General Terms and Conditions for Services in Risk and Opportunity Management
The following Terms and Conditions shall apply for all information provided by CRIF Bürgel GmbH (hereinafter, CRIFBÜRGEL). Reference can be made in individual and framework agreements to the General Terms and Conditions for Services in Risk and Opportunity Management. In this event, individual agreements shall take precedence. These provisions shall likewise apply for distributors of CRIFBÜRGEL, if they are separately agreed.
I. General provisions
- For all current and future business relationships between CRIFBÜRGEL and Customer, the following General Terms and Conditions shall exclusively apply in the version valid on the date of concluding the contract. Different general terms and conditions of the Customer shall not be recognized unless CRIFBÜRGEL expressly consents to their applicability. The same shall apply if CRIFBÜRGEL, aware of contrary or different conditions of Customer, carries out the delivery and service without any reservation.
- CRIFBÜRGEL expressly reserves the right at any time to amend these General Terms and Conditions, and to adapt them to technological conditions or changes in the legal situation, or where there is a contractual gap. This enumeration is by way of example and not exhaustive and is meant to include other, comparable reasons. Furthermore, an amendment should only be possible provided that Customer is not disadvantaged in a manner contrary to good faith. Amendments to these General Terms and Conditions shall be communicated to Customer in writing by way of a letter, fax, or email at a minimum of six weeks prior to taking effect. After receiving the adapted General Terms and Conditions, Customer has six weeks to object to the notice of an amendment in writing via a letter, fax, or email. If the Customer does not object, this is to be viewed as consent to the notice of an amendment, and the amended General Terms and Conditions shall become an integral component of the contract.
II. Conditions for providing economic information
- CRIFBÜRGEL offers its Customers, for their business purposes, economic information in various forms about persons and companies domiciled domestically or abroad.
- An information inquiry shall be considered to be an order to supply economic information on the basis of information that has become known to CRIFBÜRGEL and that (in its reasonable discretion) is material for assessing the circumstances. Economic information shall also be provided on the basis of the data inventory available in the database without additional research and verification of the up-to-date status.
- CRIFBÜRGEL does not verify the existence or identity of individuals. If Customer recognizes that there is not a match between the person inquired about and the person to whom the information relates, Customer may not use the transmitted data.
- CRIFBÜRGEL is entitled to expand and modify the scope of services within the framework of further development and improving the products, provided that the Customer‘s contractual purpose is not, or is only immaterially affected.
- CRIFBÜRGEL makes its information and products available in the respective up-to-date version status, and expressly reserves the right to make content and technical changes with a reasonable notice period. Product configurations, such as for example, score bands, score configurations or data interfaces can be adapted by CRIFBÜRGEL to the respective newest version status. Any expenditures incurred by Customer for an adaptation due to a new configuration or a new version status must be borne by Customer. If Customer desires a special configuration by CRIFBÜRGEL or if Customer cannot itself undertake the necessary adaptations, CRIFBÜRGEL is only obligated for this if a separate written agreement between Customer and CRIFBÜRGEL is concluded in this regard, including a regulation concerning the remuneration of CRIFBÜRGEL connected with the expenses incurred. CRIFBÜRGEL reserves the right to undertake technical adjustments, in particular, with respect to the interface, observing a notice period of at least three months, and not more frequently than one time per calendar year.
- If CRIFBÜRGEL provides to Customer copyright-protected works (for example, software or interfaces) in connection with the services offered, CRIFBÜRGEL grants to Customer during the contract term a nonexclusive license to use the works that is limited to the duration of the contract.
- Economic information concerning other credit agencies is expressly excluded from the scope of services.
- CRIFBÜRGEL can refuse an information inquiry for legitimate reasons that do not have to be disclosed.
- CRIFBÜRGEL is not obligated to disclose from where CRIFBÜRGEL obtains its information. Anything different shall only apply if statutory claims for providing information require this disclosure.
- CRIFBÜRGEL obtains its data from contractual partners. CRIFBÜRGEL also receives information from generally accessible sources such as public directories and official notices. However, no guarantee can be provided that all publicly accessible sources of information are assessed.
III. Conditions for using online services
- CRIFBÜRGEL enables the Customer’s access to the central CRIFBÜRGEL database by means of an automated search process. Stored in this database are, among other things, information concerning names, company names, addresses, birth dates, marital status, professional occupation, financial circumstances, any liabilities and payment history indicators.
- Customer can access the database with the aid of an Internet portal or by way of an interface. If the parties agree to access by means of an interface, CRIFBÜRGEL shall provide Customer an interface description free of charge. Customer is obligated to program and maintain the interface on its own responsibility and at its own expense according to the interface description. Customer is advised that CRIFBÜRGEL does not undertake an inspection of the established interface and the accuracy of the data supplied by CRIFBÜRGEL. However, CRIFBÜRGEL shall ensure that the interface was set up by CRIFBÜRGEL in a professional manner and that CRIFBÜRGEL evaluated the data made available with the due diligence of a prudent merchant. CRIFBÜRGEL shall not be liable for faulty programming or maintenance of the interface and any damages caused thereby, in particular, on account of delivering incorrect data. CRIFBÜRGEL retains the copyrights in the interface description.
- For using the online services, Customer shall be provided with multiple access authorizations that must be handled in a confidential manner. The access authorization consists of a multi-digit user identification (user ID) and a multi-digit personal password. The personal password must be changed by Customer at the initial login and changed not later than after 90 days.
- CRIFBÜRGEL shall ensure that processing requests are independently recorded, in which case when performing the processing request, the data used, the date and the time of the processing request, the authentication, the database identifier and the data retrieved shall be recorded. When the recording is not properly carried out, the retrieval process will be interrupted. These recordings shall only be used for data protection monitoring, in particular, for monitoring the permissibility of the processing requests, to ensure the proper operation of the data processing system, as well as in the case of judicial proceedings. These records will be deleted after three years unless still required for concluding an already initiated data protection monitoring proceeding, or a pending judicial proceeding.
- a) A request must be made for an access authorization for every user. Customer shall ensure that only the respectively authorized database user can get access to the database.
b) It is Customer‘s obligation to ensure, through suitable security pre-cautions, that an improper use of the access authorizations and the retrieval of data by unauthorized individuals is precluded.
c) If Customer has reason to assume that an unauthorized employee or a third party has obtained access to the access authorization, CRIFBÜRGEL must immediately be made aware of this. In this case, the access authorization will be disabled and Customer will be provided a new access authorization.
d) Upon the departure of an employee with access authorization, Customer must immediately change the previously used password and/or have it blocked by CRIFBÜRGEL.
- CRIFBÜRGEL shall make its services available online. CRIFBRÜGEL does not assume any guarantee for the functionality of Customer‘s technical equipment and Customer‘s EDP programs for retrieving data.
- If Customer violates data protection law provisions, CRIFBÜRGEL is authorized to immediately disable access to the online connection, also prior to the receipt of a termination declaration. Possible compensatory damage claims shall remain unaffected thereby.
IV. Prices, payment conditions
- Customer must pay CRIFBÜRGEL the prices set out in the respective contract on the agreed due date. If no special due date is agreed, in case of doubt the invoices are due for payment immediately. In such a case, the account is in default as of the 15th calendar day after receiving the invoice and receiving the services.
- In the event of a late payment, CRIFBÜRGEL is entitled to preclude Customer from continuing to obtain the agreed services and/or continuing to obtain the agreed products until full payment is made.
V. Product life cycle
- If Customer purchases a certain product allocation, this must be retrieved within a year. Information for an allocation not retrieved shall expire without replacement, unless written agreements that deviate from this are made as between the parties.
- All agreed services shall terminate upon the expiration of the contract.
- If Customer has ordered a monitoring product, monitoring must be immediately discontinued if the legitimate interest therein is eliminated. Customer must immediately notify CRIFBÜRGEL with regard to the lapse of the legitimate interest. No credits shall be granted for ordered products that have not been accepted.
VI. Prohibition on assignment
Customer can only apply an offset or assert a right of retention against the claims of CRIFBÜRGEL if Customer‘s counter-claim is undisputed or is non-appealable.
VII. Prohibition on transfer
- It is not permitted to transfer the data acquired, or to store it for download or for access by companies of the group, subsidiaries, or other third parties in an unmodified or further processed form, in extract, as summaries, or partial data inventories. Exceptions to this shall only apply if compulsory statutory provisions otherwise dictate.
- In the event of an intentional or grossly negligent violation of this prohibition on transfer, Customer must pay a contractual penalty for each occurrence of a violation to be determined in the reasonable discretion of CRIFBÜRGEL, and in the case of a dispute, to be reviewed by a court having jurisdiction over the matter. The right to assert additional damages remains reserved.
- Customer shall be solely liable for damages arising to Customer, companies of the group, subsidiaries, or other third parties owing to a transfer or further processing contrary to agreement. If a claim is asserted against CRIFBÜRGEL by a third party because Customer has violated the prohibition on transfer, Customer must fully indemnify CRIFBÜRGEL with respect to this claim.
VIII. Prohibition on use
If CRIFBÜRGEL determines, based on the search algorithms, that there are minimal deviations in requested data and stored data for individuals, this shall be communicated to Customer. In this event, Customer must once again verify the identity of the individual inquired about, and is subject to a prohibition on use for the transmitted data until there is a positive determination of the identity, because the data does not readily allow for a conclusion to be drawn about the payment behavior of the individual inquired about. The preceding provision applies accordingly for hits based on similarity as a result of phonetic and associative search algorithms within the context of address information.
- CRIFBÜRGEL shall be liable for compensatory damages—irrespective of the legal grounds—in the case of intentional actions and negligence.
- For simple negligence, CRIFBÜRGEL shall only be liable for damages arising from violating an essential contractual obligation the fulfillment of which allows for the proper implementation of the contract in the first place, the violation of which jeopardizes achieving the purpose of the contract, and compliance with which Customer may regularly rely.
- In the event of simple negligence, the liability is limited to 50 % of the sales generated with the Customer per calendar year. However, this limitation shall only apply if the limitation corresponds with the damages that may typically be anticipated. The liability limitation shall apply for each calendar year regardless of the number of claims.
- The proceeding provisions shall also apply in favor of the legal representatives and vicarious agents of CRIFBÜRGEL.
- The agreed liability exclusions and limitations shall not apply for damages arising from the culpable injury to life, the body or health on the part of CRIFBÜRGEL or its legal representatives and vicarious agents. The liability limitations shall not be taken into account insofar as CRIFBÜRGEL has fraudulently concealed a defect or has assumed a guarantee for the quality of the performance.
- The services rendered by CRIFBÜRGEL vis-à-vis Customer only form one element of Customer’s decision-making, and taken in isolation, do not already represent a decision, also in the presence of negative data, scores or other results. The decision concerning concluding a legal transaction and its general economic conditions is always made by Customer.
- CRIFBÜRGEL shall not be liable for damages accruing to Customer due to misuse or loss of the password or other login identifiers. Any costs and fees incurred in this connection shall be borne by Customer. Furthermore, Customer shall be liable for damages originating from Customer‘s sphere of responsibility.
- CRIFBÜRGEL shall not assume any liability for the proper functioning of the transmission lines, including data security and the availability of data cables.
X. Data security/confidentiality
- CRIFBÜRGEL processes personal data on the basis of the provisions of the General Data Protection Regulation (GDPR) in the respective, valid provisions under data protection law. Processing and transmission takes place on the basis of Article 6 par. 1 letter f GDPR, insofar as the processing is necessary for maintaining the legitimate interests of the controller or a third party and is not outweighed by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
- Customer is obligated to credibly and verifiably state its legitimate interest. The existence of a legitimate interest can in particular be assumed if a business transaction is associated with the financial risk of default.
- When using routine report updates (so-called monitoring), Customer shall assure the maintenance of a sustained business relationship to its contractual partner and thus, the existence of a continuing credit or economic risk. Furthermore, Customer commits to immediately inform CRIFBÜRGEL upon the termination of the sustained business relationship, given that contemporaneously with the end of the contract, the legitimate interest in the information concerning the economic circumstances of the contractual partner is also eliminated.
- CRIFBÜRGEL is authorized to verify the existence of a legitimate interest without stating any reasons. In this connection, Customer commits to providing relevant information and submitting proof to CRIFBÜRGEL. The documents required for this must be stored and kept available by Customer for a minimum of 12 months.
- Customer may only use or process the transmitted data for the purpose for which the data was transmitted to Customer. Processing or use for other purposes is only permissible under the prerequisites of GDPR.
- Customer commits to observing Article 22 GDPR in connection with the use of automated individual decisions.
- Customer is obligated to sufficiently require its employees or third parties, who necessarily have access to the transmitted data, to maintain confidentiality and to ensure that the transmitted data is handled in accordance with the provisions of data protection law.
- If CRIFBÜRGEL becomes aware that the Customer uses the data for purposes not permitted by law, or uses the data in an impermissible or non-contractual manner, CRIFBÜRGEL is obligated to exclude Customer from the retrieval process.
- If there are legitimate reasons for the assumption that Customer is violating the prohibition on transfer and use, CRIFBÜRGEL is authorized to have an audit performed with respect to the use of the data in conformity with the contract by its data protection officer or by a professional obligated to maintain confidentiality by virtue of the laws applicable to their profession.
XI. Closing provisions
- The law of the Federal Republic of Germany shall apply exclusively, excluding the UN sales law (CISG).
- For merchants, the venue location is agreed to be Munich. Munich shall also then be deemed to be the agreed venue if the Customer relocates its domicile to a foreign country subsequent to concluding the contract, or if Customer’s domicile is unknown at the time that the suit is filed. CRIFBÜRGEL is also entitled to file the suit at the location of the Customer‘s domicile.
- All amendments and supplementation as well as collateral agreements and special agreements related to the contract require written confirmation by CRIFBÜRGEL to be valid. This shall also apply for any amendment of this clause.
- If individual provisions of this contract are or become invalid, the validity of the remaining provisions shall remain unaffected thereby. The parties commit to replace the invalid contractual provision by a legally valid provision that most closely approximates the original legal and economic intentions of the parties. The same applies in the event that the contract should have a gap requiring supplementation.