Terms & Conditions

These terms of use regulate the use of the services provided by Lenze SE, Hans-Lenze-Str. 1, 31855 Aerzen, Germany hereinafter referred to as “Lenze”.

Lenze is involved with customers and partners in the realisation of digital products and services including Lenze's digital offerings. With and also involves the machine operator. The current services are described in detail on Lenze.Digital’s website (https://lenze.digital ).

Article 1. Definitions

1.1 User: the legal entity to which Lenze has made available the use of its services or the end user, who has been granted a right of use by the aforementioned legal entity and who uses or wishes to use the Service.

1.2 Agreement: any agreement between Lenze and User concerning (the purchase of) a Service.

1.3 Service: service(s) and/or hardware provided by Lenze, such as X4 ASSET PERFORMANCE PLATFORM or any related services and the future services that have not been brought into fruition at the inception of These Terms.

1.4 These Terms: this document containing the terms of use.

1.5 Website: The websites of Lenze, Lenze or its reseller, where User is able to make use of the Service (for example: www.x4.industrial-iot.cloud and/or any subdomains and extensions).

1.6 Personal Data: any information relating to an identified or identifiable natural person, as stated in the GDPR. 

Article 2. Applicability and order of precedence

2.1 These Terms shall be considered accepted by User either by signing These Terms as part of a separate Agreement, accepting an offer to which These Terms have been attached, by agreeing to These Terms when creating an account for the Service or by making use of the Service.

2.2 These Terms, including any other terms and conditions made available on the Website or through other channels, apply to every offer of the X4 Asset Performance Platform and form an integral part of every Agreement.

2.3 Terms and conditions applied by User that deviate from or that are not included in These Terms are only binding for Lenze if and in so far as they have been explicitly accepted in writing by Lenze.

Article 3 Service and restrictions

3.1 Lenze hereby grants User a non-exclusive, non-transferable, limited right to access and use its Service, under the conditions of These Terms and for the duration of the Agreement.

3.2 The use of the Service is at User's own expense and risk. User is responsible for meeting the technical and functional requirements of the Service and using the electronic communication facilities that are necessary to be able to access and use the Service.

3.3 Any use of the Service, including the transmission, distribution and making available thereof, and any other (legal) act relating to the Service, by or on behalf of User is for User's own risk and responsibility. Lenze is not liable and/or responsible for the use of the Service by User.

3.4 User is at all times obliged to ensure that its use of the Service corresponds to These Terms and does not violate applicable law and/or the Agreement or infringe upon third party rights. User shall indemnify and hold Lenze, Lenze and its resellers harmless for any and all damages resulting from not complying with the aforementioned restrictions.

3.5 Notwithstanding any other provisions of These Terms, and any of the User's legal obligations, the use of the Service may not, at Lenze's sole discretion:

i. include software such as viruses or trojans that can damage or erase, make unavailable or make inaccessible any computers or data of Lenze, (other) Users or third parties;

ii. bypass technical security measures of the computer systems of Lenze, (other) Users or third parties;

iii. involve unreasonable or disproportionate use of the infrastructure of Lenze's or third parties' computer systems;

3.6 In addition to the restrictions stated in the previous paragraph, the User is not allowed to make any other changes to the Service or to remove, alter or destroy any form of copyright notice, proprietary markings, trademarks or confidential legends placed upon or contained within the Service.

3.7 Furthermore, the User will not translate, disassemble, reverse engineer, decompile or otherwise attempt to reconstruct or discover any source code or underlying ideas or algorithms of, or embodied in, the Service. Excluded from the restrictions in this article are the rights that are explicitly granted to the User by Lenze or applicable law.

Article 4. Installation and configuration

4.1 Any Service is installed and configured by the User. Any installation and use of the Service is contingent upon the User (at its own costs and effort) providing or having the necessary requirements for use of the Service, such as:

(i) adequate internet access,

(ii) a personal computer,

(iii) adequate user rights on its personal computer,

(iv) sufficient knowledge of its own industrial equipment.

Article 5. User data (privacy and Personal Data)

5.1 If the User processes Personal Data using the Service, the User will be subject to the applicable privacy and data protection legislation, such as the General Data Protection Regulation. In respect thereof, the User guarantees that it will only process Personal Data in a manner that is fully compliant with applicable law.

5.2 The User, upon using the Service, agrees to the data processing agreement as specified in Annex I of these Terms.

5.3 The User indemnifies Lenze, Lenze and its resellers against claims of third parties whose Personal Data is processed by the User in any way that does not correspond with applicable law.

5.4 Lenze will use its best efforts to provide an appropriate level of security concerning the risks involved in the usage of the Service in processing Personal Data and the nature thereof.

Article 6. Payment

6.1 Any prices communicated by Lenze are exclusive of turnover tax (VAT) and other levies imposed by the government. User must make all payments in the currency stated by Lenze or its resellers.

6.2 Lenze may require immediate payment via credit card or bank transfer. Lenze may send any invoices electronically, including through email.

6.3 If User doesn't pay an invoice within the stated or agreed upon payment term then Lenze is entitled to limit or block access to the Service until all outstanding invoices (including interest etc.) have been paid in full. Lenze is not liable for any damage resulting from such limitation or blocking of access.

6.4 If User fails to pay the amount due after a demand for payment or a notice of default has been issued, Lenze shall be entitled to refer the debt for collection, in which case User must pay all judicial and extrajudicial costs, including all costs charged by external experts. The foregoing shall be without prejudice to the other legal and contractual rights of Lenze.

6.5 Lenze is entitled to suspend its obligations in part if invoices are not paid within the agreed upon period or period that is stated on an invoice. If User doesn't fully pay the amounts owed within a reasonable time after Lenze has suspended its obligations in part, then Lenze is entitled to fully suspend all its obligations.

Article 7. Availability, maintenance and support

7.1 Lenze will use its best efforts to provide User with a reasonable level of support. If User purchases Services to be used by its employees or certain end users, then User will provide these employees or end users with primary support. In such case Lenze will use its best efforts to provide a reasonable level of secondary support.

7.2 Lenze will use its best efforts to realize uninterrupted availability of the Service and its servers, but offers no guarantees in this respect unless explicitly agreed upon, for example: in a service level agreement.

7.3 Lenze may choose to change its hosting providers in order to optimize the balance between cost and quality. Lenze will use its best efforts to make such changes without requiring the User to perform any reconfiguration of equipment.

7.4 Lenze is entitled to stop its Service temporarily for maintenance, modification or improvement of the Service. Lenze will use its best efforts to manage this period of inactivity in a manner which will result in the least possible inconvenience to its clients (according to Lenze's statistics). Lenze will use its best efforts to notify User of any unavailability of the Service in advance.

Article 8. Employees and end users

8.1 If User purchases Services to be used by its employees or certain end users, the User will make sure that such employees or end user will accept These Terms and comply with These Terms fully.

8.2 Aforementioned User will be fully liable towards Lenze for any acts or omissions of such employees or end users.

Article 9. Intellectual property

9.1 Nothing in These Terms shall be interpreted or construed so as to transfer any right, title, or interest in any intellectual property of Lenze to User.

9.2 Lenze, Lenze or its licensors retain all rights, titles and interests to the intellectual property developed by Lenze, including: copyrights, patents, know-how, trade secrets and other information or proprietary rights

9.3 All rights pertaining to the data that User processes through the Service, remain vested in User.

Article 10. Liability

10.1  Unless explicitly agreed upon otherwise in writing by Lenze, the liability of Lenze and Lenze for direct damages sustained by User on any ground whatsoever will not exceed the purchase price that the User paid to Lenze, Lenze or its resellers.

10.2  Direct damages only include:

i. reasonable costs for determining the cause and extent of the damages;

ii. reasonable costs to repair any shortcomings in the Service;

iii. reasonable costs for the prevention or restriction of damages.

10.3  Liability on the part of Lenze, Lenze and its resellers for any other damages is explicitly excluded.

10.4 Any limitations of liability will not be applicable:

i. in the event that the damages are a result of deliberate recklessness or fraud on the side of Lenze;

ii. insofar the liability cannot be limited or excluded by applicable law.

 

10.5 Lenze shall only be liable due to an attributable failure in the performance of an Agreement if User declares Lenze to be in default in writing without delay and grants Lenze a reasonable term to remedy the failure, and Lenze culpably fails to remedy the failure within the reasonable term. The notice of default must describe the breach as comprehensively and in as much detail as possible in order to give Lenze the opportunity to respond adequately.

10.6 For there to be any right to compensation, User must always report the damages to Lenze in writing as soon as possible after the loss has occurred. Each claim for compensation from User to Lenze shall be barred by the mere expiry of a period of 12 months following the inception of the claim.

Article 11. Force majeure

11.1 Lenze shall not be liable whatsoever if Lenze is prevented from or delayed in performing its obligations under an Agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, i.e. by force majeure. On the part of Lenze, this can include, among other things:

(i) force majeure on the part of suppliers of Lenze,

(ii) the failure to properly fulfill obligations on the part of suppliers that were prescribed to Lenze by User,

(iii) defects in items, equipment, software or materials of third parties,

(iv) government measures,

(v) power failures,

(vi) internet, data network or telecommunication facilities failures,

(vii) network attacks, and

(viii) war.

Article 12. Term and amendments

12.1 These Terms will remain in force for as long as User uses a Service.

12.2 Lenze reserves the right to amend or supplement These Terms.

12.3 Amendments will also apply to Agreements concluded prior to the amendment. An amendment will not take effect until 30 days after Lenze has informed User about the amendment. Among other ways, Lenze may inform User about the amendment: through email (newsletter), by traditional mail or by disclosing the amendment on its Website.

12.4 If User refuses to accept an amendment to These Terms, it may terminate the Agreement and stop using the Service by the date on which the amendment would take effect. Use of the Service after the date of effect, shall constitute acceptance of the amendments to These Terms.

Article 13. Miscellaneous

13.1 German law shall apply to the exclusion of the UN Convention on Contracts for the International Sale of Goods (CISG) and German international private law.

13.2 Insofar as the rules of mandatory law do not prescribe otherwise, any disagreements between the parties concerning the fulfilment, the interpretation or the judicial implication of an Agreement will be submitted to the competent German court in Stuttgart.

13.3 If any provision in These Terms is null and void or is declared void, the remainder of These Terms will remain in full effect. This does not absolve the User from abiding by These Terms. Lenze and User shall in this case consult each other for the purpose of agreeing to new provisions to replace the null and void or voided provisions. These provisions shall be as similar to the null and void or voided provisions as is legally possible.

13.4 Information from Lenze’s records shall count as conclusive evidence with respect to the performance delivered by Lenze and the amounts owed by User for delivery of this performance, without prejudice to the Users right to produce evidence to the contrary.

13.5 Changes to management or legal form will not affect an Agreement. Lenze may transfer an Agreement or any rights and obligations resulting from an Agreement or These Terms to third parties.

Annex I – Data Processing Agreement

 

THE PARTIES,

Lenze SE, registered at Hannover local court (HRB 204803), hereinafter called: "Processor";

and

The User of the Service, hereinafter called: the "Controller";

hereinafter collectively referred to as 'Parties' and individually as 'Party',

 

HAVING REGARD TO THE FACT THAT,

• Processor provides an industrial 'Internet of Things' platform, that enables users (often machine builders) to provide digital services for their industrial machines;

• Controller wishes to use the aforementioned platform and has concluded an agreement with Processor on this date;

• by using the platform, Processor will process certain personal information of Controller, its employees or its customers;

• Parties must comply with the relevant privacy legislation, such as: the General Data Protection Regulation (hereinafter: 'GDPR');

• Parties therefore conclude this data processing agreement (hereinafter: 'Data Processing Agreement');

• With personal data, data within the meaning of article 4 (1) of the GDPR is being meant;

• Controller is hereby deemed to be the responsible party within the meaning of article 4 (7) of the GDPR;

• Processor is hereby deemed to be the Processor within the meaning of article 4 (8) of the GDPR;

• Parties, having regard also to the provisions of article 6 of the GDPR, wish to lay down their rights and duties in writing in this Data Processing Agreement;

 

HAVE AGREED AS FOLLOWS,

Article 1. Processing objectives

1.1 Processor undertakes to process personal data on behalf of Controller in accordance with the

conditions laid down in this Data Processing Agreement. The processing will be executed within the

framework of the Agreement, and for all such purposes related thereto and as may be agreed to

subsequently.

1.2 The personal data processed by Processor, and the categories of data subjects to whom the personal data relates, are specified in Annex 1. Processor shall refrain from making use of the personal data for any other purpose than as specified by Controller. Controller will inform Processor of any such purposes which are not contemplated in this Data Processing Agreement.

1.3 All personal data processed on behalf of Controller shall remain the property of Controller and/or the relevant data subjects.

Article 2. Processor's obligations

2.1 With regard to the processing mentioned in the previous article, Processor shall use its best efforts to ensure compliance with applicable laws and regulations governing the protection of personal data, under which GDPR.

2.2 Processor shall inform Controller, at its request, about the measures Processor has taken in relation to its obligations under the Data Processing Agreement.

2.3 The obligations of Processor arising from the Data Processing Agreement also apply to those processing personal data under the authority of Processor, including but not limited to employees.

Article 3. Transfer of personal data

3.1 Processor may process the relevant personal data in countries within the European Union. Transfer of personal data to countries outside the European Union is only allowed in accordance with applicable laws.

3.2 On request, Processor will inform Controller about the countries in which the relevant personal data is processed.

Article 4. Allocation of responsibility

4.1 The authorized processing shall be carried out within a (semi-)automated environment under control of Processor. Processor is only responsible for the processing of personal data under the Data Processing Agreement, with due consideration of the instructions provided by Controller and carried out under the responsibility of Controller.

4.2 For any other processing of personal data, which does not fall within the scope of this Data Processing Agreement, including but not limited to the collecting of personal data by Controller, processing for purposes that have not been disclosed by Controller, Processor cannot be held responsible. The responsibility of these types of processing lies with Controller.

Article 5. Engaging of third parties or subcontractors

5.1 Controller hereby permits Processor to engage third parties in the processing of personal data under the Agreement. On request, Processor will inform Controller of any third parties it engages in the performance of the Data Processing Agreement.

5.2 Data Processor will use its best efforts to make sure that any such third party is bound by similar obligations as agreed upon between Controller and Processor.

Article 6. Security

6.1 Processor will use its best efforts to take appropriate technical and organizational measures with respect to the processing of the personal data against loss or against any form of unlawful processing (such as unauthorized disclosure, damage, alteration or transfer of personal data). These measures should, taking into account the state of technology and the costs of implementation, provide a suitable protection level, taking into account the risks associated with the processing and the nature of the information to be protected.

6.2 Controller will only make personal data available to the Processor for processing if it is assured that the necessary security measures have been taken.

Article 7. Data breaches

7.1 For the purpose of this Data Processing Agreement, a "Data Breach" shall mean: a security incident that leads to a considerable likelihood of serious adverse effects or that has serious adverse effects on the protection of personal data as meant in article 1 (12) of the GDPR.

7.2 In the event of a Data Breach, Processor shall, to the best of its ability, notify Controller thereof without undue delay, no later than 48 hours after discovery of the Data Breach.

7.3 In the event of a Data Breach, Controller shall determine whether or not to inform the Aufsichtsbehörde and/or the data subjects. If there is any (legal) obligation or requirement for the Processor to assist Controller, Processor will assist Controller in informing the Aufsichtsbehörde and/or the data subjects.

7.4 The duty of Processor to report a Data Breach includes, in any event, the duty to report the fact that a Data Breach has occurred and the following details (if available):

i. information about the first point of contact regarding the notification;

ii. the date at which the Data Breach has occurred (the period in which a Data Breach occurred suffices in case the Processor is unable to determine the exact date at which the breach occurred);

iii. the date and time at which the breach has become known by the Processor or by the third party enabled by Processor;

iv. the (suspected) cause of the breach;

v. the (currently known and or anticipated) consequences thereof;

vi. whether the personal data has been encrypted, hashed or in any manner has been made incomprehensible or inaccessible to unauthorized individuals;

vii. the proposed and or taken measures to end the breach and to limit its consequences.

Article 8. Handling requests from data subjects

8.1 Where a data subject submits a request to Processor to exercise one of its legal (privacy) rights, Processor will forward this request to Controller. Controller will then deal with this request. Processor may notify the data subject hereof.

Article 9. Non-disclosure and confidentiality

9.1 All personal data from Controller processed by Processor within the framework of this Data Processing Agreement is subject to a duty of confidentiality vis-a-vis third parties.

9.2 This duty of confidentiality will not apply in the event that Controller

i. has expressly authorized the furnishing of such information to third parties,

ii. where the furnishing of the information to third parties is reasonably necessary with a view on the nature of the instructions and the implementation of this Data Processing Agreement, or

iii. if there is a legal obligation to make the information available to a third party.

Article 10. Audit

10.1 Controller has the right to perform an audit in order to determine to what extent Processor complies with the provisions of the Data Processing Agreement. This audit will be performed by an independent, professional third party, who will be bound by an obligation of confidentiality.

10.2 The audit may take place once per year and/or in the event Controller has legitimate reasons to doubt Processors compliance with the Data Processing Agreement. Controller provides Processor with at least two-weeks' notice before such audit may take place.

10.3 The results of the performed audit will be jointly evaluated by the Parties. If necessary, the Parties will implement measures to comply with the Data Processing Agreement.

10.4 In case Controller initiates a Privacy Impact Assessment (hereinafter: 'PIA'), Processor shall assist Controller where possible in fulfilling this PIA, by inter alia providing the required information to Controller that is available for Processor.

10.5 The costs of the audit and/or PIA, including the costs that Processor has to make to cooperate with the audit and/or PIA, shall be borne by Controller.

Article 11. Liability

11.1 The Data Processing Agreement forms an integral part of the Agreement, including the general terms and conditions of Lenze, which contain a liability regime. This liability regime is also applicable to this Data Processing Agreement.

Article 12. Duration and termination

12.1 This Data Processing Agreement enters into force on the date of accepting these Terms.

12.2 This Data Processing Agreement is entered for the duration of use of the Service, and may not be terminated in the interim.

12.3 Upon termination of the Data Processing Agreement Processor shall end the processing of the personal data by deleting the data of Controller on its systems. If Controller wishes that its personal data is returned to Controller, then Controller must request this before the end of the Data Processing Agreement. Parties will then discuss if Processor can reasonably comply with the request of Controller.

12.4 Both Parties shall provide their full cooperation in amending and adjusting this Data Processing Agreement in the event of any new (privacy) legislation.

Article 13. Miscellaneous

13.1 The Data Processing Agreement forms an integral part of the Agreement, including the general terms and conditions of Lenze, which (amongst others) contain a liability regime and a provision with regards to jurisdiction.

13.2 Logs and measurements taken by Processor count as compelling proof, except where Controller is able to provide counterevidence.

13.3 If and to the extent that one or more of the provisions of this Data Processing Agreement are or are to be ineffective, the remaining terms of this Data Processing Agreement remain in full force. In that situation, the Parties shall replace the non-binding provisions with provisions that are binding and as close as possible to the purpose and intention of the non-binding provisions.

These terms of use regulate the use of the services provided by Lenze SE, Hans-Lenze-Str. 1, 31855 Aerzen, Germany hereinafter referred to as “Lenze”.

Lenze is involved with customers and partners in the realisation of digital products and services including Lenze's digital offerings. With and also involves the machine operator. The current services are described in detail on Lenze.Digital’s website (https://lenze.digital ).

Article 1. Definitions

1.1 User: the legal entity to which Lenze has made available the use of its services or the end user, who has been granted a right of use by the aforementioned legal entity and who uses or wishes to use the Service.

1.2 Agreement: any agreement between Lenze and User concerning (the purchase of) a Service.

1.3 Service: service(s) and/or hardware provided by Lenze, such as X4 ASSET PERFORMANCE PLATFORM or any related services and the future services that have not been brought into fruition at the inception of These Terms.

1.4 These Terms: this document containing the terms of use.

1.5 Website: The websites of Lenze, Lenze or its reseller, where User is able to make use of the Service (for example: www.x4.industrial-iot.cloud and/or any subdomains and extensions).

1.6 Personal Data: any information relating to an identified or identifiable natural person, as stated in the GDPR.

Article 2. Applicability and order of precedence

2.1 These Terms shall be considered accepted by User either by signing These Terms as part of a separate Agreement, accepting an offer to which These Terms have been attached, by agreeing to These Terms when creating an account for the Service or by making use of the Service.

2.2 These Terms, including any other terms and conditions made available on the Website or through other channels, apply to every offer of the X4 Asset Performance Platform and form an integral part of every Agreement.

2.3 Terms and conditions applied by User that deviate from or that are not included in These Terms are only binding for Lenze if and in so far as they have been explicitly accepted in writing by Lenze.

Article 3 Service and restrictions

3.1 Lenze hereby grants User a non-exclusive, non-transferable, limited right to access and use its Service, under the conditions of These Terms and for the duration of the Agreement.

3.2 The use of the Service is at User's own expense and risk. User is responsible for meeting the technical and functional requirements of the Service and using the electronic communication facilities that are necessary to be able to access and use the Service.

3.3 Any use of the Service, including the transmission, distribution and making available thereof, and any other (legal) act relating to the Service, by or on behalf of User is for User's own risk and responsibility. Lenze is not liable and/or responsible for the use of the Service by User.

3.4 User is at all times obliged to ensure that its use of the Service corresponds to These Terms and does not violate applicable law and/or the Agreement or infringe upon third party rights. User shall indemnify and hold Lenze, Lenze and its resellers harmless for any and all damages resulting from not complying with the aforementioned restrictions.

3.5 Notwithstanding any other provisions of These Terms, and any of the User's legal obligations, the use of the Service may not, at Lenze's sole discretion:

i. include software such as viruses or trojans that can damage or erase, make unavailable or make inaccessible any computers or data of Lenze, (other) Users or third parties;

ii. bypass technical security measures of the computer systems of Lenze, (other) Users or third parties;

iii. involve unreasonable or disproportionate use of the infrastructure of Lenze's or third parties' computer systems;

3.6 In addition to the restrictions stated in the previous paragraph, the User is not allowed to make any other changes to the Service or to remove, alter or destroy any form of copyright notice, proprietary markings, trademarks or confidential legends placed upon or contained within the Service.

3.7 Furthermore, the User will not translate, disassemble, reverse engineer, decompile or otherwise attempt to reconstruct or discover any source code or underlying ideas or algorithms of, or embodied in, the Service. Excluded from the restrictions in this article are the rights that are explicitly granted to the User by Lenze or applicable law.

Article 4. Installation and configuration

4.1 Any Service is installed and configured by the User. Any installation and use of the Service is contingent upon the User (at its own costs and effort) providing or having the necessary requirements for use of the Service, such as:

(i) adequate internet access,

(ii) a personal computer,

(iii) adequate user rights on its personal computer,

(iv) sufficient knowledge of its own industrial equipment.

Article 5. User data (privacy and Personal Data)

5.1 If the User processes Personal Data using the Service, the User will be subject to the applicable privacy and data protection legislation, such as the General Data Protection Regulation. In respect thereof, the User guarantees that it will only process Personal Data in a manner that is fully compliant with applicable law.

5.2 The User, upon using the Service, agrees to the data processing agreement as specified in Annex I of these Terms.

5.3 The User indemnifies Lenze, Lenze and its resellers against claims of third parties whose Personal Data is processed by the User in any way that does not correspond with applicable law.

5.4 Lenze will use its best efforts to provide an appropriate level of security concerning the risks involved in the usage of the Service in processing Personal Data and the nature thereof.

Article 6. Payment

6.1 Any prices communicated by Lenze are exclusive of turnover tax (VAT) and other levies imposed by the government. User must make all payments in the currency stated by Lenze or its resellers.

6.2 Lenze may require immediate payment via credit card or bank transfer. Lenze may send any invoices electronically, including through email.

6.3 If User doesn't pay an invoice within the stated or agreed upon payment term then Lenze is entitled to limit or block access to the Service until all outstanding invoices (including interest etc.) have been paid in full. Lenze is not liable for any damage resulting from such limitation or blocking of access.

6.4 If User fails to pay the amount due after a demand for payment or a notice of default has been issued, Lenze shall be entitled to refer the debt for collection, in which case User must pay all judicial and extrajudicial costs, including all costs charged by external experts. The foregoing shall be without prejudice to the other legal and contractual rights of Lenze.

6.5 Lenze is entitled to suspend its obligations in part if invoices are not paid within the agreed upon period or period that is stated on an invoice. If User doesn't fully pay the amounts owed within a reasonable time after Lenze has suspended its obligations in part, then Lenze is entitled to fully suspend all its obligations.

Article 7. Availability, maintenance and support

7.1 Lenze will use its best efforts to provide User with a reasonable level of support. If User purchases Services to be used by its employees or certain end users, then User will provide these employees or end users with primary support. In such case Lenze will use its best efforts to provide a reasonable level of secondary support.

7.2 Lenze will use its best efforts to realize uninterrupted availability of the Service and its servers, but offers no guarantees in this respect unless explicitly agreed upon, for example: in a service level agreement.

7.3 Lenze may choose to change its hosting providers in order to optimize the balance between cost and quality. Lenze will use its best efforts to make such changes without requiring the User to perform any reconfiguration of equipment.

7.4 Lenze is entitled to stop its Service temporarily for maintenance, modification or improvement of the Service. Lenze will use its best efforts to manage this period of inactivity in a manner which will result in the least possible inconvenience to its clients (according to Lenze's statistics). Lenze will use its best efforts to notify User of any unavailability of the Service in advance.

Article 8. Employees and end users

8.1 If User purchases Services to be used by its employees or certain end users, the User will make sure that such employees or end user will accept These Terms and comply with These Terms fully.

8.2 Aforementioned User will be fully liable towards Lenze for any acts or omissions of such employees or end users.

Article 9. Intellectual property

9.1 Nothing in These Terms shall be interpreted or construed so as to transfer any right, title, or interest in any intellectual property of Lenze to User.

9.2 Lenze, Lenze or its licensors retain all rights, titles and interests to the intellectual property developed by Lenze, including: copyrights, patents, know-how, trade secrets and other information or proprietary rights

9.3 All rights pertaining to the data that User processes through the Service, remain vested in User.

Article 10. Liability

10.1  Unless explicitly agreed upon otherwise in writing by Lenze, the liability of Lenze and Lenze for direct damages sustained by User on any ground whatsoever will not exceed the purchase price that the User paid to Lenze, Lenze or its resellers.

10.2  Direct damages only include:

i. reasonable costs for determining the cause and extent of the damages;

ii. reasonable costs to repair any shortcomings in the Service;

iii. reasonable costs for the prevention or restriction of damages.

10.3  Liability on the part of Lenze, Lenze and its resellers for any other damages is explicitly excluded.

10.4 Any limitations of liability will not be applicable:

i. in the event that the damages are a result of deliberate recklessness or fraud on the side of Lenze;

ii. insofar the liability cannot be limited or excluded by applicable law.

 

10.5 Lenze shall only be liable due to an attributable failure in the performance of an Agreement if User declares Lenze to be in default in writing without delay and grants Lenze a reasonable term to remedy the failure, and Lenze culpably fails to remedy the failure within the reasonable term. The notice of default must describe the breach as comprehensively and in as much detail as possible in order to give Lenze the opportunity to respond adequately.

10.6 For there to be any right to compensation, User must always report the damages to Lenze in writing as soon as possible after the loss has occurred. Each claim for compensation from User to Lenze shall be barred by the mere expiry of a period of 12 months following the inception of the claim.

Article 11. Force majeure

11.1 Lenze shall not be liable whatsoever if Lenze is prevented from or delayed in performing its obligations under an Agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, i.e. by force majeure. On the part of Lenze, this can include, among other things:

(i) force majeure on the part of suppliers of Lenze,

(ii) the failure to properly fulfill obligations on the part of suppliers that were prescribed to Lenze by User,

(iii) defects in items, equipment, software or materials of third parties,

(iv) government measures,

(v) power failures,

(vi) internet, data network or telecommunication facilities failures,

(vii) network attacks, and

(viii) war.

Article 12. Term and amendments

12.1 These Terms will remain in force for as long as User uses a Service.

12.2 Lenze reserves the right to amend or supplement These Terms.

12.3 Amendments will also apply to Agreements concluded prior to the amendment. An amendment will not take effect until 30 days after Lenze has informed User about the amendment. Among other ways, Lenze may inform User about the amendment: through email (newsletter), by traditional mail or by disclosing the amendment on its Website.

12.4 If User refuses to accept an amendment to These Terms, it may terminate the Agreement and stop using the Service by the date on which the amendment would take effect. Use of the Service after the date of effect, shall constitute acceptance of the amendments to These Terms.

Article 13. Miscellaneous

13.1 German law shall apply to the exclusion of the UN Convention on Contracts for the International Sale of Goods (CISG) and German international private law.

13.2 Insofar as the rules of mandatory law do not prescribe otherwise, any disagreements between the parties concerning the fulfilment, the interpretation or the judicial implication of an Agreement will be submitted to the competent German court in Stuttgart.

13.3 If any provision in These Terms is null and void or is declared void, the remainder of These Terms will remain in full effect. This does not absolve the User from abiding by These Terms. Lenze and User shall in this case consult each other for the purpose of agreeing to new provisions to replace the null and void or voided provisions. These provisions shall be as similar to the null and void or voided provisions as is legally possible.

13.4 Information from Lenze’s records shall count as conclusive evidence with respect to the performance delivered by Lenze and the amounts owed by User for delivery of this performance, without prejudice to the Users right to produce evidence to the contrary.

13.5 Changes to management or legal form will not affect an Agreement. Lenze may transfer an Agreement or any rights and obligations resulting from an Agreement or These Terms to third parties.

 

 Annex I – Data Processing Agreement

 

THE PARTIES,

Lenze SE, registered at Hannover local court (HRB 204803), hereinafter called: "Processor";

and

The User of the Service, hereinafter called: the "Controller";

hereinafter collectively referred to as 'Parties' and individually as 'Party',

 

HAVING REGARD TO THE FACT THAT,

• Processor provides an industrial 'Internet of Things' platform, that enables users (often machine builders) to provide digital services for their industrial machines;

• Controller wishes to use the aforementioned platform and has concluded an agreement with Processor on this date;

• by using the platform, Processor will process certain personal information of Controller, its employees or its customers;

• Parties must comply with the relevant privacy legislation, such as: the General Data Protection Regulation (hereinafter: 'GDPR');

• Parties therefore conclude this data processing agreement (hereinafter: 'Data Processing Agreement');

• With personal data, data within the meaning of article 4 (1) of the GDPR is being meant;

• Controller is hereby deemed to be the responsible party within the meaning of article 4 (7) of the GDPR;

• Processor is hereby deemed to be the Processor within the meaning of article 4 (8) of the GDPR;

• Parties, having regard also to the provisions of article 6 of the GDPR, wish to lay down their rights and duties in writing in this Data Processing Agreement;

 

HAVE AGREED AS FOLLOWS,

Article 1. Processing objectives

1.1 Processor undertakes to process personal data on behalf of Controller in accordance with the

conditions laid down in this Data Processing Agreement. The processing will be executed within the

framework of the Agreement, and for all such purposes related thereto and as may be agreed to

subsequently.

1.2 The personal data processed by Processor, and the categories of data subjects to whom the personal data relates, are specified in Annex 1. Processor shall refrain from making use of the personal data for any other purpose than as specified by Controller. Controller will inform Processor of any such purposes which are not contemplated in this Data Processing Agreement.

1.3 All personal data processed on behalf of Controller shall remain the property of Controller and/or the relevant data subjects.

Article 2. Processor's obligations

2.1 With regard to the processing mentioned in the previous article, Processor shall use its best efforts to ensure compliance with applicable laws and regulations governing the protection of personal data, under which GDPR.

2.2 Processor shall inform Controller, at its request, about the measures Processor has taken in relation to its obligations under the Data Processing Agreement.

2.3 The obligations of Processor arising from the Data Processing Agreement also apply to those processing personal data under the authority of Processor, including but not limited to employees.

Article 3. Transfer of personal data

3.1 Processor may process the relevant personal data in countries within the European Union. Transfer of personal data to countries outside the European Union is only allowed in accordance with applicable laws.

3.2 On request, Processor will inform Controller about the countries in which the relevant personal data is processed.

Article 4. Allocation of responsibility

4.1 The authorized processing shall be carried out within a (semi-)automated environment under control of Processor. Processor is only responsible for the processing of personal data under the Data Processing Agreement, with due consideration of the instructions provided by Controller and carried out under the responsibility of Controller.

4.2 For any other processing of personal data, which does not fall within the scope of this Data Processing Agreement, including but not limited to the collecting of personal data by Controller, processing for purposes that have not been disclosed by Controller, Processor cannot be held responsible. The responsibility of these types of processing lies with Controller.

Article 5. Engaging of third parties or subcontractors

5.1 Controller hereby permits Processor to engage third parties in the processing of personal data under the Agreement. On request, Processor will inform Controller of any third parties it engages in the performance of the Data Processing Agreement.

5.2 Data Processor will use its best efforts to make sure that any such third party is bound by similar obligations as agreed upon between Controller and Processor.

Article 6. Security

6.1 Processor will use its best efforts to take appropriate technical and organizational measures with respect to the processing of the personal data against loss or against any form of unlawful processing (such as unauthorized disclosure, damage, alteration or transfer of personal data). These measures should, taking into account the state of technology and the costs of implementation, provide a suitable protection level, taking into account the risks associated with the processing and the nature of the information to be protected.

6.2 Controller will only make personal data available to the Processor for processing if it is assured that the necessary security measures have been taken.

Article 7. Data breaches

7.1 For the purpose of this Data Processing Agreement, a "Data Breach" shall mean: a security incident that leads to a considerable likelihood of serious adverse effects or that has serious adverse effects on the protection of personal data as meant in article 1 (12) of the GDPR.

7.2 In the event of a Data Breach, Processor shall, to the best of its ability, notify Controller thereof without undue delay, no later than 48 hours after discovery of the Data Breach.

7.3 In the event of a Data Breach, Controller shall determine whether or not to inform the Aufsichtsbehörde and/or the data subjects. If there is any (legal) obligation or requirement for the Processor to assist Controller, Processor will assist Controller in informing the Aufsichtsbehörde and/or the data subjects.

7.4 The duty of Processor to report a Data Breach includes, in any event, the duty to report the fact that a Data Breach has occurred and the following details (if available):

i. information about the first point of contact regarding the notification;

ii. the date at which the Data Breach has occurred (the period in which a Data Breach occurred suffices in case the Processor is unable to determine the exact date at which the breach occurred);

iii. the date and time at which the breach has become known by the Processor or by the third party enabled by Processor;

iv. the (suspected) cause of the breach;

v. the (currently known and or anticipated) consequences thereof;

vi. whether the personal data has been encrypted, hashed or in any manner has been made incomprehensible or inaccessible to unauthorized individuals;

vii. the proposed and or taken measures to end the breach and to limit its consequences.

Article 8. Handling requests from data subjects

8.1 Where a data subject submits a request to Processor to exercise one of its legal (privacy) rights, Processor will forward this request to Controller. Controller will then deal with this request. Processor may notify the data subject hereof.

Article 9. Non-disclosure and confidentiality

9.1 All personal data from Controller processed by Processor within the framework of this Data Processing Agreement is subject to a duty of confidentiality vis-a-vis third parties.

9.2 This duty of confidentiality will not apply in the event that Controller

i. has expressly authorized the furnishing of such information to third parties,

ii. where the furnishing of the information to third parties is reasonably necessary with a view on the nature of the instructions and the implementation of this Data Processing Agreement, or

iii. if there is a legal obligation to make the information available to a third party.

Article 10. Audit

10.1 Controller has the right to perform an audit in order to determine to what extent Processor complies with the provisions of the Data Processing Agreement. This audit will be performed by an independent, professional third party, who will be bound by an obligation of confidentiality.

10.2 The audit may take place once per year and/or in the event Controller has legitimate reasons to doubt Processors compliance with the Data Processing Agreement. Controller provides Processor with at least two-weeks' notice before such audit may take place.

10.3 The results of the performed audit will be jointly evaluated by the Parties. If necessary, the Parties will implement measures to comply with the Data Processing Agreement.

10.4 In case Controller initiates a Privacy Impact Assessment (hereinafter: 'PIA'), Processor shall assist Controller where possible in fulfilling this PIA, by inter alia providing the required information to Controller that is available for Processor.

10.5 The costs of the audit and/or PIA, including the costs that Processor has to make to cooperate with the audit and/or PIA, shall be borne by Controller.

Article 11. Liability

11.1 The Data Processing Agreement forms an integral part of the Agreement, including the general terms and conditions of Lenze, which contain a liability regime. This liability regime is also applicable to this Data Processing Agreement.

Article 12. Duration and termination

12.1 This Data Processing Agreement enters into force on the date of accepting these Terms.

12.2 This Data Processing Agreement is entered for the duration of use of the Service, and may not be terminated in the interim.

12.3 Upon termination of the Data Processing Agreement Processor shall end the processing of the personal data by deleting the data of Controller on its systems. If Controller wishes that its personal data is returned to Controller, then Controller must request this before the end of the Data Processing Agreement. Parties will then discuss if Processor can reasonably comply with the request of Controller.

12.4 Both Parties shall provide their full cooperation in amending and adjusting this Data Processing Agreement in the event of any new (privacy) legislation.

Article 13. Miscellaneous

13.1 The Data Processing Agreement forms an integral part of the Agreement, including the general terms and conditions of Lenze, which (amongst others) contain a liability regime and a provision with regards to jurisdiction.

13.2 Logs and measurements taken by Processor count as compelling proof, except where Controller is able to provide counterevidence.

13.3 If and to the extent that one or more of the provisions of this Data Processing Agreement are or are to be ineffective, the remaining terms of this Data Processing Agreement remain in full force. In that situation, the Parties shall replace the non-binding provisions with provisions that are binding and as close as possible to the purpose and intention of the non-binding provisions.