GENERAL TERMS AND CONDITIONS
for FL3XX Online Services for Business
Version 1.3 - 12 February 2019
This FL3XX Online Services for Business (“Service” or “Services”) is provided byFL3XX GmbH, an Austrian company (“FL3XX”), to its customer (“Customer”). These General Terms and Conditions (“GTC”) are effective and integral to the principal agreement (“Subscription”) between FL3XX and the Customer.
a) “Active Item” means any item within the services that FL3XX provides to the Customer (“Service”) that has changed status, or been caused to change status, or caused other items inside or outside the Service to change status.
b) “Admin Account(s)” means the administrative account(s) that FL3XX provides to the Customer for the purpose of administering the Services. The use of the Admin Account(s) requires a password, which FL3XX will provide to the Customer.
c) “Administrators” mean the Customer-designated personnel who administer the Services on the Customer’s behalf.
d) “Affiliate” means any entity that directly or indirectly controls, is controlled by or is under common control of either Party.
e) “API” means Application Programming Interface or the software program that enables the exchange of data between the Service and a TPS.
f) “Billable Item” means any item in the Service that is defined in the Pricelist with a fee.
g) “Brand Features” include the trade names, trademarks, service marks, logos, domain names, and other distinctive brand features of each party, respectively, as secured by that party from time to time.
h) “Confidential Information” means information disclosed by a party to the other party under the Subscription that is marked as confidential or would normally be considered confidential under the circumstances. Customer Data is the Customer’s Confidential Information.
i) "Customer Contact" means persons designated and entitled by the Customer to communicate with FL3XX for matters concerning the Services.
j) “Customer Data” means data, including email, provided, generated, transmitted, or displayed via the Services by Customer or End Users.
k) “Effective Date” means the date that both parties have executed this agreement
l) “Emergency Security Issue” includes a Customer’s use of the Services in violation of the Acceptable Use Policy, another customer’s use of the Services in a violative way, or unauthorized third-party access to the Services.
m) “End Users” mean the individuals the Customer permits to use the Services.
n) “End User Account” means an account that the Customer establishes through the Services for an End User.
o) "Feature Request" means a request by a Customer Contact to incorporate a new feature or enhance an existing feature of the Services that is currently not available as part of the existing Services.
p) “Fees” mean the amounts that FL3XX invoices to the Consumer for the Services used by the Customer.
q) “High-Risk Activities” include uses such as the operation of military flights, air traffic control, life support systems, or other activities where the use or failure of the Services could lead to death, personal injury, or environmental harm.
r) “Intellectual Property Rights” mean current and future international rights under patent law, copyright law, trade secret law, trademark law, ethics law, and other similar rights.
s) "Maintenance" includes work that is performed on hardware or software that delivers the Services.
t) “Notification Email Address” means the email address designated by the Customer to receive email notifications from FL3XX. Customers may change this email address through the Admin Console.
u) “Pricelist” means the list published on the website http://fl3xx.com, of which lists the Fees for the use of Services.
v) "Priority" means the level of impact with which a Request impacts the Customer’s operations, and which is used to establish target response times. P1: Critical Impact = Service Unusable in Production; P2: High Impact = Service Use Severely Impaired; P3: Medium-Impact = Service Use Partially Impaired; P4: Low Impact = Service Fully Usable.
w) "Request" means a request from the Customer to FL3XX, for technical support to resolve a question or problem report regarding the Services.
x) “Service(s)” means the services provided by FL3XX to the Customer as contemplated by the Subscription.
y) “SLA” means the Service Level Agreement, a separate document published on http://fl3xx.com.
z) “Suspend” or “Suspension” means the disabling of access to the Services, or components of the Services, as applicable, to prevent the use of the Service contemplated by the subscription.
aa) “Taxes” means any duties, customs fees, or taxes (other than FL3XX’s income tax) associated with the sale of the Services, including any related penalties or interest.
bb) )“Term” means the term of the Subscription, which begins on the Effective Date and continues until the Subscription naturally expires or is terminated
cc) “Third Party Request” means a request from a third party for records relating to an End User’s use of the Services. Third Party Requests can be a lawful search warrant, court order, subpoena, other valid legal order, or written consent from the End User permitting the disclosure.
dd) “TPS” means Third Party System, or systems that are not owned or operated by FL3XX, which may be connected to the Services to add functionality to the Services or to the TPS, at the option of the Customer. Connection of Services to TPS is requested by and operated under the responsibility of the Customer.
2) Services Provided
a) Services Summary:- The Services include a web-based,end-to-end solution for aviation service providers. These Services provide the capability to sell, schedule, dispatch flights, manage all the related information, send and receive messages, and to create reports.
b) Interoperability:- The Services may connect with TPS, and to interact with them to provide increased functionality. However, the functions and benefits gained by collaborating with a TPS are not guaranteed, and the Service’s operation may be limited by the availability of the TPS. So, the Customer explicitly waives any and all claims over the availability of any function in connection with TPS.
3) Representations, Warranties, and Disclaimers
a) Authority to Enter the Subscription:- Each party represents that it has full power and authority to enter into the Subscription.
b) Legal Compliance:- Each party warrants that it complies with all laws and regulations applicable to its provision or use of the Services.
c) Financial Stability:- Each party warrants that it possesses ample financial resources to provide, use, and pay for the Subscription.
d) Service Provision:- FL3XX warrants that it possesses all licenses necessary to provide the Services, in accordance with the SLA.
e) Disclaimers:- To the fullest extent permitted by applicable law, except as expressly provided in this GTC, neither party makes any other warranty of any kind, whether express, implied, statutory or otherwise, including but not limited to warranties of merchantability, and/or fitness for a particular use. FL3XX makes no representations about any content or information made accessible by or through the services
4) Customer Obligations
a) Compliance:- The Customer shall use the Services in compliance with the Acceptable Use Policy and this GTC. FL3XX may create new Services, add or modify features, and/or adjust functionality from time to time, the use of which hinges upon Customer’s agreement to additional terms.
b) Customer Administration of the Services:- The Customer may specify one or more administrators, who possess access Admin Account(s) to manage End User Accounts. The Customer understands that FL3XX’s responsibilities do not extend to the internal management or administration of the Services; and that FL3XX is merely a data-processor, while the Customer is the data-controller. So, the Customer and its Administrator(s) are responsible for:-
- maintaining the confidentiality of the Admin Account(s) password(s);
- designating the individuals who are authorized to access the Admin Account(s); and
- (c) ensuring that all Administrative-Account-activities comply with this GTC
c) Changes To Services:-The Customer’s Administrators may request, install, remove, and order special features and functions, including when those features and functions are provided, of which may result in additional costs.
d) Support Service Level:-The Customer shall select the desired Support Service Level. The effective Support Service Level is displayed in the Service.
e) End User Consent:- The Customer’s Administrators possess the ability to access, monitor, use, and/or disclose data to End Users within the End User Accounts. The Customer shall obtain and maintain all required consents from End Users to ensure access, monitoring, use, and disclosure of this data and make it available to FL3XX upon request.
f) Authorized Users:- The Customer may provide access to the Service to any of its employees or other persons working directly under its own control or under the direct control of controlled companies. Any person not under agency-type control may not be provided use of the Services without FL3XX’s prior written consent. Any such person or company employing such person shall directly enter into an agreement with FL3XX for the use of the Services.
g) Unauthorized Use:- The Customer shall use commercially reasonable efforts to both prevent unauthorized use of the Services and to terminate any unauthorized use. The Customer shall promptly notify FL3XX of any unauthorized use of or access to the Services of which it
h) Restrictions on Use:- Unless FL3XX specifically agrees in writing, the Customer shall use commercially reasonable efforts to ensure that a third party does not:
- use or employ the Services for its own activities whether commercial or non-commercial, or whether such activities are connected to those of the Customer;
- sell, resell, lease, or the functional equivalent, the Services to a third party;
- attempt to reverse-engineer the Services or any component thereof;
- attempt to create a substitute or similar service through use of, or access to, the Services;
- use the Services for High Risk Activities; or
- use the Services to store or transfer any Customer Data that is conditioned for export under Export Control Laws
i) Third Party Requests:- The Customer shall respond to Third Party FL3XX will, to the extent allowed by law and by the terms of the Third Party Request: (a) promptly notify Customer of its receipt of a Third Party Request; (b) comply with the Customer’s reasonable requests regarding its efforts to oppose a Third Party Request; and (c) provide the Customer with the information or tools required for the Customer to respond to the Third Party Request. The Customer will first seek to obtain the information required to respond to the Third Party Request on its own, and will contact FL3XX only if it cannot reasonably obtain such information.
j) Acceptable Use Policy.-- The Customer itself shall not, and shall not allow third-parties or its End Users to use the Services:
- to generate or facilitate unsolicited bulk commercial email;
- to violate, or to encourage the violation of the legal rights of others;
- for any unlawful, invasive, infringing, defamatory, or fraudulent purpose;
- to intentionally distribute viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature;
- to interfere with the use of the Services, or the equipment used to provide the Services, by customers, authorized resellers, or other authorized users;
- to alter, disable, interfere with, or circumvent any aspect of the Services;
- to test or reverse-engineer the Services in order to find limitations, vulnerabilities or evade filtering capabilities; and/or
- to use the Services or a component therein, in a manner not authorized by
5) Data Protection
a) Compliance:- The Services provided comply with relevant regulations on data privacy and protection. Specifically, the Data Protection Agreement (the “DPA”) specifies compliance with the European General Data Protection Regulation (GDPR).
b) Data Security and Transfer:- All facilities used to store and process Customer Data adhere to commercially reasonable security standards. FL3XX uses these measures to ensure the security and confidentiality of Customer Data, to protect against anticipated threats or hazards to the security or integrity of Customer Data, and to protect against unauthorized access to or use of Customer Data. As part of providing the Services, FL3XX may transfer, store, and/or process Customer Data in any country in which FL3XX maintains facilities. By using the Services, the Customer consents to this transfer, processing, and storage of its Data.
c) Data Safety:- FL3XX takes all commercially reasonable steps to protect customers’ data from loss and/or damage. These procedures include daily backups for the prior 30 days and live replication of the database holding customer data. FL3XX protects all the data by commercially reputed cloud-services suppliers.
d) FL3XX Domain Name Ownership:- FL3XX provides its Services to Customer under its own Domain Names. The Customer does not own or control the FL3XX Domain Names. Further, FL3XX is under no obligation to provide the Customer with any Services other than those provided under section 1 above. The customer explicitly waives any and all claims over the use of the Domain Names under which the Services are provided.
6) Billing and Payment
a) Invoicing:- The Customer shall pay for the Services on a monthly basis starting at the Start of Service, as defined below.
b) Start of Service:- The Service shall start when FL3XX has (i) created the Services, (ii) made them accessible to the Customer, and (iii) provided the access credentials to the Customer.
c) Fees:- The applicable fees are listed on the Pricelist.
d) Additional Costs and Fees:- Travel and lodging costs that FL3XX incurs are not included in any of the Fees and shall be invoiced to the Customer at additional costs.
e) Invoices:- FL3XX shall send invoices for Service Fees at the end of each calendar month, of which are due 10 days after the invoice date. When FL3XX invoices for additional services that are not part of the original Subscription, including but not limited to training, customer-requested development, software cleanup, upload of historical data, creation of interfaces to other systems, and collection of data from other sources, the Customer shall pay those costs before those respective additional services are provided.
f) Payments:- The Customer shall make all due and overdue payments within 10 days of receipt of the invoice. All payments are non-refundable. Generally, all installation, setup, and custom development fees are due when the order is placed. And, all recurring fees are due at the end of each billing period.
g) Forms of Payment:- The Customer shall pay FL3XX by direct deposit, wire transfer, or by agreement between the parties. And, the Customer shall seek FL3XX’s written approval before changing the method of payment. And, these alternate other forms of payment may be subject to additional costs.
h) Delinquent Payments:- All payments due and payable that are not received by FL3XX are deemed delinquent. Delinquent payments incur interest at the rate of one percent (1%) per month (or the highest rate permitted by law, if less) from the payment due date until paid in full. The Customer shall be responsible for all reasonable expenses (including attorneys' fees) incurred by FL3XX in collecting such delinquent amounts, except where such delinquent amounts are due to FL3XX's invoicing inaccuracies. For each notice sent for delinquent payments, a charge in the amount defined in the Pricelist is added to the overdue invoice.
i) Suspension for Non-Payment:-
i) Automatic Suspension. If Customer does not pay delinquent Fees within twenty-one (21) days of the due date, FL3XX may Suspend the Service.
ii) During Suspension. If the Customer’s Service is Suspended, FL3XX will continue invoicing Customer all Fees during Customer’s Suspension for non-payment. During that time all functions and all connections to TPS will remain fully operational.
iii) End of Suspension. When Customer has fully paid all due and overdue invoices, and FL3XX has received such payments, FL3XX shall promptly reinstate the Service.
j) Termination After Suspension:- If Customer’s Service remains suspended for more than ninety (90) days, FL3XX may terminate the Service for breach.
a) Tax Liability.-- The Customer shall be responsible for any and all Taxes resulting from the Subscription.
b) Tax Payment.-- The Customer shall pay FL3XX for the Services without any reduction for Taxes. If FL3XX must collect or incur Taxes from the Service, those Taxes will be invoiced to the Customer, unless the Customer provides FL3XX with a valid tax exemption certificate or method authorized by the relevant taxing authority. If the Customer is required by law to withhold any Taxes from its payments to FL3XX, Customer must provide FL3XX with official documentation to support such payments.
8) Technical Support Services
a) By Customer.-- Customer shall, at its own expense, respond to questions and complaints from End Users or third parties relating to the Customer’s or End Users’ use of the Services. The Customer shall use commercially reasonable efforts to resolve support issues before escalating them to FL3XX.
b) Support Service Level.-- The Customer shall select the desired Support Service Level. The effective Support Service Level is displayed in the Service.
c) By FL3XX.-- If Customer cannot resolve a support issue consistent with the section above, then Customer may escalate the issue to FL3XX in accordance with the SLA. FL3XX shall provide Support to the Customer in accordance with the SLA.
9) Suspension Of End User Accounts
a) By Customer.-- The Customer shall, under its own policing powers, promptly suspend any End User account that violates this GTC, the SLA, and/or the DPA, until that End User cures that breach.
b) By FL3XX.-- If FL3XX becomes aware of an End User’s violation of this GTC, the SLA, and/or the DPA, then FL3XX may request that the Customer Suspend the applicable End User Account. If the Customer fails to comply with FL3XX’s request to Suspend an End User Account, then FL3XX may do so unilaterally. The duration of any Suspension by FL3XX will endure until the relevant End User has cured the breach that caused the Suspension.
10) Emergency Security Issues
a) Emergency Security Issue.-- Notwithstanding the foregoing, if there is an Emergency Security Issue, then FL3XX may unilaterally Suspend the offending use. That Suspension shall endure the minimum extent and duration, so required to prevent or terminate the Emergency Security Issue
11) Confidential Information
a) Party Obligations.-- Each party shall:
i) protect the other party’s Confidential Information with the same standard of care it uses to protect its own Confidential Information; and
ii) not disclose the Confidential Information, except to affiliates, employees, and/or agents who require it for employment purposes and who have agreed in writing to keep it confidential.
b) Use of Confidential Information.-- Each party and any affiliates, employees, and agents to whom it has disclosed Confidential Information may use Confidential Information only to the extent it requires to exercise its own rights and fulfill its obligations under this GTC, while using reasonable care to protect it. Each party shall be responsible for any actions of its affiliates, employees, and agents in violation of this section.
c) Exceptions.-- Confidential Information does not include information that:
i) the recipient of the Confidential Information already knew;
ii) becomes public through no fault of the recipient;
iii) was independently created, or developed by the recipient; or
iv) was rightfully given to the recipient by another party.
d) Required Disclosures.-- Each party may disclose the other party’s Confidential Information when required by law but only after it, uses commercially reasonable efforts to notify the other party, and gives the other party the chance to challenge the disclosure, if legally permissible.
e) Personal Information.-- The Services may contain personal information of End Users and personal information of other people in connection with the Customer’s activities. FL3XX shall use all commercially reasonable technologies to protect all personal information. The Customer shall maintain and protect all personal information contained in the Services.
f) Financial Information.-- The Services may contain financial information of End Users and financial information of other people or companies in connection with the Customer’s activities, such as credit card numbers. FL3XX shall use all commercially reasonable technologies to protect financial information. Meanwhile, the Customer shall use the same standard of care to protect all financial information contained in the Services. The Customer shall be responsible for the storage and use of personal or corporate financial information, and explicitly indemnifies FL3XX of any and all responsibility arising from financial information stored or manipulated in the Services.
g) Exchange of Information with Third Parties.-- The Services allow for the exchange of information from the Customer to a third party, and from a third party to the Customer. The Customer shall accept the transmission and reception of information to and from the Services, and shall accept responsibility for the security and integrity of the transferred data.
i) Indemnification- The Customer indemnifies FL3XX of any and all responsibility arising from the transmission and/or the reception of data stemming from use of the Services.
12) Statistical Information
a) Research and Development.-- From time to time, FL3XX shall undertake research to improve its services and its understanding of the business and market logic. To effect such research, FL3XX may extract information and process it directly or indirectly with its own tools or with third party tools. All extraction and processing shall be performed with diligence and with respect to the European General Data Protection Regulation and any other relevant regulations. Furthermore, all data shall be manipulated at all stages of such activities so that neither personal nor corporate information is released. And, FL3XX shall possess the rights to release the results of its research within the boundaries stated in this GTC.
13) Intellectual Property Rights
a) Intellectual Property Rights.--Except as expressly stated otherwise, these GTC do not grant either party any rights, implied or otherwise, to the other Party’s content or any of the other party’s intellectual property. As between the parties, the Customer owns all Intellectual Property Rights in the Customer Data, while FL3XX owns all Intellectual Property Rights in the Services.
b) Display of Brand Features.-- Customer shall grant FL3XX the ability to display some Customer Brand Features within the Service. And, FL3XX shall grant Customer the ability to display FL3XX Brand Features. But, neither party may display or use the other party’s Brand Features beyond what is allowed for in this GTC without the other party’s prior consent.
c) Brand Features Limitation.-- Any use of a party’s Brand Features will inure to the benefit of the party holding Intellectual Property Rights in those Brand Features. A party may revoke the other party’s right to use its Brand Features pursuant to this GTC with written notice to the other party and with a reasonable period to stop the Brand Feature use.
d) Property Rights of User Data.-- The Services may contain information of End Users and information of other people or companies in connection with the Customer’s activities, such as names, aircraft details, or flight details. The Customer is the sole owner of this information (“Customer Information) and FL3XX possesses no rights in this information. Other information provided by other sources, including airport information, maps, and weather data, remains the property of the respective copyright holder(s).
e) Possible Infringement.-- If FL3XX reasonably believes the Services infringe upon a third party’s Intellectual Property Rights, then FL3XX will:
i) obtain the right to use the Service without infringing for the Customer, at FL3XX’s expense;
ii) provide a non-infringing functionally-equivalent replacement; or
iii) modify the Services to no longer infringe.
(1) Suspension or Termination- If FL3XX does not believe the foregoing options are commercially reasonable, then FL3XX may Suspend or Terminate Customer’s use of the impacted Services.
14) Term and Termination
a) Term Beginning.-- The Term begins on the Effective Date of the Subscription and expires on the 31 of December, 30 years after the Effective Date, unless terminated sooner by either Party.
b) Minimum Term.-- The Subscription may not be terminated within six (6) months of the Effective Date.
c) Involuntary Termination.-- Either party may Suspend or Terminate the Subscription with immediate effect if:
i) Material Breach- the other party breaches any term of the GTC or any other obligation under the Subscription and fails to cure that breach within thirty days after receipt of written notice; or
ii) Dissolve/Insolvency- the other party ceases its business operations or becomes subject to insolvency proceedings that are not dismissed within ninety (90) days.
d) Voluntary termination.--
i) By the Customer- The Customer may Terminate the Subscription after the Minimum Term at its own discretion by providing written notice to FL3XX at least thirty-one (31) days prior to the intended termination date.
ii) By FL3XX- FL3XX may terminate the Subscription at the end of any month by written notice to the Customer at least ninety (90) days prior to the intended termination date.
e) Effects of Termination.-- If the Subscription terminates, then:
i) the rights granted by one party to the other party will cease immediately (except as set forth in this Section);
ii) FL3XX will provide Customer access to, and the ability to export the Customer Data for a period of three (3) months, at FL3XX's then-current rates for the requested access and export services;
iii) after a period of three (3) months, FL3XX will delete Customer Data by removing pointers to it on FL3XX's active and replication servers, before overwriting it over time;
iv) the Customer may request at any time that FL3XX delete Customer Data before the expiration of the three (3) month period; and
v) upon request, each party will use commercially reasonable efforts to promptly return or destroy all other Confidential Information of the other party.
a) By Customer.-- Customer indemnifies, defends, and holds harmless FL3XX from and against all liabilities, damages, and costs (including settlement costs and reasonable attorneys’ fees) arising out of a third-party claim regarding:
i) Customer Data and/or Domain Names;
ii) Customer Brand Features that infringe or misappropriate any patent, copyright, trade secret, or trademark of a third party; and/or
iii) Customer’s use of the Services in violation of the Acceptable Use Policy.
b) By FL3XX.-- FL3XX indemnifies, defends, and holds harmless Customer from and against all liabilities, damages, and costs (including settlement costs and reasonable attorneys’ fees) arising out of a third party claim that FL3XX’s technology used to provide the Services or that any FL3XX Brand Feature infringes upon or misappropriates any patent, copyright, trade secret, and/or trademark of a third party. Notwithstanding the foregoing, in no event shall FL3XX maintain any liability under this Section arising from:
i) use of any Services or FL3XX Brand Features in a modified form, and/or in combination with materials not furnished by FL3XX, and (ii) any content, information, or data provided by Customer, End Users or other third parties.
c) General.-- The party seeking indemnification will promptly notify the other party of the claim and cooperate with the other party in defending the claim. The indemnifying party has full control and authority over the defense, except that: (a) any settlement requiring the party seeking indemnification to admit liability or to pay any money requires that party’s prior written consent, such consent shall not to be unreasonably withheld or delayed; and (b) the other party may join in the defense with its own counsel at its own expense. The indemnities above are the parties’ sole remedy under this GTC, and the corresponding Subscription, for the other party’s violation of a third party’s Intellectual Property Rights.
16) Limitation of Liability
a) Limitation on Indirect Liability.-- Neither party shall hold the other party liable under this GTC for lost revenues, indirect, special, incidental, consequential, exemplary, or punitive damages, even if the party knew or should have known that such damages were possible and even if direct damages do not satisfy the other party’s proven damages.
b) Authority Approval.-- If the Service is approved by the Customer, the Customer shall maintain full responsibility for obtaining an air operator’s certificate from the respective authoritative body. And, that approval or denial shall not constitute performance as contemplated by the Subscription or this GTC.
c) Limitation on Amount of Liability.-- Neither party shall be held liable for an amount greater than the amount paid by the Customer to FL3XX during the twelve months prior to the event giving rise to liability.
d) Exceptions to Limitations.-- These limitations of liability apply to the fullest extent permitted by applicable law, but do not apply to breaches of confidentiality obligations, violations of a party’s Intellectual Property Rights by the other party, or indemnification obligations.
a) Notices.-- Unless specified otherwise, all notices must be in writing and addressed to the attention of the other party’s legal department or primary point of contact.
i) Notice Given- Notice shall not be given by facsimile, and shall be deemed “given” when:
(1) verified by written receipt if sent by personal courier, overnight courier,
(2) received if sent by mail without verification of receipt; or
(3) verified by automated receipt or electronic logs if sent by email.
b) Assignment.-- Neither party may assign or transfer any part of the Subscription without the written consent of the other party, except to an affiliate, but only if:
i) the assignee agrees to be bound by the terms of the Subscription; and
ii) the assigning party remains liable for obligations incurred under the Subscription prior to the assignment. Any other attempt to transfer or assign is null and void.
c) Force Majeure.-- Neither party shall be held liable for inadequate performance caused by a condition that was created by something unforeseeable and beyond that party’s reasonable control (a natural disaster, act of war, terrorism, riot, governmental action, and Internet disturbance).
d) No Waiver.-- Failure to enforce any provision of this Subscription does not constitute a waiver of that provision.
e) Severability.-- If any provision of the Subscription is found unenforceable, the remainder of the Subscription remains in full force and effect.
f) No Agency Created.-- The parties are independent contractors, and the Subscription does not create an agency, partnership, or joint venture.
g) No Third-Party Beneficiaries.-- There are no third-party beneficiaries to the Subscription.
h) Equitable Relief.-- Nothing in the Subscription will limit either party’s ability to seek equitable relief.
i) Governing Law.-- The Subscription is governed by Austrian law. For any dispute arising out of or relating to the Subscription, the parties consent to personal jurisdiction in, and the exclusive venue of, the courts in Vienna, Austria.
j) Amendments.-- From time to time, FL3XX may make commercially reasonable amendments to the Services, the GTC, the SLA, the DPA or the Pricelist (the “Amendments”). FL3XX shall inform the Customer in writing of the Amendments before they become effective. The Customer, having received a notice of Amendment, has one (1) month from that notice to accept or reject the Amendments. Then,
i) If the Customer accepts the Amendments, the Amendments shall become effective upon the Acceptance date;
ii) If the Customer remains silent to the Amendments, the Amendments shall become effective after the one month has expired; or
iii) If the Customer rejects the Amendments, the prior Legal Texts shall remain effective for the ensuing month, before the parties may terminate the Subscription. If neither party chooses to terminate
18) Third-Party Connections
a) Third Party System.--When the Customer requests the connection of the Service to a Third Party System (“TPS”), Customer expressly grants permission to FL3XX to connect the Service to the TPS and transfer data from the Service to the TPS and from the TPS to the Service. The data transferred may include all data necessary to achieve the goals of the respective TPS.
b) Data Protection.--The data transfers between the Service and the TPS shall comply with the DPA.
c) Duration of TPS Connections.--The TPS connection shall continue until the end of the Term of this Subscription unless terminated sooner by the Customer via written notice to FL3XX
SERVICE LEVEL AGREEMENT
and Technical Support Services Guidelines
This Service Level Agreement and technical support services guidelines (“SLA”) apply to support services provided by FL3XX to its Customers for the Services, of which comprises part of the FL3XX Customer Agreement ("Subscription") between: (i) FL3XX GmbH ("FL3XX") acting on its own behalf and as agent for each FL3XX Affiliate; and (ii) the FL3XX Customer defined in the Subscription ("Customer") acting on its own behalf and as agent for each of its affiliates.
The terms used in this SLA should be construed together with the Subscription, and General Terms and Conditions (“GTC”). Capitalized terms not otherwise defined herein are defined in the GTC. Except as modified below, the terms of the Subscription shall remain in full force and effect.
In consideration of the mutual obligations described herein, the parties agree that the provisions below shall be added as an Addendum to the Subscription.
1) Support Requests
a) Support.-- The Customer will receive the Support level requested in the respective Subscription, including automatic product upgrades of the Services, maintenance updates of the Services, online self-help tools, access to the support-service team, and
b) Customer Efforts to Fix Errors.-- Prior to making a Request to FL3XX, the Customer shall use reasonable efforts to fix any error, bug, malfunction or network connectivity defect without escalating it to FL3XX. Subsequently, the Customer may submit a written Request through the tools provided by
c) Priority Level.-- Each Request by an End User to FL3XX shall be labeled Upon receiving a Request from a Customer’s End User, FL3XX will consider the request and determine whether the Request is a P1, P2, P3, or P4 priority. The different levels of Priority are defined as:
- P1, Service Unusable In Production- Critical service issue affecting all users, where the Service is unavailable or unusable with no workaround;
- P2, Service Severely Impaired- This issue is critically impacting a single user or critically impacting collaboration among users, and Service does not work as expected with no feasible workaround;
- P3, Service Partially Impaired- Service does not work as expected but a workaround is available; and
- P4, Service Usable- The Product does not work as desired, but A workaround is not necessary. This Priority level includes feature requests.
d) Mislabeled Requests.-- FL3XX may determine that a Request is mislabeled, and FL3XX will inform the Customer of this Any such determination made by FL3XX is final and binding on the Customer. The Customer may appeal the reclassification to FL3XX management through any available support channel.
e) Procedures for Acknowledgement and Resolution of Requests.-- When making a Request, the Customer will provide requested diagnostic information including: (i) describing of the problem, and the configuration of the Customer’s network; (ii) providing relevant data; and (iii) communicating further via email or telephone to answer questions and assist FL3XX Support Personnel as appropriate.
f) Request Acknowledgement.-- FL3XX will respond to a Request by acknowledging receipt of the Request. Customer acknowledges and understands that FL3XX may be unable to provide answers to or resolve all
g) Feature Requests.-- If FL3XX deems a Request a Feature Request, FL3XX will consider adding the Request to a future update or release of the Services, and will consider the matter FL3XX is under no obligation to respond to or resolve any Feature Request or to include any such Feature Request in any future update or release.
2) Accessing Support
a) FL3XX Help Center.-- Customer’s End Users of the Services are provided support solely through the FL3XX Help Center, which is accessible at http://app.fl3xx.com/ or another URL that FL3XX may The Customer shall be responsible for responding to any questions and complaints by End Users or other third parties relating to Customer’s or its End Users’ use of the Services, with such support services to be provided at Customer's own expense.
b) Support Hours.-- Access to FL3XX support is provided as follows:
- 24x7 by Phone- entitles users to access the support service team anytime, by phone, email, or other methods of communications. All other support levels entitle users to access the support service team anytime by email or other methods of written
- Business Hours- Business hours (the “Local Business Hours”) are defined as 9 am until 5 pm in the reference The reference timezones are as follows:
- for Customers in Europe, Middle East and Africa, CET-Central European Time;
- for customers in the Americas, EST-Eastern Standard Time; and
- for customers in Asia the reference timezone, CST-China Standard
c) Target Initial Response Times.-- The response times provided by FL3XX to the Customer are dependent on the Support level subscribed by the Customer in the Subscription, in conjunction with the level of priority of the issue requiring the
- Customers having subscribed to “24x7” and “24x7 with phone” support may expect the response times for P1 Priority support Requests to be responded to with a target initial response time of two (2) hours
- Customers having subscribed to “Business Hours” support may expect the response times for P1 Priority support Requests to be responded to with a target initial response within the same day or if later in the day, in the early part of the next business day.
- Customers having subscribed to “Standard” support may expect the response times for P1 Priority support Requests to be responded to with a target initial response within approximately the duration of one (1) business
- P2 Priority Support Requests are responded to with urgency, within the availability of the support team, at the latest during business hours of Central European
- P3 Priority Support Requests are responded to with an initial target of 2 business
- P4 Priority Support Requests will be responded to on a best effort
d) Credentials Required.-- a current and active Customer ID and Password may be Required to Access Support. The FL3XX online Help Center is available to all End Users of the Services. It is the responsibility of the Customer to provide valid login credentials to its End
a) Monthly Uptime.-- During the Term of the Subscription, the Services will be operational and available to Customer at least 9% of the time in any calendar month ("Uptime"). If FL3XX does not meet the Uptime, and if Customer meets its obligations under this SLA, Customer may receive a Service Discount described below, which the Customer shall use as the exclusive remedy for FL3XX’s failure to meet the Uptime obligation.
b) Service Discount.-- For any full percentage point (1%) below the Uptime, the monthly invoice shall be discounted by 10% of the total amount due, up to and not exceeding 10% below the
4) General Provisions
a) Updates.-- FL3XX may update the SLA from time to time, of which will not adversely affect the
b) Planned Maintenance.-- To ensure optimal performance of the Services, FL3XX performs periodic Maintenance. Most often, Maintenance will have limited or no impact on the availability and functionality of the Services. FL3XX will make all reasonable attempts to schedule maintenance events that are expected to have an impact on the Services at the time of lowest impact. If FL3XX expects planned Maintenance to negatively affect the availability or functionality of the Services, FL3XX will use commercially reasonable efforts to provide at least four days notice of the Maintenance to affected
c) Unscheduled Maintenance.-- FL3XX may perform emergency unscheduled Maintenance at any time. If FL3XX expects such unscheduled Maintenance to negatively affect the availability or functionality of the Services, FL3XX will use commercially reasonable efforts to provide advance notice of such
d) Support Term.-- FL3XX shall provide the support services described in this SLA during the term of the Subscription, and will have no obligation to provide any support services to Customer after the expiration or termination of such Subscription.
e) SLA Exclusions.-- This SLA does not apply to any services that expressly exclude the SLA, or any performance issues (i) caused by factors described in the "Force Majeure" section of the Subscription; or (ii) that resulted from equipment not within FL3XX’s primary control, like the Customer's equipment or third-party equipment, or both.
Data Processing Agreement
This Data Processing Agreement ("Agreement") forms part of the Contract for Services under the FL3XX General Terms and Conditions (the "Principal Agreement"). This Agreement is an amendment to the Principal Agreement and is effective upon its incorporation to the Principal Agreement, which incorporation may be specified in the Principal Agreement or an executed amendment to the Principal Agreement. Upon its incorporation into the Principal Agreement, this Agreement will form a part of the Principal Agreement.
We periodically update this Agreement. If you have an active FL3XX account, you will be informed of any modification by email.
The term of this Agreement shall follow the term of the Principal Agreement. Terms not defined herein shall have the meaning as set forth in the Principal Agreement.
- Your company act as a Data Controller (the "Controller").
- Your company wishes to subcontract certain Services (as defined below), which imply the processing of personal data, to FL3XX GmbH, acting as a Data Processor (the "Processor").
- The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- The Parties wish to lay down their rights and
IT IS AGREED AS FOLLOWS:
- Definitions and Interpretation
- Unless otherwise defined herein, capitalized terms and expressions used in this DPA shall have the following meaning:
- "Company Personal Data" means any Personal Data Processed by a Contracted Processor on Controller's behalf pursuant to or in connection with the Principal Agreement;
- "Contracted Processor" means a Subprocessor;
- "Data Protection Laws" means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
- "EEA" means the European Economic Area;
- EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
- "GDPR" means EU General Data Protection Regulation 2016/679;
- "Data Transfer" means:
- Unless otherwise defined herein, capitalized terms and expressions used in this DPA shall have the following meaning:
- Definitions and Interpretation
- a transfer of Company Personal Data from Controller to a Contracted Processor; or
- an onward transfer of Company Personal Data from a Contracted Processor to a Subcontracted Processor, or between two establishments of a Contracted Processor,
in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws);
- "Services" means end-to-end encrypted email The Service is described more in detail in Schedule 1.
- "Subprocessor" means any person appointed by or on behalf of Processor to process Personal Data on behalf of Controller in connection with the
- The terms, "Commission", "Controller", "Data Subject", "Member State", "Personal Data", "Personal Data Breach", "Processing" and "Supervisory Authority" shall have the same meaning as in the GDPR, and their cognate terms shall be construed
2. Processing of Company Personal Data
- Processor shall:
- comply with all applicable Data Protection Laws in the Processing of Company Personal Data; and
- not process Company Personal Data other than on Controller's documented
- Controller instructs Processor to process Company Personal Data to provide the Services and related technical
3. Processor Personnel
Processor shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual's duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
- Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall in relation to the Company Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the
- In assessing the appropriate level of security, Processor shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data
- Processor shall not appoint (or disclose any Company Personal Data to) any Subprocessor unless required or authorized by
6. Data Subject Rights
- Taking into account the nature of the Processing, Processor shall assist Controller by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of Controller obligations, as reasonably understood by Controller, to respond to requests to exercise Data Subject rights under the Data Protection
- Processor shall:
- promptly notify Controller if it receives a request from a Data Subject under any Data Protection Law in respect of Company Personal Data; and
- ensure that it does not respond to that request except on the documented instructions of Controller or as required by Applicable Laws to which the Processor is subject, in which case Processor shall to the extent permitted by Applicable Laws inform Controller of that legal requirement before the Contracted Processor responds to the
7. Personal Data Breach
- Processor shall notify Controller without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Controller with sufficient information to allow Controller to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection
- Processor shall co-operate with Controller and take reasonable commercial steps as are directed by Controller to assist in the investigation, mitigation and remediation of each such Personal Data
8. Data Protection Impact Assessment and Prior Consultation
- Processor shall provide reasonable assistance to Controller with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Controller reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted
9. Deletion or return of Company Personal Data
- Subject to this section 9 Processor shall promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Company Personal Data (the "Cessation Date"), delete and procure the deletion of all copies of those Company Personal
- Processor shall provide written certification to Controller that it has fully complied with this section 9 within 10 business days of the Cessation
10. Audit rights
- Subject to this section 10, Processor shall make available to Controller on request all information necessary to demonstrate compliance with this Agreement, and shall allow for and contribute to audits, including inspections, by Controller or an auditor mandated by Controller in relation to the Processing of the Company Personal Data by the Contracted
- Information and audit rights of Controller only arise under section 10.1 to the extent that the Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection
11. Data Transfer
- The Processor may not transfer or authorize the transfer of Data to countries outside the EU and/or the European Economic Area (EEA) without the prior written consent of Controller. If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal
12 General Terms
- Each Party must keep any information it receives about the other Party and its business in connection with this Agreement ("Confidential Information”) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:
- disclosure is required by law;
- the relevant information is already in the public
- All notices and communications given under this Agreement must be in writing and will be sent by email. Controller shall be notified by email sent to the address related to its use of the Service under the Principal Agreement. Processor shall be notified by email sent to the address: [email protected].
13. Governing Law and Jurisdiction
- This Agreement is governed by Austrian
- Any dispute arising in connection with this Agreement, which the Parties will not be able to resolve amicably, will be submitted to the exclusive jurisdiction of the courts of Austria.
Schedule 1: Service Description and Pricing
The Service offered by FL3XX GmbH is FL3XX ("FL3XX"). Plans and Pricing available at https://www.fl3xx.com/pricing/
Schedule 2: Data Processing and Security
- Description of the data processing carried out on behalf of the Controller
In addition to the information provided elsewhere in the Agreement, the Parties wish to document the following information in relation to the data processing activities.
Collection, processing and use of personal data. Personal data are only collected if you disclose them to us. Otherwise, no personal data will be collected. Your personal data may be processed beyond the statutory authorization conditions only on the basis of your express authorization.
As part of the registration for our newsletter, you provide us with your email address and other optional information. We use these data solely for the purpose of sending you the newsletter. When you register for our newsletter, we store your data until you cancel your subscription to our newsletter. You can unsubscribe at any time via the link in the newsletter intended for this purpose, or by sending us the appropriate notification. By unsubscribing, you revoke the use of your email address.
Specific information for the processing of customer data/prospective parties’ data
Affected data: Data communicated for contract execution; if necessary, additional data for processing on the basis of your express consent.
Processing Purpose: Contract execution.
Categories of recipients: Public authorities in the event of priority legislation.
External service providers or other contractors. Other external bodies in so far as the data subject has given his consent or a transmission is permitted due to a prevailing interest.
Third-country transfers: As part of contractual execution, processors could also be used outside the European Union.
Duration of data storage: The duration of data storage depends on the statutory storage requirements and is usually no longer than 1 year.
Website Log Files
When you visit our websites, your browser transmits certain data to our web server for technical reasons. The following data are recorded during an ongoing connection for communication between your internet browser and our web server:
- Date and time of your request
- Name of the requested file
- Page from which the file was requested
- Access status (file transferred, file not found, etc.)
- Type and version of the browser and the operating system you use
- Full IP address of the requesting computer
- Quantity of data transferred
For reasons of technical security, in particular to prevent attacks on our web server, we store these data for a short period of time. It is impossible to discern the identity of individual persons based on this data. After seven days at the latest, the data is anonymized by shortening the IP address at the domain level, so that it is no longer possible to establish any reference to the individual user. The anonymized data will also be processed for statistical purposes. We don’t compare any data to data in other databases or forward them to third parties, even in excerpts.
Web analysis with Google Analytics
This website uses Google Analytics with the extension “anonymizeIP()”, IP addresses being truncated before further processing in order to rule out direct associations to persons.
Google Ads Conversion Tracking
Information about cookies
- You can prevent storage of cookies by choosing a “disable cookies” option in your browser settings. But this can limit the functionality of our Internet offers as a
Following a subscription to the newsletter, your e-mail address is used for our own advertising purposes until you cancel your subscription to the newsletter. Cancellation is possible at any time. The following consent has been expressly granted by you separately, or possibly in the course of an ordering process: (you have been subscribed to a newsletter mailing list).
You may revoke your consent at any time with future effect. If you no longer want to receive the newsletter, then unsubscribe as follows: click the unsubscribe button, or email [email protected] directly.
Which protection rights do I have?
You have the right to obtain information, correction, deletion or of the processing of your stored data at any time, the right to object to processing and a right to data portability in accordance with the requirements of data privacy laws, which you can address to the data protection officer of FL3XX GmbH.
You can also submit complaints to the Austrian Data Protection Authority (www.dsb.gv.at).
According to the Federal Data Protection Act, you have a right to free-of-charge information about your stored data, and possibly entitlement to correction, blocking or deletion of such data. Inquiries can be directed to the following e-mail addresses: ([email protected])
Further Information and Contact Data Protection Officer:
Rechtsanwalt Dr. Sebastian Kraska, Geschäftsführer der IITR GmbH Marienplatz 2 80331
München [email protected]
Telefon: +49 89 189 173 60
for FL3XX Online Services for Business
Entry in Handelsregister
Register Number: FN 346531 f
Register Court: Handelsgericht Wien
Data Protection Officer:
Rechtsanwalt Dr. Sebastian Kraska, Geschäftsführer der IITR GmbH Marienplatz 2
80331 München [email protected]
Telefon: +49 89 189 173 60
Accountability for content
The contents of our pages have been created with the utmost care. However, we cannot guarantee the contents’ accuracy, completeness or topicality. According to statutory provisions, we are furthermore responsible for our own content on these web pages. In this context, please note that we are accordingly not obliged to monitor merely the transmitted or saved information of third parties, or investigate circumstances pointing to illegal activity. Our obligations to remove or block the use of information under generally applicable laws remain unaffected by this as per §§ 8 to 10 of the Telemedia Act (TMG).
Accountability for links
Responsibility for the content of external links (to web pages of third parties) lies solely with the operators of the linked pages. No violations were evident to us at the time of linking. Should any legal infringement become known to us, we will remove the respective link immediately.
Our web pages and their contents are subject to Austrian copyright law. Unless expressly permitted by law (§ 44a et seq. of the copyright law), every form of utilizing, reproducing or processing works subject to copyright protection on our web pages requires the prior consent of the respective owner of the rights. Individual reproductions of a work are allowed only for private use, so must not serve either directly or indirectly for earnings. Unauthorized utilization of copyrighted works is punishable (§ 106 of the copyright law).
Social plug-ins from Facebook