Terms and Conditions
Company

Welcome to ZOA GDPR, the internet-based application to support the implementation of the EU General Data Protection Regulations (GDPR).

These General Terms and Conditions (hereinafter "T&C") govern the relationship between SWISS FIN LAB GmbH, Weiherweg 8, 8604 Volketswil, Switzerland (hereinafter "we", "us", "ZOA GDPR" or "Operator") and persons who wish to use the following online services of the Operator (hereinafter "User", "you" or "your"). The current version of the T&C are available on the website app.zoa-gdpr.com/en/terms-company/.

ZOA GDPR provides Internet-based software-as-a-service services ("SaaS") in the area of implementation of important requirements of the EU GDPR (hereinafter "Software"). The Software serves to enable the collecting of the User's personal data processing activities as required by the EU GDPR and at the same time it serves to communicate directly via the Software with a consultant (lawyer, consultant, etc.) selected by the User about legal issues (hereinafter "Partner"). The Software requires that the User works with a Partner and cannot be used without a Partner. If the User does not have a Partner, the Operator will act as Partner. The contractual relationship between the User and the Partner remains unaffected by these T&C and the User is free to change the Partner at any time.

To use the Software, the Partner must provide the User with a Partner-specific registration code. The User can register to use the Software only with this registration code. The User account created with the registration code is linked to the Partner in such a way that the Partner has access to the data entered by the User and can also edit this data. Any changes made by both the User and the Partner are documented and saved by the Software.

The violation of these T&Cs can lead to the closure of your User account. The use of the Software particularly prohibits irresponsible and illegal activities and you agree that we cannot be held responsible for such activities and their consequences.

We will make the Software available to you for the duration of this agreement in the version you have paid for and its most current version. It is made available on a server that can be reached by you as a User via the Internet.

The functionality of the Software is continuously checked by us. All Software errors will be corrected within a reasonable period of time in accordance with the technical and design possibilities. Such a Software error exists if the specified features are not fulfilled, lead to incorrect results or make the usability of the Software impossible.

We are constantly developing the Software further and will improve it through updates. The current range of features can be found on the website www.zoa-gdpr.com.

The User must be at least 18 years of age to register for the Software. Both natural and legal persons can register. Registrations by "bots" or similar automatic methods are not permitted. You can register by entering your e-mail address and choosing a user name and password.

Registrations with temporary e-mail addresses are not allowed - you must register with a permanent e-mail address so that we can reach you this way in urgent cases.

We reserve the right to refuse the registration of a User account without giving reasons.

During the registration process and when setting up your settings in the Software, you must provide all necessary information carefully and in a valid form in order to complete the registration process and use the Software correctly.

Each registration or each User account is valid exclusively for a specific User. The shared use of a single User account for multiple companies or the transfer of your User account to third parties, whether paid or not, is not allowed.

You are responsible for the creation, secure storage and secrecy of your access data (especially your password). We are explicitly not liable for any loss of your access data and/or the resulting access and manipulation of your data by third parties.

You are solely responsible for the input, maintenance and intended use of all data that you enter into the Software and for keeping your data free of viruses or other harmful components before transmission (see also #12 Liability).

If you use a trial version of the Software, then your usage options are subject to certain restrictions (defined when ordering a trial account).

You may only use the Software within the scope of the purpose of the agreement (see # 1 subject matter of the agreement) and in accordance with these T&C and the applicable laws. In particular, you must observe the Data Protection Act in the currently valid version (EU GDPR) and the regulations for the protection of intellectual property.

Editing, duplicating or selling the Software or parts thereof, as well as saving and installing the Software on data carriers, is not permitted, with the exception of temporary loading of the Software into the working memory without making (backup) copies.

We reserve the right to immediately suspend your access to the Software if there are reasonable grounds to suspect that your User account is being used improperly or in a manner that violates the law or your contractual obligations, in particular also if the Software is being used by unauthorized third parties, or if you infringe our copyrights.

If your access to the Software is suspended, we will inform you immediately about the suspension and its reasons. Any suspension of your access will be lifted as soon as the suspicion of illegal use or illegal data can be ruled out.

In the event of use by third parties contrary to the agreement, you undertake to surrender on first request all information necessary to assert any claims against third parties, in particular their names and addresses as well as further contact details.

The Software enables the collecting of the User's personal data processing activities as required by the EU GDPR and document data protection related activities.

The Software enables the creation of reports in connection with the disclosure obligation according to the EU GDPR.

The User can centrally store information concerning the company relevant for data protection.

The Software simplifies collaboration with Partners such as lawyers, consultants or data protection experts. The User's account is connected to a Partner account. The Partner has direct access to the User's information, which should enable them to directly clarify any problems or legal questions.

A description of included features of the Software can be found on the website www.zoa-gdpr.com.

We provide you with storage space on a server in the EU to store your data. You are free to choose at which location we should make the Software available to you.

We ensure that the stored data can be accessed via the Internet as far as technically possible.

You agree not to store any data that violates any provisions of this agreement or any other applicable law.

You retain all rights and obligations to data and content which are created, stored, transferred or managed via the Software (hereinafter "User Data").

The Operator will only access or process this User Data if this is necessary for the provision of the services or if the User gives specific instructions (e.g. during support). User Data may also be accessed if required by an agreement, policy or applicable law.

We commit ourselves - unless forced to do so by legal regulations - not to pass on the User Data to third parties under any circumstances. You have the right to request the surrender or complete deletion of your User Data at any time. User Data will be disclosed by electronic means (e.g. email). We are explicitly not obliged to make Software available to you for further use of transmitted User Data.

The Operator undertakes to take suitable and reasonable precautions against data loss and to prevent unauthorized access to User Data by third parties as far as technically possible. For this purpose, the Operator will create daily backups of the User Data in encrypted form. Especially when using the Software in trial versions, however, a possible loss of data cannot be excluded.

The Software guarantees adequate protection against CSRF (Cross Site Request Forgery).

The Software is accessible via a secure, certified data connection (https).

During registration and within the scope of the business transaction we determine and process data from you to the necessary extent: surname and first name, company name, email address, information about type and content of our contractual relationship and other personal data which you make available to us during the contract initiation or during the contractual relationship: e.g. a bank account specified by you. All personal information is handled with the utmost confidentiality.

As far as the User Data is personal data, the following applies: the Operator processes the User Data as contract data processor exclusively for the purpose of providing the contractual services on behalf of and according to the instructions of the User. The Operator takes appropriate technical and organisational measures to protect User Data. The User remains the sole responsible party in relation to the Operator within the meaning of data protection law and responsible for the legality of the gathering, processing and use of User Data in accordance with the statutory provisions, in particular the Data Protection Act. In particular, the User will obtain any necessary consent and provide information on data protection. If necessary, User and Operator will conclude an additional agreement regarding contract data processing.

The Operator strives to conclude identical agreements with any third parties (employees, service providers, etc.).

Within the framework of the statutory provisions, the Operator is authorized to use anonymized User Data for operational purposes (in particular for market research) and evaluate it. The User explicitly agrees to this.

For the operation of the Software, the Operator is dependent on viewing and, if necessary, editing User Data for support inquiries or as part of technical work. Due to the cooperation between the User and the Partner, this data may be subject to professional secrecy (Art. 321 Swiss Criminal Code). The User explicitly releases the Partner, as well as employees of the Partner, insofar as they are subject to professional secrecy, from professional secrecy with regard to all information and documents which they make available on the Software and all documents which are created by the Partner.

To ensure the proper use of the Software, we would like to point out that you should follow the channels of communication provided by us (in various forms) using at least one channel. We use these communication channels to inform you about changes, innovations, further developments etc. at given times. We do this through blog entries, publications in the releases, via Facebook and Twitter and at irregular intervals via newsletters. You are responsible for obtaining the information provided.

We would also like to encourage you to send questions, comments, problems etc. to - and thus participate in the development and design of the Software. We strive to treat you as a partner with respect, which means that we value and consider all forms of communication and participation.

We offer different versions of the Software. The type and scope of the contractual services result from the features of the respective version of the Software which are documented on the website www.zoa-gdpr.com.

The Software is a paid service, the current price of the version you ordered can be found at www.zoa-gdpr.com.

The User undertakes to pay the Operator the remuneration plus statutory value added tax for the version chosen by the User.

Payment is possible by credit card or bank transfer. After the payment has been made, you will receive an invoice showing the services received.

If payment is not made or is cancelled, we are entitled to suspend your access to the Software with immediate effect.

The Operator is entitled to adjust the prices and service contents by written notice to the User at the next possible termination date. Reasons for such a change in performance are in particular the further development of the Software. If the User does not wish to continue the agreement under the changed conditions, he is entitled to extraordinary termination with 30 days' notice at the time of the change.

With a functioning Internet connection, the Software is generally available, whereby we guarantee on working days between 8:00 and 18:00 an availability of 95% as an annual average.

The Software may not be accessible if adaptations to the object of the contract or the detection and rectification of malfeatures for technical and design reasons require a temporary interruption of its provision. We will inform you in good time of any foreseeable interruptions in the availability of the Software (at least 24 hours before). Should it not be possible to correct errors within one working day of the error being reported, we will inform you by email and let you know how long it will take to correct the error, when the Software will be available again and which work-arounds may exist in the meantime.

We guarantee the functionality and usability of the Software in accordance with the provisions of these T&C.

Within the framework of legal provisions, the Operator excludes any liability towards the User (or any third party), in particular for the fulfillment of his contractual and non-contractual obligations and for the loss of data and loss of profits (including for negligence). This exclusion of liability also applies to damages caused directly or indirectly by the use of the Software.

In all cases, irrespective of the liability basis, the mutual liability of User and Operator is limited to the amount owed by the User in the 12 months prior to the event giving rise to the liability.

You are required to keep your data free of viruses or other harmful components before entering it into the Software. Should defective data impair or damage the Software or the server on which this data is stored, we reserve the right to assert claims for damages.

Each User can request and use a single trial account once. The multiple use of trial accounts by one User is not permitted. The agreement for using a trial version of the Software is limited to 30 days. The use of a trial version is subject to certain restrictions. In addition, when using a trial version of the Software, we cannot guarantee all aspects regarding the provision, accessibility and functionality of the Software, as well as data backup and the accessibility of our customer service.

The paid agreement for the use of the Software is concluded for a period of one year at the time of ordering. If the User does not cancel at least 30 days before the end of the one-year period, the subscription is automatically renewed for another year. There will be no pro rata refunds or credits. Invoices are issued annually in advance.

The premature termination of an existing agreement for good cause remains open to Users and Operators (you and us). An important reason for the termination of the agreement without notice by ZOA GDPR is in particular,

1. if the User goes bankrupt or the opening of bankruptcy has been stopped for lack of assets,
2. if payment for an order is not made despite two reminders,
3. if data protection, civil and criminal law regulations are violated negligently or intentionally (also towards third parties),
4. if copyrights, rights to names and other intellectual property rights are culpably infringed or if there is suspicion of use in the context of criminal, unlawful, immoral or ethically questionable acts.

There are no other agreements (verbal or written) apart from these T&C. If any other agreements have existed prior to the conclusion of these T&C, they shall become invalid upon conclusion of this agreement. General terms and conditions of the User, even if these are attached to requests for quotation, orders, declarations of acceptance, etc. and are not contradicted, will not become part of the agreement under any circumstances.

We reserve the right to make changes and additions to this agreement, e.g. to adapt it to changes in the legal framework or to integrate new services. All developments and adaptations of the Software - new features, resources, etc. - are subject to the T&C applicable at the time.

Amendments and supplements to these T&C must be made in writing (in electronic form, e.g. by email). The changes will take effect if you do not object in writing within a period of 30 days (incoming). We will notify you by e-mail of changes to the T&C and your right of objection. If you do not object, we will consider your continued use of the Software after changes as consent to these changes. The current T&C can be viewed at any time at app.zoa-gdpr.com/en/terms-company/.

If you object to changes to the T&C, you can use an already purchased version to the end. If technically applicable, the T&C most recently accepted by you apply. However, we reserve the right not to conclude an agreement with you for a new version.

SWISS FIN LAB GmbH
Weiherweg 8
8604 Volketswil, Switzerland

www.zoa-gdpr.com

Commercial register: CHE-245.787.857 in Volketswil, Switzerland

All notifications must be sent electronically in written form to the email address provided at registration and thus meet the written requirement.

Users and Operators undertake to inform each other immediately of any changes to the email addresses. If this is not done, notifications to the most recently provided email address shall be deemed valid and legally effective.

If you have any questions or comments about the Software, or if you want to report defects, you can contact us at - we will try to answer all inquiries thoroughly and within a reasonable time.

If individual provisions of this agreement are or become ineffective, this shall not affect the validity of the remaining provisions.

The Operator is entitled to name the User - subject to his written objection - publicly as a reference and to use general information about the signed agreement in an appropriate manner for marketing and sales purposes.

All copyrights, trademarks or other intellectual property rights that exist in or are used in connection with the Software are and remain the sole property of the Operator. The Operator grants the User a non-exclusive (simple) right of use for the Software made available for use. Any use, duplication and distribution or processing of the contents and Software and/or use of the trademarks and other contents not explicitly permitted by these T&C without explicit consent by SWISS FIN LAB GmbH is not permitted.

We explicitly reserve the right to transfer our obligations or the entire contractual relationship to third parties (e.g. a PLC) without your consent.

These T&C are subject to Swiss law. To the extent permitted by law, the applicability of the UN Convention on Contracts for the International Sale of Goods (CISG, SR 0.221.211.1) is excluded in the same way as the conflict of laws provisions of the Federal Act on Private International Law (IPRG, SR 291). The place of jurisdiction is Zurich. (Partial) mandatory places of jurisdiction remain reserved (cf. Art. 32 and 35 CCP for consumers). Unless otherwise agreed, Zurich is also the place of performance and the place of debt collection for Users not resident in Switzerland.

The ZOA Privacy Bot is an application for Microsoft Teams to enable front-line staff to implement data protection in the daily business operations. It gives users access to a knowledge base with relevant information and users can report data protection relevant information to the compliance teams through the chat.

The ZOA Privacy Bot can only be used in combination with a paid or trial license of ZOA GDPR. The ZOA Privacy Bot cannot be used as a stand-alone product. Consequently, the Terms of Service for ZOA GDPR also apply to the ZOA Privacy Bot.

User data is stored in Switzerland using the cloud infrastructure of Cloudscale and on Microsoft Azure for hosting the bot. In addition, the Swiss company Paixon GmbH provides development support. Further details regarding the technical and organizational measures and data processing agreement (DPA) are available on request by sending an email to .