Log In
Register now

Menu

General Terms and Conditions


last updated on 13.06.2024

 

These General Terms and Conditions apply to all business relationships between Zero Workaround Solutions GmbH, Pöppelstrasse 7, 81541 Munich, represented by the Managing Director Mr. Patric Betz, hereinafter referred to as ZWS, and its customers in the version valid at the time of conclusion of the contract. Any conflicting general terms and conditions of the customer are hereby expressly rejected.

 

These conditions are made up of

      the following provisions for the provision of services by ZWS (Part I) (hereinafter referred to as the “Service Agreement”) and

      the agreement on order processing between the parties (Part II) (hereinafter referred to as the “Data Processing Agreement”)

Part I – Service agreement

§ 1 General

a) Object of the agreement

(1) With this agreement, the parties agree that ZWS shall provide the customer with the possibility to use the software application (hereinafter referred to as “Software”) for access against payment.(2) The objective of the agreement is the provision of the current version of the software made available to ZWS for the use of its functionalities, the technical facilitation of the use of the software and the granting or brokering of rights of use to the software in return for payment of the fee specified in the agreement for the period specified in the agreement or in a separate agreement.

 

b) Contractual agreement

The contractual language is German. If German and English versions of the text exist side by side, the wording of the German version shall apply in case of doubt. The software is intended for commercial customers (B2B). By activating the subscription, the customer confirms that they are using the software for commercial purposes.

 

 

c) Subsequent amendment of the General Terms and Conditions

ZWS is entitled to subsequently amend and supplement the General Terms and Conditions in relation to existing business relationships, insofar as changes in legislation or case law require it or other circumstances lead to this. A subsequent amendment to the General Terms and Conditions shall become effective if the customer does not object within two weeks of notification of the amendment. At the beginning of the period, ZWS shall expressly inform the customer of the effect of his silence as acceptance of the contract amendment and give him the opportunity to make an express declaration during the period. If the customer objects within the deadline, both ZWS and the customer may terminate the contractual relationship without notice.

 

 

d) Competitors

If the customer is a competitor, the customer is expressly prohibited from using or accessing the software. A competitor means an individual or entity engaged in a business that offers products or services similar to those offered by ZWS, including employees, freelancers or other agents or representatives. This prohibition also extends to signing up for free trials. In addition, customers may not use the software to monitor its availability, performance or other functionality or for any other benchmarking or competitive purposes.

§ 2 Contractual relationship

 

a) Test phase

 

After registering via the ZWS website, the customer receives a personal account. These access data may not be passed on. The customer is responsible for keeping them safe. Registration under a false name and fictitious e-mail accounts is not permitted. In the case of obviously fictitious information, ZWS reserves the right to delete the account. The customer shall compensate ZWS for all damages for which the customer is responsible due to a violation of §2a.

Upon registration (entering email address and password and clicking on “Register”), a contract is concluded between ZWS and the customer.

 
 

b) Chargeable use

 

If the customer logs into his customer account after the test phase defined in the offer, he must enter valid payment information and confirm all his details (e.g. name, address, payment method, number of booked accounts) and correct any input errors before he confirms the further use of the services of ZWS by clicking on the “pay now” button in order to access the data rooms of his customer account.

If the customer no longer registers after the test phase defined in the offer, no costs will be incurred. ZWS will then delete the customer account after 3 months.

 
 

c) Contract duration

 

The contract is concluded for an indefinite period. Cancellation is possible at the end of the current billing period, in the case of a free subscription (in the test phase) immediately, without notice in the respective account. The right to terminate for good cause remains unaffected by this. After termination, ZWS has the right to delete the account including all data after the termination takes effect.

 

 

§ 3 Provision of services

 

a) General

 

ZWS is a provider of Software-as-a-Service (SaaS) solutions based in Germany. ZWS offers customers a solution to optimize their business processes. These solutions and their use by customers require the storage of personal content and data with the aim and possibility of being able to access this stored data using certain devices and computers connected to the Internet.

 

 

b) Start of service provision

 

The booked services will be made available to the customer immediately after the payment information has been entered and the payment has been sent.

 

 

c) Delays in performance

 

ZWS shall not be responsible for delays in performance due to force majeure and due to extraordinary and unforeseeable events which cannot be prevented even by the utmost care on the part of ZWS (this includes in particular strikes, official or court orders and cases of incorrect or improper self-supply despite a covering transaction to this effect). They entitle ZWS to postpone the provision of services for the duration of the impeding event.

 

 

d) Resignation

 

In the event of non-availability for the aforementioned reasons, ZWS may withdraw from the contract. ZWS undertakes to inform the customer immediately of the unavailability and to reimburse any payments already made without delay.

 

 

e) Data access

 

The ZWS data protection agreement applies. ZWS collects, stores and processes data to the extent necessary for the agreed provision of services. Data storage takes place in Germany.

 

 

e) Maintenance

 

(1) ZWS is obliged to maintain the contractually agreed quality of the software during the term of the contract (“maintenance”). In order to fulfill its maintenance obligation, ZWS shall carry out the maintenance and repair measures required according to the state of the art.

(2) ZWS shall only be obliged to modify or adapt the software if such modification or adaptation is necessary to maintain the software in accordance with the state of the art. Otherwise, ZWS shall only be obliged to modify, adapt and further develop the software if the parties agree to this separately. In particular, ZWS shall not be obliged to further develop the software without such a separate agreement.

 

 

 

§ 4 Payment

 

a) Payment methods

 

ZWS uses the payment provider STRIPE with the options of payment by credit card or PayPal. The customer agrees to payment via STRIPE (credit card or PayPal). The monthly amount owed by the customer is to be paid in advance and is due for payment on the 3rd working day of each month.

 

 

b) Prices

 

All prices are exclusive of VAT. The usage fee to be paid for the services offered by ZWS results from the contractual agreement and depends on the type of license selected.

 

 

c) Default of payment

 

If the customer is at least 30 days late with a payment, ZWS is entitled to refuse to provide the service until the outstanding payment has been made. This is done, for example, by suspending access to the software. If the customer is at least 60 days late with a payment, ZWS is entitled to terminate the entire contractual relationship for cause. For the avoidance of doubt, all claims for late payments by the customer shall remain unaffected by such extraordinary termination.

In the event of late payment, interest may be charged at a rate of 9 percentage points above the prime rate of the European Central Bank. Should the customer fall into arrears with his payments, ZWS reserves the right to charge a reminder fee of 5 euros. The assertion of further damages remains unaffected. The customer has the possibility to prove that ZWS has suffered no or less damage.

 

 

§ 5 Duties and responsibilities of the customer

 

a) General

 

The customer is solely responsible for the content and accuracy of the data transmitted to ZWS (login data, personal data, as well as data relating to the use of the SaaS service).

 

 

b) Rights of third parties

 

The customer also undertakes not to store, release or otherwise make available to other customers or third parties on the ZWS platform any data whose content infringes the rights of third parties or violates existing laws.

 

 

 

c) Log-in password

 

The customer is solely responsible for managing their log-in password. The customer shall take appropriate measures to prevent third parties from gaining knowledge of the password and to prevent it from being lost. 

 

 

d) Confidentiality

 

(1) The customer’s rights under this contract are not transferable. The password, which enables the customer to access the personal area and thus also to record and store data, must be treated as strictly confidential and may not be passed on to third parties under any circumstances. The customer shall take suitable and appropriate measures to prevent third parties from gaining knowledge of his password.

 

(2) The parties mutually undertake to treat as confidential all knowledge of business secrets and other confidential information of the other party obtained in the course of the contractual relationship and to use it exclusively for the purposes of implementing the agreement.

 

(3) This obligation shall remain in force even after termination of the agreement.

 

 

 

§ 6 Availability and data backup

 

a) Availability guarantee

 

ZWS does not guarantee that the services offered will be available at all times. Furthermore, ZWS does not guarantee that the services offered or parts thereof can be made available and used from any location.

 
 

b) Data backup obligation

 

Regular data backups are created by ZWS within the usual framework and with the necessary care. However, ZWS does not assume any general data backup guarantee for the data entered into the system by the customer. The customer is also responsible for creating appropriate backups of his data at regular intervals to prevent data loss. ZWS does not guarantee that the stored content or data accessed by the customer will not be accidentally damaged or falsified, lost or partially removed.

 

 

§ 7 Warranty

 

ZWS gives no assurance, guarantee or warranty that

a) the use of the Software meets the customer’s requirements or expectations

b) All defects or faults relating to the products or functionality that are attributable to the customer as part of the Software, if they do not meet the requirements of the Software.

influence core functionality.

Unless expressly agreed otherwise, advice or information received by the customer from ZWS shall not give rise to any warranty claims against ZWS. ZWS does not warrant that the Software is suitable or available for use at other locations outside the contract territory.

Should the customer discover defects in the software or the documentation, the customer must notify ZWS immediately in writing. 

 

 

 

§ 8 Usage

 

a) General

 

The customer undertakes to use the services offered by ZWS only to the extent permitted by law and these GTC. Any misuse will result in the exclusion of the right of use granted by the registration. ZWS will deactivate the customer account of the respective customer after becoming aware of any misuse. Any fees already paid will not be refunded in this case.

 

 

b) Misuse

 

Misuse is deemed to exist in particular in the event of copyright infringements. In addition, misuse is the provision, distribution or other usage of illegally acquired data as well as the distribution or provision of data for illegal purposes. In particular, the use of the Software

    for sending spam,

    to send and store infringing, obscene, threatening, insulting or otherwise violating third-party rights content,

    for sending and storing viruses, worms, Trojans and malicious computer codes, files, scripts, agents or programs,

    to upload programs that are likely to disrupt, impair or prevent the operation of ZWS,

    attempting to gain unauthorized access to the Software or to individual modules, systems or applications or to grant such access to third parties

abusive.

 
 

c) Exemption

 

The customer undertakes to indemnify ZWS against all third-party claims, including reasonable or legally determined costs for legal prosecution, which are based on non-contractual, abusive and/or illegal use of the website/app services and their content by the customer. The customer shall support ZWS in the defense against such claims, in particular by providing all information necessary for the defense. The customer shall be obliged to compensate ZWS for any damage incurred by ZWS as a result of the successful enforcement of such claims by third parties.

 

 

§ 9 Liability

 

a) Unauthorized acquisition of knowledge

 

ZWS is not liable for 

      damages incurred by the customer from the use of the software and 

      Damage due to unauthorized access to personal customer data by third parties (e.g. due to unauthorized access to the database by hackers). 

ZWS can also not be held liable for the misuse by third parties of data and information that the customers themselves have made available to third parties.

 
 

b) Stored contents

 

The customer bears sole responsibility for stored content and files that require a license (e.g. fonts and images).

 

 

c) Third party claims


The customer undertakes to indemnify ZWS against all third-party claims based on the data stored by him and to reimburse ZWS for the costs incurred by ZWS due to possible infringements of rights.

 

 

d) Suspicion of illegality

 

ZWS is entitled to block the account immediately if there is reasonable suspicion that the stored data was obtained illegally and/or infringes the rights of third parties. A reasonable suspicion of illegality and/or infringement of rights exists in particular if courts, authorities and/or other third parties inform ZWS of this. ZWS shall immediately inform the customer of the blocking and the reason for it.

The ban must be lifted as soon as the suspicion is invalidated.

 

 

§ 10 Final provisions

 

a) Place of jurisdiction

 

The exclusive place of jurisdiction for all disputes between the parties arising from or in connection with the business relationship shall be the competent court in Munich.

b) Choice of law


The law of the Federal Republic of Germany shall apply exclusively. The contract language is German.

c) Severability clause


Should individual provisions or parts of the contract prove to be invalid, this shall not affect the validity of the rest of the agreement. In such a case, the contracting parties shall adapt the contract in such a way that the purpose intended by the invalid or ineffective part is achieved as far as possible.

 

 

 

Part II – Data processing agreement

 

 

§ 1 Scope of application


(1) The parties agree that ZWS shall act as a processor for the customer when providing the services, insofar as ZWS processes data for the customer. 

(2) It should be noted that ZWS may process personal data of the customer that is not the subject of the contractual relationship, as ZWS acts as the controller in this respect. This concerns, for example, data for billing and license management or automatically collected statistical data. 

§ 2 Object of the order


(1) ZWS processes personal data for the customer on the basis of this data processing agreement within the meaning of Art. 4 No. 8 and Art. 28 GDPR.

(2) Customer data shall be processed by ZWS exclusively in the manner, scope and purpose specified in Annex 1. The group of persons affected by the data processing is shown in Appendix 2 to this contract.

(3) ZWS is prohibited from processing customer data in any way that deviates from or goes beyond the stipulations in Annexes 1 and 2. 

(4) The processing of customer data shall take place exclusively in the territory of the Federal Republic of Germany, in a member state of the European Union or in another state party to the Agreement on the European Economic Area. Any relocation to a third country requires the prior written consent of the customer and may only take place if the special requirements of Art. 44 to 49 GDPR are met.

(5) The provisions of this contract shall apply to all activities related to the service contract and in which ZWS and its employees or persons authorized by ZWS come into contact with personal data originating from the customer or collected for the customer.

 

§ 3 Duration of the contract


(1) The term of this contract corresponds to the term of the agreement in the service contract.

(2) The customer may terminate the agreement at any time without notice if there is a serious breach of this data processing agreement by ZWS, if ZWS is unable or unwilling to carry out an instruction from the customer or if ZWS refuses the customer’s monitoring rights in breach of the agreement.

 

§ 4 Authority of the customer to issue instructions


(1) ZWS processes the customer data only within the scope of the order and exclusively on behalf of and in accordance with the instructions of the customer within the meaning of Art. 28 GDPR (order processing), this applies in particular with regard to the transfer of personal data to a third country or to an international organization. In this respect, the customer has the sole right to issue instructions regarding the type, scope and method of processing activities (hereinafter also referred to as “right to issue instructions“). If ZWS is obliged by the law of the European Union or the Member States to which it is subject to carry out further processing, it shall inform the customer of these legal requirements prior to processing.

(2) Instructions shall be issued by the customer in writing; verbal instructions shall be confirmed in writing by ZWS. The persons authorized to issue and receive instructions are listed in Appendix 3. In the event of a change or long-term absence of the persons named in Appendix 3, the successor or representative must be named to the other party in text form without delay. ZWS shall notify the customer in good time of any change in the person authorized to issue instructions. Until such notification is received by the customer, the designated persons shall continue to be deemed authorized to receive.                                                             

(3) If ZWS is of the opinion that an instruction from the customer violates data protection regulations, it must inform the customer of this immediately. ZWS shall be entitled to suspend the execution of the instruction in question until it has been confirmed or amended by the customer.

 

§ 5 Protective measures of ZWS

(1) ZWS is obliged to observe the statutory provisions on data protection and not to pass on information obtained from the customer’s area to third parties or to expose it to their access. Documents and data must be secured against unauthorized access, taking into account the state of the art.

(2) Furthermore, ZWS shall obligate all persons entrusted by it with the processing and fulfillment of this contract (hereinafter referred to as “employees“) to confidentiality in writing (obligation of confidentiality, Art. 28 para. 3 lit. b GDPR) and ensure compliance with this obligation with due care. At the customer’s request, ZWS shall provide the customer with written or electronic proof of the employees’ obligation.

(3) ZWS shall design its internal organization in such a way that it meets the special requirements of data protection. It undertakes to take all suitable technical and organizational measures for the appropriate protection of customer data in accordance with Art. 32 GDPR, in particular the measures listed in Annex 4 to this contract, and to maintain these for the duration of the processing of customer data.

(4) ZWS reserves the right to change the technical and organizational measures taken, whereby it shall ensure that the contractually agreed level of protection is not undercut. ZWS shall inform the customer immediately in writing if it has reason to believe that the measures in accordance with Appendix 4 are no longer sufficient and shall consult with the customer regarding further technical and organizational measures.

(5) At the customer’s request, ZWS shall provide the customer with suitable evidence of compliance with the technical and organizational measures specified in Appendix 4.

§ 6 Information and support obligations of ZWS


(1) In the event of disruptions, suspected data protection violations or breaches of contractual obligations on the part of ZWS, suspected security incidents or other irregularities in the processing of customer data by ZWS, persons employed by ZWS within the scope of the contract or by third parties, ZWS shall inform the customer immediately, but at the latest within 24 hours in written or electronic form. The same applies to audits of ZWS by the data protection supervisory authority. The notifications pursuant to § 6 para. 1 sentence 1 shall contain at least the information specified in Art. 33 para. 3 GDPR.

 (2) In the case of § 6 (1), ZWS shall support the customer in the fulfillment of his relevant clarification, remedy and information measures within the scope of what is reasonable. In particular, ZWS shall immediately take the necessary measures to secure the data and to minimize possible adverse consequences for the data subjects, inform the customer thereof and request further instructions from the customer.

(3) ZWS undertakes to provide the customer with all information and evidence required to carry out an inspection in accordance with Section 7 (1) of this contract within a reasonable period of time at the customer’s verbal or written request. Furthermore, ZWS shall provide the customer with a comprehensive and up-to-date data protection and security concept for order processing as well as for authorized persons upon request.

§ 7 Other obligations of ZWS


(1) ZWS is obliged to keep a list of all categories of processing activities carried out on behalf of the customer in accordance with Art. 30 para. 2 GDPR. The list shall be made available to the customer upon request.

(2) ZWS is obliged to support the customer in the preparation of a data protection impact assessment in accordance with Art. 35 GDPR and any prior consultation with the supervisory authority in accordance with Art. 36 GDPR.

(3) ZWS confirms that it has appointed a data protection officer – insofar as there is a legal obligation to do so. A change in the person of the company data protection officer/contact person for data protection must be communicated to the customer immediately in writing.

(4) Should the customer data at ZWS be jeopardized by seizure or confiscation, by insolvency or composition proceedings or by other events or measures of third parties, ZWS must inform the customer immediately, unless it is prohibited from doing so by court or official order. In this context, ZWS shall immediately inform all competent authorities that the decision-making authority over the data lies exclusively with the customer as the “controller” within the meaning of the GDPR.

§ 8 Subcontractor relationships


Within the scope of its contractual obligations, ZWS is authorized to establish subcontracting relationships with subcontractors (“subcontractor relationship“). In this case, ZWS must ensure that the regulations agreed in this contract also apply to the subcontractors it commissions, whereby the customer must be granted all rights of control over the subcontractor in accordance with § 9 of this contract. Subcontractor relationships with third parties outside the European Economic Area are not permitted.

§ 9 Control rights


(1) The customer is entitled to regularly verify compliance with the provisions of this agreement, in particular the implementation of and compliance with the technical and organizational measures in accordance with § 5 (3) of this agreement. For this purpose, he may, for example, obtain information from ZWS, have existing certificates from experts, certifications or internal audits presented to him or have the technical and organizational measures of ZWS checked personally or by a competent third party during normal business hours, provided that the third party is not in a competitive relationship with ZWS.

(2) The customer shall only carry out inspections to the extent necessary and shall take reasonable account of the operational processes of ZWS. The parties shall agree on the time and type of inspection in good time.

(3) The customer shall document the results of the inspection and inform ZWS accordingly. In the event of errors or irregularities which the customer discovers, in particular during the inspection of order results, he must inform the ZWS immediately. If facts are discovered during the inspection which require changes to the ordered process flow to be avoided in the future, the customer shall inform the ZWS immediately of the necessary procedural changes.

§ 10 Rights of data subjects


(1) Where possible, ZWS shall support the customer with suitable technical and organizational measures in fulfilling its obligations under Art. 12 to 22 and Art. 32 to 36 GDPR. It shall provide the customer with the requested information about customer data without delay, but at the latest within 7 working days, if ZWS does not have the relevant information itself.

(2) If the data subject asserts his rights in accordance with Art. 16 to 18 GDPR, ZWS is obliged to correct, delete or restrict the customer data immediately, at the latest within a period of 7 working days, at the customer’s instruction. Upon request, ZWS shall provide the customer with written proof of the deletion, correction or restriction of the data.

(3) If a data subject asserts rights, such as the right to information, correction or deletion of their data, directly against the ZWS, the ZWS shall immediately forward this request to the customer and await their instructions. The ZWS will not contact the data subject without corresponding individual instructions.

§ 11 Deletion and return after the end of the contract


(1) ZWS shall return all documents, data and data carriers provided to the customer after termination of the service contract or at any time at the customer’s request, or delete them completely and irrevocably at the customer’s request, unless there is a statutory retention period. This also applies to copies of the customer data at ZWS, such as data backups, but not to documentation that serves as proof of the proper processing of the customer data in accordance with the order. Such documentation shall be retained by ZWS for a period of 30 days and returned to the customer upon request.

(2) ZWS shall confirm the deletion to the customer in writing. The customer has the right to check the complete and contractually compliant return or deletion of the data at ZWS in a suitable manner; § 7 para. 2 of this contract applies accordingly.

(3) ZWS is obliged to treat the data it becomes aware of in connection with the service contract confidentially, even after the end of the service contract.

§ 12 Liability


(1) The liability of the parties shall be governed by Art. 82 GDPR. Any liability of ZWS towards the customer for breach of obligations arising from this contract or the service contract shall remain unaffected by this.

(2) The parties shall indemnify each other against liability if one party proves that it is not responsible in any respect for the circumstance that caused the damage to a party concerned. § Section 11 (2) sentence 1 shall apply accordingly in the event of a fine imposed on a party, whereby the indemnification shall be made to the extent that the other party bears a share of the responsibility for the infringement sanctioned by the fine.

§ 13 Final provisions


(1) The parties agree that the defense of the right of retention by ZWS within the meaning of § 273 BGB (German Civil Code) is excluded with regard to the data to be processed and the associated data carriers.

(2) Amendments and supplements to this agreement must be made in writing. This also applies to the waiver of this formal requirement.

(3) In case of doubt, the provisions of this agreement shall take precedence over the provisions of the service agreement. Should individual provisions of this agreement prove to be invalid or unenforceable in whole or in part or become invalid or unenforceable as a result of changes in legislation after conclusion of the contract, this shall not affect the validity of the remaining provisions. The invalid or unenforceable provision shall be replaced by a valid and enforceable provision that comes as close as possible to the meaning and purpose of the invalid provision.

(4) This agreement is subject to German law. The exclusive place of jurisdiction is Munich.

 

 

Attachments

 

 Appendix 1 – Specification of type, scope and purpose of data processing

Note: Each registered user receives their own workspace. Only invited users have access to the respective workspace and its further data (e.g. action items, teams, other users of the workspace, …).

 

Type of data

Nature and purpose of data processing

Categories of affected persons

User login data (Login)

Grant access to the system, email address and password as minimum information. Further information such as address, skills etc. is used for improved user guidance and team management.

User/Performer, Visitor

User Interests

Serve to improve user guidance in the team and team management. The software is based on a collaborative team approach and it is also beneficial to share interests.

 

User/Performer, Visitor

User Competencies

Used to record competencies, which in a further release of the software will be used to automatically assign people (performers) to tasks.

 

User/Performer, Visitor

Action items (overview)

In order to control tasks in projects within the software, it is necessary to assign people to tasks. 

 

User/Performer, Visitor

Action Item Detail

In order to control tasks in projects within the software, it is necessary to assign people to tasks. 

 

User/Performer, Visitor

Teams (overview)

In order to map the organization of a company as identically as possible, it is possible to assign people to a team within the software.

User/Performer, Visitor

Performer (overview)

Within a workspace, people can search for other people and view their personal details (name, photo, skills, interests, workload, stress level, presence, availability, but no address or login details). Each person defines for themselves whether other people are allowed to view these details. 

User/Performer, Visitor

Relations, -Cases, -Contacts, -Company Contacts (Overview

IT projects always have a customers. The Relations module is used to manage customer contacts. In addition to first name and surname as mandatory fields, further data can be entered, such as email address, telephone number and LinkedIn url.

Customers

 

 

 

 

Appendix 2 – Description of data types and categories of data subjects

General persons or groups of persons:

 

 

Description

Workspace Admin

Persons reported by the customer who require a license, (internal/external) employees, with administrative responsibility with reference to at least one workspace

Performer (“Named” User)

Persons subject to licensing reported by the customer, (internal/external) employees

Visitor

Persons registered by the customer who require a license and who are granted access as visitors to the respective workspace created by the customer.

Invitations and access authorizations are sent and issued by the respective workspace administrators of the customer and not by ZWS.

 

 

 

 

Annex 3 – Persons authorized to give and receive instructions

 

Name: Markus Hofer

Function: Shareholder Zero Workarounds Solutions GmbH

 

 

 

Annex 4 – Technical and organizational measures of ZWS (Art. 32 GDPR)

 

Technical and organizational measures for IT security and data protection

Service: SAAS ‘Software as a Service’. ZWS takes the following technical and organizational measures when collecting, processing and using personal customer data.

 

1. access control

ZWS does not operate any office space. The server is operated by Microsoft Global Cloud Germany – Microsoft Azure. https://azure.microsoft.com/en-us/explore/global-infrastructure/data-residency/#overview

 

2. access control

No unauthorized system use

– Authentication with email address and password 

– The following applies to ZWS employees

o Technical blocking of the workplace in the event of inactivity

o Data carriers of the notebooks/smartphones are encrypted

o Comprehensive protection against malware on workstations

 

3. access control

No unauthorized reading, copying, modification or removal within the system. 

 

4. transfer control

No unauthorized reading, copying, modification or removal during electronic transmission or transport.

– Secure data transmission through https

– Login and registration data are transmitted in encrypted form

– Full encryption of all backend requests

 

5. input control

Determining whether and by whom personal data has been entered, modified or removed from data processing systems 

– Logs in the SaaS platform (change history)

– Logs in the database

– Logging of accesses

 

6. order control

No commissioned data processing within the meaning of Art. 28 GDPR without corresponding instructions from the customer, e.g: Clear contract design, formalized order management, strict selection of the service provider, obligation to convince in advance, follow-up checks. 

 

7. availability control

The availability of the cloud provider is ensured by the cloud provider.https://download.microsoft.com/download/2/2/5/2250150e-c63c-4d57-a786-831c6039f8d7/AzureTrustedCloud-Resiliency.pdf

The availability of the software is ensured by a combination of technical and organizational measures:

– Separation between development, staging and live system

– Test strategies

– Update strategies

– Communication with users about planned maintenance

 

8. separation of processing for different purposes

Separate processing of data collected for different purposes

– Multi-client capability

– Separate development, test and production systems

 

9. organizational control

Processes and workflows are defined for the processing of data in the company, and the implementation of and compliance with the processes are monitored.

Our employees are trained/committed to the following points:

– Principles of data protection and IT security

– Obligation to maintain confidentiality regarding trade and business secrets

– Proper and careful handling of data, files, data carriers and data storage media

– other documents

– The data protection training courses are repeated regularly, but at least every

– two years.

ZWS guarantees that the provision of services is carried out in compliance with data protection law.

  

 

 

 Annex 5 – Specification of the important reason

 

Important reasons are

– if the customer is more than two months in arrears with the payment of a due remuneration despite a reminder

– other breach of the contract

– misuse or harmful use of the software