Privacy Protection, Data Security – At a Glance:
Your privacy is important to us.
We only collect data that is important for the functioning or improvement of our products.
Whenever possible we refrain from collecting individual-related data.
We strive to protect all information we have about our users.
We do not sell individual-related data.
Thoughtfish (Thoughtfish GmbH, Joachim-Friedrich-Str. 37/38, 10711 Berlin) takes the protection of your personal data very seriously and handles them with great care, complying with German data protection law. The following Privacy Policy will provide you with information about the personal data that is collected and how it is processed and used.
Thoughtfish will alter the Privacy Policy from time to time. Please note that the valid version is the updated one.
Privacy Policy of Thoughtfish GmbH for their Website and COALA
I. General information
1. Controller
In the following, we explain to you which personal data is collected and processed by us when you make use of our services or use our offers. We are:
Thoughtfish GmbH
Joachim-Friedrich-Str. 37/38
10711 Berlin
Tel.: 030 84422644
Fax: 030 56002328
Personal data is individual information about personal or factual circumstances of an identified or identifiable natural person, therefore all information that can be related to a person.
2. Legal basis
Insofar as legal bases are mentioned in this privacy policy, these are those in accordance with the GDPR (“Datenschutz-Grundverordnung”).
We collect and process personal data based on the legal bases mentioned below:
- Consent pursuant to Article 6(1)(a) of the General Data Protection Regulation (GDPR). Consent is any voluntary expression of will in the form of a declaration or other unambiguous affirmative action, given in an informed and unambiguous manner for a specific case, by which the person affected indicates that he or she consents to the processing of personal data relating to him or her.
- Necessity for the performance of a contract or the execution of preparatory measures pursuant to Article 6(1)(b) of the GDPR, i.e. the data is necessary for us to be able to fulfill our contractual obligations towards you or we need the data to prepare for the conclusion of a contract with you.
- Processing for the fulfillment of legal obligations pursuant to Article 6(1)(c) GDPR, i.e. that, for example, processing of the data is required by law or other regulations.
- Processing for the protection of legitimate interests pursuant to Article 6 (1)(f) GDPR, i.e. that the processing is necessary to protect legitimate interests on our part or on the part of third parties, unless such interests are overridden by the interests or fundamental rights and freedoms of you which require the protection of personal data.
3. Rights of the Data Subject
You are entitled to the following rights with regard to data processing by us in accordance with the articles of the General Data Protection Regulation (GDPR) listed in each case:
- Right to information pursuant to Art. 15 GDPR
- Right to rectification in accordance with Art. 16 GDPR
- Right to erasure (“right to be forgotten”) pursuant to Art. 17 GDPR
- Right to restriction of processing pursuant to Art. 18 GDPR
- Right to data portability pursuant to Art. 20 GDPR
- Right of objection according to Art. 21 GDPR
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.
4. Data erasure and storage period
The personal data of the data subject will be erased or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other regulations to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
II. Concrete data processing
1. Visit of the website
i. Scope of data processing
We operate several websites, namely the websites:
- www.thoughtfish.de
- www.coala.world
When visiting these websites, the following data is collected and stored by our web server:
- The IP address of the user
- Date and time of access
- Indication of the time difference between the requesting host and the web server
- Content of the request or information about the requested file that was transmitted to the user
- Amount of data transmitted
- Access status (successful transmission, error, etc.)
- Websites from which the user’s system accesses our website
- Information about the browser type, browser language, operating system, browser version and interface used.
The data is stored in the log files of our system. This data is not stored together with other personal data of the user. The servers are rented from our one hosting partner located in Germany.
ii. Legal basis
The legal basis for the processing of the data is Art. 6 (1) (f) GDPR. The legitimate interest within the meaning of Art. 6 (1) (f) GDPR is therefore the functionality of our website and its availability.
The legal basis for the transfer of data to the hosting provider is Art. 28 (3) GDPR.
iii. Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. In addition, the IP address is recorded to prevent attacks on the website.
The data is stored to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
iv. Duration of storage
The log files are deleted after seven days at the latest, unless there is a need to keep the data for the aforementioned purpose due to specific events. The IP address is anonymized in the log file.
v. Possibility of objection and removal
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation and protection of the website. Consequently, there is no possibility for the user to object.
2. Contact by e-mail or contact form
i. Scope of data processing
You can contact us via the e-mail addresses provided on the web pages. In this case, your personal data that you send to us by e-mail will be stored.
The data is processed and stored by an e-mail provider we have commissioned with headquarters in Ireland, but the data is also stored outside the European Union in the United States of America.
ii. Legal basis
The legal basis for the processing of data transmitted in the course of sending an e-mail or a contact request via the contact form is Art. 6 (1) (f) GDPR. If the contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 (1) (b) and (c) GDPR.
The legitimate interest within the meaning of Art. 6 (1) (f) GDPR is to respond to a customer inquiry or to respond to a contact inquiry on other topics.
The processing by our email provider is based on Art. 28 (3), (6) and (7), Art. 46 (2) (c) GDPR. The standard data protection clauses of the EU Commission are used in the contractual relationship with the provider with additional safeguards for European Union data subjects.
iii. Purpose of the data processing
The purpose of the data storage is to contact you at your request, in particular for the purpose of contract initiation or customer service.
iv. Duration of storage
The data will be stored for as long as is necessary to process the inquiry. Insofar as these are commercial letters that must be retained in accordance with commercial and tax law, they will also be stored in accordance with the statutory retention periods.
v. Possibility of objection and removal
You have the option to object to further use at any time. You can declare your objection by e-mail to:
datenschutz@thoughtfish.de. Data can only be deleted if there is no legal obligation to retain it; in this case, however, the data will be blocked for any other use. In the event of an objection, the conversation cannot be continued.
3. Newsletter
i. Scope of data processing
On our websites we offer the possibility to register for a newsletter, where registered persons will receive regular e-mails from us with current information. An input mask is available on the website for the registration. The registration requires the entry of your e-mail address. By clicking on the registration button, the data entered in the input mask is transmitted to us. In addition, the date and time of registration for the newsletter and the IP address used are stored. When confirming the newsletter registration as part of the so-called double opt-in procedure, the date and time at which you click on the confirmation link for the newsletter registration and the IP address used are also stored.
The newsletter is sent by an external service provider. For this purpose, your e-mail address will be passed on to the external service provider, who will send the newsletter on our behalf. The service provider does not make any further use of your data. The service provider is based in the United States of America.
ii. Legal basis
The legal basis for the processing of data when registering directly for the newsletter is Art. 6 (1) (a) GDPR.
The legal basis for the transfer of data to the shipping service provider is Art. 28 (3), (6) and (7), Art. 46 (2) c) GDPR. The standard data protection clauses of the EU Commission are used in the contractual relationship with the provider with additional safeguards in favor of European data subjects.
iii. Purpose of the data processing
The purpose of storing the e-mail address is the possibility of electronic contact for information purposes. The date and IP address of the registration as well as the confirmation of the registration are recorded in order to document the consent to the newsletter dispatch in an evidence-proof manner and to exclude misuse. The transfer to the service provider takes place for the purpose of sending the newsletter in bulk.
iv. Duration of storage
If you have expressly consented to receive the newsletter, we will delete or block the e-mail address for sending advertising only if you revoke your consent. The data of the confirmation of the newsletter order will be stored for the same period of time.
The sent e-mails, as far as they are business letters, are stored for the duration of the retention periods of the tax code or the commercial code. The other e-mails are deleted as soon as the user is no longer expected to be contacted.
v. Possibility of objection and removal
You can object to the use of the e-mail address for the newsletter dispatch at any time or revoke the consent without incurring costs that exceed the fees of your communication tariff. In every e-mail sent to you as part of the newsletter, you can object to its use with effect for the future by clicking on a link provided there. You can also object to the use of your data for sending newsletters with effect for the future by sending an e-mail to datenschutz@thoughtfish.de.
4. Visit of COALA Backend
i. Scope of data processing
Access to the COALA backend can be obtained from the following website:
www.backend.coala.thoughtfish.de
When visiting these websites, the following data is collected and stored by our server:
- Information about the browser type and version used.
- The operating system of the user
- The user’s Internet service provider
- The IP address of the user
- Date and time of access
- Websites from which the user’s system accesses our website
- Websites that are accessed by the user’s system via our website
- Amount of data transferred
- Version of the http protocol
- The currently selected project
- Date and time of the last login
The data is stored in the log files of our system. This data is not stored together with other personal data of the user. The data is stored on servers of a hosting partner based in the United States of America.
ii. Legal Basis
The legal basis for the processing of the data is Art. 6 (1) (f) GDPR. The legitimate interest within the meaning of Art. 6 (1) (f) GDPR is therefore the functionality of our website and its availability.
The processing by our provider is based on Art. 28 (3), (6) and (7), Art. 46 (2) c) GDPR. The standard data protection clauses of the EU Commission are used in the contractual relationship with the provider with additional protective measures for data subjects from the European Union.
iii. Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. In addition, the IP address is recorded to prevent attacks on the website.
The data is stored to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
iv. Duration of storage
The log files are deleted after seven days at the latest, unless there is a need to retain the data for the aforementioned purpose due to specific events. The IP address is retained for 7 days for the purpose of defending against attacks on the website and then deleted.
Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment to a specific user is no longer possible.
v. Possibility of objection and removal
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation and protection of the website. Consequently, there is no possibility for the user to object.
5. Login for the use of COALA
i. Scope of data processing
The use of COALA requires registration as a customer. The following data will be collected:
- Name
- e-mail address
- Password (stored in encrypted form)
- Creation date
- Update date
Optional:
- Company name
- Phone number
Additional data will be collected from the customer when creating their own customer project:
- Project name
- Creation date
- Update date
- Company name
- Street address
- City
- Postal Code
- Invoice data
- Data of incoming payments
- Data on reminders, if any
- Number of requests sent to the COALA server and any other data from the requests that are necessary to prove the service.
Optional:
- VAT ID
Data will be stored on the servers as in point 4, in this respect what has been stated there applies respectively.
ii. Legal basis
The legal basis for the data processing is Art.6 (1) (b), (c) and (f) GDPR, namely the initiation and implementation of a contractual relationship and the retention of data on the basis of tax and commercial law provisions. In addition, Thoughtfish has a legitimate interest in the use of the requests to the servers for system maintenance and ensuring system security.
iii. Purpose of the data processing
The purpose of the processing is the handling of the contractual relationship and the recording of the performance of Thoughtfish for billing purposes as well as for the proof of performance towards the client. Furthermore, the server requests received from the client are recorded for the purposes of system security and system maintenance.
iv. Duration of storage
The data will be stored for the duration of the contractual relationship and after the conclusion of the contractual relationship until the expiry of the regular limitation period for contractual claims. Thereafter, the data will be stored exclusively for statutory retention periods in accordance with the provisions of tax and commercial law.
Data collected for the purposes of system security or system maintenance will be deleted after 3 weeks, unless the data is required for the elimination of errors or security gaps.
v. Possibility of objection and removal
There is no possibility to object.
6. Payment: Stripe
i. Scope of data processing
Thoughtfish works with the external payment service provider “Stripe” to process payments for the use of COALA.
Stripe Technology Europe, Limited,
The One Building, 1, Lower Grand Canal Street, Dublin 2, Ireland.
The data required for payment processing (card number, validity and verification number, IBAN, etc.) are sent directly to the payment provider in encrypted form and are not visible to us. Stripe is certified according to the Payment Card Industry Data Security Standard Level 1. The payment provider transfers, processes and stores personal data outside the EU. Stripe is solely responsible for the processing of this data and Stripe acts as the responsible party.
At Thoughtfish, only encrypted data about the payment method and the customer’s user ID at Stripe are stored.
Stripe’s privacy policy can be viewed here: https://stripe.com/de/privacy.
ii. Legal Basis
The legal basis for enabling data collection by Stripe when using COALA is Art. 6 (1) (a) and (b) GDPR.
Stripe does not act as an order data processor, but is itself responsible for the payment processing.
iii. Purpose of the data processing
The purpose is to process payments for the use of COALA, to use the data for fraud prevention and to allow the user to identify the payment method.
iv. Duration of storage
The data stored by Thoughfish will be kept until the end of the contractual relationship or until the Client changes the payment data.
v. Possibility of objection and removal
You can change the payment data yourself at any time for the future or initiate a change by sending an email to datenschutz@thoughtfish.de.
Regarding the processing by Stripe, it must be revoked towards Stripe itself.
7. Cookies & locale.storage when accessing the COALA backend
Cookies and local storage are “storage areas” for data on your computer. Content providers often access files stored there via the web browser or store information there for later access. This can be, for example, the language settings for a website, the contents of a shopping cart or settings data for video playback.
In detail, the following data packages in the form of cookies or local storage files can be accessed on our website. You have the option of rejecting or accepting this when loading the website. Once you have given your consent, you can revoke it at any time. Practically, you can do this by blocking cookies in your browser.
Name | Responsable Website | Type | Storage duration | Purpose |
XSRF-TOKEN | backend.coala.thoughtfish.de | Session cookie | Stored for the duration of the login session and expires after 4h without interaction with the backend | Needed to authenticate requests to the COALA framework. |
Coalabackend_session | backend.coala.thoughtfish.de | Session cookie | 1 Hour | Needed to authenticate requests to the COALA framework. |
Laravel_cookie_consent | backend.coala.thoughtfish.de | Cookie | 20 Years | Necessary for the cookie consent request |
Thoughtfish-Coala-Distribution-Channel | backend.coala.thoughtfish.de | Cookie | 1,5 Days | Used to track from which store or marketplace the customer was directed to COALA. |
Last updated 18.05.2021
Terms of Service for COALA
1. General Terms
1.1 The Thoughtfish GmbH, Joachim-Friedrich-Str. 37/38, 10711 Berlin (hereinafter „Thoughtfish“) operates the COALA data platform (hereinafter referred to as “Service Platform”) as a service platform providing a significant number of location based information from a variety of databases. Integrating the COALA API enables the Customer to send requests to the Service Platform and receive the requested data, which can be used in the client’s application for a variety of purposes as designed by the client, including but not limited to AR applications.
1.2 The offer of Thoughtfish is explicitly and exclusively directed to entrepreneurs in the sense of § 14 BGB (German Civil Code) or legal entities under public law. The services of Thoughtfish are not directed at consumers within the meaning of § 13 BGB.
1.3 Any deviating, supplementary or conflicting general terms and conditions introduced by the Customer shall not become part of the contractual relationship between the Customer and Thoughtfish, unless these have been expressly recognized by Thoughtfish and their inclusion has been permitted. Even in the execution of an order without objection, there is no agreement with the inclusion of other terms and conditions. Thoughtfish hereby already objects to any inclusion of terms and conditions of third parties.
2. Subject of the Contract
2.1 In order to use Thoughfish’s services the Customer is first required to set up a free user account and verify the account’s email address. Once the user account is set up the Customer may establish projects (“Project”) for each application the Customer intends to use the Service Platform with. Thoughtfish shall provide the Customer for each Project access to the Service Platform as specified in the product description.
2.2 Each Project has its individual contractual term which starts once the Project has successfully been set up by the Customer unless expressly agreed otherwise.
2.3 The Customer may either set up the Project himself using the COALA Website and the standard service plan or he may contact Thoughtfish for an individual offer.
2.4 The COALA Software Platform consists of server software which is not made available to the Customer and the COALA API which will be made available to the Customer with an individual ID for each Project. The Customer is not entitled to receive any other software or access.
2.5 Thoughtfish grants the Customer the non-exclusive, worldwide and non-transferable right, limited in time to the term of the contract, to access use the COALA API in the software applications of the Customer and to use the COALA API to receive certain data from the databases handled by the Service Platform. The transfer of this access to third parties, e.g. by making the access data available to third parties or to enable third parties to import data from the Service Platform through the Customer’s application into a third party’s application, is only permitted if this has been expressly agreed in an individual contract; otherwise, use is permitted exclusively for the use in the Customer’s application.
2.6 The integration of the API into the Customer’s software is part of the service provided by Thoughtfish unless expressly agreed otherwise. Thoughtfish will provide a manual on how to integrate the API, but the integration itself has to be made by Customer.
2.7 If Thoughtfish offers software packages for the use with the Service Platform also via third party distribution platforms, such software packages may be modified by the Customer as required for the individual use, but the software packages are provided as is and Thoughtfish can not and will not warrant, that a software package works with the applications of the Customer with or without any adaptation. Customer may not redistribute such software’s code and may only use such software within its own applications.
2.8 As the Service Platform relies on third party databases as described on the COALA website, Thoughtfish does not warrant that any specific database is or remains available during the Term, however the Customer may terminate any ongoing project if a database used by the Customer is no longer available for a significant period of time, not less than 7 days.
3. Scope of Use
3.1 Customers may use the Service Platform to receive location based data from several different databases cumulated by the Service Platform and they may add individual Points of Interest or allow their own users to do so. The Customer may under no circumstances add any Point of Interest containing personal data as defined in Art. 4 para. 1 of the General Data Protection Regulation and Customer is obliged to include an according requirement in its terms of service for its end-users. Personal data may only be used in Points of Interest subject to a separate express agreement with Thoughtfish. Thoughtfish reserves the right to remove any Point of Interest created by Customer or its end-users if they contain personal data without Thoughtfish’s prior approval.
3.2 The Customer may only allow third parties to use the Service Platform if this is expressly provided for in the order. The transfer of use to affiliated companies is also only permitted with the express prior consent of Thoughtfish.
3.3 In particular, the Customer may not use the Service Platform beyond the agreed scope of use or have it used by third parties or make it accessible to third parties. In particular, the Customer is not permitted to reproduce the Service Platform or any parts thereof, to try to rebuild the Service Platform’s database, to sell it or to make it available for a limited period of time, to rent it or to lend it. It is also not permitted to circumvent any contractually specified number of users or to use automated data collection or data collection from several simultaneous sources via one data collector to build its own databank.
3.4 Thoughtfish is entitled to take appropriate technical measures to protect against non-contractual use. The use of the services in accordance with the contract may not be impaired as a result.
3.5 The Customer is also prohibited from decompiling or reverse engineering the Service Platform. § 69d Copyright Act (UrhG) remains unaffected.
3.6 The Customer may only cache data from the COALA API on end-user devices (e.g. computers, smartphones and tablets) for offline use but each device must populate its own individual cache using direct requests to the COALA API. Content from a cache may only be accessed by a single end-user. The Customer may not redistribute the data from the Service Platform, including cached data, or scrape or download data from the COALA API and the Service Platform in bulk for any purpose other than offline caching on a single end user’s device.
4. Support Services
4.1 Thoughtfish will provide the customer with an email contact for service requests and cases where the service is technically unavailable. Depending on the tariff, Thoughtfish may also make available of telephone support contact during the service hours.
4.2 Unless agreed otherwise the service hours are Monday till Friday with the exception of public holidays at Thoughtfish’s place of business from 09:00 – 18:00. CET/CEST
4.3 Thoughtfish may in its sole discretion offer an electronic ticketing system instead of an email support contact.
4.4 Thoughtfish is responsible for the operation of the server of the Service Platform, its functionality and its connection to the Internet. Thoughtfish will ensure that the server software has an availability of 98.5% of the time on a yearly average, whereby announced maintenance times are not considered “unavailable” when calculating availability. Only the system logs of Thoughtfish’s servers are decisive for the measurement of availability.
4.5 As stated above the Customer is aware, that the Service Platform depends on the availability of third party online databases for providing data via the COALA API. As Thoughtfish has no individual contractual relation with the providers of those databases and can not influence their availability, Thoughtfish assumes no liability for the availability of individual data bases. The unavailability of external databases has no influence on the availability of the Service Platform.
4.6 Thoughtfish endeavors to announce maintenance times with reasonable advance notice and to perform maintenance outside the period between 8 am – 6 pm CET/CEST. During the maintenance periods, updates of the Thoughtfish service are installed and necessary settings are made on the server system. If maintenance work has to be carried out immediately for technical, legal or security reasons, Thoughtfish will make every effort to reduce it to the necessary minimum and inform the Customer about the downtime and availability.
4.7 Any Updates of the Service Platform will be announced to the Customer as soon as it is foreseeable when they will be available on the COALA Website. Thoughtfish may inform the Customer’s via email if such updates may require changes to the Customer’s applications and / or the API. Announced changes for a new are non-binding and no legal claim to implementation of the announced changes arises for the Customer from the announcement, unless this has been expressly agreed between the parties.
4.8 Customer may not use the Service Platform for any application that is considered illegal including any breach of any law, by-law or regulation anywhere where the application is operational. Thoughtfish reserves the right to immediately close the access to the Service Platform in case Thoughtfish is made aware of any illegal use of the Customer’s application.
5. Service Fees
5.1 Unless otherwise agreed, a fixed service fee per Project shall be payable in advance for one month and is deducted from the credit card or bank account as deposited during set up of each Project.
5.2 In addition to the fixed service fee per Project the Customer shall pay in accordance with the tariff booked a certain fee for a fixed number of requests issued through the COALA API per months. Alternatively, Thoughtfish may offer a fee based on the number of unique monthly active end-users using the COALA API under one Project. In each case the fee is invoiced after end of each calendar month and deducted via the payment method provided during the set up of the Project. Invoices for charges related to the COALA API can be found and downloaded in our Backend Portal.
5.3 The Customer is obliged to update the payment method without delay if the selected payment method is no longer available.
5.4 Offsetting shall only be permitted with undisputed or legally established claims. The same applies to the assertion of a right of retention.
5.5 Thoughtfish is entitled to prohibit the Customer from further use of Thoughtfish services for the duration of a payment delay that exceeds one month. This does not constitute a withdrawal from the contract.
5.6 All other services provided by Thoughtfish that go beyond the agreed scope of services and/or are identified as requiring separate remuneration, such as consulting services, customization of the software to meet operational requirements, support in configuring the database, training and support, shall be offered separately upon request.
5.7 In the event of a grossly negligent unjustified notice of defect by the Customer, Thoughtfish is entitled to charge the Customer for the expenses incurred for processing in accordance with the currently valid price list for service work.
6. Property rights and confidentiality
6.1 Thoughtfish is the owner of all industrial property rights to the Service Platform, COALA and the COALA API as well as the trademark “Thoughtfish”.
6.2 The Customer undertakes not to challenge trademarks or other industrial property rights registered or used by Thoughtfish.
6.3 Thoughtfish is entitled to make any Point of Interest generated by the Customer or its end-users available to any other Customer unless expressly agreed otherwise. Such Points of Interest are not considered data owned by Customer and all rights in and to such Point of Interest including any information provided therewith shall be deemed transferred to Thoughtfish for the non-exclusive, worldwide, perpetual use in the scope of the Service Platform. Customer is obliged to integrate such transfer of rights into its own terms of service for its end-users. Thoughtfish may continue to use such Points of Interest even after the termination of the individual Project.
6.4 “Confidential Information” means all information exchanged between the Parties under this Agreement, whether orally or in writing, which is designated as confidential or which is to be considered confidential due to the circumstances of transmission, in particular the provisions of this Agreement. Not considered as Confidential Information is such information that
- a) was demonstrably already known to the other party prior to transmission without being subject to a confidentiality agreement,
- b) which becomes publicly known during the term of the contract without a breach of contract by the parties
- c) which were independently developed during the term of the contract by employees of the parties who did not have access to the Confidential Information,
- d) disclosed by the disclosing party to third parties without a confidentiality provision, or
- e) which is to be made public by virtue of an enforceable order or other decision of a court, authority or other governmental organization. In the latter case, however, the addressee of the decision undertakes to inform the other party thereof without undue delay and to support the latter appropriately in the context of a legal challenge to such decision. In principle, all technical information is part of the confidential information, unless it is distributed under an open source license.
6.7 The receiving party undertakes to treat all Confidential Information as strictly confidential and not to use it or make it available to third parties except for the purpose of fulfilling the contract. The Receiving Party may only disclose the information to its management, employees and consultants to the extent that they are also subject to confidentiality under these provisions and to the extent that they are concerned with the matters of this Agreement. The Receiving Party shall take all reasonable steps to prevent any unauthorized use of the Confidential Information and shall promptly notify the Disclosing Party of any suspected unauthorized use or disclosure.
6.8 Thoughtfish is entitled to name the Customer as a reference Customer using its logo on Thoughtfish’s website and in its other self-promotion for as long as the contractual relationship exists. Insofar as the Customer is permitted to transfer the rights to third parties, this also applies to these third parties and the Customer is obligated to ensure this.
7. Liability & Warranty
7.1 Thoughtfish shall be liable to the Customer without limitation in the event of intent or gross negligence for all damage caused by it and its legal representatives or vicarious agents.
7.2 In the event of slight negligence, Thoughtfish shall be liable without limitation in the event of injury to life, body or health.
7.3 In all other cases, Thoughtfish shall only be liable if Thoughtfish culpably violates a cardinal obligation. Cardinal obligations are obligations that make the proper execution of the contract possible in the first place, the violation of which jeopardizes the achievement of the purpose of the contract and compliance with which the other party may regularly rely on.
7.4 In the event of liability pursuant to Section 7.3, liability shall be limited to the foreseeable, typically occurring damage.
7.5 Liability under the provisions of the Product Liability Act shall remain unaffected.
7.6 The strict liability for defects that were present at the time of the conclusion of the contract (§ 536a paragraph 1 BGB) is excluded.
8. Term
8.1 The term results from the respective order. If no other term is agreed, the contract for each Project shall be concluded for an individual term of one month and may be terminated with 30 days’ notice to the end of the term. The term is automatically extended by the same term, unless the contract is terminated properly. Deviating notice periods can be agreed in the order. The right to terminate for good cause shall remain unaffected.
8.2 The termination must be in writing, email shall be sufficient. Each Project may be terminated individually.
8.3 Upon termination of a Project, Thoughtfish will block the access to the Service Platform for the Project and any application using the access to the Service Platform operated by the Customer may no longer function accordingly. Furthermore, the Customer is no longer allowed to use the COALA API or any other materials provided by Thoughtfish in the scope of the Project and shall delete all such data without delay.
9. Changes to the General Terms
9.1 Thoughtfish reserves the right to amend or expand these General Terms at any time with effect for the future, provided that this is necessary and does not disadvantage the Customer contrary to good faith. An amendment may be necessary in particular to make adjustments to a change in the legal situation. Newly issued court decisions shall also be deemed to be a change in the legal situation. Changes and further developments of the Thoughtfish services may also make it necessary to amend or supplement the General Terms.
9.2 Any changes or additions to these General Terms shall be announced in text form in a suitable manner at least four weeks before they come into effect. As a rule, notice of the amendment to the General Terms will be given by e-mail.
9.3 The Customer has the right to object to a change or addition within four weeks after notification and possibility of knowledge to Thoughtfish. In the event of a timely objection, both parties are entitled to terminate the contract extraordinarily in accordance with the termination provisions of this contract. Other rights of termination remain unaffected. If the Customer does not object within the objection period or if the Customer continues to use the services thereafter, the change or amendment shall be deemed accepted and shall become part of the contract.
9.4 Thoughtfish shall inform the Customer separately in the information about the changes to the Terms of Use about the possibility of objection and termination, the deadline and the legal consequences, in particular with regard to a failure to object.
10. Miscellaneous
10.1 The place of jurisdiction for all disputes arising from and in connection with this contract shall be the competent court at the registered office of Thoughtfish, insofar as the Customer is a merchant, a legal entity under public law or a special fund under public law.
10.2 All prices are subject to statutory value added tax, unless otherwise stated.
10.3 This contract shall be governed by German law to the exclusion of the provisions of international private law and the UN Convention on Contracts for the International Sale of Goods.
10.4 Thoughtfish is entitled to transfer this contract to an affiliated company within the meaning of the German Stock Corporation Act (AktG) by notifying the Customer in writing. In the event of such a transfer, the acquiring company shall assume all rights and obligations of Thoughtfish, whereby Thoughtfish shall continue to be jointly and severally liable with the transferee for any liabilities already incurred at that time.
10.5 If any provision of this Agreement is or becomes void, invalid or unenforceable in whole or in part, this shall not affect the validity and enforceability of all remaining provisions.
Last changed: 02.07.21