Cloud Services & Software Subscription Agreement


These Cloud Services & Software Subscription Agreement ("Terms", "Agreement") are an agreement between vencortex UG ("vencortex UG", "us", "we" or "our") and you ("User", "you" or "your"). These Terms and an accepted Order are the Agreement between You and Us (vencortex UG).

The Agreement governs Your use of the Software and Support Services. We shall make the Software available to You as a Subscription in accordance with the applicable Order. The Subscription Fees cover the use of the Software (in accordance with the license granted herein) and the provision of Support Services, as further described in the Agreement. These Terms do not apply in respect of any additional services such as any installation, integration, parametrization and/or adaption services related to the Software. By signing an Order offered by Us, which references these Terms or by indicating Your acceptance through an “I accept” button or similar electronic acceptance method, You accept the Order and agree to be bound by the Agreement.

Last updated on April , 2023

Accounts and membership

You must be at least 18 years of age to use this Website. By using this Website and by agreeing to this Agreement you warrant and represent that you are at least 18 years of age. If you create an account on the Website, you are responsible for maintaining the security of your account and you are fully responsible for all activities that occur under the account and any other actions taken in connection with it. We may, but have no obligation to, monitor and review new accounts before you may sign in and use our Services. Providing false contact information of any kind may result in the termination of your account. You must immediately notify us of any unauthorized uses of your account or any other breaches of security. We will not be liable for any acts or omissions by you, including any damages of any kind incurred as a result of such acts or omissions. We may suspend, disable, or delete your account (or any part thereof) if we determine that you have violated any provision of this Agreement or that your conduct or content would tend to damage our reputation and goodwill. If we delete your account for the foregoing reasons, you may not re-register for our Services. We may block your email address and Internet protocol address to prevent further registration.

Delivery

Following Your acceptance of an Order, We shall make available to You the Software by the Order Date; and this shall be the date the Software is deemed delivered to You (“Delivery Date”). Alternatively, We may at Our discretion provide You access to the information using a different format, provided any such different format will not affect Your use of the Software.

In respect of new Releases, delivery shall be deemed completed on the date We make the applicable new Release available to You.

In the event of changes to the rights granted to You pursuant to an applicable order (e.g., an extension of the Subscription Term, additional metrics, etc.), We shall provide You with a new certificate and will deactivate Your previously issued access key.

Support Services

We provide Support Services as part of the Subscription and these Support Services are described in the Support Services Description which forms part of the Agreement.

We provide Support Services only for the most current Major Release of the Software. To ensure full use of the Support Services, You are advised to update and maintain Your Subscription to the latest Major Release.

Service Level Agreement

During the Subscription Term, We shall render all commercially reasonable efforts to meet the Service Level Agreement.

In the event, the Cloud Service Uptime falls below 95%

a) for four (4) consecutive calendar months; or

b) for five (5) calendar months during any twelve (12) calendar month period, as your sole and exclusive remedy, You shall have the right to terminate the affected Cloud Service by giving Us written notice within a period of thirty (30) days after such occurrence and vencortex® will refund to You any prepaid fees covering the remainder of the Term of the applicable Order Form. Your termination will become effective on the last day of the calendar month in which We have received Your notice.

General Provisions

We may subcontract all or part of the Services to a qualified third party. We may also at any time involve any of Our Affiliates and successors in business as subcontractors under this Agreement In such event, We will be liable for any such subcontractors used in the performance of Our obligations under the Agreement.

Assignment. Except as permitted herein, neither party may assign the Agreement, in whole or in part, without the prior written consent of the other, not to be unreasonably withheld. Any attempt by either party to assign or transfer the Agreement without the prior written consent of the other will be null and void. Notwithstanding the foregoing, We may at any time upon notice to You assign or otherwise transfer Our rights and obligations under the Agreement to any of Our Affiliates or successors in business.

The relationship between You and Us is that of independent contractors. The Agreement does not create a partnership, franchise, joint venture, agency, fiduciary, employment, or any such similar relationship between You and Us.

Subscription Rights and Scope

We are and remain exclusive owners of all rights (including without limitation the Proprietary Rights) in and to the Software, Machine Learning Models, and Documentation. You are granted a non-exclusive, non-transferable, revocable right to use the Software and Machine Learning Models for the Subscription Term for Your own and Your Affiliates’ internal purposes (which specifically excludes any analysis of third-party data and any use of the Software for other companies/organizations is prohibited). You are responsible for all acts and omissions in breach of the Agreement by any such Users and Affiliates and accordingly, You will ensure that all Users and all Affiliates are made aware of the terms of the Agreement applicable to Your use of Software.

Your Subscription shall be limited in accordance with the metrics in the applicable order. Definitions of the metrics are contained in the Metrics Definition, which is incorporated by reference.

Any additional copies of the Software and other materials We make available to You are only for Your internal backup or archiving purposes. You will treat the Software and provided materials as Confidential Information and shall undertake all required activities to ensure that no third party gains any access to the Software or provided materials.

You will not (i) copy, translate, or otherwise modify or produce derivative works of all or parts of the Software, it is understood that You will be entitled to copy the Documentation and materials accompanying the Software as is reasonably required for Your internal purposes; (ii) use the Software in breach of applicable laws or for any illegal activities, including without limitation to transfer data and information which is illegal or in breach of third-party Proprietary Rights; (iii) disassemble, reverse engineer, decompile, place at risk or circumvent the functionalities, performance, and/or the security of the Software; (iv) use all or any part of the Software in order to build a competitive and/or similar product or service; or (v) determine whether the Software is within the scope of any patent.

You will be liable to us for any damages incurred due to the unauthorized use of the Software, source code, or other materials provided by Us, including without limitation, any continued use of the Software outside the Subscription Term and any provision of the Software, source code, or other materials to unauthorized third parties.

We may audit Your use of the Software within the limitations of Your Subscription at Our own cost by providing You with seven (7) days prior written notice. We may ask a qualified third party, who will be obliged to maintain confidentiality, to perform the audit. You shall keep complete and accurate records to permit an accurate assessment of Your compliance with Your Subscription. You guarantee that all access rights, documents, information, materials, employees and other required information will promptly be made available to Us in advance and free of charge to allow Us to conduct the audit. If the audit reveals that You have used the Software beyond the scope of Your Subscription, You will pay all applicable Subscription Fees for such overuse in accordance with Our then-current price list together with Our costs associated with the audit, within thirty (30) days of Our notice. Our acceptance of any payment shall be without prejudice to any other rights or remedies We may have under these Terms, the Order, or applicable law.

Fees and Payment

We will invoice the Subscription Fees annually in advance. Unless agreed otherwise in the Order, all payments are due in full without deduction or set-off within 30 (thirty) days of the date of Our invoice.

Without prejudice to any other rights We may have, if We have not received payment for any overdue invoices, We may charge You interest at the rate of 1% per month or lesser if such amount is required by applicable law from time to time on any overdue sums from the due date until the date of receipt of payment by Us (inclusive).

The Subscription Fees are non-refundable and do not include taxes, and You are responsible for all taxes. If We are required to pay taxes based on the Software provided under these Terms, then such taxes shall be billed to and paid by You. If a deduction or withholding is required by law, You shall pay such additional amount and will ensure that the net amount received by Us equals the full amount which We would have received had the deduction or withholding not been required. This section shall not apply to taxes based on Our income.

We shall be entitled to adjust the Subscription Fees with effect from Your next Renewal Term. Where We increase the Subscription Fees, such an increase shall not exceed 50%.

Customer Data

You are responsible for the Customer Data and entering it into the Service. You grant to vencortex® a nonexclusive right to process Customer Data solely to provide the Service. vencortex® may use anonymous information relating to the use of the service to prepare analyses or train machine learning models. Analyses do not contain personal data nor Your Confidential Information in any identifiable format. Examples of analyses include optimizing systems and technical resources and support, research and development of machine learning models, verification of security and data integrity, internal demand planning, industry, and macroeconomic developments, and anonymous benchmarking with other customers. vencortex® may provide non-anonymous benchmarking services with Your prior written consent.

Security

You will maintain reasonable security standards when accessing and using the Service.

Access to Customer Data

  1. During the Subscription Term, You can access Your Customer Data at any time.
  2. Following the end of the Agreement, vencortex® will delete or overwrite the Customer Data remaining on servers hosting the Service unless applicable law requires retention. Retained data is subject to the confidentiality provisions of the Agreement.
  3. In the event of third-party legal proceedings relating to the Customer Data, vencortex® will cooperate with You and comply with applicable law (both at Your expense) with respect to the handling of the Customer Data.
  4. vencortex® may remain your Customer Data (excluding personal data) in an anonymized format to retrain machine learning models or anonymous benchmarking with other customers.

Term and Termination

Your Subscription commences on the effective date specified in the Order but in no event later than the Delivery Date. Your Subscription continues for the Initial Subscription Term and unless otherwise stated in the Order, the Initial Subscription Term of each Order is 12 months. Thereafter, it automatically renews for successive periods of 12 months (each a “Renewal Term”) unless a party gives 30 days’ prior written notice to the other party of its intention not to renew the Subscription. Unless otherwise agreed in the applicable Order, Your Subscription may only be terminated in accordance with the terms stated in this agreement.

Without prejudice to any other rights or remedies to which We or You may be entitled, either party may terminate an Order, Subscription, or this Agreement without liability to the other at any time with immediate effect upon written notice if the other party: an material breach of any of its obligations under the Agreement or an Order and, in the case of a breach which is capable of remedy, fails to remedy such breach within thirty (30) days of notice of the breach; or b voluntarily files a petition under bankruptcy or insolvency law; has a receiver or administrative receiver appointed over it or any of its assets; passes a resolution for winding-up) or a court of competent jurisdiction makes an order to that effect; becomes subject to an administration order; enters into any voluntary arrangement with its creditors; ceases or threaten to cease to carry on business, or is subject to any analogous event or proceeding in any applicable jurisdiction.

Termination of any Order shall have no effect on any other Order under this Agreement.

On termination of Your Subscription or this Agreement for any reason, You shall cease use of the Software and copies thereof and, at Your choice, either (i) delete them from all Your equipment and storage media and certify to Us in writing that you have done so; or (ii) return these items to Us.

Limited Warranties

Subject to limitations in this section, We warrant that the Software and any Releases shall substantially perform as specified in the Documentation during the Subscription Term when used in accordance with the terms of the Agreement. Support Services will be rendered with due care, skill and ability, and in accordance with the recognized standard of good practice.

We do not warrant any specifications other than those set out in the Documentation, including without limitation statements made in presentations of the Software, Our public statements, or advertising campaigns. Any warranty other than the limited warranty set out must be made in writing and confirmed by Us. You acknowledge and are aware that, in accordance with the current state of technology, the Software can never be fully error-free, or operate entirely without interruption.

We particularly do not warrant:

  1. against problems caused by Your use of the Software with any third-party software, misuse, improper testing, unauthorized attempts to repair, modifications or customizations to the Software by You or any other cause beyond the range of the intended use of the Software;
  2. against any Malware, data breaches, and data losses which could not have been avoided by adequate, state-of-the-art security in accordance with Our then-current security practices; or
  3. hat the Software will achieve Your intended results, nor that the Software has been developed to meet Your individual requirements.

During the Subscription Term, if the Software does not conform with the warranty provided in this statement, We will at Our expense correct any such non-conformance or provide You with an alternative means of accomplishing the desired performance. If We cannot reasonably make such correction or substitution, then We may, in Our sole discretion, refund You any prepaid fees covering the remainder of the Subscription Term for the affected Software and terminate Your use of the affected Software for which You have received the refund. Such correction, substitution, or refund constitutes Your sole and exclusive remedy, and Our sole and exclusive liability for any breach of the warranty.

Warranty claims asserted under one order shall have no effect on any other Orders or other contracts that are in place between You and Us.

To the maximum extent permitted by applicable law, the warranties and remedies provided in this section are exclusive and in lieu of all other warranties, express, implied or statutory, including warranties of merchantability, accuracy, correspondence with description, fitness for a purpose, satisfactory quality and non-infringement, all of which are, to the maximum extent permitted by applicable law, expressly disclaimed by Us, Our Affiliates, subcontractors and suppliers.

You agree that Your purchase of the Software is not contingent on the delivery of any future functionality or features, or dependent on any oral or written public comments, statements or representations We made regarding future functionality or features.

Intellectual Property Indemnity

We undertake at Our own expense to defend You or, at Our option, to settle any third-party claim or action brought against You alleging that Your use of the Software (or any part thereof) in accordance with the terms of the Agreement infringes the Proprietary Rights of a third party in the Territory (“Infringement Claim”) and shall be responsible for any damages awarded against You or agreed upon in settlement by Us as a result of or in connection with any such Infringement Claim.

In the event of an Infringement Claim, We shall, at Our sole option and expense, (i) modify the infringing Software so that they cease to be infringing without loss of substantial functionality; (ii) replace the infringing portion of the Software with non-infringing software; or (iii) procure a license to enable You to legally continue using the Software

If We do not provide You with one of the options above, We may, at Our sole discretion, terminate Your Order for the affected Software with immediate effect and reimburse You any prepaid Fees covering the remainder of the Subscription Term and either take back the infringing Software to the extent possible or require You to remove or delete it.

We shall only be liable for any Infringement Claim, provided You:

a) provide Us with prompt written notice of the Infringement Claim;

b) do not enter into any settlement of the Infringement Claim without Our prior written consent, and do not undertake any

other action in response to an Infringement Claim that is prejudicial to Our rights;

c) permit Us to exclusively control the defense, negotiations, and any settlement of the Infringement Claim;

d) provide Us with reasonable information and assistance for the Infringement Claim; and

e) use all commercially reasonable efforts to mitigate against any of Your losses, damages or costs related to the

Infringement Claim.

We shall not be liable to You for Infringement Claims where the infringement is caused by:

a) unauthorized changes You have made or that have been made on Your behalf to the Software or output thereof; or

b) Your use of the Software or output thereof outside the scope of the Agreement, Your Subscription, the applicable Order or the materials accompanying the Software.

This Section constitutes Your exclusive remedy and Our entire liability with respect to Infringement Claims.

Limitation of Liability

Our aggregate liability to You for or in respect of any loss or damage suffered by You under or in connection with the Agreement (whether due to breach of contract, tort (including negligence) or otherwise) shall be limited to the total amount of Subscription Fees payable in the twelve (12) months preceding the date of the event for which the liability arises.

To the maximum extent permitted by applicable law, in no event will We be liable for special, consequential, incidental, or other indirect damages, including, but not limited to, loss of profits, anticipated savings, business opportunity, goodwill, loss of revenue, or costs of procurement of substitute goods or services arising out of the Agreement, however, caused and under any theory of liability (including contract, tort, negligence or otherwise), including any force majeure event, even if You have been advised of the possibility of such damages.

We both acknowledge that the Fees are based in part on the limitations in this section.

The limitations in this section shall not apply to Our IP indemnification obligations; liability for death or personal injury caused by Our negligence or that of Our officers, employees, contractors, or agents; fraud or fraudulent misrepresentation; or any other liability which cannot be limited or excluded by applicable law.

You acknowledge and agree that You shall be responsible for producing back-ups of your Data.

Confidentiality

Each party retains all rights in its Confidential Information. Both parties undertake to treat as confidential all the other party’s Confidential Information acquired before and in connection with the performance of the Agreement and to use such Confidential Information only to perform the Agreement. Confidential Information shall not be reproduced in any form except as required to accomplish the intent of the Agreement. Any reproduction of Confidential Information of the other party shall contain any and all confidential or proprietary notices or legends that appear on the original. With respect to the Confidential Information of the other party, each party: (a) shall take all those steps the receiving party takes to protect its own similar proprietary and Confidential Information, which shall not be less than a reasonable standard of care to keep all Confidential Information strictly confidential; and (b) shall not disclose any Confidential Information of the other to any person other than those Representatives whose access is necessary to enable it to perform the Agreement and who are obliged to maintain confidentiality to a similar extent as provided herein. Each party will be responsible for its Representatives’ compliance with the provisions of this Section.

A party that becomes aware of a suspected or actual breach of confidentiality, misuse, or unauthorized dissemination relating to the other party’s Confidential Information shall inform the other party in writing without undue delay.

Confidentially shall not apply to any Confidential Information that: (a) is independently developed by the receiving party without reference to the disclosing party’s Confidential Information, (b) is lawfully received free of restriction from a third-party having the right to furnish such Confidential Information; (c) has become generally available to the public without a contractual breach by the receiving party; (d) at the time of disclosure, was known to the receiving party free of restriction; (e) the disclosing party has agreed in writing to be free of such restrictions; or (f) has to be disclosed pursuant to statutory law or court, administrative or governmental order. In such event, the receiving party shall inform the disclosing party of the applicable provision or order without undue delay, to the extent legally possible, in order to enable the disclosing party to seek legal protection or otherwise prevent or limit disclosure of the Confidential Information.

The obligations in this Section shall apply for a period of 5 (five) years from first disclosure of the Confidential Information.

Marketing usage agreement

By accepting this agreement, You allow Us to use the name and logo of the company for marketing purposes, such as a testimonial on our website.

Such marketing purposes should not violate any confidentiality terms set in the previous paragraph.

Feedback

You may, at Your sole discretion, provide Your input regarding the Software, products, services, business, or technology plans, including, without limitation, comments or suggestions regarding the possible creation, modification, correction, improvement or enhancement of the Software, products and/or services, or input as to whether You believe Our development direction is consistent with Your own business and IT needs (collectively “Feedback”). We shall be entitled to use Feedback for any purpose without notice, restriction, or remuneration of any kind to You and/or Your Representatives.

You acknowledge that any information that We may disclose to You related to the Software, Our other products, services, business or technology plans, under an Order or otherwise, is only intended as a discussion of possible strategies, developments, and functionalities of Our products or services and is not intended to be binding on Us regarding any particular course of business, product strategy, and/or development.

Annex A - Definitions

1. “Affiliate”: any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity but only for so long as the control exists. "Control," for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

2. “Agreement”: the applicable Order and these Terms.

3. “Confidential Information”: any information disclosed to a party by the other party concerning the business and/or affairs of the other party, including but not limited to information relating to a party's operations, technical or commercial know-how, specifications, inventions, processes or initiatives, plans, product information, pricing information, know-how, designs, trade secrets, software, documents, data and information which, when provided by one party to the other: a) are clearly identified as “Confidential” or “Proprietary” or are marked with a similar legend; b) are disclosed orally or visually, identified as Confidential Information at the time of disclosure and confirmed as Confidential Information in writing within 10 (ten) days; or c) a reasonable person would understand to be confidential or proprietary at the time of disclosure.

4. “Customer Data”: the data and information provided by You to Us through Your use of the Software.

5. “Data Protection Laws”: all laws, rules, regulations, decrees, or other enactments, orders, mandates, or resolutions relating to privacy, data security, and/or data protection, and any implementing, derivative, or related legislation, rule, and regulation as amended, extended, repealed and replaced, or re-enacted, as well as any applicable industry self-regulatory programs related to the collection, use, disclosure, and security of Personal Information including the EU General Data Protection Legislation (Regulation (EU) 2016/679 of the European Parliament (GDPR).

6. “Documentation”: the product description of the applicable Software, as made available by Us on the vencortex® website (currently under https://vencortex.io/terms-and-conditions).

7. “Fees”: the fees payable by You for the Subscription as set out in an Order.

8. “Force Majeure Event”: acts, events, omissions, or accidents beyond Our reasonable control, including, without limitation, strikes, industrial disputes, failure of a utility service or transport network, acts of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of machinery, the act of terror, Internet service provider failure or delay, denial of service attack, fire, flood or storm.

9. “Initial Subscription Term”: the initial term of Your Subscription as agreed in the Order, which commences on the date of acceptance of the Order or as otherwise agreed to by the parties.

10. “Major Release”: a Release of the Software that is designated by Us as such in accordance with our then-current naming convention (e.g., Major Release 3 → Major Release 4).

11. “Malware”: anything or device (including any software, code, file, or program) which may prevent, impair or otherwise adversely affect the access to or operation, reliability or user experience of any computer software, hardware, or network, telecommunications service, equipment or network or any other service or device, including worms, trojan horses, viruses and other similar things or devices.

12. “Metrics Definition”: the then-current document(s) made available by Us as “vencortex®  Definition license scope/subscription scope” on the vencortex®  website (currently under https://www.vencortex.io/terms-and-conditions) describing the then- currently available licensing and subscription metrics for the Software.

13. “Minor Release”: a Release of the Software within a given Major Release that We designate through a respective change in numbering in accordance with our then-current naming convention (e.g., Release 4.2 → Release 4.3).

14. “Order”: an order entered into between You and Us specifying the Subscription You have ordered, and the Fees owed thereunder, and such other terms as are agreed, including any addenda and supplements thereto.

15. “Personal Data”: any data and information relating to an identified or identifiable living individual person as defined under applicable Data Protection Laws.

16. “Proprietary Rights”: rights in patents, utility models, trademarks, service marks, trade names, other trade-identifying symbols and inventions, copyrights, design rights, database rights, rights in know-how, trade secrets, and any other intellectual property rights, anywhere in the world, whether registered or unregistered and including applications for the grant of any such rights.

17. “Release”: any new Major Release, Minor Release, bug-fix or patch We make available to You for Your Subscription.

18. “Renewal Term”: has the meaning set out in Section 8.1.

19. “Representatives”: of a party are it and its Affiliates’ employees, directors, advisers and subcontractors.

20. “Software”: the vencortex®  standard software made available to You pursuant to an Order. The software includes Releases but does not include any modifications or add-ons to the Software.

21. “Subscription”: the subscriptions You purchase under an Order for Your use of to the Software and Support Services in accordance with the Agreement.

22. “Subscription Fees”: the Fees payable for the Software as set out in an Order.

23. “Subscription Term”: the Initial Subscription Term and any subsequent Renewal Terms as set out in an Order.

24. “Service Level Agreement” or “SLA”: the service levels for the Cloud Service as set out in the then-current document(s) made available by Us as “Service Level Agreement for vencortex® Software-as-a-Service Offerings” on the vencortex® website

25. “Support Services”: the support services, as described in the Support Services Description, that We provide to You with respect of the Software.

26. “Support Services Description”: the then-current documents describing in more detail the Support Services and made available by Us on the vencortex®  website (currently under https://www.vencortex.io/terms-and-conditions).

27. “Taxes”: any applicable sales, use, value-added, duties, assessments, excise, withholding, or other taxes assessable by any jurisdiction whatsoever based on the applicable Order Form.

28. “Terms”: this vencortex®  Software Subscription Agreement.

29. “Territory”: the country of Your registered business seat as defined in the Order and the European Economic Area.

30. “User”: those employees, agents and independent contractors of Yours or Your Affiliates who are authorized by You to use the

Software in accordance with the Agreement, and to whom You have supplied a user identification and password (if applicable).

31. “We,” “Us”, “Our” or “vencortex® ”: vencortex  UG, Universitätsplatz 12, 34127 Kassel, Germany.

32. “You” or “Your”: the company or other legal entity specified in an applicable Order for which You are accepting an Order

Annex B - Data Processing Agreement

This Data Processing Agreement including its Exhibit (the “DPA”) details the parties’ obligations on the protection of Personal Data associated with Our processing of Your Personal Data within the scope of the applicable Order or any agreement between You and vencortex®  (hereinafter, the “Agreement”).

1. Processing of Personal Data

1.1. With regard to the Processing of Personal Data, You are the controller and determine the purposes and means of Processing of Personal Data You provide to Us in the course of Us (“Controller”) and You appoint Us as a processor (“Processor”) to process such Personal Data (hereinafter, “Data”) on Your behalf (hereinafter, “Processing”).

1.2. The details of type and purpose of Processing are defined in the Exhibit attached hereto. Except where the DPA stipulates obligations beyond the Term of the Agreement, the duration of this DPA shall be the same as the Agreement Term.

1.3. You shall be solely responsible for compliance with Your obligations under the applicable Data Protection Laws, including, but not limited to, the lawful disclosure and transfer of Personal Data to Us.

1.4. Processing shall include all activities detailed in this Agreement and the instructions issued by You. You may, in writing, modify, amend, or replace such instructions by issuing such further instructions to the point of contact designated by Us. Instructions not foreseen in or covered by the Agreement shall be treated as requests for changes. You shall, without undue delay, confirm in writing any instruction issued orally. Where We believe that an instruction would be in breach of applicable law, We shall notify You of such belief without undue delay. We shall be entitled to suspend performance on such instruction until You confirm or modify such instruction.

1.5. We shall ensure that all personnel involved in Processing of Personal Data and other such persons as may be involved in Processing shall only do so within the scope of the instructions. We shall ensure that any person Processing Personal Data is subject to confidentiality obligations similar to the confidentiality terms of the Agreement. All such confidentiality obligations shall survive the termination or expiration of such Processing.

2. Data Security

2.1. We shall implement technical and organizational measures and safeguards that ensure the adequate protection of Personal Data, confidentiality, integrity, availability and resilience of processing systems and services and shall implement a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing. It shall be Your responsibility to familiarize Yourself with these measures and to assess whether they ensure a level of security appropriate to the risk.

2.3. We reserve the right to modify the measures and safeguards implemented, provided, however, that the level of security shall not materially decrease during a Subscription Term.

3. Incident Management

3.1. We shall notify You without undue delay after We become aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, stored or otherwise processed by Us or Our sub-processors of which We become aware (“Security Incident”).

3.2. We shall use the best efforts to identify the cause of such a Security Incident and take the measures We deem necessary and within Our control for remediating and securing Personal Data; We shall coordinate such efforts with You without undue delay.

4. Our Obligations

4.1. We shall notify You of any issues related to data protection arising out of or in connection with the Agreement. The Exhibit provides for a list of the initially designated persons.

4.2. We shall correct or erase Personal Data if instructed by You and were covered by the scope of the instructions permissible. Where an erasure, consistent with data protection requirements, or a corresponding restriction of processing is impossible, We shall based on Your instructions, and unless agreed upon differently in the Agreement, destroy, in compliance with data protection requirements, all data or return the same to You.

4.3. In specific cases designated by You, such Personal Data shall be stored or handed over. The associated cost for doing so and protective measures to put in place shall be agreed upon separately unless already agreed upon in the Agreement.

4.4. We shall, upon the termination of Processing and upon Your instruction, return all Data, carrier media, and other materials to You or delete the same.

4.5. Where a data subject asserts any claims against You in accordance with Article 82 of the GDPR, We shall, where possible, support You in defending against such claims, at Your cost.

5. Your Obligations

5.1. You shall notify Us without undue delay, and comprehensively, of any defect or irregularity with regard to provisions on data protection detected by You in the results of Our work.

5.2. Where a data subject asserts any claims against Us in accordance with Article 82 of the GDPR, You shall, where possible, support Us in defending against such claims, at Our cost.

5.3. You shall notify Our point of contact of any issues related to data protection arising out of or in connection with the Agreement.

6. Data Subjects Rights

6.1. Where a data subject asserts claims for rectification, erasure, or access to Us, and where We are able to correlate the data subject to You, based on the information provided by the data subject, We shall refer such data subject to You without undue delay. We shall support You, where possible, and based upon Your instruction insofar as agreed upon. We shall not be liable in cases where You fail to respond to the data subject’s request completely, correctly, or in a timely manner.

6.2. We shall support You, insofar as is agreed upon by the parties, and where possible for Us, in fulfilling data subjects’ requests and claims, as detailed in Chapter III of the GDPR and in fulfilling the obligations enumerated in Articles 33 to 36 GDPR.

7. Options for Documentation

7.1. We shall document and upon request provide such documentation Our compliance with the obligations agreed upon in this DPA by appropriate measures.

7.2. If You require an audit of our compliance under this DPA, such audits and inspections will be conducted within 30 days prior written notice, at most once per calendar year, during regular business hours, without interfering with Our operations, and subject to the execution of confidentiality agreement. We shall be entitled to reject auditors that are competitors of Ours. You hereby consent to the appointment of an independent external auditor by Us, provided that We provide a copy of the audit report to You.

7.3. We shall be entitled to request from You a reimbursement of costs for Our support in conducting audits where such costs have been agreed upon in the Agreement or otherwise in writing by the parties.

7.4. Where data protection or other applicable supervisory authority conducts an audit, para. 2 above shall apply mutatis mutandis. The execution of a confidentiality agreement shall not be required if such supervisory authority is subject to professional or statutory confidentiality obligations, whose breach is sanctionable under the applicable criminal code.

8. Sub-processing

8.1. We shall not sub-process any of Our obligations under this Agreement except as set forth in this DPA.

8.2. You hereby consent to Our use of the sub-processors listed in the Exhibit to this DPA in connection with the performance of the Agreement. We shall, prior to the use of further sub-processors, obtain Your prior approval, such approval is not to be withheld except for important reasons related to compliance with Data Protection Laws.

8.3. We shall conclude, with such sub-processors, contractual terms necessary to ensure an appropriate level of data protection and information security.

8.4. We will be liable for the acts and omissions of Our sub-processors to the same extent We would be liable if we were performing the services for each sub-processor directly under the terms of this DPA, except as otherwise set forth in the Agreement.

8.5. You acknowledge and agree that We and Our permitted sub-processors may engage further sub-processors in connection with the provision of the services. In such case, We or the respective sub-processor will enter into a written agreement with each sub-processor containing data protection obligations not less protective than those in this Agreement with respect to the protection of Personal Data to the extent applicable to the nature of the services provided by such sub-processor.

9. Liability

The Limitation of Liability Section of the Terms shall apply except as explicitly agreed otherwise in this DPA.

10. International Transfers

We will only transfer Personal Data outside the European Economic Area where We have complied with Our obligations under applicable Data Protection Laws in ensuring adequate safeguards in relation to such transfer.

11. Data Protection Officer of the Processor

Dr. Nikolaus Lipusch; +49 561 87948036; gdpr@vencortex.io

12. Contact for the Processor

Dr. Idan Shilon; +49 561 87948038; data@vencortex.io

13. Permitted Sub-processors

Processor may use the following sub-processors (based on the respective processing according to the relevant Order):

Amazon Web Services Inc., Frankfurt, Germany - GPU processing of data provided by the Controller

Auth0® Inc., Bellevue, United States - Authetication of user and processing of data provided by the Controller

Pendo.io, Inc., 150 Fayetteville Street, Suite 1400 Raleigh, NC 27601, USA - User tracking and onboarding

Stripe, Inc., 510 Townsend Street, San Francisco, CA 94103, USA - Payment service and verification of customer payment information

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

Functional Software Inc. (dba Sentry), 132 Hawthorne Street, San Francisco, CA 94107, USA

Acceptance of these terms

You acknowledge that you have read this Agreement and agree to all its terms and conditions. By using the Website or its Services you agree to be bound by this Agreement. If you do not agree to abide by the terms of this Agreement, you are not authorized to use or access the Website and its Services.

Contacting us

If you have any questions about this Policy, please contact us.


vencortex UG
Fuenffensterstrasse 2
34117 Kassel, Germany


Phone: +49 176 4345 1508
E-Mail: info@vencortex.io

Registergericht: AG Kassel
Registernummer: HRB 17835
CEO: Dr. Dominik Dellermann
Data Protection Officer (DPO): Dr. Nikolaus Lipusch
VAT-ID: DE323639835
Sitz der Gesellschaft: Kassel, Germany