(3) Indemnification. The Customer shall indemnify CA against all damages, losses, liabilities and costs (including attorneys’ fees and costs) arising out of: (a) any claim by a third party alleging that the Customer’s data infringes its intellectual property rights, or (b) any violation of laws and/or regulations, including but not limited to data protection laws or laws relating to export controls or laws relating to the sending of unsolicited advertisements, or (c) any unauthorized third-party access to the Platform. In such case, notwithstanding the foregoing, CA reserves the right to block the Customer’s access to the Platform if necessary to protect its own or other users’ legitimate interests. The rights granted to CA under this Section 4(3) shall apply only if the Customer has acted at least negligently. In the event of an indemnification obligation under this Section 4(3), CA shall: (a) promptly notify the Customer in writing of any such claim; (b) provide the Customer with sole control of the Customer’s defense and settlement of the dispute; and (c) provide the Customer, at the Customer’s expense, with all available information and reasonable assistance.
(4) Contacts. The Customer designates a contact person for the necessary arrangements under an Order, both for commercial and technical issues. The Customer has the right to exchange contact persons at any time during the term after prior written notification to CA.
5. Warranty and Liability
(1) Reporting of Errors. The Customer shall report to CA all defects of the Platform or CA’s Services. The Customer will assist CA in its defect and error handling, for example, by submitting test cases and/or test data, providing error logs, screen shots, or other useful information, which CA may request from the Customer.
(2) Warranty. CA warrants that the SaaS solution will have the agreed quality when used as intended. If a functional restriction becomes apparent, CA will, at its own discretion, either eliminate it or make the Platform available again. If the remedy fails, the Customer may, at its discretion, reduce the remuneration or, in the case of significant functional restrictions, terminate the Order in question. The remedy shall be deemed to have failed only if and when the Customer has given CA reasonable opportunities, in terms of number and scope, to effect subsequent performance and the Customer cannot reasonably be expected to accept further attempts to remedy a functional restriction. In assessing the reasonableness of further attempts at elimination, particular consideration shall be given to whether CA has already provided or set up a workaround that eliminates or at least substantially limits the effects of the functional restriction.
(3) Defects of Title. CA further warrants that the use of the Platform does not infringe any third-party rights. In the event of an infringement of the intellectual property of third parties by the SaaS solution provided under an Order for which CA is responsible, CA may, at its own discretion, either acquire at its own expense a right of use for the benefit of the Customer that is sufficient for the use agreed in the relevant Order, or modify or provide a new Platform with no effect, or only an effect that is reasonable for the Customer, on its functions in such a way that no intellectual property of third parties is infringed any longer.
(4) Third-Party Claims. If the Customer becomes aware that a third party is claiming that the provision and/or use of the Platform infringes the intellectual property rights of this or any other third party, the Customer will notify CA of this without delay. In such a case, CA will assume the legal defense at its own expense and attempt to reach an agreement. The Customer shall support CA in this in an appropriate and reasonable manner. The Customer’s warranty claims based on defects of title remain unaffected.
(5) Limitation of Warranty. The Customer acknowledges that CA cannot control the transmission of data via communication facilities, in particular the Internet. Having said this, the Parties agree that CA is not obligated to provide a warranty to the extent that a limitation of performance is due to errors in the communication equipment. Furthermore, the Customer shall have no warranty claims if the use of the Platform is impaired by improper operation on the part of the Customer or its Users. Pursuant to the preceding sentence, warranty claims are excluded in particular in the event of impairments caused by the Platform being used under conditions of use that do not correspond to the hardware and software environment specified by CA.
(6) Statute of Limitations. Warranty or other liability claims of the Customer shall become statute-barred within twelve (12) months, except in cases of intentional or grossly negligent acts, injury to life, limb or health, breach of a guarantee, fraudulent concealment of a defect and in cases of the Product Liability Act (“Produkthaftungsgesetz”).
(7) Unlimited Liability. CA’s liability, whether resulting from a defect of the Services or any other act or omission, is unlimited in cases of intentional or grossly negligent conduct, injury to life, limb or health, breach of a guarantee, fraudulent concealment of a defect and in cases under the Product Liability Act (“Produkthaftungsgesetz”).
(8) Limitation of Liability. For otherwise negligent actions, whether resulting from a defect of the Services or any other act or omission, CA’s liability is limited to the typically foreseeable damage, and CA is only liable for the breach of such obligations whose fulfillment, taking into account the mutual interests of the Parties, is essential for the performance of the contract and on whose fulfillment the Customer may rely. CA’s liability is otherwise excluded.
(9) Applicability to Other Persons. The above provisions also apply in favor of CA’s legal representatives, employees, and vicarious agents.
6. Remuneration; Terms of Payment; Set-off
(1) Remuneration; Adjustment of Remuneration. CA’s remuneration, including all ancillary costs and any rebates and discounts granted, shall be determined by the Parties in each case in the Order for the Services agreed thereunder. Unless otherwise specified in an Order, CA may adjust the fees annually. Adjustments are permitted in particular to reflect changes in the costs of salaries and wages and purchased IT services. An adjustment to the fees will be effective as of the date specified by CA, effective for the next renewal period of the Order, but not earlier than one month after receipt by the Customer of a notice of the adjustment to the fee. If CA, within a single year, increases the fees by more than 5%, the Customer is entitled to terminate the relevant Order with effect from the effective date of the adjustment. The termination must be made in writing without delay, but no later than 14 days after receipt of the notification of the adjustment of the remuneration.
(2) Billing Interval; Payment Period. Unless expressly agreed otherwise in the Order, annual remuneration with annual advance payment is agreed. The payment period for all invoices from CA is 14 days from receipt of the invoice at the (electronic) invoice address designated by the Customer upon conclusion of the contract.
(3) Taxes and Fees. All remunerations stated in an Order are net amounts in euros and are to be paid by the Customer plus any applicable taxes. Bank, transfer or other fees incurred for payment shall be borne by the Customer.
(4) Set-off. The Customer may only set off against CA’s claims for remuneration with claims that have become res judicata or have been acknowledged by CA. This does not apply if the Customer’s claims for set-off are based on costs of remedying defects or additional costs of completion.
7. Term and Termination
(1) Term. An Order shall be binding upon its due signature by both Parties (hereinafter the “Close Date”) The Order determines the initial term of the agreement (hereinafter the “Initial Term”), which shall commence on the Start Date. The Order shall be automatically renewed for periods of one year (hereinafter each a “Renewal Term”) unless terminated in writing by either Party with ten (10) days’ notice to the end of the Initial Term or the respective Renewal Term.
(2) Extraordinary Termination. Each Party shall be entitled to extraordinary termination if it can no longer reasonably be expected to continue the contractual relationship. The extraordinary termination shall be declared in writing to the respective other Party. A reason for extraordinary termination exists in particular in cases in which the terminating Party had previously notified the other Party at least in text form of a material breach of contract and this breach of contract was not remedied by the other Party within 30 days.
(3) Consequences of Termination. Upon effectiveness of any termination, (a) all rights to use the Platform shall terminate; (b) the Customer shall cease using the Platform; and (c) CA shall provide the Customer with a file of all Customer data in a specially agreed format upon Customer’s request.
8. Other Provisions
(1) Order Processing. When providing the Services, it is necessary for CA to process personal data as a processor for the Customer as the controller. In such cases, the Parties shall enter into the appropriate data processing agreements in accordance with applicable law.
(2) Place of Performance. The place of performance for all Services is the registered office of CA, unless performance is required to take place at another location due to the nature of the matter.
(5) Force Majeure. Neither Party shall be liable to the other for any delay in performance or its inability to perform at all if such delay or inability to perform occurs due to fire, natural disaster, governmental Order, riot, civil commotion, strike, lockout or any other event beyond the control of such Party and over the continuance or elimination of which such Party has no control (hereinafter a “Force Majeure Event”), whether such Force Majeure Event occurs at such Party itself or at any of its subcontractors.
(6) Assignment. A Party must not assign the Order or its rights or obligations arising therefrom, whether by operation of law or otherwise, without the prior written consent of the other Party, which shall not be unreasonably withheld. Notwithstanding the foregoing, either Party may assign an Order in its entirety without the consent of the other Party in connection with a merger, acquisition, corporate reorganization or sale of all or substantially all of its assets in which no competitor of the other Party is involved. In the event of an assignment as defined in the preceding sentence, the assigning Party shall give written notice of the assignment to the other Party. A Party’s sole remedy for an alleged assignment in violation of this Section 8(6) shall be termination for cause. Subject to the foregoing, the assignment agreement shall be binding upon and inure to the benefit of the Parties, their respective successors and permitted assigns. Any assignment in violation of this Section 8(6) shall be deemed void ab initio. Section 354a of the German Commercial Code (“Handelsgesetzbuch, HGB”) shall remain unaffected.
(7) Waiver. The failure of either Party to enforce any right or provision of the Order shall not constitute a waiver of such right or provision unless the waiver is expressly stated by such Party.