Terms of Cognitix GmbH
Only German laws shall apply. This translated version of the cognitix terms and conditions is provided for convenience only. In case of legal dispute, the German version shall shall take precedence (Lizenzbedingungen der cognitix).
Part 1: General Terms and Conditions
Part 2: License Terms
Part 3: Scope of Services
Part 1: General Terms and Conditions
These general terms and conditions (GTC) shall apply to all agreements between Cognitix GmbH, Neumarkt 29-33, 04109 Leipzig (“cognitix”), and Customer.
Only companies as defined by §14 of the German Civil Code (BGB) qualify as customers. These may be any natural person or legal person or partnership with legal capacity entering legal transactions as part of their commercial or independent professional activity.
Solely these GTC shall be applicable. Contradictory or additional terms and conditions of Customer shall not apply.
cognitix may modify these GTC as long as the modifications are reasonable and fair to Customer. cognitix shall notify Customer of any planned modifications in good time. Unless Customer objects within four weeks of receiving the notification, the modified GTC shall be deemed as accepted. As part of the notification, cognitix shall inform Customer on the right of objection and the legal consequences of the objection period expiring.
2. Term of Agreement
The term of the agreement depends on the payment pattern chosen by Customer upon entering into the agreement.
The term of the agreement chosen by Customer is the minimum term of the agreement. During the minimum term of the agreement the right to ordinary termination shall be excluded.
Unless either party terminates the agreement by giving four weeks’ notice before the end of the minimum term of the agreement or the extended minimum term of the agreement, the minimum term of the agreement shall be extended by one month.
The right to extraordinary termination of the agreement for good cause shall remain unaffected by the above provisions.
Any termination of the agreement shall be made in writing.
Cognitix accepts limited liability for intent or gross negligence, for injury to life, limb or health according to the provisions of the German Product Liability Act (Produkthaftungsgesetz) and within the scope of any guarantee granted by cognitix.
In case of slight negligence of obligations fundamentally important to achieving the purpose of the agreement (cardinal obligations), liability of Cognitix is limited in amount to the damages that are foreseeable and typical for the type of the transaction in question.
Cognitix does not accept any further liability.
The aforementioned limitation of liability also applies to the personal liability of employees, representatives and organs of Cognitix.
The parties agree to keep secret any confidential information.
This obligation of confidentiality excludes any such confidential information,
1. which was demonstrably known by the receiving party upon conclusion of the agreement or which was made known by third parties thereafter without any confidentiality agreement, statutory regulations or administrative order being breached by the disclosure.
2. which was publicly known upon conclusion of the agreement or which were made public thereafter without any breach to this obligation of confidentiality;
3. which must be disclosed due to statutory regulations, court or administrative order. Prior to disclosing confidential information, the receiving party required to disclose confidential information shall – to the extent permitted and possible – inform the other party and allow the other party to take steps against the disclosure.
The parties shall disclose confidential information only to advisors who are either bound by professional secrecy or by provisions equivalent to the confidentiality obligation under this agreement. The parties shall further disclose confidential information only to employees who are required to know such confidential information for the performance of this agreement and who are obliged to keep such confidential information secret even after the term of their employment to the extent permissible by German labor law.
5. Data protection/data security
The parties shall comply with the relevant data protection regulations. Further details shall be laid down by the parties in a separate agreement on commissioned data processing. This separate agreement is provided by Cognitix.
6. Offsetting, Assignment
The assignment of rights and obligations arising from or related to this agreement by Customer to third parties requires written approval by Cognitix.
Offsetting is only admissible against undisputed or finally adjudicated claims against Cognitix.
7. Applicable law, place of jurisdiction
This agreement is governed exclusively by the laws of the Federal Republic of Germany and to the exclusion of international uniform law.
If Customer is a merchant, a legal person under public law or a special fund under public law, the exclusive place of jurisdiction for all disputes arising from and related to this agreement is Leipzig. This applies even if Customer does not have a place of general jurisdiction in Germany.
Section 7.2 notwithstanding, Cognitix is entitled to taking legal action against Customer at their place of general jurisdiction.
Part 2: License terms
1. Scope, parties to the agreement
These license terms apply in addition to the GTC (part 1) to all license agreements related to the software “Threat Analyzer” and “Threat Defender” (“Software”). Cognitix is the licensor, Customer is the licensee.
2. Rights granted
Upon conclusion of the agreement and full payment, Cognitix grants Customer the non-exclusive, spatially unrestricted right, limited by the term of the license agreement, to use Software.
This right to use Software is explicitly non-transferable and excludes sub-licensing or modification of Software.
3. Protection of Software
Customer shall take the appropriate measures to protect Software from unauthorized access by third parties.
Part 3: Scope of services
1. Services provided
Software enables Customer to
automatically analyze event messages like syslog, NetFlow or IPFIX (Threat Analyzer only)
extensively analyze networks and enforce network security rules (Threat Defender only)
After conclusion of the license agreement, Cognitix shall provide Software to Customer via a download link.
The hardware environment for running Software is to be provided by Customer. The Customer can obtain these information before purchase in our support portal.
Cognitix shall provide updates to the software for download via the Internet at its own discretion. These updates will contain both system updates that improve performance and fix bugs, as well as new signatures for attack detection and/or malware protection.
Cognitix may make modifications to Software via updates, provided that these updates are insignificant or customary for the industry or that they correspond to the industry’s general technical development, and provided that these modifications are reasonable and fair to Customer.
Cognitix may assign subcontractors to provide the agreed services.
2. Remedy of defects
Cognitix shall remedy any defects of Software discovered during the term of the agreement according to the following provisions:
Any defects of Software are to be classified according to the following categories and subsequently processed according to their respective response times and remedy periods. Customer shall inform Cognitix regularly about the current status and success of any efforts to remedy defects.
Critical defect (Priority 1): Malfunction causing the failure of the entire system or substantial parts thereof, rendering the system unusable or almost unusable. Operations are disrupted in a way that necessitates immediate remedy.
Major defect (Priority 2): Malfunction affecting usage of the system in a way that renders reasonable operations impossible or disproportionately difficult. Simultaneous occurrence of multiple major defects may result in a critical defect.
Minor defect (Priority 3): Other malfunction which does not affect usage of the system or which only marginally affects usage of the system. Simultaneous occurrence of multiple such defects may result in a major or critical defect.
Customer shall classify defects at their reasonable discretion giving due consideration to (i) the respective consequences of the defect on their business operations and (ii) the interests of Cognitix.
Cognitix shall respond to Customer’s report of defect within the following response times and confirm the defect:
For critical defects within 48 hours of receiving the report.
For major defects within five working days of receiving the report.
For minor defects within 14 working days of receiving the report.
Cognitix shall remedy defects within the following remedy periods:
Critical defects shall be remedied within 7 working days of defect confirmation.
Major defects shall be remedied within 2 weeks of defect confirmation.
Minor defects shall be remedied within 60 days of defect confirmation, but no later than with the next version of Software.
If a critical or major defect cannot foreseeably be remedied within the periods specified under section 2.5, Cognitix shall provide Customer with a work-around within these periods. The provision of such work-around does not release Cognitix from the obligation to remedy the defect as quickly as possible.
If multiple defects occur simultaneously, Customer may instruct Cognitix as to the priority of their respective remedy. The obligation of Cognitix to comply with the response times and remedy periods for each respective defect remains unaffected by this.
Cognitix may provide the support services by means of remote maintenance or remote diagnostics, provided that this is not to Customer’s disadvantage. In particular, remote support services must not require more time than support services provided on site, there must not be any IT security risks and Customer is able to meet the technical requirements.
3. Service hours
Cognitix shall provide support services within the following service hours: From Monday to Friday between 9 am and 5 pm. Service hours also apply to the response times and remedy periods specified in section 2.