These terms and conditions of use (T&C) apply to the use of our App “Kudozza” (“App”) via Microsoft Teams and constitute a legally valid contract between you as a user of this app and/or the company that makes the app available to their employees, e.g. as part of your employment relationship (collectively “User”) and surviveF5 GmbH, based in Lärchenweg 13, 40699 Erkrath, Germany (“Provider”). Please read these T&C carefully before installing the App.
The App is not offered, operated or otherwise belongs in any way to the Microsoft Group, but is the sole responsibility of the Provider. The Provider, in turn, is not responsible for Microsoft Teams, especially not for any problems or unavailability. However, since the App is currently offered exclusively via Microsoft Teams, we are dependent on the availability of it, but cannot influence it.
1. Conclusion of contract
The (usage) contract is concluded when the User installs the App from the Microsoft Appstore and accepts these T&C during the installation process. Without the User accepting the T&C, it is not allowed to use the App.
If acting for a company, the User assures that it can conclude these T&C in a legally binding manner for the company (e.g. in the event that companies wish to make the App available to their employees).
2. App, Term and Termination
In principle, the Provider provides the App free of charge for use over an unlimited period of time for the duration of its installation (“Term”). The App is not available or offered through purchase.
The base usage of the App is provided free of charge within certain limits (limitation of free Kudos to use by the User per month, “Base Version”). In the Base version, Kudos (and related data regarding the giving/receiving of Kudos) are only accumulated and saved for one year and therefore are deleted (together with related data) after one (1) calendar year.
The limits of the Base Version can be extended by purchasing monthly or yearly plans with different scopes of services (including e. g. additional Kudos and functions, “Plan”). Plans, their prices and their duration are described in more detail in the purchasing process. A Plan is only valid as long as the payment by the User is made for the selected Plan; for as long as such payments are made, an automatic renewal of the selected Plan will be in place. The selected Plan ends automatically after the stop of payments by the User and the User may only use the Base Version from this moment on. The Parties may terminate the Term and/or a monthly Plan with a five (5) day notification to the end of a calendar month. A yearly Plan may be terminated by the Parties with a one (1) month notification to the end of a calendar year.
For the Provider ́s termination notice it shall be sufficient that the Provider gives notice to the User via the App, e-mail or similar technical means. The Provider is entitled to terminate these T&C, the Term, a Plan and to revoke the right of use at any time for good cause and without a notice period. Good cause shall be deemed to exist if, taking into account all circumstances of the individual case and weighing the interests of both parties, the Provider cannot reasonably be expected to continue the contractual relationship. Good cause shall be deemed to exist in particular if the User violates these T&C, in particular the provisions of Clauses 2, 3 and 6.
Upon termination of the Term and/or Plan, the right of use of the App expires and the User shall cease using the App and deinstall the App, except for the data that are subject to statutory retention obligations. In case you use the Base Version of our App, your Kudos and Users connected with those Kudos will be deleted after one (1) year after your last use of our App.
If the User wishes to continue using the App after the end of the Period of Use, it must again obtain it from the Provider or install it from the Microsoft Appstore and conclude a new usage contract (including the right of use).
The Provider reserves the right to offer the services, additional functions or other content at a later date in return for payment. The App may only be used in accordance with these T&C. The Users are only allowed to use the App for legal activities. The use for illegal, pornographic, criminal, obscene, insulting, discriminatory, racist or similar reprehensible activities or contents is not allowed.
The User must ensure that the system requirements necessary for Microsoft Teams and for the App are met by it.
The App is made available for installation exclusively via the Microsoft Appstore.
In case the App, its functions, services or parts thereof are or become subject to payment, the following provisions apply.
If such a payment obligation is newly introduced (not including plans or the introduction of new plans), the User has the right to terminate the (usage) contract for the app without notice.
The User shall pay the fees as displayed before purchase (e. g. in the purchase process, in price lists, in the App, etc.). All payments are due and payable immediately without deductions. In case the payments are not made or the User does not continue to pay the fees for the selected plan (and therefore the plan is automatically terminated), the User may only use the Base Version.
In case a Plan is terminated, regardless of the reason thereof, the Provider is not obliged to pay back the User any payments made for the current Plan.
Purchases of digital contents/goods (such as, but not limited to, Kudos) are excluded from return/revocation, as described in the following.
4. Right of revocation
- Start of the revocation notice -
In case you are a customer in accordance with § 13 BGB, you may revoke your agreement on the conclusion of a contract in text form (e.g. letter, e-mail, contact form) within 14 days without stating reasons. The period begins after receipt of this instruction in text form, but not before conclusion of the contract and also not before fulfillment of our information obligations pursuant to Article 246 § 2 in connection with § 1 paragraph 1 and 2 EGBGB and our obligations pursuant to § 312g paragraph 1 sentence 1 BGB in connection with Article 246 § 3 EGBGB. The timely dispatch of the revocation is sufficient to comply with the revocation period. The revocation shall be sent to:
- surviveF5 GmbH
40699 Erkrath, Germany
4.1 Consequences of revocation
In the event of an effective revocation, the services received by both parties must be returned and any benefits derived (e.g. interest) must be returned. If you are unable to return the received performance and benefits (e.g. benefits of use), or are only able to do so in part or in a deteriorated condition, you must compensate us for the loss of value. This may mean that you must nevertheless fulfill the contractual payment obligations for the period until revocation. Obligations to refund payments must be fulfilled within 30 days. The period begins for you with the dispatch of your revocation, for us with its receipt.
4.2 Exclusion of the right of revocation
The right of revocation does not apply to companies entrepreneurs or similar entities acting as commercial entitites according to § 14 BGB.
In case you make a purchase as customer according to German law (§ 13 BGB), your statutory return/revocation rights under § 312g BGB are excluded due to § 356 para. 5 BGB. For this purpose, you hereby (i) expressly agree that the Provider begins with the execution of the contract for your purchase before the expiry of the statutory return/revocation period of 14 days, and (ii) expressly confirm that you know that the aforementioned consent leads to the loss of your revocation right upon start of the execution of the contract for your purchase.
- End of the revocation notice -
The Provider generally tries to ensure the greatest possible availability of the App. However, due to occasional maintenance work, updates or technical problems (which often cannot be completely avoided regarding software and apps), the Provider cannot guarantee constant availability. Furthermore, the App availability always depends on the availability and proper functioning of Microsoft Teams and/or the Microsoft Appstore. Please note that we have no influence on the Microsoft applications.
The Provider reserves the right to make changes to the App and these T&C at any time - e.g. with regard to the scope of functions, design or handling. Users will be informed adequately of any significant changes to the App and these T&C (e.g. within the framework of the App Store or an update, on first use after such a change, via e-mail to the team owner).
In case of significant changes of the App and/or these T&C, the User may terminate the contractual relationship with the Provider within a two (2) weeks notification after the information of such changes. In case the User does not terminate the contractual relationship, the changes to the App and/or these T&C shall be deemed to be accepted by the User after the aforementioned period.
7. Intellectual property
7.1 General ownership of intellectual property rights
All rights, in particular copyrights and other intellectual property rights (altogether “IPR”), to the App remain with the Provider, with the exception of the IPR which the Provider expressly grants to the User by these T&C.
The Provider is not owner of any IPR of Microsoft or regrading Microsoft Teams and therefore cannot grant or decline any of these IPR. Please contact Microsoft if you have any questions or issues in this regard.
7.2 Granting of rights of use to Users
The Provider grants the User the simple, non-exclusive, revocable right to install the App from the Microsoft Appstore for Microsoft Teams and use it for the Period of Use for a team or an organization within Microsoft Teams. The App may only be used by the respective User, unless the User obtains the App as a company for its employees or as team owner or organization member for its team or organization (Third Users). In this case the Third Users may also use the App or the company may provide the App to these Third Users. Upon request of the Provider, the Third Users of the App are to be named. The User making the App available to Third Users shall ensure that the Third Users comply with these T&C and agree to them.
7.3 Period of use
The aforementioned right to use the App is granted for the Term until its termination by one of the Parties.
As the Provider provides the App free of charge, the Provider does not provide any maintenance or support services. The Provider provides further maintenance and/or support services only in case the purchases a Plan including these services.
The Provider is not obliged to further develop the App. The Provider may publish further developments as new versions (updates), but the User is not entitled to demand such updates. It is the User’s responsibility to inform itself regularly whether new updates are available for the App.
The User has the right to use an update or to waive such use (depending on the update mechanisms of Microsoft teams). If the Provider has (also) created an update for the purpose of addressing material defects and defects of title of the App and the User waives the installation of the update, the User shall have no claims whatsoever in connection with the defects to be addressed by the update.
Limitation of liability
9.1 General liability
For the liability of the Provider and the User statutory provisions of German law apply, unless otherwise specified below.
9.2 Unlimited liability
Irrespective of the legal grounds, the Provider is liable without limitation for damages and expenses which occur
- through injury to life, body or health,
- through intentional or grossly negligent;
- by fraudulently undisclosed legal or material defects of the App and
- because of a liability governed by the Product Liability Act.
Any further liability of the Provider is excluded.
9.4 Statute of limitations
If the User is a company, business or entrepreneur and not a consumer under German law, the statutory limitation period for all claims against the Provider is one (1) year, with the exception of
- claims based on intentional or grossly negligent conduct by the Provider;
- claims for damages based on injury to life, body, health or freedom,
- claims caused by fraudulently undisclosed legal or material defects of the App and
- claims under the Product Liability Act.
In these cases, the statutory provisions shall apply.
The period of limitation begins in accordance with the statutory provisions.
10. Data protection – Data Processing Agreement (Art. 28 GDPR)
10.1 General information
The following provisions form the Data Processing Agreement (“DPA”) between the Provider and the User, on the basis of which the Provider processes the User’s personal data. In this respect, the DPA specifies the Provider’s obligations under data protection law.
The DPA only applies if the User is a company or another entity, organization or a team owner (“Controller”) installing the App for its employees or team/organization members (Third Users) and these Third Users use the App. In this case, the company is responsible for the compliance with data protection regulations such as the European General Data Protection Regulation (GDPR). The DPA is part of the T&C, the provisions of which are also applicable to the DPA. In the event of disputes, the DPA shall take precedence over the T&C.
10.2 Application of the DPA
The Provider processes (e.g. collects, stores, uses, deletes, etc.) personal data on behalf of and at the instruction of the Controller to fulfil its obligations based on the T&C.
If the Provider is of the opinion that an instruction from the Controller violates the GDPR or other data protection regulations of the European Union or its member states, it will inform the Controller accordingly. In such cases, the Provider is entitled to suspend the execution of the instruction until the Controller confirms or amends the instruction.
10.3 Obligations of the Controller
Within the scope of this agreement, the Controller is responsible for compliance with the statutory provisions of the data protection laws. The Controller is responsible, to take all necessary measures to ensure Providers allowance to process the data as set out herein.
Should third parties assert claims against the Provider due to the processing of their data, the Controller will indemnify the Provider from all such claims on first request.
The Controller shall immediately and fully inform the Provider if it discovers any errors or irregularities in connection with the processing of the data by the Provider under this Agreement or its instructions.
10.4 Obligations of the Provider
The Provider processes the data to provide the services set out in the T&C , the DPA and the special individual instructions of the Controller. The Provider is not entitled to pass on the data to third parties without authorisation. This does not apply if (i) this is done in accordance with the T&C, the DPA or the commissioned services, (ii) is requested in writing by the Controller or (iii) is required by law or legal requirements.
The Provider shall, in cases of Section 8.4(iii), to the extent permitted by applicable law, inform the Controller in advance of the intended data processing of such legal and law requirements .
The Provider supports the Controller in controls by the supervisory authorities within the scope of what is reasonable and necessary, insofar as these controls concern data processing by the Provider. It will provide the Controller with the information required by the Controller to prove that it has complied with the requirements of the applicable data protection law with regard to this DPA.
Taking into account the nature of the data processing and the information available to it, the Provider will also assist the Controller, on request, in complying with the obligations of Art. 32 to 36 GDPR.
The Provider shall inform the Controller without delay if it becomes aware of an infringement of data protection law in the course of processing the data on behalf of the Controller.
The Provider obliges the persons employed in the processing of the data to process the data confidentially.
The Provider shall support and cooperate with the Controller to a reasonable extent regarding inspections by supervisory authorities and requests of the Controller in accordance with this section 9.4.
10.5 Technical and organisational measures (TOM)
The Provider shall implement the technical and organisational measures required under Art. 32 DSGVO before data processing begins. A list of these technical and organisational measures will be made available to the Controller on request.
The technical and organisational measures are subject to technical progress and further development. In this respect, the Provider may implement alternative, adequate measures. Changes shall be documented and the documentation shall be made available to the Controller on request. Significant changes are to be communicated to the Controller in an appropriate manner (e.g. by updating patchnotes, the app store description, etc.). In the event of a substantial change, the list of technical and organisational measures shall be adjusted accordingly.
The Provider shall provide the Controller with all information necessary to demonstrate compliance with the obligations set out in this Article and shall allow and assist in any reasonable checks, including inspections, carried out by the Controller. Such controls and inspections shall be notified in good time in advance, shall be limited to one control per calendar year and shall be carried out during the business hours of the Provider. The Controller will take into account the operational procedures of the Provider and interfere with the operational procedures of the Provider as little as possible.
Proof that suitable measures have been implemented can also be provided by presenting current certificates and reports from independent auditors (auditors, auditors, data protection officer, IT security department, etc.). In this case, an on-site inspection by the Controller is excluded.
The Provider may demand an appropriate remuneration for his efforts in carrying out the controls.
The Provider may establish subcontracting relationships with regard to the processing of the data. A list of the subcontractors and their respective fields of activity shall be made available by the Provider to the Controller upon request. Upon conclusion of these T&C, these subcontractors shall be deemed to be accepted by the Controller.
The Provider uses the following subcontractors:
- Amazon Web Services (Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg, being a subsidiary to Amazon Web Services, Inc., 410 terry Avenue North, Seattle, WA 98109-5210, USA);
- Microsoft Azure AD (Microsoft Ireland Operations, Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland, being a subsidiary to Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA).
The Provider will pass on the obligations set out in this agreement, including the guarantee of technical and organisational measures, to its subcontractors. The technical and organisational measures must comply with the requirements of the applicable data protection law.
10.8 Rights of affected parties
The rights of data subjects must be asserted against the Controller.
Insofar as a data subject asserts its rights against the Provider, the Provider will forward the request to the Controller in a timely manner.
Insofar as a data subject asserts his or her rights against the Controller, the Provider will support the Controller with suitable technical and organisational measures to meet these claims appropriately and to the necessary extent if the Controller cannot meet the claim without the support of the Provider.
The Provider may demand appropriate remuneration for the support actions according to this section 8 of these T&C.
10.9 Data protection officer/contact
The Provider is not obliged to appoint a data protection officer. All requests, and communication regarding data protection can be sent to surviveF5 GmbH, based in Lärchenweg 13, 40699 Erkrath, Germany.
10.10 Duration, deletion and return of data
This DPA shall enter into force upon the installation of the App or the conclusion of the T&C in accordance with section 1 and shall run for an indefinite period. The DPA ends with the termination of the (usage) contract, on which the data processing by the Provider is based, without the need for a separate termination of the DPA.
Upon termination of use, the Controller shall have 30 days to secure its data. The Provider shall make them available or send them to him in a common format for download. After this period, the Controller’s data will be deleted, unless the Provider is required to continue storing the data in order to fulfil his own (retention) obligations.
11. Final provisions
11.1 Severability clause
11.2 Place of jurisdiction/applicable law
If a legal dispute cannot be avoided, the parties agree that the exclusive place of jurisdiction shall be the registered office of the Provider, Erkrath (place of court: Wuppertal).
The legal relationship is subject to German law, excluding the UN Convention on Contracts for the International Sale of Goods and the referral regulations of German international private law.
11.3 Other general terms and conditions
Terms and conditions other than those of the Provider are excluded and not applicable.
Last updated: December 2020