
General Terms and Conditions (GTC) of Code Intelligence GmbH
General part
Preamble
	Code Intelligence offers modern security testing solutions with feedback-based fuzzing. In this context, Code Intelligence provides support and consulting services, leases software licenses for the operation of the test software on the customer's infrastructure, operates the software for the customer (Managed Service), tests software for customers on its own infrastructure (Software as a Service), and/or adapts the test software to customer requirements.
	The present GTC are composed of a General Part with regulations for all these services and Special Parts for the respective services and products, which supplement the General Part or take precedence over it as a more specific regulation. General and Special Parts of the General Terms and Conditions are jointly referred to as "General Terms and Conditions" or "GTC".
	Since the technology used ("fuzzing") allows the software under test to exhibit any desired behavior, all software should always be operated in a secure environment, such as a virtual machine. Code Intelligence is generally not liable for damages caused by fuzzing of the software to be tested or its dependencies. As with any other testing method, fuzz testing does not make it technically possible to assume that tested software is free of errors. Code Intelligence can therefore not warrant that the software tested for the customer with the applied fuzz testing is free of defects.
1.	Principles and scope of application
Code Intelligence GmbH, Rheinwerkallee 6, 53227 Bonn, Germany, provides its services exclusively based on these General Terms and Conditions (GTC).		
b. 	The validity of conflicting terms and conditions of business or purchase of the customer is hereby objected to. Both Parties mutually acknowledge the agreements / regulations made in Code Intelligence’s GTC.
c. 	Customers can only be entrepreneurs within the meaning of § 14 of the German Civil Code (BGB). The conclusion of a contract with consumers is excluded, as is the right of revocation.
2. 	Contact Person
Upon conclusion of the contract, the parties shall name the contact data of a commercial and a technical contact person.	
In case of changes or unavailability, representatives, and their contact details (name, e-mail, telephone) must be named.
3.       Duty to cooperate / Access
The customer is obliged to provide Code Intelligence with information, documents, and employees as contact persons to a reasonable extent at his own expense, as required for the success of the project. This includes the provision of access to premises, equipment and IT systems - if necessary, by remote access.	
b.       Code Intelligence explicitly states that the software is based on fuzzing, which basically runs a user's program with random input, resulting in random program behavior. Use of the software may result in data loss, incorrect test results, program crashes and increased processor load. The software must therefore always be run in a secure working environment (e.g. in a virtual machine / staging area).
c.       If the non-performance of obligations to cooperate impairs the performance of the contract, any delivery and completion dates shall be postponed by the period of the delay plus a reasonable start-up period.
c.       The customer's obligation to cooperate is the main contractual obligation, if the purpose of the contract would be endangered by a failure to cooperate.
4. 	Warranty / Freedom from third party rights
Code Intelligence warrants the agreed characteristics of the contractual service as it results from the product description.	
b. 	The warranty for defects does not apply to defects resulting from the fact that, for example, license material is used in a hardware and/or software environment that does not meet the requirements specified by Code Intelligence.
c. 	The liability for material and legal defects for the services rendered expires if the customer or third parties make changes to the licensed object that Code Intelligence has not expressly agreed to beforehand. This does not apply if the customer can prove that the defect is not due to the changes and that these changes did not complicate the identification and elimination of the defect.
d. 	Code Intelligence ensures that the services it provides are free of third-party industrial property rights which exclude or significantly impair their contractual use by the customer. Under the condition to be proven by the customer that the customer immediately informs Code Intelligence about the assertion of claims due to alleged infringements of property rights by third parties through the services of Code Intelligence, that the customer leaves the sole legal defence to Code Intelligence and supports Code Intelligence to a reasonable extent in the defence of such claims, Code Intelligence will indemnify the customer from all such claims of third parties and the related costs for the legal defence within the scope of liability.
Should it be legally established that the services of Code Intelligence violate intellectual property rights of third parties, Code Intelligence will, at its option, either procure the necessary right of use of the violated rights for the customer at its own expense or modify the services so that they no longer violate the intellectual property rights, but still comply with the contractual agreements.
5.        Liability
Code Intelligence is liable for intent and gross negligence. Code Intelligence is only liable for slight negligence in case of violation of an essential contractual obligation, the fulfillment of which is essential for the proper execution of the contract and on the compliance with which the contractual partner may regularly rely, as well as for damages resulting from injury to life, body or health.	
b.	Code Intelligence owes the customary care in the industry for the provision of services. In determining whether Code Intelligence is at fault, it must be taken into account that software cannot be created without technical errors.
c.	Code Intelligence is not liable for the loss of data and/or programs insofar as the damage is due to the fact that the customer has failed to carry out data backups and thereby ensure that lost data can be restored with reasonable effort.
d.	The above provisions also apply to the benefit of Code Intelligence's vicarious agents, representatives and organs as well as to the personal liability of employees.
e.	The limitations of liability do not apply to liability for personal injury and liability under the Product Liability Act.
f.	Code Intelligence is not subject to the objection of contributory negligence.
g.	In the case of leases, liability for initial defects is excluded, notwithstanding the above provisions of this clause 6.
h.	For the period of limitation, the statutory period of limitation shall apply. The limitation period pursuant to sentence 1 shall commence at the time specified in § 199 (1) BGB. It shall commence at the latest upon expiry of the maximum periods specified in § 199 (3) and (4) BGB.
6.	Remuneration / expenses / price adjustments
Unless otherwise specified in the product order, the prices and expenses according to the Code Intelligence software license agreement apply.	
b.	Unless otherwise specified, invoices are due immediately upon receipt by the customer and are payable without deductions. If payment is not made within three weeks of receipt of the invoice, interest shall be charged on the outstanding amount at an annual rate of 9 percentage points above the applicable prime rate.
c.	All prices quoted are subject to the statutory value added tax applicable at the time.
d.	In the case of services charged on a time and material basis, Code Intelligence includes a statement of the hours worked for each month of activity. The statement shall be submitted to the customer on a monthly basis together with the invoice. 
e.	The customer is only entitled to offset undisputed or legally binding claims against Code Intelligence.
f.	As far as Code Intelligence necessarily incurs expenses due to the activity, the customer is obliged to compensate for these expenses.
g.	Code Intelligence is entitled to adjust the remuneration for services covered by the contract and will inform the customer in writing two months in advance. 
h.	In the case of continuing obligations, the new prices for the following calendar year must be communicated at the latest two months before the end of the year. The customer is entitled to terminate the contract extraordinarily by giving one month's notice in writing from the date of notification of the price adjustment at the end of the year if Code Intelligence increases the prices by more than 10% compared to the respective period of the previous year.
7.      Reservation of ownership
	Delivery items remain the property of Code Intelligence until all payment claims of Code Intelligence have been fulfilled.
8.	Secret protection, data protection / data backup
The parties agree to maintain secrecy about confidential information. This obligation shall continue for a period of three years after termination of the contract. In particular, the customer is prohibited from obtaining confidential information by means of reverse engineering, unless it is essential for the contractually agreed use of the information.
b.	Such confidential information is excluded from this obligation,
which were demonstrably already known to the Recipient at the time of the conclusion of the Agreement or which subsequently become known to the Recipient by third parties, without this violating any confidentiality agreement, statutory provisions or official orders;
which are publicly known at the time of the conclusion of the contract or become publicly known thereafter, unless this is due to a breach of this contract;
which must be disclosed due to legal obligations or by order of a court or an authority. To the extent permissible and possible, the recipient obligated to disclosure shall inform the other party in advance and give it the opportunity to take action against the disclosure.
c.	The Parties shall only grant access to confidential information to consultants who are subject to professional secrecy or who have previously been subject to obligations of confidentiality under this agreement. Furthermore, the parties shall only disclose confidential information to those employees who need to know such information in order to perform this Agreement, and shall require such employees to maintain confidentiality to the extent permitted by employment law, including for the period after their termination.
d.	Any culpable violation of the above confidentiality obligations shall result in a reasonable contractual penalty to be determined by the disclosing party in the amount of up to EUR 25,000.00, which is available for judicial review. Further claims of the parties remain unaffected. The payment of the contractual penalty does not exclude the assertion of a claim for injunction, further damages or other legal rights, in particular from the German Trade Secret Act, if appropriate evidence is provided. The contractual penalty shall be set off against possible damages.
e.	As far as Code Intelligence processes personal data on behalf of the customer (Art. 28 EU Data Protection Regulation), this is done according to the legal regulations exclusively on the customer's instructions. In addition, the parties conclude an order processing agreement in accordance with Art. 28 DS-GVO, in which in particular supplementary regulations on technical and organizational measures to be taken are agreed. In the event of joint responsibility in accordance with Art. 26 DS-GVO, the parties undertake to conclude a data protection agreement on joint responsibility in accordance with Art. 26 DS-GVO. For the rest, Code Intelligence refers to the information in the data protection declaration.
9.	Reference customer naming
Code Intelligence is entitled to name the customer as a reference customer on the website, company presentations and other documents including the customer's logo. The customer grants Code Intelligence the necessary rights for this purpose also beyond the termination of the contract until revocation. 	
b.	In case of revocation, Code Intelligence will be granted an appropriate period of use.
10.	Conduct clause
	The parties undertake to refrain from all actions and announcements that are likely to damage the reputation of the other party. 
11.	Involvement of third parties / Technical innovations
Code Intelligence is entitled to commission third parties and vicarious agents to perform the contractual obligations. 
b.	In addition, Code Intelligence is entitled to use newer or different systems and procedures for the provision of services than were initially subject matter of the contract, as long as the customer is not disadvantaged by this.


12.	Miscellaneous
Place of performance is the company headquarters of Code Intelligence, currently Bonn.
b.	Code Intelligence is free to choose the place of work and working hours, unless the completion of the task requires otherwise, such as attending on-site meetings.
c.	There are no additional agreements. Subsidiary agreements, amendments and supplements to this contract as well as to the appendices thereto must be made in writing. This also applies to the cancellation of this written form clause. If these terms and conditions should be modified or changed, any changes or modifications will be posted on the Company's Website  and shall automatically come into effect when so posted. Client shall be responsible for checking this site periodically for any such changes or updates.
d.	The parties are aware that the Software may be subject to export and import restrictions. In particular, licensing requirements may exist or the use of the software or related technologies abroad may be subject to restrictions. Customers shall comply with the applicable export and import control regulations of the Federal Republic of Germany, the European Union and the United States of America, as well as all other relevant regulations. The contractual performance of Code Intelligence is subject to the proviso that there are no obstacles to fulfillment due to national and international regulations of export and import law or any other legal requirements.
e.	Should individual provisions be or become incomplete, invalid or unenforceable, the validity of the remaining provisions shall not be affected. In place of an incomplete, invalid or unenforceable provision, a valid replacement provision shall apply which corresponds to the purpose of the agreement or at least comes as close as possible to the purpose of the agreement and which the parties would have agreed to in order to achieve the same economic result if they had known of the invalidity of the provision. The parties shall agree such a substitute provision in writing without delay.
f.	Any successor in title may enter into this Agreement at any time with the consent of the other Party. Valid reasons in governance / compliance allow the customer a special right of termination.
g.	The assignment of claims from this contract, which are not monetary claims, is only permissible with undisputed or legally established claims or prior consent. Consent may not be unreasonably withheld. 
h.	German law applies exclusively. The application of the UN Convention on Contracts for the International Sale of Goods (CISG) is hereby waived. Where there is conflict between the German and the English versions, the German version shall prevail.
i.	Place of jurisdiction is the respective headquarters of Code Intelligence, currently Bonn. This does not exclude the right of Code Intelligence to assert claims against the customer at the customer's general place of jurisdiction.


Special part - CI Fuzz 
“On-Premise”
Subject of the Contract
Code Intelligence provides CI Fuzz (hereinafter referred to as "Software") to the customer for operation on the customer's infrastructure for the duration of the contract. Customers are granted a simple, non-exclusive, non-transferable, non-sublicensable right to use limited in time to the duration of the agreement.
b.	The software is provided in object code including documentation in English language on data carriers or via download. 
The quality of the software is finally determined by the contract / offer. The information contained therein is to be	understood as a performance description and not as guarantees. A guarantee is only granted if it has been expressly designated as such. The provision of updates (updates and upgrades) is not owed and requires the express agreement of the parties. Excluded from this are updates for the removal of defects. If updates are provided, the provisions of these GTC shall apply.
d.	Support with installation and configuration as well as application support is not subject matter of the contract, if this is not explicitly agreed between the parties. 
e.	The implementation of customer-specific requirements requires a separate order. 
2.	Remuneration, over-use fees
For the provision of the software for the contractual number of users as well as the documentation (hereinafter referred to as "License Material"), the customer shall pay the remuneration stated in the offer or the software license agreement after corresponding invoicing by Code Intelligence. 	
b.	Code Intelligence is entitled to monthly billing according to the agreed remuneration or the software license agreement. 
c.	Until the agreed total price has been paid, a provisional and revocable right of use of the licensed material shall apply. Should the customer be more than 90 days in default of payment, Code Intelligence may revoke (after two reminders) the granted right of use with immediate effect.
d.	If the customer exceeds the granted right of use, the customer has to notify Code Intelligence within 7 days from the beginning of the overuse and has to pay the difference between the paid amount and the remuneration according to the software license agreement of Code Intelligence for the actual scope of use per overuse copy, per overuse participant or for the scope of overuse. The software license agreement valid at the beginning of the overuse shall be used as a basis and shall be published by Code Intelligence in its current version.


3.	Granting of the right of use, scope of the right of use
Scope of use
Code Intelligence grants to the customer for the duration of the contract after payment of the fully owed rental fee the simple, non-exclusive, non-transferable and non-sublicensable right to use the licensed material according to the regulations of these GTC. 
The transfer of the right of use within the scope of a continuing obligation (e.g. rental, leasing, leasehold) or within the scope of a sale of the Licensed Material, which serves the customer's profit-making purposes and economic interests or which serves the purpose of public reproduction or any other form of making the Licensed Material available is not permitted.
If the customer violates the license terms, all rights of use under the contract become immediately invalid and automatically revert to Code Intelligence
After termination of the right of use, the license material may no longer be used. At Code Intelligence's option, the customer is obliged to destroy the license material and all copies thereof or to return it to Code Intelligence. The customer has to assure Code Intelligence in writing that he has destroyed or returned the licensed material and all copies thereof. The license material may not be made available to third parties - even after termination of this agreement - either in whole or in part without the consent of Code Intelligence.
The source code shall not be made available.	
b.	Reproduction rights of the customer
The customer may reproduce the license material as far as the respective reproduction is necessary for the use of the software. Necessary duplications include the installation and loading of the software on the mass memory of the hardware used as well as in the main memory.
In addition, the Customer may make a duplication for backup purposes. However, in principle only one single backup copy may be made and stored. This backup copy must be marked as such.
The customer's right to the software made available via download link shall be exhausted in the same way as if the customer had received the software on a data carrier.
In order to ensure the availability of the system, the Customer may also set up a replication operation.
The customer may copy the application documentation provided within the scope of the license material for internal purposes if Code Intelligence has expressly agreed in writing to the copying and the purpose of distribution.


c.	Control and inspection rights, overuse
On the basis of reasonable suspicion, which must be reported and substantiated, Code Intelligence, or a third party designated by Code Intelligence and bound by professional secrecy, has the right to audit Customer's use of the Licensed Material during Customer's normal business hours to determine the number of licensed servers or domains, the number of backups made, and the location of the server
Code Intelligence will observe the confidentiality of the information obtained in this process and will protect the customer's interest in operational secrecy. 	
d.	Copyright and industrial property rights / third party rights
Customer acknowledges Code Intelligence's copyrights and thus Code Intelligence's original and unrestricted rights of use and exploitation of the licensed material. The unrestricted rights of use and exploitation also exist for extensions or changes of the licensed material that Code Intelligence has created or delivered for the customer according to the order.
The customer acknowledges Code Intelligence's trademark, brand, name and patent rights to the entire licensed material.
If the license material cannot be protected in individual cases, the parties agree to the corresponding application of the relevant protective provisions with regard to the legal consequences.
e.	Protection of the licensed material
The customer is obliged to take appropriate measures to protect the license material from access by unauthorized persons.	
4.	Duration and Termination
The contract is concluded for a period of 12 months, unless otherwise agreed. If not canceled, the period is extended for another 12 months. The notice period is 3 months to the end of the term. 
b.	Furthermore, the contract can be terminated in writing by either party without notice for good cause. A good cause entitling Code Intelligence to terminate the contract is especially given if the customer infringes rights of use by using the software beyond the extent permitted under this contract and does not remedy the infringement within a reasonable period of time after a warning by the licensor.
c.	A cancellation must be made in writing, whereby an email confirming receipt is sufficient.
5.	Maintenance, elimination of defects, reduction
Code Intelligence warrants that the contractually agreed quality of the software is maintained during the term of the contract and that no rights of third parties conflict with the contractual use of the software. The licensor shall remedy any defects of quality and title of the leased object within a reasonable period of time.		
b.	The Customer is obliged to notify the Licensor in writing of any defects in the Software immediately after their discovery. In the case of material defects, this shall be done by describing the time of occurrence of the defects and the detailed circumstances.
c.	A reduction is excluded