FL3XX GmbH

Legal information

General terms and Conditions

General Terms and Conditions for FL3XX Online Services for Business

This FL3XX Online Services for Business are provided by FL3XX GmbH, an Austrian company, (“FL3XX”) to its customer (“Customer”). These General Terms and Conditions (the “GTC”) are effective and integral to the principal agreement (“Subscription”) between FL3XX and the Customer.

  1. Definitions.
    • “Active Item” means any item in the Service that has changed status, was caused to change status or caused other items inside or outside the Service to change status.
    • “Admin Account(s)” means the administrative account(s) provided to Customer by FL3XX for the purpose of administering the Services. The use of the Admin Account(s) requires a password, which FL3XX will provide to the Customer.
    • “Administrators” mean the Customer-designated technical personnel who administer the Services on Customer’s behalf.
    • “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control of a Party.
    • “Application Programming Interface” or “API” means software program that enables the exchange of data between the Service and a TPS.
    • “Billable Item” means any item in the Service that is defined in the Pricelist with a fee.
    • “Brand Features” means the trade names, trademarks, service marks, logos, domain names, and other distinctive brand features of each party, respectively, as secured by such party from time to time.
    • “Confidential Information” means information disclosed by a party to the other party under the Subscription that is marked as confidential or would normally be considered confidential under the circumstances. Customer Data is Customer’s Confidential Information.
    • "Customer Contact" means persons designated and entitled by the Customer to communicate with FL3XX for matters concerning the Services.
    • “Customer Data” means data, including email, provided, generated, transmitted or displayed via the Services by Customer or End Users.
    • “Emergency Security Issue” means either: (a) Customer’s use of the Services in violation of the Acceptable Use Policy, which could disrupt: (i) the Services; (ii) other customer’s use of the Services; or (iii) the FL3XX network or servers used to provide the Services; or (b) unauthorized third party access to the Services.
    • “End Users” means the individuals the Customer permits to use the Services.
    • “End User Account” means an account established by Customer through the Services for an End User.
    • "Feature Request" means a request by a Customer Contact to incorporate a new feature or enhance an existing feature of the Services that is currently not available as part of the existing Services.
    • “Fees” means the amounts invoiced by FL3XX for the Services used by the Customer.
    • "FL3XX Support Personnel" mean the FL3XX representatives responsible for handling Requests.
    • “High Risk Activities” means uses such as the operation of military flights, air traffic control, life support systems, or other activities where the use or failure of the Services could lead to death, personal injury, or environmental damage.
    • “Intellectual Property Rights” means current and future worldwide rights under patent law, copyright law, trade secret law, trademark law, moral rights law, and other similar rights.
    • "Maintenance" means maintenance work that is performed on hardware or software delivering the Services.
    • “Notification Email Address” means the email address designated by Customer to receive email notifications from FL3XX. Customer may change this email address through the Admin Console.
    • “Pricelist” The Pricelist is published in the website http://fl3xx.com.  The Pricelist lists the Fees for the use of Services.
    • "Priority" means the level of impact a Request is having on Customer’s operations and is used to establish target response times. P1: Critical Impact = Service Unusable in Production; P2: High Impact = Service Use Severely Impaired; P3: Medium Impact = Service Use Partially Impaired; P4: Low Impact = Service Fully Usable.
    • "Request" means a request from Customer to FL3XX Support Personnel for technical support to resolve a question or problem report regarding the Services.
    • “Service” or “Services” means the services provided by FL3XX to the Customer. Service means Services.
    • “SLA” means the Service Level Agreement, a separate document published on http://fl3xx.com.
    • “Suspend” means the immediate disabling of access to the Services, or components of the Services, as applicable, to prevent further use of the Services.
    • “Taxes” means any duties, customs fees, or taxes (other than FL3XX’s income tax) associated with the sale of the Services, including any related penalties or interest.
    • “Term” means the term of the Subscription, which will begin on the Effective Date and continue until the Subscription naturally expires or is terminated.
    • “Third Party Request” means a request from a third party for records relating to an End User’s use of the Services. Third Party Requests can be a lawful search warrant, court order, subpoena, other valid legal order, or written consent from the End User permitting the disclosure.
    • “TPS” or “Third Party Systems” are systems which are not owned or operated by FL3XX that may optionally be connected to the Services to add functionality to the Services or to the TPS. Connection of Services to TPS is requested by and operated under the responsibility of the Customer.

2. Services Provided.

    • Services Summary.

The Services include a web-based, end-to-end solution for aviation service providers. The Services provide the capability to sell, schedule, dispatch flights, to manage all the related information, to send and receive messages and to create reports.

    • Interoperability.

The Services are capable to connect with Third Party Systems (“TPS”) and to interact with them to provide further functionality. The functions and benefits provided in conjunction with TPS are not guaranteed, and their operation is limited to the availability of the TPS. The Customer explicitly waives any and all claims over the availability of any function in connection with TPS.

    • Data Protection.

The Services are provided in compliance with relevant regulation on data privacy and protection. In particular, the Data Protection Agreement (the “DPA”) specifies compliance with the European General Data Protection Regulation (GDPR).

    • Data Security and Transfer.

All facilities used to store and process Customer Data will adhere to reasonable security standards no less protective than the security standards at facilities where FL3XX stores and processes its own information of a similar type. FL3XX has implemented at least industry standard systems and procedures to ensure the security and confidentiality of Customer Data, to protect against anticipated threats or hazards to the security or integrity of Customer Data, and to protect against unauthorized access to or use of Customer Data. As part of providing the Services, FL3XX may transfer, store and process Customer Data in any country in which FL3XX maintains facilities, within the limits specified in 7.h. By using the Services, Customer consents to this transfer, processing and storage of Customer Data.

    • Data Safety.

FL3XX takes all the commercially reasonable steps to keep Customer data safe against loss and damage. The standard procedures in place include daily backups for the last rolling 30 days and live replication of the main database containing the Customer data. All the data is kept by reputable cloud services suppliers.

    • FL3XX Domain Name Ownership.

FL3XX provides its Services to Customer under its own Domain Names. The Customer does not own or control the FL3XX Domain Names. FL3XX will have no obligation to provide the Customer with any further Services other than those provided under 1. above. Customer explicitly waives any and all claims over the use of the Domain Names under which the Services are provided.

3. Customer Obligations.

    • Compliance.

The Customer will use the Services in accordance with the Acceptable Use Policy. FL3XX may create new Services, add or modify features or functionality from time to time, the use of which may be contingent upon Customer’s agreement to additional terms. The Customer agrees that its use of the Services is subject and continues to be subject to its compliance with this GTC.

    • Customer Administration of the Services.

The Customer may specify one or more Administrators. The Administrator(s) have the rights to access administration Account(s) and to manage End User Accounts. The Customer and its Administrator(s) are responsible for: (a) maintaining the confidentiality of the Admin Account(s) password(s); (b) designating those individuals who are authorized to access the Admin Account(s); and (c) ensuring that all activities that occur in connection with the Admin Account(s) comply with this GTC. The Customer agrees that FL3XX’s responsibilities do not extend to the internal management or administration of the Services for the Customer and that FL3XX is merely a data-processor, while the Customer is a data-controller.

    • Changes To Services.

The Customer’s Administrators have the ability to request, install, remove and in general manage all aspects of the Services, including when such changes modify the Fees for the Service.  The Customer’s Administrators can request and order special features and functions, including when such features and functions are provided at an additional cost.

    • End User Consent.

The Customer’s Administrators may have the ability to access, monitor, use, or disclose data available to End Users within the End User Accounts. The Customer will obtain and maintain all required consents from End Users to allow Customer’s access, monitoring, use and disclosure of this data and make it available to FL3XX on request.

    • Authorized Users.

The Customer shall provide access to the Service to any of its employees or other persons working directly under its own control or under the direct control of controlled companies. Any person not under such control may not be provided use of the Services. Any such person or the company employing such person shall directly enter in an agreement with FL3XX for the use of the Services.

    • Unauthorized Use.

The Customer will use commercially reasonable efforts to prevent unauthorized use of the Services, and to terminate any unauthorized use. The Customer will promptly notify FL3XX of any unauthorized use of, or access to, the Services of which it becomes aware.

    • Restrictions on Use.

Unless FL3XX specifically agrees in writing, the Customer will not, and will use commercially reasonable efforts to make sure a third party does not: (a) use or employ the Services for its own activities whether commercial or not or whether such activities are connected to those of the Customer; (b) sell, resell, lease or the functional equivalent, the Services to a third party; (c) attempt to reverse engineer the Services or any component; (d) attempt to create a substitute or similar service through use of, or access to, the Services; (e) use the Services for High Risk Activities; or (f) use the Services to store or transfer any Customer Data that is controlled for export under Export Control Laws.

    • Third Party Requests.

The Customer is responsible for responding to Third Party Requests. FL3XX will, to the extent allowed by law and by the terms of the Third Party Request: (a) promptly notify Customer of its receipt of a Third Party Request; (b) comply with the Customer’s reasonable requests regarding its efforts to oppose a Third Party Request; and (c) provide the Customer with the information or tools required for the Customer to respond to the Third Party Request. The Customer will first seek to obtain the information required to respond to the Third Party Request on its own, and will contact FL3XX only if it cannot reasonably obtain such information.

    • Acceptable Use Policy.

The Customer agrees not to, and not to allow third parties or its End Users, to use the Services:

      • to generate or facilitate unsolicited bulk commercial email;
      • to violate, or encourage the violation of, the legal rights of others;
      • for any unlawful, invasive, infringing, defamatory, or fraudulent purpose;
      • to intentionally distribute viruses, worms, Trojan horses, corrupted files, hoaxes, or other items of a destructive or deceptive nature;
      • to interfere with the use of the Services, or the equipment used to provide the Services, by customers, authorized resellers, or other authorized users;
      • to alter, disable, interfere with or circumvent any aspect of the Services;
      • to test or reverse-engineer the Services in order to find limitations, vulnerabilities or evade filtering capabilities;
      • to use the Services, or a component of the Services, in a manner not authorized by FL3XX.
      • The failure of the Customer to comply with these Acceptable Use Policies may result in suspension or termination, or both, of the Services.

4. Billing and Payment.

    • Invoicing.

The Customer will pay for the Services on a monthly basis starting at the Start of Service. FL3XX will invoice the Customer for the applicable Fees at the end of each month. Applicable Fees include any Fees relevant to any Active Items.

    • Start of Service.

The Service shall start when the Service is available online for use by Customer, and communicated to Customer. The contents of the Service, their relevance and their precision are the sole responsibility of the Customer and shall not influence the Start of Service or its availability.

    • Additional Costs and Fees.

Travel and lodging costs are not included in any of the Fees and shall be invoiced additionally at cost.

    • Payments.

All payments are due as indicated on the Invoice.  All payments are non-refundable. In general all installaton, setup and custom development fees are due at the time the order is placed.  In general all recurrent fees are due at the end of each billing period.

      • Invoices.

FL3XX invoices for Service Fees are sent at the end of the period and are due 10 days after the invoice date.

FL3XX invoices for any additional services which are not part of the Services, including for example, not exhaustively, Installation and setup of the Services, Training, configuration, data insertion, software development specially requested by the Customer, cleanup and upload of historical data, creation of interfaces to other systems, collection of data from other sources, etc. are sent at the same time as that when the order is placed by the Customer and are payable before the relevant work is started and before the additional services are provided.

      • Other Forms of Payment.

The Customer may change its payment method at any time. FL3XX may enable other forms of payment. These other forms of payment may be subject to additional terms which the Customer may have to accept prior using the additional forms of payment.

    • Delinquent Payments.

All payments due and not received by FL3XX are deemed delinquent. Delinquent payments bear interest at the rate of one percent per month (or the highest rate permitted by law, if less) from the payment due date until paid in full. The Customer will be responsible for all reasonable expenses (including attorneys' fees) incurred by FL3XX in collecting such delinquent amounts, except where such delinquent amounts are due to FL3XX's invoicing inaccuracies. For each notice sent for delinquent payments a standard charge in the amount defined in the Pricelist is added to the overdue invoice.

    • Suspension for Non-Payment.
      • Automatic Suspension.

If Customer does not pay delinquent Fees within twentyone (21) days, FL3XX will automatically Suspend the Service.

      • During Suspension.

If the Customer is suspended, FL3XX will continue charging Customer all Fees during Customer’s suspension for non-payment.  During the time while the Service is suspended, the End-Users will not have access to Service, however all functions, including all connections to TPS will remain fully functional and all data will be updated as during normal operation of Service.

      • End of Suspension.

When Customer has paid all due invoices and overdue invoices at the time of payment and FL3XX has received such payments, FL3XX shall promptly reinstate the service.

      • Termination After Suspension.

If Customer remains suspended for more than ninety (90) days, FL3XX may terminate the Customer for breach pursuant to Section 14.

    • Taxes.

The Customer is responsible for any Taxes, and the Customer will pay FL3XX for the Services without any reduction for Taxes. If FL3XX is obligated to collect or pay Taxes, the Taxes will be invoiced to the Customer, unless the Customer provides FL3XX with a valid tax exemption certificate or method authorized by the relevant taxing authority. If the Customer is required by law to withhold any Taxes from its payments to FL3XX, Customer must provide FL3XX with an official tax receipt or other appropriate documentation to support such payments.

5. Technical Support Services.

    • By Customer.

Customer will, at its own expense, respond to questions and complaints from End Users or third parties relating to the Customer’s or End Users’ use of the Services. The Customer will use commercially reasonable efforts to resolve support issues before escalating them to FL3XX.

    • By FL3XX.

If Customer cannot resolve a support issue consistent with the above, then Customer may escalate the issue to FL3XX in accordance with the SLA. FL3XX will provide Support to the Customer in accordance with the SLA.

6. Suspension.

    • Of End User Accounts by FL3XX.

If FL3XX becomes aware of an End User’s violation of this GTC, the SLA, the DPA, then FL3XX may specifically request that the Customer Suspend the applicable End User Account. If the Customer fails to comply with FL3XX’s request to Suspend an End User Account, then FL3XX may do so. The duration of any Suspension by FL3XX will be until the relevant End User has cured the breach which caused the Suspension.

    • Emergency Security Issues.

Notwithstanding the foregoing, if there is an Emergency Security Issue, then FL3XX may automatically Suspend the offending use. Suspension will be to the minimum extent and of the minimum duration required to prevent or terminate the Emergency Security Issue. If FL3XX Suspends an End User Account for any reason without prior notice to the Customer, at Customer’s request, FL3XX will provide to the Customer the reason for the Suspension as soon as is reasonably possible.

7. Confidential Information.

    • Obligations.

Each party will: (a) protect the other party’s Confidential Information with the same standard of care it uses to protect its own Confidential Information; and (b) not disclose the Confidential Information, except to Affiliates, employees and agents who need to know it and who have agreed in writing to keep it confidential. Each party (and any Affiliates, employees and agents to whom it has disclosed Confidential Information) may use Confidential Information only to exercise rights and fulfill its obligations under this GTC, while using reasonable care to protect it. Each party is responsible for any actions of its Affiliates, employees and agents in violation of this Section.

    • Exceptions.

Confidential Information does not include information that: (a) the recipient of the Confidential Information already knew; (b) becomes public through no fault of the recipient; (c) was independently developed by the recipient; or (d) was rightfully given to the recipient by another party.

    • Required Disclosure.

Each party may disclose the other party’s Confidential Information when required by law but only after it, if legally permissible: (a) uses commercially reasonable efforts to notify the other party; and (b) gives the other party the chance to challenge the disclosure.

    • Personal Information.

The Services may contain personal information of End Users and personal information of other people in connections with the Customer’s activities. FL3XX is responsible to employ all commercially reasonable technologies to keep all personal information protected. The Customer is responsible for the use of the Services so that all personal information contained in the Services is kept safe.

    • Financial Information.

The Services may contain financial information of End Users and financial information of other people or companies in connections with the Customer’s activities, such as credit card numbers. FL3XX is responsible to employ all commercially reasonable technologies to keep all financial information protected. The Customer is responsible for the use of the Services so that all financial information contained in the Services is kept safe. The Customer accepts all responsibility for the storage and use of personal or corporate financial information, and explicitly waives FL3XX of any and all responsibility arising from financial information stored or manipulated in the Services.

    • Exchange of Information with Third Parties.

The Services allow the exchange of information from the Customer to the third party, and from the third party to the Customer, to perform certain functions. The Customer explicitly approves the transmission and reception of information from and to the Services, and accepts responsibility for the security and for the integrity of the data being transferred. The Customer explicitly waives FL3XX of any and all responsibility arising from the transmission and/or the reception of data by use of the Services.

    • Statistical Information.

From time to time FL3XX shall do research to improve its services and its understanding of the business and market logic. To effect such research, FL3XX may extract information and process it directly or indirectly with its own tools or with third party tools. All extraction and processing shall be performed with diligence in respect of the European General Data Protection Regulation and any other relevant regulations. In particular, all data shall be manipulated at all stages of such activities so that no personal or corporate information is apparent. FL3XX has the right to release the results of its research within the boundaries stated in this GTC.

8. Intellectual Property Rights.

    • Intellectual Property Rights.

Except as expressly set forth herein, this GTC does not grant either Party any rights, implied or otherwise, to the other Party’s content or any of the other Party’s intellectual property. As between the Parties, the Customer owns all Intellectual Property Rights in the Customer Data, and FL3XX owns all Intellectual Property Rights in the Services.

    • Display of Brand Features.

FL3XX may display some Customer Brand Features of Customer within designated areas of the Service pages. Neither party may display or use the other party’s Brand Features beyond what is allowed in this GTC without the other party’s prior consent.

    • Brand Features Limitation.

Any use of a Party’s Brand Features will inure to the benefit of the party holding Intellectual Property Rights in those Brand Features. A party may revoke the other party’s right to use its Brand Features pursuant to this GTC with written notice to the other Party and a reasonable period to stop the use.

    • Property Rights of User Data.

The Services may contain information of End Users and information of other people or companies in connections with the Customer’s activities, such as names, aircraft details, or flight details. The Customer is the sole owner of such information (“Customer Information) and FL3XX claims no rights to this information. Other information provided by other sources, including, for example, airport information, maps, weather data, is the property of the respective copyright holders.

9. Term and Termination.

The Term Starts at the Effective Date of the Subscription  and expires 30 years after the Effective Date on the 31 December, unless sooner terminated by either Party.

    • Minimum Term.

The Subscription may not be terminated prior to six (6) months after the Effective Date.

    • Termination for Breach.

Either party may Suspend or Terminate the Subscription with immediate effect if: (i) the other party is in material breach of the GTC or any other obligation under the Subscription and fails to cure that breach within thirty days after receipt of written notice; (ii) the other party ceases its business operations or becomes subject to insolvency proceedings and the proceedings are not dismissed within ninety (90) days.

    • Voluntary termination.
      • By the Customer.

The Customer may Terminate the Subscription after the Initial Term at its own discretion and at the end of any month by written notice to FL3XX at least one (1) month prior to the intended Termination Date.

      • By FL3XX.

The Subscription may be terminated by FL3XX at the end of any month by written notice to the Customer at least three (3) months prior to the intended Termination Date.

    • Effects of Termination.

If the Subscription terminates, then: (i) the rights granted by one party to the other will cease immediately (except as set forth in this Section); (ii) FL3XX will provide Customer access to, and the ability to export the Customer Data for a period of three (3) months at FL3XX's then current rates for the requested access and export services; (iii) after a period of three (3) months, FL3XX will delete Customer Data by removing pointers to it on FL3XX's active and replication servers and overwriting it over time; (iv) the Customer may request at any time that FL3XX delete Customer Data before the expiration of the three (3) month period; and (v) upon request each party will promptly use commercially reasonable efforts to return or destroy all other Confidential Information of the other party.

10. Indemnification.

    • By Customer.

Customer will indemnify, defend, and hold harmless FL3XX from and against all liabilities, damages, and costs (including settlement costs and reasonable attorneys’ fees) arising out of a third party claim: (i) regarding Customer Data or Domain Names; (ii) that Customer Brand Features infringe or misappropriate any patent, copyright, trade secret or trademark of a third party; or (iii) regarding Customer’s use of the Services in violation of the Acceptable Use Policy.

    • By FL3XX.

FL3XX will indemnify, defend, and hold harmless Customer from and against all liabilities, damages, and costs (including settlement costs and reasonable attorneys’ fees) arising out of a third party claim that FL3XX’s technology used to provide the Services or any FL3XX Brand Feature infringe or misappropriate any patent, copyright, trade secret or trademark of such third party. Notwithstanding the foregoing, in no event shall FL3XX have any obligations or liability under this Section arising from: (i) use of any Services or FL3XX Brand Features in a modified form or in combination with materials not furnished by FL3XX, and (ii) any content, information or data provided by Customer, End Users or other third parties.

    • Possible Infringement.
      • Repair, Replace, or Modify.

If FL3XX reasonably believes the Services infringe a third party’s Intellectual Property Rights, then FL3XX will: (a) obtain the right for Customer, at FL3XX’s expense, to continue using the Services; (b) provide a non-infringing functionally equivalent replacement; or (c) modify the Services so that they no longer infringe.

      • Suspension or Termination.

If FL3XX does not believe the foregoing options are commercially reasonable, then FL3XX may Suspend or Terminate Customer’s use of the impacted Services.

    • General.

The party seeking indemnification will promptly notify the other party of the claim and cooperate with the other party in defending the claim. The indemnifying party has full control and authority over the defense, except that: (a) any settlement requiring the party seeking indemnification to admit liability or to pay any money will require that party’s prior written consent, such consent not to be unreasonably withheld or delayed; and (b) the other party may join in the defense with its own counsel at its own expense. THE INDEMNITIES ABOVE ARE A PARTY’S ONLY REMEDY UNDER THIS GTC FOR VIOLATION BY THE OTHER PARTY OF A THIRD PARTY’S INTELLECTUAL PROPERTY RIGHTS.

11. Limitation of Liability.

    • Limitation on Indirect Liability.

Neither party will be liable under this GTC for lost revenues or indirect, special, incidental, consequential, exemplary, or punitive damages, even if the party knew or should have known that such damages were possible and even if direct damages do not satisfy a remedy.

    • Authority Approval.

If the Service is approved by an Authority such as a Civil Aviation Authority for use by the Customer, such approval does not constitute performance requirement of the Service other than as stated in this GTC.  Any failure of the Service to comply with the Authority’s requirements is in the full responsibility of the Customer.

    • Limitation on Amount of Liability.

Neither party may be held liable under this GTC for more than the amount paid by customer to FL3XX hereunder during the twelve months prior to the event giving rise to liability.

    • Exceptions to Limitations.

These limitations of liability apply to the fullest extent permitted by applicable law but do not apply to breaches of confidentiality obligations, violations of a party’s Intellectual Property Rights by the other party, or indemnification obligations.

12. Representations, Warranties and Disclaimers.

    • Representations and Warranties.

Each party represents that it has full power and authority to enter into the Subscription. Each party warrants that it will comply with all laws and regulations applicable to its provision, or use, of the Services, as applicable. FL3XX warrants that it will provide the Services in accordance with the SLA.

    • Disclaimers.

To the fullest extent permitted by applicable law, except as expressly provided for herein, neither party makes any other warranty of any kind, whether express, implied, statutory or otherwise, including without limitation warranties of merchantability, fitness for a particular use and non-infringement. FL3XX makes no representations about any content or information made accessible by or through the services.

13. Miscellaneous.

    • Notices.

Unless specified otherwise, (a) all notices must be in writing and addressed to the attention of the other party’s legal department or primary point of contact and (b) notice will be deemed given: (i) when verified by written receipt if sent by personal courier, overnight courier, or when received if sent by mail without verification of receipt; or (ii) when verified by automated receipt or electronic logs if sent by email.  Facsimile is not a valid means for notification.

    • Assignment.

Neither party may assign or transfer any part of the Subscription without the written consent of the other party, except to an Affiliate, but only if: (a) the assignee agrees to be bound by the terms of the Subscription; and (b) the assigning party remains liable for obligations incurred under the Subscription prior to the assignment. Any other attempt to transfer or assign is void.

    • Force Majeure.

Neither party will be liable for inadequate performance caused by a condition (for example, natural disaster, act of war or terrorism, riot, labor condition, governmental action, and Internet disturbance) that was beyond the party’s reasonable control.

    • No Waiver.

Failure to enforce any provision of the Subscription will not constitute a waiver.

    • Severability.

If any provision of the Subscription is found unenforceable, the remainder of the Subscription will remain in full force and effect.

    • No Agency.

The parties are independent contractors, and the Subscription does not create an agency, partnership or joint venture.

    • No Third-Party Beneficiaries.

There are no third-party beneficiaries to the Subscription.

    • Equitable Relief.

Nothing in the Subscription will limit either party’s ability to seek equitable relief.

    • Governing Law.

The Subscription is governed by Austrian law. For any dispute arising out of or relating to the Subscription, the parties consent to personal jurisdiction in, and the exclusive venue of, the courts in Vienna, Austria.

    • Amendments.

From time to time, FL3XX may make commercially reasonable amendments to the Services, these GTC, the SLA, the DPA, the Pricelist and other contractual documents (the “Amendments”).  FL3XX shall inform the Customer of such Amendments before they are effective.  The Customer, having received a notice of Amendment, has one (1)  month, from the moment the Amendments become effective, to accept or not accept the Amendments.  If the Customer does not accept the Amendments, the same Amendments shall not apply to the Customer and the Customer shall immediately request voluntary termination of the Subscription or will be deemed to have implicitly done so one (1) month after the Amendments have become effective.  If the Customer does not decline acceptance of the Amendments nor requests termination of the Subscription, the Changes are deemed to be accepted by the Customer.

Service Level Agreement

Service Level Agreement

and Technical Support Services Guidelines

This Service Level Agreement (“SLA”) and technical support services guidelines apply to support services for Services provided by FL3XX to its Customers.  This SLA is effective and integral to the Principal Agreement (“Agreement”) signed between FL3XX and the Customer.

This Service Level Agreement (“SLA”) forms part of the FL3XX Agreement ("Principal Agreement") between: (i) FL3XX GmbH ("FL3XX") acting on its own behalf and as agent for each FL3XX Affiliate; and (ii) the FL3XX Customer as defined in the Principal Agreement ("Customer") acting on its own behalf and as agent for each Customer Affiliate.

  

The terms used in this SLA shall have the meanings set forth in this SLA. Capitalized terms not otherwise defined herein shall have the meaning given to them in the Principal Agreement.  Except as modified below, the terms of the Principal Agreement shall remain in full force and effect.   

In consideration of the mutual obligations set out herein, the parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Principal Agreement. Except where the context requires otherwise, references in this Addendum to the Principal Agreement are to the Principal Agreement as amended by, and including, this Addendum.

  1. Support Request Submission
  1. Customer Efforts to Fix Errors.

Prior to making a Request to FL3XX, the Customer will use reasonable efforts to fix any error, bug, malfunction or network connectivity defect without escalation to FL3XX. Thereafter, the Customer may submit a written Request through the tools provided by FL3XX.

  1. Priority Level.

Each support request by an End User to FL3XX shall be labeled appropriately. Upon receiving a Request from a Customer End User, FL3XX will consider the request and determine whether the Request is a P1, P2, P3, P4 priority.  Mislabeled requests will be relabeled by FL3XX.  Any such determination made by FL3XX is final and binding on the Customer. FL3XX reserves the right to change Customer’s Priority designation if FL3XX believes that the Customer’s designation is incorrect and will inform the Customer of any such change in its response to the Request. The Customer may appeal any such reclassification to FL3XX’s Support management for review through any available support channel.

Priority of requests is defined as:

  • P1, Service Unusable In Production.  Critical service issue affecting all users, where the Service is unavailable or unusable with no workaround.
  • P2, Service Severely Impaired.  This issue is critically impacting a single user or critically impacting collaboration among users and Service does not work as expected, with no feasible workaround.
  • P3, Service Partially Impaired.  Service does not work as expected but a workaround is available.
  • P4, Service Usable.  Product does not work as desired, but functions.  A workaround is not necessary.  This Priority level includes feature requests.
  1. Procedures for Acknowledgement and Resolution of Requests.

When making a Request, the Customer will provide requested diagnostic information including but not limited to: (i) describing the problem, the configuration, and Customer’s network; (ii) providing relevant data; and (iii) communicating further via email or telephone to answer questions and assist FL3XX Support Personnel as appropriate.

  1. Request Acknowledgement.

FL3XX may respond to a Request by acknowledging receipt of the Request. Customer acknowledges and understands that FL3XX may be unable to provide answers to, or resolve all, Requests.

  1. Feature Requests.

If FL3XX deems a Request as a Feature Request, FL3XX will log such request for consideration to add to a future update or release of the Services and will consider the matter closed. FL3XX is under no obligation to respond to or resolve any Feature Request or to include any such Feature Request in any future update or release.

  1. Accessing Support

The Customer will receive the Support level requested, according to its Subscription, including the following:

  • Automatic product upgrades of the Services
  • Maintenance updates of the Services
  • Online self help
  • Access to support service team according to “Support Hours” below.

Support is included as applicable with all Services.

  1. FL3XX Help Center.

Customer’s End Users of the Services are provided support solely through the FL3XX Help Center, which is accessible at http://app.fl3xx.com/ or such URL as FL3XX may provide. The Customer is responsible for responding to any questions and complaints by End Users or other third parties relating to Customer’s or its End Users’ use of the Services, with such support services to be provided at Customer's own expense.

  1. Support Hours.

Access to FL3XX support is provided as follows:

“24x7 with phone” support entitles users to access the support service team anytime by phone, email or other methods of communications.  All other support levels entitle users to access the support service team anytime by email or other methods of written communications.

  1. Business Hours.

Business hours (the “Local Business Hours”) are defined as 9am until 5pm in the reference timezone.  The reference timezone are as follows:  for Customers in the Europe, Middle East and Africa, CET-Central European Time; for customers in the Americas, EST-Eastern Standard Time; for customers in Asia the reference timezone, CST-China Standard Time.

  1. Target Initial Response Times.

The response times provided by FL3XX to the Customer are dependent on the Support level subscribed by the Customer in the Subscription, in conjunction with the level of priority of the issue requiring the support.

Customers having subscribed to “24x7” and “24xt with phone” support shall expect the response times for P1 Priority support Requests to be responded to with a target initial response time of two (2) hours.

Customers having subscribed to “Business Hours” support shall expect the response times for P1 Priority support Requests to be responded to with a target initial response within the same day or if later in the day, in the early part of the next business day.

Customers having subscribed to “Standard” support shall expect the response times for P1 Priority support Requests to be responded to with a target initial response within approximately the duration of one (1) business day.

P2 Priority support Requests are responded to with urgency, within availability of the support team.  In any case, responses shall be at the latest during business hours of Central European Time.

P3Priority support Requests are responded to with an initial target of 2 business days.

P4 Priority Support Requests will be responded to on a best effort basis.

  1. Customer ID and Password may be Required to Access Support.

The FL3XX online Help Center is available to all End Users of the Services.  A Valid Login may be required to access some information pages in the Help Center, and to access support.  A Valid Login is an End User account currently enabled access to the Services. It is the responsibility of the Customer to provide valid login credentials to its End Users.

  1. Uptime
  1. Monthly Uptime.

During the Term of the applicable Agreement, the Services will be operational and available to Customer at least 99.9% of the time in any calendar month (the "Uptime"). If FL3XX does not meet the Uptime, and if Customer meets its obligations under this SLA, Customer will be eligible to receive the Service Discount described below. This FL3XX SLA states Customer's sole and exclusive remedy for any failure by FL3XX to meet the Uptime.

  1. Service Discount.

For any full percentage point (1%) below the Uptime, the monthly invoice shall be discounted by 10% of the total amount due, up to and not exceeding 10% below the uptime and a discount of 100% of the total amount due.

  1. Customer Must Request Service Discount.

In order to receive the Service Discount described above, the Customer must notify FL3XX in writing within 5 business days from the time Customer becomes eligible to receive a Service Discount. Failure to comply with this requirement will forfeit the Customer's right to receive a Service Discount.

  1. General Provisions
  1. Updates to Guidelines.

FL3XX may update these Guidelines from time to time but any update shall not have a material adverse effect on the Customer.

  1. Maintenance.
  1. Planned Maintenance

To ensure optimal performance of the Services, FL3XX performs periodic Maintenance. In most cases, Maintenance will have limited or no impact on the availability and functionality of the Services.  FL3XX will make all reasonable attempts to schedule maintenance events that are expected to have an impact on the Services at the time of lowest impact.  If FL3XX expects planned Maintenance to negatively affect the availability or functionality of the Services, FL3XX will use commercially reasonable efforts to provide at least four days advance notice of the Maintenance to concerned users.

  1. Unscheduled Maintenance

FL3XX may perform emergency unscheduled Maintenance at any time. If FL3XX expects such emergency unscheduled Maintenance to negatively affect the availability or functionality of the Services, FL3XX will use commercially reasonable efforts to provide advance notice of such Maintenance.

  1. Language.

The parties agree that all support provided by FL3XX to the Customer pursuant to these Guidelines will be provided in the English language.

  1. Term of Support.

FL3XX will only provide the support services described in these Guidelines during the term of the Agreement and will have no obligation to provide any support services to Customer after the expiration or termination of such Agreement.

  1. Standard Support

The Customer will receive the Support level requested, including the following:

  • Automatic product upgrades of the Services
  • Maintenance updates of the Services
  • Online self help
  • Access to support service team according to “Accessing Support” above.

Support is included as applicable with all Services.

  1. SLA Exclusions.

The FL3XX SLA does not apply to any services that expressly exclude this SLA (as stated in the documentation for such services) or any performance issues: (i) caused by factors described in the "Force Majeure" section of the Agreement; or (ii) that resulted from Customer's equipment or third party equipment, or both (not within the primary control of FL3XX).

Data Protection Addendum

GDPR Data Protection Addendum for FL3XX Online Services for Business

This Data Protection Addendum ("Addendum") forms part of the FL3XX Agreement ("Principal Agreement") between: (i) FL3XX GmbH ("FL3XX") acting on its own behalf and as agent for each FL3XX Affiliate; and (ii) the FL3XX Customer as defined in the Principal Agreement ("Company") acting on its own behalf and as agent for each Company Affiliate.

 The terms used in this Addendum shall have the meanings set forth in this Addendum. Capitalized terms not otherwise defined herein shall have the meaning given to them in the Principal Agreement.  Except as modified below, the terms of the Principal Agreement shall remain in full force and effect.   

In consideration of the mutual obligations set out herein, the parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Principal Agreement. Except where the context requires otherwise, references in this Addendum to the Principal Agreement are to the Principal Agreement as amended by, and including, this Addendum.

  1. Definitions
    1. In this Addendum, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly:
      1. "Applicable Laws" means (a) European Union or Member State laws with respect to any Company Personal Data in respect of which any Company Group Member is subject to EU Data Protection Laws; and (b) any other applicable law with respect to any Company Personal Data in respect of which any Company Group Member is subject to any other Data Protection Laws;
      2. "Company Affiliate" means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Company, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;
      3. "Company Group Member" means Company or any Company Affiliate;
      4. "Company Personal Data" means any Personal Data Processed by a Contracted Processor on behalf of a Company Group Member pursuant to or in connection with the Principal Agreement;
      5. "Contracted Processor" means FL3XX or a Subprocessor;
      6. "Data Protection Laws" means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
      7. "EEA" means the European Economic Area;
      8. "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
      9. "GDPR" means EU General Data Protection Regulation 2016/679;
      10. "Restricted Transfer" means:
        1. a transfer of Company Personal Data from any Company Group Member to a Contracted Processor; or
        2. an onward transfer of Company Personal Data from a Contracted Processor to a Contracted Processor, or between two establishments of a Contracted Processor,

in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws) in the absence of the Standard Contractual Clauses to be established under section [6.4.3 or] 12 below;

      1. "Services" means the services and other activities to be supplied to or carried out by or on behalf of FL3XX for Company Group Members pursuant to the Principal Agreement;
      2. "Standard Contractual Clauses" means the contractual clauses set out in Annex 2, amended as indicated in that Annex and under section 13.4;
      3. "Subprocessor" means any person (including any third party and any FL3XX Affiliate, but excluding an employee of FL3XX or any of its sub-contractors) appointed by or on behalf of FL3XX or any FL3XX Affiliate to Process Personal Data on behalf of any Company Group Member in connection with the Principal Agreement; and
      4. "FL3XX Affiliate" means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with FL3XX, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.
    1. The terms, "Commission", "Controller", "Data Subject", "Member State", "Personal Data", "Personal Data Breach", "Processing" and "Supervisory Authority" shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.
    2. The word "include" shall be construed to mean include without limitation, and cognate terms shall be construed accordingly.
  1. Authority

FL3XX warrants and represents that, before any FL3XX Affiliate Processes any Company Personal Data on behalf of any Company Group Member, FL3XX's entry into this Addendum as agent for and on behalf of that FL3XX Affiliate will have been duly and effectively authorised (or subsequently ratified) by that FL3XX Affiliate.

  1. Processing of Company Personal Data
    1. FL3XX and each FL3XX Affiliate shall:
      1. comply with all applicable Data Protection Laws in the Processing of Company Personal Data; and
      2. not Process Company Personal Data other than on the relevant Company Group Member’s documented instructions unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case FL3XX or the relevant FL3XX Affiliate shall to the extent permitted by Applicable Laws inform the relevant Company Group Member of that legal requirement before the relevant Processing of that Personal Data.
    2. Each Company Group Member:
      1. instructs FL3XX and each FL3XX Affiliate (and authorises FL3XX and each FL3XX Affiliate to instruct each Subprocessor) to:

Process Company Personal Data; and in particular, transfer Company Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with the Principal Agreement; and

      1. warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in section 3.2.1 on behalf of each relevant Company Affiliate.
    1. Annex 1 to this Addendum sets out certain information regarding the Contracted Processors' Processing of the Company Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Company may make reasonable amendments to Annex 1 by written notice to FL3XX from time to time as Company reasonably considers necessary to meet those requirements. Nothing in Annex 1 (including as amended pursuant to this section 3.3) confers any right or imposes any obligation on any party to this Addendum.
  1. FL3XX and FL3XX Affiliate Personnel

FL3XX and each FL3XX Affiliate shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual's duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

  1. Security
    1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, FL3XX and each FL3XX Affiliate shall in relation to the Company Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
    2. In assessing the appropriate level of security, FL3XX and each FL3XX Affiliate shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.
  2. Subprocessing
    1. Each Company Group Member authorises FL3XX and each FL3XX Affiliate to appoint (and permit each Subprocessor appointed in accordance with this section 6 to appoint) Subprocessors in accordance with this section 6 and any restrictions in the Principal Agreement.
    2. FL3XX and each FL3XX Affiliate may continue to use those Subprocessors already engaged by FL3XX or any FL3XX Affiliate as at the date of this Addendum, subject to FL3XX and each FL3XX Affiliate in each case as soon as practicable meeting the obligations set out in section 6.4.   
    3. FL3XX shall give Company prior written notice of the appointment of any new Subprocessor, including full details of the Processing to be undertaken by the Subprocessor. If, within 15 days of receipt of that notice, Company notifies FL3XX in writing of any objections (on reasonable grounds) to the proposed appointment: Neither FL3XX nor any FL3XX Affiliate shall appoint (nor disclose any Company Personal Data to) the proposed Subprocessor except with the prior written consent of Company.
    4. With respect to each Subprocessor, FL3XX or the relevant FL3XX Affiliate shall:
      1. before the Subprocessor first Processes Company Personal Data (or, where relevant, in accordance with section 6.2), carry out adequate due diligence to ensure that the Subprocessor is capable of providing the level of protection for Company Personal Data required by the Principal Agreement;
      2. ensure that the arrangement between on the one hand (a) FL3XX, or (b) the relevant FL3XX Affiliate, or (c) the relevant intermediate Subprocessor; and on the other hand the Subprocessor, is governed by a written contract including terms which offer at least the same level of protection for Company Personal Data as those set out in this Addendum and meet the requirements of article 28(3) of the GDPR;
      3. if that arrangement involves a Restricted Transfer, ensure that the Standard Contractual Clauses are at all relevant times incorporated into the agreement between on the one hand (a) FL3XX, or (b) the relevant FL3XX Affiliate, or (c) the relevant intermediate Subprocessor; and on the other hand the Subprocessor, or before the Subprocessor first Processes Company Personal Data procure that it enters into an agreement incorporating the Standard Contractual Clauses with the relevant Company Group Member(s) (and Company shall procure that each Company Affiliate party to any such Standard Contractual Clauses co-operates with their population and execution); and
      4. provide to Company for review such copies of the Contracted Processors' agreements with Subprocessors (which may be redacted to remove confidential commercial information not relevant to the requirements of this Addendum) as Company may request from time to time.
    5. FL3XX and each FL3XX Affiliate shall ensure that each Subprocessor performs the obligations under sections 3.1, 4, 5, 7.1, 8.2, 9 and 11.1, as they apply to Processing of Company Personal Data carried out by that Subprocessor, as if it were party to this Addendum in place of FL3XX.
  3. Data Subject Rights
    1. Taking into account the nature of the Processing, FL3XX and each FL3XX Affiliate shall assist each Company Group Member by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Company Group Members' obligations, as reasonably understood by Company, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
    2. FL3XX shall:
      1. promptly notify Company if any Contracted Processor receives a request from a Data Subject under any Data Protection Law in respect of Company Personal Data; and
      2. ensure that the Contracted Processor does not respond to that request except on the documented instructions of Company or the relevant Company Affiliate or as required by Applicable Laws to which the Contracted Processor is subject, in which case FL3XX shall to the extent permitted by Applicable Laws inform Company of that legal requirement before the Contracted Processor responds to the request.
  4. Personal Data Breach
    1. FL3XX shall notify Company without undue delay upon FL3XX or any Subprocessor becoming aware of a Personal Data Breach affecting Company Personal Data,  providing Company with sufficient information to allow each Company Group Member to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
    2. FL3XX shall co-operate with Company and each Company Group Member and take such reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
  5. Data Protection Impact Assessment and Prior Consultation
    1. FL3XX and each FL3XX Affiliate shall provide reasonable assistance to each Company Group Member with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required of any Company Group Member by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.
    2. FL3XX shall make available to Company on request, the name and contact details of the FL3XX data protection officer or other relevant contact from whom more information may be obtained.
  6. Deletion or return of Company Personal Data
    1. Subject to sections 10.2 and 10.3 FL3XX and each FL3XX Affiliate shall promptly and in any event within 90 days of the date of cessation of any Services involving the Processing of Company Personal Data (the "Cessation Date"), delete and procure the deletion of all copies of those Company Personal Data.
    2. Subject to section 10.3, Company may in its absolute discretion by written notice to FL3XX within 10 days of the Cessation Date require FL3XX and each FL3XX Affiliate to (a) return a complete copy of all Company Personal Data to Company by secure file transfer in such format as is reasonably notified by Company to FL3XX; and (b) delete and procure the deletion of all other copies of Company Personal Data Processed by any Contracted Processor, all of which at Company expense. FL3XX and each FL3XX Affiliate shall comply with any such written request within 10 days of the written notice by Company.
    3. Each Contracted Processor may retain Company Personal Data to the extent required by Applicable Laws and only to the extent and for such period as required by Applicable Laws and always provided that FL3XX and each FL3XX Affiliate shall ensure the confidentiality of all such Company Personal Data and shall ensure that such Company Personal Data is only Processed as necessary for the purpose(s) specified in the Applicable Laws requiring its storage and for no other purpose.
    4. FL3XX shall provide written certification to Company that it and each FL3XX Affiliate has fully complied with this section 10 within 10 days of the Cessation Date.
  7. Audit rights
    1. FL3XX and each FL3XX Affiliate shall make available to each Company Group Member on request, any personal data processed that is not directly accessible by Company via the standard user interfaces.
    2. FL3XX and each FL3XX Affiliate shall make available to each Company Group Member on request, all information necessary to demonstrate compliance with this Addendum, and shall allow for and contribute to audits, including inspections, by any Company Group Member or an auditor mandated by any Company Group Member in relation to the Processing of the Company Personal Data by the Contracted Processors.
    3. Company or the relevant Company Affiliate undertaking an audit shall give FL3XX or the relevant FL3XX Affiliate reasonable notice of any audit or inspection to be conducted under section 11.1 and shall make (and ensure that each of its mandated auditors makes) reasonable endeavours to avoid causing (or, if it cannot avoid, to minimise) any damage, injury or disruption to the Contracted Processors' premises, equipment, personnel and business while its personnel are on those premises in the course of such an audit or inspection. A Contracted Processor need not give access to its premises for the purposes of such an audit or inspection:
      1. to any individual unless he or she produces reasonable evidence of identity and authority;
      2. outside normal business hours at those premises, unless the audit or inspection needs to be conducted on an emergency basis and Company or the relevant Company Affiilate undertaking an audit has given notice to FL3XX or the relevant FL3XX Affiliate that this is the case before attendance outside those hours begins; or
      3. for the purposes of more than [one] audit or inspection, in respect of each Contracted Processor, in any [calendar year], except for any additional audits or inspections which:
        1. Company or the relevant Company Affiliate undertaking an audit reasonably considers necessary because of genuine concerns as to FL3XX's or the relevant FL3XX Affiliate’s compliance with this Addendum; or
        2. A Company Group Member is required or requested to carry out by Data Protection Law, a Supervisory Authority or any similar regulatory authority responsible for the enforcement of Data Protection Laws in any country or territory,

where Company or the relevant Company Affiliate undertaking an audit has identified its concerns or the relevant requirement or request in its notice to FL3XX or the relevant FL3XX Affiliate of the audit or inspection.

  1. Restricted Transfers
    1. Subject to section 12.3, each Company Group Member (as "data exporter") and each Contracted Processor, as appropriate, (as "data importer") hereby enter into the Standard Contractual Clauses in respect of any Restricted Transfer from that Company Group Member to that Contracted Processor.
    2. The Standard Contractual Clauses shall come into effect under section 12.1 on the later of:
      1. the data exporter becoming a party to them;
      2. the data importer becoming a party to them; and
      3. commencement of the relevant Restricted Transfer.
    3. Section 12.1 shall not apply to a Restricted Transfer unless its effect, together with other reasonably practicable compliance steps (which, for the avoidance of doubt, do not include obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to take place without breach of applicable Data Protection Law.
  2. General Terms

Governing law and jurisdiction

    1. Without prejudice to clauses 7 (Mediation and Jurisdiction) and 9 (Governing Law) of the Standard Contractual Clauses:
      1. the parties to this Addendum hereby submit to the choice of jurisdiction stipulated in the Principal Agreement with respect to any disputes or claims howsoever arising under this Addendum, including disputes regarding its existence, validity or termination or the consequences of its nullity; and
      2. this Addendum and all non-contractual or other obligations arising out of or in connection with it are governed by the laws of the country or territory stipulated for this purpose in the Principal Agreement.

Order of precedence

    1. Nothing in this Addendum reduces FL3XX's or any FL3XX Affiliate’s obligations under the Principal Agreement in relation to the protection of Personal Data or permits FL3XX or any FL3XX Affiliate to Process (or permit the Processing of) Personal Data in a manner which is prohibited by the Principal Agreement. In the event of any conflict or inconsistency between this Addendum and the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.
    2. Subject to section 13.2, with regard to the subject matter of this Addendum, in the event of inconsistencies between the provisions of this Addendum and any other agreements between the parties, including the Principal Agreement and including (except where explicitly agreed otherwise in writing, signed on behalf of the parties) agreements entered into or purported to be entered into after the date of this Addendum, the provisions of this Addendum shall prevail.

Changes in Data Protection Laws, etc.

    1. Company may:
      1. by at least 30 (thirty) calendar days written notice to FL3XX from time to time make any variations to the Standard Contractual Clauses (including any Standard Contractual Clauses entered into under section 12.1), as they apply to Restricted Transfers which are subject to a particular Data Protection Law, which are required, as a result of any change in, or decision of a competent authority under, that Data Protection Law, to allow those Restricted Transfers to be made (or continue to be made) without breach of that Data Protection Law; and
      2. propose any other variations to this Addendum which Company reasonably considers to be necessary to address the requirements of any Data Protection Law.
    2. If Company gives notice under section 13.4.1:
      1. FL3XX and each FL3XX Affiliate shall promptly co-operate (and ensure that any affected Subprocessors promptly co-operate) to ensure that equivalent variations are made to any agreement put in place under section 6.4.3; and
      2. Company shall not unreasonably withhold or delay agreement to any consequential variations to this Addendum proposed by FL3XX to protect the Contracted Processors against additional risks associated with the variations made under section 13.4.1 and/or 13.5.1.
    3. If Company gives notice under section 13.4.2, the parties shall promptly discuss the proposed variations and negotiate in good faith with a view to agreeing and implementing those or alternative variations designed to address the requirements identified in Company's notice as soon as is reasonably practicable.
    4. Neither Company nor FL3XX shall require the consent or approval of any Company Affiliate or FL3XX Affiliate to amend this Addendum pursuant to this section 13.5 or otherwise.

Severance

    1. Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.

ANNEX 1: DETAILS OF PROCESSING OF COMPANY PERSONAL DATA

This Annex 1 includes certain details of the Processing of Company Personal Data as required by Article 28(3) GDPR.

The subject matter and duration of the Processing of the Company Personal Data are set out in the Principal Agreement and this Addendum.  The purpose of the processing of Company personal data is to provide Company with services to support it’s operations.  Types of Company personal data include:

  • Personal details relating to the management of travel bookings and flights, and the preparation of documents for execution of flights, relevant to Company’s customers, passengers, suppliers, employees
  • Personal documents relating to the management of bookings and flights, the preparation documents for the execution of flights, relevant to Company’s customers, passengers, suppliers, employees

Data exporter

The data exporter is: The Customer as defined in the Principal Agreement

Data importer

The data importer is: FL3XX GmbH.

Data subjects

The personal data transferred concern the following categories of data subjects: Company’s customers, passengers, suppliers, employees.

Categories of data

The personal data transferred concerns the following categories of data: Personal details and documents.

Processing operations

The personal data transferred will be subject to the following basic processing activities: Transfer over networks, processing for the execution of the Services as defined in the Principal Agreement.

ANNEx 2: Implementation details

This Annex 2 forms part of the Clauses.

FL3XX has implemented the following security measures to ensure the protection of personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation:

  • Training of all personnel who can be in contact with personal data
  • Encryption of all personal data in the relevant storage media
  • Encryption of all communication over networks where personal data is susceptible of being transmitted
  • Physical access security of all facilities where personal data is stored
  • Physical and logical security of all systems that can access personal data
Privacy

General

Collection, processing and use of personal data. Personal data are only collected if you disclose them to us (e.g., by registering for our newsletter). Otherwise, no personal data will be collected. Your personal data may be processed beyond the statutory authorization conditions only on the basis of your express authorization.

As part of the registration for our newsletter, you provide us with your email address and other optional information. We use these data solely for the purpose of sending you the newsletter. When you register for our newsletter, we store your data until you cancel your subscription to our newsletter. You can unsubscribe at any time via the link in the newsletter intended for this purpose, or by sending us the appropriate notification. By unsubscribing, you revoke the use of your email address.

Your personal data (e.g. title, name, house address, e-mail address, phone number, bank details, credit card number) are processed by us only in accordance with the provisions of European data privacy laws. The following provisions describe the type, scope and purpose of collecting, processing and utilizing personal data. This data privacy policy applies only to our web pages. If links on our pages route you to other pages, please inquire there about how your data are handled in such cases.

Inventory Data

  1. Your personal data, insofar as these are necessary for this contractual relationship (inventory data) in terms of its establishment, organization of content and modifications, are used exclusively for fulfilling the contract. For goods to be delivered, for instance, your name and address must be relayed to the supplier of the goods.
  2. Without your explicit consent or a legal basis, your personal data are not passed on to third parties outside the scope of fulfilling this contract. After completion of the contract, your data are blocked against further use. After expiry of deadlines as per tax-related and commercial regulations, these data are deleted unless you have expressly consented to their further use.

Web analysis with Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (Google). Google Analytics uses cookies, i.e. text files stored on your computer to enable analysis of website usage by you. Information generated by the cookie about your use of this website is usually transmitted to a Google server in the United States and stored there. In case of activated IP anonymization on this website, however, your IP address is previously truncated by Google within member states of the European Union or in other states which are party to the agreement on the European Economic Area. Only in exceptional cases is a full IP address transmitted to a Google server in the United States and truncated there. On behalf this website’s owner, Google will use this information to evaluate your use of the website, compile reports about website activities, and provide the website’s operator with further services related to website and Internet usage. The IP address sent from your browser as part of Google Analytics is not merged with other data by Google. You can prevent storage of cookies by appropriately setting your browser software; in this case, however, please note that you might not be able to fully use all functions offered by this website. In addition, you can prevent data generated by the cookie and relating to your use of the website (including your IP address) from being collected and processed by Google, by downloading and installing a browser plug-in from the following link: http://tools.google.com/dlpage/gaoptout?hl=en

This website uses Google Analytics with the extension “anonymizeIP()”, IP addresses being truncated before further processing in order to rule out direct associations to persons.

Google Adwords Conversion Tracking

This website uses Google AdWords Conversion Tracking, a web analysis service of Google, Inc. (“Google”). Google AdWords Conversion Tracking also uses “cookies,” which are stored on your computer and facilitate an analysis of how you use the website. The information generated by the cookie about your use of this website will be transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services related to website use and Internet use. Google will also transmit this information to third parties, where applicable, if this is required by law or to the extent third parties process this data on behalf of Google. Google will not link this data with other Google data under any circumstances. You can prevent the use of cookies in general if you disallow the storage of cookies on your browser.

Information about cookies

  1. o optimize our web presence, we use cookies. These are small text files stored in your computer’s main memory. These cookies are deleted after you close the browser. Other cookies remain on your computer (long-term cookies) and permit its recognition on your next visit. This allows us to improve your access to our site.
  2. You can prevent storage of cookies by choosing a “disable cookies” option in your browser settings. But this can limit the functionality of our Internet offers as a result.

Social plug-ins from Facebook

We use social plug-ins from facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The plug-ins can be recognized by way of the Facebook logo or the supplement “Facebook Social Plug-in”. For example, if you click on the “Like” button or leave a comment, the relevant information is transmitted directly from your browser to Facebook and stored there. Furthermore, Facebook makes your likes public for your Facebook friends. If you are logged into Facebook, it can assign the invocation of our page directly to your Facebook account. Even if you are not logged in or don’t have a Facebook account, your browser sends information (e.g. which web pages you have called up, your IP address) which is then stored by Facebook. For details about the handling of your personal data by Facebook and your related rights, please refer to the data privacy policy of Facebook: http://www.facebook.com/policy.php. If you do not want Facebook to map data collected about you via our Web sites to your Facebook account, you must log out of Facebook before you visit our web pages.

Social plug-ins from Twitter

With Twitter and its Retweet functions, we use social plug-ins from Twitter.com, operated by Twitter Inc. 795 Folsom St., Suite 600, San Francisco, CA 94107. If you use Retweet, the websites visited by you are announced to third parties and associated with your Twitter account. Details about the handling of your data by Twitter as well as your rights and setting options for protecting your personal information can be found in Twitter’s data privacy policy: http://twitter.com/privacy

Newsletter

Following subscription to the newsletter, your e-mail address is used for our own advertising purposes until you cancel the newsletter again. Cancellation is possible at any time. The following consent has been expressly granted by you separately, or possibly in the course of an ordering process: (you have been subscribed to a newsletter mailing list).
You may revoke your consent at any time with future effect. If you no longer want to receive the newsletter, then unsubscribe as follows: click the unsubscribe button.

Disclosure

According to the Federal Data Protection Act, you have a right to free-of-charge information about your stored data, and possibly entitlement to correction, blocking or deletion of such data. Inquiries can be directed to the following e-mail addresses: ([email protected])

Further Information and Contact

Please contact us if you have questions about this Data Privacy Policy. You can find the contact address here www.fl3xx.com/privacy. You can request if and which data we have stored about you, at any time. Furthermore, you can send us information, requests for deletion and corrections as well as suggestions by email ([email protected]) or letter.

Imprint

Legal Disclosure

FL3XX GmbH
Kolingasse 11
1090 Vienna

Represented by

Paolo Sommariva

Contact

E-Mail: [email protected] Web: www.fl3xx.com

Register Entry

Entry in Handelsregister
Register Number: FN 346531 f
Register Court: Handelsgericht Wien

Disclaimer

Accountability for content
The contents of our pages have been created with the utmost care. However, we cannot guarantee the contents’ accuracy, completeness or topicality. According to statutory provisions, we are furthermore responsible for our own content on these web pages. In this context, please note that we are accordingly not obliged to monitor merely the transmitted or saved information of third parties, or investigate circumstances pointing to illegal activity. Our obligations to remove or block the use of information under generally applicable laws remain unaffected by this as per §§ 8 to 10 of the Telemedia Act (TMG).

Accountability for links
Responsibility for the content of external links (to web pages of third parties) lies solely with the operators of the linked pages. No violations were evident to us at the time of linking. Should any legal infringement become known to us, we will remove the respective link immediately.

Copyright
Our web pages and their contents are subject to Austrian copyright law. Unless expressly permitted by law (§ 44a et seq. of the copyright law), every form of utilizing, reproducing or processing works subject to copyright protection on our web pages requires the prior consent of the respective owner of the rights. Individual reproductions of a work are allowed only for private use, so must not serve either directly or indirectly for earnings. Unauthorized utilization of copyrighted works is punishable (§ 106 of the copyright law).

Social plug-ins from Facebook

We use social plug-ins from facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The plug-ins can be recognized by way of the Facebook logo or the supplement “Facebook Social Plug-in”. For example, if you click on the “Like” button or leave a comment, the relevant information is transmitted directly from your browser to Facebook and stored there. Furthermore, Facebook makes your likes public for your Facebook friends. If you are logged into Facebook, it can assign the invocation of our page directly to your Facebook account. Even if you are not logged in or don’t have a Facebook account, your browser sends information (e.g. which web pages you have called up, your IP address) which is then stored by Facebook. For details about handling of your personal data by Facebook and your related rights, please refer to the data privacy policy of Facebook: http://www.facebook.com/policy.php. If you do not want Facebook to map data collected about you via our Web sites to your Facebook account, you must log out of Facebook before you visit our web pages.

Any other questions?

Welcome to FL3XX

One aviation management platform for your sales, dispatch, crew, maintenance and reports.

Contact

FL3XX Headquarters
Kolingasse 11
1090, Vienna
Austria

Let's get in touch