Data Privacy Statement

Data protection is of the utmost importance to the management of the KONTENT GmbH company. Entirely anonymous use of the KONTENT GmbH website is possible. The use of special services by a data subject via the website maintained by the KONTENT GmbH company may imply the processing of personal data. If the processing of personal data is required and there is no legal justification for such processing, the KONTENT GmbH company generally seeks the consent of the person concerned.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, shall be in line with the provisions of General Data Protection Regulation and in accordance with the country-specific data protection provisions applicable at KONTENT GmbH. Therefore, the KONTENT GmbH company would like to inform you of this data privacy policy, in particular about the type, scope and purpose of the collation, processing and use of the personal data required for the rendering of services. In addition, data subjects will also be informed of their rights granted to them under this privacy policy.

The KONTENT GmbH company, as a data controller, has implemented numerous technical and organisational measures to ensure protection as much as possible, applicable to any and all personal data processed via this website. Nevertheless, Internet-based data transmissions may have, in principle, security vulnerability so absolute protection cannot, however, be guaranteed in the present state of technology. For this reason, every person concerned is free to provide us with personal data via alternative ways, for instance, on the phone, or by fax.

1. Definitions according to the General Data Protection Regulation (GDPR) Art. 4
Personal data: “Personal information" or "personal data" is defined as any information which refers to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more special features specific to the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.

Data processing: The processing of personal data is any operation or set of operations which is performed upon personal data, whether or not by automated means, such as collecting, capturing, organising, arranging, storing, adapting or modifying, reading out, querying, using, disclosing through submission, disseminating, or any other form of provision, combination, or reconciling the data, restriction, cancellation or destruction. Limited processing of personal data: This refers to the marking of stored personal data with the aim of limiting their future processing.

Profiling: Any type of automated processing of personal data that consists of use of such personal data in order to evaluate specific personal aspect that relate to a natural person, in particular analysing aspects relating to her/his work performance, economic situation, health status, personal preferences, interests, reliability, behaviour, location or change of location is called profiling.

Pseudonymisation: Pseudonymisation consists of the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is separately kept and constitute subject to technical and organisational measures aimed to ensure such personal data are not assigned to an identified or identifiable natural person.

Data controller : The data controller is a natural or legal person, a public authority, an agency or other entity that, alone or together with others, decides on the purposes and means of the processing of such personal data. When they are determined by the European Union law or the law of the Member States, the data controller or the specific criteria for its appointment may be provided for under European Union law or national law.

Beneficiary: Any natural or legal person, public authority, agency or other entity to whom data are disclosed, whether a third party or not. However, authorities that may receive personal data under European Union law or national law in connection with a particular mission are not considered to be data beneficiaries. The processing of these data by the said authorities shall take place in full compliance with data protection provisions in force, serving the purposes of data processing. Third party: This may be a natural or legal person, a public authority, an agency or other entity other than the data subject, the data controller, the data processor and the persons authorised under the direct responsibility of the data controller or the data processor concerning the processing of personal data.

Consent of the data subject: This is an expression of will voluntarily given by the data subject for a particular case, in an informed and unambiguous manner, in the form of a statement or other unambiguous confirmatory act, that indicates the agreement expressed by the data subject to the processing of her/his personal data.
2. The responsible body
The entity responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection regulations is the following entity:
  • KONTENT GmbH
  • legally represented by Mr Ulrich Klinkhammer
  • Winkelhauser Str. 63
  • 47228 Duisburg
  • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Phone:+49 203 3094 340
  • Telefax:+49 203 3094 310

Further details of the responsible body can be found in the legal imprint published on the website.
3. Data Protection Officer
The data protection officer appointed by the responsible body is:
  • Mr Joachim Schumann
  • Winkelhauser Str. 63
  • 47228 Duisburg
  • Phone:+49 203 3094 340
  • Telefax:+49 203 3094 310
  • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
4. Protection of data transport through strong encryption (TLS/SSL)
To best protect your data during transport, KONTENT GmbH uses a SSL/TLS encryption. The encrypted connections can be recognised by the prefix "https://" in the URL address bar of the browser.
All data that is transmitted to the website - such as inquiries or logins - are encrypted with SSL/TLS encoding techniques.
5. Processing of personal data in connection with the use of the website
If the data subject accesses the KONTENT GmbH website without registering or without providing KONTENT GmbH with other information ("informational use"), only the personal data that the web browser transmits to the servers of KONTENT GmbH will be collected. If the website is only viewed, only data that is technically necessary to enable the display of the website and to ensure its stability and security will be collected:
  • IP address
  • Date and time of the request
  • Time zone difference to GMT
  • URL (the visited page)
  • Referrer URL (the previously visited page)
  • Access status (HTTP status)
  • Total transferred amount of data
  • Web browser
  • Operating system
  • Language and version of the browser

The data mentioned above are stored in so-called log files, on the servers of KONTENT GmbH. We do not store this data with personal data or with any other data. The collection and temporary storage of the IP address take place for as long as necessary to enable the display of the website on the customer's terminal. The purpose of storage in log files is made only to ensure the functionality and optimisation of the website as well as to ensure the security of the information technology systems pertaining to KONTENT GmbH. An evaluation of this data for marketing purposes does not take place. In all of the above purposes, there is a legitimate interest in data processing.
6. Further functions and offers of the KONTENT GmbH website
In addition to the above-described informative use of our website, KONTENT GmbH offers various additional services for which use a contract must be concluded. To enable use of the contractual services in addition to their informational use (5), further personal data are collected.
  • Name and First name
  • If necessary, company name and legal entity form
  • Address
  • Email address
  • Telephone and, if case, the fax number
  • Birth data
  • Gender
  • If necessary, bank data
  • Time and date of the order
These data are required to provide the relevant service. The applicable data processing principles apply.
In part, KONTENT GmbH relies on carefully selected external service providers who have been commissioned to such data processing. These service providers are bound by the instructions issued by KONTENT GmbH and are regularly inspected. If personal data is passed on to third parties in the course of services offered via the website, further information can be found in the following specifications (12). The purpose of the data processing is the fulfilment of a contract of the KONTENT GmbH with the data subjects, or the implementation of appropriate pre-contractual measures. In all of the above purposes, there is a legitimate interest in data processing.
7. Subscription to Newsletters
The website makes it possible to a data subject to subscribe to a free newsletter, which will inform about current offers and interesting topics. When registering for the newsletter, the data entered in the input mask will be transmitted to the KONTENT GmbH company. To register for the sending of a newsletter, additional personal data must be provided in addition to the simple informational use (5):
  • Email address
  • Salutation
  • First name
  • Name
If further personal data are given at the time of registration, the information is considered as voluntary given. These data are used exclusively for the sending of newsletters, and no disclosure of private data to third parties occurs. When registering for a newsletter, we use the so-called "Double-Opt-In Procedure". After registration, an e-mail will be sent to the specified e-mail address requesting confirmation to send the newsletter to you in the future. If the application is not confirmed, the specified data will be blocked and automatically deleted after one month. The data entered during registration will be processed for the purpose of being able to address to its subscribers personally. After confirmation, the e-mail addresses will be saved in order to send the newsletter to its subscribers. The respective IP address and the time of the registration, as well as the confirmation, will be stored in order to prove the registration and if necessary to clarify a possible misuse of the personal data. The above data will be deleted as soon as they are no longer necessary for the above-mentioned purposes. The above data will, therefore, be stored as long as there are active subscribers to the newsletter. After cancellation of a newsletter subscription, the data mentioned above will be stored anonymously for purely statistically reasons. The consent to the sending of the newsletter can be revoked at any time by unsubscribing from the newsletter. This is done by clicking on the corresponding link in the e-mail. Alternatively, the newsletter can also be cancelled using the cancellation form provided on the website. It is stressed that user behaviour is evaluated when the newsletter is sent. The sent newsletter e-mails contain a so-called web beacon or a so-called tracking pixel. This is a one-pixel image file, which is stored on the website of KONTENT GmbH. These data are collected exclusively pseudonymised. This processing of the data serves the purpose of tailoring the newsletter to the individual interests of newsletter subscribers. The above evaluation of the user behaviour can be prevented if the display of images is deactivated by default in the e-mail program. KONTENT GmbH expressly points out that, in this case, the newsletter will not be displayed completely and as a result not all features of the newsletter may be fully used. If the display of the images is activated manually, the evaluation of user behaviour just referred to retakes place.
8. Contact by e-mail or via the website
If KONTENT GmbH is contacted by e-mail, the personal data transmitted by the data subject will be stored. Additionally, a contact form to reach the KONTENT GmbH representatives will be kept on the website. The data entered into the input mask are additionally collected and processed for a pure informational use (5).
  • Salutation
  • First name
  • Name
  • Email address
  • Telefon

Supplementary, the IP address and the time of sending the e-mail are recorded when contacting us by e-mail. A transfer of the data to third parties does not take place. The purpose of the above personal data processing is solely to process the received requests. The processing of personal data resulting from the use of the contact form provided on the website serves to prevent misuse and to ensure the security of the information technology systems of KONTENT GmbH.
This is also our legitimate interest in the processing of personal data. The additional personal data collected by using the contact form or contacting by e-mail will be deleted once the purpose of the storage has been achieved.
9. Comments and posts in the blog of the website
If a data subject leaves comments or other written contributions on the website, the processing and storage of its IP address(es) is based on our legitimate interests within the meaning of Art. 6 para. 1f. General Data Protection Regulation. The purpose of the storage is to provide security if someone leaves behind illegal content inside comments and posts made (insults, prohibited political propaganda, etc.). In this case, the KONTENT GmbH company in itself could be prosecuted for the comment or contribution and is therefore interested in the adequate identification of the author.
10. Processing of personal data by cookies
KONTENT GmbH uses cookies on its website. Cookies are small text files placed by the server on user's computer and by which KONTENT GmbH, as the body that sets the cookie, can store certain information. Cookies can not execute programs or transmit viruses to the device. The website of KONTENT GmbH uses the following types of cookies whose scope and functionality are explained below. Cookies that are saved to the web browser:
Persistent cookies: These cookies are automatically deleted after a specified period, which may differ depending on the cookie type. These cookies can be deleted at any time using the settings of the user web browser.
Session Cookies: These cookies are automatically deleted after the session has ended. To use some functions of the KONTENT GmbH website, session cookies must be accepted by the calling browser.


The purpose of the processing of personal data by cookies is to make the website's offering more user-friendly, effective and secure. Some functions of the website cannot be offered without the use of these cookies. In particular, some functions require that the web browser can still be identified when moving from one page to another. The cookies required to provide the functionality of the website are not used to create user profiles. When used for analytical purposes, cookies serve to improve the quality and user-friendliness of the website. They make it possible to understand which functions of the website are used and how often. In the above purposes, there is a legitimate interest in the respective data processing. The cookies are stored on the end device of the site visitors and transmitted by this to the servers of KONTENT GmbH. The processing of the data by cookies can be configured on the terminal by adjusting the settings of the web browser accordingly. By disabling cookies, parts of the websites may not display correctly or may not function optimally
11. Processing of personal data candidates submit in the applications received and to manage the application procedures
KONTENT GmbH collects and processes personal data of applicants for the purpose of processing the application:
  • Salutation
  • First name
  • Name
  • Street and house number
  • ZIP code and location
  • Email address
  • Telephone / mobile number
  • digitalising applications
  • digitalising application documents
The processing is usually done electronically. This applies when the application documents are sent to KONTENT GmbH by electronic means, for example by e-mail or via a web form. If KONTENT GmbH concludes a contract of employment with an applicant, the transmitted data will be stored for the purpose of executing the employment relationship in compliance with the applicable legal provisions. If KONTENT GmbH does not conclude a contract of employment with the applicant, the application documents will be deleted two months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests on behalf of the KONTENT GmbH company. Such legitimate interest in this sense is, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).
12. Transfer of data to third parties
12.1 Carried out with the scope of contract fulfilment
KONTENT GmbH forwards the data of the persons concerned only for the purpose of fulfilling the contract, e.g. to domain registrars, to affiliates (e.g., Ascio Technologies, Inc.), or to various contracting entities (e.g., DENIC e.G., Verisign Inc., EuRid). These data are stored by these bodies and are generally made publicly available through whois services (e.g., www.denic.de/en/whois, registrar.verisign-grs.com/whois, www.whois.eu, etc.).

In the event of disagreements between the contractual partners (for example, in the event of bad debts or in the case of misuse), where no mutually agreed resolutions could be reached, the related data may be forwarded to third parties.
12.2 Carried out with the scope of prosecution
Under current law, KONTENT will surrender information to law enforcement agencies and courts at their request for the purpose of criminal prosecution.
12.3 Carried out with the scope of using the PayPal payment method
KONTENT GmbH has integrated PayPal components on its website. PayPal is an online payment service provider. Payments are made through so-called PayPal accounts, which are virtual accounts, of private or business type. Moreover, PayPal may process virtual payments through credit cards if a user does not have a PayPal account. A PayPal account is managed via an email address, which is why there is no classic account number. PayPal makes it possible to initiate online payments to or to receive payments from third parties. PayPal also takes on trustee functions and offers buyer protection services.
The European operating company of PayPal is PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg.
If "PayPal" is selected as a payment option during the ordering process, data of the respective data subject will be automatically transmitted to PayPal. By choosing PayPal as a payment option, the data subject agrees to the transmission of personal data required for such payment processing.
The personal data transmitted to PayPal are usually: the first name, the last name, the address, the email address, the IP address, the telephone number, the mobile phone number or other data specifically required to be able to carry out the payment processing effectively. Personal data, which are in connection with the respective order, are also necessary for the execution of the purchase contract.
The purpose of data transmission is grounded on our payment processing and fraud prevention needs. KONTENT GmbH will transfer personal data to PayPal, in particular if there is a legitimate interest in such transmission. The personal data exchanged between PayPal and KONTENT GmbH may be transmitted by PayPal also to credit reporting agencies. The purpose of this transmission aims is the carrying out of identity and credit check. PayPal may disclose personal information to affiliates and service providers or subcontractors, to the extent necessary to fulfil the contractual obligations or to process the data on behalf of the Customer.
It is possible to revoke the consent awarded to PayPal within the scope of handling personal data. A cancellation has no effect on personal data that must be processed, used or transmitted for (contractual) payment processing.
The privacy policy of PayPal is available at https://www.paypal.com/webapps/mpp/ua/privacy-full.
12.4 Use of the Sofort payment method (formerly known as Sofortüberweisung)
The KONTENT GmbH company has integrated components from the "Sofort" payment platform on their website. "Sofort" is a payment service platform that enables cashless payment for products and services bought over the Internet. "Sofort" represents a technical procedure by which the online retailer immediately receives proof of payment. This will enable a merchant to deliver or unlock goods, services, or to offer immediate downloads after placing an order with a customer.
The operating company of "Sofort" is the SOFORT GmbH, Fußbergstraße 1, 82131 Gauting, Germany. If KONTENT GmbH chooses "Sofort" as a payment option during the ordering process, data is automatically transferred to "Sofort" operating company. When this payment option is chosen, the person concerned agrees to transmission of personal data required for payment processing.
When purchasing via "Sofort" the buyer transmits the PIN and the TAN to the "Sofort" GmbH company. After a technical check of the account balance and the retrieval of further data to check the account funds, "Sofort" transfers the money to the online merchant. The execution of the financial transaction is then communicated to the online retailer automatically. The personal information exchanged with "Sofort" consists of the first name, the last name, the address, the email address, the IP address, the telephone number, the mobile phone number and/or other data deemed as necessary for the payment processing. The purpose of data transmission is grounded on our payment processing and fraud prevention needs. The KONTENT GmbH company will forward other personal data to "Sofort" payment platform if there is a legitimate interest in the transmission. The personal data exchange occurred between "Sofort" and KONTENT GmbH may be further forwarded by "Sofort" to credit reporting agencies. The purpose of this transmission aims is the carrying out of identity and credit check. "Sofort" may disclose personal information to affiliates and service providers or to subcontractors, to the extent they are necessary to fulfil the contractual obligations or to process transmitted data further.
It is possible to revoke the consent given to "Sofort" platform for the handling of personal data, at any time. A cancellation has no effect on personal data that must be processed, used or transmitted for (contractual) payment processing.
13. Routine deletion and blocking of personal data
KONTENT GmbH company processes and stores personal data of the data subject only for the period required to achieve the purpose of storage or if this was defined by European Directives and Regulations, or other laws and regulations. If the purpose of the storage is omitted or at the expiry of the retention periods, the personal data will be routinely blocked or deleted in accordance with the applicable legal provisions.
14. The rights of the data subject
The data subject is entitled to the following rights concerning its personal data, against KONTENT GmbH company:
  • the right of access to data concerning him or her;
  • the right to rectification and erasure of data concerning him or her;
  • the right to restriction of processing of data concerning him or her;
  • the right to object to the processing of data concerning him or her;
  • the right to data portability;

The data subject also has the right to complain to a data protection supervisory authority about the processing of personal data concerning him or her.
15. Legal basis of processing
Insofar as KONTENT GmbH obtains consent for purposes of processing personal data, the provisions set forth in Art. 6 (1a) of the EU General Data Protection Regulation (GDPR) serve as a legal basis for the processing of personal data.
When processing the personal data is required to fulfil a contract, the provisions set forth in Art. 6 (1) (b) of the EU General Data Protection Regulation (GDPR) serve as the legal basis. This also applies to data processing operations deemed as necessary for the implementation of pre-contractual measures. Insofar as the processing of personal data is required to fulfil a legal obligation to which KONTENT GmbH is subject, the provisions set forth in Art. 6 (1) (c) of the EU General Data Protection Regulation (GDPR) serve as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, the provisions set forth in Art. 6 (1) (d) of the EU General Data Protection Regulation (GDPR) serve as the legal basis. Whereby the processing is necessary for the protection of a legitimate interest of the KONTENT GmbH company or a third party and they outweigh the interests, fundamental rights and fundamental freedoms of the data subject, the provisions set forth in Art. 6 (1) (f) of the EU General Data Protection Regulation (GDPR) serve as the legal basis.
16. Storage duration applicable to personal data
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage ceases to apply. Moreover, personal data may continue to be stored if the European or national legislator stipulated this in EU Regulations, laws or other national regulations to which the controller is subject. A blocking or deletion of data takes place even if a storage period prescribed by the mentioned standards expire, unless there is a need for further storage of the data for a contract conclusion or a contract fulfilment.
17. Legitimate interests in the processing of personal data reasonable to be used either by the data controller or by any other third party
The legitimate interest in the processing of personal data exists because the data subject is a customer of the responsible contracting party (the KONTENT GmbH) or uses their services. For the fulfilment of its tasks, KONTENT GmbH has to process personal data.
18. Legal or contractual provisions for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject to provide the personal data; possible consequences of non-provision of services
In some cases, the provision of personal data is required by law (e.g. tax regulations) or arises from contractual arrangements (for example, filling of details regarding the contracting party (6) or a domain registration (12.1)). In order to conclude a contract, it is necessary for KONTENT GmbH to provide personal data that will subsequently be processed by KONTENT GmbH. The data subject must provide KONTENT GmbH with personal data if KONTENT GmbH concludes a contract with a data subject. Failure to provide personal data would mean that the contract could not be concluded.
19. Existence of an automated decision-making procedure
As a responsible company, KONTENT GmbH waives n automated decision-making procedure or profiling.
20. Change of the Data Privacy Policy
This Data Privacy Policy might change from time to time. If such a change restricts the rights of persons concerned, those affected will be duly notified by e-mail. In the case of substantial changes, explicit consent will be obtained. All modifications made to this privacy statement are immediately published. Older versions of the Data Privacy Policy are made available for future inspection via a hosted repository, as to ensure proper traceability and transparency.

Preamble

The KONTENT GmbH company, hereinafter referred to as KONTENT, is a commercial vendor of various internet-related services in the market of web hosting and domains. This is followed by the regulations that apply to any contractual relationship concluded with KONTENT. Thereupon follow those arrangements that are dependent on Customer-tailored services.

A. General Terms and Conditions Regarding All Services Provided
§1. Scope of application
§ 1.1.
KONTENT provides all services solely based on the General Terms and Conditions (GTC), as well as stated at the website "http://www.KONTENT.com", concerning specifications and any additional conditions relating to the service provision, explicitly advised to the Customer, however, dependent on the Customer-tailored services.
§ 1.2
The current GTC also apply to future business relationships concluded between the contracting parties, without the need for a renewed Contract.
§ 1.3
Individual agreements will have priority over these General Business Terms and Conditions. No General Terms and Conditions varying from, in conflict with or supplementary to these Terms and Conditions shall be part of the Contract, unless their validity has been expressly approved.
§ 1.4
KONTENT is entitled to change these Terms and Conditions with effect for the future. The agreement of a modification may be sought and is permissible only if obtained through a fiction declaration and the desired modification does not result in any discrimination against the Customer. Besides, changes in the case law, changes in the economic circumstances of the KONTENT or a change of law are always to be considered as good reasons for such a modification of Terms and Conditions. In this case, the Customer will be informed by e-mail about the desired modification. We hereby also clearly refer to the Customer's right to object within four weeks to any amendment of the General Terms and Conditions. If the Customer does not express any objection, then the contractual relationship will be continued with the changed General Terms and Conditions. In the case of an objection, the contract continues unchanged, but KONTENT is entitled to terminate the contract properly as per stipulations under § 3 of the GTC.
§2. Services / Changes and variations to the range of services we offer / Alteration in prices
§ 2.1
The service descriptions of the individual services offered can be found next to these General Terms and Conditions, at the website "http://www.KONTENT.com". For any of the whole range of services offered, the accessibility of the technical infrastructure provided by KONTENT is due up to the transfer point to the external network operators only when a yearly mean of 97% availability is warranted. The use of the services, however, requires the complete and adequate functionality of third-party networks and underlying technology. We clearly point out that KONTENT does not influenced them.
§ 2.2
KONTENT reserves the right to make amendments to the service and the underlying technical environment as long as it maintains the contractual scope of performance and the modifications are required and necessary to improve the service and/or to take into account of scientific and technological knowledge. There is no entitlement to any claim for further provision in case of free of charge services. KONTENT is entitled to discontinue the provision of these services without the Customer being entitled to a claim for damages, reduction or reimbursement.
§ 2.3
To the extent that third-party costs increase concerning the contractual services, KONTENT is entitled to pass such price increases to its Customer. The Customer will be notified by e-mail four weeks before they become effective. The Customer is advised of the possibility to terminate the contractual relationship within the same period without notice.
§3. Contract conclusion, duration and termination of the contract
§ 3.1
The Contract between KONTENT and the Customer is concluded it the KONTENT has confirmed the acceptance of the Customer's order. The Customer's request is determined by the Customer itself through the selection of the respective services on the www.KONTENT.com website. The specifications are an integral part of the respective Contract concluded between KONTENT and the Customer.
§ 3.2
Minors should never be allowed to use the services offered by KONTENT without the written permission from their legal guardians. This permission must be signed accordingly and sent to KONTENT. Transmission by e-mail shall be considered as not sufficient in this respect.
§ 3.3
For the contractual length of individual offers and services, that takes an integral part of the Contract, please inspect the service descriptions directly on the website. Each service duration shall be automatically extended by one more year, if the Contract is not terminated by one of the parties, in writing, four weeks before the end of the Contract duration. If the termination concerns only add-on services booked, this can be done directly via the website. The termination of a domain must be made in writing, by letter or fax. KONTENT confirms the Customer the receipt of notice of termination, by e-mail. The right of both Parties to extraordinary termination for a good cause remains unaffected. Paragraph 4 and 5 of these terms and conditions are expressly pointed out.
§ 3.4
If several domains and any add-on services and/or individual add-on services without a domain are the subject of the Contract, the Customer is free to limit the termination to individual domains and/or add-on services.
§ 3.5
The Customer is free to order additional domains and add-on services even after the domain has been already connected. The contract period of the add-on service acquired is adjusted to that of the associated domain. For multiple domains, however, different terms of validity are possible.
§ 3.6
At the end of the Contract period, the functionality of a domain, including the validity term for any add-on services and/or individual additional services shall be discontinued, unless different arrangements are provided for in the current valid form of the GTC.
§ 3.7
KONTENT is entitled to assert a right of retention to domains until satisfaction in full of all outstanding claims arising from the business relation.
§ 3.8
If the Customer did not complete the domain transfer to another provider or did not request from KONTENT the deletion of the domain until the agreed termination or until expiry of the Contract, KONTENT informs the responsible registry and/or the registrar for name domains that the domain is no longer maintained by KONTENT, beyond the current period, as mentioned. This may result in the domain being released by the responsible registry for re-registration. This does not justify any Customer's claim against the KONTENT or the respective registration authorities.
§ 3.9
The existing Contract between KONTENT and the Customer ends automatically with a completed provider change or with an order for the deletion of a domain, as long as the Contract contains no additional individual services. If the Customer transfers or deletes the domain to another provider before the end of the contract period, the agreed remuneration is nevertheless owed for the remaining contract period. The amounts paid will not be refunded.
§ 3.10
In the event that the Customer has not selected annual payments to KONTENT as currently payment option chosen and makes instead advance payments for a period of time chosen by the Customer, the following applies in case of premature termination of the Contract:
KONTENT reserves the right to grant the Customer a credit note on the amount of the customer's credit balance existing at the time of termination notice, which may be offset against any other KONTENT claims arising from other contractual relationships with the same Customer. If add-on services to a domain are terminated prematurely, KONTENT reserves the right to issue the Customer with a credit note on the Customer's current credit balance existing at the time of termination notice, which can be offset against other KONTENT claims arising from other contractual relationships with the same Customer. This does not apply if the Customer expressly objects to such an action.
§4. Obligations of the Customer
§ 4.1
The Customer is obliged to provide accurate and complete information within the scope of the application and to notify KONTENT without delay, of any changes that occurred during the term of the Contract. In any case, such notification must be made within two weeks of a request by KONTENT. KONTENT is entitled to demand proof by submitting a suitable document of legitimacy. KONTENT commits itself to the immediate destruction of the proof after verification of the address. If destruction is not possible due to the nature of the transmission via e-mail, KONTENT will protect the corresponding data from third-party access and internally prohibit further use.
§ 4.2
The Customer has the duty to inspect its e-mail address specified as contact method at least at every two weeks and to retrieve any e-mails sent by KONTENT as proper self-information about content of the messages sent by KONTENT, as this is the essential communication way of all necessary information that is needed for the execution of the contract
§ 4.3
The Customer expressly declares that the desired domain connection does not infringe the rights of any third party. These include, but are not limited to, rights arised from name and trademark law, trademark law, competition law, general personality rights and criminal law. It is the exclusive duty of the Customer to obtain information about the legal provisions, if necessary by obtaining a legal advice. KONTENT assumes no liability in this regard.
§ 4.4 In addition, with or under the services provided to the Customer by KONTENT, the Customer will not offer, provide, make available, use, store, distribute or make available any unlawful content on the Internet, forward or indicating them to third parties by links or in another manner. This includes the sending of any kind of unsolicited bulk email. The aforementioned prohibition according to § 4.4 sentence 1 refers in particular to the following:
  • Pornographic or youth-endangering information and communications within the meaning of § 184 StGB (Criminal Code) or in the sense of §§ 1, 6, 21 GjS (Law on the distribution of harmful information and communications). Contents which are subject to the Law on the distribution of harmful information and communications (GjS) or are obviously suitable for endangering children or juvenile by present an ongoing moral threat or a threat to their well-being, whereas the Customer must take precautions by means of appropriate technical or other precautions that hinder their use by underage persons.
  • Left-wing or right-wing extremist propaganda, in particular information or communications which incite to racial hate in the sense of §§ 86, 131 StGB, downplaying or glorifying violence or war, promoting terrorist organisations, calling for criminal offences and/or containing offensive or defamatory statements.
  • The unlawful publication or distribution of copyright-relevant material, as well as related serial numbers and dial-in data (Warez, Cracks, MP3s, etc.), as well as their availability for retrieval by third parties.

§ 4.5
The Customer is also obliged to the sustainable exploitation of its services. This includes avoiding making Internet-based offers in a manner that creates an excessive load on the server (CGI scripts, database queries, etc.) and require a high level of processing power/above average stress on memory or the like. In this case, KONTENT will ask the Customer to remedy the situation and set a reasonable deadline. The Customer must inform KONTENT at least 14 days in advance if he expects a significantly increased transfer volume regarding the services used (for example, after the publication of advertising for a website).
§ 4.6
The Customer will refrain from any impairment of the service by viruses, worms, Trojan horses or other defective programs and/or data and prevent any possible distribution in the highest possible manner. Also, he will not keep such data ready for retrieval
§ 4.7
If the Customer obtains knowledge of access data or passwords, these shall be kept secret. If the Customer passes on this information to third parties or is otherwise responsible for the use of the service by third parties, he is liable for the costs and damages incurred by KONTENT. The Customer undertakes to notify KONTENT without delay after becoming aware of the loss or use by unauthorised persons.
§ 4.8
The Customer is further obliged to notify JONTENT without delay of all known defects or damages.
§ 4.9
There are further obligations on behalf of the Customer which arise from the provisions on the services used by the Customer (special conditions).
§5. Legal consequences for any instance of breaches of Contract and violation of the Customer/KONTENT rights
§ 5.1 Blocking for any f breaches of Contract and rights violation
KONTENT reserves the right to prevent access to content (web redirection, website) that may violate statutory provisions. KONTENT is entitled, in case of the violation of the obligations set forth under Sections §§ 4.3, 4.4, 4.6 and 4.7, to immediately exclude the Customer from further use of the services. The discontinuation of the right to use and/or a block of the use of services according to provisions set in § 4.4 is possible inasmuch as a well-founded suspicion exists. A well-founded suspicion is a corresponding rating issued by a recognised institution, by a voluntary self-control body for the Internet, or by a lawyer. In the case of § 4.3, the notification of a data subject and/or of a right holder is sufficient for a end and/or blocking of service use.
§ 5.2 Blocking on occasion of extraordinary termination
KONTENT is in any case entitled to end or block the use in case the Customer has given grounds for extraordinary termination of the Contract. The Customer is entitled to produce counter-evidence.
§ 5.3 Blocking in case of late payment by the Customer
If the Customer is in arrears with outstanding claims after the expiry of the deadline set in the second written reminder, KONTENT shall have the right to block the customer-related services. This does not affect the obligation to pay, covering this entire period.
§ 5.4 Contractual penalties/compensations for damages
The Customer undertakes to pay KONTENT a contractual penalty in the amount of EUR 1,000.00 for each case of culpable violation of the obligations set forth under Sections §§ 4.3, 4.4, 4.6 and 4.7. Of course, it is always possible for the Customer to provide the necessary evidence and to demand that the compensation payment be adjusted accordingly. Then the Customer is only obliged to pay the lower amount. Further rights and, in particular, claims for damages remain unaffected by the contractual penalty but will be offset in full against the additionally claimed compensations.
§ 5.5 Extraordinary termination
KONTENT reserves the right to extraordinarily terminate the contractual relationship if there is a good cause. An important reason exists in particular, but not conclusively, if the customer culpably violates any of the obligations referred to in paragraphs §§ 4.3, 4.4, 4.6 and 4.7.
§6. Litigation and Indemnification
§ 6.1
Insofar as third parties proceed against KONTENT for alleged infringements by the Customer or by third parties in connection with the contractual service, the Customer is obliged to indemnify KONTENT and its employees from any damages, if it is responsible for the underlying infringement or if is the subject of a cease and desist obligation. This includes the costs of proper legal action and expenses.
§ 6.2
Likewise, the Customer also exempts third parties (e.g. ICANN and registries and registrars involved) and natural persons affected.
§ 6.3
This exemption agreement remains valid for a further three years beyond the duration of the Contract.
§ 6.4
In the event of legal disputes described in section § 6.1, KONTENT is entitled to discontinue its services concerning the relevant service.
§7. Remuneration / Payment method / Arrears of payment / Reminder notice
§ 7.1
The prices for the contractual services are indicated to the Customer on the individual offer detail pages. During the order process, the prices are displayed at any time and displayed before the order is completed.
§ 7.2
Payments shall be carried out in advance for the billing period specified in the offer unless they represent usage-based fees.
§ 7.3
Invoices are always sent via e-mail. If the Customer requests an invoice by mail, KONTENT is entitled to charge € 1.50 per invoice.
§ 7.4
Payment must be made to one of KONTENT's bank accounts immediately after invoicing, but no later than 10 days since invoice was issued, unless a direct debit authorisation has been signed. The amount is due immediately. The Customer is in arrears of payment if payment is not carried out according to stipulations under sentence 1, within 30 days after receipt of the invoice by the Customer, whereas no other payment term is mentioned in the invoice sent to the Customer.
§ 7.5
If a direct debit authorisation has been issued, KONTENT shall be authorised, until revoked by the Customer, to debit the amounts due from the Customer's account. If a debit fails for reasons for which the Customer is responsible, he shall bear the additional costs incurred by KONTENT. The direct debit authorisation always only applies to the explicitly agreed Terms and Conditions of the Contract. If there are several contracts concluded between KONTENT and the Customer, KONTENT shall be entitled to collect claims arising from a contractual relationship using the direct debit authorisation from another contract only with the express consent of the Customer in this respect.
§ 7.6
From the time of the payment delay, outstanding receivables are subject to the statutory interest rate. Of course, it is always possible for the Customer to prove that the interest incurred was lower or of a significantly lesser extent. In this case, the Customer is obliged only to the payment of the respective lower interest amount.
§ 7.7
For each reminder letter, a sum of € 3.00 gross [in words: three EURO] is agreed as flat-rate compensation (§ 286 BGB [German Civil Code]). The assertion of higher damage remains reserved, provided that it is proven that a higher than normal repair expenses has occurred, per individual cases. The Customers reserves the right to prove that it has suffered no loss at all or only a substantially smaller loss.
§8. Set-off and the right of retention
§ 8.1
The Customer is only entitled to withholding and offsetting rights if his counterclaims are declared legally valid, are undisputed or have been recognised by us in writing.
§ 8.2
The Customer can only exercise a right of retention if the existing counterclaim is based on the same contractual relationship. If this is not the case, a right of retention by the Customer is fully excluded.
§9. Warranty
The warranty of KONTENT is initially limited to the repetition of registration procedures and defect rectification or the free-of-charge delivery of replacement parts. If this fails repeatedly, the statutory warranty rights shall be reactivated.
§10. Limitation of liability for KONTENT
§ 10.1
In the case of intent and gross negligence, KONTENT is always indefinitely liable. The same applies to liability for lack of warranted properties and according to the relevant provisions of the Product Liability Act.
§ 10.2
Insofar as an attributable breach of duty is based on simple negligence and a material contractual obligation (duties whose fulfilment only makes possible the proper execution of the Contract whose breach endangers the achievement of the purpose of the Contract and on whose compliance you as a Customer regularly rely upon) is culpably breached, the KONTENT liability for damages shall be limited to the predictable damage that typically occurs in similar cases. In the case of injury to life, health or limb, KONTENT shall be liable under the current applicable legal regulations.
§ 10.3
In the area of application of the Telecommunications Act (TKG), the provisions specified at Section § 44a TKG remains unaffected in any case without prejudice to the above liability regulations pursuant to § 10.1 and § 10.2.
§11. Force majeure
Furthermore, KONTENT does not assume liability for loss of performance or delays caused by force majeure and due to an unpredictable temporary impediment to performance not caused by KONTENT. Such impairments include, in particular, official orders, strikes, lock-outs and lawful enterprise-internal labour dispute measures. Furthermore, this also includes the complete or partial breakdown of communication networks and gateways of other operators which are mandatory for the provision of services. KONTENT is entitled to postpone the service incumbent upon it for the duration of the obstructive event plus a reasonable restarting period.
§12. Right of withdrawal
Consumers have a right of withdrawal of 14 days. Consumers in the sense of the BGB (German Civil Code) are natural persons, with whom we enter into business relationship has been initiated without granting them a commercial or independent occupational function.

Cancellation policy

Right of withdrawal
You may revoke your contractual agreement without having to provide a reason for doing so, within 14 days, in writing (e.g. by letter, fax, e-mail) The time limit begins after receipt of this policy in written form, however not before the conclusion of the contract or before the fulfilment of our information obligations as per 246 § 2 of the EGBGB (German Introduction Law to the German Civil Code) in conjunction with § 1, paragraphs 1 and 2 of the EGBGB, as well as our obligations as per § 312g, paragraph 1, sentence 1 of the BGB (German Civil Code) in conjunction with article 246 § 3 of the EGBGB. The timely despatch of the revocation shall be deemed sufficient for compliance with the revocation term. The revocation must be sent to:
  • KONTENT GmbH
  • Winkelhauser Str. 63
  • D-47228 Duisburg
  • Fax: +49 203 3094 310
  • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Consequences of withdrawal

In the case of an effective withdrawal, all services received by both parties must be returned and any benefits derived (e.g. interest) yielded. If you can not grant us or return, in full or only partially, the received performance as well as usages (for example, benefits of use), or these can be returned only in a deteriorated condition, you must pay us due to compensation in this respect. This may result in your obligation to fulfil the contractual payment obligations for the period until the withdrawal was made. Obligations to reimburse payments must be discharged within 30 days. The period begins for you with the sending of your withdrawal notice, or for us, with its receipt.
Special remarks

Your right of revocation expires prematurely, if the Contract is entirely fulfilled by both parties at your express request, before you have exercised your right of withdrawal.

End of withdrawal policy
§13. Data protection
The data processing by KONTENT takes place under consideration of the valid legal regulations. The Privacy Policy and the Additional Terms and Conditions for Order Processing / Order Data Processing also apply.
§14. Miscellaneous
§ 14.1
If the Customer is provided with information in different languages, the German version shall take precedence over the translation. The Contract language is German.
§ 14.2
KONTENT is entitled to use the services provided by third parties for the purpose of rendering the contractual services.
§ 14.3
The contracts concluded between the Customer and KONTENT are subject to German law with the simultaneous exclusion of the regulations of the uniform UN-purchase right regarding the purchase of movable items However, in the case of a consumer acting as a Customer, this applies only insofar as the protection afforded by compelling provisions of the law of the state in which you have its habitual residence is not withdrawn. Consumers in the sense of the BGB (German Civil Code) and this regulation are natural persons with whom we enter into business relations, without the first having an attributable commercial or self-employed occupation.
§ 14.4
Should one or more regulations of these terms and conditions be declared ineffective, then this shall not result in the ineffectiveness of the entire contract. The ineffective regulation shall be replaced by the admissible legal regulation.
§ 14.5
If the Customer is a merchant, a legal entity under public law, or a special fund under public law, Duisburg is the exclusive place of jurisdiction for all disputes arising from and in connection with the contractual relationship between KONTENT and the Customer. In addition, KONTENT is entitled to sue the Customer at his general place of jurisdiction.
B. Special conditions for individual contract services
The following terms and conditions apply to the individually agreed services between KONTENT and the Customer (so-called contractual services) resulting from the specific contractual relationship.
§15. Special conditions for Internet domains
The following statements only apply if a contractual relationship is concluded between KONTENT and the Customer regarding the registration, administration and use of an Internet domain.
§ 15.1 Legal relationship between KONTENT and the Customer
As part of the registration of an Internet domain, KONTENT only transmits the data requested by the Customer to the respective responsible registry and/or the registrar. KONTENT enters into a legal relationship with the Customer only within the scope of a mandate (agency agreement). The registration of the domain is not contractually binding, as this can only be done by the relevant responsible registry. For the registration of the Internet domain, the registration conditions of the respective responsible registry always apply.
§ 15.2 Registration procedure
KONTENT carries out the registration of the Internet domains via the respective providers or registrars. Given the automated nature of the registry process, KONTENT does not influence the allocation. Therefore, KONTENT cannot assume any liability for the allocation of an Internet domain requested by the Customer. Similarly, KONTENT cannot guarantee any liability for damages due to infringement of third parties' rights,
§ 15.3 Cooperation obligations of the Customer
The Customer is obliged to support KONTENT in its actions as far as this is reasonable for the Customer. These acts of support concern the registration, transfer and deletion of Internet domains as well as the registration in databases by the respective relevant domain registry.
§ 15.4 Liability for possible legal infringements arising from the domain
The Customer guarantees KONTENT that the Internet domain itself and also the content retrievable via the Internet domain does not infringe the rights of third parties and also observe the legal regulations. If the internet domain is not registered with DENIC eG in Germany and the contents are not only aimed at persons resident in Germany, other legal systems must be observed by the Customer.
§ 15.5 KONTENT rights in case of possible legal infringements arising from the domain
If KONTENT is made aware of legal infringements arising from the use of an internet domain and/or its content and/or the content managed by KONTENT within the scope of the add-on services, and if these legal infringements are credible to KONTENT, by providing references or other evidence, KONTENT has the right to temporarily suspend the content and/or the additional services and take the appropriate technical measures to make the Internet domain temporarily unavailable.
§ 15.6 Compensation claims in the context of legal infringements arising from the domain
If claims for compensation arise due to the actions provided for under § 15.5, the Customer shall indemnify KONTENT from these claims.
§ 15.7 Information obligation of the Customer in the case of relinquishment of a domain
KONTENT shall be without any negligent delay informed by the Customer if there is a waiver of a registered Internet domain declared to a relevant responsible registry and/or registrar.
§ 15.8 Termination of contract and influence on the domain registration
If the Customer terminates the contract with KONTENT or if KONTENT is forced to terminate the contract for a good cause or for other reasons, this does not affect the continued existence of the Customer's contract with the relevant responsible registry and/or registrar. If the customer still wishes to terminate a registration of an Internet domain through termination, the Customer must address the respective domain deletion order toward KONTENT. This forwards the deletion order as the technical administrator of the Internet domain to the relevant responsible registry and/or the registrar.
§ 15.9 Form of contract termination by Customer
If the Customer wishes to terminate both the contractual relationship with KONTENT and the contractual relationship with respect to an Internet domain, then an explicit declaration by the Customer must be submitted by letter or fax. This explicit statement must contain both the cancellation and the deletion order regarding the respective Internet domain. In the event that the Customer is not the owner of the respective Internet domain, the declaration of termination and/or cancellation must be made in writing by the domain owner or, if available, according to the specifications of the respective responsible registry and/or registrar, by the Admin-C.
§ 15.10 Termination notice term for domain registration
Termination orders for Internet domains registrations are subject to a notice period of four weeks to the end of the term of the registration relationship.
§ 15.11 Termination of behalf of the Customer, outside the notice period specified at Section § 15.10
If a Customer places a termination order for an Internet domain outside the period referred to in paragraph § 15.10, KONTENT will forward this declaration to the respective relevant domain registry and/or the registrar. For the case described in sentence 1, KONTENT informs the Customer that the remuneration obligation towards KONTENT remains valid for the period of the extension of the legal relationship between the Customer and the respective relevant domain registry and/or the registrar.
§ 15.12 Remuneration upon the termination of the contractual relationship regarding the domain
Also in the event of termination of the contractual relationship by the Customer with KONTENT, the Customer must continue to pay the agreed remuneration to KONTENT. This remuneration obligation remains valid until the Customer has made an explicit final declaration to KONTENT regarding on how to proceed with the registered Internet domains. In this case, KONTENT will send an e-mail to the e-mail address provided by the Customer stating that the Customer has to declare to KONTENT the prescribed end-use for which the internet domains have been acquired. If this request remains unsuccessful and the Customer does not will provide an appropriate response, KONTENT informs the relevant domain registry and/or the registrar that the KONTENT's domain will no longer be extended beyond the current established period. This may result in the final domain being released by the relevant domain registry for re-registration. For this purpose, KONTENT is also entitled to terminate the contractual relationship with the respective Customer.
§ 15.13 Domain transfer if the domain is not taken over by a different provider
KONTENT may entrust an internet domain to the respective relevant registry and/or the registrar for direct administration, especially when the respective domain was not taken over by the management of another provider with simultaneous termination of the existing contract between the KONTENT and the Customer. This also applies if a timely transfer of the Internet domain to the new provider is not possible despite a corresponding declaration issued by the Customer on the benefit of KONTENT.
§16. Special conditions for web-hosting/storage space
The following statements apply only if a contractual relationship regarding the use and provision of web hosting is concluded between KONTENT and the Customer. Web-hosting in the sense of this paragraph means the storage space for documents, web presence or other data stored on servers, which can be permanently accessed via the Internet.
§ 16.1 Assumption of liability for rights infringements
When using web-hosting, which is made available by KONTENT in the context of a closed contract, the Customer assures that the data pages it provides and publish on the website or uses for the presentation of the website do not violate any provision of the German law or any other law. This assurance applies in particular to laws on data protection, trademarks name rights, copyright and competition. KONTENT expressly reserves the right to temporarily suspend any content that may violate the aforementioned rights. Likewise, KONTENT will block content if KONTENT is requested to do so by a third party. The request of the third party must be presented to KONTENT in a format that clearly identifies the infringement of the rights, i.e. by the submission of appropriate evidence and documents and, where appropriate, credibly established and/or substantiated.
§ 16.2 Legal obligation to provide online publication details in an "Impressum" (Imprint) on the Internet.
The Customer agrees that the contents provided by it are published alongside with the publication details in an "Impressum" (Imprint) on the Internet, stating the name, in the case of legal entities also the name of the entity and the name of the authorised representative, an e-mail address, and, if applicable, the relevant commercial, non-profit association, partnership or cooperative register number, respective, as well as, where applicable, the VAT identification number. Reference is made to the consequences in the case of rights infringement mentioned in clause 5 of the General Section of the GTC. Further duties based on other legal regulations remain unaffected. The Customer is obliged to inform himself about the relevant regulations.
§ 16.3 Data backup
The customer is solely responsible for securing the websites he has uploaded as well as all related data. A regular data backup carried out by KONTENT is not part of the contract.
§ 16.4 Reproduction rights
KONTENT is entitled to further reproduce the entire website on mirrored servers, regardless of which node and/or backbone this server is used to connect to the Internet. Moreover, KONTENT is authorised, for reasons of adequate necessary backup or archiving purposes, to make copies of the entire website on a storage medium of its choice. KONTENT has no obligation whatsoever to secure the Customer's website. This is the sole responsibility of the Customer, who regulates the content available on the website via a password provided on a server held by KONTENT. At the express request of the Customer, KONTENT shall delete the stored backups as soon as possible after the contract has been terminated.
§ 16.5 Termination of the contract / Publication of stored data
KONTENT is entitled from the time the contract is terminated to switch off immediately the Customer's services, so that they become no longer available. Any availability of the service, extending beyond the end of the contract, does not constitute a tacit renewal of the contractual relationship.
§17. Special conditions for e-mail services
The following statements apply only if a contractual relationship is concluded between KONTENT and the Customer regarding the use and provision of e-mail services. E-mail services within the meaning of § 17 are the following services offered by KONTENT:
  • The creation of e-mail addresses
  • The forwarding of incoming e-mails to an e-mail address specified by the Customer
  • The server storage of incoming e-mails and the possibility of their retrieval by the Customer
  • The sending of outgoing emails

§ 17.1 Customer duties
As part of its contractual relationship with KONTENT, the Customer is required to periodically retrieve emails received in their email accounts. KONTENT reserves the right to delete all personal messages received in the Customer's e-mail accounts. This operation can be accepted and carried out only when the following conditions are met:
  • The Customer has already retrieved the e-mails
  • The Customer has forwarded the incoming emails to other email addresses outside the scope of the existing contractual agreements with KONTENT

An early deletion will only take place if legal regulations and/or these General Terms and Conditions entitle KONTENT to such operation. KONTENT reserves the right to refuse to accept incoming e-mails ifif the relevant mailbox capacity limit is exceeded, in accordance with the relevant provisions of existing contractual agreements. Likewise, KONTENT is entitled to define requirements affecting the Customer regarding the size of e-mail messages that can be sent to or from the contractually agreed e-mail addresses.
§ 17.2 Right of refusal reserved by KONTENT
KONTENT may refuse access to emails directed to the Customer, especially when the following circumstances are met:
  • Objectively substantiated evidence that an email contains malicious software (such as viruses, worms or Trojans)
  • An e-mail contains incorrect or concealing information on the true identity of the sender
  • An e-mail containing unsolicited commercial offers or information disguised as advertising
  • The sending e-mail address or the sending e-mail server address has been noticed in the past as often sending unwanted spam messages and is listed on a "DNS-based Blackhole List" (DNSBL)

§ 17.3 Prohibition of Customers' dispatch of unwanted e-mails
The Customer is subject to full interdiction to send unsolicited e-mails, also known as spam e-mails, using the e-mail accounts provided by KONTENT as part of the contractual relationship. In particular, the transmission and sending of unsolicited e-mail advertising are regarded as unwanted e-mail in the sense of § 17.3. Supplementary, the Customer is prohibited from sending e-mails to third parties using the e-mail accounts provided by KONTENT as part of the contractual relationship if incorrect or no data of the sender is provided in the submitted e-mail. In addition, the Customer is solely responsible for complying with all legal requirements for the design of business documents and also for the content of all e-mails transmitted to third parties.
§ 17.4 Consequence of, and adjunct to, the breach of provisions set forth in Section § 17.3
If the Customer uses the e-mail accounts made available by KONTENT within the scope of the existing contractual relations within the intent to transmit unwanted e-mails in the meaning of § 17.3, KONTENT is entitled to a temporary blocking of the Customer's e-mail accounts used for such dispatch.
§ 17.5 Allocation of storage space to the e-mail inbox
If the Customer has purchased an additional service to the acquisition of an Internet-based domain, a service which allows the storage of e-mails, the purchased storage space can be assigned to the already configured e-mail addresses. The Customer can remove the total storage space from the product description available on the www.kontent.com website and within the submitted contract documents, thus the size of the individual mailboxes being reduced and limited to max. 4GB.
§ 17.6 Termination of the current contractual relationship
After termination of the contract, no more e-mails will be forwarded or made available in any way to the Customer.
§18. Special conditions for the Web redirection module
The following statements apply only if a contractual relationship has been concluded between KONTENT and the Customer regarding a web redirection module. A web redirection module within the meaning of § 18 refers to the redirection of (HTTP) requests to a web address specified by the Customer.
§19. Special conditions for DNSplus
The following further explanations apply only if a contractual relationship has been concluded between KONTENT and the Customer regarding the DNSplus service. DNSplus, within the meaning of § 19, is understood to include a service that KONTENT provides to the Customer within the contractually agreed runtime. With the additional service, the Customer can assign one or more servers to a host name (domains or subdomain). The settings can be made manually via the KONTENT website or via a priori provided software tool. KONTENT assumes no liability for the operation of the software tool by the Customer and/or possible consequences thereof.
§20. Special conditions for domain synchronisation
The following statements only apply if a contractual relationship has been concluded between KONTENT and the Customer regarding the synchronisation performance. We understand by synchronisation, in the sense of § 20, the identical assumption of functions which are assigned to a Customer's domain for use on other domains. For this, the Customer shall notify KONTENT on the names of the respective domain to which the desired service has to be assigned.
§21. Special conditions for root server
The following statements only apply if a contractual relationship regarding the root server service has been already concluded between KONTENT and the Customer. Root server in the sense of § 21 is the provision of a physically existing or virtual server that processes programs and serves as a data distributor, database and storage space.
§ 21.1 Exclusion of possible uses by KONTENT
In particular, the use of the servers to provide the following services is permitted only after a written approval by KONTENT.
  • IRC (Internet Relay Chat), e.g. IRC Server, Bots, Bouncers
  • Anonymisation services, e.g. Tor, JAP, proxy server
  • Streaming Services
  • Download Services
  • P2P file sharing

§ 21.2 Administrators rights
KONTENT and the Customer may mutually agree that the Customer shall receive the sole administrator rights for the server used under the established contractual agreements. In the case described above, the Customer is solely responsible for the security of the server and the data contained therein. The Customer has the obligation to ensure the security of the server and the content stored on the server by installing adequate security software.
§ 21.3 Rights of KONTENT in case of a breach of contract
If KONTENT becomes aware that the security, integrity and availability of the network, other servers, software and data of third parties are endangered by the server used, it may temporarily suspend the server even when the Customer is not liable for the effects as mentioned above. For the blocking to become effective, a suspicion of interference according to sentence 1 is sufficient. Such blocking also applies if the Customer uses the provided server to carry out the so-called denial of service attacks (hereinafter referred to as DoS attacks). KONTENT reserves the right to terminate the contract even in the case the Customer's server repeatedly becomes the target of a DoS attack. This requires, from the point of view of KONTENT, a repeat of such an attack as highly probable. The KONTENT is obliged also to send the Customer a warning in advance. Supplementary, KONTENT has the right to extraordinary termination if, despite a warning, further DoS attacks occur and KONTENT has no reasonable technical means to end or prevent such attacks. Similarly, KONTENT may suspend the Customer's server when KONTENT becomes aware that the server is being used to send unsolicited advertisements.
§ 21.4 Prohibition of the Customer's transfer of use to third parties
The Customer is subject to a prohibition on transfer of the server for use by third parties whose identity is unknown. The first sentence applies to the complete or partial transfer of the server. If the Customer breaches this contractual obligation, KONTENT becomes entitled to extraordinary termination.
§ 21.5 Consequences of the breach of Customer's duty
In case of violations of the obligations set forth in Sections § 21.1 to 21.3, the Customer is obliged to reimburse all damages resulting from the respective breach of contract. KONTENT informs the Customer about own claims or claims on behalf of third parties, as soon as they become known. The Customer has, in this case, the opportunity to submit an opinion to KONTENT.
§ 21.6 Limitation/Exclusion of liability
§22. Special conditions for add-on services
The Customer has the possibility to conclude further contractual agreements containing the so-called add-on services, regardless of the registration or not of an Internet domain with KONTENT. These are additional services within the meaning of this paragraph and consists of the following services offered by KONTENT:
Web-hosting module
E-mail module
E-mail forwarding module
Web redirection module
DNSplus module
Synchronisation module
Root server
§ 22.1 Conclusion of contract
When the contract is concluded, the Customer and KONTENT agrees upon the scope of the contracted services. For this purpose, the Customer selects also the extra add-on services which are additional to the scope of the concluded user agreement. KONTENT accepts this declaration made by the Customer by submitting a corresponding declaration of willingness.
§ 22.2 Modifications made by the Customer
The Customer has the possibility at any time to modify the scope of the add-on services additional to the concluded user agreement. Such dynamic possibility of modification applies continuously, on daily basis. If, due to the change in the existing contractual agreement, a higher fee has to be paid to KONTENT, this fee shall remain valid until the end of the contractually agreed runtime term. If, due to the amendments made to the existing contractual agreement, a reduced value of the payment is due to KONTENT, KONTENT issues a credit note to the Customer's future payment services within the running term of the concluded contract.
§23 Special Conditions for the Only Office SaaS application
§23.1 Subject of the contract
Our list of price and service specifications in Attachment 1 attached to the herein given terms and conditions apply to the use of the ONLYOFFICE Software. The software is provided to the user as Software as a Service ("SaaS").

The software is installed and made available to the user via the server in our own data centre in Duisburg, by the Ascensio System SIA. All data collected with the software are therefore stored exclusively here in our own data centre. However, the Ascensio System SIA can access the data for necessary maintenance where technically required.

Prerequisite for using the ONLYOFFICE software is a proper Internet access for the Customer. However, some performance and product related components may be used offline and/or partially offline. The use of some special services may require additional services and services from us.

§23.2 Rights of use
Since the software is installed on our own servers and the user exploits them only in the exclusive context of a SaaS application, during the contractually agreed runtime term, the Customer does not need own rights of software use. These are therefore not transferred, neither to us, nor to our partner, the Ascensio Systems SIA. Therefore, we expressly grant users only a non-exclusive and non-transferable right of use, which is also expressly limited in time to the respective contract duration in accordance with this agreement.

This right of use includes the use by displaying the user interface through and in the memory of the respective user. Furthermore, the user may also make the correspondingly technical reproductions according to the agreed use and the period of use, and thus then also use all features agreed under the current agreement, for the chosen and agreed duration. However, the user may not allow any other third party use. It shall be amended and supplemented with the license terms for end users of the Ascensio System SIA.

§23.3 Conclusion of a contract
By placing an order with us, the Customer gives us a binding offer to conclude a contract with duration and number of users of its choice. If the consumer places an order via Internet, we shall confirm the receipt of the order automatically, without delay, but this confirmation of receipt is not an order acceptance within the meaning of the law.

A contract with us enters into force only by express acceptance of the offer or by sending the access data or when the use of the service by the Customer was already initiated.

The text of the concluded contract will be stored, in the case of such commissioning, via the Internet, immediately after its conclusion, and can be retrieved by the Customer from us at any time.

§23.4 Availability of the software
We caution users that there may be actual limitations and/or restrictions on the provision of services and the scope of the software provided, which are beyond our own control. The software is installed on our servers based in our data centre in Duisburg, it is also provided at this location. However, we can not completely exclude, for example, external influences on the system, on behalf of a third party. In addition, there may be adverse effects occurred due to technical problems of the data transmission paths outside of our data centre, to which we also have no control.

Finally, the hardware and/or software used by the users themselves can lead to technical faults and/or performance limitations or restrictions. These are unfortunately also beyond our control.

If there are any adverse effects and/or limitations/restrictions resulting from these influences, this does not affect the contractual performance of our services, which nevertheless shall be considered to have been already provided.

§23.5 Obligations of the user
The user is obligated to notify us immediately of any faults by e-mail at This email address is being protected from spambots. You need JavaScript enabled to view it.. He has to specify the fault and describe it as accurately as possible within the scope of the fault-reporting message.

§23.6 Data Protection, Data Security and Data Processing
For the agreed contract period and the number of agreed users to execute the concluded contract, the user grants us the right to store, process and duplicate the data that we store on behalf of the users according to the necessity resulting from the contract execution.

We are also entitled to make changes in the data and/or any data structures if and to the extent that this is urgently required to remedy an identified fault.

The Customer remains, with respect to any personal data in the sense of the BDSG (Federal Data Protection Act), solely responsible in the sense of the law. It is therefore incumbent upon the Customer to always check whether its data collection, processing or storage are in full compliance with all mandatory legal requirements.

If the user collects, processes or stores personal data in accordance with the BDSG on our servers whereby the services are provided, a separate data processing order must be agreed with us. The user has to show us this order agreement.

§23.7 Operational runtime
Beginning of the term: The contract begins with the provision of software for the Customer. Their operation runtime is automatically extended by the chosen term, if it is not terminated on a timely notification.

Operation runtime: The term is one month or even one year with automatic renewal or one month and one year with termination at the respectively agreed term.

Termination notice terms: The notice period is one month for a term of one year and one week for the term of one month, at the end of each term.

Time-limited maturities: If the term of the contract is limited to one month or one year at the time of conclusion of the contract (without automatic renewal), this expires at the end of the contract. The service provision can be continued through a new subsequent agreement.

The right to extraordinary termination in accordance with our terms and conditions remains unaffected.

§23.8 Right of withdrawal for consumers
Consumers have a right of withdrawal of 14 days. Consumers in the sense of the BGB (German Civil Code) are natural persons, with whom we enter into business relationship has been initiated without granting them a commercial or independent occupational function.

Cancellation policy Right of withdrawal You can cancel your contract within 14 days without giving reasons in writing (e.g. via letter, fax, e-mail). The time limit begins after receipt of this policy in written form, however ot before the conclusion of the contract or before the fulfilment of our information obligations as per 246 § 2 of the EGBGB (German Introduction Law to the German Civil Code) in conjunction with § 1, paragraphs 1 and 2 of the EGBGB, as well as our obligations as per § 312g, paragraph 1, sentence 1 of the BGB (German Civil Code) in conjunction with article 246 § 3 of the EGBGB. The timely despatch of the revocation shall be deemed sufficient for compliance with the revocation term. The revocation must be sent to:
  • KONTENT GmbH
  • Winkelhauser Straße 63
  • D-47228 Duisburg
  • Fax: +49 203 3094 310
  • Email: This email address is being protected from spambots. You need JavaScript enabled to view it.


Consequences of Withdrawal In the case of an effective cancellation, the services received on both sides must be returned and, if applicable, any benefits derived (e.g. interest) must be surrendered. If you can not grant us or return, in full or only partially, the received performance as well as usages (for example, benefits of use), or these can be returned only in a deteriorated condition, you must pay us due compensation in this respect. This may result in your obligation having to fulfil the contractual payment obligations for the period until the withdrawal was made. Obligations to reimburse payments must be discharged within 30 days. The period begins for you with the sending of your withdrawal notice, or for us, with its receipt.

Special Notes Your right of cancellation expires if the execution of the contract by us has commenced after you have expressly consented to us that we begin to execute the contract before the expiry of the withdrawal period and you have confirmed, during the ordering process, that, by giving your consent to the execution of the contract, you waive your right of withdrawal.

Withdrawal form template
(If you want to cancel the contract, please fill out this form and send it back.) Attn. KONTENT GmbH
Winkelhauser Straße 63
D-47228 Duisburg
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
I/We(*) hereby revoke the contract concluded by me/us(*) for the purchase of the following goods(*)/the provision of the following services(*)
_______________________, _______________________, _______________________,
_______________________, _______________________, _______________________,
Ordered on ___________________ (*)/received on _______________________(*)
Name of the consumer(s) ______________________________________
Address of the consumer(s)
_________________________________
_________________________________
_________________________________

Date Signature of the consumer(s) (only when notification occurs on paper)
_________________________________

(*) Delete whatever entry does not apply
_________________________________


§23.9 Remuneration
The amount of the remuneration and its clearing is based on Attachment 1 List of Prices and Services.

§23.10 Description of faults
Faults may be notified to us via e-mail, at This email address is being protected from spambots. You need JavaScript enabled to view it.. Such fault-reporting notifications are accepted by us from Monday to Friday in the business time from 09:00 clock to 16:00 clock and should be described as precisely as possible.

§23.11 Warranty
The legal warranty regulations apply, subject to the following clarifications.

The provisions set forth in Sections §§ 536 b BGB ("the defect was known to the tenant upon conclusion of the agreement or acceptance"), 536c BGB ("defects appearing during the rental period, notification of defects by the tenant") are correspondingly applicable.

We point out that the right to rectify the defect directly by the tenant, in accordance with § 536 a BGB, is excluded. This also applies to our liability for damages, as lessor, in accordance with § 536 a Para. 1 BGB, as far as a strict liability is provided.

§23.12 Compensation for damages and liability
We are liable only for such damage to the Customer,
  • which was caused by us intentionally or negligently,
  • which are the result of nonexistence of a guaranteed quality of the software,
  • which are based on our culpable violation of so-called essential contractual obligations ("cardinal obligations"),
  • which results in a culpable injury to the limb, health or life, or
  • for such damages for which liability is required under the Product Liability Act,

in accordance with legal provisions.

Cardinal obligations are those obligations whose proper fulfilment makes the service performance of the respective contract possible in the first place. Secondly, the user compliance becomes, therefore, reliable. One shall be able to regularly rely on and a violation would actually jeopardises the achievement of the actually agreed contractual purpose and duration.

In the event of a breach of such a so-called cardinal obligation, our liability is limited to such damages, which must typically be expected to arise in the contractual use of the provided software over the contractually agreed period.

§23.13 Data stored by the Customer on our system
As a technical service provider, we store the data entered by the Customer for their subsequent use. As a consequence, the Customer undertakes during the entire contract period to expressly control and interdict/erase any criminal and/or illegal content. Furthermore, he undertakes not to use any malicious software (including, in particular, Trojans, worms, viruses, etc.).

We expressly point out to the Customer on its sole liability for all the content and data posted. We do not inspect the contents or Customer entered data, either in law or in fact, and point the user for this purpose to the following section: "Indemnification of Third Party Claims".

§23.14 indemnification of claims by third parties
Our general terms and conditions apply

§23.15 Transfer of rights and/or obligations under this contract
A further assignment of rights and/or obligations under this contract to other users is allowed only with our prior written consent. We are entitled to commission any third party to fulfil our obligations under this contract.

§23.16 Other supplementary agreements
With regard to the other agreements, our general terms and conditions and the licensing conditions for end customers of Ascensio System SIA apply.


Attachment 1: List of prices and services of KONTENT GmbH for the ONLYOFFICE SaaS application

Product description
ONLYOFFICE is an online software package consisting of:
  • Office applications (text, spreadsheets, presentations)
  • CRM system (contact management, billing)
  • Community system (forum, blog, chat)
  • Project management tools (projects, tasks, reports)
  • Offline editor (text documents, spreadsheets, presentations)
  • Mobile apps for viewing documents (text documents, spreadsheets, presentations)


Price list
The price for the ONLYOFFICE products depends on the number of active users and the allocated user data storage space. KONTENT reserves the right to adjust the prices accordingly in case of an increase of VAT. KONTENT will inform the Customer about such a price adjustment.

Fees:

{PRICE TABLE}

All quoted prices incude the statutory Value Added Tax.




Invoicing
The invoicing takes place from the provision of the software for the user. The period results from the contract period selected by the user and the amount from the number of users selected by the user as well as the storage space chosen by the user. The invoice amount will be due in advance for the selected contract period immediately after the software is made available to the licensee. Our general terms and conditions apply here as well.
§24 Terms and Conditions of the Affiliate Program
These terms and conditions apply to the customer's participation and the brokering of KONTENT products as part of the Affiliate Program "Clients referring clients".

§24.1 For the affiliate program "Clients referring clients" of KONTENT GmbH (hereinafter referred to as KONTENT) these terms of participation apply exclusively. Eligible persons are natural persons, who are of legal age (over 18 years) and legal entities (hereinafter referred to as "partners").

§24.2 The purpose of the partner program is to advertise new customers for KONTENT on the part of its partners. A new customer is a customer verified by KONTENT by mail or other means who has made a paid order.

§24.3Commissions/Fees are calculated only for the advertising of new customers and the purchase of KONTENT products. These purchases must be based on the actual payments received, to be able to be calculated under the due commission/fee.

§24.4 The affiliate program is settled on the basis of a percentage commission applicable to the paid and paid purchases (pay-per-sale).
The commission is 30% on all products ordered within the first 30 days after verified registration of the new customer, all invoices of which have been paid in full within the 30 days and have not been reclaimed within a subsequent waiting period of 30 days. Only the orders made within the first 30 days after the first order of a contract/product by the new customer are remunerated accordingly. Further contracts concluded directly between the new customer and KONTENT as well as contract extensions of the brokered contracts/products will not be remunerated.

§24.5 The commissions are credited exclusively to the Customer account of the partner, and offset against future or existing outstanding invoice amounts. There is no claim for payment. No interest shall be given for any existing credit. The recipient of the remuneration is always the referring partner. The payment claim cannot be assigned or transferred by the referring partner.

§24.6Contracts, which come about due to the advertising of the referring partner, are concluded solely between the KONTENT and the end client, the new customer.

§24.7 Self-orders of the referring partner are excluded from the remuneration and shall be considered as not provided in accordance with the contract.

§24.8 KONTENT is entitled to grant the new customer a discount at its own discretion. However, there is no entitlement to such a discount.

§24.9 The partner is not authorised to act on behalf of KONTENT. In no case is he entitled to accept offers, to give or to accept statements on behalf or addressed to KONTENT.

§24.10 KONTENT reserves the right to reject orders from end customers without reason.

§24.11Prerequisite for the remuneration is that the recruited new customer makes an order via a hyperlink, using the referring partner code, so that the respective order can be clearly assigned to a partner. Alternatively, the new customer can manually enter the partner code at the end of its order, in a corresponding field.
The connecting hyperlinks and partner codes required for participation in the affiliate program are made available by KONTENT to the partners, in their online customer area.
The partner ensures that the links are formatted correctly. The correct technical integration is solely under the responsibility of the partner.

§24.12 If the new customer has disabled cookies, the assignment to the partner may not be unambiguous and it may lead, as in case of manipulation of the HTML code, to miscalculation.

§24.13If statistics are made available to the referring partner via the partner's customer account, it is pointed out that due to technical reasons, different collection methods on different systems can lead to different results. Only the data collected by KONTENT, based on its technology, are considered relevant.

§24.14 Data that KONTENT collects in connection with the Affiliate Program are stored solely for the necessary processing of internal business transactions.

§24.15 KONTENT is entitled to direct all communication to the e-mail address specified in the partner's customer account. The Affiliate must guarantee that such communications are properly and timely intercepted.

§24.16 Any claims for damages against KONTENT are excluded.

§24.17 Collateral agreements and changes to these terms and conditions must be made in writing to be effective. This formal requirement cannot be overturned or annulled either verbally or tacitly implied. KONTENT is entitled to adapt these terms and conditions from time to time, whenever necessary.
Should individual provisions of these conditions of participation be or become invalid, this shall not affect the validity of the remaining provisions. Any unenforceable provisions shall be replaced by ones which most closely approximate the economic meaning and intended economic purpose of the invalid or unenforceable provisions.
C. Additional contract conditions
§25. Additional contract conditions for order processing/order data processing (AV contract, ADV contract)
§ 25.1 Introduction, Scope, Definitions
1. These additional conditions substantiate the data protection obligations of the contractual parties resulting from the provisions of § 62 BDSG (Federal Data Protection Act) and § 28 DSGVO (GDPR). They are a supplement to the General Terms and Conditions of KONTENT GmbH, and are acknowledged by the Customer together with the General Terms and Conditions. They regulate the rights and obligations of the client (Customer) and the contractor (KONTENT) in the context of a processing of order related personal data.
2. These additional conditions apply to all contracts concluded with KONTENT GmbH.
3. These conditions apply to all activities in which the employees of the contractor or its commissioned subcontracting entities process personal data of the client.
4. The client is solely liable, within the meaning of provisions set forth in Art. 4 No. 7 of the DS-GVO (GDPR) for compliance with the statutory provisions of data protection laws, in particular for the lawfulness of data processing.
5. In these General Conditions the following terms shall have the meanings assigned to them in the EU General Data Protection Regulation. Insofar as statements have to be made "in writing", the written form is meant as according to the provisions set forth in Section § 126 BGB (Civil Code). Generally, statements may also be made in other forms insofar as adequate traceability is ensured.
6. The client issues all orders, partial orders or instructions in a documented form. In urgent cases, instructions can be given verbally. The client (Customer) will confirm such instructions without delay.


§ 25.2 Subject and duration of processing
1. The processing is based on a contract between the parties (hereinafter referred to as "the contract"). The duration of the processing depends on the duration of the contract.
2. The subject-matter, as well as the nature and purpose of the processing, is regulated in the contract. The object of the processing is not the intrinsic use or processing of personal data by the contractor. In the course of the fulfilment of the contract, however, access to the personal data stored by the client cannot be ruled out.


§ 25.3 Obligations on behalf of the contractor
1. The contractor processes personal data exclusively as contractually agreed or as instructed by the client unless the contractor is legally obliged to perform specific data processing. The contractor shall not use the data provided for processing for any other purpose, and in particular, shall not be used for commercial purposes.
2. The contractor confirms that it is aware of the pertinent general data protection regulations. The contractor observes the principles of proper data processing.
3. The contractor undertakes to strictly observe confidentiality during such data processing.
4. Persons who obtained access to personal data processed in the order must undertake in writing to maintain strict confidentiality, insofar as they are not already subject to a relevant secrecy obligation by law.
5. The contractor warrants that the persons involved in the processing have been made familiar with the relevant provisions of the general data protection regulations and of this current Agreement prior to the commencement of such data processing. The contractor shall ensure that persons employed for the processing of orders are regularly adequately instructed and monitored concerning the fulfilment of data protection requirements.
6. In the case of inspections carried out by the client or an inspector commissioned by the client, these shall be carried out after a prior notification, subject to a registration period of 3 weeks during regular business hours, and without disturbance to business processes. The contractor may not carry out the inspection before having the client signing a confidentiality agreement regarding the data of other customers and may make the inspection dependent on the technical and organisational measures set up. He may also demand compensation for the resulting expenses. The cost of an inspection is limited to 1 day per the calendar year.
7. Insofar as the contractor provides evidence of the proper implementation of the agreed data protection statutory requirements as provided for in § 25.4 (4) of this contract, verifications may be limited to random samples.
8. In the event that inspection by a data protection supervisory authority or another sovereign supervisory authority of the client carries out an inspection, paragraph 6 shall apply accordingly. A declaration of secrecy is not required if the supervisory authority is subject to legal compliance with professional secrecy, whereas any non-compliance is punishable under the applicable criminal code.
9. If the client is subject to inspection by pertinent supervisory authorities or other bodies, or if data subjects claim rights against them, the contractor undertakes to support the client to an appropriate extent as far as the processing on the order is concerned.
10. Information to third or other concerned parties may only be given by the contractor with the prior consent of the client. The contractor will thus forward immediately to the client any requests received.
11. In so far as legally required, the contractor will appoint a competent and reliable person as a data protection officer. It must be ensured that there are no conflicts of interest for the appointed data protection officer. In cases of doubt, the client can contact the data protection officer directly.
12. The contractor shall inform the client without delay if it becomes aware of violations of the protection of the client's personal data.


§ 25.4 Technical and organisational measures
1. The data security measures described in Attachment 1 are defined as binding. They define the minimum performance owed by the contractor.
2. The data security measures can be adapted to the technical and organisational development as long as the agreed level is not exceeded.
3. The contractor warrants that the data processed in the order will be strictly separated from other data. The contractor shall not retain or store any copies, duplicates, etc. without the knowledge of the client. Technically necessary and/or temporary duplications are excluded, as far as a deviation from the agreed conditions of data protection is excluded.
4. The contractor is liable to produce a proof of fulfilment of its obligations by periodically adapting and publishing the agreed technical and organisational measures on its www.kontent.com website. Such proof can also be provided by the means of approved codes of conduct or an approved certification procedure.
5. The contractor shall take the necessary measures to safeguard the data and to mitigate the possible adverse consequences affecting the data subjects.


§ 25.5 Rules for the correction, deletion and blocking of data
1. Data processed in the context of the order will be corrected, deleted or blocked by the contractor only in accordance with the existing valid provisions of the current contractual agreement or the instructions given by the client.
2. The contractor will comply with the client's instructions at any time. This also extends beyond the termination of this contract.
3. If an affected person turns to the contractor for rectification, deletion and blocking, the latter will forward the request to the client, where attributable. The contractor is not liable for the fulfilment of its obligations if its additional request is not answered by the client, or not correctly or not timely answered.
4. Data, data carriers as well as all other materials are either to be issued or deleted after the end of the order, at the request of the client.


§ 25.6 Subcontracting (subcontractors)
1. The client generally agrees to the involvement of third parties and affiliated companies for the fulfilment of the contract, especially for the maintenance of the technical and organisational business operation. (subcontractors)
2. The contractor carefully selects the subcontractors with special consideration given to the suitability of their technical and organisational capabilities.
3. The contractor publishes online a list of currently employed subcontractors. This is made available to the client in its online customer area, at www.kontent.com.
4. It is the contractor's responsibility to transfer the data protection obligations arising from this contract to its subcontractors.
5. The contractor is fully liable for its subcontractors.
6. Subcontracting is allowed, for the purposes of this contract, only for those services directly related to the provision of the main service. Additional services such as transport, maintenance and cleaning as well as the use of telecommunication services or user service are not included under the list of activities subject to allowable subcontracting. The obligation of the contractor to ensure full compliance with data protection and data security regulations in these cases remains unaffected.


§ 25.7 Rights and obligations of the client
1. The client is solely responsible for the assessment of the admissibility of the commissioned data processing as well as for the protection of the rights of concerned data subjects.
2. The client informs the contractor immediately if it detects errors or irregularities in the examination of the order results.


§ 25.8 Completion of the assignment
1. These terms of contract lose their validity upon the termination of the contract.
2. Documentations that serve as evidence of proper data processing must be retained by the contractor in accordance with the respective retention periods, even beyond the termination of the contract. The documentation may be transmitted to the client at the end of the contract.


§ 25.9 Liability
1. The client and the contractor are liable against the data subjects in accordance with the provisions set forth in Art. 82 DS-GVO (GDPR).


§ 25.10 Miscellaneous
1. Both parties are obliged to treat confidentially all under the contractual relationship obtained trade secrets and data security measures of the other contracting party, extending also beyond the termination of the contract. If there are any doubts as to whether the information is subject to confidentiality obligations, this information must be also treated as confidential until written approval by the other contracting party.
2. If the client's property under the care of the contractor is endangered by third-party measures (such as legal seizure or confiscation), insolvency or settlement proceedings, or other events, the contractor must immediately inform the client.
3. Ancillary agreements require the written form.
4. The right of retention in accordance with Section § 273 BGB (Civil Code) is excluded with regard to the data processed in the order and the associated data carriers.
5. If some particular dispositions or parts of this agreement should be declared null and void, this will not affect the remaining dispositions and the validity of the agreement.
Attachment 1 - Technical and Organisational Measures of KONTENT GmbH (Status: 18.05.2018)
§1. General
The client and the contractor (KONTENT GmbH), shall take into account the current technological level, the costs of its implementation, the nature, scope, circumstances and purposes of the data processing, and the likelihood and severity of the hazards involved in the data processing, aiming to best serve the legal interests of the data subjects, and to take appropriate technical and organizational measures to ensure that the level of protection afforded to personal data processing is adequate, in particular with regard to the processing of particular categories of personal data. The contractor only uses its own hardware located at its own computer centre and shall comply in every respect with the relevant technical guidelines and recommendations of the Federal Office for Information Security. KONTENT GmbH has taken the following measures, in this respect.
§2. Technically organisational measures according to Art. 32 DSGVO (GDPR)
The contractor has implemented appropriate confidentiality, integrity, availability and resilience measures as well as procedures for periodic review, assessment and evaluation. The measures are established in accordance with the IT security concept and are regularly reviewed by the IT security officer.

§2.1 Access control
The following are measures adopted by the contractor to prevent access by unauthorised persons to data processing centres:
  • Every external door is equipped with a manual and technical locking system (security locks) which is always locked;
  • All rooms are monitored and in the event of an alarm, the security service is informed;
  • The keys provided to the employees are given solely to registered users and the hands out of the keys is acknowledged;
  • Access is secured by physical (RFID chips and keys) and intellectual (PIN) identification features;
  • The access control system and the alarm system are both protected against power failure via UPS;
  • The security service constantly (24/7) monitors the access and reports access of unauthorised persons in the system;
  • Access to the Customer's own hardware is possible only by the Customer and the responsible personnel;
  • Visitors can only enter and move in the building accompanied by an employee;
  • Third-party personnel, especially contractors securing the cleaning and maintenance tasks, are carefully selected.


§2.2 Access control
The followings are measures adopted by the contractor to ensure that the persons entitled to use an automated processing system have access only to the personal data covered by their access authorisation and to prevent unwanted actions such as unauthorised activity in data processing systems, outside the scope of granted privileges:
  • The assigned access rights are based on the task-related and data protection requirements (need-to-know principle);
  • The password guidelines and password changes are specified according to the BSI recommendations;
  • All access operations to open and use applications, files and other data (input, modification and deletion) are logged for possible subsequent assessments;
  • The hardware and software of all technical systems is protected by a firewall;
  • The legal or regulatory obligation to retain data is fully observed;
  • A VPN-based technology (virtual private network) is used;
  • The data carriers are (as far as possible) encrypted.


§2.3 Access control
The following are measures adopted by the contractor to prevent the use of data processing systems by unauthorised persons:
  • Employees work exclusively with the personalised user profiles that require the entry of a password;
  • Guidelines for password creation, including specific requirements related to password length and its change are made according to the BSI recommendations;
  • There is a clear separation of productive and test infrastructure;
  • All access operations to open and use applications, files and other data (input, modification and deletion) are logged for possible subsequent assessments;
  • The hardware and software of all technical systems are, each, protected by a firewall;
  • The virus protection (anti-virus software) is regularly updated;
  • VPN-based technology (SSL/TLS encryption) is used for data communication and transmission.


§2.4 Separation control
The following are measures adopted by the contractor to ensure that personal data collected for different purposes can be processed separately:
  • A clear separation of customer access (logical separation through individual user profiles with password protection);
  • There is a clear separation of productive and test infrastructure;
  • There is separate processing of assigned data.


§2.5 Data integrity
The following are measures adopted by the contractor to ensure that stored personal data cannot be damaged by malfunctions of the system:
  • The operating systems and other software used will carry out all necessary updates;
  • When new software or hardware is introduced, test and release procedures are run through before green line for productive use;
  • All relevant systems are equipped with Raid controllers;
  • All incidents are reported by strict procedures and remedied on a timely basis;
  • There are dedicated backup and recovery concepts.
§2.6 Data input control
The following are measures adopted by the contractor to ensure that it is possible to retrospectively review and determine which personal data has been input or changed, at any time, and by whom, using automated processing systems:
  • All access operations to open and use applications, files and other data (input, modification and deletion) are logged for possible subsequent assessments.
§2.7 Data availability control
The following are measures adopted by the contractor to ensure that personal data are protected against destruction or loss:
  • There are dedicated backup and recovery concepts.
  • Data recoverability is regularly tested;
  • All relevant systems are equipped with Raid controllers;
  • there is a constant available uninterruptible power supply (UPS);
  • The rooms are compartmentalised as part of the built-in fire protection and each is equipped with fire protection equipment (fire and smoke alarm systems, fire extinguishers);
  • The air conditioners are always installed on a redundant basis, to maintain their functionality;
  • All incidents are reported by strict procedures and remedied on a timely basis;
  • There is 24/7 readiness of employees to rectify faults;
  • External and internal technical safety analyses are carried out;
  • the power supply is ensured by external systems designed redundantly throughout (emergency generators and UPS systems)
  • The flood and earthquake risks were identified and tested in accordance with DIN standards
§2.8 Data carriers control
The following are measures adopted by the contractor to prevent unauthorised reading, copying, alteration or deletion of data on the data carriers:
  • The data carriers are used (where possible) restrictively and encrypted;
  • The discarded media is stored in access controlled rooms. These are then deleted in compliance with data protection regulations.
  • All access operations to open and use applications, files and other data (input, modification and deletion) are logged for possible subsequent assessments.
§2.9 Storage control
  • The assigned access rights are based on the task-related and data protection requirements (need-to-know principle);
  • All access operations to open and use applications, files and other data (input, modification and deletion) are logged for possible subsequent assessments.
  • The data processing systems are password protected;
  • The password guidelines and password changes are specified according to the BSI recommendations;
§2.10 User control
The following are measures adopted by the contractor to prevent the use of automated processing systems using unauthorised data transmission facilities:
  • The remote access to the systems is secured by encrypted, passphrase and certificate-based access;
  • The assigned access rights are based on the task-related and data protection requirements (need-to-know principle);
  • All access operations to open and use applications, files and other data (input, modification and deletion) are logged for possible subsequent assessments.
  • The hardware and software of all technical systems are, each, protected by a firewall;
  • The virus protection (anti-virus software) is regularly updated;
§2.11 Data transmission control
The following are measures adopted by the contractor to ensure that it is possible to verify and ascertain to which sites have been or may be transmitted personal data by means of data transmission facilities:
  • VPN-based technology (SSL/TLS encryption) is used for data communication and transmission.
  • The transmission of e-mail messages and other information is (if possible) encrypted and pseudonymised;
  • The hardware and software of all technical systems are, each, protected by a firewall;
  • The virus protection (anti-virus software) is regularly updated;
§2.12 Transport control
The following are measures adopted by the contractor to ensure that the confidentiality and integrity of the data is protected in any personal data transmission and during the transport of data:
  • The selection of involved third parties is carefully carried out;
  • There are detailed contractual arrangements regulating the working relationship;
  • In the contract with third parties, effective control and/or access or cancellation rights is agreed;
  • There is a regular check carried out by the data protection officer;
  • VPN-based technology (SSL/TLS encryption) is used for data communication;
  • The transmission of e-mail messages and other information is (if possible) encrypted and pseudonymised;
  • During physical transport, the persons in charge and the vehicles used are carefully selected;
§2.13 Data recoverability
The following are measures adopted by the contractor to ensure that deployed systems can be restored in case of failure:
  • There are dedicated backup and recovery concepts.
  • Data recoverability is regularly tested;
  • All relevant systems are equipped with Raid controllers;
§2.14 Reliability
The following are measures adopted by the contractor to ensure that all functions of the system are available and any malfunction that occurs is timely reported:
  • All incidents are reported by strict procedures and remedied on a timely basis;
  • There is 24/7 readiness of employees to rectify faults;
  • External and internal technical safety analyses are carried out;
  • When new software or hardware is introduced, test and release procedures are run through before green line for productive use;
  • There is permanent monitoring of all systems with automatic triggering of emergency procedures.
§2.15 Order control
The following are measures adopted by the contractor to ensure that personal data processed on behalf of the contractor can only be processed in accordance with the instructions of the client:
  • The careful selection of third parties is made in cooperation with the appointed data protection officer;
  • There are detailed contractual arrangements regulating the working relationship;
  • In the contract with third parties, effective control and/or access or cancellation rights is agreed;
  • The appointed data protection officer regularly checks all processing procedures.
§2.16 Adaptation of the internal organisation to the special requirements of data protection
The contractor has complied with the following data protection standards:
  • Development of an IT security concept;
  • Production of internal data protection and security policies and work instructions;
  • Regular inspections carried out by the data protection officer;
  • Regular advice and warnings are issued to promote awareness of the problem;
  • Occasional and circumstantial unannounced control of compliance with privacy and data protection practices.
The contractor warrants that the provision of services will, in principle, be carried out in KONTENT GmbH company's own computer centre and compliant with German Data Protection Law. The service performance on behalf of the contractor is also based, as much as possible, on the requirements of the standards of ISO27001 Certification. Also, the contractor will adapt the processes to meet the requirements of ISO 20000. Moreover, the contractor has designed the operational performance components redundantly, according to the generally acknowledged rules of technology and latest technology developments.