This Service Agreement (in the following “Agreement”) is made and entered into by and between KIProtect GmbH, Bismarckstr. 10-12, 10625 Berlin, Germany (“KIProtect”) and Customer.
KIProtect has developed downloadable software (DS) which it makes available as a software package that can be used by Customer in its own IT infrastructure (DS), for the purpose of helping Customer to automate and manage data protection and data security measures. Customer wishes to access and use the DS in its business operations; KIProtect has agreed to provide services as set out below and the Customer has agreed to accept and pay for KIProtect’s services subject to the terms and conditions of this agreement. Now, therefore, in consideration of the background set forth above and the mutual covenants contained herein, the parties hereby agree as follows:
- Downloadable Software (DS)” means the KIProtect Software defined as follows: KIProtect offers downloadable software to automate and manage data protection and data security related tasks to the Customer’s Authorized Users.
- “Authorized Users” means those employees, agents, independent contractors, consultants or other individuals who are authorized by the Customer to use the DS and for whom rights to use the DS have been purchased and User Accounts have been supplied.
- “Change of Control” means the direct or indirect acquisition of either the majority of voting stock of a party or all or substantially all of the assets of such party, by another entity in a single transaction or a series of transactions; or the merger of such party with another entity, in which such party is not the surviving entity.
- “Customer” means anyone who accepted this agreement.
- “Paying Customer” will only be business Customers and means the business with whom KIProtect contracts.
- “Customer Data” means the Customer’s data stored, processed, transmitted, collected, or generated by Customer and/or its Authorized Users in connection with the use of the DS.
- "Customer Data Source" means data processing or storage systems that Customer connects to KIProtect’s DS.
- “Fees” means the license fees payable by the Customer.
- “Purchase Date” means the date when the Customer purchases the DS.
- "Support End Date" means the date when the support and update license for a purchased DS expires.
- “Support” means the provision of web-based technical assistance by KIProtect to the Customer with respect to installation, errors and technical product problems.
- "Taxes" means any duties, customs fees, or taxes (other than KIProtect’s corporate tax) associated with the sale of the Service, including any related penalties or interest.
- “Term” and “Term of Service” means the term of this Agreement.
- “User Account” means the account established with KIProtect in order to download the DS.
- “User Generated Content” means any suggestions, comments, posts, articles, enhancement requests, recommendations or other feedback provided by Customer or its Authorized Users, relating to the operation of the DS.
2. Grant of Rights
- Subject to the fulfillment of the obligations arising out of this Agreement by Customer KIProtect grants to Customer’s Authorized Users a permanent, unlimited, non-exclusive, non-transferable (except to a successor in interest in the event of Customer’s Change of Control), non-sublicensable right to use the DS in its own IT infrastructure.
- KIProtect provides versions of the DS to Customer as downloadable binaries and Docker images during the Term. Customer has the right to keep local copies of these artefacts (binaries and images) for archival and backup purposes and use them even after the Support End Date.
- Customer shall only allow access to the DS to Authorized Users.
- Documentation will be available in English at the respective product websites linked to on https://kiprotect.com, in particular https://heyklaro.com/docs and https://heykodex.com/docs.
- New Versions / Changes.
- Customer acknowledges and agrees that the DS may change from time to time without prior notice. Changes include, without limitation, security patches, added or removed functionality, and other enhancements or restrictions. For Paying Customers KIProtect will not limit the essential functions of the DS.
- KIProtect will provide multiple versions of DS on its website to Customer. Customer can install and upgrade DS at its own discretion. KIProtect will use semantic versioning to indicate patch, minor and major releases of DS. KIProtect will provide security and stability updates for outdated minor versions for at least 12 months. KIProtect will not willingly include breaking changes into patch releases and will strive to limit backwards-incompatibility in minor releases. KIProtect will provide detailed change logs for every release.
- KIProtect will not provide support, security updates and bugfixes for outdated major releases of DS. KIProtect considers a major release of DS outdated 12 months after a newer major version has been released.
- KIProtect has the right to, in KIProtect’s sole discretion (i) refuse or remove any content that, in KIProtect’s reasonable opinion, violates any KIProtect policy or is in any way harmful or objectionable, or (ii) terminate or deny access to and use of the website to any Authorized User violating any KIProtect policy or third Party rights, in KIProtect’s sole discretion. Adjustments, changes, and updates of the DS that help to avoid outages and security issues or maintain or extend functionality may lead to temporary service suspensions. KIProtect will try to limit downtime of the service or restrictions of accessibility to 8 hours per year on average (corresponding to 99.9 % availability). KIProtect will try to do regular maintenance works during the weekend or at times between 10 pm and 6 am (CET). Customer is aware that the DS may not work if Customer’s Data Sources are not properly available (be it to KIProtect or the Customer).
- Support requests concerning the use of the DS shall be sent via e-mail to email@example.com or, if available, submitted in the KIProtect web application. Support is available in English and German.
- Additional support services can be specific in a separate service agreement entered by Customer and KIProtect.
- Customer acknowledges that certain infrastructure requirements need to be fulfilled in order to run DS. These requirements are specific in the documentation and can change over time. Customer acknowledges that it is in its responsibility to ensure the infrastructure in which DS is used fulfills these requirements, and that KIProtect is not obliged to provide support for the deployment or operation of services that are not part of, but required to run DS.
- Source Code License
- KIProtect will provide Customer a copy of the source code of DS with each release, including all configuration and auxiliary data necessary to produce DS artefacts like the ones provided to Customer.
- Customer has the right to use and modify the source code for internal use and build as well as use binaries based on the modified source code.
- Customer acknowledges that DS uses third-party code and libraries that are published under various open-source licenses.
- KIProtect claims no rights over any Customer Data. Customer retains copyright and any other rights Customer already holds in the Customer Data processed by KIProtect.
- Customer understands that KIProtect uses third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to provide services like allowing DS downloads.
5. Promotions and Marketing
- Customer may use the KIProtect name, brand and logo for promotion and marketing purposes with KIProtect’s prior written consent.
- Likewise, KIProtect may use the Customer name, brand and logo for promotion and marketing purposes with Customer’s prior written consent.
6. Fees, Expenses, and Taxes
- Trial Period.
- Customer can optionally evaluate DS as agreed with KIProtect in a separate license or Proof-of-Concept (PoC) agreement.
- Invoices; Payment; Late Payment.
- Customer agrees to pay all amounts specified in the purchase agreement entered by Customer and KIProtect. Prices are plus statutory value added tax. Invoices will be issued by e-mail and in either Euro or the currency of the Customer’s country of residence. If the due date for the payment is a fixed calendar date, the Customer shall be in default of payment once this date has expired. Otherwise, the Customer shall be in default after a warning letter has been sent, or, at the latest, if the Customer fails to pay an invoice within 10 days from the due date and receipt of such invoice. In the event of default, the Customer shall pay to KIProtect default interest amounting to 9 percentage points above the applicable base rate. Should Customer fail to fulfill its payment obligations, KIProtect reserves the right to temporarily, up until full payment has been effected, or permanently block the Customer's access to the DS artefacts. The Customer's obligation to pay default interest shall not preclude the assertion by KIProtect of default damage going beyond this.
- Customer is responsible for any Taxes, and Customer will pay KIProtect for the Service without any reduction for Taxes. If KIProtect is obligated to collect or pay Taxes, the Taxes will be invoiced to KIProtect, unless Customer provides KIProtect with a valid tax exemption certificate authorized by the appropriate taxing authority. If Customer is required by law to withhold any Taxes from its payments to KIProtect, Customer must provide KIProtect with an official tax receipt or other appropriate documentation to support such payments.
7. Customer Obligations
- Customer shall use the DS exclusively for authorized and legal purposes, consistent with all applicable laws, regulations, and the rights of others, and without limitation, Customer will not use the DS to knowingly infringe the intellectual property rights of others.
- Customer agrees to comply with all applicable laws and regulations relating to data protection and privacy of personal information, including all privacy notification statutes and requirements currently in effect and that may come into effect during the Term.
- Customer is responsible for the security of Customer’s passwords and keys and for any use of Customer’s account.
- Customer agrees to assume full responsibility for configuring the DS to allow appropriate access to any Customer Data provided to the DS.
- Customer retains sole responsibility for any Authorized User that Customer allows to view Customer Data in Private Data Sources and entrusts them at his own risk.
- KIProtect is not responsible if Customer fails to configure, or misconfigures, the DS and inadvertently allows unauthorized parties to access any Customer Data.
- Customer shall promptly notify KIProtect of any known violation of the terms and conditions of this Agreement and shall cooperate with KIProtect with respect to: (a) investigation by KIProtect of any suspected or alleged violation of this Agreement; and (b) any action by KIProtect to enforce the terms and conditions of this Agreement.
8. Warranty, Limitation and Exclusions of Liability
- KIProtect represents and warrants that it will provide the DS in a professional manner consistent with good industry practices.
- Defects in the supplied Software shall be remediated within a reasonable time following a detailed notification of such defect being given to KIProtect by the Customer. For remediating defects, KIProtect may choose to replace the defective Software with a version of the Software which is free of defects.
- Unless otherwise specified at the end of section 8.4 the Customer’s claims for damages are excluded. Particularly but not exclusively KIProtect shall not be liable for any claims, losses, or damages (a) caused by actions taken by KIProtect at Customer’s direction; and (b) arising out of or in connection with Customer’s or any Authorized User’s use of the DS in violation of the terms of this Agreement and (c) arising out of Customer’s non-compliance with the technical requirements specified in the DS documentation, or arising out of unauthorized access to the DS (particularly but not exclusively hacking or theft of data).
- Except as expressly provided in section 8.1, the DS is provided "as is", without warranties of any kind whatsoever, express or implied, in contract, in tort or otherwise, including but not limited to the warranties of merchantability, fitness for a particular purpose, regulatory compliance and accuracy of any information provided. In no event shall either party be liable for any incidental or consequential damages, including loss of income, data, profits, revenue or business interruption, or cost of substitute services, or other economic loss, whether or not such party has been advised of the possibility of such damages, and whether any claim for recovery is based on theories of contract, warranty, tort or otherwise. The limitation and exclusion of warranty and liability set forth in this section shall not apply in cases of death, personal injury, fraud or willful misconduct, where liability is legally mandated, such as under the Product Liability Act, in cases of malicious intent, gross negligence, where assurance of freedom from defect was given or in case of failure to fulfill essential contractual duties.
- Customer shall defend, indemnify and hold harmless KIProtect, against any loss, damage or costs (including reasonable attorneys' fees) incurred in connection with claims made or brought against KIProtect by a third party to the extent that Customer Data, or Customer's use of the DS is in violation of this Agreement, infringes the intellectual property rights of, or has otherwise harmed, a third party.
10. Term and Termination
- The Agreement runs for an indefinite time and will remain in effect until terminated by one of the Parties in accordance with this section. The Parties may terminate this Agreement or any subscription feature for any or no reason at their convenience to the end of the subscription period.
- Termination may be issued in writing or by using the provided account closing mechanism, if provided by KIProtect.
- If Customer does not cancel before the end of the booking period, the Service will be extended for one more period.
- In addition, each Party’s right to terminate
this Agreement for good cause remains unaffected.
Good cause for termination of the Agreement by
KIProtect shall include, but is not limited to, the
- a serious breach of the obligations arising from this Agreement by the Customer.
- a default in payment of the Customer with an amount that equals at least the compensation of one month (including, but not limited to, the failure to settle outstanding invoices).
- a serious breach of contract leading to the loss of mutual trust or renders the continuation of this Agreement in consideration of the purpose of the Agreement unreasonable.
- an application for the initiation of insolvency proceedings concerning the Customer, as well as the refusal to open insolvency proceedings for lack of assets, or the issue of a declaration in lieu of an oath, or any similar proceedings.
- Upon any termination for cause by Customer, KIProtect shall refund to Customer, within thirty (30) days, any prepaid Fees. In no event shall any termination relieve the Customer of the obligation to pay any Fees payable to KIProtect for the period prior to the effective date of termination. Upon any termination for cause by KIProtect, Customer shall pay any unpaid Fees and Fees which would have been payable for the whole subscription period.
- In case of termination of the Agreement, Customer’s Data will be deleted. Backups thereof will be deleted within 30 business days. Customer Data required for tax or legal reasons will be retained.
- The rights and obligations of KIProtect and Customer contained in Sections 4 (Ownership), 6 (Fees, Expenses and Taxes), 8 (Warranty, Limitation and Exclusions of Liability), 10 (Refund of Payment upon Termination), 11 (Survival) and 12 (General) shall survive any expiration or termination of this Agreement.
- This Agreement, and all rights and obligations of the Parties arising from or otherwise relating to this Agreement, shall be governed by, construed in accordance with, and enforced under the laws of the Federal Republic of Germany, without reference to principles of conflict of laws. The application of the United Nations Convention on Contracts for the International Sale of Goods is hereby excluded. Severability. In the event any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions of this Agreement shall remain in full force and effect.
- Neither party shall be liable hereunder by reason of any failure or delay in the performance of its obligations hereunder on account of events beyond the reasonable control of such party, which may include without limitation strikes, riots, fires, flood, storm, explosions, acts of God, war (whether declared or not), acts of piracy, acts of sabotage, terrorism, governmental action, labour conditions not in the control of the applicable party, cyclones, tidal waves, destruction by lightning and earthquakes (each a “Force Majeure Event”)
- Neither party may assign or transfer this Agreement, in whole or in part, without the other party’s written consent (which shall not be unreasonably withheld), except in the event of a Change of Control. Subject to the foregoing restrictions, this Agreement shall inure to the benefit of the successors and permitted assigns of the parties.
- This Agreement is drafted in the English language. If this Agreement is translated into any other language, the English language text shall prevail where there are conflicts.
- This Agreement can be amended by a separate license agreement entered between KIProtect and the Customer, which takes precedence over this agreement if there are conflicting clauses.
13. Data Protection
- To govern the processing of personal data according the General Data Protection Regulation (GDPR), Customer and KIProtect can sign a separate data processing agreement (DPA), which can amend or override specific terms of this service agreement.
- 2023-11-15 (the current version)