Terms of Service

We provide downloadable versions of our General Terms and Conditions (GTCs) and Service Level Agreements (SLAs) bellow, in case you wish to have it. You can also read it on this page as follows.

If you have any questions regarding our GTCs or SLAs, please feel free to contact us.

General Terms and Conditions

1. Scope of Application

These terms and conditions apply to the provision of the software by the licensor, ContainerGrid GmbH (hereinafter referred to as "Software"), between the licensee and the licensor. These terms and conditions, as well as the scope of services, apply to all services provided by the licensor in connection with the provision of the Software.

2. Subject Matter of the Contract

2.1 The subject of these General Terms and Conditions (hereinafter "GTC") is the time-limited provision of the Software for the duration of the contract, in accordance with the currently valid scope of services, including the granting of the rights necessary for its contractual use pursuant to § 6.

2.2 These GTC apply exclusively. Conflicting or deviating general terms and conditions of the licensee shall not be recognized unless their validity has been expressly agreed upon in writing. The GTC shall also apply if ContainerGrid GmbH provides its services unconditionally while being aware of conflicting or deviating terms and conditions of the licensee.

2.3 The contractual relationship between ContainerGrid GmbH and the licensee is subject to the laws of the Federal Republic of Germany, excluding the uniform UN Sales Convention.

2.4 These terms and conditions do not cover the customization, configuration, or implementation of the Software. The Software is provided by the licensor as "Software as a Service" (SaaS). The licensor fulfills its obligations by granting the licensee access to the Software. The specific characteristics of the Software are conclusively defined in the scope of services. The Software is provided in its latest version unless otherwise explicitly agreed in writing. No additional characteristics or warranties beyond this shall be owed unless expressly and in writing assured by the licensor.

3. Scope of Services

3.1 ContainerGrid provides the licensee with the ordered Software in its latest version via the internet for use during the contract term in return for payment. For this purpose, ContainerGrid hosts the Software in an ISO 27001-certified data center in Germany, which is accessible via the internet for the licensee. ContainerGrid is entitled to adapt the Software at any time in terms of functionality and design. However, ContainerGrid shall not remove any functionality and will reasonably consider the legitimate interests of the licensee when making changes to functions.

3.2 The license applies to the agreed number of employees or users (hereinafter "authorized users") who are entitled to use the Software simultaneously. The licensee may add any number of users to their account. However, the Software may only be used simultaneously by the agreed number of authorized users. The licensee may only add employees and/or contractors as users who are granted access to the Software on behalf of and in connection with the provision of services to the licensee.

3.3 The licensee is not entitled to make the Software available to third parties, whether for a fee or free of charge. The subleasing of the Software is expressly prohibited. The licensee undertakes to structure its contractual relationships with third parties in such a way that any free use of the Software is excluded.

4. Conclusion of Contract, Prices, and Payment Terms

4.1 ContainerGrid will only submit a binding offer or accept the customer's binding offer if the customer is a company or an individual acting in the course of their commercial or professional activities.

4.2 In the case of contract conclusion via the licensor’s website, a contract is formed as follows: By clicking on a button labeled “Order with obligation to pay” or a similar phrase, the licensee declares acceptance of the licensor’s contractual offer under these GTC. All offers from ContainerGrid GmbH that are submitted in writing or via email remain non-binding and subject to change until final order confirmation. The licensee’s order constitutes a binding offer to ContainerGrid GmbH. The contract between ContainerGrid GmbH and the licensee is concluded upon written order confirmation by ContainerGrid GmbH. Special agreements, side agreements, or amendments require written confirmation by ContainerGrid GmbH. Terminations must always be in writing or text form.

4.3 In the event of force majeure or other unforeseeable, extraordinary, and unavoidable circumstances—such as operational disruptions, strikes, lockouts, governmental interventions, or natural disasters—performance deadlines shall be extended for the duration of the impediment plus a reasonable ramp-up period. ContainerGrid GmbH shall promptly inform the licensee of the occurrence and expected end of such circumstances. If performance becomes wholly or partially impossible due to such circumstances, ContainerGrid GmbH shall be released from its performance obligations to the corresponding extent. Any advance payments by the licensee shall be promptly refunded. Otherwise, the licensee shall have no claims for damages due to unintentional delay or impossibility.

4.4 The current price list of ContainerGrid GmbH applies unless a specific written price agreement has been made. All prices are exclusive of statutory VAT. During any free trial period, the licensor's services are provided free of charge.

4.5 A commercial licensee will be in default fourteen days after the due date and receipt of the invoice, without the need for a reminder.

5. Obligations of the Licensee

5.1 The licensee shall ensure that the system and hardware requirements necessary for the operation of the Software, particularly regarding performance and system security, are met.

5.2 The licensee is obliged to:

  • Continuously maintain the licensee’s system environment (hardware and software);
  • Promptly install provided updates, patches, and maintenance measures. Due to such developments, an upgrade of hardware or operating systems used may become necessary;
  • Ensure the prerequisites for support services. This includes informing ContainerGrid GmbH about specific aspects of the licensee's IT system and documenting identified errors in a reproducible or at least comprehensible manner before promptly notifying the licensor;
  • Assign only sufficiently qualified personnel for inquiries to the licensor;
  • Secure access credentials, particularly user ID and password, against unauthorized access by third parties through appropriate measures.

5.3 The licensee shall regularly perform systematic backups of its stored data in accordance with established industry standards. Regardless of the licensor’s data backup measures, the licensee must safeguard its data with the diligence of a prudent merchant. Specifically, before any installation and/or other interventions by the licensor or third parties commissioned by the licensor, the licensee shall perform a complete backup of all system and application data. These backups must be stored in such a manner that the secured data can be restored at any time.

Additionally, the licensee must protect systems under its control from unauthorized access, storage, alteration, or other unauthorized access or attacks by its employees or third parties, regardless of their nature.

For this purpose, the licensee shall implement appropriate state-of-the-art security measures, particularly against viruses and other harmful programs or program routines, as well as other security measures, including burglary protection. If the licensee uses systems outside its control, it must impose corresponding obligations on its contractual partners and regularly monitor compliance with them.

5.4 The licensee shall grant the licensor the right to use third-party systems if necessary for the provision of contractual services.

6. Compliance with Legal Regulations

6.1 The licensee agrees not to store any content on the storage space provided by the licensor if its provision, publication, or use violates applicable law or agreements with third parties.

The licensor is entitled to immediately block the storage space if there is reasonable suspicion that the stored data is unlawful and/or violates third-party rights. A reasonable suspicion of unlawfulness and/or infringement exists particularly if courts, authorities, or third parties inform ContainerGrid of such violations.

ContainerGrid shall immediately notify the customer of the removal and the reason for it. The block will be lifted as soon as the suspicion is refuted.

6.2 The customer shall indemnify the provider against all third-party claims arising from data stored by the customer and shall compensate ContainerGrid for any costs incurred due to potential legal violations.

7. Granting of Rights

7.1 Subject to the licensee’s full and continuous compliance with the general conditions of this contract, particularly the payment of license fees as confirmed in the order confirmation, ContainerGrid GmbH grants the licensee a simple, non-transferable, non-assignable license to use the Software exclusively for the permitted purposes specified in this contract.

7.2 ContainerGrid GmbH is not obliged to provide updates, improvements, modifications, upgrades, or enhancements to the Software.

7.3 The rights to data stored, entered, or imported by the licensee shall remain exclusively with the licensee.

All rights to the Software itself, particularly copyright, shall remain solely with the licensor, even if the Software or parts thereof were developed based on instructions or collaboration from the licensee.

8. Liability

8.1 The licensor shall be liable without limitation in the following cases:

  • In cases of intent or gross negligence;
  • For injury to life, body, or health;
  • Under the provisions of the Product Liability Act;
  • To the extent covered by a guarantee given by the licensor.

8.2 In cases of slight negligence, where a material contractual obligation (cardinal obligation) has been violated, the liability of the licensor is limited to the amount of foreseeable and typical damages for such contracts.

The parties agree that foreseeable, contract-typical damages shall not exceed EUR 500,000 per damage event.

If the licensee anticipates a potential damage exceeding this amount, they must notify the licensor immediately.

8.3 The licensor’s liability shall not extend beyond this. In particular, there is no liability for initial defects, unless the conditions of Sections 8.1 and 8.2 are met.

8.4 This limitation of liability also applies to personal liability of employees, representatives, and corporate bodies of the licensor.

8.5 During a free trial period, the licensor’s liability is governed by the provisions of gift law (donation liability under § 521 BGB).

9. Confidentiality

9.1 The parties agree to maintain confidentiality regarding confidential information. This obligation shall remain in force for a period of five years after termination of the contract.

9.2 This obligation does not apply to confidential information that:
a) Was demonstrably known to the recipient at the time of contract conclusion or was subsequently disclosed by a third party without violating a confidentiality agreement, legal provisions, or official orders;
b) Was publicly known at the time of contract conclusion or is later made public, provided this does not result from a violation of this contract;
c) Must be disclosed due to legal obligations or an order of a court or authority.

Where permitted and possible, the recipient obligated to disclose the information shall notify the other party in advance and provide an opportunity to object to the disclosure.

9.3 The parties shall grant access to confidential information only to advisors who are subject to professional secrecy or who have been contractually bound to confidentiality obligations equivalent to those in this contract.

Furthermore, the parties shall disclose confidential information only to those employees who need to know such information for the execution of this contract. These employees must also be contractually bound to confidentiality for the period after their employment ends, to the extent permitted by labor law.

10. Warranty

10.1 The licensor warrants the maintenance of the contractually agreed quality of the Software in accordance with its scope of services throughout the contract term. The licensor is obligated to remedy defects in the Software that arise during the contract term in accordance with legal regulations and within the timeframe specified in § 11.

Beyond this, the licensor does not owe any additional services, particularly no user support, customization, or maintenance services.

10.2 The licensee has no claims for defects if modifications have been made to the Software without the prior written consent of the licensor or if the Software is used in a manner not in accordance with the contract, and such modification or improper use is solely responsible for the defect.

10.3 ContainerGrid does not warrant that the Software will meet the licensee’s individual requirements. This applies in particular to the non-achievement of the intended economic success.

11. Availability

11.1 The licensor guarantees a total availability of services of at least 99.5% per month at the handover point. The handover point is the router exit of the licensor's data center.

11.2 Availability is defined as the licensee’s ability to use all main functions of the Software.

Maintenance periods performed outside of standard business hours (Monday to Friday, 9:00 AM to 6:00 PM) and disruptions within the defined resolution time shall be considered periods of Software availability.

Minor disruptions shall not be considered in the availability calculation. The measurement instruments of the licensor in the data center shall be decisive for determining availability.

11.3 The licensee must report disruptions immediately.

Disruption reporting and resolution are guaranteed Monday to Friday (excluding nationwide public holidays) during the business hours published on www.containergrid.de (currently 8:00 AM to 7:00 PM).

12. Error Resolution Times

12.1 Defects occurring in the Software shall be classified into the following categories and resolved according to their respective response and resolution times. The licensor shall keep the licensee informed about the status and progress of defect resolution.

  • Critical Defect (Priority 1):
    A malfunction that causes a complete or substantial system failure, rendering use entirely or almost entirely impossible. Business operations are so severely impaired that immediate resolution is essential.
  • Major Defect (Priority 2):
    A malfunction that significantly impairs system usability, making reasonable work with the system impossible or only possible with disproportionate effort. The simultaneous occurrence of multiple major defects may escalate to a critical defect.
  • Other Defect (Priority 3):
    Any other malfunction that does not or only insignificantly impair system usability. The simultaneous occurrence of multiple such defects may escalate to a major or critical defect.

12.2 The classification of defects into categories shall be determined by the licensee at their reasonable discretion, taking into account (i) the impact on business operations and (ii) the interests of the licensor.

12.3 The licensor shall respond to a reported defect within the following timeframes ("Response Time"):

  • For critical defects: Within one hour after receiving the report.
  • For major defects: Within two hours after receiving the report.
  • For other defects: Within one business day after receiving the report.

12.4 The licensor shall resolve defects within the following timeframes ("Resolution Time"):

  • Critical defects: Within 24 hours after receiving the report.
  • Major defects: Within two days after receiving the report.
  • Other defects: Within ten days after receiving the report, but no later than in the next Software version release.

12.5 If it becomes foreseeable that a critical or major defect cannot be resolved within the above-defined timeframes, the licensor shall provide a temporary workaround within those timeframes.

12.6 The licensor is entitled to provide support services via remote maintenance or remote diagnostics, provided that:

  • This does not disadvantage the licensee, particularly by extending the time required for on-site service delivery.
  • There are no risks to IT security.
  • The technical conditions at the licensee’s end are met.
13. Other Error Correction and Adjustment Services

13.1 The licensor shall provide other error correction and adjustment services exclusively based on a separate order. Other error correction and adjustment services under this provision include:

  • Modifications to the Software that are not part of defect correction, particularly adaptations to new products and services as well as to changes in the licensee’s operational processes;
  • Adaptation of the Software to a changed hardware and/or software environment of the licensee, including new program versions (e.g., new releases, updates/upgrades) of third-party software used in the system;
  • Correction of malfunctions caused by improper operation of the Software by the licensee, force majeure, third-party interference, or other effects not caused by the licensor;
  • Other modifications, additions, and extensions of the Software requested by the licensee.
14. Fees and Payment Terms

14.1 The licensee shall pay the fee agreed upon in the order process or order form.

14.2 The payable fee is due at the beginning of each billing period. If the contract is for a 12-month term, billing is conducted in advance for a maximum of 12 months.

14.3 If the licensee increases the number of authorized users during the contract term, the license fee shall be adjusted accordingly for the remaining contract duration, based on the pricing valid at the time of the increase.

15. Termination of the Contract

15.1 The contractual relationship shall end automatically at the agreed contract end without requiring termination. Early ordinary termination of the contractual relationship is excluded (§ 620 BGB).

15.2 The right to extraordinary termination for cause remains unaffected. ContainerGrid may immediately terminate this contract for cause if the customer:

  • Becomes insolvent or insolvency proceedings are rejected due to lack of assets;
  • Is in default with payment obligations from this contract amounting to at least one monthly fee and does not remedy the default within two weeks despite receiving a reminder with notice of termination;
  • Violates legal provisions when using the contractual services or infringes copyright, industrial property rights, or naming rights of third parties;
  • Uses the services provided under the contract for the purpose of promoting criminal, unlawful, or ethically questionable activities.

15.3 The licensor shall permanently delete all data of the licensee remaining on its servers 30 days after contract termination, unless longer statutory retention obligations apply.

16. Data Protection and Confidentiality

16.1 The parties shall comply with all applicable data protection laws.

16.2 If and to the extent that the licensor has access to the licensee’s personal data in the course of providing services, the parties shall enter into a data processing agreement before processing begins. In such cases, the licensor shall process personal data solely in accordance with these provisions and the instructions of the licensee.

17. Miscellaneous

17.1 The licensee may transfer rights and obligations from or in connection with this contract only with the prior written consent of the licensor.

17.2 The licensee may only offset claims against the licensor with undisputed or legally established claims.

17.3 Amendments and additions to the contract must be made in writing. This also applies to amendments or revocation of this clause.

17.4 The parties acknowledge that the Software may be subject to export and import restrictions. In particular, approval requirements may apply, or the use of the Software and related technologies abroad may be restricted. The licensee shall comply with all applicable export and import control regulations of:

  • The Federal Republic of Germany
  • The European Union
  • The United States of America
  • Any other relevant laws and regulations

The licensor’s contractual obligations are subject to the condition that no national or international export or import restrictions or other legal provisions prevent contract fulfillment.

17.5 The place of performance is Munich.
The exclusive place of jurisdiction is Munich, provided both parties are merchants or legal entities under public law.

17.6 If these GTC require compliance with the written form, it may also be fulfilled by:

  • Electronic form (§ 126a BGB)
  • Text form (§ 126b BGB)

Data Processing Agreement


between

Container Grid Customer / Principal (Controller)

and

Contractor (Processor) / ContainerGrid GmbH

1. Subject Matter and Duration of the Agreement

(1) This contract governs the processing of personal data by the Processor on behalf of and in the name of the Controller in accordance with the Controller’s instructions in connection with the service "Quick Start - Support for Setup."


The Contractor processes personal data for the Principal within the meaning of Article 4 No. 2 and Article 28 of the GDPR on the basis of this contract.

(2) The contractually agreed service shall be provided exclusively in a Member State of the European Union or in a contracting state of the Agreement on the European Economic Area. Any transfer of the service or parts thereof to a third country is not permitted.

Duration of the Contract

The contract is concluded for an indefinite period.

The notice period is six months to the end of the year.

The right to extraordinary termination remains unaffected. The Controller may terminate the contract at any time without notice if:

  • The Contractor seriously violates data protection regulations or the provisions of this contract,
  • The Contractor cannot or will not comply with an instruction from the Controller, or
  • The Contractor unjustifiably refuses the Controller’s right to conduct audits.

In particular, non-compliance with the obligations agreed upon in this contract and derived from Article 28 of the GDPR constitutes a serious violation.

2. Type and Purpose of Processing, Type of Personal Data, and Categories of Data Subjects

Type of Processing

(According to the definition in Article 4 No. 2 GDPR):

  • Formatting and storing the data in the ContainerGrid database.

Type of Personal Data

(According to the definition in Articles 4 No. 1, 13, 14, and 15 GDPR):

  • Data of natural and legal persons.

Categories of Data Subjects

(According to the definition in Article 4 No. 1 GDPR):

  • Customer master data.

3. Rights, Duties, and Instruction Authority of the Controller

(1) The Controller alone is responsible for assessing the lawfulness of processing under Article 6(1) GDPR and for ensuring the rights of data subjects pursuant to Articles 12 to 22 GDPR. Nevertheless, the Processor is obligated to immediately forward all such requests to the Controller, provided they are clearly directed exclusively to the Controller.

Any changes to the subject matter of processing and procedural modifications must be jointly coordinated between the Controller and the Processor and documented in writing or in an electronically recorded format.

(2) The Controller shall issue all orders, sub-orders, and instructions generally in writing or in an electronically recorded format. Oral instructions must be confirmed without delay in writing or in an electronically recorded format.

(3) The Controller has the right, as specified in Section 5, to verify compliance with the technical and organizational measures implemented by the Processor and the obligations set forth in this contract before processing begins and thereafter at regular intervals in a reasonable manner.

(4) The Controller must immediately inform the Processor if errors or irregularities are detected during the review of processing results.

(5) The Controller is obligated to maintain confidentiality regarding all trade secrets and data security measures of the Processor that become known within the scope of this contractual relationship. This obligation remains in effect even after the termination of this contract.

4. Authorized Instructors of the Controller, Instruction Recipients of the Processor

(1) Authorized Persons of the Controller:

  • (First name, last name, organizational unit, telephone)

(2) Instruction Recipient at the Processor:

  • Johannes Vitt, Managing Director

(3) Communication Channels for Instructions:

  • +49 157 725 086 87

In the event of a change or a long-term absence of the designated contacts, the contractual partner must be informed immediately and, as a rule, in writing or electronically about the successors or representatives.

Instructions must be retained for their period of validity and for an additional three full calendar years thereafter.

5. Duties of the Processor

(1) The Processor shall process personal data exclusively within the scope of the agreements made and in accordance with the instructions of the Controller, unless the Processor is required by Union law or the law of a Member State to which it is subject to process data differently (e.g., investigations by law enforcement or state security authorities). In such cases, the Processor shall inform the Controller of these legal requirements before processing, unless the relevant law prohibits such notification for reasons of important public interest (Article 28(3), Sentence 2, Letter a GDPR).

(2) The Processor shall not use the personal data provided for processing for any other purpose, particularly not for its own purposes. Copies or duplicates of the personal data shall not be made without the knowledge of the Controller.

(3) The Processor guarantees the proper execution of all agreed-upon measures related to the processing of personal data under this agreement. The Processor ensures that the data processed on behalf of the Controller is kept strictly separate from any other data inventories.

(4) Data carriers that originate from or are used for the Controller shall be specially marked. Their receipt, dispatch, and ongoing use shall be documented.

(5) Throughout the provision of services for the Controller, the Processor shall conduct regular reviews in its area:

  • The results of these reviews must be documented.
  • The Processor shall assist the Controller in fulfilling the rights of data subjects under Articles 12 to 22 GDPR, in the preparation of records of processing activities, and in conducting data protection impact assessments where required.
  • The Processor shall provide the necessary information immediately to the following designated contact point at the Controller: (to be specified).

(6) The Processor shall immediately notify the Controller if, in its opinion, an instruction issued by the Controller violates legal provisions (Article 28(3), Sentence 3 GDPR). The Processor has the right to suspend the execution of the respective instruction until it has been reviewed and either confirmed or modified by the Controller.

(7) The Processor shall rectify, delete, or restrict the processing of personal data from the contractual relationship if the Controller issues such an instruction, provided that there are no overriding legitimate interests of the Processor preventing compliance with the instruction.


(8) The Processor may only provide information about personal data from the contractual relationship to third parties or the data subject with prior instruction or consent from the Controller.

(9) The Processor agrees that the Controller—as a rule, after scheduling an appointment—has the right to verify compliance with data protection and data security regulations as well as the contractual agreements within a reasonable and necessary scope. This may be carried out either directly by the Controller or by third parties commissioned by the Controller, particularly through:

  • Requests for information,
  • Inspection of stored data and data processing programs, and
  • On-site reviews and inspections (Article 28(3), Sentence 2, Letter h GDPR).

The Processor guarantees that, where necessary, it will provide support and cooperation during these audits.

(10) The processing of data in private residences (i.e., telework or remote work by employees of the Processor) is only permitted with the explicit consent of the Controller.

If data is processed in a private residence, contractual arrangements must be made in advance to ensure access to the employee’s residence for inspection purposes by the employer. In such cases, the security measures required under Article 32 GDPR must still be ensured.

The Processor confirms that it is aware of the relevant data protection regulations applicable to data processing under this contract, as set forth in the GDPR. The Processor also commits to complying with confidentiality and secrecy obligations that apply to the Controller in relation to this contract.

(11) The Processor is obligated to maintain confidentiality in the contractual processing of the Controller’s personal data. This obligation remains in effect even after the termination of this contract.

The Processor guarantees that all employees involved in processing activities are made familiar with the applicable data protection regulations before commencing their duties. Additionally, these employees must be appropriately bound to confidentiality for the duration of their employment and even after the termination of their employment relationship (Article 28(3), Sentence 2, Letter b, and Article 29 GDPR). The Processor shall monitor compliance with data protection regulations within its operations.

(12) The appointed Data Protection Officer at the Processor is:

  • Mr. Aron Handreke, Managing Director
  • Phone: +49 157 725 086 87

Any change of the Data Protection Officer must be immediately communicated to the Controller.

The Processor is obligated to promptly inform the Controller in case of:

  • Exclusion from approved codes of conduct under Article 41(4) GDPR, or
  • Revocation of a certification under Article 42(7) GDPR.

6. Notification Obligations of the Processor in Case of Processing Disruptions and Personal Data Breaches

The Processor shall immediately notify the Controller of:

  • Disruptions in data processing,
  • Violations committed by the Processor or its employees,
  • Breach of data protection regulations or the contractual agreements,
  • Suspected data protection breaches or any irregularities in the processing of personal data.

This obligation is particularly important in relation to the notification and reporting duties of the Controller under Articles 33 and 34 GDPR.

The Processor guarantees to provide the Controller with appropriate support in fulfilling its obligations under Articles 33 and 34 GDPR, if necessary (Article 28(3), Sentence 2, Letter f GDPR).

Reports pursuant to Articles 33 or 34 GDPR may only be submitted by the Processor on behalf of the Controller after receiving explicit instruction, as outlined in Section 4 of this contract.

7. Obligations of the Processor Upon Termination of the Contract (Article 28(3), Sentence 2, Letter g GDPR)

Upon completion of the contractual work, the Processor shall, at the Controller’s discretion:

  • Hand over all data, documents, and processing or usage results that were acquired by the Processor or any subcontractors in connection with the contractual relationship, or
  • Properly delete or destroy the data in compliance with data protection regulations.

The deletion or destruction must be confirmed to the Controller in writing, specifying the date of deletion, either in a written format or in a documented electronic format.

8. Remuneration

Both parties shall bear their own costs for the organization and implementation of data protection.

No separate remuneration shall be owed.

9. Liability

(1) Liability for violations of this agreement or of GDPR regulations shall be determined in accordance with statutory provisions, particularly Article 82 GDPR.

(2) The Processor shall be liable for any fault committed by its subcontractors and any sub-subcontractors as if the Processor itself were at fault.

(3) The Processor shall indemnify the Controller against claims by third parties arising from performance failures of the Processor.

(4) The Processor bears the burden of proof to demonstrate that any damage or loss was not caused by circumstances for which it is responsible, insofar as data is processed under this contract. The Processor fulfills this obligation if it can demonstrate that:

  • It has complied with the terms of this contract during the collection and processing of data, and
  • It has properly implemented the technical and organizational measures as agreed.

10. Miscellaneous
  • Agreements regarding technical and organizational measures, as well as control and audit documentation (including for subcontractors), shall be retained by both contracting parties for their validity period and for an additional three full calendar years thereafter.
  • Supplementary agreements must generally be made in writing or in a documented electronic format.
  • If the Controller's property or processed personal data at the Processor is subject to third-party measures (such as seizure or confiscation), or if affected by insolvency or settlement proceedings, the Processor must immediately notify the Controller.
  • If any provision of this agreement is found to be invalid, this shall not affect the validity of the remaining provisions.
  • The following annexes are an integral part of this contract.
Annex 1 – Type and Purpose of Data Processing

1. Type and Purpose of Data Processing

The Processor shall process personal data on behalf of the Controller exclusively for the following purposes:

  • Transformation of customer data
  • Import of customer data into the ContainerGrid database

2. Types of Personal Data

The following personal data categories may be processed:


Master Data

  • Names (First name, last name, title, etc.)
  • Address Data (Street, city, etc.)
  • Contact Data (Email addresses, phone numbers, fax numbers, etc.)
  • Contact Persons (First name, last name, contact details, etc.)

3. Possible Categories of Data Subjects

The processing may involve the following data subjects:

Customers
Prospective Customers
Suppliers / Service Providers