general terms and conditions
General Terms and Conditions (“GTC”)
- Principles
1.1 Software: emonitor AG (“emonitor”) develops and operates software solutions for real estate management (“Software”).
1.2 Contract Components: These GTC, together with each individual offer of each customer (“Offer”), govern the contractual relationship between the customer and emonitor in relation to the use of the software (“Usage Agreement”).
1.3 Software Packages and Licensing Models: emonitor offers the software in various software packages with different licensing models (free or paid) and additional options (“Offers”). The currently valid offers and their functionality are available on the emonitor website (www.emonitor.ch).
For free offers, Clauses 3.6 and 4 do not apply.
- Acceptance of the GTC
2.1 Acceptance: The customer accepts these GTC by accepting the offer, but no later than by paying the first invoice or returning the project start form. For free offers, the customer accepts the GTC by applying for usage.
2.2 Validity of the Acceptance: The acceptance applies also to all future orders from the customer, as well as to services already received from emonitor, which were previously governed by an earlier version of these GTC or the emonitor license agreement.
- Services Provided by emonitor
3.1 License: emonitor grants the customer a non-exclusive, non-transferable, non-sublicensable, revocable, worldwide right to use the software within the scope of the selected package/license model according to the offer and the functionality description on the emonitor website.
All rights not expressly granted to the customer under the usage agreement remain reserved for emonitor.
Open-source or third-party components of the software are provided solely in accordance with and subject to the applicable open-source or third-party licenses.
3.2 Hosting: emonitor operates the software on suitable IT infrastructure and makes it available to the customer for use via the internet.
3.3 Availability: emonitor operates the software 24 hours a day, 7 days a week (24×7), and continuously monitors its operation regarding all relevant technical parameters. The software’s availability is generally 99.5% of operating time. This excludes outages:
(a) due to maintenance work;
(b) attributable to the customer (e.g., incorrect operation, lack of internet connection, etc.);
(c) due to force majeure or other incidents not directly attributable to the provider (e.g., external DNS problems, denial of service attacks, and other electronic attacks on the infrastructure, as well as failures of parts of the internet outside the provider’s control).
3.4 Maintenance: Maintenance of the software includes error correction, adaptation, and further development of the software (new releases), as well as their installation (including testing).
emonitor reserves the right to implement certain functions differently or to replace the existing software with a successor product during adaptations and further developments. In both cases, emonitor ensures that an equivalent range of functions to the last release of the software is maintained.
3.5 Backups: emonitor backs up the data stored in the software at least once per day on working days.
3.6 Support and Incident Reporting: emonitor maintains a helpdesk that accepts support requests and incident reports from Monday to Friday between 9:00 am and 5:30 pm CET (excluding general and local public holidays at emonitor’s headquarters) (“Support Hours”).
The response time is one (1) business day within the support hours, from receipt of the incident report to the start of resolution. No resolution times are guaranteed.
3.7 Additional Services: The offer may include further services provided by emonitor.
- Costs and Payment
4.1 Costs: The prices for emonitor’s services are listed in the offer and depend on the desired scope of services.
If no price is specified in the offer, or if emonitor provides services beyond the offer, a standard hourly rate of CHF 240 per hour applies.
All prices are exclusive of VAT and/or any analogous taxes and duties incurred in the respective jurisdiction.
4.2 Payment: Billing is carried out according to the conditions specified in the offer. Invoices are due for payment within 30 days from the invoice date.
The customer is responsible for all bank and similar fees related to the transfer of the invoice amount.
Once the payment deadline expires, the customer is automatically in default without a reminder. emonitor reserves the right to charge default interest of 5% per annum. Additionally, the customer is liable for any additional costs (reminders, collections), as well as further damages. In the event of default, emonitor is also entitled to stop ongoing work immediately.
4.3 Price Changes: emonitor informs the customer of planned price changes. If the customer does not terminate the contract within 30 days of being informed in accordance with Clause 12, this will be deemed acceptance of the new prices.
- Usage Guidelines
5.1 Login Data: To use the software, emonitor provides the customer with login credentials. The customer must choose their own passwords, adhering to standard security precautions, particularly ensuring sufficient protection and secure storage of login data and passwords. The login data may only be used by the person to whom it has been assigned.
5.2 Other Obligations: The customer further agrees to:
(a) reasonably assist in identifying and resolving software malfunctions;
(b) immediately forward any user complaints related to the software to emonitor;
(c) comply with all applicable national and international laws, particularly refraining from accessing the software to commit illegal actions;
(d) refrain from any actions that infringe emonitor’s intellectual property rights (Clause 6), damage emonitor’s reputation, or expose emonitor to liability claims or sanctions;
(e) under no circumstances attempt to reverse-engineer, decompile, modify, translate, or disassemble the software, in whole or in part;
(f) refrain from creating derivative works based on the software;
(g) refrain from copying or reproducing the software, in whole or in part, in its original or modified form;
(h) under no circumstances alter or remove marks or copyright notices on the software or associated media;
(i) refrain from providing or publishing content or information in connection with the use of the software that infringes the rights of third parties, such as copyrights, trademarks, or other intellectual property rights.
- Intellectual Property
6.1 Ownership: emonitor is the owner of all intellectual property rights in the software and all other rights related to the software (“IP Rights”).
6.2 Creation of Further Intellectual Property: The customer agrees that any improvements, developments, adaptations, or modifications of the software, regardless of their nature, including all related documentation, created works, technologies, inventions, algorithms, codes, discoveries, or ideas, whether created solely by the customer or by emonitor or together with others during the term of the license, and all resulting rights and claims, including all copyrights, trade secrets, trademarks, patents, or other intellectual property rights globally, will be the sole and exclusive property of emonitor, without any entitlement to compensation for the customer. Where such an assignment is legally not possible, the customer agrees to assign these rights irrevocably and at no charge to emonitor or to grant emonitor (alternatively) a perpetual, irrevocable, worldwide, and exclusive right of use.
- Confidentiality
7.1 Non-Disclosure and Non-Use: The parties agree to keep confidential information provided by the other party:
(a) strictly confidential and not disclose it to third parties or distribute it;
(b) not use it for any purpose other than those specified in these GTC.
7.2 Definition: Confidential information particularly includes all non-public information about the software. Other information is deemed confidential if it is designated as such by the disclosing party at the time of disclosure and is neither obvious nor generally accessible.
7.3 Duration of Confidentiality Obligation: This confidentiality obligation applies even before the contract is concluded and continues after the contract has ended. Statutory disclosure or information obligations remain reserved.
- Data Protection
8.1 Principle: The parties agree to take all necessary measures to ensure that they, as well as their governing bodies, employees, agents, and representatives, comply with applicable data protection laws.
8.2 Data Processing Agreement: emonitor processes personal data in the software on behalf of the customer. The processing is carried out in accordance with the data processing agreement in the appendix to these GTC.
8.3 Modeling and Analysis: emonitor also processes personal data under the conditions outlined in Clause 9 for non-personal modeling and analysis purposes.
8.4 Privacy Policy: Further information on how emonitor processes data can be found in the privacy policy on emonitor’s website.
- Modeling and Analysis
9.1 Right of Use: emonitor is entitled to use the personal and object data processed in the software for modeling and analysis purposes under the following conditions:
(a) The data may only be used for non-personal and non-object-related modeling and analysis, particularly to improve the user experience, further develop the software, and create demand models or other evaluations.
No personal or object data may be rented, sold, or otherwise passed on.
(b) Before use, emonitor extracts a copy of the data from the production environment and takes appropriate measures to anonymize the data or otherwise prevent the identification of individuals and objects involved.
(c) The results of the modeling and analysis (models and evaluations created from the data) may only be published or otherwise distributed if no conclusions can be drawn about the customer or the individuals and objects involved.
9.2 Ownership of Created Models and Evaluations: emonitor is the sole and exclusive owner of all rights to the models and evaluations created from the data. No compensation or other claims arise for the customer.
- Limitation of Liability
10.1 Limitation of emonitor’s Liability: The customer acknowledges that emonitor, its governing bodies, employees, or agents are not liable for any kind of damages, including but not limited to direct or indirect damages, incidental or consequential damages, financial losses, third-party claims, lost profits, loss of goodwill, loss of sales or data, in connection with the use, support, or maintenance of the software or other services provided by emonitor. Liability is fully excluded to the extent permitted by law.
Where liability cannot be excluded by law, it is limited to the sum of the services paid by the customer in the same year.
10.2 Limitation of Customer’s Liability: This limitation of liability also applies to the customer. Excluded from this limitation is the violation of emonitor’s rights to the software or other related IP rights (Clause 6), for which no limitation of liability exists.
- Warranty
The software is provided as-is (“as is” and “as available”). All warranty claims are expressly excluded to the extent permitted by law.
- Term and Termination
12.1 Term: Unless otherwise agreed in the offer, the usage agreement is indefinite.
12.2 Termination: Indefinite contracts can be terminated by either party with 30 days’ notice at the end of any month.
Each party has the right to terminate the usage agreement without notice if the other party:
(a) is clearly insolvent or ceases business operations; or
(b) materially breaches the contract and does not cure such breach to the other party’s satisfaction within ten (10) days of receiving notice of the breach. A material breach includes, for example, the violation of obligations under Clause 5.2 (c)-(i).
For free offers, the customer can deactivate their account at any time, which constitutes termination.
12.3 End of Obligations: The parties’ obligations end with the termination of the contract, unless the contract stipulates ongoing obligations. In particular, Clauses 6-10 remain in effect for both parties after the termination of the contract.
12.4 Migration and Return of Data: Unless otherwise provided in this contract, emonitor’s services for migration or return of data upon termination of the contract will be billed based on effort.
- Miscellaneous
13.1 Marketing: The customer agrees that emonitor may use the customer’s name and logo to list them as a reference customer on the website or in print materials (flyers, brochures, presentations).
The customer can revoke this permission in writing, in whole or in part, at any time.
13.2 Relationship between the Parties: The parties do not have a relationship that constitutes a simple partnership, joint venture, or any other form of corporate relationship. They are not authorized to act for or represent each other.
13.3 Severability Clause: If one or more provisions of these GTC are invalid or unenforceable, the remaining provisions remain unaffected. The parties shall replace the invalid or unenforceable provisions with those that are valid and enforceable, best reflecting the original intent of the parties, and, if possible, lead to the same economic result.
13.4 Amendments: emonitor will inform the customer of any changes to these GTC. The new GTC are considered accepted unless the customer objects to the changes in writing within 30 days of notification.
13.5 Succession and Assignment: Rights under the usage agreement may only be assigned with the prior written consent of the other party. An exception is the assignment by emonitor to an affiliated company or a successor in the case of a takeover, merger, or similar change of control.
13.6 Waiver of Rights: If one party fails to fulfill part of its contractual obligations and the other party does not insist on proper fulfillment, this does not constitute a waiver of the right to fulfillment of other contractual obligations.
13.7 Applicable Law and Jurisdiction: Swiss law applies. The exclusive jurisdiction for disputes is the state courts at emonitor’s registered office.
Appendix: Data Processing Agreement
- General Principles
1.1 emonitor (“Processor”) processes personal data of third parties on behalf of the customer (“Controller”) in the software as part of fulfilling the usage agreement.
1.2 This data processing agreement (“DPA”) is an integral part of the usage agreement. The definitions in emonitor’s GTC apply.
- Applicable Law
The following are considered “applicable data protection laws”:
(a) For the processing of personal data subject to the Swiss Federal Act on Data Protection (“FADP”): the FADP;
(b) For the processing of personal data subject to the EU General Data Protection Regulation (“GDPR”): the GDPR.
- Obligations of the Processor
3.1 The subject of the processing under this DPA is the personal data of third parties processed by the Processor in the software to fulfill the usage agreement (“Personal Data”).
3.2 This includes the following data of the following affected persons (categories):
(a) For rental or purchase applicants:
(I) The content of the application;
(II) Communication content;
(III) Technical data.
(b) For the Controller’s software users:
(I) Identification and contact data (e.g., name, email);
(II) Login and other user data;
(III) Communication content;
(IV) Technical data.
3.3 This contract applies to all activities where the Processor or its subcontractors process this personal data.
3.4 The purpose of the processing is the provision of the software in accordance with the usage agreement. This includes the execution of necessary auxiliary functions (e.g., error monitoring). In addition, the Processor analyzes certain technical data of the Controller’s users for the non-personal purpose of further developing its services. Clause 9 of the GTC remains reserved.
3.5 The nature of the processing includes the activities required for these purposes, particularly collecting, recording, organizing, storing, adapting or altering, retrieving, using, transmitting, providing, aligning, linking, deleting, or destroying personal data.
- Processing According to the Usage Agreement and Further Documented Instructions
4.1 The Processor processes the personal data in accordance with the usage agreement and any additional documented instructions from the Controller. Instructions not covered in the usage agreement must be provided in writing. They will be treated as a request for a change in services and are subject to fees.
4.2 The Processor shall inform the Controller immediately if it believes that an instruction violates applicable data protection laws.
4.3 If the Processor is legally obligated to process the personal data in a way that deviates from the Controller’s instructions, it shall inform the Controller before processing, unless the applicable law prohibits this due to important public interest reasons.
- Data Security and Confidentiality
5.1 The Processor takes appropriate technical and organizational measures to ensure an adequate level of data security, as required by applicable data protection laws.
5.2 For this purpose, the Processor has specifically implemented the technical and organizational measures listed in Appendix 1. These measures are subject to technological advancement and development. The Processor reserves the right to modify, cancel, or replace existing measures and implement additional measures. In doing so, the Processor ensures that the general security level remains at least equivalent. The Controller can request an updated list of the technical and organizational measures at any time.
5.3 The Processor regularly reviews its internal processes and the technical and organizational measures to ensure that an adequate level of data security is maintained in its area of responsibility, as required by applicable data protection laws.
5.4 The Processor does not create copies or duplicates of the personal data without the Controller’s knowledge. Exceptions include technically necessary temporary reproductions and backup copies required to ensure proper data processing, data protection, and data security.
5.5 The Processor ensures that employees or other persons authorized to process the personal data are subject to appropriate contractual or legal confidentiality obligations. It ensures that the employees involved in the processing are familiar with the relevant provisions of data protection law and this DPA before processing begins.
- Cooperation in Fulfilling Legal Obligations
6.1 The Processor reasonably assists the Controller in fulfilling its obligations under applicable data protection laws, particularly:
(a) In relation to the competent data protection authorities;
(b) In relation to affected persons, especially when they wish to exercise their rights (e.g., to correction, deletion, or information) under applicable data protection laws;
(c) In conducting data protection impact assessments by the Controller.
6.2 The Controller shall bear the costs of such assistance by the Processor, to the extent they go beyond ordinary contract performance. Exceptions apply when the assistance is demonstrably required due to the Processor’s violation of applicable data protection laws or its contractual obligations.
6.3 If an affected person or authority contacts the Processor, the Processor will immediately forward the request to the Controller. The Processor is not liable if the Controller fails to respond to the affected person’s request, or does so incorrectly or untimely.
- Subprocessors
7.1 The Controller agrees to the engagement of the subprocessors listed in Appendix 1 for the processing of personal data under this DPA.
7.2 The Processor may engage additional subprocessors as necessary to fulfill the contract. The Processor maintains an updated list of subprocessors, which the Controller can access at any time. If the Controller objects to any additional subprocessors on substantial data protection grounds and the Processor cannot offer a suitable alternative, the Controller has the right to terminate the contract immediately.
7.3 The Processor carefully selects the subprocessors and imposes on them essentially the same data protection obligations as those set out in this DPA. The Controller may review the relevant contracts between the Processor and its subprocessors upon request.
- Transfer of Personal Data Abroad
8.1 Without the Controller’s prior consent, the Processor will only transfer personal data to organizations abroad if the requirements for international data transfers under applicable data protection laws are met.
8.2 The appropriate level of protection in countries without an adequacy decision (e.g., Bosnia) is generally ensured by concluding standard contractual clauses between the Processor and the subprocessor.
- Proof and Inspections
9.1 The Processor shall provide appropriate proof of compliance with this DPA upon request from the Controller.
9.2 If an inspection by the Controller or an external auditor engaged by the Controller is necessary, it will be conducted during regular business hours without excessive disruption to operations, generally following prior notice and with appropriate lead time. The Controller bears the cost of the inspection, unless the Processor is demonstrably in breach of applicable data protection laws or its contractual obligations.
9.3 The Processor may refuse inspections by an external auditor if the auditor is not suitably qualified or independent, is in direct competition with the Processor, or is otherwise evidently unsuitable.
9.4 The Processor is not required to disclose the following data to the Controller or its external auditor:
(a) Data of other customers of the Processor;
(b) The Processor’s internal accounting or financial data;
(c) The Processor’s trade secrets;
(d) Data that cannot be disclosed for legal reasons; and
(e) Data not necessary for the exercise of the rights set forth in this section.
- Notification of Personal Data Breaches
10.1 The Processor shall notify the Controller without delay upon becoming aware of a data breach or other violation of personal data protection within its area of responsibility. The Processor will provide sufficient information to enable the Controller to meet its reporting obligations and inform the affected persons.
The Processor will take appropriate measures to investigate and rectify the breach in collaboration with and with the consent of the Controller.
- Deletion of Personal Data
Personal data stored in the software will be irrevocably deleted six months after the end of the usage agreement. Additionally, the Controller may request in writing (text form is sufficient) that the Processor delete the personal data at an earlier date.
11.1 The Controller may independently archive personal data of rental and purchase applicants at any time in the software. Archived or deactivated data will be irrevocably deleted three months after archiving/deactivation in the software.
11.2 It is the Controller’s responsibility to ensure that any data to be retained is exported and backed up before the deletion process begins.
11.3 Clause 9 of the GTC and any legal obligations of the Processor that prevent deletion are reserved.
- Transfer of Personal Data
12.1 Upon termination of the contract or at any time upon written request (text form is sufficient) from the Controller, the Processor shall provide the Controller with a complete copy of the data stored in the software.
12.2 The transfer of data will be free of charge in a standard format chosen by the Processor, in consultation with the Controller. If the Controller requests a different format that requires significant additional effort by the Processor, the Controller shall compensate the Processor for this additional effort.
12.3 The Controller may independently export the personal data of rental and purchase applicants from the software at any time.
- Liability
The corresponding provisions of the GTC apply to liability.
- Duration and Termination
14.1 The duration of this DPA is governed by the duration of the usage agreement.
14.2 Nevertheless, the provisions of this DPA apply to any data processing activities under this DPA that continue after the end of the contract, as long as such processing continues.
Document
The following link contains our data processing agreement as a signed document for your records:
Appendix: Subprocessors
Subprocessor | Purpose | Data Location | Data Categories |
Google Switzerland | Hosting | Switzerland | No access to personal data (encryption) |
CreditTrust (Certifications, CRIF, Intrum Justitia) (only if customers have integrated this service) | Creditworthiness certificates | Switzerland | Contact details and demographic data (date of birth) |
Freshdesk | Software support | EEA | Contact details of software users |
InputLayer GmbH | Software development, server infrastructure | Switzerland | Restricted access to personal data (encryption) |
Postmark / Active Campaign LLC | Email server | USA | Access to contact details (name, email address) |
Google Analytics (only if emonitor hosts the customer website) | Analytics | Worldwide | Technical data (IP address) & user behavior |