License Agreement. Customer/End User Terms

This License Agreement (“LA/Agreement”) is made as between Silberwal GmbH (“Provider”), and you (“Customer/User”). Each of Provider and Customer shall hereinafter be referred to collectively as the “Parties” and individually as a “Party” .

The terms and conditions contained in these License Agreement (“LA”) shall be considered legally binding between the Provider and the Customer for the use of the Provider Product as described in the LA. Other aspects of the Provider Product may also include, but are not limited to, software updates and any upgrades necessary that Provider may supply or make available to the Customer.

By clicking on the “Agree” (or similar button or checkbox) that is presented to Customer at the time of downloading Products, or by using or accessing the Products, Customer confirm Customer is bound by this License Agreement

1. DEFINITIONS

“Company” the company owning the Product.

“Customer” means the counter party to the Agreement who has executed the Agreement with the Provider and its staff accessing and subscribing to the Product in accordance with this LA.

“Intellectual Property” means all authorship rights under intellectual property laws, including over any and all hardware, software, architecture, designs, any other inventions, patents, copyrights, trademarks, service marks, trade names, trade secrets, know-how, moral rights, licenses, database rights, design rights and any other intangible proprietary or property rights, whether registered or not, under statute or common law and its licensors in respect of any products, materials, assets, and parts thereto.

“Product” means Provider Software product as described in Annex 3 provided as a service, including all updates, upgrades, new versions, and enhancements made available during the term of this agreement.

“Provider” means the Provider identified in the Agreement.

“Service” means that specific service enabled by the Provider and the Product via which said Service is provisioned.

“User” means Customer and its employees, consultants, contractors or agents and Purchaser Group Companies who are authorized to use the Product concurrently with other Users and have been supplied user identifications and passwords.

“Cloud Service” means the combination of the Product, associated documentation, and any services provided by the Provider in connection with the Product, including updates, support, and hosting of the Product.

“Effective Date” means the date of subscription to the Provider’s Cloud Service for Customer’s access to it.

“Initial Order” means Subscription for Customer’s access to the Cloud Service.

"Subscription”“ means a paid, time-limited arrangement granting the Customer access to the Product and its features as specified under the terms of this Agreement and the published conditions available on the Provider's website.

"Subscription Fee”“ means the recurring fee charged to the Customer for access to the Product, calculated based on the then-current rate published on the Provider’s website. This fee is subject to change and applies to the selected subscription plan.

“Free Trial” means a limited, no-cost period during which the Customer may access the defined by the Provider functionality of the Product to evaluate its features before committing to a paid subscription. The duration of the free version is 30 days, and all terms of use are defined by this license agreement.

2. GRANT OF LICENSE

2.1 Customer is granted a non-exclusive, non-transferable, non-sublicensable license for the use and installation of the Product subject to all the terms and conditions set forth in this LA and any and all software upgrades and/or updates that would replace, overwrite and/or supplement the original installed version of the Product provided by Provider to the extent offered by or made available through Provider.

2.2 Customer shall not and will not permit Users to:

a. License, sublicense, sell, resell, rent or lease the Product or any parts thereof for purposes other than permitted pursuant to this Agreement;
b. Modify, adapt, create derivative works from or translate the Product or any part thereof, or build a competitive product or service, or copy any features, functions or graphics of the Product;
c. Reverse engineer, decompile or disassemble the offered content, nor attempt to locate or obtain its source code;
d. Attempt to alter or remove any trademark, copyright or other proprietary notice contained within the offered content, or infringe Provider’s or its licensors’ Intellectual Property;
e. Make use of any offered content in any manner not stipulated within this LA or the documentation accompanying the offered content.

3. INTELLECTUAL PROPERTY

3.1 Company, its affiliates and licensors, own and retain all right, title and interest in and to:

a. all Intellectual Property in the Products and Services,
b. all Company information, proprietary materials, software, products and all derivative works, and
c. any other information, data or materials relating to the Product and to Company.

3.2 Company’s name and logo and the names associated with the product are the property of company, and no right or license is granted by any means to customer for using them unless expressly authorized by company in writing.

4. LIMITED WARRANTY & LIMITATION OF LIABILITY

4.1 All Products and related Services, if required, are provided to Customer solely in accordance with the terms of this LA and Customer acknowledges and agrees that the Provider disclaims all warranties and conditions, either express, implied or statutory, which may include, but are not limited to, any implied warranties or conditions of merchantability, of suitability for a specified purpose, that it contains absolute accuracy or completeness of responses, of results, and of any lack of negligence or lack of workmanlike effort, all with respect to the Product, and the provision by Provider of or failure to provide related services. Furthermore, there is no warranty or condition of title, quiet enjoyment, quiet possession, or non-infringement with regards to the herein contained product. The entire risk as to the quality of or performance of the product and services, if any, rest with Customer. Except as expressly stated in clause 4.4, Provider disclaims all warranties, whether express, implied, or statutory.

4.2 Except as set forth in the Agreement, any Services required to be provided in connection with the Products shall be provided by or through Provider. The Provider shall not be liable for any delays, errors, downtime (except as provided for in the Agreement), service interruption, service performance, delivery failures and/or any other loss or damage to Customer resulting directly or indirectly from use of the Products and/or any services. The Provider expressly disclaims all warranties, representations, and guarantees:

a. with respect to such Product and/or Services, whether express or implied, oral or written, including without limitation all implied warranties of merchantability or fitness for purpose, and all warranties implied by any course of dealing, course of performance, usage or trade;
b. that the operation of the Product and any services will be uninterrupted, continued or error free, or that Customer will be able to use, operate, obtain or sustain a certain level of performance or satisfaction with the service. The Services may be subject to limitations, delays and other problems including, but not limited to, those arising from equipment, networks, connectivity, radio, electrical or electronic interferences, telephonic communications or any other form of communication;
c. with respect to any accessories, and/or any other materials, devices or items to connect, interconnect, enhance, or customize in any way the Provider’s service offering to Customer.

4.3 Provider will not be liable in Agreement or tort (including negligence), for breach of statutory duty, or otherwise, arising under or in connection with this LA, any services, or the product for any indirect, consequential punitive or incidental damages or losses of any kind whatsoever and however caused or any interruption of business or operations, costs of recovery, loss of goodwill, loss of data and the costs of restoration or reconstruction of any data or databases, lost profits or revenue, in each case, even if the party has been advised of their possibility or such losses are reasonably foreseeable. No party’s failure to exercise any right and/or remedy under this LA or by law shall be regarded or interpreted as a waiver. Provider offers no warranty for trials and betas, indemnity, SLA or support for trials and betas and has no liability for trials and betas.

4.4 Provider warrants that the Product will perform substantially in accordance with its documentation during the active subscription period. In case of any material defect, Provider will, at its sole discretion, either repair the defect or provide a workaround. Except as expressly stated herein, Provider disclaims all other warranties, including implied warranties of merchantability and fitness for a particular purpose.

5. CUSTOMER RESPONSIBILITIES

5.1 Customer is responsible for all activity in relation to User accounts in all access points and for the manner in which it and its Users use the Product, including the policies and procedures it establishes to protect the security of data, computer network and other facilities, its choice of equipment, software and online content. In addition, Customer will:

a. use commercially reasonable efforts to prevent unauthorized access to or use of the Product; and
b. be responsible for custody and use of all login credentials.
c. ensure that its use of the Product complies with all applicable laws and regulations and does not involve uploading malicious content.

5.2 Customer will be responsible for:

a. selecting, purchasing and configuring computer hardware, software, communication equipment and related services at Customer premises, including Internet service, voice and data service with sufficient quality and bandwidth to allow trouble free browsing, data upload, download and high quality voice and video transmission, as per the intended usage;
b. maintaining its equipment to ensure connectivity to the Product;
c. resolving network issues and procure any required equipment modifications and upgrades necessary to support the Product; and
d. all facilities, network, equipment and software on the internal side of the point at which the public telephone network ends and connects to Customer’s network.

6. TERMINATION

6.1

Provider may immediately terminate this LA in the event that the Customer commits a breach of this LA.

6.2

Customer acknowledges and agrees that the Provider may (at its sole discretion) (i) suspend the Product offering, or (ii) suspend Customer’s license to the Product if it suspects that the Customer has infringed Provider’s or its licensors Intellectual Property or has failed to comply with the terms hereof, if Customer/Users becomes the subject of a petition in bankruptcy or any other proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors, or if the Provider is required to do so by law, in any of which cases the Provider may terminate this LA.

6.3

Upon termination, all of the rights granted hereunder to the Customer will cease, along with all licenses and deliverables. The Customer must return or destroy any confidential information, and all copies of the Product and provide written certification of the same.

7. SUBSCRIPTION TERMS

7.1

The Product is provided on a subscription basis under the conditions described in this Agreement and the subscription details available at the time of purchase or trial initiation. The subscription is active only while it is paid for and valid.

7.2

By purchasing a subscription, the Customer agrees to an initial and recurring subscription fee at the then-current subscription rate and authorizes the Company to charge the subscription fee on or after the date the subscription is purchased or after the trial period ends. The Customer accepts responsibility for all recurring charges until the subscription is canceled in accordance with clause 7.4.

7.3

The subscription will automatically renew at the selected intervals, and the Company will charge the subscription fee at the then-current rates unless the Customer cancels the subscription per clause 7.4, or the Company declines to renew the subscription in accordance with the terms and conditions.

7.4

If the subscription payment is not received on time, access to the Product will be suspended until payment is completed. Any unpaid subscription periods are non-refundable.

7.5

Additional details regarding the subscription terms, pricing, and cancellation policies are outlined on the pricing page or provided during the subscription process.

7.6

The Company reserves the right to decline the renewal of a subscription at its sole discretion by providing the corresponding notice to the Customer.

7.7

By subscribing, the Customer authorizes the Company to securely store and process payment information for billing purposes. The Company will discontinue the use of the Customer’s payment details upon explicit cancellation of the subscription or as required by applicable law.

7.8

Refund Policy: All payments are non-refundable, including partial periods or unused subscription terms.

7.9

Cancellation: Customers may cancel their subscription at any time via their account settings. Cancellation will be effective at the end of the current subscription period, and no pro-rata refunds will be issued.

7.10

Deletion of Profile: Upon cancellation, Customers may request the deletion of their profile and associated data. Provider will comply with such requests in accordance with applicable data protection regulations.

8. PRIVACY POLICY

8.1

Provider shall process Customer data in accordance with the Privacy Policy, which is available at DPA. The Customer agrees to review and accept the Privacy Policy as part of this Agreement.

8.2

Provider complies with applicable data protection regulations, including GDPR and other relevant laws. Provider agrees to ensure the confidentiality and security of Customer data in accordance with these regulations.

9. RELATIONSHIP WITH ATLASSIAN

9.1

By using the Product, the Customer acknowledges and agrees to comply with the Atlassian Marketplace Terms of Use and related policies available at this link.

9.2

Atlassian is not responsible for the Product’s performance, support, or availability. All claims related to the Product must be directed to the Provider.

10. GENERAL

10.1

This LA, in its entirety, shall (i) be legally binding upon and inure to the benefit of Customer; and (ii) is not for the benefit of any other third parties. Should any part of this LA be deemed invalid or unenforceable, such determination will not affect the validity or enforceability of any other provision contained herein. If there is any waiver of any breach or failure to enforce any of the provisions contained herein, it shall not be deemed as a future waiver of said terms or a waiver of any other provision of this LA. This LA shall be governed, construed and interpreted in accordance with the laws of Switzerland and the Parties attorn to the exclusive jurisdiction of the Courts in the City of Bern, Switzerland to resolve any disputes. The provisions herein which by their nature are intended to survive the termination or expiry of this LA shall survive such termination or expiry.

10.2

With notice to Customer, Provider may modify at Provider’s sole discretion at any time this License Agreement to reflect new features or changing practices, but the modifications may not be retroactive.

10.3

Force Majeure: Provider shall not be liable for any failure or delay in performance due to causes beyond its reasonable control, including but not limited to acts of God, natural disasters, acts of government, strikes, blockade, war, pandemic, act of terrorism, riot, third-party Internet or utility failure, any other force majeure events that adversely affect the Cloud Service. The Parties have executed this LA as of the date first above written.

Annex 1. NDA

MUTUAL NON-DISCLOSURE AGREEMENT

Capitalized terms not defined in this NDA are defined in the Agreement.

This Mutual Non-Disclosure Agreement (“NDA”) is an Attachment to the Agreement. This NDA is concluded by Customer subscription to the Cloud Service offered by Provider. By clicking on the “Agree” (or similar button or checkbox) that is presented to Customer at the time of downloading Products, or by using or accessing the Products, Customer confirm Customer is bound by this NDA

The Parties wish to engage in business relationship for the supply and use of cloud service (the “Designated Purpose”). In connection with this Designated Purpose, each Party has disclosed or may further disclose as “Discloser” its Confidential Information to the other as “Recipient”. This NDA is intended to allow the Parties to continue to pursue the Designated Purpose while protecting each party’s Confidential Information (including Confidential Information previously disclosed to the other Party) against unauthorized use or disclosure.

Now therefore, in consideration of the mutual covenants contained herein, the Parties agree as follows:

1. Definitions

Unless otherwise defined herein, capitalized terms used in this NDA shall have the meaning set forth below:

“Affiliate” means any person or entity which directly or indirectly controls, is controlled by or is under common control with such person or entity, where “control” means the right to control or actual control of management of such entity, whether by ownership of voting securities, by agreement, or otherwise.
“Confidential Information” means any oral, written, graphic or machine-readable information including, but not limited to technical or non-technical data, patents, patent applications, copyright, copyright applications, industrial designs, research, product or service plans, developments, inventions, processes, designs, drawings, patterns, compilations, engineering methods, techniques, devices, formulae, software (including source and object code), algorithms, business plans, agreements with third parties, lists of actual or potential services or customers, marketing plans, financial plans or finances, and similar information relating to the Discloser, its Affiliates, the Designated Purpose, or any of their respective third-party suppliers or customers furnished by or on behalf of the Discloser to the Recipient or any of its Representatives regardless of the manner in which it is furnished or obtained by the Recipient or its Representatives through observation of the Discloser’s facilities or procedures (save and except communications with legal counsel which constitute attorney-privileged information). The Discloser agrees to use reasonable efforts to summarize in writing the content of any oral disclosure or other non-tangible disclosure that is proprietary or confidential to the Recipient within a reasonable time (not to exceed thirty (30) days) after the disclosure. However, failure to provide such summary will not affect the qualification of the Discloser’s Confidential Information as such if the Confidential Information was identified as confidential or proprietary when disclosed orally or in any other non-tangible form.
“Representatives” means, in respect of any Party, such Party's Affiliates, its and their respective directors, officers, employees, agents, advisors (including financial advisors and legal counsel), and any institutional lender to such Party and the directors, officers and employees of any such agent, advisor or lender.

2. Nondisclosure of Confidential Information

(a) Neither Recipient nor any of its Representatives shall use any of Discloser’s Confidential Information for its own use or for any purpose other than to carry out discussions concerning, and the undertaking of the Designated Purpose. Recipient may provide Discloser’s Confidential Information only to Recipient’s employees who (i) have a substantive need to know about the Confidential Information in connection with the Designated Purpose; (ii) have been advised of the confidential and proprietary nature of the Confidential Information; and (iii) have agreed with Recipient to protect from unauthorized disclosure all confidential and proprietary information, of whatever source, to which they have access in the course of their employment. Recipient may provide Confidential Information to Recipient’s Affiliates, consultants, contractors and agents, subject to (i) through (iii) above.
(b) Recipient and its Representatives must take all reasonable measures to protect the secrecy of and avoid disclosure or use of Discloser’s Confidential Information to prevent it from falling into the public domain or the possession of persons other than those authorized under this NDA to have this information. Such measures shall include, but not be limited to, the highest degree of care that the Recipient utilizes to protect its own Confidential Information of a similar nature, which shall be no less than reasonable care. Recipient must notify Discloser of any actual or suspected misuse, misappropriation or unauthorized disclosure of Discloser’s Confidential Information, which may come to Recipient’s attention. Recipient will be responsible for all breaches of the terms of this NDA by its Representatives.

3. Exclusions

Notwithstanding anything to the contrary in this NDA, Recipient shall have no liability to Discloser concerning any Confidential Information that Recipient can demonstrate:

(i) was in the public domain at the time it was disclosed or has entered the public domain other than by a breach of this NDA by Recipient;
(ii) was known to Recipient, without restriction, at the time of disclosure, as demonstrated by files in existence at the time of disclosure;
(iii) is disclosed with the prior written approval of Discloser;
(iv) was independently developed by Recipient without any use of Discloser’s Confidential Information and by employees of Recipient who have not had access to the Confidential Information, as demonstrated by files created at the time of such independent development;
(v) becomes known to Recipient, without restriction, from a source other than Discloser without breach of this NDA by Recipient and otherwise not in violation of Discloser’s rights; or
(vi) is disclosed pursuant to the order or requirement of a court, administrative agency, or other governmental body; except that Recipient shall provide prompt notice of such court order or requirement to Discloser to enable Discloser to seek a protective order or otherwise prevent or restrict such disclosure and fully cooperate with Discloser to appropriately protect against or limit the scope of disclosure.

4. Specific Excluded Use

Unless otherwise permitted in writing by Discloser, neither Recipient nor its Representatives shall make any attempt to reverse compile, disassemble, or otherwise reverse engineer all or any part of any Confidential Information disclosed. Neither Recipient nor its Representatives shall make any attempt to copy, reproduce, modify, adapt or translate the Confidential Information in order to develop, create, evaluate, or modify a product which is in any way competitive with any current software products and/or cloud services marketed by the Discloser.

5. Return of Materials

Within ten (10) days of the written request of Discloser, or after the Parties have either conclusively achieved or not achieved the Designated Purpose and, in the latter case, if the Parties have not agreed otherwise, Recipient shall:

(i) return any Confidential Information that has been furnished by Discloser to Recipient and/or its Representatives in connection with the Designated Purpose either in its possession, or that of Recipient’s Representatives or approved third parties, accompanied by all copies thereof made by Recipient and/or its Representatives; or
(ii) delete or destroy all copies of Confidential Information in its possession, power or control, including copies of Confidential Information in the possession, power or control of its Representatives or approved third parties, which are present on magnetic, optical disk, volatile memory or other storage device, in a manner that assures the Confidential Information is rendered unrecoverable.

6. No Rights Granted

Nothing in this NDA shall be implied or construed as granting the Recipient any license to or other rights in any intellectual property in the Confidential Information other than the limited right to review the Confidential Information solely for the purpose of the Designated Purpose. All title, right and interest in the Confidential Information or any other intellectual property right of the Discloser shall at all times be in the Discloser, nor shall this NDA grant Recipient any rights in or to Discloser’s Confidential Information.

7. No Warranties

Nothing in this NDA shall be implied as imposing any obligation on the Discloser to disclose any particular information and the Discloser gives no warranty and makes no representation to the Recipient that any information disclosed under this NDA is accurate, complete or sufficient for the Purpose. The Recipient acknowledges and agrees that the Confidential Information is disclosed to it by the Discloser on an “as is” basis.

8. No Future Agreements or Obligations

Nothing in this NDA shall be construed as obligating or be deemed to obligate the Parties (i) to enter into any future agreement concerning the Designated Purpose or the Confidential Information or (ii) Discloser to disclose any particular Confidential Information. Each Party, upon written notice provided to the other Party, reserves the right, in its sole and absolute discretion, to terminate discussions hereunder at any time and for any reason without any liability and without any obligation of any kind.

9. Notice

Any notice, demand or other communication required or permitted to be given to either Party shall be in writing and shall be personally delivered to such Party, sent by prepaid overnight courier, or sent by facsimile transmission or electronic mail, confirmed by prepaid overnight courier and delivered or sent to the intended recipient at its address as described hereinabove. Any Party may from time to time change its address by written notice to the other Party given in accordance with this paragraph.

10. Severability

If one or more provisions of this NDA are held to be unenforceable under applicable law, the Parties agree to renegotiate such provision in good faith. In the event that the Parties cannot reach a mutually agreeable and enforceable replacement for such provision, then (i) such provision shall be excluded from this NDA, (ii) the balance of the NDA shall be interpreted as if such provision were so excluded, and (iii) the balance of the NDA shall be enforceable in accordance with its terms.

11. Remedies

Each Party acknowledges that: (i) its obligations set forth in this NDA are necessary and reasonable in order to protect Discloser and its business, (ii) due to the unique nature of Provider’s Confidential Information, monetary damages may not alone be sufficient to compensate Discloser for any breach by the Customer of its covenants and agreements set forth in this Agreement, and (iii) any violation or threatened violation may cause irreparable injury to the Provider. In addition to any other remedies that may be available, in law, in equity, by statute or otherwise, the Provider may seek injunctive relief against the threatened breach of this NDA or the continuation of any such breach by the Customer.

12. Independent Contractors

Each of the Provider and the Customer are independent contractors, and nothing contained in this Agreement shall be construed to constitute the Provider and the Customer as partners, joint venturers, co-owners or otherwise as participants in a joint or common undertaking, or to provide either Party with the right, power or authority to create any duty or obligation on behalf of the other Party.

13. Headings

The division of this NDA into Sections and the insertion of headings are for convenience of reference only and shall not affect its construction or interpretation.

14. Term

The term of this Agreement and the Parties’ obligations commences on the date first written above and extends with regard to all Confidential Information until two (2) years from the date of the last provision of the Confidential Information by any Party.

15. Governing Law

This Agreement shall be governed, construed and interpreted in accordance with the laws of Switzerland and the Parties attorn to the exclusive jurisdiction of the Courts in the City of Bern, Switzerland to resolve any disputes.

16. Amendment and Waiver

This NDA may only be amended in writing and signed by each of the Parties. All waivers must be in writing. The failure of either Party to insist upon strict performance of any provision of this NDA, or to exercise any right under this NDA, will not be deemed to be a waiver for the future of such provision or right, and no waiver of any provision or right will affect the right of the waiving Party to enforce any other provision or right.

17. Construction

There are no intended third-party beneficiaries of this Agreement.

The Parties have executed this NDA as of the date first above written.

Annex 2. DPA

Data Processing Agreement

This Data Processing Agreement (“DPA”) is an Attachment to the License Agreement Customer/End User Terms (LA). By clicking on the “Agree” (or similar button or checkbox) that is presented to Customer at the time of downloading Products, or by using or accessing the Products, Customer confirms Customer is bound by this DPA.

This DPA is made in accordance with the applicable provisions of Switzerland, the EU and other applicable Data Protection Laws governing the storage, processing, accessing and transmission of Personal Data.

Data Protection Laws: all legislation and regulatory requirements in force from time to time relating to the use of personal data and the privacy of electronic communications under the LA, including as applicable: the General Data Protection Regulation (“EU GDPR” or “GDPR”), the Swiss Federal Act on Data Protection (“FADP”), the EU GDPR as it forms part of the law of England and Wales by virtue of section 3 of the European Union (Withdrawal) Act 2018 (the “UK GDPR”), the UK Data Protection Act 2018, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, and any binding regulations promulgated thereunder (“CCPA”), in each case, as updated, amended or replaced from time to time.

1. Definitions

For the purposes of this DPA, the following terms shall have the following meanings:

Personal Data: Any information relating to an identified or identifiable natural person.
Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, transfer, etc.
Data Subject: A natural person whose personal data is processed.
Customer/Data Controller: The entity that determines the purposes and means of the processing of personal data.
Provider/Data Processor: The entity that processes personal data on behalf of the Controller.

2. Purpose of Data Processing

The Data Processor will process personal data on behalf of the Data Controller for the following purposes:

Provide and improve the "Plasch" app and services.
Comply with legal obligations.
Conduct analytics and optimize services.

3. Subject Matter of Data Processing

The subject matter of the processing includes:

Personal data types:
- Identity Data: Name, username, or similar identifiers.
- Contact Data: Email address and phone number.
- Usage Data: Information on how you interact with our app and website.
Optional Additional Data: With the explicit consent and at the discretion of the Data Subject, additional personal data may be collected and processed for the purposes outlined in this DPA. Such data may include, but is not limited to, the Data Subject’s profession, intended use of the product, hobbies, favorite movies, and similar information. Providing this information is entirely voluntary, and the Data Subject may choose to leave these fields blank.
Categories of data subjects: Customers users.

4. Duration of Data Processing

The Data Processor will process the personal data for the duration of the LA between the parties or until the Data Controller provides instructions to terminate the processing.

5. Obligations of the Data Controller

The Data Controller agrees to:

Provide the Data Processor with clear, documented instructions for the processing of personal data.
Ensure that data subjects' consent is obtained where necessary and that personal data is processed lawfully.
Inform the Data Processor of any changes to the instructions or the scope of the processing.
Data Controller ensures compliance with the applicable Data Protection Laws to enable Provider to lawfully process Personal Data for the purposes contemplated by the LA and this DPA, including, as applicable, by obtaining all necessary consents from, and giving all necessary notices to, Data Subjects.
Data Controller is responsible for reviewing the information made available by Provider relating to data security and making an independent determination as to whether the Cloud Service meets Customer’s requirements and legal obligations under Data Protection Laws.
Customer is solely responsible for complying with breach notification of personal data security laws applicable to Customer and fulfilling any obligations to give notices to government authorities, affected individuals or others relating to any breach of personal data security.
The Controller shall inform the Data Subject if this is required for their protection or if required by applicable Data Protection Laws.
The Controller acknowledges that Provider’s notification of a breach of personal data security is not an acknowledgement by Provider of its fault or liability.
The Controller must satisfy itself in particular that the Processor is able to guarantee data security.
Ensure that it has all necessary consents and notices in place to enable lawful transfer of the Shared Personal Data to the Data Processor for the agreed Purposes.

6. Obligations of the Data Processor

Process personal data only in accordance with the Data Controller’s documented instructions, unless required by law to process it differently.
Implement and maintain reasonable and appropriate technical and organizational measures to ensure the security, confidentiality, integrity, and availability of personal data and protect against breach of personal data security.
Ensure that any personnel authorized to process personal data are subject to confidentiality obligations.
Assist the Data Controller in fulfilling its obligations related to data subject requests, such as access, rectification, and erasure of personal data.
Assist the Data Controller when available with information reasonably necessary in ensuring compliance with obligations related to security, breach notification, data protection impact assessments, and consultation with supervisory authorities.
Notify the Data Controller of any breach of personal data security as quickly as possible.

7. Subprocessors

The Data Processor may engage subprocessors to carry out specific processing activities, provided that:

The Data Processor may only assign processing to a third party with prior approval from the Controller.
The Data Processor ensures that any subprocessor is bound by the same data protection obligations as set out in this DPA.
A written contract is in place with any subprocessor that includes equivalent data protection obligations.

8. Data Transfers

Any transfer of personal data to a third country in the absence of an adequacy decision pursuant to applicable Data Protection Laws or of appropriate safeguards pursuant to applicable Data Protection Laws, is possible only if the Data Subject has explicitly consented to disclosure (with the prior written consent of the Data Subject) and in compliance with applicable data protection laws. Before transferring, Customer ensures obtaining all necessary consents from data subjects and necessary notices to enable lawful transfer of the Personal Data.

9. Security Measures

The Data Processor shall implement appropriate technical and organizational measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures may include, but are not limited to, encryption, access controls, data backup as described in the Privacy Policy.

10. Data Subject Rights

The Data Processor shall assist the Data Controller in responding to requests from data subjects exercising their rights under the applicable Data Protection Laws, including:

The right to access personal data.
The right to rectify inaccurate personal data.
The right to erasure ("right to be forgotten").
The right to restrict the processing of personal data.
The right to data portability.
The right to object to the processing of personal data.

11. Data Retention and Deletion

Upon the termination of the Agreement or upon the Data Controller’s written request, the Data Processor shall delete or return all personal data to the Data Controller, unless retention of the data is required by law.

12. Audits

The Data Processor makes available to the Data Controller on request information reasonable necessary to demonstrate compliance with this DPA. Such information arises only to the extent that the LA and this DPA do not otherwise give them information rights meeting the relevant requirements of Data Protection Laws.

13. Liability

The Data Processor shall be responsible for complying with the terms of this DPA. The Data Controller shall be responsible for ensuring that the processing of personal data is lawful and in compliance with applicable Data Protection Laws.

14. Governing Law and Dispute Resolution

This DPA shall be governed, construed and interpreted in accordance with the laws of Switzerland and the Parties attorn to the exclusive jurisdiction of the Courts in the City of Bern, Switzerland to resolve any disputes.

15. Termination

This DPA may be terminated by either party upon 30 days' notice, or immediately if either party breaches the terms of this DPA.

Annex 3

Product description to the AGREEMENT

Key Terms
Agreement	This Product Description is an Attachment to the Agreement between Customer and Provider identified below:
	License Agreement between Customer and Provider dated a

Product description
The Product is made available by the Provider to the Customer as a part of the Cloud Service:
Product Name:	Plasch
Short description:	The tool for strategic project planning and related resource allocation
Subscription type:	Basic
Available features:	Projects and activities management: creation, edition, deletion Resources management: creation, edition, deletion Projects assignment to resources Allocation management: timeline with allocation weekly/biweekly per project Consolidated Roadmap view: project with FTE allocation per period

Annex 4. AUP

Acceptable Use Policy Attachment

This Acceptable Use Policy (“AUP”) sets forth rules that apply to the use of any of Provider’s Cloud Services by Customer (“you”). This AUP operates as an Attachment to an Agreement.

• Content Restrictions:

You will not upload, store, post or transmit content that:

Is obscene, defamatory, deceptive, harassing, threatening, hateful or discriminatory;
Violates anyone else’s intellectual property, privacy, publicity or other rights;
Violates applicable laws or regulations; or
Contains viruses, malware, malicious code or similar harmful materials.

• Prohibited Conduct:

You will not:

Engage in deceptive or illegal activities (including, “spoofing”, “phishing” or pyramid or similar schemes);
Transmit spam or other unsolicited communications to other users;
Publish benchmark or performance information about the Cloud Service without our consent;
Use the Cloud Service in violation of data, privacy or other applicable laws or regulations;
Use the Cloud Service to engage in, promote, support or facilitate hateful, discriminatory or violent activities, whether online or offline; or
Engage in any activity that we reasonably determine on advice of counsel will cause liability to us.

• No Disruption:

You will not:

Access the Cloud Service through means we did not authorize (for instance, scraping, crawling or penetration testing);
Disable or interfere with the Cloud Service or circumvent any of our security or access controls; or
Try to access other users’ data or accounts without their express permission.

• Others:

You will not permit or encourage others to commit any of the actions above.

We may monitor compliance with this AUP and investigate any violations. If we determine that you or your content violates this AUP, we may remove or suspend access to your content or invoke our suspension rights under the Agreement.