Terms & Conditions
P.1 Scope of Application: These General Terms and Conditions shall apply to all legal transactions of Shiji Deutschland GmbH, Tassiloplatz 27, 81541 Munich, Germany, (hereinafter referred to as ”Shiji”) with a customer in connection with the software “Snapshot Analytics Pro” and the “Snapshot Marketplace”. These Terms and Conditions shall also apply to other legal transactions if agreed between the contracting parties. If any individual agreements have been made in writing between the contracting parties, those individual agreements have priority over these general agreements on a case-by-case basis.
P.2 MARKETPLACE: Snapshot Marketplace is a user-friendly IT-solution for the hotel industry. Snapshot Marketplace enables the customer to transfer its data to the Cloud-storage of Shiji. Shiji prepares those data on behalf of the customer and enables the customer to use its own data with various SaaS-Applications. In order to use those SaaS- Applications, the customer is able to purchase subscriptions via the Marketplace. SaaS-Applications of Shiji as well as SaaS-Applications of third-party providers can be purchased via the Marketplace. The customer will also be able to use the prepared data with its own applications.
P.3 Entrepreneur business: Shiji only provides services to companies. The customer declares himself to be a company.
P.4 MODIFICATION: Shiji is entitled, through simple notification, to change or supplement these terms and conditions if the changes or supplements are necessary and if the changes or supplements will not inflict a substantial disadvantage on the customer. Changes are necessary in order to comply with changes in legal requirements. The customer acknowledges his approval. The currently valid version of this document is available online under: www.snapshot.travel/terms. Shiji will inform the customer of any changes three months before the amendment enters into force. If the customer does not object to these amendments within those three months, the changes will be considered as accepted. If the customer objects, Shiji is entitled but not obligated to terminate this contract in accordance with Point A.3. The most recently accepted Terms and Conditions shall apply to the remaining term of this contract.
A. GENERAL AND ACCOUNTING
A.1 CONTRACTUAL OBJECT: The use of the Snapshot Marketplace Service is the contractual object. The functions scope of the Service is described in the current product descriptions. Furthermore, Snapshot Marketplace is an online-application which enables registered customer to use SaaS-Software provided by Shiji and different providers. Snapshot Marketplace enables the customer to conclude a SaaS-Contract with Shiji and the respective providers. If Shiji is not the provider of a SaaS-Applications, Shiji will only function as a commission agent. The legal relationship between the customer and the respective provider is not subject matter of these Terms & Conditions.
Shiji grants the customer for use by the customer, a non-exclusive, revocable license limited to the term and to the purpose of the Master Agreement to access and use Snapshot Marketplace indicated in the Agreement, which is a specific software provided as a service for the hotel marketplace. The customer may not sublicense the Marketplace unless the customer has received written permission from Shiji. This license is automatically revoked in the event of the Termination of the Master Agreement and can be revoked by Snapshot in the event of a breach of the Master Agreement by the customer.
A.2 Shiji Undertakings. Shiji will provide the customer with access to the Marketplace and support the ongoing usage by the customer as indicated in the Agreement. Shiji is free to decide where – and in particular from which computer center within the European Union – it renders its services for the customer. Additional services (e.g. implementation, customizing and training) are performed by Shiji at the customers’ request.
A.3 Terms (Duration and Cancellation): If nothing else was agreed between the contracting parties, all contractual relationships between Snapshot and the customer start after this contract is signed and are concluded for an indefinite term. The contract ends through termination. The contract can be terminated by complying with a notice period of 90 days at the end of each respective quarter, either party may cancel the agreement. The customer agrees in principle that the termination will only end the contractual relationship between the customer and Shiji. Any Contract concluded with third party suppliers, which the customer concluded via the Snapshot Marketplace, shall remain unaffected by the termination. This also applies to contracts for which Shiji is responsible for the collection of monies.
A.4 BILLING AND PAYMENT: If nothing else was agreed between the Provider of an application and the customer for the purchase of an application or content via the Snapshot Marketplace, Shiji will invoice and will send the invoice by E-Mail quarterly. The accounting period for the first settlement starts with the day the service is activated and ends on the last day of each quarter. The settlement occurs quarterly in advance. The contracting parties are entitled to mutually agree on alternative accounting periods (for example: monthly or yearly). The billing amount shall be due for payment within 30 days. Shiji is entitled to modify or set the billing interval at its’ discretion. The billing intervals will be based on the billing amount.
A.5 DISCOUNT: The customer is not entitled to a discount deduction unless it has been pre-agreed.
A.6 DEFAULT OF PAYMENT: In case of default, the contracting parties agree on default interest in accordance with § 288 para. 2 BGB.
A.7 PRICE: The customer declares that they are an entrepreneur. All prices, listed on the Marketplace, are net prices excluding the respective statutory sales tax.
A.8 SALES TAX: The tax-accounting is carried out in accordance with the legal requirements. The contract will only be concluded if the customer discloses its’ tax number. If the customer is located in Germany, the invoice will include the statutory sales tax. If the customer is located within the European Union, the invoice will be net of tax as the intra community service provision applies. If the customer is located abroad and if the service is not tax- relevant in Germany, the invoice will not include sales tax (VAT), however it will be marked as reverse charge, provided that the legal requirements are met. If the customer wishes its’ invoices to be marked as “reverse charge”, the customer must submit a “Certificate of Registration” to Shiji. The customer is obliged to pay VAT if a tax inspection proves that the customer is liable for tax (including retrospectively).
A.9 Withholding Taxes: National Withholding Taxes, also called retention taxes, will be borne by the customer in addition to the invoice amount. The customer is not entitled to deduct the Withholding Tax from the invoice amount. For example: The invoice amount is EUR 100. In accordance to the national tax regulations which are applicable for the customer, a Withholding Tax of the amount of 10% has to be paid. The customer has to pay the full invoice amount (EUR 100) to Shiji and the Withholding tax in the amount of EUR 10 to the relevant tax authority.
A.10 CURRENCY: If a customer is able to buy a product via the Marketplace in its’ national currency, the respective currency will be indicated next to the price. If no currency is shown, then currency defaults to Euros. Shiji is not obligated to provide products to the customer in national currency.
A.11 TROUBLESHOOTING: Shiji will assist the customers in order to solve any problems originated from the purchase of the Services. Shiji will hold full responsibility for disputes opened by the customers, such as chargeback’s, cancellations and refunds, within the scope of legal provisions. It is recalled that Shiji is not responsible for the technical support of sold third-party-services.
A.12 Setup-Fee: In case a Setup-Fee was agreed the following applies: The Setup-Fee will be due for payment within 30 days after date of invoice. Accounts are rendered after the setup process is completed and after the agreed training. The monthly costs will be due for payment from the first of the month after the installation has been completed.
B. SPECIFIC OBLIGATIONS CUSTOMER
B.1 The customer undertakes to use the provided user names and passwords responsibly and to prevent abuse by employees. The contracting parties agree that it is possible to conclude legally valid contracts via the Marketplace by using usernames and passwords. Shiji shall assume that, all customer employees who use the username and the password of the customer are entitled to place an order in his name and for his account and are entitled to conclude contracts with Shiji or with a Developer.
B.2 The customer will instruct its’ employees to store the access data with care so that it is inaccessible to third parties. The customer accepts that it is liable for damages caused by the use of its access data. The customer is liable if one of the customer´s employees misuses the access data or if the customer´s employees do not store the access data so that it is inaccessible to third parties.
B.3 Proprietary Rights. The customer will not allow the Snapshot Marketplace, SnapShot Marketplace products, Snapshot products and/or any Shiji services to be used by any property or facility that is not listed on or added to the Master Agreement and the customer will not alter any software code or use the Marketplace to avoid payment. The customer will not reproduce or decompile the software code, documentation or any other proprietary technology owned or licensed by Shiji.
B.4 Viruses and Security. It is customer’s responsibility to have and maintain virus protection software and security for all of its systems and data, such security includes firewalls, passwords, physical security, and access control policies. If customer’s systems have persistent connections to the Internet, or transmit credit card or gift card transactions over the Internet, or 3rd-party-SSL to transmit credit card or gift card transactions, or otherwise have persistent connections to any network where there is potential for unauthorized access, customer acknowledges that the security and protection of the network and the data and applications on that network, including protections against unauthorized access, is solely and entirely customer’s responsibility. A properly configured firewall is required for each site using a persistent connection to the public Internet or any private network where there is a potential for unauthorized access to the Provider Network. Customer acknowledges that, to be effective, virus protection software, system passwords, and other security software require periodic and routine updates, which customer must obtain from its supplier or the manufacturer, as appropriate. Shiji disclaims any warranty, express or implied, that, after the initial installation by Shiji of any Shiji-proprietary software, the software or customers data will remain virus-free. Support or services hereunder necessitated by computer viruses, or by any failure or breach of customer’s security for its systems or data, including, without limitation, damage caused by persons lacking authorized access, are not covered under this agreement, and will be supplied only upon customer request and on a reasonable efforts basis, on a time-and-materials basis at standard Shiji rates. Customer waives any claims hereunder against Shiji to the extent arising from customer’s failure to have or maintain current virus protection, or to the extent arising as a result of a failure or breach of customer’s security for its systems or data, or as a result of any unauthorized access to customers systems. If requested by customer, Shiji shall provide, on a reasonable efforts and on a time-and-materials basis, support or services to address damage caused by, but not limited to, any of the following: customers failure to have current virus protection; customers failure to maintain virus protection; damage arising as a result of a failure of customers security for its systems or data; damage arising as a result of a breach of customers security for its systems or data; or damage as a result of any unauthorized access to customers systems. Such support and services shall be billed at the prevailing standard Shiji rates.
C. SPECAL INSTRUCTIONS CONCERNING THE CONNECTION, TRANSMISSION AND THE STORAGE OF DATA
C.1 Snapshot Marketplace is compatible with various Data Sources. A current list of all compatible systems can be requested from Snapshot Marketplace Support. The customer must declare in the Master Agreement what Data Sources are being connected (POS, PMS system). The extent of the data, which can be extracted by the local applications connected to SnapShot marketplace on behalf of the customer and transferred to Snapshot Marketplace, depend on the data source application of the customer. Snapshot Marketplace is not liable for the extent or the type of the extracted data. In this regard, the customer waives all warranty rights related to the aforesaid. The customer acknowledges that a change of the Data Source or the version of the Data Source could lead to the corruption of data or make it impossible to transfer the data. Shiji is not liable for any deficiencies resulting from this fact.
C.2 Shiji will support the customer during the first-time setup of the connection between the Data Sources of the customer and the Snapshot Marketplace Service. Shiji is not liable for any third-party costs arising from this setup. Shiji is only allowed to charge a setup fee for the first-time setup if it was agreed separately in the Master Agreement. For the case that an additional setup is necessary due to changes of the Data Source Application of the customer in order to restore functions, Shiji is allowed but not obligated to charge a fee for the changes or the set up but only if Shiji has informed the customer about the fee before setting up the system and if the customer has not contradicted.
C.3 For the duration of this contract, Shiji is obligated to store, process and protect the data, which were transferred to Shiji by the customer, from unauthorized access in accordance with the current state of the art. In addition, please see point E.
C.4 If this contract expires, Shiji will delete all data which were transferred by the customer to Shiji. The user data will be deleted, two weeks after the contract has been expired, at the latest. Shiji is not obligated or entitled to store the user data after the contract expired. The customer notes that it is not possible to restore deleted data.
Important Note: The deletion of the data which are stored at the Marketplace can result in a loss of functions of other applications. This applies, in particular, if the application (for example: Snapshot Analytics or a third-party-application bought via the Marketplace) has to access the application data of the contractual application.
C.5 Further processing of data: The main functional feature of Snapshot Marketplace is the usability of the data with further applications. If the customer concludes a contract with a third-party provider via the Snapshot Marketplace, the customer thereby declares its consent that Shiji is entitled to make the data, which the customer transferred to Shiji, available to the respective third-party provider. The customer declares that the third-party provider processes the data on behalf of the customer. According to the will of the contractual parties, the third-party provider is the processor of the customer and not the Sub processor or 2nd Level Processor of Shiji within the meaning of Art. 28 (2) and (4) GDPR. The customer was informed that the customer has to conclude adequate contracts with the third-party processor if it is legally required. Shiji is not liable for damages to data or property caused by third-party providers.
C.6 Both contracting parties shall keep secret and retain in strictest confidence, and will not, without the prior written consent of the other party, furnish, make available, or disclose any business information or technical information of the other party to third parties, unless otherwise agreed by the parties or provided for within these General Terms and Conditions. These obligations do not apply to Information which (i) is publicly known or available at the time of its disclosure, or (ii) has been lawfully received by the receiving party from a third party without restriction on its use or disclosure, or (iii) was lawfully and independently developed by the receiving party. The transmission of information to affiliated companies or subcontractors is permitted, provided that the transmission is necessary for the proper provision of the performances agreed on and provided that the transmission is permitted by law.
Notwithstanding the agreements pursuant to Point C.6 Shiji is allowed to disclose information to government authorities and state authorities if the disclosure was ordered by an ordinary court or by a competent public authority.
C.7 Both contracting parties shall ensure that business and/or technical information of the other party will only be disclosed to employees, sub-contractors and/or agents, who will need to know such information for the purpose of the parties’ proper performance of their respective obligations under this contract.
D. SPECIAL INSTRUCTIONS FOR THE USE OF THE APPLICATIONS
D.1 The customer has been informed that the Snapshot Marketplace is also a trading area. The customer is able to buy and use applications or content of third-party manufacturers via the Marketplace.
D.2 If the customer buys content or applications from third party manufacturers via the Marketplace, the customer concludes a contract with the third-party manufacturer. The Terms and Conditions of the third-party manufacturer shall apply for concluded contracts between the customer and the third-party manufacturer unless something else was agreed. Shiji only provides the trading area and is responsible for the processing the payment.
Important Legal Note: Generally, the use of application, which were ordered via the Snapshot Marketplace, requires a valid contractual relationship concerning the use of the Snapshot-Marketplace-Services. The termination of this contract does not affect the contracts concluded via the Snapshot Marketplace between third party providers and the customer.
D.3 Shiji will check all applications and contents, which will be provided via the Snapshot Marketplace, to the best of its’ knowledge and beliefs. Shiji will only release applications if the Developer is contractually obligated to work, to comply with the legal requirements and to provide its’ own support to the customer. Shiji is not liable the customer for the function of the application or for damages caused by applications or the support provided by the Developer. The customer expressly agrees with this exclusion of liability.
D.4 Shiji is entitled by separate contract to distribute the applications and contents and to accept the agreed remuneration (collection authorization). The contracting parties agree that there are no claims (warranty, guarantee, compensation for damages or product liability) resulting from the collection authorization regardless of the legal title.
D.5 Shiji is entitled to remove single applications or content from the Marketplace. The customer renounces towards Shiji each and every claim in connection with the unavailability of applications (regardless of the legal title).
D.6 The customer notes that it may be possible that certain contents or applications will not be available to all customers in all countries due to licensing terms.
D.7 The customer is obligated to report functional failure and other technical problems of the system immediately and as precisely as possible.
E. SPECIFIC OBLIGATIONS OF SHIJI
E.1 Shiji points out to the customer that the functionality of Snapshot Marketplace Service can be affected by factor that are beyond Shiji’s sphere of influence. Shiji will neither be liable for lack of availability of its services nor for other restrictions or errors which arise from such factors. The following factors are beyond Shiji´s sphere of influence:
- any actions of third parties who do not act by order of Shiji
- a fault or failure of the internet or any public telecommunications network
- denial of service attacks or similar attacks or
- a fault or failure of the customer's computer systems or networks
- any unforeseen cause beyond Shiji’s reasonable control or any force majeure events set forth in this Agreement.
E.2 Shiji expressly agrees to provide a support for application questions.
E.3 Shiji expressly agrees to the data processing as shown in “SLA – Service Level Agreement”. The SLA – Service Level Agreement is available online. This document describes how to process, store and secure the data.
E.4 Shiji is obligated to take all appropriate measures to avoid data loss. The contractor has been instructed that despite this care the loss of data is possible. Unless the loss of data is due to the gross negligence of Shiji, the contractor will assume the liability directly. The same applies to the availability of the software.
E.5 Shiji is obligated to exclusively use certified systems and certified data centers for the operation of its service.
E.6 Updates, Warranty and binding commitments
- Shiji shall maintain the Software and/or Services and provide all patches and fixes to the Software and/or Services at no additional cost. Provided, however, said maintenance shall not include any major releases of new versions of the Software, additional functionality, or custom programming, which Shiji, at its discretion, may provide at an additional cost as otherwise agreed between the parties.
- The customer acknowledges that complex software is never wholly free from defects, errors and bugs, security vulnerabilities and subject to the other provisions of this Agreement, Shiji gives no warranty or representation that the services will be wholly free from defects, errors and bugs or uninterrupted and will be entirely secure. Customer acknowledges that Shiji does not control the transfer of data over communications facilities, including the internet, and that the service may be subject to limitations, delays, and other problems inherent in the use of such communications facilities. Shiji is not responsible for any delays, delivery failures, or other damage resulting from such problems. Neither party shall be liable to the other party in respect of any loss of profits or anticipated savings or any loss of revenue or income or any loss of use or production, or any loss of business, contracts or opportunities or any losses arising out of a Force Majeure Event or in respect of any special, indirect or consequential loss or damage.
- In no event shall Shiji be liable for any damages in excess of the total amount paid and payable by the customer to Shiji under this Agreement in the 12-month-period preceding the commencement of the event or events.
- Shiji is obligated to install and develop required hotfixes if any software errors or security holes became known. The contractor needs to inform the customer about the installation of those hotfixes by e-mail. The contractor must notify the customer of any defects corrected and amendments implemented.
- Shiji is obligated to issue internal security guidelines and to comply with them. In this respect reference is made to point F.
- In case of termination, for whatever reason, Shiji is obligated to immediately delete all stored customer data without prior notice nor permission from the customer.
F. DATA PROTECTION, ELECTRONIC FUNDS TRANSFER; PCI-DSS, ETC.
F.1 Shiji is obligated to treat all customer data as confidential. Shiji is obliged to ensure its employees and subcontractors adhere to the obligations of this confidentiality. Both contract parties are committed to complying with the data protection clause which applies in each case. Both contract parties know that the European and the national data protection laws are to be complied with. Storage and processing of personal data will take place under the applicable law.
F.2 The contracting parties note with approval that they have to comply with the provisions of the EU-GDPR and the German data protection law. The customer expressly agrees that the German data protection laws will be applied. The contracting parties note with approval that they have to comply with the provisions of the General Data Protection Regulation (Directive 95/46/EC). The parties expressly agree that the EU-GDPR and the German data protection law (DSG) will be applied.
F.3 In the following, we distinguish between “Customer Master Data” and “Order Data”. The term “Customer Master Data” describes a data, which relate to the customer. The “Customer Master Data” will be processed in accordance with Point F.4.1. The term “Order Data” describes the data which are transferred to and processed by Shiji, on behalf of the customer. The “Order Data” will be processed in accordance with Point F.4.2.
F.4.1 “Customer Master Data”
- a) Shiji does not store personal data about the customer within the meaning of Art.4 Para. 1 GDPR in connection with the product Marketplace. Information about the bodies authorized to represent the company or authorized staff members (User) provided by the customer are excluded. If the customer is a natural person and no legal person or if an authorized employee member accesses the Marketplace via his private internet access, personal data is processed. The storage of these data is based on Art. 6 Para. 1 lit c).
- b) If an employee of the customer concludes a SaaS-contract with a provider while being logged in to a user account, Shiji is entitled to transfer the information about the customer as well as the stored information about respective user to the provider for the purpose of the conclusion of the contract. The legal base is described in Art. 6 Para 1 lit. b).
- c) Snapshot Marketplace enables the customer to create and administrate a User account. The customer can use the services through this account. The customer hereby declares that it has all necessary consents regarding the storage of personal data of its employees in connection with the linking of the data to the User account.
Shiji is entitled to transfer “Customer Master Data”, also if the “Customer Master Data” contains personal data, to third-parties if it is necessary in order to fulfill the contract or to safeguard Shiji´s legitimate interests. Regardless of this Agreements, the transmission of such data is only permitted if the data is transferred in accordance with the data protections regulations. Shiji is entitled to transfer data to its subsidiaries (for example: Customer support or invoice) in order to fulfill the contract and to transfer data to a lawyer or to a tax consultant in order to safeguard Shiji´s legitimate interests.
“Customer master data” will only be stored for the duration which is legally necessary. Those data are stored due to the provisions of the German Commercial Code (HGB), the German Fiscal Code (AO), the Money laundering Act (Geldwäschegesetz).
Data processing location: The data processing is performed in the data processing center of:
Amazon Web Services, located in EU-Region (Frankfurt, London, Dublin)
Microsoft Azure, located in Netherlands
Shiji does not store any personal data which is not listed in this Terms & Conditions or the Data Protection Declaration.
I N F O R M A T I O N: If you are a current or former employee of our customer and if you assume that Shiji has stored Information about you (Name, E-mail address) as a contact partner, please contact us at firstname.lastname@example.org. We will provide you with all relevant and necessary information and we will delete or correct the data in accordance with the GDPR (Art. 16, Art. 17, Art. 21 GDPR) or other applicable laws.
F.4.2 “Order Data”
- a) Shiji stores and processes data on behalf of the customer. Those data were transferred to Shiji by the customer itself or provided by the customer for the purpose of processing and storage.
- b) Regardless of the agreed extent of transferred data (Para. d.)), the customer is obligated to ensure that no sensitive data within the meaning of the data protection regulations is transferred to Shiji. Sensitive data is data of natural persons revealing their racial or ethnic origin, their political opinions, their union membership, their religious or philosophical believes, their health or their sexual orientation. Shiji is entitled to terminate all business relationships with the customer without observing a notice period, if the customer uses the technical services provided by Shiji, in manner that violates the Data Protection Law. This is the case when the customer records sensitive data and uses Shiji to store and process such data. Sensitive data is data of natural persons revealing their racial or ethnic origin, their political opinions, their union membership, their religious or philosophical believes, their health or their sexual orientation.
- c) If the customer orders an application or content of a 3rd party via the Marketplace and if those applications or contents require access to stored order data, Shiji shall be responsible to provide the access to the order data of the customer. The authorization shall cease as from the date of discontinuation of the use of Snapshot Marketplace or from the date of discontinuation of the use of the application which was acquired via the Snapshot Marketplace. The customer notes that a data processing agreement, in accordance with Art. 28 GDPR, can be necessary in order to process the data of the customer if the customer transfers personal data within the meaning of Art. 4 Para. 1 GDPR to Shiji through Snapshot Marketplace and if those data will be processed by third party providers.
- d) There are two different types of data transfer:
Transfer of pseudonymized data.
Transfer of personal data.
- e) If nothing else was agreed between Shiji and the customer, only pseudonymized data will be transferred from the data source of the customer to Shiji and Shiji will only store and processes pseudonymized data. If the Snapshot Marketplace or Shiji Services are used based on the standard settings, the legal requirements are complied with. Privacy by Design / Privacy by Default (Art 25 GDPR);
- f) If the customer transfers data to Shiji, which contain personal data within the meaning of the GDPR, a separate DPA (Para. 28 GDPR) has to be concluded between Shiji and the customer and it must be ensured that the data is processed in accordance with the legal provision. The transmission of personal data to Shiji without previously concluding a DPA and taking all necessary precautions to ensure the compliance with the legal provisions is not allowed. If Shiji discovers that the customer has used Shiji to store personal data without the knowledge of Shiji, Shiji is entitled to delete those data and to terminate all business relationships with the customer without observing a notice period.
F.5 In the event that Shiji functions as a provider in accordance with the GDPR and the German Data Protection Law (if applicable), Shiji declares that it offers sufficient guarantees for the lawful and secure use of data. In this case Shiji is obligated to:
Use all data solely for the customer´s orders. The transmission of personal data, without a customer order, is prohibited.
Implement all necessary data security measures in accordance with GDPR and the German Data Protection Law. Shiji only allows those employees access to data, who are obligated to maintain data confidentiality or who are bound by a legal duty of confidentiality.
Only consult with further providers with the customer´s approval. Shiji is obligated to inform the customer about the planned consultation of the further providers in a timely manner, so that the customer is able to prohibit the consultation of the provider, if so desired.
Transmit all processing results and documentation, which contains data, to the customer or to store or destroy that data if the customer so requests, after the completion of the provision of the Services.
F.6 Location: Data processing location: The data processing is performed in the data processing center of:
Amazon Web Services, located in EU-Region (Frankfurt, London, Dublin)
Microsoft Azure, located in Netherlands
F.7 Transmission of Data to Third Countries for the purpose of processing. The contracting parties agree that only European Countries or Countries, which provide an adequate level of data protection within the meaning of Art. 45 GDPR, are allowed to process those data.
I N F O R M A T I O N: If the customer´s headquarter is not located in a European Country, the customer agrees that Shiji is allowed but not obligated to transfer the data (Customer Master Data and Order Data) to the Country in which the customer´s headquarter is located; however, this shall only apply if:
- the transmission of data is necessary in order to fulfill the contract.
- the transmission of data is required for the pursuit if legal claims.
F.8 Data Portability (Art. 20 GDPR): Shiji will provide stored data in electronical readable form within the meaning of Art. 20 GDPR. Shiji does not warrant that those provided data can be imported into other applications.
F.9 Data will be transferred to / Sub processors:
Shiji Subsidiaries (Shiji Austria GmbH, Shiji Poland z.o.o,)
Microsoft Office 365, Microsoft Corporation. One Microsoft Way, Redmond, Washington 98052, United States, https://products.office.com/en/business/office-365-trust-center-privacy
Microsoft Azure, Microsoft Corporation. One Microsoft Way, Redmond, Washington 98052, United States. https://www.microsoft.com/en-us/TrustCenter/Privacy/default.aspx
Amazon Web Services Inc. 1200 12th Avenue South, Suite 1200, Seattle, WA 98144, United States https://aws.amazon.com/privacy/
Salesforce CRM, Salesforce.com Inc. The Landmark at One Market, Suite 300, San Francisco, CA 94105, United States, https://www.salesforce.com/company/privacy/
Atlassian Cloud (JIRA, Confluence), Atlassian Pty Ltd c/o Atlassian Inc. 1098 Harrison Street, San Francisco, CA 94103, United States, https://www.atlassian.com/legal/privacy-policy
Dropbox, Dropbox Inc. 333 Brannan Street, San Francisco, CA 94107, United States, https://www.dropbox.com/privacy
Woopra Analytics, Woopra Inc. 300 Montgomery St. Suite 208, San Francisco, CA 94104, United States, https://www.woopra.com/privacy/
Zuora, Zuora Inc. 3050 South Delaware Street, Suite 301, San Mateo, CA 94403, United States, https://www.zuora.com/privacy-statement/
Adyen, Adyen B.V. Simon Carmiggeltstraat 6-50, 1011 DJ in Amsterdam, Netherlands, https://www.adyen.com/policies-and-disclaimer/privacy-policy
GoCardless, GoCardless Ltd. Sutton Yard, 65 Goswell Road, London, EC1V 7EN, United Kingdom, https://gocardless.com/en-eu/legal/privacy/
Hubspot, Hubspot Inc. 25 First Street, 2nd Floor Cambridge, MA 02141 United States, https://legal.hubspot.com/privacy-policy?_ga=2.166238909.2093295324.1525526960-1064276107.1519204914
Freshdesk, Freshworks Inc. 1250 Bayhill Drive, Suite 315, San Bruno, CA 94066, United States, https://www.freshworks.com/privacy/?_ga=2.51684585.1920727499.1525526993-459645676.1525436993
Mailchimp, The Rocket Science Group LLC. 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, United States, https://mailchimp.com/legal/privacy/
Appcues, Appcues Inc. 54 Canal Street, 5th Floor, Boston, MA 02114, United States, https://www.appcues.com/privacy
Sendgrid, SendGrid Inc. 1801 California Street, Suite 500, Denver 8020, United States, https://sendgrid.com/policies/privacy/
F.10 Shiji shall assume responsibility to ensure that the transferred credit card holder data and the sensitive authentication data will only be processed in accordance with the applicable Payment Card Industry Data Security Standards (currently V 3.2), within its area of responsibility. Shiji transfers, processes and stores this data in accordance to the requirements of the latest version of PCI DSS and shall be liable for the security.
F.11 Right to submit a complaint to the supervisory authorities: The customer notes that he is entitled to submit a complaint to a competent data protection supervisory authority.
G. IPR – INTELLECTUAL PROPERTY RIGHTS
G.1 Customer acknowledges that all rights, title and interest in and to the services and the Software, together with its codes, derivative works, organization, structure, interfaces, any documentation, data, trade names, trademarks, trade secrets, proprietary information or other related materials is, and at all times shall remain, the sole and exclusive property of Shiji. Except the right to use the software, as expressly provided herein, this Agreement does not grant to customer any rights to, or in, patents, copyrights, database rights, trade secrets, trade names, trademarks (whether registered or unregistered) or any other rights or licenses with respect to the services or the Software.
G.2 The customer shall not remove or modify any program markings or any notice of Shiji or its licensors’ proprietary rights. Customer shall not attempt, or directly or indirectly allow any authorized user or other third party to attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, reverse compile, disassemble, reverse engineer, download, transmit or distribute all or any portion of the Services and/or Software in any form or media or by any means.
H.1 Both contracting parties agree on not passing on any business information or technical information concerning the other party to third parties. Information which is generally known or available is excluded from this contract. The transmission of information to affiliated companies or subcontractors is permitted, provided that the transmission is necessary for the proper provision of the performances agreed on and provided that the transmission is permitted by law.
H.2. Notwithstanding Shiji is allowed to disclose information to government authorities and state authorities if the disclosure was ordered by an ordinary court or by a competent public authority.
I.1 Shiji shall not be held liable for contracts which the customer agrees to with third parties through the Snapshot Marketplace.
I.2 This contract shall be governed by German Law. The application of the UN- Convention on International Sale of Goods (1980) is explicitly excluded.
I.3 Alterations and additions to this contract agreed by the parties must be made in writing to be effective.
I.4 Shiji is entitled to advertise with the fact that the customer is using the software, if the customer concludes a contract with Shiji. In this context, Shiji is entitled to use the customer´s Logo in an appropriate way. All uses beyond this must be coordinated with the customer. It is permissible that Shiji advertises online with the customer using its software.
I.5 The contracting parties mutually waive the right to set-off their claim against the claim of the other party.
I.6 All disputes or claims arising from or in connection with this contract, including disputes about the validity, infringement, termination or invalidity of this contract, shall be finally settled in accordance with the Arbitration Rules of the German Arbitration Institute (DIS) without recourse to the ordinary courts of law. The arbitral tribunal shall be comprised of one arbitrator. The seat of the arbitration is Munich. The language used at the arbitration has to be English unless the contractual parties agree on German. The rules of law applicable to the merits shall be German.