General Terms and Conditions of Use for BetrSign® Customers

General Terms and Conditions of Use for BetrSign® Customers

I.    GENERAL PROVISIONS

These General Terms and Conditions of Use for BetrSign® Customers (hereinafter the “General T&Cs”) provided by SETCCE d.o.o. shall define the terms and conditions of use, the mutual rights and obligations of the provider or provider’s partner, and the customer in relation to all BetrSign® cloud services (hereinafter also referred to as the “Service” or “Services”) provided by SETCCE d.o.o., Tehnološki park 21, 1000 Ljubljana, registration number 1594389000, VAT ID no. SI39705684 (hereinafter also referred to as the “Provider” or “SETCCE”).

These General T&Cs may be supplemented by Additional T&Cs which lay down the provisions for individual BetrSign® Services. The Additional T&Cs along with the General T&Cs shall govern the entire use of Provider Services. 

The Additional T&Cs set out the additional or specific provisions for individual BetrSign® Services, in particular for using the BetrSign® Service via an application programming interface (API) and for using the BetrSign® Portal. The Additional T&Cs are included in the Appendices to these General T&Cs as listed below:

  • Appendix 1: Additional Terms and Conditions of Use for BetrSign® via API (Application Programming Interface)
  • Appendix 2: Additional Terms and Conditions of Use for BetrSign® Portal 
  • Appendix 3: Additional Terms and Conditions of Use for eHramba.si

These General T&Cs shall apply to all Customers who order Services through the Provider’s website, and also to those Customers who signed a special agreement to purchase the use of Services with the Provider or the Provider’s Partner, or who placed their order through the Order Form for the Use of BetrSign® Services (hereinafter the “Order Form”). The General T&Cs are fully binding for the Customer and Provider and therefore have the nature of a contract. The establishment of a contractual relationship between the Customer and Provider does not require a special written agreement, since the contractual relationship is established by the Customer’s order and acceptance of these General T&Cs, or as defined in the Additional T&Cs. 

The Provider and Customer may sign a special agreement to regulate any rights and obligations other than those set out in the General T&Cs. In the case of a conflict between provisions in the General T&Cs and Additional T&Cs, the latter shall prevail. Should the Customer and Provider regulate their business relationship with a special agreement and the provisions of such agreement and the General T&Cs are in conflict, the specially agreed contractual provisions shall prevail.

II.    DEFINITIONS

The terms used in these General T&Cs shall have the following meanings ascribed to them:

  • Price list of services means the currently valid price list of Services as specified by the Provider and posted on the Provider’s web pages or specified in a quotation or agreement.
  • BetrSign® means a set of cloud services for the management of digital transactions, i.e. for the creation and management of electronic identities, the authentication of users, the management of electronic signature workflows, electronic signing (of documents), exchange (of electronic documents) and the electronic storage of completed documentary material, i.e. completed electronically signed business documents pursuant to the Regulation on electronic identification and trust services for electronic transactions in the internal market (Regulation (EU) No 910/2014 of 23 July 2014, hereinafter “eIDAS”) and the applicable national legislation in the Customer’s country which relates to electronic signing and electronic storage of documents in electronic form.  
  • BetrSign® eID is a part of the BetrSign® Service, which functions as the provider of electronic identities in a cloud.
  • BetrSign® POS is a part of the BetrSign® Service, which enables the capture of the user's signature at the point of sales using a signature pad or tablet under the supervision of the person authorised by the customer who performs the user identification before signing. 
  • BetrSign® RS is a part of the BetrSign® Service which enables remote signing and covers those types of signatures where the signee is not present at the point of sale. The signature can be performed with a click (and a qualified electronic seal of the service), with the user’s local qualified certificate or as a signature with the user’s qualified certificate in a cloud.
  • BetrSign® Portal is a part of the BetrSign® Service which provides comprehensive IT support to the process for the digital transaction management process, from the step of preparing the signature workflow to the distribution of signed documents.
  • An incident means an event that is not part of the standard operation of the Service and that causes or could cause the non-operation or limited operation of the Service.
  • The end-user means a physical or legal person or another business entity which or who receives, reviews, accepts, signs, approves or otherwise uses the Service, whereas the Customer ensures that the end user is acquainted with the use of the Service, which is used by the end user through the Customer.
  • The Customer is any legal person or another business entity which uses BetrSign® Services against payment and agrees with the General T&Cs. A customer using Services for free during a trial period is also deemed a Customer.
  • The Provider’s partner is a legal person or another business entity who offers the Provider’s Services and through which the Customer can place an order for the Provider’s Services.
  • A signature pad is a dedicated device for capturing and digitising a handwritten signature.
  • An authorized user is a person registered by the Customer to use BetrSign®.
  • Used space in electronic storage is quantified in GB (gigabytes).
  • Connection fee is the cost of connecting or integrating a Customer with BetrSign®.
  • Software means software owned by the Provider and installed on the physical equipment owned by the Provider and forming an integral part of BetrSign®. Third-party software used by the Provider or Customer shall be used in accordance with the applicable terms and conditions of the third party concerned.
  • An audit trail is the visible trail of proof which allows information in claims or reports to be traced back to its source.
  • Service or Services means all cloud services offered by the Provider.
  • A transaction means the transmission of a complete unit of documentary material (document, image, record and other) for electronic signature via BetrSign®. In the case of a package of documents or a business transaction comprising several documents, the transmission of each document within the package or business transaction shall be deemed an individual transaction. 
  • The user is a person who uses BetrSign® Services to manage digital transactions.

III.    SCOPE OF SERVICES 

The BetrSign® Service for digital transaction management encompasses the following functional packages or services provided by the Provider:

  • creation and management of electronic identities;
  • authentication of users for the purposes of confirming digital transactions;
  • preparation of digital transactions (documents) and signature workflows; 
  • management of the digital transaction confirmation process (e-signing) 
    • by using a personal (qualified) digital certificate or
    • by using a central qualified digital certificate and secure (one- or two-factor) authentication of signee identity or
    • by capturing and digitising a handwritten signature (using a signature pad or another signing device)
  • and secure placement of an electronic signature into an electronic document;
  • optionally, the Service can include the provision of long-term storage for electronically signed documents, i.e. the capture, filing and maintenance of signed documents in the eHramba.si® electronic storage system as an integral part of the BetrSign® Service.

Management of the digital transaction confirmation process (e-signing) is performed through BetrSign® POS or BetrSign® RS.

Signing can be performed from any place and at any time, and the Service is supported on personal computers, smartphones, tablet computers and dedicated signing devices.

BetrSign® allows one document or a set of multiple documents (business transaction) to be signed by one or several signees.

IV.    TECHNICAL REQUIREMENTS OF SERVICE USE

To use BetrSign® Services, the authorised user shall need: an e-mail address, a mobile phone number (in the case of remote signing), a personal computer or mobile device (smartphone, tablet computer etc.) with internet access, a dedicated signing device (in the case of handwritten signatures), producer-supported versions of web browsers and operating systems and the BetrSign® eID electronic identity (in the case of remote signing). The Provider shall not be liable for the non-operation of BetrSign® Services on older versions of operating systems which are officially no longer supported by the operating system producer. BetrSign® Services may operate on older unsupported versions of browsers, but the appearance of pages may be incomplete or distorted and some service features may not be functional.

V.    INTELLECTUAL PROPERTY

All BetrSign® Services are licensed and they are by no means the subject of sale to the Customer. The Customer may use the ordered BetrSign® Service for the duration of the purchased right of use. The right of use is linked to the Customer (the business entity which purchased a licence) and any legal successor thereof.

By purchasing BetrSign® Services, the Customer shall acquire the untransferable, non-exclusive, time-limited, payable right to the non-commercial use of the individual right to the use of BetrSign® eID, restricted to the number of purchased rights or subscriptions. By no means shall the Customer acquire any right for the onward distribution, processing, interference with the source code, reverse engineering or reproduction of the Services, or the right to translate, adjust, modify or otherwise process, lease or sell for a fee or without a fee or use the Services commercially. 

BetrSign® Services are the exclusive and fully copyrighted property of the Provider, who retains all material and moral copyrights, which shall not be transferred to the Customer for the duration of its subscription with the assigned right of use. 

All data, images and other information contained in BetrSign® Services are subject to copyright or other protection of industrial property, as set out in the relevant legal regulations governing the area of copyrights and industrial property rights. The ownership and legal title of BetrSign® Services, and any rights attached to copyrights and other intellectual property rights on the software or any parts thereof or on the Services, shall not be transferred but shall remain the exclusive property of the Provider. 

Unauthorised or third parties are not permitted to use BetrSign® Services unless this is the subject of these General T&Cs. 

VI.    CUSTOMER CONTENT

Customer content shall mean any text, information or material such as electronic documents or images uploaded or imported by the Customer to the Services or created by using the Services or software. Uploading of illegal content is prohibited. The Provider reserves the right to remove content or restrict access to content, the Services or software if any of the uploaded content violates these General T&Cs. The Provider shall not view the content but may use the available technology or processes to detect incorrect data, certain types of illegal content, or other offensive content.

The Provider reserves the right to make a prior check to ensure that the content for which the Service is to be used by the Customer is appropriate (for political content, adult content, and all content that is legally prohibited or restricted) and approves or refuses the use of the Service for inappropriate or legally prohibited content.

The Customer holds and shall retain the right of ownership and any other intellectual property rights to all content uploaded or otherwise used in the Services by the Customer.

VII.    CONFIDENTIALITY AND PERSONAL DATA

Upon entry into a contractual relationship, the Provider and Customer agree that all information, including personal data, which they may access in order to provide the Service shall be a trade secret and shall not be disclosed to third parties except for the purposes of providing Services.

The Customer authorises the Provider, in its capacity as a contractual data processor, to store and for said purposes only process data submitted to the Provider’s information system or Service or employees that could have a business or confidential character and which will be protected with appropriate measures for preventing unauthorised disclosure.

The Provider undertakes to provide all Services in a professional and correct manner and in accordance with the legislation governing trade secret protection. When providing the Services, it shall be the Provider’s responsibility to ensure that no abuse of business or confidential information and the Customer’s data occurs. The Provider shall ensure this through consistent adherence to the applicable laws regulating this area, and compliance with best practice standards and guidelines, and by-laws and internal procedures.

The Customer is the owner and manager of all personal data, and is responsible for its protection in accordance with the applicable laws.

The Customer shall have the right to demand reports and proof of the Provider’s handling of confidential information.

The Provider shall ensure the security of data processing and storage in accordance with the Provider’s organisational measures, which include all the organisational, technical, logical-technical procedures and measures required to ensure information security and the protection of data and trade secrets.

The security policy and organisational measures shall lay down at least the following obligations:

  • all data shall be processed in a dedicated system to ensure the prevention of unauthorised access and the safe performance of all critical operations (remote access, data transfer, digital signing etc.);
  • the premises housing the information system or parts thereof shall be physically and electronically protected;
  • the hardware, system software and application software, including input/output units, shall be physically and electronically protected in accordance with information security principles;
  • security mechanisms for detecting malicious software and protecting systems against such software shall be in place;
  • the Provider shall keep abreast of technological standards and upgrade and update its software and hardware accordingly;
  • the Provider shall adhere to best practices as regards information protection (for example: privacy by design, ISO/IEC 270xx, X.509, etc.);
  • safe data transfer between the Customer and Provider shall be in place;
  • the stipulated management of information security incidents shall be in place;
  • unauthorised access to data during processing or transfer, including transfer via telecommunication means and networks, shall be prevented by means of a built-in system for the management of access rights and the use of cryptographic tools;
  • an effective means of data erasure shall be ensured by the information system on the basis of the Customer’s decision or directly pursuant to applicable regulations;
  • traceability of all data processing shall be ensured by the Provider’s information system, for the entire period from the start of data processing to the termination of data storage.

a)    PERSONAL DATA PROCESSING

The subject of these General T&Cs is also the regulation of personal data processing in the scope of Service provision under Article 4 of the General T&Cs, and the definition of rights and obligations between the Customer and Provider pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the “GDPR”).

The Provider shall receive personal data from the Customer when the latter accesses and submits personal data to the Service. Personal data is also contained in documents submitted through the Services or forming a part of the login or registration data in the scope of the Services.

For data in relation to which the Provider acts as the processor and the Customer as the controller, personal data processing within the Service is defined below by the Provider and Customer pursuant to Article 28 of the GDPR and in that connection, their mutual rights and obligations are set out in accordance with the GDPR.

The Customer represents that it has an admissible legal basis pursuant to the GDPR to process all of the personal data submitted. 

The Customer represents that the personal data that it submits to the Provider for processing is collected on the basis of at least one of the following conditions: the personal consent of the data subject or/and the performance of a contract with the data subject or/and the fulfilment of a legal obligation. The Customer guarantees that it has the appropriate legal basis to process the personal data it submits through the Services or provides within the login or registration data in the scope of the Services.

Should the Customer submit to the Provider personal data that the Customer acquired in a manner inconsistent with the GDPR or other applicable personal data protection law, the Provider shall not be held liable.

The categories of personal data collected by the Customer and submitted in its documents to the Provider may vary, and shall depend on the content of the documents, and shall not be stored in a structured form by the Provider.

The categories of personal data contained in login, registration and other input fields may include: name, surname, e-mail, mobile number, and tax ID number. The indicated personal data refer to the users,end-userss and employees of the Customer or another legal person or another business entity that collaborates with the Customer on the basis of a contract or otherwise. 

While this contract is in force, the Customer shall also submit as necessary other categories of personal data relating to other categories of individuals not explicitly specified in the preceding paragraph of this article, provided that the data is required to use the Services and the Customer has an admissible legal basis for their processing.

The Provider shall not transfer the personal data that it receives in the course of providing Services to third countries, except when required to do so and to the extent required by EU law or Slovenian law. In this event, it shall notify the Customer in advance of transferring personal data to third countries, in accordance with the applicable legislation.

The Provider shall perform only those personal data processing tasks on behalf and for the account of the Customer for the data it has received from the Customer which are necessary to provide the ordered Services.

The Provider shall process personal data received from the Customer for the purpose and by means determined by the Customer alone. The Provider shall not itself determine the purposes and means of processing the personal data that it receives from the Customer for processing.

The Provider shall handle the received personal data in accordance with the GDPR and other applicable legislation on personal data protection, and undertakes not to use the personal data for purposes other than determined by the Customer.

The Provider shall process the personal data received from the Customer only within the scope of the content of the documents submitted and as per the Customer’s documented instructions, and provide the Customer with all the information required to prove the performance of its obligations as the Provider.

The Provider represents that its persons authorised for processing personal data are under an obligation to uphold confidentiality and personal data protection.

Having regard for the nature of the work, the Provider shall help the Customer with various technical and organisational measures to perform its obligation to exercise the rights of individuals set out in Chapter III of the GDPR.

The Provider shall assist the Customer in fulfilling the obligations set out in Articles 32 to 36 of the GDPR, taking into account the nature of processing and of the information accessible to the Provider.

The Provider shall not send personal data to third parties apart from contractual sub-processors which have signed relevant personal data processing contracts with the Provider, and which are obliged to comply with all the provisions relating to personal data protection contained hereunder.

The Provider shall supply the Customer with all the information necessary for proving its performance of its obligations regarding personal data processing and allow the performance of any previously announced audits and reviews that might be stipulated or conducted by the Customer. 

The Provider shall notify the Customer without delay or within 48 hours at the latest if it identifies or becomes informed of a personal data breach.

The Customer shall notify the Provider without delay of any termination of the legal basis for personal data processing under these General T&Cs.

The Provider shall accept requests related to the exercise of rights in writing at the email address gdpr@setcce.com. In such requests, the Customer shall clearly specify what assistance it requires from the Provider and clearly indicate a deadline for reply. The Customer and Provider agree that all obligations regarding notification and other processes associated with data processing under the General T&Cs shall be performed by the Customer, whereas the Provider shall submit to the Customer all the information necessary to perform the said obligations. 

When offering assistance related to personal data protection and information protection (e.g. the exercise of rights of individuals, completion of questionnaires etc.), the Provider is entitled to charge a fee for its work by the hourly rate indicated in the processor’s valid price list. The Provider does not have the right to charge a fee for assistance when the Customer’s request is made due to a personal data breach.

Obligations arising from inspections and other official procedures by relevant authorities relating to data processing under the General T&Cs and conducted directly at the Provider’s site shall be fulfilled by the Provider. This also applies, mutatis mutandis, to the sub-processor. The Provider shall immediately notify the Customer of any such procedures.

For those personal data where the Provider acts as the processor and the Customer as the controller, the Customer agrees by entering into a contractual relationship that the Provider may perform the contractual tasks related to data processing by itself or assign them to a subcontractor acting as a personal data sub-processor. Information about sub-processors shall be notified by the Provider to the Customer in a previously agreed manner before concluding the contractual relationship. Prior to any subsequent change of a contractual sub-processor, the Provider, with general written authorisation of the controller, shall notify the Customer thereof 15 days before giving the new sub-processor access to the data. During this period, the Customer shall have the option to object to the change of sub-processor. The Provider shall furthermore conclude a contract or another legal instrument with the sub-processor which lays down the same data protection obligations as those between the Customer and Provider.  The list of sub-processors performing specific tasks related to data processing on behalf of the Provider is given in Appendix 4 to these General T&Cs.

The Provider and Customer shall ensure the relevant procedures and measures referred to in Article 32 of the GDPR.

The Provider shall protect the personal data in accordance with regulations on personal data protection and in accordance with the measures and procedures set out in these General T&Cs.

The Provider shall process the Customer’s personal data and the personal data submitted by the Customer only for the purpose of the use of Services and only for the term of the contractual relationship, or in the case of subscribing, during the term of subscription to the selected subscription plan.

After an individual transaction is completed, the Provider shall erase all documents related to the transaction which contain personal data, no later than 70 days from their receipt. 

The Provider shall irreversibly destroy any copies of personal data by the deadline referred to in the preceding paragraph unless required to store the data for longer by law.

If Service provision is terminated, the Provider or Provider’s partner shall, at the Customer’s request, hand over to the Customer any data stored in the BetrSign® information system, unless another law stipulates the storage of personal data. The Provider or Provider’s partner shall have the right to charge the costs of delivering the data to the Customer.

b)    SPECIAL PROVISIONS FOR PERSONAL DATA

The Customer guarantees that it shall acquaint all its end users with the fact that the Provider is acting as a personal data processor for the Customer and that all its end users who use any Provider Service through the Customer have been acquainted with the General T&Cs for the end-user, which are posted on the Provider’s website. The Provider is by no means liable for the use of Services by the end-user. All liability that may arise from the end user’s use of Services lies with the Customer.

VIII.    AUDIT TRAIL

An audit trail is the visible trail of proof which allows information in claims or reports to be traced back to its source. The Provider shall manage the audit trail to prove the traceability of business events. The Provider shall ensure that the audit trail is unchanged, transparent and confidential. If so agreed with the Customer, the Provider may enable the export of the entire audit trail for an individual transaction. 

The Provider shall process the following data for the purpose of audit trail management:

  • event ID,
  • signee ID,
  • username,
  • type of event (e.g. creating a transaction, completing a signature, transaction archiving etc.),
  • date and time,
  • event success,
  • transaction name,
  • additional information (e.g. type of signature, type of login etc.),
  • process status (e.g. transaction is loading, transaction is signed, archived, completed),
  • IP address.

IX.    TECHNICAL SUPPORT

For the purpose of providing assistance to Customers, various instructions and guidelines for the use of Services shall be posted on the Provider’s official website or its web applications. The Provider is not obliged to provide the Customer or user with additional direct technical support or directly answer the Customer’s questions unless otherwise stipulated with a special contract or another written agreement or in the case that the subscription plan includes the provision of technical support by the Provider or if so stipulated in the Additional T&Cs for a specific Service.

X.    PROVIDER GUARANTEES AND DISCLAIMER

The Provider shall ensure that the Services are provided in a professional manner and in accordance with technological standards, organisational measures (general organisation, security policy, information system management procedures, service provision) and the relevant law. The Provider guarantees that BetrSign® services shall be updated regularly in line with technological recommendations and legal requirements. 

The Provider guarantees to the Customer that the Services will work as intended if used in accordance with the instructions for use and supported with an appropriate information environment. The Provider shall endeavour to ensure that the Services are available at all times, except in the case of circumstances beyond its control. The Provider shall provide the Services as is and as available. The Provider refuses to give any guarantees and does not guarantee that:

  • the Services or software will meet the Customer’s requirements;
  • they will be available continuously;
  • they will ensure uninterrupted business operation;
  • they will be timely, secure and free of faults;
  • the results that may be obtained by using the Services or software will be effective, precise or reliable;
  • the quality of the Service or Software will meet the Customer’s expectations;
  • any faults or defects in the Services or software will be rectified.

The Provider shall not be liable for disruptions and outages in the telecommunications network, for faults occurring in the mobile network, for faults arising in the transfer of data along telecommunications networks, for disabled access to the use of Services for reasons not depending on the Provider (and also not during maintenance, upgrades or other required work on the system), or for outages resulting from force majeure or from reasons beyond the Provider’s control.

The Provider shall host the information system and back-up copies itself, or with subcontractors in the territory of the European Union. In the latter case, it shall provide the same guarantee for the subcontractors as if it provided the Services itself.

If the Customer fails to meet its obligations in a timely manner or unreasonably refuses the Provider’s requests, the Provider shall not be liable for any delay, non-fulfilment or incorrect fulfilment caused by the Customer’s failure to meet its obligations, or for any related damages suffered by the Customer or its clients. 

To the greatest extent possible and admissible by applicable law, the Provider shall not be held liable for any direct, indirect, pecuniary or non-pecuniary damage or any other damage related to the use of Services. This includes all damages which may be related to faults, interruptions and loss of data that may occur through the use of Services. This disclaimer applies regardless of whether damages are claimed pursuant to these General T&Cs by reason of negligence, intent or otherwise, even if the Provider’s negligence has been established and even if the Customer had notified the Provider of the possibility of some damage occurring.

THE PROVIDER SHALL GIVE NO GUARANTEE OR BE LIABLE FOR ANY CLAIM ARISING FROM:

  • THE USE OF SERVICES CONTRARY TO THE PROVISIONS OF THE TERMS AND CONDITIONS OF USE OR THE INTENDED USE OF SERVICES;
  • A CHANGE IN SERVICES MADE BY ANYONE ELSE EXCEPT THE PROVIDER UNLESS THE PROVIDER EXPLICITLY PERMITTED THE CHANGE;
  • DAMAGE DUE TO IMPROPER OR NEGLIGENT USE OF SERVICES;
  • DAMAGE DUE TO LOSS OF DATA BY THE CUSTOMER;
  • THE USE OF SERVICES IN COMBINATION WITH ANY SYSTEM OR SOFTWARE NOT PERMITTED OR PROHIBITED BY THE PROVIDER; 
  • CONTENT PUBLISHED/UPLOADED TO THE SERVICE BY THE CUSTOMER OR A THIRD PARTY. 

Unless when explicitly prohibited by law, any liability of the Provider regardless of the basis of liability for the damage incurred is excluded (including damage due to negligence, intent or breach of legal responsibilities). If a court of law finds that the Provider is responsible for any damage or loss of data or use of Services, which stems from the provision of Services, the liability of the Provider and its technological partners shall be limited to the amount of the monthly invoice for the BetrSign® Service for the Customer.

The Provider may, for technical, legal or economic reasons, change the functional or technical parameters of the BetrSign® Service. In the event that the functional or technical changes in parameters might affect the availability of the BetrSign® Service for use by the Customer (e.g. changes in integration), the Provider shall notify the Customer thereof at least 30 days before introducing the change. This duty to notify does not apply to interrupted operation during announced system maintenance and upgrades.

The Provider may also suspend the BetrSign® Service for technical, legal or economic reasons. The Provider shall notify the suspension of BetrSign® Services which are the subject of these General T&Cs to the Customer or the Provider’s Partner at least 120 days before their suspension, and this deadline shall not apply to cases of the Customer breaching these General T&Cs. The Provider shall not be obliged to compensate any costs that may result from changed or suspended Services.  The Provider may also temporarily suspend the use of Services for a specific Customer under the conditions set out in Chapter XIV. Temporary or permanent suspension of the use of Services.

Unless these General T&Cs determine otherwise, the Provider has the right to use the software and, where relevant, the hardware or BetrSign® Service for other purposes (of other Customers) or for other content (marketing content or other Customers’ content).

XI.    RIGHTS AND OBLIGATIONS OF THE CUSTOMER

The Customer undertakes to supply in the shortest time possible all the data, information and resources required to connect the Customer’s business applications with the BetrSign® Service. The Customer shall ensure that it meets all the conditions necessary for the timely and comprehensive fulfilment of the Provider’s obligations. If the Customer fails to meet its obligations in a timely manner or unreasonably refuses the Provider’s requests, the Provider shall not be liable for any delay, non-fulfilment or incorrect fulfilment caused by the Customer’s failure to meet its obligations, or for any related damages suffered by the Customer, its users or its clients or third persons connected with the Customer. Should the Customer’s delay have a significant impact on performance deadlines, the Provider reserves the option to increase the Service prices. 

The Customer shall provide true information when registering and logging into BetrSign® Services. In the event that incomplete, incorrect or untrue information are given, or for other reasons, the Provider has the right to reject registration. The Customer shall ensure that all the information required to use BetrSign® Services is true, correct, accurate and complete, otherwise the Customer shall indemnify the Provider for all the damage incurred.

The Customer shall be obliged to notify the Provider of any change to the information that is subject to agreement between the Provider and Customer within eight (8) days of the occurrence of the change.

After accepting the General T&Cs or being connected to the BetrSign® Service, the Customer shall obtain access to BetrSign® Services for its authorised users whose data was provided. The Customer shall ensure that its users are authorised for the use of the BetrSign® Portal. The Customer shall ensure that its authorised users are acquainted with the contents of the General T&Cs.

The Customer shall immediately notify the Provider’s technical support of detecting any unauthorised access to its user account for BetrSign® Services.

The Customer must not abuse the Provider’s software, Service or content that is being provided by the latter. The Customer gives its explicit assurance that:

  • it shall not abuse or attempt to abuse the BetrSign® Service;
  • it shall not perform or attempt to perform any unauthorised access to BetrSign® Services;
  • it shall not use or attempt to use the BetrSign® Services in a manner that is unauthorised and/or harmful to third parties;
  • it has all the necessary permissions and consents for the use of BetrSign® Services in accordance with these General T&Cs, otherwise it shall indemnify the Provider for all the damages incurred;
  • it shall conduct business in accordance with the General T&Cs, instructions and organisational measures prescribed by the Provider;
  • it shall notify the Provider immediately of any unauthorised use, suspicion of unauthorised use or the possibility of unauthorised use of BetrSign® Services;
  • it shall not abuse the server infrastructure or application programming interface (API) of BetrSign® Services;
  • it shall not violate applicable legislation;
  • it shall not enable or allow third persons to use the software or Services with its own user account.

These General T&Cs under no circumstance confer the right to reproduce, distribute, amend, test, develop or disclose to the public software or the Services, unless the Customer and Provider shall agree otherwise. 

XII.    FORCE MAJEURE

The Provider shall not be liable for any damage incurred by delays or errors in the fulfilment of its obligation to provide Services, if such a delay/error occurred due to circumstances that the Provider could not control, i.e. force majeure, including but not limited to examples such as: any restrictions and measures imposed by the authorities, wars, strikes, unrest, earthquakes, floods, other natural disasters and acts of God, and all other events which are beyond the Provider’s control.

If the Provider is unable to fulfil its obligation due to the occurrence of force majeure circumstances, it must immediately or no later than 5 days of the occurrence of such circumstances notify the Customer of the force majeure, its expected duration and its potential consequences. If force majeure circumstances persist longer than 2 months, the Provider and/or Customer may terminate the contractual relationship without giving further notice. 

XIII.    PROVISION OF RESOURCES FOR THE INTEGRITY AND AUTHENTICITY OF TRANSACTIONS AND THE LEGAL VALIDITY OF SIGNATURES

Within the scope of the BetrSign® service, the Provider shall provide all necessary resources for ensuring the integrity and authenticity of electronically signed documents and the legal validity of electronic signatures. To ensure the authenticity and integrity of electronically signed documents or. transactions and the legal validity of electronic signatures, the user shall be bound to comply with the rules on the use of resources for electronic signing and the performance of electronic signing in accordance with the organisational measures which are part of the BetrSign® Service (security policy for electronic signing and internal rules on electronic storage). 

The Provider of the Service shall ensure that every electronic signature created using the BetrSign® Service complies with the conditions defined by the organisational measures of the BetrSign® Service and meets the requirements of applicable legislation governing this area.

The Provider shall in no case be liable for or shall not be obliged to ensure the integrity and authenticity of electronically signed documents or. transactions and the legal validity of electronic signatures in cases of abuse of resources for electronic signing which are a part of the BetrSign® Service, or abuse of the Service by a Customer, user or third party. Equally, the Provider shall in no case be liable for or shall not be obliged to ensure the integrity and authenticity of electronically signed documents or transactions and the legal validity of electronic signatures if the BetrSign® Service is used contrary to the organisational measures of the BetrSign® Service, or in the event of abuse of the organisational measures of the BetrSign® Service.

The Customer or user shall be obliged to use BetrSign® Service in accordance with the instructions and organisational measures prescribed by the BetrSign® Service Provider. The Provider reserves the right to immediately stop the provision of BetrSign® Services in the event of abuse or of a failure to observe instructions for use, organisational measures or the relevant laws.

The Provider shall not be liable for the operation of any software or hardware owned by the Customer or a third party. Equally, the Provider shall not be liable for the inadequacy, implementation or incompatibility of the BetrSign® Service if the Customer modifies the hardware or software configuration or equipment, modifies or changes the source code, uses the Service in combination with equipment not approved by the Provider, has no Internet access or operates so as to affect the functioning of the BetrSign® Service, without the Provider’s prior written consent.

XIV.    TEMPORARY OR PERMANENT SUSPENSION OF THE USE OF SERVICES

The Provider may temporarily suspend the provision of Services to the Customer in the following cases:

  • in the event of abuse or of a failure to observe instructions for use, General T&Cs and organisational measures, or the relevant laws;
  • if the Customer uses the Services in a manner and for purposes that are contrary to these General T&Cs  or the laws in force;
  • Customer’s non-payment of undisputed liabilities;
  • by mutual agreement between the Customer and the Provider.

The Provider shall notify the Customer in writing of the reasons for temporary suspension of the use of Service at least three (3) days prior to the date of suspension.

If the Customer eliminates the reason for suspension, the Provider shall restore the use of BetrSign® Services for the Customer no later than within three (3) business days.

If the Provider suspends the use of the BetrSign® Service for any reason, it shall remove from the systems all data connected with the Customer no later than within 70 days and notify the Customer or Provider’s Partner thereof in writing.

XV.    NOTIFICATION

For notifications regarding the provision of Services, Provider support is available at the email address: epero@setcce.com.

XVI.    FINAL PROVISIONS

Should any of the provisions of the General T&Cs be or become void, this shall not affect the remaining provisions of the General T&Cs. The void provision shall be replaced with a valid provision that corresponds to the greatest extent possible to the original aim of the void provision.

If the General T&Cs stipulate that communication, coordination or other notification between the Provider and Customer shall be in writing, it is deemed that the requirement of written form is also fulfilled by emailing to an appropriate and valid e-mail address. A valid email address is the email address agreed by the Customer and Provider for their communication.

The Provider and Customer shall attempt to resolve any disputes amicably. If this is not possible, the court in Ljubljana shall be competent for resolving disputes in accordance of the law of the Republic of Slovenia.

The Provider shall have the right to transfer its rights and obligations under these General T&Cs to its affiliated companies. The Provider may engage its subcontractors or partners to provide the Services without the Customer’s consent, whereby the level of Services shall remain the same or compliant with the provisions of these General T&Cs. 

The Provider reserves the right to amend the General T&Cs at any time and at its own discretion, and it shall notify the Customer of the amendment and its effective date with a website post.

These General T&Cs shall take effect on 3 June 2022.

SETCCE d.o.o.


APPENDICES:

-    Appendix 1: Additional Terms and Conditions of Use for BetrSign® via API (Application Programming Interface)

-    Appendix 2: Additional Terms and Conditions of Use for BetrSign® Portal  

-    Appendix 3:  Additional Terms and Conditions of Use for eHramba.si

-    Appendix 4:  List of sub-processors


Appendix 1: Additional Terms and Conditions of Use for BetrSign® via API (Application Programming Interface) 

1.    Introductory provisions

Additional Terms and Conditions of Use for BetrSign® via API (Application Programming Interface) (hereinafter the “Additional T&Cs”) are an integral part of the General Terms and Conditions of Use for BetrSign® Customers (hereinafter the General T&Cs) and supplement the provisions of the General T&Cs. The BetrSign® API (Application Programming Interface) allows the Customer’s business applications to be connected or integrated with BetrSign® Services for digital transaction management.  

The range of BetrSign® Service functionalities ordered by the Customer and provided by the Provider shall be specified by the Customer or Provider with an Order Form or special agreement. The Order Form signed by the Customer shall be deemed a binding contract which is supplemented by the General T&Cs. The Provider or Provider’s Partner and the Customer shall agree on a plan for the implementation of the connection between the Customer’s business applications and BetrSign® Services at a later date (hereinafter the “Plan”). The Customer is also bound by these Additional T&Cs in cases when it has ordered the Provider’s Services through the Provider’s Partner.

2.    Commencement of Service use and Provider obligations

The Provider undertakes to provide the BetrSign® Service to the Customer in accordance with and within the scope determined in these General T&Cs and the Order Form or special agreement.

The Provider shall provide the Services hereunder in accordance with the Order Form or contract and the Plan agreed between the Provider or Provider’s Partner and the Customer.

The Customer shall start using and the Provider starts providing BetrSign® Services no later than 15 working days after the successful establishment of a connection between the Customer’s business applications and BetrSign® (test) Services by the Provider. The Provider or Provider’s Partner shall send the Customer written notification of the Provider’s successful establishment of a connection between the Customer’s business applications and the BetrSign® Service.

Prior to the commencement of use, the Provider or Provider’s Partner shall send the Customer unique data for accessing the BetrSign® Service (access to electronic signature functionality and (optionally) access to the electronic storage account). Access data shall be indispensable for the use of the BetrSign® Service and shall ensure confidentiality of the data entered and the electronic documents generated.

3.    Reconnection to Services

The Provider reserves the right to charge the Customer a reconnection fee equivalent to the amount of the initial fee for connection to the BetrSign® Service (connection fee).

If the price of the Service does not include a connection fee, the Provider or Provider’s Partner shall have the right to charge the Customer the cost of Service reconnection in the amount of six (6) full monthly subscription fees for the selected Services. The Customer shall not be entitled to reimbursement for any damage caused by the temporary termination of service provision.

4.    Level of service 

The Provider shall provide the Service 24/7 and strive for uninterrupted Service operation. The Provider may perform activities on Services that can result in disruptions to Service operation. The Provider shall as a rule perform announced activities on BetrSign® Services between 9 pm and 12 pm (midnight). The Provider shall always give at least two (2) working days’ notice to the Customer or Provider’s Partner of the planned start date of activities on systems which are expected to result in a Service interruption longer than 15 minutes.

In the event of errors or irregularities in the provision of the Service, the Customer shall proceed as follows:

  • In case of Services ordered through the Provider’s Partner, the Customer shall submit all errors to the designated email address of the Provider’s Partner. If the Provider’s Partner does not resolve the errors by itself, the Provider shall provide the second or third level of support. 
  • In case of Services ordered directly with the Provider, the Customer shall submit all errors to the designated email address of the Provider: epero@setcce.com. 

If the Provider finds, when handling the claim or subsequently, that the error reported by the Customer or Provider’s Partner does not reflect an error originating from the Service Provider or an error originating in the BetrSign® Service but is connected with a Customer issue or errors beyond the sphere of operation of both Customer and Provider (e.g. power failure, hacker attack, Internet failure), the work performed up to that point, including any further handling of the claim, shall be billed under the Provider’s or Provider’s Partner’s currently valid price list in line with the scope and complexity of the tasks performed. If the Customer does not notify its approval of the charge within three (3) working days to the Provider or Provider’s Partner, the work rendered shall be deemed to have been approved. 

5.    Termination of subscription to the use of Services

By submitting the Order Form, a contractual relationship is concluded as agreed in the Order Form, and unless explicitly specified, the relationship is concluded for an indefinite term. 

Should the Customer wish to change the scope of Services stated in the Order Form, the Customer and Provider shall agree on this by signing a new Order Form which shall replace the existing one.  

Either the Customer or the Provider may without notice terminate the contractual relationship if the other contracting party (Customer or Provider) materially breaches obligations arising from the Order Form and the General T&Cs, in particular in case of breached provisions on meeting financial obligations, intellectual property, and data protection, and does not put an end to the breach even following a written warning. 

Either the Customer or the Provider may at any time terminate the contractual relationship with ninety (90) days’ notice. 


Appendix 2: Additional Terms and Conditions of Use for BetrSign® Portal

1.    Introductory provisions

Additional Terms and Conditions of Use for BetrSign® Portal (hereinafter the “Additional T&Cs”) are an integral part of the General Terms and Conditions of Use for BetrSign® Customers (hereinafter the General T&Cs) and supplement the provisions of the General T&Cs. 

The BetrSign® Portal is a web application which provides comprehensive IT support to the process of digital transaction management by enabling the preparation of documents to be signed and signature workflow, the management of the steps of the signing process, notification of next signee in line for signature, remote signing and signing via BetrSign® POS and the distribution of completed signature documents. 

The BetrSign® Portal is connected to the BetrSign® eID Service for the purposes of authentication. The BetrSign® eID Service enables the creation and management of electronic identities and the authentication of users for access to the BetrSign® Portal and for the purposes of digital transaction confirmation.

2.    Service provision

2.1.    Registration

Requirements to use the BetrSign® Portal shall include Customer registration and the identification of the Customer’s authorised users that will be using the BetrSign® Portal. In the course of registration, the Customer shall supply the Provider with the required Customer data and the data on authorised users of the BetrSign® Portal. After registration and payment are completed, the Customer’s authorised users shall obtain an BetrSign® eID electronic identity that will allow them to access the BetrSign® Portal. Authorised users shall have to confirm their data when first logging in to BetrSign® eID, change the password and confirm their agreement with the General Terms and Conditions of Use for BetrSign® eID and any applicable amendments thereto.

2.2.    Login

Login to BetrSign® Portal shall take place via the BetrSign® eID Service in accordance with the General Terms and Conditions of Use for BetrSign® eID. To log in, the user shall enter the login data according to the required login strength. The required login data may include: an email address, password, one-time password received by the user in a text message, or a qualified digital certificate.

3.    Free trial or trial period

The trial period is a predetermined limited-time period, the purpose of which is to allow a prospective Customer to test whether the BetrSign® Portal meets its electronic signature requirements and needs.

Not all functionalities of the BetrSign® Portal may be available to the users during the trial period. Furthermore, the Provider does not guarantee that it shall provide the free trial for the full predetermined trial period.

During the trial period, the Provider may limit the number of the authorised users to the potential Customer.

When the free period or trial period expires or earlier, the Provider may enable the Customer to continue using the BetrSign® Portal if, for example, the Customer takes out a subscription plan with the Provider, or if otherwise agreed. In this case the Provider shall keep the Customer’s data and settings which the latter had indicated in the trial period.

Should the Customer choose not to take out a subscription plan after the trial period has expired, the Provider shall disable the use of the BetrSign® Portal for the Customer’s authorised users and the Provider shall have the right to erase the Customer’s personal data. The Provider shall erase the Customer’s personal data as set out in the General Terms and Conditions of Use for BetrSign® eID.

The free period or trial period for Services and software shall not be subject to any explicit or implicit guarantees, and all Services and software shall be made available as is. No technical or other support shall be included in the free period or trial period. The Provider may at its own discretion limit the use or end the free period or trial period without prior notice and without any liability to the user.

The Provider may superimpose any protection seal (e.g. watermark in the signature mark) on signed documents generated during the free trial.

4.    Payment terms, prices and method of service billing

4.1.    Subscription 

The price, functionalities, and options of the BetrSign® Portal depend on the selected subscription plan or the changes demanded by the Customer. The Provider does not guarantee to provide a specific subscription plan for an indefinite period of time. The Provider reserves the right to change its prices or modify functionalities within a particular subscription plan without prior notice.

4.2.    Subscription plan

A subscription plan entails the right to use the BetrSign® portal and software for a particular period against payment. In accordance with these General T&Cs the Customer shall obtain an account and register its authorised users who have access to the Service. The right to use the BetrSign® Portal is limited to specific authorised users of the Customer and the signees determined by the Customer’s authorised users.

By accepting the General T&Cs the Customer shall agree not to resell or otherwise provide the BetrSign® Portal to unauthorised or third persons.

Subscription plans may vary from each other by the functionalities of the BetrSign® Portal made available and/or by the number and size of available transactions. The details, prices and list of current and valid subscription plans are given on the official website of the BetrSign® Portal Provider. The methods and types of signing which are available to the user depend on the selected subscription plan.

4.3.    Prices

The applicable prices are always published on the Provider’s website. Should the Customer wish to terminate the contractual relationship, it may submit a claim on the dedicated web page before the end of the billing cycle to terminate its subscription for the use of the BetrSign® Portal for the next billing cycle.

For a different method of billing the Provider and Customer shall sign a separate BetrSign® Service Level Agreement (hereinafter the “SLA”). In such a case the SLA provisions shall prevail over the provisions of these General T&Cs. 

4.4.    Billing

The Customer undertakes to pay all the subscription plan fees associated with the BetrSign® Portal on time. The Customer shall be charged the fees for the selected subscription plans in advance. The Customer may select yearly or monthly billing of subscription plans, or another billing period specified in the valid price list on the Provider’s website.

The subscription plan fees paid by the Customer are non-refundable except when otherwise agreed by the Customer and Provider with a formal written agreement or if otherwise stipulated in these General T&Cs.

Upon paying for the Service, the Customer shall receive a confirmation email at its email address. The Provider shall issue the Customer with an invoice for the use of the BetrSign® Portal. Upon making the payment, the Customer shall receive the access details for the BetrSign® Portal immediately or no later than in three (3) business days. 

Subscription payments shall be processed directly via the Stripe payment platform in accordance with the general terms and conditions published on the Stripe payment platform Provider’s official website. In no case shall the Provider store the Customer’s bank details (bank account number, CSV etc.). When the (monthly, yearly) plan ends, the subscription fee shall be billed automatically for the following billing period unless the subscription is terminated by the Customer beforehand. The Stripe payment service processes payments automatically on a monthly or yearly basis.

In the event of late payment, the Provider shall be entitled to charge the statutory interest on late payment and may terminate the provision of Services to the Customer.

4.5.    Change of subscription plan

The Customer may change the subscription plan on the dedicated portal by changing (adding or increasing) the number of users and changing to a different plan (e.g. personal, business, premium).

If the value of the subscription plan increases due to the change of subscription plan or users, the Provider shall charge the proportional balance by the end of the billing period. The settings shall take effect immediately.

If the value of the subscription plan decreases due to the change of subscription plan or users, the Provider reserves the right not to refund the balance in purchase value. The settings shall take effect immediately.

5.    Temporary or permanent termination of Service provision

Subscription to a subscription plan shall terminate:

  • as soon as the term for which the subscription plan was concluded has ended;
  • as soon as the Customer terminates its subscription plan for a trial test or at the moment the free trial terminates;
  • within 23 hours of failure to process payment in the course of automatic subscription renewal.  

The Provider reserves the right to charge the Customer a reconnection fee equal to the amount of the full monthly/yearly plan. The Customer shall not be entitled to reimbursement for any damage caused by the temporary termination of service provision. The Customer may permanently delete its account, in which case all data associated with the Customer shall be erased automatically. 

Appendix 3: Additional Terms and Conditions of Use for eHramba.si

The General Terms and Conditions of Use for eHramba.si® (hereinafter the General T&Cs) constitute a separate legal instrument of the Provider of eHramba.si, ZZI d.o.o., Pot k sejmišču 33, 1231 Ljubljana - Črnuče. The Provider’s General T&Cs are posted on the following web page: https://www.zzi.si/e_files/news/Splo%C5%A1ni%20pogoji%20eHramba.si.pdf


Appendix 4:  List of sub-processors

Name 

of sub-processor

 

Address 

of sub-processor

Registration number

Purpose of processing activity

ZupO d.o.o.

Zaboršt pri Dolu 11b. 1262 Dol pri Ljubljani

1518976000

backup copying


ZZI d.o.o.

Pot k sejmišču 33, 1231 Ljubljana - Črnuče

5366569000

long-term storage of electronic documents (eHramba.si® Service) – if the Customer orders the eHramba.si® Service


Setcce

Down