PREAMBLE
A. This agreement shall be entered into between Dotphoton AG, Nordstrasse 3, 6300 Zug (the "Dotphoton") and any individual or legal entity (the "Customer"; collectively with Dotphoton the "Parties" and each individually a "Party") that agrees to the terms and conditions outlined in this agreement by using or otherwise accessing the Services.
B. The Customer plans to License the Services from Dotphoton, and Dotphoton plans to License the Services to the Customer, all under and in accordance with the terms and conditions outlined in this agreement (the "Agreement").
C. In this Agreement, the Parties wish to determine their respective rights and obligations in relation to the Licensing of the Platform, Services and any related content provided by Dotphoton, as well as any amendment or updates to the terms.
Based on the foregoing, the Parties agree as follows:
TERMS AND CONDITIONS
1. DEFINITIONS
Unless otherwise specifically provided in this Agreement, capitalized terms used in this Agreement shall have the meaning ascribed to them in Annex 1.
2. SCOPE OF THE SERVICES
2.1. Subject to the terms and conditions of this Agreement, Dotphoton shall grant to the Customer the right to use the Platform, as described in the Order Form ("Platform Services"), for the duration of the Subscription Term pursuant to the terms and conditions of this Agreement and the service level agreement attached hereto as Annex 2.1b) (the "Service Level Agreement").
2.2. Dotphoton shall further provide, during the duration of the Subscription Term and on a commercially reasonable efforts basis, services to support and maintain the Platform Services (the "Support Services") to the Customer under the terms and conditions of this Agreement and the Service Level Agreement.
2.3. Dotphoton may include various open-source software components in or with the Software (the "Open-Source Software"), each of it is owned by a third party and is subject to its own applicable license terms and conditions. A current list of Open-Source Software can be accessed at www.dotphoton.com. The Open-Source Software is provided on an "as-is" basis, and Dotphoton makes no expressed or implied warranties of any kind with respect thereto and assumes no liability for any damages regarding the use or operation of any such Open-Source Software.
3. GRANT OF LICENSE
3.1. Subject to the terms and conditions of this Agreement, Dotphoton grants to the Customer a worldwide, non-exclusive, non-transferable, non-assignable, non-sublicensable license during the Subscription Term of this Agreement to access and use the Platform Services in accordance with the terms and conditions outlined in this Agreement (the "License"). Any further use is prohibited.
3.2. If Affiliates of the Customer are explicitly mentioned within the Order Form, under the terms and conditions of this Agreement, the Customer is entitled to sublicense the use of the Platform Services to its Affiliates mentioned in the Order Form, provided that the Customer is responsible for ensuring that any and all Affiliates agree to and uphold the terms and conditions of this Agreement and is liable for any breach thereof by an Affiliate.
3.3. The Platform Services may contain third-party software and/or may be distributed together with third-party software that may be subject to other terms and conditions. Such third-party software and the applicable licenses are described at www.dotphoton.com.
3.4. The Customer shall not use the Platform Services on the behalf of, or for the benefit of, third parties, nor allow any third party to use (except as pursuant to Section 3.2 of this Agreement), rent, lease, lend, sublicense, grant rights to, assign, or transfer the Platform Services. Further the Customer shall not provide use of the Platform Services in a computer service business or third-party outsourcing facility.
3.5. The Services are not designed, manufactured or intended for the use as online control equipment in hazardous environments requiring redundant failsafe performance, in particular in regards to, but not limited to, the operation of aircraft navigation or communication systems, air traffic control, of direct life supporting machines, of weapon systems, of nuclear, chemical or biological manufacturing facilities, or of any other production site in which a failure of the Services could lead directly or indirectly to death, personal injury or severe physical or environmental damage. The use of the Services for such purposes is not permitted.
4. CUSTOMER OBLIGATIONS AND RESPONSIBILITIES
4.1. The Customer shall (i) provide Dotphoton with all the necessary co-operation in relation to this Agreement and access to such information as may be required by Dotphoton in order to provide the Services; (ii) inform Dotphoton of any security issue relating to the Services as soon as possible but no later than twenty-four hours upon knowledge of said security issue; (iii) upgrade the software in accordance with Dotphoton’s instructions and within the applicable time periods; (iv) deploy security updates in accordance with Dotphoton's instructions as soon as possible; (v) comply with Dotphoton’s License Policy and all applicable laws and regulations in regards to its activities under this Agreement; (vi) be responsible for Authorized Users compliance with this Agreement; (vii) ensure that its network and systems comply with the relevant specifications which may be provided by Dotphoton from time to time; and (viii) be solely responsible for procuring and maintaining its network connections and telecommunications links from the Customer's systems to Dotphoton's data centers; (ix) be solely responsible for the accuracy, quality, and legality of any and all third-party data and Customer materials; (x) be solely responsible for uploading third-party data and making appropriate backups of such data; and (xi) be solely responsible to obtain any consents required by law and/or provide required privacy notices to any party whose personal data the Customer uses in connection with the Platform.
4.2. Before making any notices with regard to a deviation of the Availability from the Service Level(s) pursuant to the Service Level Agreement, the Customer shall adhere to the following protocol (the "Analysis Protocol"): (i) the Customer shall check in at www.dotphoton.com whether the Services are actually affected; (ii) if the Services are shown as fully or sufficiently functional, the Customer shall conduct a full analysis of the root cause of the disruption and notify Dotphoton of the findings (by email to support@dotphoton.com); (iii) if, after the root cause analysis, the Customer is still of the opinion that the Availability is affected by Dotphoton's performance, the Customer has the duty to notify Dotphoton and describe the error pattern in sufficient detail (by email to support@dotphoton.com).
If the aforementioned Analysis Protocol is not adhered to, the error shall be deemed to be caused by a root cause for which Dotphoton is not responsible. In particular, the Service Level(s) under the Service Level Agreement shall not be deemed to be negatively affected.
4.3. In the event the Customer does not deploy security updates according to Section 4.1, Dotphoton may either (i) deploy such updates of its own accord under the full exclusion of any liability for any related damages, including but not limited to loss of data, or (ii) suspend the Platform Services according to Section 6.
4.4. In relation to the Authorized Users, the Customer shall ensure that (i) the maximum number of Admins which the Customer authorizes access and use of the Dashboard shall not exceed the number described in the Order Form; (ii) the Customer shall not permit or suffer any Admin account to be used by more than one individual Authorized User; and (iii) each Authorized User shall keep a secure password for their use of the Services, the required password shall be changed regularly and each Authorized User shall be required to keep their password confidential.
4.5. The Customer shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Services that (i) is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive; (ii) facilitates illegal activity; (iii) depicts sexually explicit images; (iv) promotes unlawful violence; (v) is discriminatory based on race, gender, color, religious belief, sexual orientation, disability; or (vi) in a manner that is otherwise illegal or causes damage or injury to any person or property; and Dotphoton reserves the right, without liability or prejudice to its other rights to the Customer, to disable the Customers access to the Services which may include removal of the material that breaches the provision of this clause.
4.6. The Customer shall not (i) make the Platform or any Service available to, or use the Platform or any Service for the benefit of, anyone other than the Customer unless otherwise stipulated in this Agreement, (ii) sell, resell, license, sublicense, distribute, rent or lease the Platform or any Service, or include the Platform or any Service in an outsourcing offer, (iii) permit direct or indirect access to or use of the Platform or any Service or content in a way that circumvents a contractual usage limit, (iv) copy the Platform or Service or any part, feature, function or user interface thereof, (v) frame or mirror any part of the Platform or any Service other than as permitted in the Documentation, (vi) access the Platform or any Service in order to build a competitive product or service, or (vii) reverse engineer the Platform or any Service (to the extent such restriction is permitted by law).
4.7. The Customer shall not use the Platform Services, or perform or allow the transfer of, export, or re-export of the Platform Services, in violation of any applicable export control laws, regulations or sanctions administered by any governmental authority. This Agreement may involve items and information subject to the U.S. government's International Traffic in Arms Regulations (ITAR) or Export Administration Regulations (EAR). If so, without proper authorization by the U.S. government or any other applicable or relevant governmental or regulatory body, the Customer will not carry any action listed in this Section 4.7. By using the Platform and Documentation, the Customer affirms that neither it nor its Affiliates are:
a) included on any sanctions-related list of designated persons maintained by the U.S. Department of Treasury's Office of Foreign Assets Control, the U.S. Department of State, the U.S. Department of Commerce, the European Union, His Majesty's Treasury of the United Kingdom, the United Nations, or any other applicable governmental authority; or
b) organized under the laws of, residing in, or owned/controlled by, directly or indirectly, individuals or entities in countries or regions subject to comprehensive sanctions (currently Belarus, Cuba, Iran, North Korea, Russia, Syria, the Crimea region of Ukraine, and the Donetsk, Kherson, Luhansk, and Zaporizhzhia regions of Ukraine).
The Customer must immediately notify Dotphoton of any actual or potential non-compliance with these applicable control laws, regulations or sanctions, including any unauthorized use or sale by third parties. Any violation of these terms will be considered a non-remediable material breach of this Agreement.
5. OBLIGATIONS OF DOTPHOTON
The scope of Section 2 shall not apply to the extent of any non-conformance which is caused by use of the Services contrary to Dotphoton's instructions, or modification or alteration of the Services by any party other than Dotphoton. If the Services do not conform with the foregoing undertaking, Dotphoton will, at its expense, use commercially reasonable efforts to correct any such non-conformance promptly, or provide the Customer with an alternative means of accomplishing the desired performance. Such correction or substitution constitutes the Customer 's sole and exclusive remedy for any breach of the undertaking set out in Section 2. Notwithstanding the foregoing, Dotphoton (i) does not warrant that the Customer's use of the Services will be uninterrupted or error-free; or that the Services, Documentation and/or the information obtained by the Customer through the Services will meet the Customer's requirements; (ii) is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Services may be subject to limitations, delays and other problems inherent in the use of such communications facilities; (iii) does not guarantee the Services if the Customer exceeds the values defined in the Order Form; and (iv) may change the infrastructure to provide the Services from time to time which may require Dotphoton to interrupt the Platform and Services; apart from emergencies, Dotphoton will inform the Customer of such a change duly in advance as further defined in the Documentation; Dotphoton is not obliged to continue providing the Services during any such interruption.
6. TEMPORARY SUSPENSION
6.1. Dotphoton may – upon prior notice to the Customer – immediately suspend the Customer's or any Authorized User's right to access or use any portion or all of the Services if Dotphoton determines the Customer's or an Authorized User's use of or registration for the Services (a) poses a security risk to the Services or any third party, (b) may adversely impact the Services or the systems or content of any other Dotphoton customer, (c) may subject Dotphoton, its Affiliates, or any third party to liability, or (d) may be fraudulent; (e) the Customer is, or any Authorized User is, in breach of this Agreement, including if the Customer is delinquent on its payment obligations for more than fifteen Business Days; or (f) the Customer has ceased to operate in the ordinary course, made an assignment for the benefit of creditors or similar disposition of its assets, or becomes the subject of any bankruptcy, reorganization, liquidation, dissolution or similar proceeding.
6.2. If Dotphoton suspends the Customer's right to access or use of any portion or to all of the Services, the Customer shall remain responsible for all Subscription Fees. Dotphoton will not unilaterally restrict access of the Customer to any compressed Customer Data as a result of the Customer's suspension for three months after the date of the suspension. During that period, Customer may read the compressed Customer Data, and decompress the Customer Data via the Services.
6.3. Dotphoton's right to suspend the Customer's or any Authorized User's right to access or use of the Services is in addition to Dotphoton's right to terminate this Agreement pursuant to Section 17.2.
7. PAYMENT TERMS
7.1. The Customer shall pay the Subscription Fees described in the Order Form to Dotphoton in accordance with this Section 7. Such Subscription Fees shall be non-returnable and non-refundable.
7.2. The Subscription Fees shall be invoiced monthly. Each invoice shall be due thirty days after its dispatch via email to the B-PoC (the "Due Date"). The Customer may not set off any potential claims against the invoiced fees. On expiry of the Due Date the Customer will be automatically in default (without any formal reminder). Interest shall accrue on such due amounts at an annual rate equal to five percent commencing on the Due Date and continuing until fully paid.
7.3. Any fee specified in this Agreement or in any promotional document, in particular any description on Dotphoton's official internet platform, does not include any tax (e.g. value-added tax), custom duties or similar taxes and charges that may be assessed directly or indirectly by governmental authorities of any jurisdiction with regard to the granted license and/or the provision of the Services.
7.4. Dotphoton reserves the right to change the Subscription Fees under the terms of this Agreement at the end of the Initial Term and each Renewal Period (as defined in Section 17.1) upon thirty days prior notice to the Customer.
7.5. If the Customer is of the opinion that Dotphoton has wrongfully charged for Services under this Agreement, the Customer must contact Dotphoton via support@dotphoton.com no later than sixty days after the billing date on the incorrect invoice in question, in order to receive an adjustment or credit.
8. WARRANTIES AND REMEDIES
8.1. Dotphoton warrants to the Customer that (i) the Service will perform substantially as described in the Documentation and (ii) any Service provided under this Agreement will be performed with reasonable skill and care and in a professional manner consistent with normal industry practices and in accordance with the Service Level Agreement. Non-substantial variations of the Service from the Documentation remain reserved. Dotphoton does not warrant that the performance of the Service will be uninterrupted or error-free. Any non-conformance which is caused by: (i) the use of the Platform or Services contrary to the Documentation and/or instructions of Dotphoton; or (ii) any Evaluation Licenses and Free Edition Licenses, are excluded from the warranty provided according to this Section 8.1.
8.2. If the Platform does not perform as warranted in Section 8.1, subject to compulsory law, the Customer's sole and exclusive right and remedy shall be to (a) demand repair or replacement of the non-conforming Platform or (b) terminate this Agreement, in the event of a material breach by Dotphoton, pursuant to Section 17.2. If a Service was not rendered as warranted in Section 8.1, the Customer's rights and remedies set forth in the Service Level Agreement shall apply exclusively.
8.3. DOTPHOTON MAKES NO, AND HERBY DISCLAIMS TO THE FULLEST EXTENT PERMITTED BY LAW, ANY AND ALL OTHER, (A) REPRESENTATIONS AND WARRANTIES WITH RESPECT TO THE SERVICES AND THE PLATFORM, EXPLICIT OR IMPLIED, ORAL OR WRITTEN, INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, ELIGIBILITY FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, OR (B) REMEDIES, EXCEPT AS EXPRESSLY SET FORTH ABOVE. FURTHER, DOTPHOTON DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE PLATFORM WILL MEET CUSTOMER’S REQUIREMENTS, THAT THE PLATFORM WILL OPERATE PROPERLY IN COMBINATION WITH OTHER FUNCTIONALITY, CORES, SOFTWARE OR PROTOCOLS, OR THAT THE OPERATION OF THE PLATFORM WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ALL ERRORS OR DEFECTS IN THE PLATFORM ARE CAPABLE OF BEING CORRECTED. CUSTOMER ACKNOWLEDGES THAT USE OF THE PLATFORM IN COMBINATION WITH OTHER FUNCTIONALITY, CORES, SOFTWARE OR PROTOCOLS MAY REQUIRE LICENSES FROM THIRD PARTIES AND CUSTOMER ACCEPTS SOLE RESPONSIBILITY FOR OBTAINING SUCH LICENCES.
8.4. THE PLATFORM IS NOT DESIGNED OR INTENDED TO BE FAILSAFE, OR FOR USE IN ANY APPLICATION REQUIRING FAIL-SAFE PERFORMANCE, SUCH AS IN LIFE-SUPPORT OR SAFETY DEVICES OR SYSTEMS, CLASS III MEDICAL DEVICES, NUCLEAR FACILITIES, APPLICATIONS RELATED TO THE DEPLOYMENT OF AIRBAGS, OR ANY OTHER APPLICATIONS THAT COULD LEAD TO DEATH, PERSONAL INJURY OR SEVERE PROPERTY OR ENVIRONMENTAL DAMAGE (INDIVIDUALLY AND COLLECTIVELY, CRITICAL APPLICATIONS). FURTHERMORE, THE PLATFORM IS NOT DESIGNED OR INTENDED FOR USE IN ANY APPLICATIONS THAT AFFECT CONTROL OF A VEHICLE OR AIRCRAFT, UNLESS THERE IS A FAIL-SAFE OR REDUNDANCY FEATURE AND A WARNING SIGNAL UPON FAILURE TO THE OPERATOR. CUSTOMER AGREES, PRIOR TO USING OR DISTRIBUTING ANY SYSTEMS THAT INCORPORATE THE PLATFORM, TO THOROUGHLY TEST THE SAME FOR SAFETY PURPOSES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CUSTOMER ASSUMES THE SOLE RISK AND LIABILITY OF ANY USE OF THE PLATFORM IN CRITICAL APPLICATIONS.
8.5. Under no circumstances shall Dotphoton be obliged to remedy a defect and/or be liable in any form, if (i) the defect has not been reported in accordance with the Service Level Agreement, or (ii) the Customer is not able to reproduce the defect using a standard version of the Software which is officially supported by Dotphoton at that time and operated within the Platform.
9. LIABILITY
9.1. SUBJECT TO SECTION 9.2, DOTPHOTON, ITS AFFILIATES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, CONSULTANTS OR SUPPLIERS SHALL HAVE NO LIABILITY FOR ANY DIRECT, INDIRECT DAMAGES, OR LOSSES SUFFERED IN CONNECTION WITH THIS AGREEMENT. DOTPHOTON SHALL FURTHER NOT BE HELD LIABLE FOR ANY LOSS OF USE, INTERRUPTION OF BUSINESS, LOSS OF GOODWILL, LOST PROFITS, LOSS OR CORRUPTION OF DATA, LOSS OF ANTICIPATING SAVINGS, OR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY KIND REGARDLESS OF THE FORM OF THE CLAIM, WHETHER IN CONTRACT, EQUITY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY, OR OTHERWISE, EVEN IF THE CUSTOMER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
9.2. The exclusions and limitation of liability set out in Section 9.1 do not apply to: (i) liability arising from death or injury to persons, willful intent or gross negligence, or (ii) any other liability which cannot be excluded or limited by law.
9.3. The Customer acknowledges that, in entering into this Agreement, the Customer has not relied upon any representations (whether written or oral) of any kind or of any person other than those expressly set out in this Agreement and (if they have relied on any representations, whether written or oral, not expressly set out in this Agreement) that the Customer shall have no remedy in respect of such representations and (in either case) Dotphoton shall in any circumstances hold no liability other than in accordance with the express terms of this Agreement.
9.4. In no event (other than set forth under Section 9.2) shall the entire liability of Dotphoton or its licensors in connection with this Agreement exceed the Subscription Fees paid by the Customer under this Agreement during the (up to) twelve months of the Subscription Term immediately preceding the events giving rise to such claim.
10. INDEMNIFICATION
Customer shall indemnify, defend, and hold harmless Dotphoton and its Affiliates, and each of Dotphoton's and its Affiliates' respective officers, directors, employees, agents, successors, and assigns from and against all losses arising out of or resulting from any claim, suit, action, or proceeding by any third party relating to: (i) any breach by Customer of any obligations, responsibilities, and covenants under this Agreement; or (ii) any negligence or willful misconduct of Customer or any of its Affiliates in connection with this Agreement.
11. FORCE MAJEURE
11.1. Neither Party shall be liable to the other Party for any default, to the extent the default is wholly or materially caused, whether directly or indirectly, by circumstances beyond the Party's reasonable control, such as fire, flood, other natural disasters, general strike, governmental action, embargos, epidemics, pandemics or communication line failures (the "Force Majeure"), provided the affected Party notifies the other Party in writing of the Force Majeure event within a reasonable time after its occurrence.
11.2. In the event the affected Party's delay or non-performance as a result of Force Majeure continues for a period of more than sixty days, either Party shall have the right to terminate this Agreement with immediate effect.
12. INTELLECTUAL PROPERTY RIGHTS
12.1. The Customer acknowledges that all Intellectual Property Rights to the Platform, the Services and the Documentation is owned by Dotphoton and/or the respective licensors. Except as expressly stated herein, this Agreement does not transfer or grant the Customer any Intellectual Property Right in respect of the Platform, Software, Services or Documentation. The Customer will respect the Intellectual Property Rights of Dotphoton and will not violate them in any way.
12.2. Dotphoton will retain all rights to and titles in any copy, modification, enhancement, improvement, development, adaptation of, or derivative work from the Platform, Software, the Services, the Documentation and any other work results created by Dotphoton under or in connection with this Agreement (regardless of whether they were suggested, requested, recommended or required by the Customer; together the "Work Results").
12.3. If any such Work Results were suggested, requested, recommended or required by the Customer, Customer shall irrevocably assign and transfer, and hereby irrevocably assigns and transfers, all rights, titles, and interests in and to any and all Work Results exclusively to Dotphoton. Dotphoton may by means of all current and future processes and systems freely use in any way whatsoever and transfer the Work Results to an unlimited extent. Dotphoton’s rights are in particular unlimited in regard to location, subject, and time.
12.4. Customer shall perform all necessary actions and shall induce their Affiliates and representatives to perform all necessary actions, that may be required for said purposes and to supply documents at first request.
12.5. To the extent that any rights, titles, and interests in and to any Work Results is not capable of being assigned due to mandatory legal provisions, the Customer shall grant, and hereby grants, to Dotphoton an exclusive, worldwide, transferable, unlimited, irrevocable, sublicensable and fully paid-up license to use, alter, edit, further develop, commercially use, exploit, collect the proceeds from the respective collecting societies (Verwertungsgesellschaften) and otherwise use the Work Results in its sole discretion and to the broadest extent admissible by the applicable law.
12.6. The above assignment includes all rights of attribution, paternity, integrity, modification disclosure, destruction and any other rights throughout the world that may be known or referred to as "moral rights", "artist's rights", "droit moral", or the like (the "Moral Rights"). To the extent that Moral Rights cannot be assigned, transferred or licensed under applicable law, the Licensee shall waive, and hereby waives, and shall induce their Affiliates and representatives to waive, the exercise of their Moral Rights to the extent permitted by applicable law.
12.7. Dotphoton shall have, for the term of this Agreement, a non-transferable, non-exclusive license to reproduce and display the Customer's logos, trademarks, trade names and similar identifying marks on Dotphoton's official internet platform, in press releases and in other Dotphoton marketing materials as a reference for users of the Services.
13. COMPLIANCE
13.1. Within thirty Business Days of Dotphoton's request, to be made no more than once every twelve months, the Customer shall provide to Dotphoton a compliance report (the "Report") that includes reasonably requested information by Dotphoton, concerning the Customer's use of the Software. The Report must be signed by the Customer's authorized signatories.
13.2. If (i) Dotphoton does not receive a signed Report within thirty Business Days, or (ii) Dotphoton has reasonable suspicion that the Report is inaccurate or incorrect and that the Customer is not in compliance with the terms of this Agreement, Dotphoton shall have the right, with a minimum of ten days' prior written notice and no more than once every twelve months, to conduct a Software audit during the Customer's normal business hours to verify the Customer's use of the Software, compliance with the terms of this Agreement and payments made to Dotphoton hereunder.
13.3. The Customer shall promptly remit to Dotphoton any shortfall in payment disclosed by such Software audit including any late charges applicable thereto. In addition, if any such audit discloses a shortfall in payment to Dotphoton of more than five percent for any year, upon the written request by Dotphoton, the Customer agrees to cover any and all costs incurred relating to the Software audit.
14. CONFIDENTIALITY
14.1. The Parties expressly agree that the content of this Agreement and any further data and know-how, of which a Party may become aware during the performance of this Agreement (the "Recipient Party" or "Disclosing Party"), directly, indirectly, in writing, orally, electronically or by any other means, are strictly confidential and/or proprietary in nature (the "Confidential Information"), unless the respective information (i) is in the public domain at the time of disclosure or is legitimately received via a third party; (ii) becomes generally available to the public, other than as a result of disclosure in violation of the terms of this Agreement or a disclosure by the Disclosing Party, triggered by a breach of this confidentiality obligation by the Recipient Party; (iii) is rightfully obtained by the Recipient Party through authorized disclosure by a third party; or (iv) was already in the Recipient Party's legitimate possession, without an obligation of confidentiality, prior to receipt from the Disclosing Party as evidenced by the records of the Recipient Party prior to disclosure.
14.2. The Parties hereby undertake to:
a) keep any Confidential Information strictly classified and not to disclose it to third parties, (i) except to representatives for purposes in accordance with this Agreement with a need for the knowledge of such Confidential Information, and who are bound by confidentiality obligations as restrictive as the ones stipulated herein, and (ii) unless a disclosure is requested by mandatory rules of law, provided that all possible measures to limit the disclosure and to safeguard confidential treatment are taken;
b) use Confidential Information only in accordance with the terms and conditions of this Agreement;
c) use all reasonable care to protect the Disclosing Party's Confidential Information and to prevent any dissemination of such information to the same extent that it protects its own confidential information, which in no event will be less than the safeguards a reasonably prudent business person would exercise in similar circumstances; and
d) immediately notify the Disclosing Party, if the Recipient Party becomes aware of any unauthorized use or disclosure of the Confidential Information.
14.3. Upon written request of the Disclosing Party, unless use or knowledge of Confidential Information is reasonably necessary for the performance of this Agreement, or in the event of termination of this Agreement, the Recipient Party shall promptly destroy or, if expressly requested to do so by the Disclosing Party, return all written, electronically or otherwise stored documents, files and copies thereof containing Confidential Information. This shall include memoranda, notes, and any and all other writings which have been prepared by the Recipient Party and are based on or reflect Confidential Information. Upon request of the Disclosing Party, Recipient Party shall confirm the deletion according to this clause, in writing. Notwithstanding the foregoing, the Recipient Party may keep Confidential Information if requested to do so under mandatory rules of law (e.g. accounting requirements).
14.4. Each Party may disclose Confidential Information to an Affiliate or third parties, provided that such disclosure is necessary for the purpose of performing its obligations under this Agreement and that the Affiliate or third party is bound by obligations as strict as the ones stipulated in this Section 13.
14.5. The above provisions of this Section 13 shall survive termination of this Agreement for as long as such information remains proprietary or confidential.
15. CUSTOMER DATA
15.1. The Customer shall own all right, title and interest in and to all of the Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data. Dotphoton does not have access to the Customer Data, except for the Metadata.
15.2. Dotphoton may access, collect, and analyze the Metadata to the Customer's use of the Services for the purpose of monitoring performance, improving the Platform and Software, and ensuring compliance with this Agreement. Such Metadata may include (without limitation) information such as usage statistics, system performance data, and other anonymized, non-content-based data that does not reveal or compromise the content of Customer Data.
15.3. If, and to the extent, that the rights in and to the Metadata do not originally lie with Dotphoton, Customer shall irrevocably assign and transfer, and hereby irrevocably assigns and transfers, all such rights in and to such Metadata exclusively to Dotphoton. Dotphoton may by means of all current and future processes and systems freely use in any way whatsoever and transfer the Metadata to an unlimited extent. Dotphoton’s rights are in particular unlimited in regard to location, subject, and time, and Dotphoton is free to use such Metadata to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other services of Dotphoton, and to disclose such Metadata in aggregate or other de-identified form in connection with Dotphoton’s business.
15.4. Dotphoton shall not be responsible for any loss, destruction, alteration or disclosure of any Customer Data that is not Customer’s Metadata. In the event of any loss or damage to Customer’s Metadata, the Customer's sole and exclusive remedy shall be for Dotphoton to use commercially reasonable efforts to restore the lost or damaged Metadata from the latest back-up of such Metadata available to Dotphoton. Dotphoton shall not be responsible for any loss, destruction, alteration or disclosure of Customer’s Metadata caused by any third party.
16. DATA PROTECTION
16.1. Each Party shall comply with all applicable data protection laws. If Dotphoton processes any personal data on the Customer's behalf when performing its obligations under this Agreement, the Parties herewith state that the Customer shall be the data controller and Dotphoton shall be a data processor and in any such case (a) the Customer acknowledges and agrees that the personal data, if any, may be transferred outside the European Union, EFTA, Switzerland or the country where the Customer and/or the Authorized Users are located, including in the United States of America, in order to carry out the Services and Dotphoton’s other obligations under this Agreement; (b) the Customer shall ensure that the Customer is entitled to transfer the relevant personal data to Dotphoton so that Dotphoton may lawfully use, process, and transfer the personal data in accordance with this Agreement on the Customer's behalf; (c) the Customer shall ensure that the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer if required by all applicable data protection legislation; (d) Dotphoton shall process the personal data only in accordance with the terms of this Agreement and any lawful instructions reasonably given by the Customer from time to time; (e) and each Party shall take appropriate technical and organizational measures against the unauthorized or unlawful processing of personal data or its accidental loss, destruction, or damage.
16.2. If and to the extent required by the applicable data protection laws and regulations, the Parties will enter into a data transfer agreement based on the EU standard contractual clauses (with adaptations to comply with Swiss law if necessary).
17. TERM AND TERMINATION
17.1. This Agreement shall commence on the date the Customer agrees to the terms and conditions outlined in this agreement by using or otherwise accessing the Services (the "Effective Date"). It shall continue for the initial term as set out in the Order Form (the "Initial Term") and, thereafter, this Agreement shall be automatically renewed for successive fixed periods of the same length as the Initial Term (each a "Renewal Period"), unless (a) either Party notifies the other Party of termination, in writing, at least twenty days prior to the end of the Initial Term or any Renewal Period, in which case this Agreement shall terminate upon the expiry of the applicable Initial Term or Renewal Period; or (b) otherwise terminated in accordance with the provisions of this Agreement.
17.2. Without affecting any other right or remedy available, either Party may terminate this Agreement with immediate effect by giving written notice to the other Party if (a) the other Party fails to pay any amount due under this Agreement on the Due Date for payment and remains in default no less than sixty days after being notified in writing to make such payment; (b) the other Party commits a material breach of any other term of this Agreement and the breach incurred is irremediable or (if such breach is remediable) fails to remedy that breach within a period of thirty days after the written request of the remediation efforts; (c) any step, application, order, proceeding or appointment is taken or made by or in respect of the other Party, for distress, execution, composition or arrangement with creditors, winding up, dissolution, administration, receivership (administrative or otherwise) or bankruptcy, or if the other Party is unable to pay its debts or if any event occurs which, under the applicable law of any jurisdiction to which it is subject, has an effect similar to that of any of the events referred to in this Section 17.2.
18. EFFECTS OF TERMINATION
18.1. Upon termination of this Agreement and subject to Section 18.3, (i) the Services and Licenses and any other rights granted to the Customer under this Agreement will terminate automatically and (ii) Customer shall immediately cease to use the Platform and any other Intellectual Property Rights of Dotphoton and shall, at its own expense, delete the Platform from its IT systems and destroy any copy thereof, except for a reasonable number of copies of the Platform and Documentation solely for archival purposes.
18.2. The provisions of this Agreement that by sense or content must remain in force after termination in order to achieve the intended purpose, shall survive the termination of this Agreement. The termination of this Agreement shall be without prejudice to the Parties' accrued rights hereunder.
18.3. In the event of termination of this Agreement, all Customer Data currently being processed via the Services will remain accessible for the Customer in their original (uncompressed) format for three months. It is the sole responsibility of the Customer to download or migrate the Customer Data before the end of that period.
19. NOTICES AND POINTS OF CONTACT
Except as otherwise provided in this Agreement, each Party must provide notices, requests, and other communications to the other Party in writing by (a) certified mail, hand delivery or delivery by a reputable overnight carrier service (b) facsimile with receipt of a "transmission ok" acknowledgement, or (c) e-mail with an acknowledgment of receipt by the other Party, in each case addressed to the contacts indicated on the cover page of this Agreement. Customer shall appoint a B-PoC and at least one S-PoC during the entire Subscription Term. If a License Key is required pursuant to the applicable license terms, the Customer shall further appoint a L-PoC. The Customer shall, in written form, notify Dotphoton of any change in the aforementioned points of contact without undue delay.
20. MISCELLANEOUS
20.1. This Agreement (including any schedules and annexes) shall supersede all prior oral and written agreements, letters or other communications or understandings of the Parties relating hereto and shall constitute the entire agreement between the Parties.
20.2. If there is an inconsistency between any of the provisions in the main body of this Agreement and the Schedules, the provisions in the main body of this Agreement shall prevail.
20.3. Neither Party may, or may purport to, assign, transfer, charge or otherwise deal with all or any of its rights or obligations under this Agreement in whole or in part, nor grant, declare, create or dispose of any right or interest in it without the prior written consent of the other Party which shall not be withheld without good reason.
20.4. An amendment of any of the provisions of this Agreement is only valid in writing or in electronic form (such as Skribble, DocuSign or AdobeSign, or a form which contains an electronic scan of the signature) and if signed by each Party or the Parties' authorized representatives. Any provision contained in this Agreement may only be waived by a document signed by the Party waiving such provision.
20.5. No waiver, express or implied, by either party of any right or remedy for any breach by the other Party of any provision of this Agreement will be deemed or construed to be a waiver of any succeeding breach of such provision or as a waiver of the provision itself or of any other breach or provision. No waiver of or modification or amendment to this Agreement will be effective unless reduced to writing and executed by authorized representatives of the Parties.
20.6. Should any part or provision of this Agreement be held to be invalid or unenforceable by any competent arbitral tribunal, court, governmental or administrative authority having jurisdiction, the remaining provisions of this Agreement shall remain valid. In this case, Parties shall endeavor to negotiate a substitute provision that best reflects the economic intentions of the Parties which is enforceable and shall execute all agreements and documents to the benefit of this Agreement.
20.7. Dotphoton may delegate or subcontract duties and/or obligations under this Agreement to third parties.
20.8. If a third party, according to the terms and conditions of this Agreement, is allowed to use the Services, such third party shall not be entitled to enforce any rights or benefits of this Agreement against Dotphoton.
20.9. This Agreement shall be exclusively governed by and construed in accordance with the laws of Switzerland without regard to conflict of law principles. The application of the United Nations Convention on contracts for the international sale of goods (the "CISG") is explicitly excluded. All disputes arising out of or in connection with this Agreement shall be submitted to the exclusive jurisdiction of the ordinary courts of Basel.
Annex 1 – Definitions
Defined Term
Meaning
Thank you for visiting dotphoton.com (the "Website"). At Dotphoton, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines the types of information we collect, how we use it, and the choices you have regarding your information. Please take a moment to review this policy carefully.
1. WHAT IS THIS PRIVACY NOTICE ABOUT?
Dotphoton AG (also «we», «us») collects and processes personal data that concern you but also other individuals («third parties»). We use the word «data» here interchangeably with «personal data».
In this Privacy Notice, we describe what we do with your data when you use dotphoton.com, and/or our other websites jetraw.com, rawsie.co or apps (collectively «website»), obtain services or products from us, interact with us in relation to a contract, communicate with us or otherwise deal with us. When appropriate we will provide a just-in-time notice to cover any additional processing activities not mentioned in this Privacy Notice. In addition, we may inform you about the processing of your data separately, for example in consent forms, terms and conditions, additional privacy notices, forms and other notices.
If you disclose data to us or share data with us about other individuals, co-workers, etc., we assume that you are authorized to do so and that the relevant data is accurate. When you share data about others with us, you confirm that. Please make sure that these individuals have been informed about this Privacy Notice.
This Privacy Notice is aligned with the EU General Data Protection Regulation («GDPR») and the Swiss Data Protection Act («DPA»). However, the application of these laws depends on each individual case.
2. WHO IS THE CONTROLLER FOR PROCESSING YOUR DATA?
The Dotphoton AG, Nordstrasse 3, 6300 Zug, Switzerland (the «company») is the controller for the Dotphoton’s processing under this Privacy Notice, unless we tell you otherwise in an individual case, for example in additional privacy notices, on a form or in a contract.
You may contact us for data protection concerns and to exercise your rights under Section 11 as follows:
Dotphoton AG
Nordstrasse 3
6300 Zug
Switzerland
get@dotphoton.com
3. WHAT DATA DO WE PROCESS?
We process various categories of data about you. The main categories of data are the following:
Technical data: When you use our website or our software, we collect the IP address of your terminal device and other technical data in order to ensure the functionality and security of these offerings. This data includes logs with records of the use of our systems. In order to ensure the functionality of these offerings, we may also assign an individual code to you or your terminal device (for example as a cookie, see Section 12). Technical data as such does not permit us to draw conclusions about your identity. However, technical data may be linked with other categories of data (and potentially with your person) in relation to user accounts, registrations, access controls or the performance of a contract.
Technical data includes the IP address and information about the operating system of your terminal device, the date, region and time of use and the type of browser that you use to access our electronic offerings. This can help us to provide an appropriate layout of the website or to show you a website customized for your region, for example. We know through which provider you access our offerings (and therefore also the region) because of the IP address, but usually this does not tell us who you are. However, this changes for example when you create a user account, because personal data can then be linked with technical data (for example, we can know the browser you use to access an account through our website). Examples of technical data include protocols («logs») that are created in our systems (for example the log of user logins to our website).
Registration data: Certain offerings, contact forms and services (such as login areas of our website, newsletters, etc.) can only be used with a user account or registration, which can happen directly with us or through our third-party login service providers. In this regard you must provide us with certain data, and we collect data about the use of the offering or service. We generally keep registration data for 12 months from the date the use of the service ceases or the user account is closed.
Registration data includes the information you provide when you create an account on our website (for example username, name, e-mail). It also includes the data that we may require from you before you can use certain free services, such as, for example, trial license, in this case: Name, e-mail ; or the redemption of vouchers. You must also register if you wish to subscribe to our newsletter.
Communication data: When you are in contact with us via the contact form, by e-mail, telephone, we collect the data exchanged between you and us, including your contact details and the metadata of the communication. If we record or listen in on telephone conversations or video conferences, for example for training and quality assurance purposes, we will tell you specifically. Such recordings may only be made and used in accordance with our internal policies. You will be informed if and when such recordings take place, for example by an indication during the video conference in question. If you do not want to be recorded, please notify us or leave the (video) conference. If you simply do not want your image to be recorded, please turn off your camera.
Master data: With master data we mean the basic data that we need, in addition to contract data (see below), for the performance of our contractual and other business relationships or for marketing and promotional purposes, such as name and contact details, and information about, for example, your role and function. We process your master data if you are a customer or other business contact or work for one (for example as a contact person of the business partner), or because we wish to address you for our own purposes or for the purposes of a contractual partner (for example as part of marketing and advertising). We receive master data from you (for example when you make a purchase or as part of a registration), from parties you work for, or from third parties such as contractual partners, trade shows, and from public sources such as public registers or the internet (websites, social media, Linkedin etc.). We may also collect master data from our shareholders and investors. We generally keep master data for 10 years from the last exchange between us or from the end of the contract. This period may be longer if required for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons. For contacts used only for marketing and advertising, the retention period is usually much shorter, usually no more than 2 years from the last contact.
Master data includes data such as name, address, e-mail address, telephone number and other contact details, websites, technical information; moreover, details of your relationship with us (customer, supplier, etc.), details of your status, details of our interactions with you (if applicable, a history thereof with corresponding entries), or official documents (for example NDA, contracts, etc.) that concern you.
In relation to contact persons and representatives of our customers, suppliers and partners, master data includes, for example, name and address, information about the role or function in the company.
Master data is not collected comprehensively for all contacts. The data collected in an individual case depends mostly on the purpose of the processing activity.
Dotphoton’s Business clients’ details are saved in online CRM software. Only sales related and administrative personnel have access to this software.
For customers acquiring licenses for Dotphoton's software products online, including but not limited to Jetraw and Rawsie software, more interaction with customer’s data is required, i.e. payment system, tax reporting, updates about the software, support etc. For this product we rely mostly on external parties that are being used by software companies globally and have strong Privacy and Data protection policies.
Contract data: This means data that is collected in relation to the conclusion or performance of a contract, for example information about the contracts and the services provided or to be provided, as well as data from the period leading up to the conclusion of a contract, information required or used for performing a contract, and information about feedback (for example complaints, feedback about satisfaction, etc.). We generally collect this data from you, from contractual partners and from third parties involved in the performance of the contract. We generally keep this data for 10 ****years from the last contract activity or from the end of the contract. This period may be longer where necessary for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons.
Contract data includes information about the conclusion of the contract, about your contracts, for example, the type and date of conclusion, information from the application process (such as the application for the performance of our products or services) and information about the relevant contract (for example its duration) and the performance and administration of the contracts (for example information related to billing, customer service, technical assistance and enforcement of contractual claims). Contract data also includes information about deficiencies, complaints and changes to a contract, as well as information about customer satisfaction that we may collect, for example, through surveys. Contract data also includes financial data, such as credit information (meaning information that allows us to draw conclusions about the likelihood that receivables will be paid), information about reminders and debt collection. We receive this data partly from you (for example when you make payments), but also from credit agencies and debt collection companies and from public sources (for example a commercial register).
Behavioral and preference data: Depending on our relationship with you, we try to get to know you better and to tailor our products, services and offers to you. For this purpose, we collect and process data about your behavior and preferences.
Behavioral data is information about certain actions, such as your response to electronic communications (for example if and when you have opened an e-mail) or your location, as well as your interaction with our social media pages and your participation in competitions and similar events.
Preference data tells us what your needs are, which products or services might be of interest to you or when and how you will likely respond to messages from us. We obtain this information from the analysis of existing data, such as behavioral data, so that we can get to know you better, tailor our advice and offers more precisely to you and generally improve our offers. To improve the quality of our analyses, we may combine this data with other data that we also obtain from third parties.
Behavioral and preference data may be analyzed on a personally identifiable basis (for example to show you personalized advertising), but also on a non-identifiable basis (for example for market research or product development).
Other data: We also collect data from you in other situations. For example, data that may relate to you (such as files, evidence, etc.) is processed in relation to administrative or judicial proceedings. Moreover, we collect and process data about our shareholders and other investors, in addition to master data, including information for registers, in relation to the exercise of their rights and events (for example general meetings). Data relating to you as a shareholder or investor is kept in accordance with corporate law, but in any case for as long as you are invested.
Much of the data set out in this Section 3 is provided to us by you (through forms, when you communicate with us, in relation to contracts, when you use the website, etc.). If you wish to enter into contracts with us or use our services, you must also provide us with certain data, in particular master data, contract data and registration data, as part of your contractual obligation under the relevant contract. When using our website, the processing of technical data cannot be avoided. However, in the case of behavioral and preference data, you generally have the option of objecting or not giving consent.
4. FOR WHAT PURPOSES DO WE PROCESS YOUR DATA?
We process your data for the purposes explained below. Further information is set out in Sections 12 and 13 for online services. These purposes and their objectives represent interests of us and potentially of third parties. You can find further information on the legal basis of our processing in Section 5.
We process your data for purposes related to communication with you, in particular in relation to responding to inquiries and the exercise of your rights (Section 11) and to enable us to contact you in case of queries. For this purpose, we use in particular communication data and master data, and registration data in relation to offers and services that you use. We keep this data to document our communication with you, for training purposes, for quality assurance and for follow-up inquiries.
The above includes all purposes in relation to which we communicate with you, whether in the context of customer service or consulting.
We process data for the conclusion, administration and performance of contractual relationships.
We conclude various contracts with our business and private customers, suppliers, subcontractors and other parties, such as partners in projects or parties in legal proceedings. In particular, we process master data, contract data and communication data and, depending on the circumstances, registration data relating to the customer or the persons for whose benefit the customer has received a service.
In the run-up of a business relationship, personal data – in particular master data, contract data and communication data – is collected from potential customers or other contractual partners (for example in an order form or a contract) or results from a communication.
We process data for marketing purposes and relationship management, for example to send our customers and other contractual partners personalized advertising for products and services from us and from third parties (for example from advertising partners). This may happen in the form of newsletters and other regular contacts (electronically, by e-mail) through other channels for which we have contact information from you, but also as part of marketing campaigns (for example events, contests, etc.) and may also include discounts (for example promocode). You can object to such contacts at any time (see at the end of this Section 4) or refuse or withdraw consent to be contacted for marketing purposes. With your consent, we can target our online advertising on the internet more specifically to you (see Section 12).
We further process your data for market research, to improve our services and operations, and for product development.
We process personal data to comply with laws, directives and recommendations from authorities and internal regulations («Compliance»). We may also process your data for security and access control purposes.
We also process data for the purposes of our risk management and as part of our corporate governance, including business organization and development.
We may process your data for further purposes, for example as part of our internal processes and administration or for quality assurance purposes and trainings.
5. ON WHAT BASIS DO WE PROCESS YOUR DATA?
Where we ask for your consent for certain processing activities (for example for the processing of sensitive personal data, for marketing mailings, for personalized motion profiles and for advertising management and behavior analysis on the website), we will inform you separately about the relevant processing purposes. You may withdraw your consent at any time with effect for the future by providing us written notice (by mail) or, unless otherwise noted or agreed, by sending an e-mail to us; see our contact details in Section 2. For withdrawing consent for online tracking, see Section 12. Where you have a user account, you may also withdraw consent or contact us also through the relevant website or other service, as applicable. Once we have received notification of withdrawal of consent, we will no longer process your information for the purpose(s) you consented to, unless we have another legal basis to do so. Withdrawal of consent does not, however, affect the lawfulness of the processing based on the consent prior to withdrawal.
Where we do not ask for consent for processing, the processing of your personal data relies on the requirement of the processing for initiating or performing a contract with you (or the entity you represent) or on our or a third-party legitimate interest in the particular processing, in particular in pursuing the purposes and objectives set out in Section 4 and in implementing related measures. Our legitimate interests also include compliance with legal regulations, insofar as this is not already recognized as a legal basis by applicable data protection law (for example in the case of the GDPR, the laws in the EEA and in the case of the DPA, Swiss law).
6. WHAT APPLIES IN CASE OF PROFILING AND AUTOMATED INDIVIDUAL DECISIONS?
We may automatically evaluate personal aspects relating to you («profiling») based on your data (Section 3) for the purposes set out in Section 4, where we wish to determine preference data, but also in order to detect misuse and security risks, to perform statistical analysis or for operational planning. We may also create profiles for these purposes, i.e. we may combine behavioral and preference data, but also master data, contract data and technical data relating to you in order to better understand you as a person with your various interests and other characteristics.
In both cases, we pay attention to the proportionality and reliability of the results and take measures against misuse of these profiles or profiling. Where these can produce legal effects concerning you or similarly significantly affect you, we generally ensure human review.
In certain situations, it may be necessary for the efficiency and consistency of de-cision-making processes that we automate discretionary decisions that produce legal effects concerning you or similarly significantly affect you («automated individual decisions»). In these cases, we will inform you accordingly and take the measures required by applicable law.
7. WITH WHOM DO WE SHARE YOUR DATA?
In relation to our contracts, the website, our services and products, our legal obligations or otherwise with protecting our legitimate interests and the other purposes set out in Section 4, we may disclose your personal data to third parties, in particular to the following categories of recipients:
Service providers: We work with service providers in Switzerland and abroad who process your data on our behalf or as joint controllers with us or who receive data about you from us as separate controllers. These service providers will have access to your personal information only to the extent necessary to perform their tasks and are obligated not to disclose or use it for any other purpose.
Contractual partners including customers: This refers to customers (for example service recipients) and our other contractual partners as this data disclosure results from these contracts. For example, they receive registration data in relation to issued and redeemed vouchers, invitations, etc. If you work for one of these contractual partners, we may also disclose data about you to that partner in this regard. These recipients also include contractual partners with whom we cooperate or who carry out advertising for us and to whom we may therefore disclose data about you for analysis and marketing purposes (these may again be service recipients, but also sponsors and online advertising providers). We require these partners to send you or display advertising based on your data only with your consent (for online advertising, see Section 12).
If you act as an employee for a company with which we have concluded a contract, performance of this contract may require us to tell the company, for example, how you have used our service.
Authorities: We may disclose personal data to agencies, courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to make such disclosures or if it appears necessary to protect our interests.
Other persons: This means other cases where interactions with third parties follows from the purposes set out in Section 4, for example service recipients, the media and associations in which we participate or if you are included in one of our publications.
Other recipients include, for example, delivery recipients or third-party payees specified by you, other third parties in relation to agency relationships (for example if we share your data with your lawyer or your bank) or persons involved in administrative or legal proceedings. If we cooperate with the media and share materials with them (for example photos), this may also affect you depending on the circumstances. The same applies if we publish content (for example photos, interviews, quotes, etc.), for example on our website or in our other publications. As part of our business development, we may sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships, which may also result in the disclosure of data (including from you, for example as a customer or supplier or as a supplier representative) to those persons involved in these transactions. In relation to communicating with competitors, industry organizations, associations and other bodies, data may be exchanged that also affects you.
All these categories of recipients may involve third parties, so that your data may also be disclosed to them. We can restrict the processing by certain third parties (for example IT providers), but not by others (for example authorities, banks, etc.).
8. IS YOUR PERSONAL DATA DISCLOSED ABROAD?
As explained in section 7, we disclose data to other parties. These are not all located in Switzerland. Your data may therefore be processed in Europe and in exceptional cases, in any country in the world.
If a recipient is located in a country without adequate statutory data protection, we require the recipient to undertake to comply with data protection (for this purpose, we use the European Commission’s standard contractual clauses, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is subject to a legally accepted set of rules to ensure data protection and unless we cannot rely on an exception. An exception may apply for example in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if you have consented or if data has been made available generally by you and you have not objected against the processing.
Many countries outside of Switzerland or the EEA currently do not have laws that ensure an adequate level of data protection under the DPA or the GDPR. The contractual arrangements mentioned compensate for this weaker or missing legal protection to some extent. However, contractual precautions cannot eliminate all risks (namely of government access abroad). You should be aware of these remaining risks, even though they may be low in an individual case, and we take further measures (for example pseudonymization or anonymization) to minimize them.
Please note that data exchanged via the internet is often routed through third countries. Your data may therefore be sent abroad even if the sender and recipient are in the same country.
9. HOW LONG DO WE PROCESS YOUR DATA?
We process your data for as long as our processing purposes, the legal retention periods and our legitimate interests in documentation and keeping evidence require it or storage is a technical requirement. You will find further information on the respective storage and processing periods for the individual data categories in Section 3, and for cookies in Section 12. If there are no contrary legal or contractual obligations, we will delete or anonymize your data once the storage or processing period has expired as part of our usual processes.
Documentation and evidence purposes include our interest in documenting processes, interactions and other facts in view of legal claims, inconsistencies, IT and infrastructure security requirements and demonstrating good corporate governance and compliance. Retention may be a technical requirement if certain data cannot be separated from other data and we therefore need to keep it with it (for example in case of backups or document management systems).
10. HOW DO WE PROTECT YOUR DATA?
We take appropriate security measures in order to maintain the required security of your personal data and ensure its confidentiality, integrity and availability, and to protect it against unauthorized or unlawful processing, and to mitigate the risk of loss, accidental alteration, unauthorized disclosure or access.
11. WHAT ARE YOUR RIGHTS?
Applicable data protection laws grant you the right to object to the processing of your data in some circumstances, in particular for direct marketing purposes, for profiling carried out for direct marketing purposes and for other legitimate interests in processing.
To help you control the processing of your personal data, you have the following rights in relation to our data processing, depending on the applicable data protection law:
– The right to request information from us as to whether and what data we process from you;
– The right to have us correct data if it is inaccurate;
– The right to request erasure of data;
– The right to request that we provide certain personal data in a commonly used electronic format or transfer it to another controller;
– The right to withdraw consent, where our processing is based on your consent;
– The right to receive, upon request, further information that is helpful for the exercise of these rights;
If you wish to exercise the above-mentioned rights in relation to us, please contact us in writing, at our premises or, unless otherwise specified or agreed, by e-mail; you will find our contact details in Section 2. In order for us to be able to prevent misuse, we need to identify you (for example by means of a copy of your ID card, unless identification is not possible otherwise).
Please note that conditions, exceptions or restrictions apply to these rights under applicable data protection law (for example to protect third parties or trade secrets). We will inform you accordingly where applicable.
If you do not agree with the way we handle your rights or with our data protection practices, please let us know. If you are located in the EEA, the United Kingdom or in Switzerland, you also have the right to lodge a complaint with the competent data protection supervisory authority in your country. You can find a list of authorities in the EEA here: https://edpb.europa.eu/about-edpb/board/members_en. You can reach the UK supervisory authority here: https://ico.org.uk/global/contact-us/. You can reach the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.
12. DO WE USE ONLINE TRACKING AND ONLINE ADVERTISING TECHNIQUES?
We use various techniques on our website that allow us and third parties engaged by us to recognize you during your use of our website, and possibly to track you across several visits. This Section informs you about this.
In essence, we wish to distinguish access by you (through your system) from access by other users, so that we can ensure the functionality of the website and carry out analysis and personalization. We do not intend to determine your identity, even if that is possible where we or third parties engaged by us can identify you by combination with registration data. However, even without registration data, the technologies we use are designed in such a way that you are recognized as an individual visitor each time you access the website, for example by our server (or third-party servers ) that assign a specific identification number to you or your browser (so-called «cookie»).
Cookies are individual codes (for example a serial number) that our server or a server of our service providers or advertising partners transmits to your system when you connect to our website, and that your system (browser, cell phone) accepts and stores until the set expiration time. Your system transmits these codes to our server or the third-party server with each additional access. That way, you are recognized even if your identity is unknown.
Other technologies may be used to recognize you with some likelihood (i.e. distinguish you from other users), such as «fingerprinting». Fingerprinting combines your IP address, the browser you use, screen resolution, language settings and other information that your system tells each server), resulting in a more or less unique fingerprint. This makes it possible to go without cookies.
Whenever you access a server (for example when you use a website or an app, or because an e-mail includes a visible or invisible image), your visits can therefore be «tracked». If we integrate offers from an advertising partners or a provider of an analysis tool on our website, they may track you in the same way, even if you cannot be identified in a particular case.
We use these technologies on our website and may allow certain third parties to do so as well. However, depending on the purpose of these technologies, we may ask for consent before they are used. You can also set your browser to block or deceive certain types of cookies or alternative technologies, or to delete existing cookies.
We distinguish the following categories of «cookies» (including other technologies such as fingerprinting):
– Necessary cookies: Some cookies are necessary for the functioning of the website or for certain features. For example, they ensure that you can move between pages without losing information that was entered in a form. They also ensure that you stay logged in. These cookies exist temporarily only («session cookies»). If you block them, the website may not work properly. Other cookies are necessary for the server to store options or information (which you have entered) beyond a session (i.e. a visit to the website) if you use this function (for example language settings, consents, automatic login functionality, etc.). These cookies have an expiration date of up to 24 months
– Performance cookies: In order to optimize our website and related offers and to better adapt them to the needs of the users, we use cookies to record and analyze the use of our website, potentially beyond one session. We use third-party analytics services for this purpose. Before we use such cookies, we ask for your consent. You can withdraw consent at any time through the cookie settings, by clicking cookie button on our website. Performance cookies also have an expiration date of up to 24 months.
– Marketing Cookies: We and our advertising partners have an interest in targeting advertising as precisely as possible, i.e. only showing it to those we wish to address. For this purpose, we and our advertising partners – if you consent – also use cookies that can be used to record the content accessed or contracts concluded. This allows us and our advertising contractors to display advertisements that we think you will be interested in, on our website, but also on other websites that display advertisements from us or our advertising contractors. These cookies have an expiration period ranging from a few days to 12 months, depending on the situation. If you consent to the use of these cookies, you will be shown appropriate advertising. If you do not consent to these cookies, you will not see less advertising, but simply any other advertising.
We may also integrate additional third-party offers on our website, in particular from social media providers. These offers are deactivated by default. As soon as you activate them (for example by clicking a button), these providers can determine that you are using our website. If you have an account with that social media provider, it can assign this information to you and thereby track your use of online offers. These social media providers process this data as separate controllers.
We use Google Analytics, Google Search Console, and Google Tag Manager to help us understand how our website is being used, improve user experience, and optimize website performance.
* Google Analytics: This service collects data such as IP addresses, cookies, device identifiers, and user activities on our website. This data helps us analyze how users interact with our website, measure traffic, and improve our services. IP anonymization is enabled on our Google Analytics setup to protect user privacy. Users can opt out of Google Analytics tracking using the Google Analytics Opt-out Browser Add-on.
* Google Search Console: We use Google Search Console to track the performance of our website in Google Search, including data like search queries, impressions, and click-through rates. This information is used to optimize our website for search engines.
* Google Tag Manager: Google Tag Manager is used to deploy and manage marketing and analytics tags. Google Tag Manager itself does not collect personal data; however, tags deployed via Google Tag Manager may collect information. You can control or disable these cookies via your browser settings or our cookie consent management tool.
We may share the data collected with Google, and it may be processed on Google’s servers located outside of Switzerland or the European Economic Area (EEA). We have a Data Processing Agreement (DPA) in place with Google to ensure compliance with applicable data protection laws.
You can control how cookies are used through your browser settings or our cookie consent tool. For more information, please review our Cookie Policy.
13. WHAT DATA DO WE PROCESS ON OUR SOCIAL NETWORK PAGES?
We may operate pages and other online presences on social networks and other platforms operated by third parties and collect the data about you described in Section 3 and below. We receive this data from you and from the platforms when you interact with us through our online presence (for example when you communicate with us, comment on our content or visit our online presence). At the same time, the platforms analyze your use of our online presences and combine this data with other data they have about you (for example about your behavior and preferences). They also process this data for their own purposes, in particular for marketing and market research purposes (for example to personalize advertising) and to manage their platforms (for example what content they show you) and, to that end, they act as separate controllers.
We receive data about you when you communicate with us through online presences or view our content on the corresponding platforms, visit our online presences or are active on them (for example publish content, submit comments). These platforms also collect technical data, registration data, communication data, behavioral data and preference data from you or about you, among other things (see Section 3 about these terms). These platforms usually perform statistical analysis of the way you interact with us, how you use our online presences and our content or other parts of the platform (what you view, comment on, «like», forward, etc.) and combine this data with other information about you (for example information about your age and your gender and other demographic information). In that way, they create profiles about you and statistics on the use of our online presences. They use this data and profiles to display to you our or other advertisements and other personalized content on the platform and to manage the behavior of the platform, but also for market and user research and to provide us and other parties with information about you and the use of our online presence.
We can control the analysis that these platforms generate regarding the use of our online presence to some extent.
We process this data for the purposes set out in Section 4, in particular for communication, for marketing purposes (including advertising on these platforms, see Section 12) and for market research. You will find information about the applicable legal basis in Section 5. We may disseminate content published by you (for example comments on an announcement), for example as part of our advertising on the platform or elsewhere. We or the operators of the platforms may also delete or restrict content from or about you in accordance with their terms of use (for example inappropriate comments).
For further information on the processing of the platform operators, please refer to the privacy information of the relevant platforms. There you can also find out about the countries where they process your data, your rights of access and erasure of data and other data subjects’ rights and how you can exercise them or obtain further information. We currently use the following platforms:
LinkedIn: On LinkedIn we operate a Company Page. When you visit our LinkedIn Company Page, follow this page or engage with the page, LinkedIn processes personal data to provide us with statistics and insights in anonymized form. This gives us insights into the types of actions that people take on our site (so-called page insights). For this purpose, LinkedIn processes in particular data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status.
X (formerly Twitter): On X, we operate an official Company Account. When you visit our X profile, follow our account, or engage with our posts (e.g., likes, retweets, replies), X processes personal data to provide us with statistics and insights in anonymized form. This helps us understand how users interact with our content (so-called analytics insights). For this purpose, X processes data that you have provided to X via your profile, such as username, interests, language preferences, and interaction history on the platform.
Can we update this Privacy Notice?
This Privacy Notice is not part of a contract with you. We can change this Privacy Notice at any time. The version published on this website is the current version.
13.1 Last updated: 25.08.2023
This Service Level Agreement ("SLA") is made between Dotphoton AG ("Dotphoton") and Jetraw Platorm Customer ("Customer") and forms an integral part of the Jetraw Platform Services Agreement. This SLA defines the performance standards, responsibilities, and metrics that govern the services provided by Dotphoton to the Customer.
1. Definitions
The following terms, as used in this SLA, have the meanings set forth below:
2. Service Availability
2.1 Platform Availability
Dotphoton commits to a platform availability of 99% during each calendar month, excluding scheduled maintenance, force majeure events, or other exceptions defined in this SLA. For services running in the cloud on Dotphoton’s accounts, the guaranteed availability is relative to that offered by the cloud provider. For example, AWS EC2 has an availability of 99.99% according to Amazon’s SLA, so Dotphoton guarantees an availability of:
0.99x0.9999≈99%
2.2 Measurement of Availability
Availability is calculated as:
Availability = (Total Time – Downtime) / Total Time x 100%
Where:
2.3 Exclusions
The availability calculation excludes any downtime associated with:
3. Scheduled Maintenance
Scheduled maintenance periods will be communicated to the Customer at least 5 business days in advance and will typically be performed during off-peak hours to minimize disruptions. Maintenance windows do not count toward downtime calculations for availability.
4. Incident Management
4.1 Incident Submission
Customers can submit incident reports via email support@dotphoton.com and receive an automatic confirmation email. Customers should provide the following details when submitting a report:
4.2 Incident Classification
Incidents are classified based on severity:
4.3 Response to High-Priority Incidents
Dotphoton will respond to high-priority incidents (e.g., platform-wide issues) within 2 business hours of receiving the Service Request during Dotphoton’s working Business Hours (9:00 AM to 5:00 PM CET, Monday to Friday). High-priority incidents include:
5. Mean Time to Notify (MTTN)
For critical disruptions (e.g., platform outages), Dotphoton will notify the Customer within 1 business hour after the disruption is confirmed.
6. Mean Time to Recovery (MTTR)
Dotphoton aims to resolve high-priority disruptions within 4 business hours. The MTTR clock starts when Dotphoton confirms the disruption and ends when the platform's performance has returned to the agreed service levels.
7. Platform Support
7.1 Business Hours Support
Standard support will be provided during Business Hours (Monday to Friday, 9:00 AM to 5:00 PM CET). Customers can submit support requests through Dotphoton’s support email support@dotphoton.com, and responses will follow the Response Time commitments outlined above.
9.2 Extended Support (Optional)
Customers requiring support outside of business hours or 24/7 support can opt for extended support packages. Pricing and terms for extended support will be detailed in a separate agreement.
10. Service Requests
All Service Requests must be submitted through Dotphoton’s support email support@dotphoton.com. Each request will generate a Trouble Ticket according to Dotphoton’s internal procedure for tracking purposes. Customers are required to provide the following details:
1. Description of the issue
2. Steps leading to the issue (if possible)
3. System configuration
4. Whether the entire platform is affected
5. Affected files or storage areas
6. Time the issue started
11. S-PoC (Single Point of Contact)
The Customer will designate a Single Point of Contact (S-PoC) to oversee incident management and communication. The S-PoC will ensure smooth coordination during issue resolution.
13. Out of Scope Services
The following services are out of the scope of this SLA:
15. Review and Amendments
This SLA will be reviewed quarterly. Dotphoton reserves the right to modify service levels with at least 30 days written notice to the Customer.
16. Termination
This SLA will remain in effect for the duration of the Platform Services Agreement. Either party may terminate this SLA by providing at least 30 days’ notice in writing.
Thank you for visiting dotphoton.com (the "Website"). At Dotphoton, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines the types of information we collect, how we use it, and the choices you have regarding your information. Please take a moment to review this policy carefully.
1. WHAT IS THIS PRIVACY NOTICE ABOUT?
Dotphoton AG (also «we», «us») collects and processes personal data that concern you but also other individuals («third parties»). We use the word «data» here interchangeably with «personal data».
In this Privacy Notice, we describe what we do with your data when you use dotphoton.com, and/or our other websites jetraw.com, rawsie.co or apps (collectively «website»), obtain services or products from us, interact with us in relation to a contract, communicate with us or otherwise deal with us. When appropriate we will provide a just-in-time notice to cover any additional processing activities not mentioned in this Privacy Notice. In addition, we may inform you about the processing of your data separately, for example in consent forms, terms and conditions, additional privacy notices, forms and other notices.
If you disclose data to us or share data with us about other individuals, co-workers, etc., we assume that you are authorized to do so and that the relevant data is accurate. When you share data about others with us, you confirm that. Please make sure that these individuals have been informed about this Privacy Notice.
This Privacy Notice is aligned with the EU General Data Protection Regulation («GDPR») and the Swiss Data Protection Act («DPA»). However, the application of these laws depends on each individual case.
2. WHO IS THE CONTROLLER FOR PROCESSING YOUR DATA?
The Dotphoton AG, Nordstrasse 3, 6300 Zug, Switzerland (the «company») is the controller for the Dotphoton’s processing under this Privacy Notice, unless we tell you otherwise in an individual case, for example in additional privacy notices, on a form or in a contract.
You may contact us for data protection concerns and to exercise your rights under Section 11 as follows:
Dotphoton AG
Nordstrasse 3
6300 Zug
Switzerland
get@dotphoton.com
3. WHAT DATA DO WE PROCESS?
We process various categories of data about you. The main categories of data are the following:
Technical data: When you use our website or our software, we collect the IP address of your terminal device and other technical data in order to ensure the functionality and security of these offerings. This data includes logs with records of the use of our systems. In order to ensure the functionality of these offerings, we may also assign an individual code to you or your terminal device (for example as a cookie, see Section 12). Technical data as such does not permit us to draw conclusions about your identity. However, technical data may be linked with other categories of data (and potentially with your person) in relation to user accounts, registrations, access controls or the performance of a contract.
Technical data includes the IP address and information about the operating system of your terminal device, the date, region and time of use and the type of browser that you use to access our electronic offerings. This can help us to provide an appropriate layout of the website or to show you a website customized for your region, for example. We know through which provider you access our offerings (and therefore also the region) because of the IP address, but usually this does not tell us who you are. However, this changes for example when you create a user account, because personal data can then be linked with technical data (for example, we can know the browser you use to access an account through our website). Examples of technical data include protocols («logs») that are created in our systems (for example the log of user logins to our website).
Registration data: Certain offerings, contact forms and services (such as login areas of our website, newsletters, etc.) can only be used with a user account or registration, which can happen directly with us or through our third-party login service providers. In this regard you must provide us with certain data, and we collect data about the use of the offering or service. We generally keep registration data for 12 months from the date the use of the service ceases or the user account is closed.
Registration data includes the information you provide when you create an account on our website (for example username, name, e-mail). It also includes the data that we may require from you before you can use certain free services, such as, for example, trial license, in this case: Name, e-mail ; or the redemption of vouchers. You must also register if you wish to subscribe to our newsletter.
Communication data: When you are in contact with us via the contact form, by e-mail, telephone, we collect the data exchanged between you and us, including your contact details and the metadata of the communication. If we record or listen in on telephone conversations or video conferences, for example for training and quality assurance purposes, we will tell you specifically. Such recordings may only be made and used in accordance with our internal policies. You will be informed if and when such recordings take place, for example by an indication during the video conference in question. If you do not want to be recorded, please notify us or leave the (video) conference. If you simply do not want your image to be recorded, please turn off your camera.
Master data: With master data we mean the basic data that we need, in addition to contract data (see below), for the performance of our contractual and other business relationships or for marketing and promotional purposes, such as name and contact details, and information about, for example, your role and function. We process your master data if you are a customer or other business contact or work for one (for example as a contact person of the business partner), or because we wish to address you for our own purposes or for the purposes of a contractual partner (for example as part of marketing and advertising). We receive master data from you (for example when you make a purchase or as part of a registration), from parties you work for, or from third parties such as contractual partners, trade shows, and from public sources such as public registers or the internet (websites, social media, Linkedin etc.). We may also collect master data from our shareholders and investors. We generally keep master data for 10 years from the last exchange between us or from the end of the contract. This period may be longer if required for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons. For contacts used only for marketing and advertising, the retention period is usually much shorter, usually no more than 2 years from the last contact.
Master data includes data such as name, address, e-mail address, telephone number and other contact details, websites, technical information; moreover, details of your relationship with us (customer, supplier, etc.), details of your status, details of our interactions with you (if applicable, a history thereof with corresponding entries), or official documents (for example NDA, contracts, etc.) that concern you.
In relation to contact persons and representatives of our customers, suppliers and partners, master data includes, for example, name and address, information about the role or function in the company.
Master data is not collected comprehensively for all contacts. The data collected in an individual case depends mostly on the purpose of the processing activity.
Dotphoton’s Business clients’ details are saved in online CRM software. Only sales related and administrative personnel have access to this software.
For customers acquiring licenses for Dotphoton's software products online, including but not limited to Jetraw and Rawsie software, more interaction with customer’s data is required, i.e. payment system, tax reporting, updates about the software, support etc. For this product we rely mostly on external parties that are being used by software companies globally and have strong Privacy and Data protection policies.
Contract data: This means data that is collected in relation to the conclusion or performance of a contract, for example information about the contracts and the services provided or to be provided, as well as data from the period leading up to the conclusion of a contract, information required or used for performing a contract, and information about feedback (for example complaints, feedback about satisfaction, etc.). We generally collect this data from you, from contractual partners and from third parties involved in the performance of the contract. We generally keep this data for 10 ****years from the last contract activity or from the end of the contract. This period may be longer where necessary for evidentiary purposes, to comply with legal or contractual requirements, or for technical reasons.
Contract data includes information about the conclusion of the contract, about your contracts, for example, the type and date of conclusion, information from the application process (such as the application for the performance of our products or services) and information about the relevant contract (for example its duration) and the performance and administration of the contracts (for example information related to billing, customer service, technical assistance and enforcement of contractual claims). Contract data also includes information about deficiencies, complaints and changes to a contract, as well as information about customer satisfaction that we may collect, for example, through surveys. Contract data also includes financial data, such as credit information (meaning information that allows us to draw conclusions about the likelihood that receivables will be paid), information about reminders and debt collection. We receive this data partly from you (for example when you make payments), but also from credit agencies and debt collection companies and from public sources (for example a commercial register).
Behavioral and preference data: Depending on our relationship with you, we try to get to know you better and to tailor our products, services and offers to you. For this purpose, we collect and process data about your behavior and preferences.
Behavioral data is information about certain actions, such as your response to electronic communications (for example if and when you have opened an e-mail) or your location, as well as your interaction with our social media pages and your participation in competitions and similar events.
Preference data tells us what your needs are, which products or services might be of interest to you or when and how you will likely respond to messages from us. We obtain this information from the analysis of existing data, such as behavioral data, so that we can get to know you better, tailor our advice and offers more precisely to you and generally improve our offers. To improve the quality of our analyses, we may combine this data with other data that we also obtain from third parties.
Behavioral and preference data may be analyzed on a personally identifiable basis (for example to show you personalized advertising), but also on a non-identifiable basis (for example for market research or product development).
Other data: We also collect data from you in other situations. For example, data that may relate to you (such as files, evidence, etc.) is processed in relation to administrative or judicial proceedings. Moreover, we collect and process data about our shareholders and other investors, in addition to master data, including information for registers, in relation to the exercise of their rights and events (for example general meetings). Data relating to you as a shareholder or investor is kept in accordance with corporate law, but in any case for as long as you are invested.
Much of the data set out in this Section 3 is provided to us by you (through forms, when you communicate with us, in relation to contracts, when you use the website, etc.). If you wish to enter into contracts with us or use our services, you must also provide us with certain data, in particular master data, contract data and registration data, as part of your contractual obligation under the relevant contract. When using our website, the processing of technical data cannot be avoided. However, in the case of behavioral and preference data, you generally have the option of objecting or not giving consent.
4. FOR WHAT PURPOSES DO WE PROCESS YOUR DATA?
We process your data for the purposes explained below. Further information is set out in Sections 12 and 13 for online services. These purposes and their objectives represent interests of us and potentially of third parties. You can find further information on the legal basis of our processing in Section 5.
We process your data for purposes related to communication with you, in particular in relation to responding to inquiries and the exercise of your rights (Section 11) and to enable us to contact you in case of queries. For this purpose, we use in particular communication data and master data, and registration data in relation to offers and services that you use. We keep this data to document our communication with you, for training purposes, for quality assurance and for follow-up inquiries.
The above includes all purposes in relation to which we communicate with you, whether in the context of customer service or consulting.
We process data for the conclusion, administration and performance of contractual relationships.
We conclude various contracts with our business and private customers, suppliers, subcontractors and other parties, such as partners in projects or parties in legal proceedings. In particular, we process master data, contract data and communication data and, depending on the circumstances, registration data relating to the customer or the persons for whose benefit the customer has received a service.
In the run-up of a business relationship, personal data – in particular master data, contract data and communication data – is collected from potential customers or other contractual partners (for example in an order form or a contract) or results from a communication.
We process data for marketing purposes and relationship management, for example to send our customers and other contractual partners personalized advertising for products and services from us and from third parties (for example from advertising partners). This may happen in the form of newsletters and other regular contacts (electronically, by e-mail) through other channels for which we have contact information from you, but also as part of marketing campaigns (for example events, contests, etc.) and may also include discounts (for example promocode). You can object to such contacts at any time (see at the end of this Section 4) or refuse or withdraw consent to be contacted for marketing purposes. With your consent, we can target our online advertising on the internet more specifically to you (see Section 12).
We further process your data for market research, to improve our services and operations, and for product development.
We process personal data to comply with laws, directives and recommendations from authorities and internal regulations («Compliance»). We may also process your data for security and access control purposes.
We also process data for the purposes of our risk management and as part of our corporate governance, including business organization and development.
We may process your data for further purposes, for example as part of our internal processes and administration or for quality assurance purposes and trainings.
5. ON WHAT BASIS DO WE PROCESS YOUR DATA?
Where we ask for your consent for certain processing activities (for example for the processing of sensitive personal data, for marketing mailings, for personalized motion profiles and for advertising management and behavior analysis on the website), we will inform you separately about the relevant processing purposes. You may withdraw your consent at any time with effect for the future by providing us written notice (by mail) or, unless otherwise noted or agreed, by sending an e-mail to us; see our contact details in Section 2. For withdrawing consent for online tracking, see Section 12. Where you have a user account, you may also withdraw consent or contact us also through the relevant website or other service, as applicable. Once we have received notification of withdrawal of consent, we will no longer process your information for the purpose(s) you consented to, unless we have another legal basis to do so. Withdrawal of consent does not, however, affect the lawfulness of the processing based on the consent prior to withdrawal.
Where we do not ask for consent for processing, the processing of your personal data relies on the requirement of the processing for initiating or performing a contract with you (or the entity you represent) or on our or a third-party legitimate interest in the particular processing, in particular in pursuing the purposes and objectives set out in Section 4 and in implementing related measures. Our legitimate interests also include compliance with legal regulations, insofar as this is not already recognized as a legal basis by applicable data protection law (for example in the case of the GDPR, the laws in the EEA and in the case of the DPA, Swiss law).
6. WHAT APPLIES IN CASE OF PROFILING AND AUTOMATED INDIVIDUAL DECISIONS?
We may automatically evaluate personal aspects relating to you («profiling») based on your data (Section 3) for the purposes set out in Section 4, where we wish to determine preference data, but also in order to detect misuse and security risks, to perform statistical analysis or for operational planning. We may also create profiles for these purposes, i.e. we may combine behavioral and preference data, but also master data, contract data and technical data relating to you in order to better understand you as a person with your various interests and other characteristics.
In both cases, we pay attention to the proportionality and reliability of the results and take measures against misuse of these profiles or profiling. Where these can produce legal effects concerning you or similarly significantly affect you, we generally ensure human review.
In certain situations, it may be necessary for the efficiency and consistency of de-cision-making processes that we automate discretionary decisions that produce legal effects concerning you or similarly significantly affect you («automated individual decisions»). In these cases, we will inform you accordingly and take the measures required by applicable law.
7. WITH WHOM DO WE SHARE YOUR DATA?
In relation to our contracts, the website, our services and products, our legal obligations or otherwise with protecting our legitimate interests and the other purposes set out in Section 4, we may disclose your personal data to third parties, in particular to the following categories of recipients:
Service providers: We work with service providers in Switzerland and abroad who process your data on our behalf or as joint controllers with us or who receive data about you from us as separate controllers. These service providers will have access to your personal information only to the extent necessary to perform their tasks and are obligated not to disclose or use it for any other purpose.
Contractual partners including customers: This refers to customers (for example service recipients) and our other contractual partners as this data disclosure results from these contracts. For example, they receive registration data in relation to issued and redeemed vouchers, invitations, etc. If you work for one of these contractual partners, we may also disclose data about you to that partner in this regard. These recipients also include contractual partners with whom we cooperate or who carry out advertising for us and to whom we may therefore disclose data about you for analysis and marketing purposes (these may again be service recipients, but also sponsors and online advertising providers). We require these partners to send you or display advertising based on your data only with your consent (for online advertising, see Section 12).
If you act as an employee for a company with which we have concluded a contract, performance of this contract may require us to tell the company, for example, how you have used our service.
Authorities: We may disclose personal data to agencies, courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to make such disclosures or if it appears necessary to protect our interests.
Other persons: This means other cases where interactions with third parties follows from the purposes set out in Section 4, for example service recipients, the media and associations in which we participate or if you are included in one of our publications.
Other recipients include, for example, delivery recipients or third-party payees specified by you, other third parties in relation to agency relationships (for example if we share your data with your lawyer or your bank) or persons involved in administrative or legal proceedings. If we cooperate with the media and share materials with them (for example photos), this may also affect you depending on the circumstances. The same applies if we publish content (for example photos, interviews, quotes, etc.), for example on our website or in our other publications. As part of our business development, we may sell businesses, parts of businesses or companies to others or acquire them from others or enter into partnerships, which may also result in the disclosure of data (including from you, for example as a customer or supplier or as a supplier representative) to those persons involved in these transactions. In relation to communicating with competitors, industry organizations, associations and other bodies, data may be exchanged that also affects you.
All these categories of recipients may involve third parties, so that your data may also be disclosed to them. We can restrict the processing by certain third parties (for example IT providers), but not by others (for example authorities, banks, etc.).
8. IS YOUR PERSONAL DATA DISCLOSED ABROAD?
As explained in section 7, we disclose data to other parties. These are not all located in Switzerland. Your data may therefore be processed in Europe and in exceptional cases, in any country in the world.
If a recipient is located in a country without adequate statutory data protection, we require the recipient to undertake to comply with data protection (for this purpose, we use the European Commission’s standard contractual clauses, which can be accessed here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?), unless the recipient is subject to a legally accepted set of rules to ensure data protection and unless we cannot rely on an exception. An exception may apply for example in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if you have consented or if data has been made available generally by you and you have not objected against the processing.
Many countries outside of Switzerland or the EEA currently do not have laws that ensure an adequate level of data protection under the DPA or the GDPR. The contractual arrangements mentioned compensate for this weaker or missing legal protection to some extent. However, contractual precautions cannot eliminate all risks (namely of government access abroad). You should be aware of these remaining risks, even though they may be low in an individual case, and we take further measures (for example pseudonymization or anonymization) to minimize them.
Please note that data exchanged via the internet is often routed through third countries. Your data may therefore be sent abroad even if the sender and recipient are in the same country.
9. HOW LONG DO WE PROCESS YOUR DATA?
We process your data for as long as our processing purposes, the legal retention periods and our legitimate interests in documentation and keeping evidence require it or storage is a technical requirement. You will find further information on the respective storage and processing periods for the individual data categories in Section 3, and for cookies in Section 12. If there are no contrary legal or contractual obligations, we will delete or anonymize your data once the storage or processing period has expired as part of our usual processes.
Documentation and evidence purposes include our interest in documenting processes, interactions and other facts in view of legal claims, inconsistencies, IT and infrastructure security requirements and demonstrating good corporate governance and compliance. Retention may be a technical requirement if certain data cannot be separated from other data and we therefore need to keep it with it (for example in case of backups or document management systems).
10. HOW DO WE PROTECT YOUR DATA?
We take appropriate security measures in order to maintain the required security of your personal data and ensure its confidentiality, integrity and availability, and to protect it against unauthorized or unlawful processing, and to mitigate the risk of loss, accidental alteration, unauthorized disclosure or access.
11. WHAT ARE YOUR RIGHTS?
Applicable data protection laws grant you the right to object to the processing of your data in some circumstances, in particular for direct marketing purposes, for profiling carried out for direct marketing purposes and for other legitimate interests in processing.
To help you control the processing of your personal data, you have the following rights in relation to our data processing, depending on the applicable data protection law:
– The right to request information from us as to whether and what data we process from you;
– The right to have us correct data if it is inaccurate;
– The right to request erasure of data;
– The right to request that we provide certain personal data in a commonly used electronic format or transfer it to another controller;
– The right to withdraw consent, where our processing is based on your consent;
– The right to receive, upon request, further information that is helpful for the exercise of these rights;
If you wish to exercise the above-mentioned rights in relation to us, please contact us in writing, at our premises or, unless otherwise specified or agreed, by e-mail; you will find our contact details in Section 2. In order for us to be able to prevent misuse, we need to identify you (for example by means of a copy of your ID card, unless identification is not possible otherwise).
Please note that conditions, exceptions or restrictions apply to these rights under applicable data protection law (for example to protect third parties or trade secrets). We will inform you accordingly where applicable.
If you do not agree with the way we handle your rights or with our data protection practices, please let us know. If you are located in the EEA, the United Kingdom or in Switzerland, you also have the right to lodge a complaint with the competent data protection supervisory authority in your country. You can find a list of authorities in the EEA here: https://edpb.europa.eu/about-edpb/board/members_en. You can reach the UK supervisory authority here: https://ico.org.uk/global/contact-us/. You can reach the Swiss supervisory authority here: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.
12. DO WE USE ONLINE TRACKING AND ONLINE ADVERTISING TECHNIQUES?
We use various techniques on our website that allow us and third parties engaged by us to recognize you during your use of our website, and possibly to track you across several visits. This Section informs you about this.
In essence, we wish to distinguish access by you (through your system) from access by other users, so that we can ensure the functionality of the website and carry out analysis and personalization. We do not intend to determine your identity, even if that is possible where we or third parties engaged by us can identify you by combination with registration data. However, even without registration data, the technologies we use are designed in such a way that you are recognized as an individual visitor each time you access the website, for example by our server (or third-party servers ) that assign a specific identification number to you or your browser (so-called «cookie»).
Cookies are individual codes (for example a serial number) that our server or a server of our service providers or advertising partners transmits to your system when you connect to our website, and that your system (browser, cell phone) accepts and stores until the set expiration time. Your system transmits these codes to our server or the third-party server with each additional access. That way, you are recognized even if your identity is unknown.
Other technologies may be used to recognize you with some likelihood (i.e. distinguish you from other users), such as «fingerprinting». Fingerprinting combines your IP address, the browser you use, screen resolution, language settings and other information that your system tells each server), resulting in a more or less unique fingerprint. This makes it possible to go without cookies.
Whenever you access a server (for example when you use a website or an app, or because an e-mail includes a visible or invisible image), your visits can therefore be «tracked». If we integrate offers from an advertising partners or a provider of an analysis tool on our website, they may track you in the same way, even if you cannot be identified in a particular case.
We use these technologies on our website and may allow certain third parties to do so as well. However, depending on the purpose of these technologies, we may ask for consent before they are used. You can also set your browser to block or deceive certain types of cookies or alternative technologies, or to delete existing cookies.
We distinguish the following categories of «cookies» (including other technologies such as fingerprinting):
– Necessary cookies: Some cookies are necessary for the functioning of the website or for certain features. For example, they ensure that you can move between pages without losing information that was entered in a form. They also ensure that you stay logged in. These cookies exist temporarily only («session cookies»). If you block them, the website may not work properly. Other cookies are necessary for the server to store options or information (which you have entered) beyond a session (i.e. a visit to the website) if you use this function (for example language settings, consents, automatic login functionality, etc.). These cookies have an expiration date of up to 24 months
– Performance cookies: In order to optimize our website and related offers and to better adapt them to the needs of the users, we use cookies to record and analyze the use of our website, potentially beyond one session. We use third-party analytics services for this purpose. Before we use such cookies, we ask for your consent. You can withdraw consent at any time through the cookie settings, by clicking cookie button on our website. Performance cookies also have an expiration date of up to 24 months.
– Marketing Cookies: We and our advertising partners have an interest in targeting advertising as precisely as possible, i.e. only showing it to those we wish to address. For this purpose, we and our advertising partners – if you consent – also use cookies that can be used to record the content accessed or contracts concluded. This allows us and our advertising contractors to display advertisements that we think you will be interested in, on our website, but also on other websites that display advertisements from us or our advertising contractors. These cookies have an expiration period ranging from a few days to 12 months, depending on the situation. If you consent to the use of these cookies, you will be shown appropriate advertising. If you do not consent to these cookies, you will not see less advertising, but simply any other advertising.
We may also integrate additional third-party offers on our website, in particular from social media providers. These offers are deactivated by default. As soon as you activate them (for example by clicking a button), these providers can determine that you are using our website. If you have an account with that social media provider, it can assign this information to you and thereby track your use of online offers. These social media providers process this data as separate controllers.
We use Google Analytics, Google Search Console, and Google Tag Manager to help us understand how our website is being used, improve user experience, and optimize website performance.
* Google Analytics: This service collects data such as IP addresses, cookies, device identifiers, and user activities on our website. This data helps us analyze how users interact with our website, measure traffic, and improve our services. IP anonymization is enabled on our Google Analytics setup to protect user privacy. Users can opt out of Google Analytics tracking using the Google Analytics Opt-out Browser Add-on.
* Google Search Console: We use Google Search Console to track the performance of our website in Google Search, including data like search queries, impressions, and click-through rates. This information is used to optimize our website for search engines.
* Google Tag Manager: Google Tag Manager is used to deploy and manage marketing and analytics tags. Google Tag Manager itself does not collect personal data; however, tags deployed via Google Tag Manager may collect information. You can control or disable these cookies via your browser settings or our cookie consent management tool.
We may share the data collected with Google, and it may be processed on Google’s servers located outside of Switzerland or the European Economic Area (EEA). We have a Data Processing Agreement (DPA) in place with Google to ensure compliance with applicable data protection laws.
You can control how cookies are used through your browser settings or our cookie consent tool. For more information, please review our Cookie Policy.
13. WHAT DATA DO WE PROCESS ON OUR SOCIAL NETWORK PAGES?
We may operate pages and other online presences on social networks and other platforms operated by third parties and collect the data about you described in Section 3 and below. We receive this data from you and from the platforms when you interact with us through our online presence (for example when you communicate with us, comment on our content or visit our online presence). At the same time, the platforms analyze your use of our online presences and combine this data with other data they have about you (for example about your behavior and preferences). They also process this data for their own purposes, in particular for marketing and market research purposes (for example to personalize advertising) and to manage their platforms (for example what content they show you) and, to that end, they act as separate controllers.
We receive data about you when you communicate with us through online presences or view our content on the corresponding platforms, visit our online presences or are active on them (for example publish content, submit comments). These platforms also collect technical data, registration data, communication data, behavioral data and preference data from you or about you, among other things (see Section 3 about these terms). These platforms usually perform statistical analysis of the way you interact with us, how you use our online presences and our content or other parts of the platform (what you view, comment on, «like», forward, etc.) and combine this data with other information about you (for example information about your age and your gender and other demographic information). In that way, they create profiles about you and statistics on the use of our online presences. They use this data and profiles to display to you our or other advertisements and other personalized content on the platform and to manage the behavior of the platform, but also for market and user research and to provide us and other parties with information about you and the use of our online presence.
We can control the analysis that these platforms generate regarding the use of our online presence to some extent.
We process this data for the purposes set out in Section 4, in particular for communication, for marketing purposes (including advertising on these platforms, see Section 12) and for market research. You will find information about the applicable legal basis in Section 5. We may disseminate content published by you (for example comments on an announcement), for example as part of our advertising on the platform or elsewhere. We or the operators of the platforms may also delete or restrict content from or about you in accordance with their terms of use (for example inappropriate comments).
For further information on the processing of the platform operators, please refer to the privacy information of the relevant platforms. There you can also find out about the countries where they process your data, your rights of access and erasure of data and other data subjects’ rights and how you can exercise them or obtain further information. We currently use the following platforms:
LinkedIn: On LinkedIn we operate a Company Page. When you visit our LinkedIn Company Page, follow this page or engage with the page, LinkedIn processes personal data to provide us with statistics and insights in anonymized form. This gives us insights into the types of actions that people take on our site (so-called page insights). For this purpose, LinkedIn processes in particular data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status.
X (formerly Twitter): On X, we operate an official Company Account. When you visit our X profile, follow our account, or engage with our posts (e.g., likes, retweets, replies), X processes personal data to provide us with statistics and insights in anonymized form. This helps us understand how users interact with our content (so-called analytics insights). For this purpose, X processes data that you have provided to X via your profile, such as username, interests, language preferences, and interaction history on the platform.
Can we update this Privacy Notice?
This Privacy Notice is not part of a contract with you. We can change this Privacy Notice at any time. The version published on this website is the current version.
13.1 Last updated: 25.08.2023
This Service Level Agreement ("SLA") is made between Dotphoton AG ("Dotphoton") and Jetraw Platorm Customer ("Customer") and forms an integral part of the Jetraw Platform Services Agreement. This SLA defines the performance standards, responsibilities, and metrics that govern the services provided by Dotphoton to the Customer.
1. Definitions
The following terms, as used in this SLA, have the meanings set forth below:
2. Service Availability
2.1 Platform Availability
Dotphoton commits to a platform availability of 99% during each calendar month, excluding scheduled maintenance, force majeure events, or other exceptions defined in this SLA. For services running in the cloud on Dotphoton’s accounts, the guaranteed availability is relative to that offered by the cloud provider. For example, AWS EC2 has an availability of 99.99% according to Amazon’s SLA, so Dotphoton guarantees an availability of:
0.99x0.9999≈99%
2.2 Measurement of Availability
Availability is calculated as:
Availability = (Total Time – Downtime) / Total Time x 100%
Where:
2.3 Exclusions
The availability calculation excludes any downtime associated with:
3. Scheduled Maintenance
Scheduled maintenance periods will be communicated to the Customer at least 5 business days in advance and will typically be performed during off-peak hours to minimize disruptions. Maintenance windows do not count toward downtime calculations for availability.
4. Incident Management
4.1 Incident Submission
Customers can submit incident reports via email support@dotphoton.com and receive an automatic confirmation email. Customers should provide the following details when submitting a report:
4.2 Incident Classification
Incidents are classified based on severity:
4.3 Response to High-Priority Incidents
Dotphoton will respond to high-priority incidents (e.g., platform-wide issues) within 2 business hours of receiving the Service Request during Dotphoton’s working Business Hours (9:00 AM to 5:00 PM CET, Monday to Friday). High-priority incidents include:
5. Mean Time to Notify (MTTN)
For critical disruptions (e.g., platform outages), Dotphoton will notify the Customer within 1 business hour after the disruption is confirmed.
6. Mean Time to Recovery (MTTR)
Dotphoton aims to resolve high-priority disruptions within 4 business hours. The MTTR clock starts when Dotphoton confirms the disruption and ends when the platform's performance has returned to the agreed service levels.
7. Platform Support
7.1 Business Hours Support
Standard support will be provided during Business Hours (Monday to Friday, 9:00 AM to 5:00 PM CET). Customers can submit support requests through Dotphoton’s support email support@dotphoton.com, and responses will follow the Response Time commitments outlined above.
9.2 Extended Support (Optional)
Customers requiring support outside of business hours or 24/7 support can opt for extended support packages. Pricing and terms for extended support will be detailed in a separate agreement.
10. Service Requests
All Service Requests must be submitted through Dotphoton’s support email support@dotphoton.com. Each request will generate a Trouble Ticket according to Dotphoton’s internal procedure for tracking purposes. Customers are required to provide the following details:
1. Description of the issue
2. Steps leading to the issue (if possible)
3. System configuration
4. Whether the entire platform is affected
5. Affected files or storage areas
6. Time the issue started
11. S-PoC (Single Point of Contact)
The Customer will designate a Single Point of Contact (S-PoC) to oversee incident management and communication. The S-PoC will ensure smooth coordination during issue resolution.
13. Out of Scope Services
The following services are out of the scope of this SLA:
15. Review and Amendments
This SLA will be reviewed quarterly. Dotphoton reserves the right to modify service levels with at least 30 days written notice to the Customer.
16. Termination
This SLA will remain in effect for the duration of the Platform Services Agreement. Either party may terminate this SLA by providing at least 30 days’ notice in writing.
