§ 1 Applicability
(1) The emcra GmbH, Hohenzollerndamm 152, 14199 Berlin, Germany (hereafter referred to as ‘operator’), offers enterprises and organisations (hereafter referred to as ‘users’) the opportunity independently of their legal structure (a) to evaluate their own risk management with the “Quick Check”, (b) to receive a structured introduction to the topic of risk management with the “Guide on Business Resilience” and (c) to acquire knowledge in all areas of risk management for small and medium-sized enterprises in the service sector within the scope of the “Online Course”. This is done by means of the CASSANDRA Resilience Tools (hereafter ‘CASSANDRA tools’).
(2) The licence agreement is closed for an indefinite time period. Contractual parties can terminate the licence agreement with a month’s notice by communicating in writing (email is sufficient) without stating their reasons. The right to any use of the platform expires with this termination.
§ 3 The ‘CASSANDRA tools’
(1) The ‘CASSANDRA tools’ can be used free of charge.
(2) The ‘CASSANDRA tools’ are (a) a “Quick Check” for self-evaluation, (b) a comprehensive “Guide” on the topic of business resilience and (c) a practice-oriented “Online Course”. These three offers enable an independent and cost-efficient analysis of organisational risks, the minimisation or neutralisation of these risks in the future through practical solution strategies and thereby a contribution to an improved organisational stability. In-depth knowledge about risk management and information security, as well as about the securing of business operations (operational continuity management) is communicated through the three products.
(3) As a result of the “Quick Check” for self-evaluation, the user will receive an indication of their current risk management status, as well as recommendations for future action. These are standardised recommendations which should serve as the basis of discussion for the user. The user is personally responsible for the implementation of these recommendations and any possible reactions to this indication.
(4) The results of the (a) “Quick Check” can be viewed and printed out immediately once the questions have been answered. Since the “Quick Check” is carried out anonymously, the results can no longer be accessed once the results page has been left. There is no limit to number of the times that the “Quick Check” can be repeated.
(5) The (c) “Online Course” will show you how to increase the resilience of your organisation and thereby improve its stability. This is done in seven chapters with the help of clear information and practical exercises. By means of a case study you will learn how risk management works in practice. With the help of templates you can produce your own strategy and directly apply the knowledge that you have gained.
(6) There is no limit to the time period in which the user can complete the “Online Course”, providing he logs in at least once within a twelve-month period. The user’s progress will be saved. Whenever the user logs in again he will be shown his progress in the respective course chapters. If a user does not log in at least once within a twelve-month period, the operator reserves the right to delete the account.
§ 4 Availability of the ‘CASSANDRA tools’
On working days between 8:00 a.m. and 6:00 p.m. the operator guarantees an accessibility of 98.5% for the ‘CASSANDRA tools’. In addition to this, maintenance, updates and administrative work can lead to the ‘CASSANDRA tools’ not being available temporarily. As far as possible, delays will be announced beforehand on the website and undertaken during times when the ‘CASSANDRA tools’ are statistically used less frequently.
§ 5 Copyrights
(1) The CASSANDRA tools’ software code also consists of open source components that the separate open source developers have made available to the general public to use free of charge. The user receives sufficient rights to use the open source components from the open source developers to be able to make unrestricted use of the tool in line with this contract. You can find out which open source components were used and further information about these open source components in the operator’s imprint.
(2) The right from § 5 Para. 1 does not include the reproduction and processing of the CASSANDRA tools’ software.
(3) The text from the “Quick Check” and the templates which are part of the “Online Course” and which can be downloaded in addition to the “Guide on Business Resilience” (with the exception of the template entitled “Business Continuity Plan“) are subject to the Creative Commons Attribution ShareAlike License Version 4.0, by CASSANDRA-Project (CC-BY-SA, https://creativecommons.org/licenses/by-sa/4.0/legalcode).
(4) The texts from the following parts of the website are subject to the Creative Commons Attribution NoDerivatives Version 4.0, by CASSANDRA-Project (CC-BY-ND, https://creativecommons.org/licenses/by-nd/4.0/legalcode):
- Online Course and accompanying case study (excluding the templates)
- Template entitled “Business Continuity Plan”
- Guide on Business Resilience (excluding the templates entitled “Risk Register negative” and “Risk Register positive” which can be downloaded with the “Guide on Business Resilience” and which are subject to the CC-BY-SA)
(5) You can find further information about the licences in the imprint.
§ 6 Client obligations
(1) The client is obligated to use the operator’s services appropriately and to take recognised principles of data security into account. The client is in particular obliged:
- to not use the platform improperly but to use it exclusively in accordance with the applicable national and international laws and regulations. The client is especially obliged not to infringe upon any third party rights, for example personal rights, copyrights, trademark laws, naming laws and any general commercial property rights of third parties;
- to not use any passwords or code numbers (PIN) that correspond, for example, to their own name or birthday or that of a very close person, or that are used to access other services;
- to maintain the secrecy of passwords and code numbers (PIN) and to immediately change them or arrange for them to be changed if the suspicion arises that an unauthorised third party has gained knowledge of them;
- to end using the platform with consideration for the specifications provided by the operator for properly logging out (ending the session);
- to refrain from transferring any information or data gained from the platform outside of their organisation, especially not to pass this on to third parties for commercial purposes. This also includes the transfer to branches of the user, subsidiaries or parent companies or partners.
(2) It is not permitted to download, cache, make publicly accessible and/or take into one’s own offer qualitatively or quantitatively substantial parts of data from the platform, whether this is done with the help of crawler software or in another way. Repeated and systematic downloading, caching, making publicly accessible and/or taking into one’s own offer qualitatively or quantitatively insubstantial parts of data is equivalent to downloading, caching, making publicly accessible and/or taking into one’s own offer qualitatively or quantitatively substantial parts of data, to the extent that these actions run contrary to a normal evaluation of data or unreasonably interfere with the authorised interests of the operator.
(3) Even with the greatest possible care, the operator cannot guarantee that all available information is accurate. Because of mistakes due to transferring and/or entering data by hand, for example number and figure citations etc., the information made available on the platform can be flawed. It is therefore the client’s responsibility to check and verify the information that is contained here.
§ 7 Blocking
(2) The operator will take into account the authorised interests of affected users when choosing the means. This is particularly applicable when indications exist that the user is not culpable for the violation.
§ 8 Liability, Limitation
(1) The operator has unlimited liability for damages arising from culpable injury to life, body or health.
(2) The operator is only liable for other damages if the damages are based on the intent or gross negligence of its legal representatives, employees or agents. The liability for damage is limited to foreseeable damages that typically arise with these kinds of contracts if the operator is not charged with intent. The operator is also only liable for slight negligence in the area of chargeable offers insofar as essential contractual obligations (‘major obligations’) are infringed upon. Major obligations are those which first enable the proper implementation of the contract and on the keeping of which the user may regularly rely. In the case that major obligations are neglected the liability is also limited to foreseeable damages that typically arise with these kinds of contracts.
(3) To the extent that the operator is liable in cases of gross negligence for various damages in accordance with number 8 paragraph 2, the liability is limited to € 500.00.
(4) To the extent that the operator is liable in cases of slight negligence subject to number 8 paragraph 2, the liability in each case is limited to the amount of € 200.00.
(5) The operator is not liable for data or information which the user or any third party downloads from the portal or which are in any way made available on the portal. The operator is neither liable for the completeness, accuracy or currentness of this data and information, nor that it is free from any third party rights, nor that the user or a third party are acting lawfully when they download any data from the portal. The operator is also not liable for any damages which arise through faulty operation of the system.
(6) The operator is not liable for possible damages which may happen to the user if he implements the recommendations given by the platform.
(7) Mandatory statutory regulations such as the product liability act remain unaffected by the arrangements given above.
§ 9. Other rules
(2) In the event that one or several of the aforementioned clauses are inapplicable or may become so in the course of time, the remaining clauses remain unaffected by this.
(3) This contract is subject to the laws of the Federal Republic of Germany with the exception of rules concerning conflict of law and the UN sales convention (CISG).
(5) The operator can change or suspend parts or particular functions of the ‘CASSANDRA tools’ at any point. In accordance with this the platform operator can limit use and access to the offers in the platform at any point, as well as limiting the duration and extent of use.
(6) If suggestions for improvement or further development of the platform are made by a user through the feedback function on the platform, the user maintains no right to these suggestions.