Status
25.06.2026
de-CH Version
SaaS Terms and Conditions for edoobox
Terms and Conditions for edoobox as a SaaS offering from Etzensperger Informatik AG. Effective June 25, 2026.

Status
25.06.2026
de-CH Version
SaaS Terms and Conditions for edoobox
Provider
Etzensperger Informatik AG
24 Kirchweg
CH-3366 Bettenhausen
Switzerland
Contract Framework
Order Form or Quote
Terms and Conditions as a Basis
SLA as agreed
AVV Digital, where applicable
Direct Links
As of June 25, 2026
Note on the language version: This German version is the legally binding and authoritative version. Any English translations are provided for informational purposes only; in the event of any discrepancies, the German version shall prevail.
Provider / Contracting Party: Etzensperger Informatik AG, Kirchweg 24, CH-3366 Bettenhausen, Switzerland VAT ID: CHE-107.413.131 Contact: support@edoobox.com (or as indicated in the contact information published from time to time)
1.1 These Terms and Conditions govern the use of the Software-as-a-Service platform “edoobox” (“Service”) by customers (“Customer”) and their users (“User”).
1.2 These Terms and Conditions apply to all services provided in connection with edoobox, including the web app, mobile access, APIs, integrations, support, and documentation, unless otherwise expressly agreed in writing.
1.3 Any terms and conditions of the customer that differ from or supplement these terms and conditions shall apply only if the Provider expressly agrees to them in writing.
1.4 Order of Precedence in Case of Conflicts: (1) Order form/quote, (2) any special terms and conditions (e.g., SLA), (3) digitally accepted or signed Order Processing Agreement (AVV/DPA), if applicable, (4) these General Terms and Conditions.
2.1 Order Form: the order, quote, online booking, or other agreement that specifies, among other things, the plan, term, scope of services, and prices.
2.2 Customer Data: all data and content that the customer and/or user enters, uploads, generates, or processes in the Service (e.g., course data, participant data, communication content, documents, payment and booking data, to the extent provided by the customer).
2.3 Provider Data: Data processed by the Provider in its capacity as the data controller (e.g., account data, billing information, support tickets, security and operational logs).
2.4 Third-Party Services: Services provided by third parties that are used or integrated via edoobox (e.g., payment providers, email providers, SMS, analytics, hosting, maps, single sign-on).
2.5 Documentation: technical/product-related descriptions, instructions, and specifications provided by the supplier.
3.1 The contract is concluded through (i) the signing of an order form, (ii) an online order accompanied by acceptance of these Terms and Conditions, or (iii) activation or commencement of service by the Provider.
3.2 The customer confirms that the person placing the order is authorized to act on the customer's behalf.
3.3 The customer is required to keep all information up to date and accurate and to report any changes immediately.
4.1 The Provider shall make the Service available to the Customer to the agreed extent during the term of the contract. The specific scope of functionality is set forth in the order form and/or the current plan.
4.2 The Service is standard software (SaaS). No specific suitability, specific economic success, or the achievement of specific goals is guaranteed, unless expressly agreed to in writing.
4.3 The Provider may further develop the Service or adapt or modify its features, provided that such actions do not materially impair the core functionality required under the contract or that an equivalent solution is provided.
4.4 The customer is granted a non-exclusive, non-transferable right, limited to the term of the contract, to use the service in accordance with the contract (license to use). Sublicensing, renting, or making the service available to third parties outside the group of users specified in the contract is prohibited.
5.1 Availability/SLA: A binding service level (e.g., availability guarantee, response times, service credits) applies only if expressly agreed upon in the order form or an SLA. If no SLA has been agreed upon, the Provider is not obligated to provide a specific minimum level of availability, but will endeavor to operate in accordance with the state of the art.
5.2 Maintenance: The Provider is entitled to perform scheduled maintenance. To the extent reasonable, scheduled maintenance will be announced in advance. Emergency maintenance may be performed without prior notice.
5.3 Support: The scope and channels of support (e.g., email, phone, ticket) are specified in the order form or the currently published support model.
6.1 The customer is responsible for managing user accounts, roles, and permissions within the Service.
6.2 Login credentials must be treated as confidential. The customer shall ensure that users keep their passwords secure and use appropriate security measures (e.g., MFA, where available).
6.3 If misuse or compromise is suspected, the customer shall notify the provider immediately and take immediate action (e.g., changing passwords, blocking affected accounts).
7.1 The customer is responsible for (i) the accuracy of the customer data, (ii) the legal permissibility of the processing and use (including any required information or consents), and (iii) compliance with any industry-specific regulations.
7.2 The customer shall ensure that only authorized users use the service and that such use complies with the documentation.
7.3 The customer is responsible for the local IT environment (Internet connection, browser, devices, internal security). The provider is not liable for disruptions that are beyond its control.
8.1 It is prohibited to use the Service for: a) unlawful content or activities; b) infringement of third-party rights (in particular copyrights, trademark rights, and personality rights); c) processing of particularly sensitive data without an appropriate legal basis and protective measures; d) malware, phishing, spam, or unauthorized mass communications; e) scans, penetration tests, or load tests without the Provider’s prior written consent; f) circumventing security mechanisms, rate limits, or access restrictions; g) reverse engineering, decompilation, or analysis of the source code, unless permitted by mandatory law.
8.2 The Provider is entitled, in the event of suspected misuse, security risks, or serious breaches of contract, to temporarily restrict or suspend access in order to prevent damage, and to notify the Customer thereof, to the extent that this is legally and technically feasible.
9.1 The customer retains ownership of the rights to its customer data. The customer grants the provider the right, for the duration of the contract, to store, process, and transmit customer data to the extent necessary for contract performance, support services, troubleshooting, security, or as instructed by the customer.
9.2 The customer warrants that it has all necessary rights and authority with respect to the customer data.
9.3 The Provider is not obligated to review the content of customer data, unless this is necessary to resolve technical issues, for security purposes, or due to mandatory legal obligations.
10.1 The customer may use or integrate third-party services. Third-party services are not controlled by the Provider; their terms and conditions apply in addition to these. The Provider is not liable for the availability or malfunctions of third-party services.
10.2 APIs may only be used in accordance with the documentation and agreed-upon limits. The Provider may throttle or block API access in the event of a security risk, misuse, or excessive load.
10.3 Changes to third-party services or their interfaces may affect the functionality of integrations; the Provider assumes no liability in this regard, except as expressly agreed.
11.1 Roles (DSG/GDPR): a) To the extent that the Customer processes personal data in edoobox (e.g., participant and booking data), the Customer is generally the data controller and the Provider is the data processor. b) For Provider data (account, billing, support, security logs), the Provider is generally the data controller.
11.2 Data Processing / DPA: To the extent that edoobox processes personal data on behalf of the customer, the Data Processing Agreement (DPA) is made available digitally in the edoobox account and, where necessary, accepted or signed digitally. The accepted DPA governs, in particular, the subject matter, duration, nature, and purpose of the processing; categories of data subjects and data; technical and organizational measures; subprocessors; international transfers; obligations to provide support; erasure/return; and documentation/audits. In the event of any conflict, the data protection and data processing provisions of the accepted DPA shall take precedence over these Terms and Conditions.
11.3 Subcontractors/Sub-Processors: The Provider may engage subcontractors. The Provider shall list sub-processors (either directly or via a published list) and inform the Customer of any material changes (replacement/addition) so that the Customer may object within a reasonable period of time. In the event of a justified objection, the parties shall seek a reasonable alternative; otherwise, the Provider or the Customer may terminate the affected portion on an extraordinary basis.
11.4 International Data Transfers: The customer acknowledges that the Service is available globally and that cross-border data processing may occur in the course of its operation (hosting, support, third-party services). The Provider ensures that international transfers are structured in a manner permitted under applicable data protection law (e.g., adequacy, safeguard clauses, appropriate safeguards).
11.5 Data Security: The Provider shall implement appropriate technical and organizational measures based on the risk profile (e.g., access controls, encryption, logging, backup/restore, monitoring). Details may be described in the security documentation or SLA.
11.6 Logs and Monitoring: The Provider may collect technical logs to ensure operational stability, security, detection of misuse, error analysis, and performance optimization. Logs may also serve as evidence of contractual and security events.
11.7 Storage, Export, Deletion: a) During the term of the contract, the customer may export customer data using the functions provided. b) After the contract ends, the provider will make customer data available for retrieval for a grace period (if agreed upon; otherwise, a reasonable period, typically 30 days); after which customer data will be deleted or anonymized, provided that no statutory retention obligations or technical backup cycles prevent this. c) For technical reasons, backup data may be overwritten with a delay; it is not used in production during the backup retention period.
11.8 Reporting of Data Security Incidents: The Provider shall notify the Customer of any relevant security incidents to the extent that they affect Customer data and the Provider becomes aware of them. Where the GDPR applies, the following shall apply at a minimum: The processor shall notify the controller immediately upon becoming aware of the incident.
11.9 Audit and Documentation Rights: Upon request, the Provider shall provide appropriate documentation regarding data security and data protection measures (e.g., policies, technical descriptions, audit summaries). Customer-specific audits, security questionnaires, additional documentation, DPA support, and extraordinary audits shall take place only after prior consultation, during business hours, under conditions of confidentiality, and for a separate fee, unless they are required by law or triggered by a relevant security incident caused by the Provider. On-site audits are permitted only in exceptional cases and must not jeopardize security or operations.
12.1 Confidential information means any information that is not publicly known, that is designated as confidential, or that should be considered confidential under the circumstances.
12.2 Both parties agree to maintain confidentiality. This obligation does not apply to information that (i) is publicly available without any breach, (ii) was lawfully obtained from third parties, or (iii) must be disclosed due to a mandatory legal obligation (with notice to the other party, to the extent permitted).
13.1 Prices: Fees are specified in the order form or price list. Services not specified (e.g., additional storage, additional modules, professional services) will be billed based on actual time and effort or as agreed upon separately.
13.2 Billing: Periodically as specified in the order form (monthly/annually, etc.). Payment due date: as specified on the invoice or in the order form.
13.3 Default: In the event of a default in payment, the Provider may (i) charge late fees and/or interest on late payments to the extent permitted by law, (ii) suspend services, and/or (iii) terminate the contract for good cause.
13.4 Taxes: Prices are exclusive of VAT, unless otherwise stated. The customer is responsible for any applicable taxes, duties, or withholding taxes, to the extent permitted by law.
13.5 Price Changes: Price adjustments for renewal periods are permitted, provided that the Provider notifies the Customer in a timely manner before the start of the new period and the Customer may cancel the service by the start of the period in the event of significant changes.
14.1 Trial Period: A trial period may be offered. The duration and scope are as specified in the offer or order form. Unless otherwise agreed, the trial period ends automatically at no cost; paid use requires an explicit order.
14.2 Plan Changes: Upgrades and downgrades are permitted in accordance with the plan rules. Billing and effective dates are determined by the order form and pricing logic.
14.3 Refunds: Unless prohibited by mandatory law or expressly provided otherwise in the order form, an SLA, or a written individual agreement, fees already paid are nonrefundable. Any service credits or refunds are granted only if they are expressly agreed upon or required by mandatory law.
14.4 Consumer Right of Withdrawal in the Event of Immediate Commencement of Services: To the extent that a customer acting as a consumer is entitled to a right of withdrawal under mandatory consumer law, that right remains unaffected. However, if the customer expressly requests that edoobox begin providing the paid service before the expiration of a statutory withdrawal period, and confirms that they are aware of the consequences for their right of withdrawal, edoobox will begin providing the service immediately. If the contract is fully performed during the withdrawal period, the right of withdrawal may expire in accordance with mandatory applicable law; in the event of withdrawal before the contract is fully performed, edoobox may demand compensation for the value of the service or a pro-rata payment for services already rendered, to the extent permitted by law.
15.1 All rights to the Service, software, documentation, trademarks, designs, and know-how remain with the Provider or its licensors.
15.2 The customer is granted only the rights of use expressly granted in these Terms and Conditions.
15.3 The Provider may use customer feedback (ideas, suggestions) free of charge, for an unlimited period of time, and without restriction to improve the Service, provided that no customer confidential information is involved.
16.1 The Provider shall provide the Service with the care customary in the industry.
16.2 The Service is provided “as is.” The Provider does not guarantee that the Service will be available at all times without interruption or error, particularly in the case of third-party services, Internet outages, or force majeure.
16.3 The customer is required to report malfunctions or defects immediately and to cooperate appropriately in identifying and resolving them.
17.1 The Provider shall have unlimited liability in cases of willful misconduct and gross negligence, as well as in cases of mandatory statutory liability.
17.2 In cases of slight negligence, the Provider shall be liable—to the extent permitted by law—only for direct damages resulting from a breach of material contractual obligations, and such liability shall be limited.
17.3 Liability Cap: Unless expressly agreed otherwise in the order form, an SLA, or an individual agreement, and to the extent permitted by law, the Provider’s total liability arising out of or in connection with the contract (regardless of the legal basis) is limited to the fees paid by the Customer for the Service during the 12 months preceding the damaging event. If the term of the contract is shorter, the amount paid up to that point shall apply.
17.4 To the extent permitted by law, the Provider shall not be liable for indirect damages, consequential damages, lost profits, data loss (to the extent such loss could have been avoided through backups or exports), or claims by third parties, except to the extent that Section 17.1 applies.
17.5 The customer is required to perform appropriate data backups/exports.
18.1 The Customer shall indemnify the Provider (including its officers, employees, and agents) against all claims by third parties arising from the Customer’s/User’s use of the Service, in particular due to: a) the illegality of the Customer’s data or the lack of a legal basis or information; b) infringement of intellectual property rights or personal rights; c) violations of data protection, communications, or competition laws due to Customer content or communications; d) misuse, security incidents, unauthorized access, or API misuse by the Customer.
18.2 The Provider shall inform the Customer of such claims, to the extent permitted by law, and shall enable the Customer to participate appropriately in the defense.
19.1 Term: As specified in the order form (e.g., monthly/annually). The term is automatically extended for the agreed-upon period unless the contract is terminated in accordance with standard procedures.
19.2 Ordinary Termination: Unless otherwise agreed, the customer may terminate the contract no later than 30 days before the end of the respective contract period. For monthly plans, a shorter notice period may apply if specified in the order form.
19.3 Extraordinary Termination for Good Cause: Either party may terminate the agreement without notice if there is good cause (e.g., a serious breach of contract, late payment despite a reminder, serious security or compliance violations). To the extent reasonable, a reasonable grace period shall be granted to remedy the situation.
19.4 Suspension: The Provider may suspend the Service in the event of (i) late payment, (ii) security or abuse risks, (iii) a violation of Section 8, or (iv) sanctions or export controls (Section 21).
19.5 Effects of Termination: The right of use terminates upon expiration of the contract. Data export and deletion shall be carried out in accordance with Section 11.7. Obligations that, by their nature, continue to apply (e.g., confidentiality, liability provisions, intellectual property, outstanding payments) shall remain in effect.
20.1 Neither party shall be liable for nonperformance due to events beyond its reasonable control (e.g., natural disasters, war, terrorism, strikes, major network or cloud disruptions), provided that the other party is notified immediately and reasonable measures are taken to mitigate the damage.
21.1 The Customer warrants that it will not use the Service in violation of applicable export control or sanctions regulations.
21.2 The Provider may refuse, restrict, or terminate services if this is necessary to comply with sanctions, embargoes, or official orders.
22.1 The Provider may amend these Terms and Conditions, in particular in the event of (i) changes in the law, (ii) security requirements, (iii) product developments, or (iv) adjustments to business processes.
22.2 The customer will be notified of material changes in an appropriate manner (e.g., email or in-app notification) at least 30 days before they take effect. If the customer does not object within this period and continues to use the service, the changes are deemed accepted. If an objection is raised in a timely manner, the provider may terminate the contract at the end of the current period.
23.1 Notices that have legal effect shall be sent in writing (including by email) to the most recently provided contact addresses.
24.1 The Customer may assign or transfer rights and obligations under the contract only with the Provider’s prior written consent.
24.2 The Provider may transfer the contract as part of a restructuring, an asset deal, or a transfer of the service to a group company, provided that this does not materially affect the Customer’s rights; the Customer will be notified.
25.1 If any provision is invalid in whole or in part, the remainder of the contract shall remain valid. The parties shall replace the invalid provision with a valid provision that most closely reflects the economic purpose of the invalid provision.
26.1 Swiss substantive law shall apply, to the extent permitted, excluding conflict-of-laws rules and the United Nations Convention on Contracts for the International Sale of Goods (CISG).
26.2 For customers acting as businesses, the exclusive place of jurisdiction is the Provider’s place of business. Mandatory statutory places of jurisdiction and mandatory consumer protection laws remain reserved.