Terms and conditions

Date: 12.11.2025

XOVI GmbH, Hohenzollernring 72, 50672 Cologne, Germany – part of the WebPros group of companies. Registergericht: Köln, HRB 71611 · USt‑ID: DE 276 085 008

1. INTRODUCTION

These Terms of Service (“Terms”) set forth the terms and conditions that apply to your use of certain WebPros software, subscriptions or Services (collectively the “Services”) as defined in these Terms and its annexes. Please review these Terms carefully: they are a legal and binding agreement between you and the Vendors (as defined below). By (a) creating an account in the Services; (b) placing an order through the Services or the associated online store; or (c) using the Services in any other manner, you agree to these Terms. You cannot use the Services if you do not agree to these Terms.

Certain Services may give you a central point of access to other Webpros and third-party services and systems to license, use, support and maintain your software products and related services. The features of the specific Service are described on their relevant websites and within the annexes hereto. The Service features may be changed by Provider (as defined below) or Vendor at any time upon written notice. The Provider has no obligation to introduce any updates, enhancements, modifications, revisions, or additions to the Services. Certain aspects of the Services may be in “Beta.” If so indicated, the provisions of these Terms governing Beta items also apply. If you purchase third-party products offered through the Services, you may be required to review and agree to additional third-party terms and conditions. Purchasing those products indicates your acceptance of those terms and conditions.

2. CONTRACTING PARTIES

Services may be in the ownership of different members of the WebPros group of companies, each of which is specifically defined in the corresponding Service Annexes to these Terms. When licensing their individual Service to you directly, they are referred to as the “Vendor” of that particular Service. Where Vendor Services are licensed to you via a platform, operated by WebPros International GmbH, Vordergasse 59, 8200 Schaffhausen (“we” or the “Provider”) acts as the licensor of its own or reseller of other included WebPros Services. Where provisions of these Terms apply to both, the Vendors and the Provider, they are also collectively referred to as “WebPros”.

3. WHAT THE SERVICES PROVIDE

WebPros offers a variety of Services and websites, the use of which is governed by these Terms and as specified by the corresponding Service Annex(es) attached hereto. In the event of managed Services provisioned to you via the WebPros Cloud, such Services may include both, use rights for certain WebPros software functionalities as a service and (depending on the Service ordered) the associated hosting infrastructure for such Service. Furthermore, the Services may also provide a method by which you may access different Services and features using a single set of credentials / single sign on (“SSO”). This may require a centralization and combination of different available data sources into one shared system. If you do not agree to a combination of available data for your use of the Services, you should NOT register for any of the Services.

4. LICENSE TO USE

a) Subject to your full and ongoing compliance with these Terms, including, without limitation, payment of all applicable fees for any licensed products or Services, Provider hereby grants to you, and you accept, a personal, limited, nonexclusive, nontransferable, non-assignable, revocable license to use the Services during the Term, only as authorized in these Terms.

b) Use of certain software applications, integrated into the Services may additionally be governed by the underlying products’ end user license agreements (EULAs), in their then-current version (e.g. Plesk, cPanel). The same applies to any third-party products or licenses, potentially provided to you via the Services. Any use of these products or licenses is subject to your prior acceptance of the respective underlying product EULA.

c) The Services are directed adults only. If you are below the legal age in your jurisdiction, the WebPros Services are not available to you. The majority of WebPros Services as well as these Terms are further directed to businesses only. Certain Services may however allow consumers to purchase own subscriptions, directly. In these cases, these Terms, together with the special terms for consumer customers as well as the respective servicespecific terms included in the Service Annexes hereto, apply.

5. YOUR OBLIGATIONS AND CONDUCT

a) You agree to be solely responsible for: (i) any passwords used in the Services and their security, and (ii) the provision of true, accurate, current and complete information when registering for the Services. Accordingly, if you provide any information that is false, inaccurate, out of date or incomplete, or if WebPros has reasonable grounds to suspect that such information is false, inaccurate, not current or incomplete, Webpros may suspend or terminate your account and refuse any and all current or future use of, or access to, the Services (or any portion thereof).

WebPros is not liable for any unauthorized use of your Services account or any third-party services associated with it and you accept all risks of unauthorized access to such information based on grounds, not attributable to Webpros (e.g., your disclosure / loss of your login credentials).

You will not use available SSO features (if any) of the Services to provide services to third parties.

Furthermore, Webpros shall have the right to delete abandoned free accounts or access to free Services after a reasonable timeframe of inactivity.

b) The use of the Services as well as the creation, modification or termination of any product licenses through the Services may have a direct commercial effect on a Vendor’s or Provider’s license invoice to you. This is why you will bear any financial liability as a result of any Service use, licensing or service transaction, initiated within your account in the Services.

c) You agree not to use the Services for any illegal, destructive or fraudulent purposes. Any use of the Services for purposes other than the ones described in the corresponding Service Annex hereto is forbidden and unlicensed. You undertake not to take any action that would impose an excessive or unreasonable burden on the Service infrastructure, the websites or the Webpros systems or networks, or any other system or network connected to the Services. You undertake not to use any device, software or sub-program to interfere or try to interfere in the proper operation of the Services or any transaction conducted on the site and on the Services or the use of the Services by any other person.

d) In the event the Services allow you to enter, manage, maintain or change data of others (e.g., your team members or customers), your use and processing of any form of personal information belonging to these persons may be restricted by privacy laws and you reaffirm that you have all required consents and authorizations by the affected data subjects for such processing. WebPros is not responsible and disclaims any liability for breaches of privacy laws by your use of the data you provide within the Services. Furthermore, some systems or Service features may mandatorily require your acceptance of the WebPros Data Processing Agreement to allow WebPros to process the related data within the Services for such purpose. The WebPros DPA is attached to these Terms as Annex 2 and is made an integral part of these Terms in the event and for as long as you utilize a WebPros Service which involves the processing of personal data.

e) You agree that you will not misuse the Services. Any use which violates these Terms, the WebPros Privacy Policy, additional conditions or applicable laws and regulations constitutes “misuse”. In such a case, WebPros may, at its own option and discretion, deny or terminate access to the Services without prior notice or justification requirement. While using the Services, you will not do any of the following: (i) send unauthorized commercial communications (such as spam) via the Services or otherwise; (ii) collect content or information from customers by automated means without express authorization by customers; (iii) upload, host, send or distribute viruses or other harmful code; (iv) bully, threaten or harass others; (v) post, send or transmit any content that is illegal, hateful, obscene, threatening, violent, abusive, defamatory, infringing of intellectual property rights, invasive of privacy, or containing graphic or gratuitous violence, or otherwise objectionable to others third parties; (vi) harass, threaten, embarrass or inconvenience any other person or entity, or impersonate any other person or entity, or otherwise prevent any person from using or benefiting from the Services; (vii) take any action that imposes a disproportionately large usage load on the Services, unless expressly authorized in advance by WebPros in writing; (viii) publish, post or transmit misleading content; (ix) transmit any information or content that you are not authorized to provide under any applicable law or under any contractual or fiduciary relationship, or that otherwise interferes with or infringes the rights of any third party; (x) encourage or promote participation in or distribution of content, pyramid schemes, surveys, chain letters, spam, or unsolicited email; (xi) publish, post or transmit hyperlinks to other websites that violate these Terms; (xii) facilitate or encourage violations of these Terms; (xiii) interfere with, disrupt, damage or create an undue burden on the Services or the networks or services connected to the Services; (xiv) commit or contribute to any criminal offense or tortious act; (xv) solicit or post personally identifiable information of others, or knowingly collect information from minors; (xvi) solicit login credentials or access another party’s account; (xvii) attempt to impersonate any person or entity, including but not limited to a WebPros employee, in order to falsely state or otherwise misrepresent affiliation with a person or entity; (xviii) provide false personal Information or create an account for another person without authorization; (xix) engage in the sale or other transfer of your account without WebPros’ prior written permission.

6. OUR OBLIGATIONS

a) Subject to your compliance with these Terms at all times during your use of the Services, WebPros grants you access to certain Services via your access credentials and/or in accordance with the type of your subscription. If a fee is required to access certain features of the Services, your access to those features is conditioned upon full payment of the fee set out during the subscription process.

b) WebPros’ sole and exclusive obligation shall be to provide you with reasonable access to Services you are eligible for.

c) Technical support for the Services will be provided to you directly by either the Vendor or the Provider, as the case may be. As a registered account holder, you will be eligible of submitting support requests to WebPros relating to availability and functionality of the Services in general. Product-related requests for technical support will have to be submitted to the respective product Vendor, directly, and will be subject to their individual support policies.

d) If SSO features are included in the Services you use, these SSO features provide connectors, configured by you, that interact with other WebPros services (Core Products, Support Systems, Monitoring, Testing platforms etc.) or third-party applications. You acknowledge and agree that WebPros is not responsible for any changes to, functionality of, or defect with, any third-party applications and that interoperability with the SSO features of the Services can be broken temporarily or permanently at any time.

e) WebPros disclaims any responsibility or liability with respect to the data entered/stored by you when utilizing the Services. Accordingly, WebPros under no circumstances assumes responsibility for any output of the Services, such as designed websites and their content, databases, analytical data, Social Media posts, page rank data or servers. Although WebPros expressly prohibits the uploading of data that is illegal, hateful, obscene, threatening, violent, abusive, defamatory, infringing of intellectual property rights, invasive of privacy, contains graphic or gratuitous violence, or is otherwise objectionable to third parties, such content will not be screened. You hereby accept that you may be exposed to such content and use the Services at your own risk. WebPros reserves the right, but is not obligated, to remove any content that is deemed to be in violation of these Terms or applicable laws without notifying you. You understand and agree that WebPros assumes no liability for any risk, damage, injury, penalty or loss that may result from content submitted to or distributed via the Services or removed by WebPros on subjectively reasonable grounds.

7. FEES AND PAYMENTS

a) Depending on the Service, payments will be processed either via the individual Vendor, its third-party processors (if applicable) or the Provider. Whenever a commercial transaction is initiated by you through or for the Services, you will either be forwarded to the online store or licensing system of the respective Vendor, directly or to a payment provider as the chosen merchant of record (e.g. Stripe, Cleverbridge) for the corresponding purchase. By initiating a purchase via one of WebPros’ payment providers, you agree to be additionally bound by such payment provider’s terms of service. WebPros disclaims any liability or responsibility for the performance of the payment transactions via a payment provider. WebPros is specifically not liable for loss or damage from errant or invalid transactions processed via a payment provider. This includes transactions that were not processed due to a network communication error, or any other reason. See any of the product specific Annexes hereto for more information.

b) If you are already in a contractual relationship (an “Existing Agreement”, such as a Partnership or Partner NOC Agreement) with a Vendor, relating transactions initiated by you via the Services may be processed under the terms and conditions of the Existing Agreement, automatically and will be charged to you in accordance to the agreed then-actual pricing. In the absence of an Existing Agreement, all transactions initiated by you via the Services will be charged to you under retail conditions via the respective WebPros online store or payment provider as further defined in the corresponding product-specific Annex hereto.

c) WebPros may add, remove or modify Services or functionalities thereof at any time and without notice. In addition, WebPros may amend these Terms and the product pricing at any time, as set out herein, by providing 30 days prior written notice of such a change. If you do not agree with such a change, you must terminate and cease using the impacted Service prior to the thirty day period. Service subscriptions, pre-paid for a specific period of time will be affected by the amended terms upon their respective renewal dates. Upon termination, your obligation to pay for the terminated Service will cease upon the next renewal date. For price increases of long-term subscriptions, you may be eligible for a pro-rata refund of fees pre-paid up to the effective date of your termination. Your continued use of the product or Service after the 30 days period indicates your acceptance of changes to subscription terms or pricing. Fees for product licenses under the terms of your Existing Agreement with an individual Vendor may differ from fees for Services hereunder, even if such Services include or incorporate functionalities of such products as a service (SaaS). Unless the Existing Agreement defines fees for the Services governed by these Terms, the Service fees communicated by Webpros for the Services on the respective Service websites shall apply.

d) Subject to special provisions contained in Annex 1 for consumer purchases within the Services, all fees and charges as a result of any commercial transaction initiated via the Services shall be payable net cash without deductions for taxes, assessments, fees, or charges of any kind. You are responsible for paying all sales, use, excise, value-added, withholding or other tax or governmental charges imposed on the licensing or use of the Services. In the event withholding taxes apply to any payment from you to WebPros, you agree that either Webpros may automatically increase the original license or Service pricing by the amount of such taxes and you will remit such taxes to your respective authority at your place of business, with the effect that after deduction of such taxes, the Vendor will receive the original fee owed. In case an Existing Agreement exists, all transactions initiated by you will be subject to the payment and fees provisions of your Existing Agreement. If you do not have an Existing Agreement with either Vendor, the pricing and term provisions will be those set out herein or within the Service itself.

e) If WebPros licenses a third-party software or service to you, WebPros acts as an authorized reseller (or sub-licensor) of such third-party software or service. Any financial obligation concerning such third-party software or service, beyond the designated license fees, shall be in your sole and exclusive responsibility.

f) Recurring fees for ongoing Services will be charged by the Provider or the respective Vendor, if applicable, or their respective payment providers directly in their invoices to you. You hereby acknowledge and agree that if you are entering into commercial relationships with Provider and different Vendors for the Services you use, you may either receive one invoice per Vendor or a consolidated invoice by Provider for each license/service term in WebPros’ sole discretion.

g) Unless set forth to the contrary in an Existing Agreement or invoice, all invoices are due immediately upon purchase and payable within fourteen (14) days from the date of WebPros’ invoice (“Invoice Date”). Should you dispute any invoice, you must provide written notice of the dispute to Webpros within 7 days after the invoice was transmitted to you, specifically stating the reasons for your dispute. Should WebPros agree with your dispute and in WebPros’ sole and exclusive discretion, the amount determined by Webpros to be invoiced in error shall be applied as a credit to the next full invoice or paid back to you, directly using the payment method used for the original purchase. Should WebPros reject the dispute, it shall notify you in writing. All determinations by WebPros shall be final.

h) All payments shall be made in the invoiced currency. If payment in full is not received by Webpros per the terms of the invoice, you will be assessed annual (pro-rated) interest at the rate of five percent (or the maximum rate permitted by law) until the invoice is paid in full. In the event your account has to be referred to a collection agency or a law office, you shall also pay all costs incurred by the Vendor for actions taken by such collection agency or law office.

8. TERM / TERMINATION

a) Upon your successful registration for a Services account, these Terms will govern your use of the Services for as long as you make use of it. Subscriptions established under the Services account may have different durations. The subscription term begins on the effective date and ends on the same day of the month in which the selected subscription term expires. If the month in which the subscription term expires does not have the date corresponding to the effective date, the subscription term ends on the last day of that month. In the case of chargeable subscriptions that can be booked directly within the Services, the contract term for these subscriptions begins immediately upon completion of the corresponding transaction by clicking the order button for the agreed and chosen term (annual or monthly). The subscription term is hence automatically extended at the end of the then-current subscription term by the previously selected term. Different terms may apply for EU Consumers as set out in Annex 1 hereto.

b) You may stop using the Services, as well as the applicability of these Terms, by permanently deleting your Services account in your account preferences or stop the Service via the merchant of record you originally purchased from. The Services account will provide an option to terminate Services via a cancellation link. For the avoidance of doubt and for clarity, the termination of a WebPros account as a management account for different Services does not have any effect on existing licenses, subscriptions or services, previously obtained from the respective Vendor through the account. If you no longer wish to use a Service or subscription, you can indicate this in your Service account settings. In this case, you can still use the terminated Service until the end of the current subscription period. You will not receive a refund for pre-paid terms, unless WebPros decides otherwise in its sole discretion or if required by law.

c) If you cease using the WebPros account as an administration interface between you and Vendor(s), existing licenses and service subscriptions can only be modified or terminated directly with the respective Vendor(s).

d) Both you, or Provider, may at any time terminate your access to the Services and/or delete your Services account for cause if the other party fails to perform any material obligation imposed by these Terms or otherwise breaches any material provision of these Terms. Failure to pay fees of any type to a Vendor or Provider shall be a material breach of these Terms. Any such termination of your access or account will also terminate your eligibility for the receipt of free and paid services, subscribed to in the Services (e.g. Monitoring etc.).

e) Upon termination of a Service or Service account, you will not have access to such Services, including SSO features (if any), any longer. Accordingly, any information and data provided by you for the creation of your Service account will be deleted permanently by Provider. Your pre-Existing Agreement with a Vendor will not be affected by a termination of your Services account.

9. CONFIDENTIALITY OF INFORMATION / INTELLECTUAL PROPERTY RIGHTS

a) In the course of performing their obligations pursuant to these Terms, both you, Provider as well as a Vendor (as the case may be, each a “Receiving Party”) will be furnished with, receive, and otherwise have access to information concerning you, Provider or Vendor (as the case may be, each a “Disclosing Party”) or proprietary information belonging to the Disclosing Party, which information the Disclosing Party considers to be confidential. For the purposes of these Terms, “Confidential Information” shall include, but not be limited to, structural information about the architecture of products and any information relating thereto; all information relating to the party’s business, including, without limitation, financial, marketing, and customer information, and any other information that would be considered a trade secret during the applicability of these Terms and for a period of five years following their termination or expiration.

All Confidential Information shall be the property of the Disclosing Party. The Receiving Party shall: (I) hold all Confidential Information in strict confidence and refrain from disclosing Confidential Information to third parties, except as expressly authorized by these Terms; (II) use Confidential Information solely and exclusively for the purposes of fulfilling its obligations under these Terms, and only as expressly authorized by these Terms; and (III) accord Confidential Information at least the same level of protection against unauthorized use or disclosure that the Receiving Party customarily accords to its own confidential, proprietary, or trade secret information of a like nature, but in no event less than a reasonable level of protection. Upon termination of your access to the Services for any reason, or upon the request of the Disclosing Party, the Receiving Party shall either return to the Disclosing Party or destroy, at the sole option of the Disclosing Party, all Confidential Information.

b) In furtherance of the foregoing, both Parties may in the course of their respective responsibilities under these Terms either provide or be furnished with or have access to information which may qualify as “personal data” in some or all jurisdictions. Each party agrees and acknowledges that the other may collect, use and or process such personal data in performing its contractual duties and for general administrational purposes and may also disclose the personal data to third parties in its country of residence and abroad to the extent required by these Terms or if required for the performance of its obligations under these Terms, however always in accordance with the provisions of the applicable data protection laws in effect. By implementing and maintaining sufficient technical and organizational measures as requested by applicable data protection laws, either party makes sure that the other party’s personal data is kept in strictest confidence and protected sufficiently against disclosure, loss or destruction.

Any personal data provided by you to Provider in the course of setting up and maintaining your account to the Services will be processed by Provider in accordance with its then current privacy policy, available at www.WebPros.com. As set forth in section 3 above, the use, processing and combination of different data sources available from a Vendor is one of the core functionalities of some Services, which is why the lawfulness of processing of such data results from Article 6, subsection 1(b) of the GDPR. Additionally, and for the sake of clarity, your express consent for these processing activities is furthermore required when setting up your Services account.

c) The Provider does not sell your information to third parties for any commercial or non-commercial interest (a traditional “sale”). However, the term “sale” may in some jurisdictions also comprise providing data to third parties to process payment for services, and, if chosen by you, the provision of your personal information to entities whose products the Provider resells. If you opt out of the sale of your information by contacting the Provider (via [email protected] for the USA or [email protected] for all other geographies) or clicking the link within the Services and opting-out of the sale of your information, the Provider may be unable to provide services to you if your request not to sell information includes a prohibition on processing payments for the products you purchase in your jurisdiction.

d) You acknowledge that the Services as well as the products, services, documentation and other materials available through it (collectively the “Products”) are protected under copyright law and other laws protecting intellectual property rights. You further acknowledge the exclusive rights of the respective Vendor in and to its Products and acknowledge that the Vendor retains sole title to and ownership of such Products, and any copies thereof made by you. Nothing in these Terms or the conduct of the Parties shall give you any ownership interest in the Products, except for a limited right to use the same in accordance with these Terms and the Vendor agreements referenced in these Terms. You shall not represent, in any manner, that you have an ownership interest in the Products or cause any third party to commit any act challenging, contesting, or in any way impairing or attempting to impair the rights of the Vendor in the Products provided to you.

e) Certain Services also offer AI (Artificial Intelligence) functionalities to create, automate and manage the Service results. In the event you make use of an AI-based functionality within the Services, any intellectual property in the Service result so created vests in you. However, you acknowledge that AI-generated results may not be unique at all times and that any input into AI-based functionalities may be used by the AI to improve its deliverables. Accordingly, you confirm not to use proprietary information or data of others in AI-based functionalities. WebPros disclaims any responsibility or liability for AI-generated Service results. You are responsible for the results so created and their compliance with applicable laws. Before using AI-generated Service results, you will check that these will not (i) violate any applicable laws; (ii) violate these Terms of Service; or (iii) infringe, violate, or misappropriate any rights of a third party.

10. INDEMNITY

You hereby agree to indemnify and hold harmless Provider as well as Vendor, their subsidiaries and affiliates, and each of their respective directors, officers, employees and agents (collectively the “Indemnified Parties”), against any and all claims, actions, demands, liabilities, losses, damages, judgments, settlements, costs, and expenses, including, without limitation, reasonable attorneys’ fees (any or all of the foregoing hereinafter referred to as “Loss” or “Losses”), insofar as such Losses or actions in respect thereof arise out of or are based on (i) any breach of any representation or warranty made by you hereunder, (ii) any breach of any covenant or agreement made by you herein, or any failure by you to perform the obligations imposed by these Terms; (iii) any other Loss suffered by any of the Indemnified Parties arising from or relating to your conduct with respect to your use of the Services; or (iv) your violation of any rights of another person or entity, including, but not limited to, third-party intellectual property rights or moral rights as well as life or health of individuals.

These indemnification obligations are in addition to any indemnification requirements set forth in the Existing Agreements between you and the Vendor referenced in these Terms.

11. MODIFICATION OF TERMS AND SERVICES

Provider may make changes to these Terms or other matters concerning the Services by displaying notices or links to notices to you in your Services account or by providing you with a change notice. It is your responsibility to periodically check these Terms and your account for changes. At any time, Provider reserves the right to modify or discontinue, temporarily or permanently, any of the Services offered (or any part thereof) with or without notice. Provider may make changes to the Services and a Vendor may make changes to their on-line store(s), including regarding products, services, programs, and prices, at any time without notice. Provider may, in its sole discretion, terminate your password or your use of any Services for any reason, including, without limitation, for lack of use or if Provider believes that you have violated or acted inconsistently with these Terms. Any termination of your access to the Services may occur without prior notice, and Provider may immediately de-activate or delete your account and all related information and files in your account and/or bar any further access to such files or the services. Provider will not be liable to you or any third-party for any termination, modification, or suspension of your access to the Services. However, in such case, Provider will have the right to entirely delete your account data (including personal information) after a reasonable timeframe and in accordance with the applicable privacy laws.

12. ADVERTISEMENTS, PROMOTIONS AND USAGE DATA

Provider may use the data you provide and which is generated by you within the Services or your usage behavior to provide you with tailored offerings or recommendations related to WebPros products, extensions, content, functionalities or best practices, which may be of interest for you (an “Offering”). A limited number of Services cookies, selected third-party services as well as up-to-date profile/account information help Provider choosing only relevant recommendations, which is why you are asked to periodically check the data you provide using the Services for accuracy. Whereas some of the data you provide is necessarily required for setting up your account, you will always have the possibility to provide additional data to further personalize recommendations and Offerings. It is your responsibility to determine the fitness of any third party with whom you transact as a result of any Offering. You may, at any time, opt out of the receipt of such Offerings by clicking the unsubscribe option in any communication received. No costs will be incurred other than those based on the standard rates for data transmission. However, updates and change notifications related to the Services in use by you will still be sent to you as part of the license relationship between you and the Provider.

In the event such Offerings involve services or products of third parties available from a Vendor via the Services, any correspondence or business dealings with, or participation in promotions of, advertisers other than a Vendor found on or through the Services, including direct payment and delivery of related goods or services, and any other terms, conditions, warranties or representations associated with such Offerings, are solely between you and such advertisers. Neither Provider, nor a Vendor, is responsible or liable for any loss or damage of any sort incurred as the result of any such Offerings or as the result of the presence of advertisers as being part of the Services.

During your use of the Services, the Provider may collect, store and use usage data in order to facilitate the provision of the Services, to monitor and secure compliance with any usage limitations, and for maintenance, support, account management, and billing purposes. The Provider may utilize usage data to enhance the Services and Platform and improve your utilization of the Services. Usage data is aggregated and / or anonymized data which cannot be used to identify you.

13. LINKS

Within the Services or websites you may be provided with links to other Internet sites or resources (such as thirdparty vendors, etc.). Because Provider has no control over such sites and resources, you acknowledge and agree that Provider is not responsible for the availability of such external sites or resources, and does not endorse and is not responsible or liable for any content, advertising, products, or other materials on or available from such sites or resources. Provider is not responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such third-party content, goods, websites or services available on or through any such site or resource. Provider is providing these links to you only as a convenience, and the inclusion of any link to such sites does not imply endorsement by Provider of those sites.

14. REPRESENTATIONS AND WARRANTIES

a) Provider warrants that it has the right to provide you with access to the Services as well as to connect the Services to the associated Vendor systems, products and services. Furthermore, Provider warrants that the Services substantially function in accordance with their respective feature description or documentation for a period of at least 90 days from the license / subscription start date. Except for the warranties set out in the prior sentence, the Services are provided to you ‘as is’ and ‘as available’ and all other warranties, express or implied, included, but not limited to any implied warranties of merchantability or fitness for a particular purpose, title, quiet enjoyment, non-infringement or any implied warranties arising from course of dealing, course of performance or usage of trade are disclaimed. Provider makes no representations, warranties, conditions or guarantees as to the quality, suitability, truth, accuracy or completeness of any of the content contained in the Services or any product or service that the Services connect to.

b) You warrant to Provider that you: (a) have the full right, power and authority to enter into these Terms on behalf of yourself or the legal entity you are acting for and to undertake to perform the acts required of you hereunder; (b) the execution of these Terms by you, and the performance by you of your obligations and duties to the extent set forth in these Terms, do not and will not violate any agreement to which you are a party or by which you are otherwise bound; (c) when accepted (see section 1) or executed and delivered by you, these Terms and the applicable Annexes hereto will constitute a legal, valid and binding obligation on you, enforceable against you in accordance with the representations, warranties, terms and conditions; and (d) you will comply with all applicable laws related to the use and installation of the Services and the performance of your obligations under these Terms.

c) Provider furthermore makes no warranty or condition that: (i) the products or services will meet your requirements, (ii) the Services will be uninterrupted, timely, secure, or error-free, (iii) the results that may be obtained from the use of the Services and its services will be accurate or reliable, (iv) the quality of any products, software, services, information, or other material obtained by you through the Services will meet your expectations, or (v) any errors in any software or Services will be corrected.

d) Your use of the Services is at your sole risk. The Services as well as content provided therein are provided “with all faults”. Any material downloaded or otherwise obtained through the use of the Services occurs at your own discretion and risk and you are solely responsible for any damage to your computer system, loss of data or infringement that results from the download of any such material, including any damages resulting from computer viruses.

e) No advice or information, whether oral or written, obtained by you through the Services will create any warranty or condition not expressly stated in these terms.

15. LIMITATION OF LIABILITY

a) Notwithstanding the warranty provisions set forth in these Terms, all of the obligations of Provider regarding warranties shall be contingent on your use of the Services in accordance with these Terms, as these Terms may be amended, supplemented, or modified by Provider from time-to-time. Provider shall have no warranty obligations regarding any failures of the Services, which are the result of accident, abuse, misapplication, extreme power surge or extreme electromagnetic field.

b) TO THE EXTENT PERMITTED BY THE APPLICABLE LAWS, YOU ACKNOWLEDGE AND AGREE THAT GRANTING YOU WITH ACCESS TO THE SERVICES DOES NOT INCLUDE ANY RESPONSIBILITY OR LIABILITY OF PROVIDER OR THE ASSUMPTION BY PROVIDER OF THE RISK OF YOUR OR ANY THIRD PARTY’S INDIRECT, CONSEQUENTIAL OR INCIDENTAL DAMAGES (INCLUDING LOST PROFITS OR LOST DATA) WHICH MAY ARISE IN CONNECTION WITH YOUR USE OF THE SERVICES. ACCORDINGLY, YOU HEREBY AGREE, THAT NEITHER PROVIDER NOR VENDOR SHALL BE RESPONSIBLE FOR ANY INDIRECT, CONSEQUENTIAL, INCIDENTAL, OR SIMILAR DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOSS OF PROFIT, LOST SAVINGS OR LOSS OF REVENUES ARISING FROM YOUR USE OF THE SERVICES, EVEN IF PROVIDER OR VENDOR HAD BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THESE LIMITATIONS OF LIABILITY SHALL APPLY TO ALL CAUSES OF ACTION OR CLAIMS IN THE AGGREGATE. IT IS AGREED THAT PROVIDER’S AND VENDOR’S LIABILITY FOR SLIGHT OR SIMPLE NEGLIGENCE SHALL MUTUALLY BE EXCLUDED, HOWEVER SUBJECT TO THE LIMITATIONS BELOW OR GIVEN BY THE APPLICABLE LAWS. PROVIDER’S OR VENDOR’S LIABILITY IN CONNECTION WITH THESE TERMS AND THE USE OF THE SERVICES FOR ANY DAMAGES RESULTING FROM NEGLIGENCE OR GROSS NEGLIGENCE SHALL BE LIMITED TO THE AMOUNT OF THE TYPICAL AND FORSEEABLE DAMAGE. SUCH LIABILITY HOWEVER, WHETHER IN CONTRACT, IN TORT OR OTHERWISE, WILL NOT EXCEED THE AMOUNT OR EQUIVALENT OF US$ 1,000. THE EXISTENCE OF MULTIPLE CLAIMS WILL NOT EXPAND THIS LIMIT. YOU ACKNOWLEDGE THAT THIS LIMIT REFLECTS THE ALLOCATION OF RISK SET FORTH IN THESE TERMS AND THAT PROVIDER OR VENDOR WOULD NOT HAVE ACCEPTED YOUR REQUEST FOR ACCESS TO THE SERVICES WITHOUT THESE LIMITATIONS ON ITS LIABILITY. LIABILITY PROISIONS FOR CONSUMER TRANSACTIONS MAY DIFFER, SUBJECT TO THE PROVISIONS OF ANNEX 1 HERETO.

c) Provider is finally not liable for the loss of data and/or programs as far as the loss is based on the fact that you have refrained from making sufficient back-up copies and therefore from ensuring that lost data can be restored with reasonable effort.

d) Nothing in these Terms shall be deemed to exclude or limit either party’s liability with respect to (1) injuries to or death of any person, caused by a party or its representatives, auxiliary persons (executive and non-executive staff) and subcontractors; (2) loss and damages caused by willful intent or gross negligence by either party or Its representatives, auxiliary persons (executive and non-executive staff) and subcontractors; (3) any indemnity or guarantee given by either party under these Terms; and (4) any mandatory liability according to the applicable law. In any case, the party’s liability hereunder shall be limited to the minimum required by the applicable law.

16. GENERAL

a) These Terms and your use of the Services shall be governed by the laws of Switzerland and the place of jurisdiction are the applicable courts located in Zürich / Switzerland. The provisions of the U.N. Convention on Contracts for the International Sale of Goods are hereby mutually disclaimed. In the event, certain Services are licensed to you directly by a Vendor, such Vendor, the applicable law, as well as the applicable place of jurisdiction will be defined in the corresponding Service Annex, which provision then prevails over these Terms.

b) All notices, requests, and demands expressly contemplated by or related to these Terms or your use of the Services shall be made in writing and shall be deemed to have been duly given: (I) when hand-delivered to the addressee; (II) when provably transmitted by facsimile or e-mail (both with confirmation of receipt); (III) one business day after being given to an overnight courier with a reliable system for tracking delivery; or (IV) three business days after the day of mailing, when mailed by registered or certified mail, return receipt requested, postage prepaid.

c) All notices to a specific Vendor shall be sent to addresses set forth in the corresponding Service Annex hereto and all notices to you will be sent to the address specified in your Services account. Each party shall promptly notify the other party in writing, as provided in these Terms, of a change of address or designated representative.

d) You agree that you will not, directly or indirectly, use, access, install, sublicense or resell any items provided to you through the Services, access the Services, or otherwise engage in any dealing or transaction, directly or indirectly, with or involving any country or region or any person if such use, access, installation, sublicense or resale of such items would be prohibited for any U.S. or EU citizen by virtue of any applicable law. You shall also ensure that no licensee or other third party, directly or indirectly, engages in any such use, installation, sublicensing or resale or engages in any such dealing or transaction. The foregoing commitments shall apply with respect to, without limitation, any individual or organization on the U.S. Treasury Department’s List of Specially Designated Nationals and Blocked Persons, the Consolidated Screening List, the SECO list or the Consolidated European Sanctions and Embargoes List or deal with any other individual who or organization that is the subject of a U.S. or EU legal measure that provides for sanctions blocking the property.

e) No waiver by you, Provider or a Vendor will be effective unless documented in writing, signed by an authorized representative of the party against which enforcement of the waiver is sought. The failure of either party to insist upon strict performance of any of the terms or provisions of these Terms, or the exercise of any option, right, or remedy contained in it, shall not be construed as a waiver of any future application of such term, provision, option, right, or remedy, and such term, provision, option, right, or remedy shall continue and remain in full force and effect.

f) If a court of competent jurisdiction finds any provision of the Terms to be invalid, the Parties agree that the court should endeavor to give effect to the Parties’ intentions as reflected in the provision, and the other provisions of these Terms remain in full force and effect. Regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to the use of the Services or the Terms must be filed within one year after such claim or cause of action arose or be forever barred. The section titles in the Terms are for convenience only and do not affect the interpretation or construction of these Terms.

g) The Parties shall be independent contractors under these Terms. Nothing in these Terms or in the conduct of the Parties shall be interpreted or construed as creating or establishing any relationship between the Parties other than that of independent contractors.

h) Either party’s non-performance hereunder will be excused, to the extent reasonably necessary, in the event that an act of God, war, civil unrest, fire, explosion, or other force majeure event that occurs without the fault or negligence of the non-performing party prevents timely performance under these Terms, provided that such failure to perform or delay could not have been prevented through the use of reasonable precautions, and such failure to perform or delay cannot reasonably be circumvented by the non-performing party through the use of alternate sources, work-around plans, or other means. The affected party will promptly notify the other party of the circumstances causing its failure to perform or delay. For as long as such circumstances prevail, the party whose performance is delayed or hindered will continue to use all commercially reasonable efforts to commence or resume performance without delay.

i) Contradicting provisions of any applicable Existing Agreement between you and the Provider or a Vendor will prevail over these general Terms.

WebPros Terms of Service – Annex 1 – Not Used

WebPros Terms of Service – Annex 2 – Data Processing Agreement

Between
XOVI GmbH, Hohenzollernring 72, 50672 Cologne / Germany
accordingly (the licensor will hereinafter be referred to as the “Data Processor”), and the customer, entering into a Service relationship on basis of the underlying WebPros Terms of Service (“Customer” or the “Data Controller”)
(each a “Party”, collectively the “Parties” hereto).

By entering into a Service relationship with the Data Processor this Data Processing Agreement (the Agreement”), including all exhibits hereto are made integral parts of the underlying WebPros Terms of Service, being the contractual basis of the commercial relationship.

This Agreement specifies the Parties’ data protection obligations according to Art. 28 General Data Protection Regulation (“GDPR”) in regards to the Processing of personal data by the Data Processor on behalf of the Data Controller, as stipulated or established via the WebPros Terms of Service this DPA is attached to, or any other contractual understanding between the Parties, which involves the processing of personal data on behalf of the Data Controller(collectively the “Base Agreement”). It applies to all activitiesperformedin connection with the Base Agreement in the course of which the Data Processor, or a 3rd party acting on its behalf (the “Sub-Processor”), may come into contact with or process personal data belonging to the Data Controller or its’ customers on behalf of the Data Controller. The applicability of this Agreement is conditioned upon the existence of a data processing activity performed by the Data Processor on behalf of the Data Controller. In the absence of such processing activity, this Agreement will not apply.

This Data Processing Agreement will come into force and effect on the first date, the Customer makes use of a WebPros Service on basis of the Base Agreement (the “Effective Date”) and will be bound to the term of the Base Agreement, unless terminated by either Party giving the other at least 3 months prior written notice of its intention to terminate. This Agreement will terminate automatically at the termination or expiry of the Base Agreement. All Exhibits hereto place integral parts of this Data Processing Agreement upon signature hereof.

§1 Definitions

(1) “Personal Data” Personal Data means any information relating to an identified or identifiable natural person (the “Data Subject”).

(2) “Processing” Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

(3) “Instruction” Instruction means any written instruction, issued by the Data Controller to the Data Processor, and directing the same to perform a specific action with regard to Personal Data (including, but not limited to, de-personalizing, blocking, deletion, making available). Instructions will initially be specified in the Base Agreement and may, from time to time thereafter, be amended, amplified or replaced by Controller in separate written instructions (individual instructions).

(4) “Data Controller” Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

(5) “Data Processor” Data Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

(6) “GDPR” GDPR means the EU General Data Protection Regulation 2016/679.

(7) “EU Standard Contractual Clauses” or “EUSCC” means a set of contractual clauses for data transfers from controllers in the EU to processors established outside the EU or EEA, as issued by the European Commission (Decision C (2021) 3972).

(8) This Agreement applies to the Processing of Personal Data by WebPros on behalf of the Customer in the course of providing Services under the Base Agreement. For the purposes of this Data Processing Agreement:

The Customer may in some cases be considered as a Data Processor for a third-party Data Controller, and WebPros may in such situations be a Sub-Processor to Process Personal Data on the Customer’s behalf. For simplification purposes, WebPros is hereinafter referred to as a Data Processor and the Customer is hereinafter referred to as a Data Controller. Any notifications given by the third -party Data Controller to the Customer will in such cases be conveyed to WebPros insofar as the notifications relate to the Services provided by WebPros. In addition, any instructions given by the Customer to WebPros relating to the Processing of Personal Data should not in such cases contradict or conflict with the instructions given by the third-party Data Controller.

§ 2 Scope and Responsibility

(1) The provisions of this DPA shall apply whenever the Data Processor, in the course of its main contractual services, gains access to personal data (hereinafter referred to as ‘Data’) for which the Data Controller is responsible within the meaning of data protection law. In these cases, the Data Processor processes data on behalf of and in accordance with the instructions of the Data Controller within the meaning of Article 28 GDPR (contract data processing).

The Data Controller remains the controller in the sense of data protection law. The Data Controller is responsible for compliance with all data protection requirements, in particular the GDPR, but also for ensuring that the legal rights of data subjects in connection with personal data are observed.

(2) The data processing by the Data Processor is carried out in the manner, scope and for the purpose specified in Exihibit 1 to this Agreement; the processing concerns the types of personal data and categories of data subjects specified therein. The duration of the processing corresponds to the term of the Base Agreement.

(3) The Data Processor is entitled to anonymise or aggregate the data so that it is no longer possible to draw conclusions about individual data subjects, and to use it in this form for the purposes of designing, developing and optimising it in line with requirements, and for providing the service agreed under the main contract. The Parties agree that data anonymised or aggregated in the manner described above is no longer personal data within the meaning of this contract.

(4) Data processing by the Data Processor shall generally take place within the European Union (EU) or in another country that is a party to the Agreement on the European Economic Area (EEA). Nevertheless, the Data Processor is also permitted to process Data Controller data outside the EEA in compliance with the provisions of this contract, provided that the Data Processor informs the Data Controller in advance of the location of the data processing and the requirements of Articles 44 – 48 GDPR are met or an exception according to Article 49 GDPR applies.

§ 3 Obligations of Processor

(1) The Data Processor will collect, process and use Personal Data only in compliance with and within the scope of the Data Controller’s Instructions or as specified and agreed in the Base Agreement.

(2) Within the Data Processor’s area of responsibility, the Data Processor will structure its internal corporate organization for compliance with the specific requirements of the protection of Personal Data, established by GDPR, local data protection laws or any other applicable privacy and data protection laws and regulations currently in effect (the “Data Protection Laws”). The Data Processor will take the appropriate technical and organizational measures to ensure a level of security appropriate to the risk to the Data Controller’s Personal Data in accordance with the requirements of Article 32 GDPR. The current measures are set forth in Exhibit 2 hereto. Such measures hereunder will include, but not be limited to:

a) the pseudonymization and encryption of personal data where possible;

b) the ability to ensure ongoing confidentiality, integrity, availability and resilience of Processing systems and services (logical, physical access control, transfer control);

c) the ability to restore availability and access to personal data in a timely manner in the event of a physical or technical incident (availability control);

d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the Processing.

Data security measures referred to in this section above will be supported by the use of state-of-the-art encryption technology. An overview of the technical and organizational measures implemented by the Data Processor will be attached to this Agreement as an Exhibit.

(3)Upon the Data Controller’s request, the Data Processor will provide all information concerning the protection of Personal Data within the Data Processor’s organization in the sense of Article 32 of GDPR and will provide reasonable assistance to the Data Controller in order to allow it to comply with its obligations under the Data Protection Laws.

(4) The Data Processor will ensure that any personnel, entrusted with Processing the Data Controller’s Personal Data have undertaken in writing to comply with the principle of data secrecy in accordance with Article 5(f) GDPR and have committed themselves to confidentiality. The undertaking to secrecy will continue after the termination of the above-entitled activities.

(5) The Data Processor will notify the Data Controller of the contact details of the Data Processor’s data protection Officer (if appointed) or the responsible associate, respectively.

(6) The Data Processor will, without undue delay, inform the Data Controller in case of a Personal Data Breach (as defined under Article 4 (12) GDPR and will investigate and provide the Data Controller with sufficient information related to the Personal Data Breach and will ensure reasonable cooperation in order to enable Data Controller to comply with any legal obligation to report the Personal Data Breach and to inform Data Subjects and the supervisory authority within the time frame provided in the Data Protection Laws.

(7) Where applicable, the Data Controller will retain title as to any carrier media provided to the Data Processor as well as any copies or reproductions thereof. The Data Processor will store such media safely and protect them against unauthorized access by third parties. The Data Processor will, upon the Data Controller’s request, provide to the Data Controller all information on the Data Controller’s Personal Data and information. The Data Processor will be obliged to securely delete any test and scrap material, based on an Instruction issued by the Data Controller on a case-by-case basis. Where the Data Controller so decides, the Data Processor will hand over such material to the Data Controller or store it on the Data Controller’s behalf.

§ 4 Obligations of Controller

(1) The Data Controller and Data Processor each will be responsible for conforming with such statutory data protection regulations as are applicable to them.

(2) The Data Controller and Processor will be responsible for fulfilling their duties to inform resulting from Article 33 GDPR.

(3) The Data Controller will, upon termination or expiration of the Base Agreement, and, by way of issuing an Instruction, stipulate, within a period of time set by the Data Controller, the measures to return Personal Data on carrier media or to delete stored Personal Data.

(4) The Data Controller shall be solely responsible for the lawfulness of the processing of the data and for safeguarding the rights of the data subjects in relation to each other. Should third parties assert claims against the Data Processor based on the Processing of data in accordance with this contract, the Data Controller shall indemnify the Data Processor against all such claims upon first request.

(5) It is the Data Controller’s responsibility to provide the Data Processor with the data in timely manner for the provision of services under the main contract and the Data Controller is responsible for the quality of the Data Controller’s data. The Data Controller shall inform the Data Processor immediately and in full if the Data Controller discovers errors or irregularities with regard to data protection provisions or the Data Controller’s instructions when checking the results of the Data Processor’s work.

(6) The Data Controller shall provide the Data Processor, upon request, with the information referred to in Art. 30 (2) GDPR, insofar as it is not already available to the Data Processor.

(7) If the Data Processor is obliged to provide information to a government agency or person regarding the processing of the Data Controller data or to otherwise cooperate with such agencies, Data Controller shall be obliged to assist Data Processor in providing such information or fulfilling such other obligations to cooperate upon first request.

(8) Any additional cost arising in connection with the return or deletion of Personal Data after the termination or expiration of the Base Agreement or arising out of Instructions outside the Base Agreement’s scope shall be borne by the Data Controller.

(9) If applicable, the Data Controller will at all times make sure to have a sufficient legal basis for handing over his own customers’ data to the Data Processor in the event, the processing activities of the Data Processor relate to customers’ data. Such legal basis has to be set forth in writing between the Data Controller and his customer and must be provided to the Data Processor upon request.

§ 5 Enquiries by Data Subjects or Supervisory Authorities

The Data Processor will, without undue delay, inform the Data Controller in case of any request, claim or notice from a Data Subject or any third party and assist and cooperate with Data Controller in order ensure compliance with the Data Protection Laws. Where the Data Controller, based upon GDPR or other applicable data protection law, is obliged to provide information to an individual about the collection, Processing or use of its Personal Data, the Data Processor will assist the Data Controller in making this information available, provided that the Data Controller has instructed Processor in writing to do so.

§ 6 Audit Obligations

The Data Controller may, prior to the commencement of Processing, and in regular intervals thereafter, audit the technical and organizational measures taken by the Data Processor, and will document the resulting findings. For such purpose, the Data Controller will collect voluntary disclosures from the Data Processor. The Data Controller will: (i) ensure that any information request, audit or inspection is undertaken within normal business hours (unless such other time is mandated by a competent data protection regulator) with minimal disruption to Data Processor’s and/or its Sub-Processors’ businesses, and acknowledging that such information request, audit or inspection: (a) will not oblige Data Processor to provide or permit access to information concerning Data Processor’s internal business information or relating to other recipients of services from the Data Processor; and (b) shall be subject to any reasonable policies, procedures or instructions of Data Processor or its Sub-Processors for the purposes of preserving security and confidentiality; and (ii) provide Data Processor at least 30 days’ prior written notice of an information request and/or audit or inspection (unless the competent data protection regulator provides Data Controller with less than 30 days’ notice, in which case Data Controller shall provide Data Processor with as much notice as possible).

If any information request, audit or inspection relates to systems provided by or on the premises of Data Processor’s Sub-Processors, the scope of such information request, audit and/or inspection will be as permitted under the relevant agreement in place between Data Processor and the Sub-Processor.

A maximum of one information request, audit and/or inspection may be requested by Data Controller in any twelve (12) month period unless an additional information request, audit and/or inspection is mandated by a competent data protection regulator in writing.

The Data Processor will cooperate with the Controller in the sense of Art. 28 III h GDPR in the facilitation of any audit or inspection or other work undertaken pursuant to Data Processor’s obligations under this Agreement.

§ 7 Sub-Processors, Subcontractors

(1) The Data Controller generally agrees that the Data Processor may subcontract parts of its contractual obligations hereunder to the Data Processor’s affiliated companies and/or third parties (Sub-Processors) within or outside the EEA. Sub-Processors will only act on the Data Processor’s Instructions when Processing Personal Data and will abide by any applicable data protection laws in effect. The Data Processor agrees and warrants to remain liable to the Data Controller for any acts or omissions of its Sub-Processors related to the subcontracted Processing by them under this Agreement.

(2) Where the Data Processor engages Sub-Processors, the Data Processor will be obliged to pass on the Data Processor’s contractual obligations hereunder as required by the GDPR to such Sub-Processors and will restrict the Sub-Processor’s access to data only to what is necessary to maintain the subcontracted services. Sentence 1 of this paragraph 2 will apply in particular, but will not be limited to, the contractual requirements for confidentiality, data protection and data security stipulated between the parties of the Base Agreement. Furthermore, the Data Processor is responsible for setting-up and maintaining appropriate safeguards between it and the Sub-Processors as stipulated in Article 46 GDPR.

(3) The list of Sub-Processors in Exhibit 3 hereto lists all Sub-Processors that are currently authorized by WebPros entities for specific purposes. Depending on the Service requested, only specific Sub-Processors may be involved in the Processing of certain data. WebPros will periodically update the applicable list of Sub-Processors on its websites. The Data Controller may subscribe to the update service in order to remain informed about any changes to this list. Alternatively, the Data Controller hereby commits to periodically check such website for changes in the list of WebPros Sub-Processors and acknowledges that satisfies its needs in regards to Sub-Processor information by the Data Processor.

If the Data Controller does not approve a newly added Sub-Processor, then without prejudice to any termination rights under the Base Agreement and subject to the applicable terms and conditions, either Party shall have the right to either terminate this Agreement, its Instruction to Process data in writing or reject a specific form of data Processing in writing towards the Data Processor in order to avoid processing by such new SubProcessor

§ 8 International Data Transfers

The Data Controller acknowledges that the Data Processor’s Sub-Processors may maintain data processing operations in countries outside the EEA or in countries without an adequate level of data protection, if it is required for the fulfillment of the Data Controller’s Instructions or the underlying agreement. In such case, the Data Processor warrants that such Processing outside the EEA is protected by appropriate safeguards as requested by article 46 of GDPR. Specifically, the Data Processor will only transfer of Personal Data to entities outside the EEA if such entities are bound by EU Standard Contractual Clauses adopted by the EU Commission, Binding Corporate Rules, the EU/Swiss-US Privacy Framework(s) or such other appropriate safeguard to make sure that the foreign entity will have established an adequate level of data protection within its organization by taking the appropriate technical and organizational measures in accordance to GDPR and local data protection laws in effect.

§ 9 Duties to Inform

Where the Data Controller’s Personal Data becomes subject to search and seizure, an attachment order, confiscation during bankruptcy or insolvency proceedings, or similar events or measures by third parties, public authority or government body, while being Processed, the Data Processor will inform the Data Controller without undue delay. The Data Processor will, without undue delay, notify to all pertinent parties in such action, that any Personal Data affected thereby is in the Data Controller’s sole property and area of responsibility, that Personal Data is at the Data Controller’s sole disposition, and that the Data Controller is the responsible body in the sense of the GDPR and if possible, the Data Processor will not disclose any Personal Data of the Customer to the extent allowed by the applicable laws

§10 Indemnity and Limitation of Liability

(1) Unless expressly stipulated differently in this Agreement, the Base Agreement or the applicable law, the Data Processor is solely liable and responsible for its’ gross negligence and willful misconduct. This limitation of liability also applies to its assigned agents and proxies. In cases of simple negligence, the Data Processor shall only be liable for typical and foreseeable damages, caused by a violation of a cardinal contractual obligation. In this case, however, the Data Processor’s, its affiliates’, officers’, directors’, employees’, agents’, service providers’, suppliers’ or licensors’ liability for indirect damages, business interruption, loss of goodwill or for any type of incidental, special, exemplary, consequential or punitive loss or damages is excluded, regardless of whether such Party has been advised of the possibility of such damages.

(2) Notwithstanding the foregoing, in the event the Data Controller forwards his own customers’ data to the Data Processor for further processing under this Agreement, the Data Controller will indemnify and hold harmless the Data Processor against all claims made by third parties, cost (including legal costs) and fines relating to the legal basis of such data forwarding. In this respect, the Data Controller has the sole and exclusive responsibility of making sure to have sufficient permission by the Data Subject or his customers and a legal basis to forward data to WebPros for processing. WebPros strictly disclaims all associated liability towards Data Subjects or Data Controller customers, respectively.

(3) Notwithstanding anything to the contrary in this Agreement or the Base Agreement, the Data Processor’s aggregate liability to the Data Controller or any 3rd party arising out of this Agreement or any data Processing services performed hereunder, shall in no event exceed to the limitations set forth in the Base Agreement. For the avoidance of doubt, this section shall not be construed as limiting the liability of either party with respect to claims brought by Data Subjects. The Data Controller and the Data Processor act as joint debtors in respect to such claims.

(4) The Data Processor shall be entitled to disclose details of the Data Controller’s instructions and the data Processing carried out for the purpose of exempting itself from liability pursuant to Art. 82 (3) GDPR. The Data Controller shall do everything necessary to enable the Data Processor to release itself from liability to third parties in this context.

§11 General, Choice of Law

(1) No change of or amendment to this Agreement and all of its components, including any commitment issued by the Data Processor, will be valid and binding unless made in writing and signed by either Party and unless they make express reference to being a change or amendment to these regulations. The foregoing will also apply to the waiver of this mandatory written form.

(2) If any provision (or part thereof) of this Agreement is held invalid by a court with jurisdiction over the Parties, such provision (or part thereof) will be deemed to be restated to reflect as far as possible the Parties’ original intentions in accordance with applicable law, and the remainder of the Agreement or provision will remain in full force and effect as if the Agreement had been entered into without the invalid provision (or part thereof).

(3) This Agreement is governed by the laws of Switzerland. The courts located in Zürich / Switzerland will have the exclusive jurisdiction over the parties in regards to this Agreement. Notwithstanding the foregoing choice of law, the Parties expressly agree to make the terms of GDPR applicable to this Agreement.

(4) Name of the WebPros External Data Protection Officer: Vary.Legal GmbH ([email protected])

Exhibit 1

A description of Personal Data elements and the purpose of their Processing by the Data Processor on behalf of the Data Controller. The description will state the extent, the nature and purpose of contemplated collection, Processing and use of data, the type of data, and the circle of data subjects.

• The Data Controller may store names and email addresses of certain of its key employees or end-customers in the Data Processor’s Services systems for purposes of account creation or maintenance in order to gain access to use such system for the purposes these Services are offering. Although this data storage is directly related to the use of the solution, this storing may under certain circumstances be interpreted as Processing Personal Data, in which case this DPA shall apply.

• For Service data, the Processing of data is limited to the timeframe of the underlying Service / subscription relationship.

• Every Data Processor employee or subcontractor is bound by a comprehensive WebPros Data Protection Policy. Where access to data is required to be granted from outside the EEA, such access is protected by the appropriate safeguards and guarantees (e.g. by EU Standard Contractual Clauses, EU-US Privacy Framework), required under the applicable Data privacy laws like GDPR or local data protection laws.

Exhibit 2

List of technical and organizational measures taken by WebPros as the Data Processor

1.1 Confidentiality guarantee

1.1.1 Access control

Measures designed to prevent unauthorized persons from gaining access to data processing equipment that processes or uses personal data.

1.1.2 Physical access control

Measures designed to prevent data processing systems (computers) from being used by unauthorized persons.

1.1.3 Data access control

Measures to ensure that persons authorized to use a data processing system have access only to data subject to their right of access and that personal data cannot be read, copied, altered or removed without authorization during processing, use and after storage.

1.1.4 Separation control

Measures to ensure that data collected for different purposes can be processed separately. This can be ensured, for example, by logical and physical separation of data.

1.2 Ensuring integrity

1.2.1 Handover control

Measures to ensure that personal data cannot be read, copied, altered or removed without authorization during their electronic transmission or during their transport or storage on data carriers and that it is possible to verify and establish the points to which personal data are to be transmitted by data transmission facilities.

1.2.2 Input control

Measures to ensure that it can be subsequently verified and established whether and by whom personal data have been entered, modified or removed in data processing systems.

1.3 Pseudonymization

Measures that guarantee the pseudonymization of data.

1.4 Ensuring availability, resilience and recoverability

1.4.1 Availability (of data)

Measures to ensure that personal data are protected against accidental destruction or loss – ensuring the availability of data.

1.4.2 Load capacity (of the systems)

Measures to ensure that personal data are protected against accidental destruction or loss – Ensure the resilience of systems.

1.4.3 Recoverability (of data / systems)

Measures to ensure that personal data are protected against accidental destruction or loss – Ensure the recoverability of data and systems.

1.5 Procedures for periodic review, evaluation and evaluation

1.5.1 Order control

Measures to ensure that personal data processed on behalf of the customer can only be processed in accordance with the instructions of the customer.

1.5.2 Privacy management

Measures that ensure that methods have been evaluated to systematically plan, organize, manage and control the legal and operational requirements of data protection.

1.5.3 Incident response management

Measures to ensure that security incidents can be prevented or, in the case of security incidents that have already occurred, that data and systems can be protected and that a rapid analysis and resolution of the security incident can be carried out.

1.5.4 Privacy friendly presets

Measures that ensure that a certain level of data protection already exists in advance through the corresponding technology design (privacy by design) and factory settings (privacy by default) of a software.

Exhibit 3

List of XOVI Sub-Processors

WebPros Terms of Service – Service Annex – XOVI

1. XOVI is a service owned and provided by XOVI GmbH, Hohenzollernring 72, 50672 Cologne, Germany. The relevant clauses of the Terms of Service that refer to WebPros International GmbH as the provider apply accordingly to XOVI GmbH with regard to the use of XOVI.

2. The XOVI Service is an all-in-one SEO service, designed to help users, SMBs and Agencies to optimize their websites and their customer’s websites for better search engine rankings. Businesses may use the XOVI Service for their business and marketing purposes, as long as they comply with all terms and conditions of the WebPros Terms of Service. The data obtained from the use of the Service is intended exclusively for your use as specified by the software documentation and may not be reproduced or passed on to third parties. Any use beyond the Terms is prohibited.

3. The XOVI Service is charged for by the Provider on a subscription basis at the rates, published by the Provider.

4. The use of XOVI Services is conditioned upon your full and unconditioned acceptance of the WebPros Terms of Service, including all applicable Annexes thereto in their then current version. Access to the Services is possible after successful registration and payment of the corresponding Service fee. During the registration process, you will be asked to provide some personal Information for the purpose of entering into a contractual relationship with the Vendor, directly. The collection, use and storage of this data is governed by the WebPros Privacy Policy and is justified by Art. 6 (b) GDPR. You are obliged to provide true, accurate, current and complete Information about yourself when requested by the relevant forms and to keep this Information up to date. If you provide Information that does not comply with the above conditions, XOVI may suspend or terminate your access to all or parts of the Services. XOVI is not liable for errors in the provision of the Services that are due to untrue, inaccurate, out-of-date or incomplete Information.

5. The information generated by the Service provides an evaluation of the essential data with accuracy, corresponding to the state of the art. These are approximate values. Technically induced, unavoidable inaccuracies (for example, due to different internet technologies and counting parameters of the sources evaluated by the service) do not constitute a defect, nor do deviations and limitations resulting from the customer’s individual settings. XOVI does not owe the achievement of a specific economic success. XOVI has no direct business relationship with the operators of search engines, so XOVI has no influence on the creation of search results, the assignment of PageRank, or the inclusion of websites in the search index.

6. XOVI may provide a collaboration functionality (“Teaming Feature”), by which team members, working collaboratively, can be defined and administered within the Service. Although, this may involve storing names and email addresses within the Service itself, such action is not considered as processing data on your behalf, as it is facilitating the use of the XOVI solution itself. However, XOVI included the Webpros Data Processing Agreement, attached to the Terms as Annex 2, which applies in the event, such storing of data on XOVI servers may be interpreted as actually processing on behalf. In any case, by using the Teaming Feature, you confirm having obtained the required consent by the affected individuals to store their personal data within the Service. You are solely responsible for your compliance with all applicable laws and data protection regulations with respect to the data you enter into the Service.

7. Special Provisions for the Use of AI-Based Features (XOVI AI Writer & AI Signal)

The XOVI features “AI Writer” and “AI Signal” are part of the XOVI Service and are based on technologies provided by third parties, in particular OpenAI. Use of these features requires the user’s explicit acceptance of OpenAI’s Terms of Use and Privacy Policy, available at https://openai.com/policies.

– AI Writer enables the automated creation of SEO-optimized content based on user input. The generated content is based on generative AI models and is provided solely as suggestions. XOVI does not guarantee the accuracy, completeness, legality, or suitability of the generated content for any specific purpose. Users are responsible for reviewing and editing the content before publication. User input may be transmitted to and processed by OpenAI for the purpose of content generation. XOVI does not store such data beyond the scope of functionality provision.

– AI Signal is an analysis and monitoring tool designed to assess the visibility and representation of the user’s brand in AI-generated search results (e.g., ChatGPT, Gemini, Claude, Perplexity, Mistral). The feature provides insights into current brand perception by AI models (“Reflection Mode”) and supports strategic goal setting and progress tracking (“Vision Mode”). The analysis is based on publicly available data and external AI models. XOVI assumes no liability for brand representation by thirdparty AI systems. Use of the feature is at the user’s own risk.

When using the above-mentioned features, user input may be transmitted to third parties such as OpenAI and processed there. Processing is carried out solely for the purpose of providing the functionality and in accordance with applicable data protection regulations. AI-generated content must not be presented as exclusively human-created unless this is factually correct. Users are responsible for complying with applicable copyright and disclosure obligations when publishing such content.

The AI Writer and AI Signal features may be in beta status. XOVI reserves the right to modify, restrict, or discontinue these features at any time.

8. The use of the XOVI Service is governed by the laws of the Federal Republic of Germany. Agreed and exclusive place of jurisdiction are the courts located in Cologne / Germany, unless stipulated otherwise by the applicable law.