Terms & Conditions
General Terms and Conditions
These general terms and conditions (“GTC”) regulate the contractual relationship between Manaxo (“Provider”) and its customers (hereinafter referred to as “Customer”). By completing the registration form and ordering a user account (“Manaxo account”) on the Provider’s website, the Customer accepts the following provisions without restriction. The Provider reserves the right to change or supplement the GTC at any time. These changes will only become part of the contract if the Customer does not object within 14 days of becoming aware of them. The current version of the GTC will be published on the Provider’s website (https://app.manaxo.com/terms-and-conditions).
Manaxo provides businesses and agencies with services in information and communication technology (consulting, development, production, sales, support, IT services, training, maintenance), facilitation of business relationships and orders in digital communication, graphic design, and IT services, investment and asset management, including the acquisition, financing, construction, management, and sale of real estate, and the acquisition, management, and exploitation of intellectual property rights.
1. Subject of the Contract
With the Manaxo software (hereinafter referred to as “Manaxo”), the Provider primarily offers Software as a Service (SaaS) solutions over the Internet in the area of business software. Additionally, the Provider offers other related services (collectively referred to as “Services”). The exact scope and terms of the Services are outlined in the current service description on the Provider’s website. The contract specifically includes:
- a) Provision of the Manaxo software for use over the Internet.
b) Storage of Customer data (“Data Hosting”).
c) Provision of various add-ons to complement the Manaxo software. Some add-ons are offered directly by the Provider, while others are provided by third-party vendors. Add-ons may be ordered or set up either within the Manaxo account or through the Provider’s app marketplace.
For U.S. customers, the use of Manaxo’s services is subject to applicable U.S. laws and regulations, including but not limited to state and federal data protection laws (such as the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), where applicable). The Customer acknowledges that continued use of the Provider’s Services constitutes acceptance of any updates to these terms.
2. Licensing of Software
2.1. Software Access
During the term of this contract, the Provider grants the Customer a non-exclusive, revocable, and non-transferable license to use the current version of the Manaxo software over the Internet in exchange for a fee. The software is hosted on servers located in the United States, accessible to the Customer via the Internet.
2.2. Software Updates and Maintenance
The Provider continuously develops the Manaxo software, ensuring its functionality through regular updates and improvements. The exact features and functionalities of the latest version are described in the service description available on the Provider’s website.
2.3. Performance and Error Monitoring
The Provider monitors the performance and security of the software, resolving errors and implementing bug fixes where technically feasible. However, the Provider does not guarantee that the software will be error-free or that it will operate without interruptions.
For U.S. customers, the Provider complies with applicable federal and state regulations regarding software security, service availability, and liability limitations.
3. Granting of Licenses to Use the Software
3.1. License Scope
During the contract term, the Provider grants the Customer a limited, non-exclusive, non-transferable, and revocable right to use the Manaxo software in accordance with the agreed-upon service scope.
3.2. Restrictions on Copying and Modifications
The Customer may not copy, modify, or create derivative works based on the software unless expressly permitted in the service description on the Provider’s website or explicitly authorized in writing by the Provider. Temporary installation or local storage of the software (except within the temporary memory of the Customer’s hardware) is strictly prohibited.
3.3. Prohibition on Third-Party Distribution
The Customer may not share, sublicense, lease, sell, or distribute the software to third parties, whether for a fee or free of charge, unless expressly permitted in the current service description or approved in writing by the Provider.
3.4. Protection Against Unauthorized Use
The Customer agrees to ensure that third parties do not gain unauthorized access to the software and will implement internal security measures to prevent unlawful use.
For U.S. customers, the Provider retains all intellectual property rights in the software, and the Customer must comply with U.S. copyright and software licensing laws, including but not limited to the Digital Millennium Copyright Act (DMCA).
4. Hosting of Data
4.1. Storage Allocation
The Provider grants the Customer a specified amount of storage space on a server located in the United States (see service description) for storing their data. If the allocated storage becomes insufficient, the Provider will notify the Customer in advance. If the Customer does not purchase additional storage space for a fee, no further data exceeding the allocated storage limit will be stored.
4.2. Accessibility of Data
The Provider ensures that the stored data is accessible via the Internet within the scope of technical feasibility.
4.3. Prohibition on Sharing Storage Space
The Customer may not resell, lease, or otherwise transfer the allocated storage space to third parties, whether for commercial purposes or free of charge.
4.4. Compliance with Legal and Contractual Obligations
The Customer agrees not to store any content on the allocated storage that violates applicable laws, third-party agreements, or intellectual property rights.
4.5. Data Security and Backup Measures
The Provider implements reasonable security measures to prevent data loss and unauthorized access to Customer data. These include: Regular backup copies, Virus scanning, Firewall protections, and Encryption measures where applicable. However, the Provider does not guarantee absolute data security, as internet-based data transmission carries inherent risks.
4.6. Data Ownership and Retrieval Rights
The Customer remains the sole owner of their data and has the right to request data retrieval during the contract term. The Provider will release data to the Customer in the format used by the Provider. However, the Customer has no right to obtain the software required to process or use the data. The Provider may charge a reasonable fee for data retrieval.
4.7. Data Retention After Contract Termination
After contract termination, the Customer has one month to request data retrieval, in accordance with Section 4.6. The Provider is not obligated to store data beyond this period. If the Customer requests data retrieval after the one-month period and the data is still available, the Provider may release the data upon payment of actual costs incurred.
For U.S. customers, the Provider complies with applicable data retention and deletion laws, including but not limited to the California Consumer Privacy Act (CCPA), where applicable.
5. Use of Subcontractors
5.1. Engagement of Subcontractors
The Provider may engage subcontractors or third parties to fulfill its contractual obligations, particularly for software development and technical services. In such cases, the Provider ensures that subcontractors are properly instructed and operate in compliance with applicable privacy and security laws.
5.2. Limitation of Liability
The Provider’s warranty and liability for subcontractors are excluded to the fullest extent permitted by law.
For U.S. customers, the Provider ensures that all subcontractors handling personal data comply with U.S. data protection laws and contractual obligations.
6. Collaboration with Third-Party Providers / Trustee Partners
6.1. Granting Access to Third Parties
The Customer may grant a third party, such as an accountant, trustee, or consultant, access to their Manaxo account to facilitate data exchange. The Customer retains full control over access permissions and may modify or revoke access at any time.
6.2. Trustee Accounts and Data Access Control
The Provider allows trustees or third-party partners to create separate Manaxo accounts, where they can manage access rights independently. Trustees may grant, modify, or revoke access permissions to third parties at their discretion. However, the Provider reserves the right to disclose specific data to authorized third parties in exceptional cases where legally required or necessary for service provision.
6.3. Disclaimer of Liability for Third-Party Processing
By granting access rights to third parties, the Customer agrees that the Provider may make available all released data to the authorized recipient. The Provider assumes no responsibility for how authorized third parties process Customer data, including trustees or consultants.
For U.S. customers, the Provider ensures compliance with CCPA/CPRA and other relevant data protection laws regarding third-party data access and sharing.
. Third-Party Add-ons
7.1. Integration of Third-Party Add-ons
The Provider offers an application programming interface (API) to facilitate communication with third-party software. This allows the Customer to integrate various additional features or services (“add-ons”) into the Manaxo software.
Customers may order add-ons through the Provider’s app marketplace or grant third-party providers permission to access their Manaxo account via the API.
A contractual relationship for the use of third-party add-ons is established exclusively between the Customer and the third-party provider, unless expressly agreed otherwise.
For U.S. customers, data exchanges with third-party add-ons must comply with applicable data protection laws, including but not limited to:
- California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)
- Federal Trade Commission (FTC) Data Security Guidelines
7.2. Customer Authorization for Data Access
If an add-on requires specific access rights to function, the Customer expressly agrees to grant all necessary access permissions when ordering or integrating the add-on.
The Provider is then authorized to make available the necessary Customer data to the third-party provider or grant them access. However, the Customer retains full control over third-party access rights and may modify, restrict, or revoke access at any time.
The Customer also acknowledges that the Provider and third parties may exchange data when using add-ons to ensure functionality and service compatibility.
For U.S. customers, third-party data exchanges must comply with applicable privacy regulations and require a contractual obligation from third-party providers to protect Customer data.
7.3. Limitation of Liability for Third-Party Add-ons
The Provider expressly excludes all warranties and liability for third-party add-ons.
The Provider assumes no responsibility for how a third-party provider processes Customer data or for any malfunctions, damages, or security risks caused by a third-party add-on.
The Customer acknowledges that the use of third-party add-ons is at their own risk, and any disputes or claims regarding add-on functionality must be resolved directly with the third-party provider.
7.4. Restriction or Suspension of API Access
Notwithstanding any prior commitments, the Provider reserves the right to partially or fully restrict access to the API for specific Customers or all users under valid circumstances.
A valid reason includes, but is not limited to:
- Data migration or API misuse that compromises the Provider’s infrastructure or services
- Excessive requests that overload system capacity
- Security risks, compliance violations, or fraudulent activity
For U.S. customers, the Provider ensures that API restrictions align with cybersecurity best practices and federal guidelines on API security.
7.5. Acceptance of Third-Party Terms and Policies
By ordering or using a third-party add-on, the Customer agrees to the terms and conditions and privacy policy of the respective third-party provider.
The Provider strongly recommends that Customers review third-party agreements before integrating any add-ons.
For U.S. customers, third-party services must meet U.S. legal standards for data security, privacy, and consumer protection.
8. Advice from Third Parties
8.1. Availability of Consulting Services
The Provider offers Customers the option to access consulting services provided by third parties.
The availability of these services is subject to the current service description on the Provider’s website. Consulting services may be provided under agreements between the Provider and third-party service providers, including but not limited to insurance-backed agreements, unless explicitly stated otherwise.
For U.S. customers, consulting services that involve financial, legal, or professional advice must comply with state and federal regulatory standards.
8.2. Transmission of Customer Data to Third Parties
To verify the Customer’s eligibility for consulting services and to facilitate communication, the Provider may share the following Customer data with the third-party provider:
- a) Company name or Customer’s legal entity
b) Business or residential address (street, postal code, city, additional details)
c) Contracts concluded between the Provider and the Customer
d) Telephone number(s)
e) Email address(es)
For U.S. customers, the sharing of personal data complies with U.S. privacy laws, such as:
- California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)
- Gramm-Leach-Bliley Act (GLBA) (for financial data exchanges)
All third-party providers must adhere to data confidentiality requirements when receiving Customer data.
8.3. Customer Verification of Authorization
The Customer may be required to provide proof of authorization to access third-party consulting services.
The Customer is responsible for ensuring that only authorized employees or representatives have access to these services. Unauthorized access may result in service restrictions or termination.
8.4. No Direct Contractual Obligation with the Provider
The Customer acknowledges that all consulting services are provided solely by third-party providers.
The Provider is not a party to any agreement between the Customer and the third-party provider. Any claims or service obligations exist exclusively between the Customer and the third-party provider.
For U.S. customers, this provision ensures compliance with contractual liability limitations and third-party service disclaimers under U.S. contract law.
8.5. Restriction or Termination of Consulting Services
The Provider reserves the right to restrict or terminate consulting services for a specific Customer at any time for valid reasons, including but not limited to:
- Excessive or abusive use of consulting services
- Misrepresentation of eligibility for consulting services
- Violation of applicable laws, regulations, or contractual terms
8.6. Agreement to Third-Party Terms and Policies
By accepting these General Terms and Conditions, the Customer explicitly agrees to the terms and privacy policy of the respective third-party provider.
For U.S. customers, consulting services may be subject to separate third-party agreements that comply with U.S. consumer protection and contract laws.
9. Support
9.1. Scope of Support Services
The Provider will respond to Customer inquiries regarding the Manaxo software and other services as quickly as possible within the business hours published on its website, either by telephone or in writing via email. The Provider does not guarantee immediate resolution and provides support on a best-effort basis.
9.2. Exclusions from Support
Support for third-party software and services, including but not limited to add-ons, is expressly excluded. For U.S. customers, support services provided by the Provider do not extend to issues caused by external factors such as third-party integrations, Customer-side hardware failures, or internet service disruptions.
10. Impairment of Accessibility
10.1. Service Interruptions Due to Maintenance
Adjustments, changes, and additions to the Provider’s SaaS services, as well as measures to identify and resolve malfunctions, may lead to temporary interruptions or impairments of availability if necessary for technical reasons.
10.2. Maintenance and Error Resolution
The Provider regularly monitors and maintains the basic functions of the Manaxo software to ensure optimal performance. In the event of serious errors, such as instances where the use of the Manaxo software is no longer possible or is significantly restricted, maintenance is typically carried out within two hours after the Customer has reported the issue or has been notified of it by the Provider. The Provider will make reasonable efforts to inform the Customer in advance of scheduled maintenance and to complete such maintenance as quickly as possible.
10.3. No Guarantee for Third-Party Services
While the Provider endeavors to ensure a high level of availability of the Manaxo software, it does not guarantee uninterrupted service and disclaims liability for any disruptions beyond its reasonable control, including but not limited to power outages, cyberattacks, or force majeure events. The availability of third-party services, including but not limited to add-ons, is not covered by the Provider’s availability guarantees, and the Provider does not assume responsibility for the uptime or functionality of services managed by third parties.
11. Customer Obligations
11.1. Proper Use of SaaS Services
The Customer may only use the SaaS services for their intended purpose and is solely responsible for the content created, transmitted, or used within the Manaxo software.
11.2. System Requirements and Security
The Customer is responsible for ensuring that their system meets the necessary requirements, including hardware and software compatibility, for using the Manaxo software. The Customer must verify that all entered data and information are free from viruses or harmful components by using appropriate virus protection programs.
11.3. Protection Against Unauthorized Access
The Customer must take measures to prevent unauthorized access to the software by third parties, including ensuring that employees do not share access credentials. Employees should be informed of existing intellectual property rights and should not make copies of the software or share login credentials with unauthorized parties.
11.4. User Authentication and Account Security
Before using the SaaS services for the first time, the Customer must generate a unique User ID and password for accessing their Manaxo account. The Customer is obligated to keep these credentials confidential and must immediately inform the Provider of any unauthorized access or security breach involving their User ID or password. In such cases, the Provider will reset the Customer’s credentials.
11.5. Regular Password Updates
The Customer must take necessary security measures, including changing passwords regularly, at least once every sixty (60) days.
11.6. Updating Account Information
The Customer must keep their Manaxo account information up to date, including their home address, email address, and phone number(s).
11.7. Data Backup and Retention After Contract Termination
After termination of the contractual relationship, the Customer is responsible for backing up their data. The Provider is entitled to irrevocably delete all Customer data one month after the contract ends.
11.8. Consequences of Non-Compliance
If the Customer violates any contractual obligations, the Provider has the right to temporarily or permanently restrict or block the Customer’s Manaxo account and access to all services.
12. Fees
12.1. Obligation to Pay Fees
The Customer is obligated to pay the Provider the agreed fee, including any applicable VAT, according to their subscription plan or the corresponding service description.
12.2. Payment Terms
Unless otherwise agreed in writing, all fees must be paid in advance.
12.3. Invoice Delivery
The Provider will send an invoice for the agreed fees to the email address provided by the Customer for billing purposes.
12.4. Fee Adjustments
The Provider reserves the right to adjust fees and/or modify the content of services at any time by providing written notification to the Customer. Reasons for such changes may include technical advancements and further development of the software. If the changes result in a deterioration of the conditions for the Customer, they have the right to terminate the contract for good cause. Termination must be executed within fourteen (14) days of the changes taking effect.
12.5. Late Payments and Account Blocking
In the event of late payment, the Provider is entitled to temporarily block the Customer’s Manaxo account and restrict access to services. The agreed fees remain due in full during the blocking period. Access will be reactivated once outstanding invoices have been paid in full.
13. Warranty / Liability
13.1. Service Functionality Guarantee
The Provider guarantees the functionality and operational readiness of the SaaS services in accordance with these General Terms and Conditions.
13.2. Customer Indemnification
The Customer agrees to indemnify the Provider against all claims by third parties based on data stored by the Customer and to reimburse the Provider for all costs incurred due to potential legal violations.
13.3. Suspension Due to Illegal Content
The Provider has the right to immediately block storage space if there is reasonable suspicion that the stored data is illegal or infringes upon third-party rights. Suspicion may arise from notifications by courts, authorities, or third parties. The Provider will inform the Customer of the blocking and the reason for it as soon as possible. The restriction will be lifted if the suspicion is entirely dispelled.
13.4. Limitation of Liability
To the extent permitted by law, the Provider excludes all liability towards the Customer or third parties, including for contractual and non-contractual obligations, as well as data loss, even in cases of negligence. This exclusion of liability also applies to damages arising directly or indirectly from the use of the Manaxo software.
13.5. Use of Assistants
If the Provider engages assistants to fulfill contractual obligations, it ensures they receive proper instruction. Otherwise, the Provider excludes all warranty and liability claims to the maximum extent permitted by law, including for intent and gross negligence.
13.6. Liability Limitation
Regardless of the basis of liability, the Provider’s maximum liability is limited to the total amount of the monthly license fees paid by the Customer in the twelve (12) months preceding the occurrence of the damage.
13.7. Third-Party Services Exclusion
The Provider does not provide any warranties or assume liability for third-party software, services, or integrations, including but not limited to add-ons, consulting services, or banking interfaces.
14. Duration of the Agreement
14.1. Start of the Contractual Relationship
The contractual relationship begins when the Customer registers and places an order.
14.2. Indefinite Contract Duration
The contractual relationship is established for an indefinite period. The selected subscription (e.g., monthly or annual) is automatically renewed for another billing period unless terminated by the Customer.
14.3. Notice Period for Termination
Either party may terminate the contract with one month’s notice, effective at the end of the current billing period. Specific promotional offers may be subject to different notice periods.
14.4. Termination Process
Termination must be initiated online through the Customer’s Manaxo account. The Provider will send a confirmation link via email, and termination is considered complete once the Customer confirms the termination. The Manaxo account will be deactivated at the end of the one-month notice period. The effective termination date is determined by when the Provider receives the Customer’s confirmation.
14.5. Immediate Termination for Cause
The Provider reserves the right to terminate the contract immediately for important reasons, which include but are not limited to:
- The Customer becomes insolvent or insolvency proceedings are discontinued due to insufficient assets.
- The Customer is in arrears with payments amounting to at least one month’s fees and fails to pay after receiving a two-week payment notice.
- The Customer intentionally violates legal regulations or infringes upon third-party copyrights, trademarks, or intellectual property rights.
- The Customer commits a serious violation of the General Terms and Conditions or other contractual provisions.
- The Customer uses the services for criminal, illegal, or ethically questionable activities.
14.6. Handling of Accounts Upon Death of a Sole Proprietor
In the event of the death of a sole proprietor, the Provider is generally entitled to release account data to authorized persons, such as family members or trustees, if a legitimate interest can be demonstrated (e.g., succession planning or estate distribution). The Provider may also grant an authorized person access to the Manaxo account of the deceased or transfer the account upon presentation of appropriate evidence. However, if multiple parties assert conflicting claims, the Provider may withhold data access or take further legal steps before releasing any information.
15. Notes
15.1. Notification Requirements
Unless otherwise required by law, all notices must be provided in writing or via email to the address listed in the Customer’s Manaxo account or to the contact details published on the Provider’s website. The Customer is responsible for ensuring that their contact information, including email address, remains current. If the Customer fails to update their address or email, any notice sent to the last recorded contact details will be considered effectively delivered.
16. Data Protection
16.1. Acceptance of Privacy Policy and Processing Agreement
By accepting these General Terms and Conditions, the Customer agrees to the Provider’s Privacy Policy and Data Processing Agreement, as amended from time to time. These documents are permanently accessible on the Provider’s website, and the Customer acknowledges awareness of their terms.
16.2. Data Exchange and Compliance
The Customer expressly consents to the exchange of data between the Provider and Manaxo. The Provider undertakes to maintain confidentiality and comply with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR) for EU customers and the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) for U.S. customers residing in California.
17. Intellectual Property Rights
17.1. Ownership of Intellectual Property
All rights, including but not limited to copyrights, trademarks, and proprietary software code, related to the Manaxo software, website, and SaaS services, remain the exclusive property of the Provider. The Customer is granted a non-exclusive, non-transferable license to use the software only in accordance with the terms of this contract. Any modification, reproduction, or redistribution of the software without prior written consent from the Provider is strictly prohibited.
18. Confidentiality Obligation
18.1. Protection of Confidential Information
The Provider will treat all information obtained in connection with the preparation, execution, and fulfillment of this contract as strictly confidential. This includes, but is not limited to, the Customer’s business activities, trade secrets, and proprietary information. The Provider will not disclose such information to unauthorized third parties without prior written consent from the Customer. This confidentiality obligation extends to third parties unless disclosure is necessary for the proper execution of contractual obligations or is legally required.
18.2. Use of Customer as a Reference
The Customer authorizes the Provider to list them as a reference client and to use general, non-sensitive details of the contract for marketing, PR, and sales purposes. Before any publication, the Provider will inform the Customer, who may revoke this authorization only for important reasons.
19. Newsletter Tools – “Principles for the Provision of Our Services”
19.1. Scope of Services and Responsibility
With our software and its functions, we provide only the technical framework for services purchased by you. The specific use and purposes are determined by you, as outlined in the service description at https://www.marketing-mailing.com. The Provider assumes no responsibility for actions performed using the software or for the content processed through it. All activities conducted using the software and all related content are subject exclusively to the legal provisions, agreements, and contracts you establish with your customers, partners, employees, or other stakeholders.
19.2. Commercial Use by Third Parties
You may not permit third parties to use our services for commercial purposes.
19.3. Service Modifications and Adjustments
The Provider reserves the right to modify or adapt services, associated documentation, and attachments while considering your interests, provided that these changes do not violate our primary contractual obligations. Significant changes that negatively impact the contractual relationship will only be made with your consent. If mutual agreement cannot be reached and a change is necessary due to a shift in our business model or technical requirements, either party may terminate this contract with immediate effect.
19.4. Force Majeure
The Provider is released from its obligation to provide services for the duration of any force majeure event that prevents performance. Force majeure includes, but is not limited to, fire, explosion, flood, war, blockade, embargo, pandemics, and industrial actions beyond the control of the Provider or its subcontractors.
19.5. Liability for User Actions
You are responsible for the actions of your users and are liable for them as if they were your own.
19.6. Third-Party Links and Integrations
Links or functionalities within our software may lead to third-party websites or software that we do not operate and for which we are not responsible. Such links or integrations will be clearly marked or identifiable by changes in the browser’s address line or user interface.
19.7. Restriction of Access and Termination for Violations
If the Provider has legitimate grounds, it reserves the right to refuse access, block or exclude a Customer or their users, or terminate the contract for cause if repeated complaints are received or if the Customer repeatedly violates the contract, these Terms and Conditions, or legal regulations. The Provider will provide the Customer with an opportunity to respond and, before full blocking or termination, will give ten (10) days' advance notice with an explanation of the reasons. If the Customer resolves the issue that led to the restriction, blocking, or exclusion, the Provider will consider reinstating access to the platform.
20. Hosting and Mailing
20.1. Hosting Account Blocking Due to Non-Payment
If the Customer does not pay the final reminder, their hosting account will be blocked for ten (10) days. To reactivate the account, an advance payment of USD 200 is required. If the Customer does not contact Manaxo in writing within ten (10) additional days (twenty (20) days total from the first block), all data will be permanently deleted without the possibility of recovery. The Provider assumes no liability for damages resulting from data loss.
20.2. Mass Emailing Restrictions
Sending mass emails (newsletters) from the Manaxo management server is strictly prohibited. If this rule is violated, the affected domain hosting will be immediately blocked. To reactivate hosting, an advance payment of USD 200 is required. Repeated violations will result in the permanent blocking of the domain hosting from the Manaxo server, and all data will be removed. The Provider assumes no liability for any damages resulting from such data loss.
21. Severance Clause
21.1. Validity of the Agreement
If any provision of this contract is found to be invalid or unenforceable, the validity of the remaining provisions shall remain unaffected. The invalid or void provision shall be replaced by a new provision that closely aligns with the original provision’s intent and economic effect, in a legally permissible manner. The same applies if gaps are identified in the contract.
22. Applicable Law and Place of Jurisdiction
22.1. Governing Law and Jurisdiction
This contract is governed by United States law, excluding conflict of law rules and international agreements. All disputes related to this contract, including but not limited to formation, validity, implementation, modification, breach, or termination, shall be subject to the exclusive jurisdiction of the courts at the Provider’s registered office.
Last updated: March 20, 2025
Order Processing Contract – Manaxo
1. Subject of the Order, Duration, and Specification of Order Processing
1.1. The subject matter and duration of the order, as well as the type and purpose of data processing, are governed by the General Terms and Conditions (GTC) and this Order Processing Agreement (DPA) unless additional obligations arise from applicable U.S. data protection laws.
1.2. The exact details regarding the subject, type, and purpose of order processing are specified in the Order Processing Contract (DPA).
2. Responsibility & Scope
2.1. The Provider processes personal data on behalf of the Customer. The scope of this processing is outlined in the General Terms and Conditions published on the Provider’s website.
2.2. The Customer bears sole responsibility for ensuring compliance with all statutory data protection regulations, including but not limited to:
- United States: California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Health Insurance Portability and Accountability Act (HIPAA) where applicable, and other federal or state privacy regulations.
- European Union: General Data Protection Regulation (GDPR), where applicable.
- Switzerland: Swiss Federal Act on Data Protection (FADP), where applicable.
2.3. By registering for a Manaxo account and ordering services through the Provider’s website, the Customer authorizes the Provider to process personal data in accordance with the contractual terms. The Customer may modify, expand, or revoke processing instructions via the Manaxo account or by notifying the Provider in writing.
2.4. Instructions not covered under the General Terms and Conditions will be considered a service modification request. Verbal instructions must be promptly confirmed in writing or executed through the Customer’s Manaxo account.
3. Duties and Obligations of the Provider
3.1. The Provider processes personal data exclusively in compliance with the General Terms and Conditions, the Data Processing Agreement (DPA), and applicable U.S. laws, including CCPA/CPRA, unless a legal exception applies.
3.2. The Provider maintains an internal organizational structure that meets all data protection requirements and has implemented technical and organizational measures (TOMs) to safeguard the confidentiality, integrity, availability, and resilience of personal data.
3.3. The Customer is informed of these measures and remains responsible for ensuring that they provide an adequate level of data protection for the processed data.
3.4. The Provider continuously updates security measures in line with U.S. regulatory requirements, particularly those outlined in CCPA/CPRA regarding consumer data protection and security.
3.5. The Provider supports the Customer, where contractually agreed, in fulfilling data protection obligations, including compliance with data subject rights, data security, and regulatory requirements under U.S. law, including:
- Right to Know (CCPA/CPRA)
- Right to Delete (CCPA/CPRA)
- Right to Opt-Out of Data Sales (CCPA/CPRA)
- Right to Correct Personal Data (CPRA)
- Non-Discrimination for Exercising Privacy Rights (CCPA/CPRA)
3.6. The Provider ensures that all employees and third parties involved in data processing adhere to confidentiality obligations and process data strictly within the contractual framework.
3.7. If the Provider becomes aware of a data breach, it will take immediate protective measures, assess risks, mitigate possible consequences, and comply with all applicable breach notification requirements under U.S. federal and state laws, including CCPA/CPRA and the FTC Safeguards Rule.
3.8. The Provider guarantees compliance with all applicable U.S. data protection laws, including regular evaluations of its security measures, to maintain ongoing data protection and processing integrity.
3.9. The Provider will store and process personal data only for the duration of the contractual relationship. Upon termination of the contract, data will be deleted or anonymized, unless retention is required by U.S. federal or state law, legitimate business purposes, or regulatory compliance (e.g., tax, fraud prevention, or litigation).
4. Duties and Obligations of the Customer
4.1. The Customer must promptly notify the Provider in writing or via the Manaxo account of any errors, irregularities, or security concerns related to data processing.
4.2. If the Customer has a designated Data Protection Officer or contact person for data protection matters, they must provide the Provider with up-to-date contact details.
4.3. The Customer is solely responsible for informing data subjects (e.g., employees, clients, users, or partners) of how their personal data is processed, stored, and transferred by the Provider, in accordance with the General Terms and Conditions, this Order Processing Agreement (DPA), and applicable U.S. privacy laws (e.g., CCPA/CPRA).
4.4. If a data subject does not consent to the intended data processing, it is the Customer’s responsibility to remove their data from the Manaxo account before initiating further processing.
4.5. By accepting the General Terms and Conditions, the Customer expressly consents to the transfer of data to Manaxo and the Provider and releases the Provider from any legal claims arising from non-compliance with data protection obligations.
4.6. The Customer is responsible for obtaining necessary consumer consent when required under CCPA/CPRA and other applicable U.S. laws before sharing or processing personal data.
4.7. The Customer must ensure compliance with U.S. data protection requirements, including proper disclosures regarding the collection, sharing, or sale of personal data as required by CCPA/CPRA and related laws.
5. Requests from Data Subjects
5.1. If a data subject submits a request for correction, deletion, or information, the Provider will, where possible, refer the request to the Customer, assuming the data subject's request can be clearly linked to the Customer's data processing activities. The Provider will forward the request within a reasonable timeframe. The Provider may assist the Customer in fulfilling data subject requests to the best of its ability, but reserves the right to charge a reasonable flat-rate fee for any associated administrative costs. The Provider is not liable if the Customer fails to respond to a data subject's request, provides an incorrect response, or fails to respond in a timely manner.
6. Verification Options
6.1. The Provider will demonstrate compliance with the obligations set out in Section 1 through appropriate documentation, such as self-audits, certifications, or other legally recognized evidence.
6.2. If investigations or audits are required by the Customer or an auditor commissioned by the Customer (e.g., under U.S. or EU data protection laws), such investigations will occur during normal business hours, with prior notice and an appropriate lead time to avoid operational disruption. The Provider may require that:
-
A confidentiality agreement be signed regarding data from other customers and the technical and organizational security measures (TOMs) in place.
-
If the auditor is a competitor of the Provider, the Provider may reject the auditor and suggest a neutral third-party.
-
If the audit incurs costs and no compliance irregularities are found, the Provider may charge the Customer for the costs associated with the audit.
6.3. If a data protection supervisory authority (e.g., the California Privacy Protection Agency (CPPA), Federal Trade Commission (FTC), or European Data Protection Board (EDPB)) or another official regulatory authority of the Customer wishes to conduct an audit, the same provisions of Section 6.2 apply. However, if the supervisory authority is bound by professional confidentiality obligations, the requirement for a confidentiality agreement does not apply.
7. Subcontractors (Other Processors)
7.1. The Provider may engage subcontractors to fulfill contractual services. These subcontractors must comply with all applicable data protection requirements as outlined in this Order Processing Agreement (DPA) and any relevant U.S., EU, or Swiss regulations. The Provider will ensure appropriate contractual agreements with subcontractors to maintain adequate data protection and security measures.
7.2. Subcontractors that do not process personal data or do not have access to Customer data are excluded from this section. The Provider maintains an up-to-date list of subcontractors acting as data processors, which is available at: 🔗 https://www.manaxo.com/commissioning-contract/.
7.3. The Customer agrees to the use of the subcontractors listed on the Provider’s website. If the Provider engages new subcontractors, it will update its website at least 14 days in advance. The Customer must regularly check the list and may object to new subcontractors within 14 days if they have a legitimate data protection concern.
7.4. If the Customer objects to a new subcontractor for a valid data protection reason and an amicable resolution cannot be reached, the Provider grants the Customer a special right to terminate the contract.
8. Information Obligations
8.1. If the Customer's data is at risk due to seizure, attachment, insolvency, regulatory enforcement actions, or legal proceedings, the Provider must notify the Customer immediately.
8.2. The Provider must also inform relevant authorities or parties involved that the data remains the sole property of the Customer and is protected from unauthorized seizure or transfer under applicable data protection and contract laws.
9. Liability
9.1. Liability provisions are governed by the General Terms and Conditions (GTCs) and any applicable laws. The Provider’s liability limitations, exclusions, and obligations under U.S. (CCPA/CPRA), EU (GDPR), and Swiss (FADP) data protection regulations apply.
10. Miscellaneous
10.1. The provisions of the General Terms and Conditions (GTCs) apply unless otherwise stated in this Order Processing Agreement (DPA).
10.2. In case of conflict between this Order Processing Agreement (DPA) and the General Terms and Conditions (GTCs), the General Terms and Conditions shall take precedence.
10.3. If any part of this Order Processing Agreement is deemed invalid, the remaining provisions shall remain fully enforceable and unaffected.
11. Subject, Purpose, and Scope
Purpose and Scope of the Order
Processing of the Customer’s personal data in the course of using the Provider’s services within the framework of Software as a Service (SaaS).
Nature and Purpose of Data Processing
The personal data transmitted by the Customer will be processed by the Provider as part of the SaaS services. The Provider processes this data in accordance with the General Terms and Conditions (GTC) and the corresponding service descriptions on the Provider’s website. This includes, but is not limited to:
- Order management
- Contact management (CRM)
- Project management
- Accounting
- Warehouse management
- Other functions necessary for service fulfillment
Types of Personal Data Processed
The specific personal data processed depends on the Customer’s input and may include, but is not limited to:
- Name, contact details, and address
- Gender and date of birth
- Financial information and payment details
- Professional and educational information
- Communication history and correspondence
- Usage data and activity on the platform
- Other data necessary to provide the services
Categories of Data Subjects
The data subjects affected depend on the data provided by the Customer. This may include:
- Customer’s employees (including applicants and former employees)
- Customer’s service providers
- Customers of the Customer
- Contact details of Customer’s business partners
- Customers’ prospective clients and leads
Deletion, Blocking, and Correction of Data
Requests for deletion, blocking, or correction of data must be addressed directly to the Customer. Further details on data retention and handling can be found in the General Terms and Conditions (GTC) and this Order Processing Agreement (AVV).
12. Technical and Organizational Measures (TOM)
The following Technical and Organizational Measures (TOMs) are implemented to ensure the security and integrity of data processing:
- Security Perimeter Controls
- Implementation of effective access protection
- Definition and management of authorized personnel
- Documentation of personal access authorizations throughout the entire lifecycle
- Access logging and monitoring of secured areas outside working hours
- Access Control
- User authentication management
- Secure transmission of access credentials over networks
- Role-based access with minimum permissions assigned
- Logging and verification of access to sensitive data
- Transmission Control
- Secured interfaces and encrypted data transmission
- Secure decommissioning of legacy systems
- Data protection policies and secure disposal of outdated data
- Input Control
- Automatic recording of data entry actions
- Logging of data modifications
- Order Control
- Documentation and tracking of data access authorizations
- Logging of data processing activities
- Availability Control
- Implementation of a comprehensive backup and recovery plan
- Regular storage and management of backups
- Emergency planning and resilience testing
- Data Separation Requirement
- Ensuring minimal data collection in accordance with data protection principles
- Separate processing of different data categories to avoid unauthorized mixing
Last updated: March 20, 2025
General Terms of Use for Licensees for Communication via the Manaxo Platform
1. User Account
Registration for a user account to communicate with Licensees takes place via the Manaxo platform. To complete registration, the User must provide a valid email address and, if applicable, a mobile phone number to enable two-factor authentication.
The User is required to provide accurate and complete information at the time of registration and throughout their use of the platform. The User must keep their account details up to date and correct any errors promptly. By registering, the User confirms that they have the legal capacity to enter into agreements or are acting with the consent of a legal representative.
Upon successful email verification, the User is registered, and their user account is created.
2. Rights and Obligations of the User
2.1. Authentication Tools
The User is solely responsible for maintaining the security of their authentication credentials (e.g., username, password, authentication codes, mobile device, etc.) to prevent unauthorized access to their account. Under no circumstances should authentication tools be shared with third parties. If the User grants access to third parties, they assume full responsibility for any actions taken by those individuals.
Once authenticated, the User remains logged into their Manaxo account until they manually log out or are automatically logged out after a period of inactivity.
The Manaxo platform provides the User with access to a digital signature for communication with Licensees. By utilizing the digital signature, the User acknowledges that it carries the same legal effect as a handwritten signature.
2.2. User Systems
The User is responsible for maintaining secure internet access and ensuring that their devices meet the necessary hardware and software requirements. The User must implement adequate security measures, such as virus protection and system firewalls, to prevent malware infections and unauthorized access.
Devices and systems used to log into the Manaxo platform must be protected against unauthorized access and manipulation.
2.3. Reporting Obligation
If the User suspects that their authentication credentials have been compromised or that unauthorized access has occurred, they must immediately notify the Licensee and change their password without delay.
2.4. Place of Performance and Receipt of Messages
The User’s electronic mailbox within the Manaxo platform is the official communication channel for receiving invoices, notifications, and correspondence. However, the Licensee reserves the right to communicate through alternative channels, including paper mail or email, at its discretion.
Communications sent via the Manaxo platform are deemed received on the day they are made available. The deadlines for responses, including payment and complaint deadlines, commence upon receipt of such messages.
3. Rights and Obligations of the Licensee
3.1. Security
The Licensee is responsible for protecting its infrastructure and user data through appropriate security measures and for maintaining the confidentiality of entrusted information. Manaxo’s systems and infrastructure (e.g., architecture, network, security protocols) undergo regular internal and external audits, and any deficiencies identified are immediately addressed.
3.2. Availability
The Licensee strives to maintain continuous availability of services via the Manaxo platform. However, neither the Licensee nor Manaxo guarantees uninterrupted availability and shall not be held liable for service interruptions, system failures, or delays in data transmission via email, SMS, or other communication channels.
Maintenance, system updates, and troubleshooting may cause temporary service disruptions. The Licensee and Manaxo will endeavor to schedule such activities during off-peak hours whenever possible.
3.3. Recording and Storage of Receipts
Under applicable legal regulations, the User is responsible for ensuring compliance with documentation and record-keeping requirements. The User acknowledges that electronic receipts are stored in their Manaxo electronic mailbox for a period of five (5) years from the date of access. After this period, the receipts will no longer be available.
3.4. Switching to Analog Correspondence
The User may request that the Licensee provide all correspondence and receipts exclusively in paper form. However, documents already delivered electronically through the Manaxo platform shall be deemed validly delivered. Requests for duplicate receipts in either electronic or paper format may incur additional fees. The Licensee reserves the right to invoice the User for additional administrative services based on processing time.
3.5. Access Blocking
The Licensee reserves the right to immediately block the User’s access to the Manaxo platform without prior notice if:
-
The User violates these General Terms and Conditions;
-
There is suspicion of misuse or unauthorized access;
-
The security of the system is, or could be, compromised.