FunnelBridge

Terms & Conditions

These general terms and conditions set out the contractual conditions between
Ruhr Solutions UG (haftungsbeschränkt)
hereinafter referred to as ‘provider’

and the subscriber of the software hereinafter referred to as ‘customer’

the agreement is regulated as part of the provision of the ‘FunnelBridge’ software.

A contract in accordance with these terms and conditions is created as soon as the customer subscribes to a plan in the FunnelBridge customer portal or signs an order form from the provider.

§1 Object of the contract

1.1 These contractual terms apply to the use of the provider's software as Software as a Service (‘SaaS’) or cloud offering.

1.2 The software is operated by the provider as a SaaS or cloud solution. The customer is enabled to use the software stored and running on the servers of the provider or a service provider commissioned by the provider via an Internet connection for its own purposes during the term of this contract and to store and process its data with its help.

1.3 These contractual terms and conditions apply exclusively. The customer's contractual terms and conditions shall not apply. Counter-confirmations by the customer with reference to his own terms and conditions are expressly rejected.

§2 Type and scope of service

2.1 The provider shall make the software available to the customer for use in the agreed version at the router exit of the data centre in which the server with the software is located (‘transfer point’). The software, the computing power required for use and the required storage and data processing space shall be provided by the Provider. The provider is not responsible for establishing and maintaining the data connection between the customer's IT systems and the described transfer point.

2.2 The provider reserves the right to impose reasonable restrictions on the use and storage of the Services in order to ensure the stability, legality, availability, scalability, usability, efficiency and responsiveness of the services that the provider provides to the customer and other customers of the provider. The provider shall inform the customer appropriately and in good time prior to the introduction of these restrictions.

2.3 The customer is responsible for procuring and maintaining any equipment or ancillary services necessary for the subscriber and end users to connect to and use the services, including modems, hardware, software, and remote or local telephone service. The customer is responsible for ensuring that such equipment or ancillary services are compatible with the services.

2.4 In accordance with Article 2.2, the provider reserves the right to set appropriate usage limits in the form of AI Credits as part of the services. These AI credits define the maximum volume of data that can be processed per customer by the provider's artificial intelligence within a month. The number of AI credits used per conversation varies depending on the number of messages in the conversation. When selecting a subscription plan, the customer is informed of the number of AI credits allocated and how many conversations these credits are expected to be sufficient for. It should be noted that the values given for the expected possible conversations are exemplary and are based on typical usage, but do not constitute a guarantee for the customer's individual usage situation. The provider will inform the customer appropriately and in good time of any adjustments to the AI credit restrictions.

§3 Availability of the software

3.1 The provider draws the customer's attention to the fact that restrictions or impairments to the services provided may arise that are beyond the provider's control. This includes, in particular, actions by third parties who are not acting on behalf of the provider, technical conditions of the Internet that cannot be influenced by the provider and force majeure. The hardware, software and technical infrastructure used by the customer may also have an influence on the provider's services. Insofar as such circumstances have an influence on the availability or functionality of the service provided by the provider, this has no effect on the contractual conformity of the services provided.

3.2 The full functionality of the software is dependent on external services that are not the subject of this contract. The provider shall ensure that the software is adapted to updates of the external services within a commercially reasonable time. The provider is not liable for software failures caused by failures or unannounced changes in external services. External services include in particular:

3.3 The customer is obliged to notify the provider of any functional failures, malfunctions or impairments of the software immediately and as precisely as possible in accordance with the agreements in the order form.

§4 Rights to data processing, data backup

4.1 The provider complies with the statutory data protection regulations.

4.2The customer grants the provider the right to reproduce the data to be stored by the provider for the customer for the purposes of executing the contract, insofar as this is necessary for the provision of the services owed under this contract. The provider is also entitled to store the data in a failure system or separate failure computer centre. The provider is also authorised to make changes to the structure of the data or the data format in order to rectify faults.

4.3 The provider regularly backs up the customer's data on the server for which the provider is responsible to an external backup server.

4.4 By subscribing, the customer authorises the provider to process personal data on IT systems for which the provider is technically responsible. The exact agreements for this commissioned data processing can be found in the Data Processing Addendum.

§5 Support

5.1 A support case exists if the software does not fulfil the contractual functions in accordance with the description of the subscribed plan. The type and nature of the error message depends on the order form, as does the scope of the support services.

5.2 If the customer reports a support case, he must provide as detailed a description as possible of the respective malfunction in order to enable the most efficient troubleshooting possible.

§6 Payment

6.1 A valid credit card is required for the payment of fees, unless the provider has expressly agreed otherwise or other payment methods are expressly offered by the provider for certain fees. The provider may automatically charge the credit cards entered in the SaaS for services. Unless otherwise specified by provider in the order form, all fees for a subscription may be billed in full and are due thirty (30) calendar days prior to each subscription period or, if fees cannot be reasonably determined at that time, at such time as fees can be reasonably determined. Fees for all services other than subscriptions will be charged and due immediately when the order is finalised.

6.2 If the customer delays payment of a due fee by more than four weeks, the provider is entitled to block access to the software after a prior reminder with a deadline and expiry of the deadline. The Provider's claim to remuneration shall remain unaffected by the blocking. Access to the software shall be reactivated immediately after payment of the arrears. The right to block access also exists as a milder means if the provider has a right to extraordinary cancellation in accordance with clause 11.2.

6.3 At the end of the initial term, the provider may adjust the prices as well as the rates for an agreed remuneration according to the general price development in accordance with the order form. If the fee increase is more than 5%, the customer may terminate the contractual relationship at the end of the current contract month.

§7 Obligations of the customer to cooperate

7.1 The customer shall support the provider in the provision of the contractual services to a reasonable extent.

7.2 The customer is responsible for the proper and regular backup of his data. This also applies to documents provided to the provider in the course of contract processing.

7.3 The customer must keep the access data provided to him secret and ensure that any employees who are provided with access data do the same. The provider's service may not be made available to third parties unless this has been expressly agreed by the parties.

§8 Guarantee

In principle, the statutory warranty provisions apply. §§ 536b (knowledge of the tenant of the defect upon conclusion of the contract or acceptance), 536c (defects occurring during the rental period; notification of defects by the tenant) BGB apply. However, the application of § 536a (2) (Tenant's right to rectify defects himself) is excluded. The application of § 536a (1) BGB (landlord's liability for damages) is also excluded.

§9 Liability and compensation

9.1 If damage to the customer results from the loss of data, the provider shall not be liable for this if the damage could have been avoided if the customer had regularly and completely backed up all relevant data. The customer shall carry out a regular and complete data backup himself or have it carried out by a third party and is solely responsible for this.

9.2 The customer shall not be liable for any damage to the provider resulting from the contractual use of the software.

9.3 Otherwise, liability for damages - regardless of the legal grounds - is excluded.

§10 Customer data and indemnification from third-party claims

10.1 As a technical service provider, the provider stores content and data for the customer, which the customer enters and stores when using the software and makes available for retrieval. The customer undertakes vis-à-vis the provider not to upload any content and data that is punishable by law or otherwise illegal in absolute terms or in relation to individual third parties and not to use any programmes containing viruses or other malware in connection with the software. The customer remains the responsible party with regard to personal data and must therefore always check whether the processing of such data via the use of the software is covered by the relevant authorisation conditions.

10.2 The customer is solely responsible for all content used and data processed as well as any legal positions required for this. The provider does not take any notice of the customer's content and does not check the content used by the customer with the software.

10.3 In this context, the customer undertakes to indemnify the provider against any liability and any costs, including possible and actual costs of legal proceedings, if claims are asserted against the provider by third parties, including employees of the customer personally, as a result of alleged acts or omissions by the customer. The Provider shall inform the Customer of the claim and, insofar as this is legally possible, give the Customer the opportunity to defend against the asserted claim. At the same time, the customer shall immediately provide the provider with all available information about the facts that are the subject of the claim.

10.4 Any further claims for damages on the part of the provider remain unaffected.

§11 Contract term and termination of the contract

11.1 Subscriptions are concluded by default for annual subscription terms and are renewed for the duration of the previous subscription period, unless expressly stated otherwise in the contract. Subscriptions are automatically renewed unless either party cancels by giving 30 (thirty) calendar days' notice of non-renewal. A notice of non-renewal given by the Subscriber will not affect renewals to which the subscriber has already committed. Subscription renewal fees are calculated on the basis of fees excluding discounts.

11.2 Both parties reserve the right to extraordinary cancellation for good cause if the legal requirements are met. Good cause for the provider shall be deemed to exist in particular if the customer is more than two months in arrears with the payment of a due remuneration despite a reminder. If the customer is responsible for the reason for termination, the customer shall be obliged to pay the provider the agreed remuneration less any expenses saved by the provider up to the earliest date on which the contract would end in the event of ordinary termination.

11.3 Cancellations can be made electronically via a portal provided by the provider.

§12 Transfer of rights and obligations

The assignment of rights and obligations arising from this contract is only permitted with the prior written consent of the provider. The provider is entitled to entrust third parties with the fulfilment of the obligations arising from this contract.

§13 Sonstiges

13.1 This agreement and its amendments as well as all contract-relevant declarations, notification and documentation obligations must be made in writing, unless another form has been agreed or is required by law.

13.2 The contract is subject to the law of the Federal Republic of Germany to the exclusion of the United Nations Convention on Contracts for the International Sale of Goods. The place of jurisdiction is the registered office of the supplier if the customer is a merchant, a legal entity under public law or a special fund under public law.

13.3 Should individual provisions of this agreement be invalid, this shall not affect the validity of the remaining provisions. In this case, the parties shall co-operate in order to replace invalid provisions with provisions that correspond as closely as possible to the invalid provisions.

Data Processing Addendum (DPA)

1. General information

1.1 This DPA is an addendum to the terms and applies only to the processing of personal data by the provider as processor on behalf of the customer as controller in accordance with appendix 1 of the DPA. This DPA amends and supplements the Terms. This DPA may be amended by the provider on the same terms and conditions that apply to amendments to the terms.

1.2 The following documents form an integral part of this DPA: (i) this document and (ii) any document attached to this DPA that is labelled as a ‘DPA Annex’. Any reference to the DPA shall be deemed to be a reference to these documents. ‍

1.3 In the event of any conflict between the provisions of this DPA and the conditions, the provisions of this DPA shall prevail, unless expressly stated otherwise in this DPA.

1.4 For the avoidance of doubt, this DPA applies to any processing of personal data by the provider as processor on behalf of the customer as controller in the context of the contractual services, unless the parties have expressly made other contractual arrangements in relation to the said processing of personal data.

2. Processing of personal data

2.1 The provider shall process personal data provided through the use of the services on behalf of the customer in accordance with the customer's instructions and as set out in appendix 1 of the DPA. The details of the processing of Personal Data are set out in appendix 1 of the DPA.

2.2 The customer shall ensure that the Provider can lawfully process the personal data on behalf of the customer in accordance with this DPA for the fulfilment of the contract. Where required by applicable data protection legislation, the customer shall ensure that the data subjects have given their consent to the processing and have been informed thereof.

2.3 The customer's instructions for the processing of personal data must comply with the applicable data protection legislation. If the provider is of the opinion that an instruction of the customer violates the applicable data protection legislation, the provider shall inform the customer immediately. The provider is authorised to suspend the execution of this instruction until the customer confirms or changes this instruction. The provider is not obliged to actively investigate whether the customer's instructions comply with the applicable data protection legislation.

2.4 The provider may be legally obliged under applicable laws and regulations to disclose personal data that it processes to third parties, such as public authorities. If this is the case, the customer will be informed by the provider insofar as this is permitted under the applicable laws and regulations.

3. Security and confidentiality

3.1 The provider shall take and maintain appropriate technical and organisational measures to protect the personal data against destruction, loss or unauthorised access or other forms of unauthorised or unlawful processing of personal data. These measures shall ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected, taking into account the state of the art and the cost of their implementation. These measures include, but are not limited to, the measures listed in appendix 2 of the DPA. The subscriber is aware and agrees that these measures may be modified and developed, and the provider is therefore expressly authorised to adopt alternative measures.

3.2 The customer is solely responsible for ensuring that end users use the Services in accordance with best security practices and in compliance with applicable data protection legislation.

3.3 The provider shall ensure that employees authorised to process personal data have committed themselves to confidentiality or are subject to an appropriate statutory duty of confidentiality.

4. Data transfers to third countries

4.1 The provider does not transfer any personal data of the customer to a third country.

5. Rights of data subjects

5.1 The customer will inform the data subjects that it is the controller and how the data subjects can contact the subscriber regarding enquiries. The provider will not be the contact person for this. The provider will endeavour, to the extent permitted by law, to notify the customer immediately if a data subject makes a request for access, inspection, data portability, correction (rectification) or removal (erasure) of the data subject's personal data. The provider will not respond to such requests from data subjects without the customer's prior written consent.

5.2 The provider shall support and co-operate with the customer to assist data subjects in exercising their rights under applicable data protection legislation, such as the right to access, rectification, erasure and/or data portability. The provider will only provide such co-operation and assistance at the customer's request and only to the extent that the customer cannot comply with its obligations under the applicable data protection legislation without the provider's co-operation and assistance.

6. Notification of data breaches

6.1 The Provider shall, to the extent permitted by law, promptly notify the customer of any security breaches relating to personal data processed on behalf of the subscriber pursuant to this DPA.

6.2 Such notification shall include at least the following: (a) a description of the nature of the security breach, including, where possible, information to help the customer determine the categories and approximate number of individuals affected and the categories and approximate number of personal data records affected; (b) information available to the provider to help the customer determine the likely consequences of the security breach; and (c) a description of the measures taken or to be taken by the provider to address the security breach, including, where appropriate, measures to limit potential undesirable effects.

6.3 The customer is responsible for complying with its security breach notification obligations. The fulfilment of the provider's obligation to report or respond to a security breach in accordance with this article does not constitute an admission of guilt or liability on the part of the provider in relation to the security breach.

7. Subprocessor

7.1 The provider may use subprocessors to carry out the processing of personal data on behalf of the customer as part of the services provided by the provider to the customer. The customer hereby generally authorises the provider in writing to engage a subprocessor to process personal data. The provider may only engage a subprocessor if this subprocessor has been given the necessary responsibilities and obligations in writing in accordance with Article 28 GDPR. The Provider may remove or appoint other subprocessors in accordance with this Article. The provider shall announce changes to the list of subprocessors at least six weeks in advance. The customer may object to a subprocessor by exercising its right of cancellation under the agreement. If the customer does not terminate the contract within this period, it is assumed that the customer accepts the respective subprocessor. If the subprocessor fails to fulfil its data protection obligations, the provider shall remain equally liable to the customer for the fulfilment of its obligations under this DPA.

8. Data export and deletion of data

8.1 Upon cancellation of a service, the customer's right to access or use the relevant service shall cease with immediate effect and the provider shall not be obliged to retain the associated personal data. The parties agree that in such a case the provider shall, at the customer's option, either return all personal data to the customer or destroy or delete it, unless prohibited by applicable laws and regulations. If the customer does not make a corresponding choice, the provider may delete the personal data 30 days after cancellation of the service. The return of personal data by the provider may be effected by the customer receiving an export of all raw data from the provider's database.

8.2 Upon request and after termination of the services, the provider shall declare to the customer in writing that all copies of the personal data have been permanently destroyed or returned to the customer.

DPA Appendix 1: Details of the processing of personal data

1.1 General
All details of the processing of personal data pursuant to this Article 1 relate only to the FunnelBridge SaaS and the services provided in connection with the FunnelBridge SaaS

1.2 Type and purpose of processing
The client agrees to use the FunnelBridge SaaS and the services provided in connection with the FunnelBridge SaaS for recruitment and/or staffing purposes only. The provider shall process personal data on behalf of the client in the context of the FunnelBridge SaaS and the services provided in connection with the FunnelBridge SaaS and in accordance with the contract.

1.3 People affected
The processing of personal data described in this Article 1 relates to the following data subjects:

Applicants, potential applicants, candidates and potential candidates of the client (hereinafter collectively referred to as: “candidates”);Alle Personen, welche den Kunden über mit der FunnelBridge SaaS verbundene Kommunikationskanäle kontaktieren.

1.4 Categories of personal data
The provider processes the following categories of personal data relating to candidates on behalf of the customer:

Contact details, including names

CVs

E-mail communication

Address

Professional career

Cover Letter and other documents provided for an application

Candidate information collected through integrations between the services and third party services at the request of the client or at the request of end users

and other personal data relating to candidates processed in the context of the services. For the avoidance of doubt, personal data relating to candidates and other data subjects at the same time shall be deemed to be processed on behalf of the Client.‍

1.5 Other
The provider processes the personal data referred to in this Article 1 only to the extent that it relates to the Services, unless the personal data has been anonymized and is used to improve the Services.