General Terms and Conditions

for the use of SDiD’s Software as a Service “ESG Data and Information”
  1. Scope

    1. SD Identity UG (haftungsbeschränkt) is registered with the Commercial Register of the Local Court of Charlottenburg in Berlin under HRB 237234, with its business address at Veteranenstraße 24, 10119 Berlin, Germany (“SDiD”).

    2. SDiD provides its customers with a Software-as-a-Service (“SaaS”) for information on and comparison of companies’ environmental, social and governance data and scoring (“ESG Data and Information”). These are the general terms and conditions for the business relationship between SDiD and customers within the meaning of Section 14 of the German Civil Code (BGB) (“GTC”).

  2. Object of the contract

    1. SDiD provides customers with a wider range of ESG Data and Information and comparison tools than publicly available on SDiD’s website via a subscription. Such subscription to SaaS is referred to as the “Service” and is subject to a subscription fee (see Section 10 ).

    2. The Service requires the customer to open a “Company Account” with SDiD. The customer may share the log-in data to access and use the Company Account with its employees (each such user an “Authorized User”).

  3. Conclusion of the contract

    1. The subscription contract is concluded online by way of registration of a Company Account within the application. The customer selects a supported login method and provides the requested data to sign-up. By checking respective boxes, the customer accepts the current versions of these GTC. By continuing with the sign-up process, the customer provides to SDiD an offer to conclude a contract including these GTC. The contract is concluded only if SDiD accepts the customer’s offer by creating and opening a Company Account.

    2. Upon subscription, the customer guarantees that it acts in the capacity as entrepreneur. The user who subscribes on behalf of a company guarantees by subscribing to be legally authorized to act for such company.

  4. Use of SaaS

    1. SaaS is used by means of a cloud-based application via the internet browser. The customer does not download the software but uses the software on SDiD’s IT infrastructure.

    2. The customer is granted a simple, non-transferable, non-sublicensable, revocable right, restricted to the term of the contract, to use SaaS on SDiD’s IT infrastructure according to these GTC. In particular, the customer is not entitled to make SaaS accessible to third parties, to copy, decompile, reversely engineer or edit it beyond the Service.

    3. Only the customer itself and Authorized Users may use the access to SaaS, and only for the Service.

    4. SDiD merely provides the IT functions of SaaS. SDiD is not responsible for establishing or maintaining the data link between the customer’s IT systems and the router exit of SDiD’s data centre or its subcontractor's data centre through whose server the software is operated (“Transfer Point”). SDiD is not responsible for malfunctions beyond the Transfer Point.

    5. The provision of internet access is not part of the contract. The customer is responsible for the procurement and maintenance of the necessary hardware and connections to public telecommunications networks. SDiD is not liable for the security, confidentiality or integrity of the data communication, which is conducted via third party communication networks. SDiD is also not liable for malfunctions in data transmission caused by technical errors or configuration problems on the part of the customer.

    6. Unless otherwise agreed, for the term of the contract, the customer grants SDiD a simple, transferable, sublicensable right to use the data entered by the customer into SaaS for the purpose of performing the Service and any additional services according to these GTC and the contract.

  5. ESG data evaluation

    1. The subscription provides customers further access to companies’ ESG information including facts, ranking and comparison tools for companies’ ESG Data and Information as specified within the application.

    2. All ESG data used by SDiD are made publicly available by the companies themselves. SDiD does not verify such data. In case no data is available SDiD does not calculate or interpret missing company data, but states that no data is available. SDiD evaluates the ESG data, prioritizes and summarizes it to create transparent overviews and compares it to ESG data of other companies.

    3. There is no established industry standard regarding environmental, social and governance evaluation yet. The assessment of ESG criteria is subject to fact-based normative valuation. SDiD has developed its own ESG Score based on which companies are evaluated and ranked.

    4. SDiD selects and publishes ESG Data and Information and rankings of companies at its own discretion based on data available to SDiD.

  6. Customer’s cooperation obligations
    1. The customer shall

      1. not pass on the log-in details to the Company Account to any external party outside the company and shall protect them against third party access.

      2. instruct Authorized Users appropriately and ensure that Authorized Users apply due diligence with regard to the confidentiality of log-in data and use of SaaS, particularly if the customer permits them to use SaaS on their own end device.

      3. inform SDiD in case of suspected abuse without undue delay.

      4. only enter data, texts, pictures and other content to the Company Account that comply with applicable law, do not infringe third party rights and that the customer is legally entitled to enter without any restrictions.

    2. SDiD may monitor the proper contractual use of SaaS by adopting suitable technical measures in compliance with data protection law and enforcing them if necessary, for instance by restricting access or blocking access or deleting content entered by the customer that infringes applicable law or these GTC. SDiD also reserves the right to change the access details of customers or Authorized Users for reasons pertaining to security; in such cases, SDiD will promptly inform the customer of this fact.

    3. The customer shall communicate any defect of SaaS to SDiD immediately upon appearance. SDiD shall remedy any duly notified defects appearing in SaaS within a reasonable period of time.

    4. Breaches of cooperation obligations can lead to extra expenses for SDiD. The customer must repay these extra expenses except the customer is not responsible for the extra expenses.

  7. Service Level

    1. SDiD implements economically reasonable measures to reduce downtimes of SaaS to a minimum. However, as any technical system, there can be downtimes due to software bugs, maintenance, upgrades etc. The customer is responsible for the implementation of measures to ensure that temporary downtime does not affect its business operations.

    2. If SDiD plans to decommission SaaS in part or in whole at other times, SDiD must announce such plan three business days before the planned decommissioning. The customer may only object to this decommissioning if there is good cause, and this objection must be submitted without undue delay. If possible, SDiD will name a replacement time unless the decommissioning cannot be postponed.

    3. SDiD intends to use state-of-the-art technology and shall be entitled to regularly carry out or introduce updates, new versions or upgrades of the software in order to adapt SaaS to new technical or commercial requirements, to implement new features, or to make changes to existing features in order to improve SaaS.

    4. SDiD reserves the right to change, amend or extend the content or structure of information provided on its website as well as the corresponding user interfaces, provided that the provision of the Service is not considerably affected as a result.

  8. Liability and Damages

    1. SDiD assumes unlimited liability for willful intent and gross negligence on the part of SDiD, its agents and legal representatives; SDiD only accepts liability for simple negligence in the event of breaches concerning cardinal contractual duties.

    2. Liability for breaches of cardinal contractual duties is restricted to the damages which are typical for this type of contract and which SDiD should have been able to anticipate when establishing the contract based on the circumstances known at that time.

    3. The no-fault based liability pursuant to Section 536 a Paragraph (1) BGB for defects in the software existing at the time of contracting shall be excluded, unless the defect relates to a feature of the software essential for the Service.

    4. SDiD is only liable for the loss of data according to the above paragraphs if the customer could not have prevented this loss by adopting suitable data backup measures.

    5. The present limitations of liability do not apply if explicit guarantees have been made, for claims due to a lack of warranted qualities or for damages due to injury of life, body or health. Liability according to the product liability law also remains unaffected.

    6. SDiD accepts no liability for breakdowns of the cloud.

    7. The customer is obliged to immediately notify any damage pursuant to the above liability provisions to SDiD in text form or to have such damage documented by SDiD, so that SDiD has a chance to mitigate the damage together with the customer.

    8. The customer indemnifies and holds SDiD harmless from all claims by third parties (in particular from claims arising out of breach of copyright, competition, trademark or data protection law) that are asserted against SDiD in connection with the customer’s use of SaaS insofar as such claims do not result from willful or grossly negligent behaviour of SDiD or its legal representatives or agents (gesetzliche Vertreter oder Erfüllungsgehilfen). This indemnification obligation comprises the reimbursement for appropriate costs that SDiD incurred in the course of asserting or defending its legal rights in this context.

    9. This liability arrangement shall also apply in favor of legal representatives and agents of SDiD if claims are asserted directly against them.

  9. Limitation of Claims

    1. Claims of the customer based on the breach of any duty not consisting of a defect become time-barred, except in the event of intention or gross negligence, within one year from beginning of the limitation period. This shall not apply if the damage in question incurred by the customer consists in personal injury. Claims for personal injury become statute-barred within the statutory limitation period.

    2. Any rescission of contract or reduction of payments shall be invalid if the claim to performance or subsequent performance of the customer has become time-barred.

  10. Remuneration and payment conditions

    1. The customer shall pay SDiD the annual subscription fee as specified in the offer.

    2. When registering the Company Account, the customer pre-authorizes the payment of subscription fees, which are collected by SDiD after the contract has been concluded upon the start and renewal of the subscription.

    3. The subscription fee is payable online via credit card or paypal. The payment method chosen by the customer for the first subscription fee payment when registering the Company Account will be saved for subsequent payments of subscription fees.

    4. All prices listed are net of VAT, if applicable.

    5. SDiD's claim for remuneration shall be independent of whether the customer actually makes use of SaaS.

  11. Duration, Termination and Cancellation of Service

    1. Unless agreed otherwise in the offer, the contract shall run for at least 12 months from the registration of the Company Account onwards and is automatically renewed for 12 further months respectively, unless either party gives notice of termination to the respective other party at least 3 months prior to the end of the term.

    2. The right to extraordinary termination for good cause remains unaffected. Good cause for SDiD includes, inter alia, any breach of the customer’s obligations according to Sections 4.3, 6.1 or 10.

    3. Terminations shall be declared in in writing.
  12. Data Protection and Data Security

    1. The customer is aware of the general risk that transmitted data may be intercepted during transmission. This applies not only to the exchange of information via e-mails that leave the system, but also to all other data transmission. For this reason, the confidentiality of data transmitted when using SaaS cannot be guaranteed.

    2. The customer is obliged to comply with applicable data protection laws with respect to the personal data of third parties, such as other users of SaaS, which the customer may obtain when using SaaS. The customer will only use this data for contractual communication or for communication prior to entering into a contract. The customer will instruct all its executive bodies, employees, representatives, Authorized Users and agents accordingly.

    3. The customer agrees that SDiD may freely use, exploit and further develop all non-personal data and feedback provided by the customer for the purpose of demand-oriented design, marketing, further development, optimization and the provision of SaaS. This consent may be revoked at any time.

  13. Changes to these GTC

    1. SDiD reserves the right to change or amend these GTC in whole or in part with future effect for the following reasons: legal or regulatory reasons, security reasons, to further develop or optimize existing qualities of SDiD’s services and to add additional qualities, to adapt to technical progress and make technical adjustments, or in order to guarantee the future functionality of the Service provided by SDiD or to introduce fees. SDiD will inform the customer of any changes, communicating the specific content of the modified provisions with sufficient advance notice at least two weeks before the planned entry into force of the changes. The changes are deemed accepted by the customer if the customer does not object to them within two weeks upon receipt of the notification. In the change notification, SDiD will separately inform the customer concerning the right of objection and the above-mentioned legal consequences of remaining silent.

  14. Final provisions

    1. The customer shall only have a right to set-off, reduction and/or retention against SDiD if its counterclaim has been legally established, undisputed or acknowledged by SDiD. Furthermore, the customer may only exercise a right of retention if the counterclaim is based on the same contractual relationship. The customer's right to reclaim remuneration not actually owed shall remain unaffected by the limitation of this Section.

    2. All declarations concerning and amendments to the contract including this form requirement must be submitted in text form (e.g. e-mail). This also applies to amendments of this clause.

    3. The contract shall be governed by the laws of the Federal Republic of Germany.

    4. For any dispute arising out of or in connection with the contract Berlin shall be the place of fulfilment and exclusive place of jurisdiction. However, SDiD is entitled to bring legal action at the registered seat of the customer. In case the registered seat is outside the European Economic Area all disputes arising out of or in connection with the contract shall be finally settled in accordance with the Arbitration Rules of the German Arbitration Institute (DIS) without recourse to the ordinary courts of law. The arbitral tribunal shall be comprised of a sole arbitrator. The seat of the arbitration is Berlin, Germany and the language of the arbitration shall be English. The rules of law applicable to the merits shall be German.

*****