Software as a Service Terms and Conditions / ToolOrg

Last amended: 26.05.2023

These Terms and Conditions apply to the use by Customer of software applications on the basis of software as a service (SaaS) provided by Bosch Automotive Service Solutions GmbH, Am Dörrenhof, 85131 Pollenfeld, Germany (hereinafter: "Provider"), Customer and Provider hereinafter referred to as "Parties".

Definitions

"Account” means the authorization to access controlled-access Applications of the Provider.

"Application” means the respective software application provided by the Provider under a Contract.

"Bosch-ID” means the User ID of the single sign-on authentication service provided by Robert Bosch GmbH, which enables the use of various independent digital service offerings of the Bosch Group, for which a Customer's e-mail address is required..

"Contract” means the agreement between the Provider and Customer regarding the provision of the Application (e.g. an offer, an order form or an online order). Certain Terms & Conditions governing the operation of ToolOrg have been negotiated directly between the Provider and VW AG. Those terms, where applicable, will form part of the Contract by reference. .

"Customer Data” means all data, information, content or material submitted by Customer or on behalf of Customer in connection with use of the Service, storage space and/or the Account or manually generated by the Customer with the Application. Customer Data also includes access and registration data and any data derived from Customer submitted data.

"Service Description” means a description of the technical functionalities of the respective Application.

"Service Level” defines the quality features of the Application in terms of availability and maintenance such as agreed between the Provider and VW.

"Usage Data” means all automatically transmitted machine data (sensor or other machine data) or automatically generated system data (e.g. log files, information on utilization or availability of the Application).

Scope of Application

Provider provides the Application to Customer solely on the basis of these Terms and Conditions and the applicable attachments as referenced herein, which are part of the Contract.

Terms and conditions of Customer or of third parties will not apply even if Provider does not specifically object to the application of such terms and conditions. Even where Provider refers to a letter containing or referring to Customer’s or a third party’s business terms and conditions, this does not constitute agreement to the application of such business terms and conditions.

Individual agreements executed between the Parties on a case -by -case basis (including ancillary agreements, supplements and amendments) will in any event take precedence over these Terms and Conditions.

Subject Matter

The subject matter of these Terms and Conditions is the provision of the Application via remote access for use by Customer, the necessary storage space as well as the granting or procurement of usage rights regarding the Application by Provider in return for payment as agreed by the Parties. The Application is described in more detail in the Contract or an annex thereto (e.g. Service Description).

The implementation of an interface integration with Customer’s existing system landscape is outside the scope of these Terms and Conditions and requires a separate written agreement between the Parties.

Provider has the right to have the services performed by third parties (including affiliates of Provider according to § 15 German Stock Corporation Act (AktG)) as subcontractors.

Provision of Application

Provider shall make available the then current version of the Application for use in accordance with the provisions of these Terms and Conditions on a server infrastructure provided by Provider or its subcontractors (hereinafter referred to as "Server") from the time agreed in the Contract.

Access to the Application by Customer shall be browser-based via the Internet or via an application interface set up by Provider.

Provider shall provide Customer the necessary access credentials required for use of the Application, unless the registration of a Bosch-ID is required. Registration for a Bosch-ID is the sole responsibility of Customer.

If an Account is required to obtain access to and to use the Application, the Provider shall make this Account available to Customer after Customer agrees to these Terms and Conditions. The provision of an Account is free of charge. The Account and the access credentials are not transferable. Customer is liable for all actions performed under Customer’s Account.

Customer shall change all passwords into passwords known only to him without undue delay and shall keep them confidential. Provider is not responsible for the consequences of misuse of user passwords.

Technical Availability of the Application and the Customer Data

Provider owes the availability of the Application and of Customer Data at the Internet hubs of Provider’s data centre as agreed as part of the Service Level. Except as otherwise agreed, an availability of 94.5% per annum (calculated with effect from provision of the Application) shall be deemed agreed.

If the Application is not available on account of: (i) planned maintenance work (e.g. for updates and upgrades), (ii) other planned interruptions in operations, (iii) unplanned maintenance work for good cause or for other reasons for which Provider is not responsible, such as malfunctions in the field of the provision, operation and support of the Customer’s communications connection (communications sections outside Provider’s data center), in particular due to a failure in Customer’s Internet connection, then for the purposes of calculating availability, the Application shall be deemed to have been available during these times.

Provider shall owe the availability of the functionalities of the Application described in the service description only if the system requirements also regulated therein have been complied with by Customer. Customer shall be solely responsible for compliance with the system requirements. The provision of Section 15 shall apply accordingly to changes to the system requirements and to changes to the technical system of Provider.

Provider is only responsible for the proper functioning of Provider’s systems up to the Internet hubs of Provider’s data center.

Deviating from Section 5.1, if the Application is made available free of charge, the Customer is not entitled to uninterrupted availability and/or error-free use of the Application. The Provider does not warrant that the use of the Application will not be interrupted or impaired by downtime, maintenance activities, further developments, updates and upgrades or malfunctions.

Support

Provider shall provide first level support (“FLS”) for Customer via a support center for all incidents arising in the context of the Application provided. The support availability is regulated as part of the Service Level. In connection with the FLS, for each incident an incident ticket shall be created by Provider and the error shall be categorized.

Errors which cannot be rectified by the FLS shall be forwarded to Provider’s second level support (“SLS”), if available, with the aim of establishing a temporary workaround. The SLS is triggered via the FLS.

The reporter of the error shall be advised of the status and of its solution at regular intervals until such time as the solution is implemented and the incident is rectified. If, however, the qualification of the incident ticket by Provider shows that the cause of the incident lies in a service or performance by Customer pursuant to Section 13 or has other reasons for which Provider is not responsible, then the incident ticket shall be forwarded to the Customer. In this case Customer himself shall be responsible for resolving the problem. If, in this case, the use of the Application is restricted until the fault has been rectified, the Provider is not responsible for the resulting consequences, and this does not discharge the Customer from paying the agreed remuneration.

The support, the provisioning and implementation of Application updates and the execution thereof shall be done by Provider as required in accordance with the maintenance regulations for the Application.

Other services by Provider

During the term of the Contract, Provider shall provide Customer with a documentation for the Application in the current version in electronic form.

A separate agreement in writing is required for additional services by Provider, in particular support and integration services (for Customer systems and/or for plant / technical units) and consulting services. Customer has no entitlement to performance of such services.

Usage Rights

Provider grants to Customer a non-exclusive, non-sub-licensable and non-transferable right to use the Application in the context of the functionalities and the intended use of the Application in accordance with the service specification and the documentation for the term of the contractual relationship. Within this framework, Customer is entitled

a) to make the Account and the Application available to third parties exclusively using the Application on behalf of and for the Customer;

b) to store and print the documentation, whilst maintaining the existing copyright notices and, for the purposes of the Contract, to reproduce that number of copies thereof which is appropriate.

The open-source software components used in Provider’s Application shall be illustrated in the Service Description or in the Application itself, if a legal obligation exists based on the conditions of the Open-Source Software.

To the extent agreed in individual contracts, Customer may permit Customer’s end customers to access the Application provided that this is done solely within the framework of the intended use of the Application for the Customer’s business purposes (e.g. within a product offer by Customer to Customer’s end customers which includes access to individual functionalities of the Application).

Provider makes the Application available as SaaS (Software as a Service) per remote access. It shall not be made available to Customer for Customer’s own permanent storage, nor does Customer have the right to make it available itself or to use it in a data center environment.

If, during the term of the Contract, Provider makes new versions, updates, upgrades, modifications or extensions of the Application available or carries out other changes with respect to the Application, the provisions of Section 8 shall also apply thereto, even if the modifications or extensions were ordered by Customer and paid for separately.

Customer shall not have any rights not explicitly granted to Customer under these Terms and Conditions. In particular, Customer has no right to:

c) use the Application and/or the Account beyond the scope of use agreed in these Terms and Conditions or to permit third parties to use it;

d) subject to Section 8.1a), make the Application and/or the Account available to third parties; or

e) duplicate the Application and/or the Account or to provide it for use for a limited period of time, in particular not to lease it or loan it.

Customer is obliged to ensure that the provisions of these Terms and Conditions are complied with.

If Customer breaches the provisions of Section 8, Provider may, after giving Customer advance notification in writing, block Customer’s access to the Application if the violation can be rectified by such blocking. The block shall be removed as soon as the reason for the blocking ceases to exist. If Customer continues to violate the provisions of Section 8 or does so repeatedly despite a respective warning in writing from Provider, Provider is entitled to terminate the contractual relationship for cause without notice unless Customer was not responsible for such breach. Provider’s right to claim damages shall remain unaffected.

The Provider is the sole owner of the Usage Data and may use and exploit it in anonymous form for any purpose in accordance with the applicable statutory provisions. The Customer warrants that he has not made any agreements with third parties that prevents its use.

Intellectual Property

Except for Customer Data, all content of the Application, such as text, graphics, logos, button icons, images and audio clips, is the property of Provider or his licensors, and is protected by copyright or by other intellectual property rights.

Customer Data

Customer hereby grants to Provider the right to use, for the purpose of executing the Contract, the Customer Data filed in the storage space for use of the Application, in particular the right to reproduce such Customer Data for this purpose (e.g. for data back-up), to modify it and to provide such Customer Data for the purpose of accessing it. Additionally,

Customer hereby grants to Provider the right to use the Customer Data to prepare analytics on individual dealer level (such as tool usage, life span, tool inventory …) and to share the analytics and data with VW AG and (where relevant) the NSC.

Customer warrants that

a) he and/or his licensors hold all rights to the Customer Data required for the granting of rights under these Terms and Conditions

b) the Customer Data does not violate these Terms and Conditions or applicable laws and does not infringe the intellectual property of a third party.

The Customer is responsible for the security of Customer Data. Unless otherwise agreed in the Contract, Customer is obligated to regularly back up his Customer Data. Each data back-up by Customer shall be performed so that the recovery of the Customer Data is possible at all times.

Provider is entitled to immediately block Customer’s use of the Application and the storage space if there is justified suspicion that the stored Customer Data is unlawful and/or infringes third-party rights. There is a justified suspicion of unlawfulness and/or of an infringement of rights in particular when courts, authorities and/or other third parties notify Provider thereof. Provider shall then notify Customer of the block, stating the reason for the block. The block shall be removed as soon as the suspicion has been refuted.

Defect Claims

Following a respective defect notification by Customer, defects in the Application including the documentation shall be dealt with by Provider within reasonable reaction times. The same shall apply with regard to other disruptions of the Application’s usability for which Provider is responsible. Any potential damage claims based on defective performance for which the Provider is responsible shall be governed by Section 17 of these Terms and Conditions.

Customer’s right to terminate on the grounds of a failure to permit the use of the Application in conformity with the contract pursuant to Section 543 (2) sentence 1 no. 1 BGB (German Civil Code) is excluded, unless the establishment of use in conformity with the contract must be deemed to have failed. At the earliest, the establishment of use in conformity with the contract will be deemed to have failed after the second unsuccessful attempt.

If the Application is provided free of charge, Provider does not assume any warranty for material defects and/or defects of title, except in cases in which the Provider fraudulently concealed the respective material defect and/or defect of title.

Remuneration, Tax, Price Change

This section 12 applies only in case of direct billing by the Provider to Customer.

The amount of remuneration is specified in the Contract or an annex thereto (e.g. price list).

All prices are in Euro plus Value Added Tax or any other tax of a similar nature in the applicable jurisdiction at the applicable amount levied in accordance with statutory law.

Unless otherwise agreed, all invoices from Bosch must be paid with subscription.

Each party will be responsible, as required under applicable law, for identifying and paying all taxes and other governmental fees and charges (and any penalties, interest, and other additions thereto) that are imposed on that party upon or with respect to the transactions and payments under the Contract.

All payments made by the Customer to the Provider under the Contract will be made free and clear of any deduction or withholding, as may be required by law. If any such deduction or withholding (including but not limited to cross-border withholding taxes) is required on any payment, Customer will pay such additional amounts as are necessary so that the net amount received by Provider is equal to the amount then due and payable under the Contract. Provider will provide Customer with such tax forms as are reasonably requested in order to reduce or eliminate the amount of any withholding or deduction for taxes in respect of payments made under the Contract.

The contractual remuneration is valid for each subscription period only. At each Contract renewal as per § 18.2, the Customer will be invoiced the then valid contractual remuneration published at the time of renewal.

Duties and Obligations of Customer

Customer shall perform all cooperation duties required from Customer for the execution of the contractual relationship. In particular, Customer is obliged to:

a) change all passwords allocated by Provider into passwords known only to Customer, to keep usage and access authorizations assigned to Customer secret, to protect them against access by third parties and not to disclose them to unauthorized users. These data shall be protected by suitable and effective measures. Customer shall notify Provider without undue delay in case of any suspicion that unauthorized persons might have obtained knowledge of access data and/or passwords;

b) create the system requirements described in the service description;

c) comply with the restrictions/obligations with regard to the rights of use under Section 8 and to prosecute any violations of these obligations effectively and with the objective of preventing future violations;

d) obtain the necessary consent from affected persons to the extent personal data are collected, processed or used within the Application and no statutory or other permission applies;

e) check data and information for viruses and Applications other malware prior to sending data and information to Provider and to implement anti-virus programs in accordance with the state of the art; and

f) notify Provider of defects in contractual performances by email immediately (no later than on the following working day) after obtaining knowledge thereof.

Customer is not authorized:

g) to obtain access to non-public areas of the Application or to the technical systems on which the Application is based;

h) to utilize robots, spiders, scrapers or other similar data collection or extraction tools, to utilize programs, algorithms or methods to search, access, acquire, copy, or monitor the Application outside of the documented API endpoints;

i) to knowingly send Customer Data with viruses, worms, Trojans or other infected or harmful components, or to otherwise interfere in the proper functioning of the Application;

j) to decrypt, decompile, disassemble, reconstruct or to otherwise attempt to discover the source-code of the Application, any software or proprietary algorithms used, except as permitted under mandatory applicable laws;

k) to test, scan, or examine the vulnerability of the Application, or

l) to intentionally utilize devices, software or routines which have a disruptive effect on the applications, functions or usability of the Application or willfully destroy other data, systems or communications, generate excessive load, or harmfully interfere, fraudulently intercept or capture.

Data Privacy

The Parties shall comply with the applicable provisions of data protection law and commit their employees engaged in connection with the contractual relationship and the execution thereof to data protection, except to the extent that they are already under a general obligation to act accordingly.

If Customer processes personal data, then Customer warrants that he is authorized to do so in accordance with applicable data protection regulations, and in the event of any infringement, Customer shall indemnify Provider from and against third party claims.

The obligations pursuant to Sections 14.1 and 14.2 shall continue to exist as long as Customer Data are in the area of influence of Provider, also after the termination date of the contract.

Changes to the Contract

The Provider reserves the right to modify Applications provided free of charge, to make new Applications available free of charge or on a fee basis, and to discontinue the provision of free Applications. The Provider will properly consider Customer's legitimate interests in doing so.

Provider reserves the right to adapt these Terms and Conditions and paid Applications to changed technical or legal conditions, with regard to further developments or technical progress at any time, such adaptation also being effective with regard to existing contractual relationships. The basic functionalities will be kept.

Customer shall be notified of such changes by notification through the Application insofar as the adaptation involves a restriction in the usability of data generated to date or other not only insignificant disadvantages (e.g. adaptation expenses). If Customer does not object within 30 days of receipt of the notification or continues to use the Application after expiry of the period for objection, then the changes shall be deemed to have been effectively agreed as from the expiry date of the time limit. In the event of an objection, the contractual relationship shall be continued subject to the conditions applying hitherto. If an objection is raised, Provider is entitled to terminate the contractual relationship subject to a one (1) month’ notice period. Customer shall be advised of its right to object and of the consequences in the change notification.

Confidentiality

The Parties shall observe the confidentiality of all information which is to be treated as confidential and obtained in the context of this contractual relationship, or shall, respectively, only use it in relation to third parties, for whatever purpose, subject to the prior written agreement of the other Party. Information to be treated as confidential includes information explicitly marked as confidential by the Party communicating the information and information where the confidentiality thereof derives from the circumstances of its provision.

The obligations under Section 16.1 shall not apply to such information or parts thereof for which the receiving Party proves that it

a) was known to the receiving Party or generally accessible prior to the date of receipt or became known from a third party after the date of receipt in a lawful manner and without any confidentiality obligation; or

b) was already known to the general public or was generally accessible prior to the date of receipt; or

c) became known to the general public or became generally accessible after the date of receipt without the receiving Party being responsible for this; or

d) has waived its right to confidentiality in respect of which the notifying Party has waived its right to confidentiality by means of a written declaration to the receiving Party.

The Parties shall only make public statements relating to their cooperation subject to their prior mutual agreement. Customer does not have the right to appear as the representative or commercial partner of Provider. Without the prior consent of Provider, Customer is not entitled to use information on envisaged or existing contractual cooperation for reference or marketing purposes.

The obligations under Section 16.1 shall survive termination of the contract for an indefinite period, as long as a criterion for an exception pursuant to Section 16.2 has not been evidenced.

Liability

Provider is liable in accordance with the statutory provisions

a) in the event of intent or gross negligence,

b) in accordance with the provisions of the German Product Liability Act ,

c) within the scope of a guarantee given by Provider, and

d) in the event of injury to life or limb or impairment to health of a person.

In the event of any property and financial damage caused negligently in any other way, Provider and persons engaged by it for the performance of its obligations shall be liable only in the event of a breach of a material contractual obligation, the amount being limited, however, to the damages foreseeable when the contract was entered into and typical of the type of contract; material contractual obligations are those obligations the performance of which is characteristic of the contract and which Customer may rely on (hereinafter referred to as "Material Obligation").

Notwithstanding the provision in Section 17.1, in the event of a negligent breach of a Material Obligation evidenced by Customer, the amount of Provider’s liability for all damaging events occurring in the same contract year is limited as follows:

e) The maximum liability amount per contract year amounts to 100% of the remuneration paid by Customer in the year of the damaging event, however, limited to a maximum of Euro 50,000.

f) If the maximum liability limit is not reached in one contract year, this does not increase the maximum liability limit in the following contract year. A contract year within the meaning above is the first period of twelve months from the date of provisioning in accordance with the contract and every subsequent twelve-month period.

Strict liability (“liability without fault”) for defects which already existed when the contract was concluded, is excluded.

Subject to Section 17.1 Provider shall not be liable for the loss of Customer Data if the damage is due to Customer’s failing to back up data in accordance with Section 10.3 and thus to ensure that lost Customer Data can be recovered with reasonable effort.

The foregoing limitations of liability shall also apply in the event of fault by a person engaged by Provider in the performance of its obligations and to the personal liability of employees, representatives and corporate bodies of Provider.

With regard to telecommunications services, the limitations of liability pursuant to Section 44a of the German Telecommunications Act (TKG) shall remain unaffected.

As far as the Application is provided free of charge the Provider assumes no liability for damages resulting from the use of the Application, except in cases of gross negligence and/or intent. Liability for damages under the German Product Liability Act is not excluded.

Suspension

The Provider may suspend the Customer's access to the Application if the Provider determines that

a) the use of the Application (i) poses a security risk to the Application and/or a third party; (ii) adversely affects the Application or other customer's systems or content; (iii) violates applicable law or third-party rights; (iv) could subject Provider, its affiliates or third parties to liability for damages; or (v) is fraudulent,

b) the Customer violates any terms of the Contract

c) (in case of direct billing) the Customer is in default of its payment obligations for more than 30 days.

18.2 The Provider shall inform the Customer of the suspension by sending a notification to the e-mail address associated with the customer account prior to the suspension, unless the Provider has to act immediately due to urgency and is therefore unable to send a prior notification to the Customer.

18.3 The suspension shall be revoked as soon as the Customer has resolved the problem that led to the suspension.

18.4 Provider's right to suspend Customer's access to the Application is in addition to Provider's right to terminate this Contract pursuant to Section 19 and to exercise any other remedies available to Provider under applicable law.

Term, Termination

Except as otherwise agreed, the Contract shall be entered into for a limited period (“subscription period”) and shall enter into force on the date of activation of the Application by Customer.

Unless otherwise specified, the contractual relationship will be automatically extended for an identical period of time unless terminated by either Party by giving three month’s written notice to the end of the then valid contract period.

The Parties’ right to terminate for cause without notice shall remain unaffected. Cause is deemed to exist if

Customer leaves the VW dealer network, and/or (in case of direct billing billing) Customer is in default of payment of the remuneration or of a not inconsiderable part of the remuneration pursuant to Section 12 for two successive months or if, in a period covering more than two months, he is in default of payment in respect of the remuneration in an amount equal to the remuneration for the two months prior to notification of termination. In the event of termination by Provider for cause caused by Customer, Provider can immediately claim lump-sum damages amounting to 50% of the residual monthly basic charges due up to expiry of the regular term of the contract. Customer has the right to prove that lower damages were incurred, Provider has the right to prove that greater damages were incurred. Upon termination of the contract all authorizations and registrations of Customer under this contract, with exception of authorizations for the Bosch-ID, shall simultaneously end automatically. The authorization for the Bosch-ID has to be in accordance with the terms applicable to the Bosch-ID.

Obligations upon and after Termination of the Contract

The Provider shall delete Customer Data from all Provider systems one month after termination of the contract, unless there are legal retention periods to the contrary. The Customer is obliged to export and save the Customer Data on his own responsibility in good time before termination of the contract or expiry of the aforementioned period. On request of the Customer and for a fee to be agreed separately, the Provider will support the Customer thereby.

In the event of termination of the contract, Provider shall endeavor to support Customer, on request and for remuneration, in the best possible way in the change to another service provider. The Parties shall agree upon the details in a separate migration agreement.

Export Control

Customer is aware that the use of the Application may be subject to import/export restrictions. In particular there may be approval requirements or use of the Application and related technologies may be subject to restrictions/limitations in foreign countries.

Customer shall comply with respectively applicable national and international import/export control regulations, and with all other relevant regulations.

Provider’s fulfilment of the contract is subject to such fulfilment not being opposed by impediments due to national or international import/export regulations or by any other statutory provisions.

Delays due to export examinations or approval procedures render deadlines and delivery dates inapplicable. If necessary approvals are not granted or if the delivery and service are not capable of being approved, the contract shall be considered not concluded with respect to the parts affected.

The Provider has the right to terminate the contract without notice if such termination is necessary for the Provider in order to comply with national or international legal provisions. In the event of termination the Customer is excluded from raising a claim for any damage or other rights on account of the termination.

The Application shall not be utilized for military purposes or for nuclear technology purposes.

Miscellaneous

The contractual relationships between the Parties shall be governed by the substantive laws of the Federal Republic of Germany. Application of the UN Convention on Contracts for the International Sale of Goods (CISG) is excluded.

These Terms and Conditions shall take precedence over the provisions of the Contract, including its annexes, unless the Contract expressly deviates from these Terms and Conditions. In the event of any conflict between the Contract and its annexes, the provisions of the Contract shall prevail over those of the annexes (with the exception of these Terms and Conditions).

Legally relevant statements and notices to be delivered to Provider by Customer after conclusion of the Contract (e.g. setting of time limits, notification of defects, and declaration of rescission or price reduction) must be made in text form in order to be effective.

Should any provision of these Terms and Conditions be or become invalid or unenforceable, this shall, however, not affect the remaining provisions.

The courts of Stuttgart, Germany, have exclusive jurisdiction and venue.

Bosch Automotive Service Solutions GmbH