I. Services rendered

Terms and Conditions

I. Services

  1. Scope of competence: The services are provided for the purpose of solving business problems and related areas.
  2. Client support: The client supports the comprehensive and free fulfilment of the assignment and takes reasonable measures to verify the results.
  3. Liability: The contractor shall only pay damages in case of intent or gross negligence. Liability for all claims of the Client, irrespective of their legal basis, shall be limited to the fee agreed for the assignment, to the extent permitted by law. The contractor shall in no case be liable for loss of profit, savings not achieved, damages from third party claims against the client, indirect damages and consequential damages due to defects, insofar as this is legally permissible.
  4. Guarantee: The client shall provide written notification within one month of delivery or performance as to whether and where defects exist. If the client does not make any declaration or if he starts using the system, this shall be deemed to be acceptance free of defects at the time of delivery or performance. The duration of the warranty is 6 months. The contractor reserves the right to remedy defects. If the rectification of defects fails, the buyer may withdraw from the purchase contract or reduce the purchase price appropriately.
  5. Payment: Payment is due as of the invoice date. Default interest in the amount of 10% above the interbank rate per year will be charged. All prices are fixed prices excluding taxes and duties. A discount deduction is not possible.
  6. Consultancy services or services invoiced on a time and material basis will be invoiced monthly. The Contractor’s employees shall record the daily working hours in a list stating the position and type of activity and submit this with the invoice. The Client may demand to inspect this list at any time.
  7. The Client shall not be entitled to withhold payments – without prejudice to its rights to refuse payments due to missing or defective consideration. The Client may only offset undisputed or legally established claims.
  8. Duty of confidentiality: The Contractor undertakes to treat business secrets and all information marked as confidential that becomes known to it through the performance of the order as confidential for an unlimited period of time. Confidential information may only be disclosed to third parties after written approval by the Client. The contractor shall oblige all persons involved in the fulfilment of the order to comply with this provision by means of a written commitment.
  9. Both parties shall be entitled to process and store data of the other party in an automated manner within the scope of the fulfilment of the order.
  10. Both parties shall be entitled to name the delivered solution as a reference case.
  11. Return: Qmetrix shall be granted a royalty-free, worldwide, perpetual licence to use or incorporate any suggestions, ideas, enhancement requests, recommendations or other information provided by the Client in relation to the operation of the Solution.
  12. Place of performance and jurisdiction: All disputes arising under this Agreement shall be settled before a competent Viennese court.
.

II. Licensing of software

  1. Subject matter of the contract: The scope of performance of the agreed programmes results from the respective programme description, supplemented by the user documentation.
  2. Right of use and right of return: Qmetrix transfers to the client the non-exclusive right to use the software for internal use. The use of the software for consulting or problem-solving purposes for third parties is expressly excluded. Use other than internal use is permitted only with the written permission of Contractor or as defined in the Standard Software License Agreement.
    If you do not agree to all of the terms and conditions of this License, then: (a) you may not copy, install, distribute or use any copy of the Software in which this License is included; and (b) in addition, if you have paid Qmetrix or an authorised Qmetrix reseller for a package consisting of one or more copies of the Software, you may return the complete package unused within fifteen (15) days of purchase for a full refund of your payment.
    The terms and conditions of this License describe the permitted use and user(s) of each licensed copy of the Software. For the purposes of this licence, if you have a valid single copy licence, you have the right to use a single “Licensed Copy”; if you or your organisation have a valid multi-user licence, you or your organisation have the right to use up to a number of “Licensed Copies” equal to the number of copies specified in the documents issued by Qmetrix GmbH when the licence was granted.
  3. Licence Fee: The amount of the licence fee is based on the scope of use. If the client wishes to extend the agreed scope of use, this shall be defined in advance.
  4. Delivery: The programmes shall be delivered as a whole, including user documentation (in electronic form). The client shall confirm the programme delivery in writing. A use of the software also corresponds to a confirmation of successful delivery.
  5. Interface description: The contractor undertakes, upon request, to provide the client with the necessary information for all existing interfaces of its programmes to third-party software against reimbursement of the copying and delivery costs. This information may be passed on to other clients.
  6. Scope of the licence: Each licensed copy of the software may either be used by a single person who uses the software personally on one or more computers, or installed on a single workstation that is not used simultaneously by more than one person, but not both. This is not a concurrent use licence.
    Each Licensed Copy may be accessed over a network provided that you have purchased usage rights for a Licensed Copy for each workstation accessing the Software over the network. For example, if 8 different workstations access the software over the network, you must purchase usage rights for 8 licensed copies of the software, regardless of whether the 8 workstations access the software at different times or at the same time.
    All rights of any kind in the software not expressly granted in this license are entirely and exclusively reserved to Qmetrix GmbH. You may not rent, lease, modify, translate, reverse engineer, decompile, disassemble or create derivative works based on the Program, nor may you permit anyone else to do so. You may not grant or permit any other person in connection with a service company, application service provider or similar business to access the Software.
  7. Customer’s Obligation to Protect the Program: The Customer acknowledges that the Program, including the user documentation and other documents – including future versions – are protected by copyright and trade secrets of the Contractor. He will exercise all reasonable care to prevent disclosure of this information to third parties for an unlimited period of time.
  8. Disclaimers and Limitations of Liability: You will notify us in writing of any defects within thirty (30) days of delivery or service, giving reasonable information. If you do not give any notice within the said period or do not put the software into operation, this shall be deemed to be a defect-free delivery/declaration of acceptance upon delivery or service. The warranty period shall be six (6) months at the longest. Qmetrix GmbH reserves the right to rectify defects. Should these be ineffective, you have the right to withdraw from the contract or to reduce the price appropriately.
    The agreed programme and all associated software, files, data and materials are distributed and provided without any known warranty for defects and without any express or implied warranty. The agreed programme and all related software, files, data and materials are distributed and provided “as is” and without warranty of any kind, either express or implied. The liability of Qmetrix GmbH is limited exclusively to the reimbursement of the purchase price. In addition, in no event shall Qmetrix GmbH or its principals, shareholders, officers, employees, affiliates, contractors, subsidiaries or parent companies be liable for any indirect, incidental, consequential or punitive damages arising out of the use of the Software or your relationship with Qmetrix GmbH.
    In addition, in no event does Qmetrix GmbH authorize you or any other person to use the Software in any application or system where failure of the Software to perform reasonably could result in substantial bodily injury or loss of life. Any such use is solely at your own risk, and you agree to indemnify Qmetrix GmbH against any claims or losses in connection with such unauthorised use.
    You acknowledge that good computing practice requires that any program, including the Software, be thoroughly tested with non-critical data before being relied upon, and you hereby assume all risk of use of all copies of the Software covered by this Licence. This disclaimer of warranty constitutes an essential part of this licence.
  9. Place of performance and jurisdiction: All disputes arising out of this agreement shall be settled in a court of competent jurisdiction in Vienna.

III Support and maintenance

  1. General: The purpose of the Qmetrix Support and Maintenance Contract is to provide fair use of telephone and internet troubleshooting, basic fault advice and free delivery of new release versions of the software for an annual lump sum.
  2. Duration and Termination: The contract begins with the delivery date of the solution and continues indefinitely. It may be terminated by either party once a year at the end of the second quarter subject to 90 days’ written notice.
  3. Payment: The service will be invoiced annually one year in advance at the beginning of the support period and can be adjusted according to inflation. Payment is due upon receipt of the invoice.
  4. Patching Policy: Qmetrix ships all Microsoft Windows-based computers with the “Install security patches automatically” setting. This ensures the best level of security according to the known state of the art. The risk of this policy is that unexpected downtime may occur due to problems with installed security patches. Qmetrix may change this policy upon written request from the customer.

IV. Sale and installation of hardware

  1. Validity of Quotation: Quotation prices are based on these Terms and Conditions and apply to the actual state of knowledge of the Project and the Customer’s requirements as defined in the Documentation (usually referred to as the ” Workbook “) at the time of the quotation for the time specified in the quotation. Significant changes to the requirements by the client or changes to the agreed prerequisites may require a change to the quotation. Qmetrix GmbH reserves the right to withdraw the offer if the changed requirements cannot be met.
  2. Support by the Client: The client shall support the comprehensive fulfilment of the contract free of charge and take appropriate measures to verify the results.
  3. Installation and operation of the system: The operation of the Qmetrix system shall strictly adhere to the operating manuals. Some Qmetrix products are operated at mains voltage level. Only licensed electricians may install and manipulate the wiring in accordance with the documentation and manuals supplied and in compliance with local regulations.
  4. Statistical variance: Due to the statistical variance of the measured process, the measured values and indicators are calculated with a statistical error.
  5. Liability: The contractor shall only pay damages in the event of intent or gross negligence. The liability for all claims of the client, irrespective of the legal ground, is limited to one tenth of the fee agreed for the order, as far as legally permissible. A higher liability insurance can be taken out if required against reimbursement of the insurance costs. The contractor shall in no case be liable for lost profit, savings not achieved, damages from third party claims against the client, indirect damages and consequential damages due to defects, insofar as this is legally permissible.
  6. Set-up and acceptance: The set-up is completed when the system is ready for operation in accordance with the specifications. Acceptance shall take place no later than one month after set-up. The client shall inform in writing in good time whether and where defects exist. If the client does not make any declaration or if he puts the system into operation, this shall be deemed to be acceptance without defects at the time of delivery or performance.
  7. Guarantee: The duration of the guarantee shall be 12 months from the date of set-up. The warranty is provided on a “bring-in” basis. This means that the customer must bring or send the defective parts at his own expense and risk. The contractor reserves the right to make rectifications. Rectifications do not extend the original warranty period. If the rectification fails, the purchaser may withdraw from the purchase contract or reduce the purchase price appropriately. This guarantee can be extended at the time of signing the contract against a yearly fee. Consumables such as batteries or fuses are not part of the warranty.
  8. Payment: Payment is due from the date of the invoice. All prices are fixed prices in euros excluding VAT. A discount deduction is not possible. Interest on arrears shall be charged at the inter-bank rate (EURIBOR) plus 10% per annum.
  9. Payment schedule for purchase: 1/3 on order, 1/3 on set-up, 1/3 on acceptance, unless otherwise agreed in the contract.
  10. Consultancy services or services invoiced at cost shall be invoiced monthly. The Contractor’s employees shall record the daily working hours in a list stating the position and type of activity and submit this with the invoice. The Client may demand to inspect this list at any time.
  11. The Client shall not be entitled to withhold payments – without prejudice to its rights to refuse payments due to missing or defective consideration. The client may only offset undisputed or legally established claims.
  12. Duty of confidentiality: The parties mutually agree to keep business secrets confidential for an unlimited period of time. Trade secrets are all documents and all information expressly marked as such. Secrets may only be disclosed to third parties if Qmetrix GmbH has approved this in writing.
  13. Protection of data: The parties are permitted to automatically process and store data of the other parties with computers. Qmetrix is permitted to use the recorded system data in aggregated form for purposes outside the customer system. Qmetrix warrants that such data cannot be identified as originating from the Customer.

V. General data protection regulation

Introduction

Qmetrix needs to collect and use certain information about individuals in order to perform tasks and meet customer needs.
This may include customers, suppliers, business contacts, employees and others with whom the organisation has a relationship or may need to contact.
This policy describes how this personal information must be collected, handled and stored to meet the organisation’s data protection standards – and to comply with the law.

Why this policy exists

This privacy policy helps Qmetrix to/to:

  • Comply with data protection laws and follow best practices
  • Protect the rights of employees, customers and partners
  • Be open about how it stores and processes individuals’ data
  • Protect itself from the risks of a data breach

Data Protection Act

Data Protection Legislation (GDPR) describes how organisations – including Qmetrix – must collect, handle and store personal information. These rules apply whether data is stored electronically, on paper or on other materials.
To comply with the law, personal information must be collected and used fairly, stored securely and not disclosed unlawfully. The Data Protection Act is based on eight key principles. These state that personal information must be collected:

  1. Be processed fairly and lawfully
  2. Only be obtained for specified lawful purposes
  3. Be adequate, relevant and not excessive
  4. Be accurate and kept up to date
  5. Not kept longer than necessary
  6. Processed in accordance with the rights of data subjects
  7. Protected in an appropriate manner
  8. Not moved outside the European Economic Area (EEA) unless that country or territory also ensures an adequate level of protection.

People, risks and responsibilities

Scope of the policy


This policy applies to:

  • The head office of Qmetrix
  • All branches of Qmetrix
  • All employees of Qmetrix
  • All contractors, suppliers and other persons working on behalf of Qmetrix
  • It applies to all data held by the company relating to identifiable individuals. This may include:
  • Names of individuals
  • Postal addresses
  • Email addresses
  • Phone numbers
  • …and any other information about individuals



Privacy Risks

This policy helps protect Qmetrix from some very real data security risks, including:


Responsibilities

Everyone who works for or with Qmetrix has some responsibility for ensuring that data is collected, stored and handled appropriately. Any team handling personal data must ensure that it is handled and processed in accordance with this policy and the Data Protection Principles.
However, these individuals have important responsibilities:

.

Breach of confidentiality. For example, inappropriate disclosure of information.
Failure to offer choice. For example, all individuals should be free to choose how the company uses information relating to them.
Reputational damage. For example, the company could suffer if hackers successfully gain access to sensitive data.
The Board is ultimately responsible for ensuring that Qmetrix complies with its legal obligations.
The Data Protection Officer is responsible for:
keeping the Board informed of data protection responsibilities, risks and issues.
Reviewing all data protection procedures and related policies in accordance with an agreed timetable.
Organising data protection training and advice for those covered by this policy.
Processing data protection queries from staff and anyone else covered by this policy.
Processing requests from individuals to see the data Qmetrix holds about them (also called “subject access requests”).
Reviewing and approving contracts or agreements with third parties that handle the company’s sensitive data.
The IT manager is responsible for:
ensuring that all systems, services and devices used to store data meet acceptable security standards.
carrying out regular checks and scans to ensure that security hardware and software are working properly.
evaluating any third party services that the company is considering to store or process data. For example, cloud computing services.
The marketing manager is responsible for:
Approving all privacy statements attached to communications such as emails and letters.
Responding to any privacy queries from journalists or media outlets such as newspapers.
Working with other staff, as appropriate, to ensure that marketing initiatives adhere to privacy principles.

Data storage

These rules describe how and where data should be safely stored. Questions about storing data safely can be directed to the IT manager or data controller.
When data is stored on paper, it should be kept in a secure place where unauthorised people cannot see it.
These guidelines also apply to data that is usually stored electronically but has been printed out for some reason:

  • When not required, the paper or files should be kept in a locked drawer or filing cabinet.
  • Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer.
  • Data printouts should be shredded and disposed of securely when no longer required.
  • When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:
  • Data should be protected by strong passwords and never shared between employees.
  • If data is stored on removable media (like a CD or DVD), these should be kept locked away securely when not being used.
  • Data should only be stored on designated drives and servers, and should only be uploaded to an approved cloud computing services.
  • Servers containing personal data should be sited in a secure location, away from general office space.
  • Data should be backed up frequently. Those backups should be tested regularly, in line with the company’s standard backup procedures.
  • Data should never be saved directly to laptops or other mobile devices like tablets or smart phones.
  • All servers and computers containing data should be protected by approved security software and a firewall.


Data Usageg

Personal data is only of value to Qmetrix if the company can use it. However, when personal data is accessed and used, there is the greatest risk of loss, corruption or theft:

.

  • When working with personal data, staff should ensure that their computer screens are always locked when left unattended.
  • Personal data should not be shared informally. In particular, they should never be sent by email, as this form of communication is not secure.
  • Data must be encrypted before it is transmitted electronically. The IT manager can explain how data can be sent to authorised external contacts.
  • Personal data should never be transferred outside the European Economic Area.
  • Employees should not store copies of personal data on their own computers. They should always access and update the central copy of the data.

Data accuracy

The law requires Qmetrix to take reasonable steps to ensure that data is accurate and kept up to date.
The more important it is that personal data is accurate, the greater the effort Qmetrix should make to ensure its accuracy.
It is the responsibility of all staff who work with data to take reasonable steps to ensure that data is kept as accurate and up to date as possible.

  • When working with personal data, staff should ensure that their computer screens are always locked when left unattended.
  • Personal data should not be shared informally. In particular, they should never be sent by email, as this form of communication is not secure.
  • Data must be encrypted before it is transmitted electronically. The IT manager can explain how data can be sent to authorised external contacts.
  • Personal data should never be transferred outside the European Economic Area.
  • Employees should not store copies of personal data on their own computers. They should always access and update the central copy of the data.


Requests for subject access

Any person who is the subject of personal data stored by Qmetrix is entitled to:

  • ask what information the company holds about them and why.
  • ask how to get access to this information.
  • ask how to keep them informed.
  • ask how the company complies with its data protection obligations.

Disclosure of data for other reasons.

In certain circumstances, the Data Protection Act permits the disclosure of personal data to law enforcement authorities without the consent of the data subject.
In these circumstances, Qmetrix will disclose the data requested. However, the Data Controller will ensure that the request is lawful and, where appropriate, seek the assistance of the Company’s Board and legal advisors.

Providing Information

Qmetrix aims to ensure that individuals are aware that their data is being processed and that they understand it:

  • How the data will be used
  • How they can exercise their rights

To this end, the Company has this Privacy Notice which sets out how personal data will be used by the Company.

1. Area of competence: Services are rendered for the purposes of solving business problems with working times, remuneration and related areas. A legal consultation is expressly excluded.
2. Support by the Client: The Client supports the comprehensive fulfilment of the contract, free of charge, and takes adequate measures to verify results.
3. Liability: The Contractor will provide compensation only in the event of malicious intent or gross negligence. The liability for all claims of the Client is limited to the fee agreed upon for the contract irrespective of their legal basis, to the extent permitted by law. The Contractor is in no way liable for loss of profit, non-achieved savings, damages from third-party claims vis-à-vis the Client, indirect damage and consequential harm caused by a defect, as far as it conforms with the law.
4. Guarantee: The Client shall inform in writing, within one month of delivery or service, whether there are defects and where these are. If the Client does not provide an explanation or begins using the system, then this shall be deemed to be faultless acceptance at the time of the delivery or service. The length of the guarantee is 6 months. The Contractor retains the right to rectifications of defects. If the rectifications of defects prove to be unsuccessful, the buyer can cancel the contract of purchase or reduce the purchase price appropriately.
5. Payment: Payment is due from the date of the invoice. Default interest shall be charged in the amount of 10% over the Inter-Bank rate per annum. All prices are fixed prices exclusive of taxes and duties. A deduction of discount is not possible.

  • Consultancy services or services that are invoiced on a time and material basis, are charged monthly. The employees of the Contractor record the daily working hours in a list specifying the position and the type of activity and present this with the invoice. The Client can demand to see the list at any time.
  • The Client is – irrespective of his or her rights to refuse payments due to missing or erroneous counter-performance – not authorised to withhold payments. The Client can set only receivables that are undisputed or determined to be legally binding off from amounts owed.

6. Confidentiality: The Contractor obliges to furnish the confidentiality of trade secrets and all information indicated as confidential, which are disclosed to him as a result of the order fulfillment, for an unlimited time. Confidential information shall only be passed on to third parties after written approval by the Client.

  • The Contractor obliges all persons involved with the order fulfillment to a written undertaking to comply with this regulation.
  • Both parties are permitted within the scope of the order fulfillment to process and store data of the other party automated.
  • The parties are allowed to name the installation as a reference case.

7. Feedback: Qmetrix shall have a royalty-free, worldwide, perpetual license to use or incorporate into the Service any suggestions, ideas, enhancement requests, recommendations or other information provided by Customer relating to the operation of the Service.

8. Place of Fulfillment and legal domicile: Any disputes arising hereunder will be settled before a competent Vienna court of law.

II. Licensing of Software

1. Subject matter of the contract: The scope of services of the agreed programs is stated in the respective program description supplemented by the user documentation.

2. Right of utilization and right of return: Qmetrix passes on the non-exclusive right to use the software for internal use to the Client. The use of the software for consulting or problem solution purpose for third parties is expressly excluded. Any other than internal use is only permitted through written approval of the Contractor or defined in the license agreement of the standard software.

Unless you have a different license agreement signed by Qmetrix GmbH, your use, distribution, or installation of the software indicates your acceptance of this agreement („License“).

If you do not agree to all of the terms and conditions of this License, then: (a) do not copy, install, distribute or use any copy of the software with which this License is included, and (b) in addition, if you paid Qmetrix or an authorized Qmetrix reseller for a package consisting of one or more copies of the software, you may return the complete package unused, within fifteen (15) days after purchase, for a full refund of your payment.

The terms and conditions of this License describe the permitted use and user(s) of each Licensed Copy of Operating Hours Assistant. For purposes of this License, if you have a valid single-copy license, you have the right to use a single „Licensed Copy“; if you or your organization has a valid multi-user license, then you or your organization have/has the right to use up to a number of „Licensed Copies“ equal to the number of copies indicated in the documents issued by Qmetrix GmbH when granting the license.

3. License fee:  The amount of the license fee is defined by the scope of use. If the Client wishes to extend the agreed scope of use it must be defined upon in advance.

4. Delivery: The programs are delivered in whole, including a set of user documentation (printed or on electronic data medium). The Client has to confirm the program delivery in writing.

5. Interface description: The contractor agrees to provide the client with the required information for all existing interfaces of his programs to third party software, against reimbursement of the copy and delivery costs. This information may be distributed to other Clients.

6. Scope of License: Each Licensed Copy of the software may either be used by a single person who uses the software personally on one or more computers, or installed on a single workstation used non-simultaneously by multiple people, but not both. This is not a concurrent use license.

Each Licensed Copy may be accessed through a network, provided that you have purchased rights to use a Licensed Copy for each workstation that will access the software through the network. For instance, if 8 different workstations will access the software on the network, you must purchase rights to use 8 Licensed Copies of the software, regardless of whether the 8 workstations will access the software at different times or concurrently.

All rights of any kind of the software which are not expressly granted in this License are entirely and exclusively reserved to and by Qmetrix GmbH. You may not rent, lease, modify, translate, reverse engineer, decompile, disassemble, or create derivative works based on the program, nor permit anyone else to do so. You may not make access to the software available to others in connection with a service bureau, application service provider, or similar business, nor permit anyone else to do so.

7. Installation: The contractor agrees to provide the client with the required information for all existing interfaces of his programs to third party software, against reimbursement of the copy and delivery costs. This information may be distributed to other Clients.

 8. Client obligation for program protection: The Client accepts that the program including the user documentation and additional documents are protected by copyright – also in future versions – and that they maintain trade secrets of the Contractor. He shall exercise all reasonable care for an unlimited time, to prevent disclosure of this Information to any third party.

9. Warranty Disclaimers and Liability Limitations: You will give written notice within thirty (30) days from delivery or service giving reasonable information about any faults. Should you not give notice within the stated period or start using the software this will be regarded as flawless delivery/notice of acceptance at delivery or service. Warranty period is six (6) months at the longest. Qmetrix GmbH reserves the right for finishing touches. Should these be ineffective you have the right to cancel the contract or to have the price reduced adequately.

The agreed program and any and all accompanying software, files, data and materials, are distributed and provided „AS IS“ and with no warranties of any kind, whether express or implied.

Any liability of Qmetrix GmbH will be limited exclusively to refund of purchase price. In addition, in no event shall Qmetrix GmbH, or its principals, shareholders, officers, employees, affiliates, contractors, subsidiaries, or parent organizations, be liable for any indirect, incidental, consequential, or punitive damages whatsoever relating to the use of the software, or to your relationship with Qmetrix GmbH.

In addition, in no event does Qmetrix GmbH authorize you or anyone else to use the software in applications or systems where the software’s failure to perform can reasonably be expected to result in a significant physical injury, or in loss of life. Any such use is entirely at your own risk, and you agree to hold Qmetrix GmbH harmless from any and all claims or losses relating to such unauthorized use.

You acknowledge that good data processing procedure dictates that any program, including the software, must be thoroughly tested with non-critical data before there is any reliance on it, and you hereby assume the entire risk of all use of the copies of the software covered by this License. This disclaimer of warranty constitutes an essential part of this License.

10. Place of Fulfillment and legal domicile: Any disputes arising hereunder will be settled before a competent Vienna court of law.

III. Support and Maintenance

1. General: The purpose of the Qmetrix support and maintenance contract is fair use

troubleshooting over the phone and internet, basic advice on failure and free supply of new release versions of the software for a yearly lump-sum amount.

2. Duration and Termination: The contract begins with the delivery date of the solution and will continue indefinitely. It may be terminated by either party in writing once a year, at the end of the second quarter giving 90 days‘ notice.

3. Payment: The service is invoiced yearly one year ahead at the beginning of the support period. Payment is due after receipt of invoice.

4. Patching Policy: Qmetrix is delivering all Microsoft Windows based computers with the setting „install security patches automatically“. This ensures the best level of security according to the known state of art. The risk of this policy is, that unexpected down-times can happen due to problems with installed security patches. Qmetrix can change this policy based on a written request by the customer.

IV. Sales and Installation of Hardware

1. Validity of the Quotation: The quoted prices are based on this general terms and conditions and are valid for the actual status of the knowledge about the project and the customer requirements as defined in the documentation (usually called „Workbook“) at the date of the quotation for the time stated in the quotation. Substantial changes of the requirements by the customer or changes in the agreed preconditions might require a change of the quotation. Qmetrix GmbH reserves the right to withdraw the quote, if the changed requirements cannot be met.

2. Support by the Client: The Client supports the comprehensive fulfillment of the contract, free of charge, and takes adequate measures to verify results.

3. Installation and Operation of the system: Operation of the Qmetrix system has to follow strictly the operations manuals. Some Qmetrix products are operated at mains voltage levels. Only licensed electricians are allowed to install and manipulate wiring in accordance with the supplied documentations and manuals and observing local regulations.

4. Statistical variance: Due to the statistical variance of the measured process, the measured values and indicators are calculated with a statistical error.

5. Liability: The Contractor will provide compensation only in the event of malicious intent or gross negligence. The liability for all claims of the Client is limited to a tenth of the fee agreed upon for the contract irrespective of legal basis, to the extent permitted by law. Higher liability insurance can be provided against reimbursement of insurance cost if required. The Contactor is in no way liable for loss of profit, non-achieved savings, damages from third-party claims vis-á-vis the Client, indirect damage and consequential harm caused by a defect, as far as it conforms with the law.

6. Set-up and Acceptance: Set-up is completed, when the system is operational according to specifications. Acceptance will be given latest one month after set-up. The Client shall timely inform in writing, whether there are defects and where these are. If the Client does not provide an explanation or begins using the system, then this shall be deemed to be faultless acceptance at the time of the delivery or service.

7. Guarantee: The length of the guarantee is 12 months from date of set-up. The guarantee is provided on a „bring-in“ base. That means, the customer has to bring or send the defect parts on his own cost and risk. The Contractor retains the right to rectifications of defects. Rectifications do not extend the original guarantee period. If the rectifications of defects prove to be unsuccessful, the buyer can cancel the contract of purchase or reduce the purchase price appropriately. Consumeables e.g. batteries or fuses are not part of the guarantee.

8. Payment: Payment is due from the date of the invoice. All prices are fixed prices in Euro exclusive of VAT. A deduction of discount is not possible. Default interest shall be charged in the amount of the Inter-Bank rate (EURIBOR) plus 10% per annum.

  • Payment schedule for purchase: 1/3 at order, 1/3 at setup, 1/3 at acceptance if not agreed differently in the contract.
  • Consultancy services or services that are invoiced on a time and material basis, are charged monthly. The employees of the Contractor record the daily working hours in a list specifying the position and the type of activity and present this with the invoice. The Client can demand to see the list at any time.
  • The Client is – irrespective of his or her rights to refuse payments due to missing or erroneous counter-performance – not authorized to withhold payments. The Client can set only receivables that are undisputed or determined to be legally binding off from amounts owed.

9. Confidentiality: The parties mutually agree to keep trade secrets for an unlimited time confidential. Trade secrets are all documents and all information that is explicitly labelled as such. Secrets can only be passed on to third parties, if Qmetrix GmbH has approved this in writing.

10. Protection of data: The parties are permitted to automatically process and store data of the other parties with computers. Qmetrix is allowed to use the recorded system data in an aggregated manner for purpose outside of the customer system. Qmetrix warrants that this data cannot be identified to be from the customer.

V. General Data Protection Regulation

Introduction

Qmetrix needs to gather and use certain information about individuals to fulfill duties and customer needs.
These can include customers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact.
This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards — and to comply with the law.

Why this policy exists

This data protection policy ensures Qmetrix:
•    Complies with data protection law and follow good practice
•    Protects the rights of staff, customers and partners
•    Is open about how it stores and processes individuals’ data
•    Protects itself from the risks of a data breach

Data protection law
The Data Protection Legislation(GDPR) describes how organisations — including Qmetrix — must collect, handle and store personal information.
These rules apply regardless of whether data is stored electronically, on paper or on other materials.
To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.
The Data Protection Act is underpinned by eight important principles. These say that personal data must:
1.    Be processed fairly and lawfully
2.    Be obtained only for specific, lawful purposes
3.    Be adequate, relevant and not excessive
4.    Be accurate and kept up to date
5.    Not be held for any longer than necessary
6.    Processed in accordance with the rights of data subjects
7.    Be protected in appropriate ways
8.    Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection

People, risks and responsibilities

Policy scope
This policy applies to:
•    The head office of Qmetrix
•    All branches of Qmetrix
•    All staff and volunteers of Qmetrix
•    All contractors, suppliers and other people working on behalf of Qmetrix
It applies to all data that the company holds relating to identifiable individuals. This can include:
•    Names of individuals
•    Postal addresses
•    Email addresses
•    Telephone numbers
•    …plus any other information relating to individuals

Data protection risks

This policy helps to protect Qmetrix from some very real data security risks, including:


Responsibilities

Everyone who works for or with Qmetrix has some responsibility for ensuring data is collected, stored and handled appropriately.
Each team that handles personal data must ensure that it is handled and processed in line with this policy and data protection principles.
However, these people have key areas of responsibility:

  • Breaches of confidentiality. For instance, information being given out inappropriately.
  • Failing to offer choice. For instance, all individuals should be free to choose how the company uses data relating to them.
  • Reputational damage. For instance, the company could suffer if hackers successfully gained access to sensitive data.
  • The board of directors is ultimately responsible for ensuring that Qmetrix meets its legal obligations.
  • The data protection officer, is responsible for:
  • Keeping the board updated about data protection responsibilities, risks and issues.
  • Reviewing all data protection procedures and related policies, in line with an agreed schedule.
  • Arranging data protection training and advice for the people covered by this policy.
  • Handling data protection questions from staff and anyone else covered by this policy.
  • Dealing with requests from individuals to see the data Qmetrix holds about them (also called ‘subject access requests’).
  • Checking and approving any contracts or agreements with third parties that may handle the company’s sensitive data.
  • The IT manager, is responsible for:
  • Ensuring all systems, services and equipment used for storing data meet acceptable security standards.
  • Performing regular checks and scans to ensure security hardware and software is functioning properly.
  • Evaluating any third-party services the company is considering using to store or process data. For instance, cloud computing services.
  • The marketing manager is responsible for:
  • Approving any data protection statements attached to communications such as emails and letters.
  • Addressing any data protection queries from journalists or media outlets like newspapers.
  • Where necessary, working with other staff to ensure marketing initiatives abide by data protection principles.

Data storage

These rules describe how and where data should be safely stored. Questions about storing data safely can be directed to the IT manager or data controller.
When data is stored on paper, it should be kept in a secure place where unauthorised people cannot see it.
These guidelines also apply to data that is usually stored electronically but has been printed out for some reason:

  • When not required, the paper or files should be kept in a locked drawer or filing cabinet.
  • Employees should make sure paper and printouts are not left where unauthorised people could see them, like on a printer.
  • Data printouts should be shredded and disposed of securely when no longer required.
  • When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:
  • Data should be protected by strong passwords and never shared between employees.
  • If data is stored on removable media (like a CD or DVD), these should be kept locked away securely when not being used.
  • Data should only be stored on designated drives and servers, and should only be uploaded to an approved cloud computing services.
  • Servers containing personal data should be sited in a secure location, away from general office space.
  • Data should be backed up frequently. Those backups should be tested regularly, in line with the company’s standard backup procedures.
  • Data should never be saved directly to laptops or other mobile devices like tablets or smart phones.
  • All servers and computers containing data should be protected by approved security software and a firewall.


Data use

Personal data is of no value to Qmetrix unless the business can make use of it. However, it is when personal data is accessed and used that it can be at the greatest risk of loss, corruption or theft:

  • When working with personal data, employees should ensure the screens of their computers are always locked when left unattended.
  • Personal data should not be shared informally. In particular, it should never be sent by email, as this form of communication is not secure.
  • Data must be encrypted before being transferred electronically. The IT manager can explain how to send data to authorised external contacts.
  • Personal data should never be transferred outside of the European Economic Area.
  • Employees should not save copies of personal data to their own computers. Always access and update the central copy of any data.


Data accuracy

The law requires Qmetrix to take reasonable steps to ensure data is kept accurate and up to date.
The more important it is that the personal data is accurate, the greater the effort Qmetrix should put into ensuring its accuracy.
It is the responsibility of all employees who work with data to take reasonable steps to ensure it is kept as accurate and up to date as possible.

  • When working with personal data, employees should ensure the screens of their computers are always locked when left unattended.
  • Personal data should not be shared informally. In particular, it should never be sent by email, as this form of communication is not secure.
  • Data must be encrypted before being transferred electronically. The IT manager can explain how to send data to authorised external contacts.
  • Personal data should never be transferred outside of the European Economic Area.
  • Employees should not save copies of personal data to their own computers. Always access and update the central copy of any data.


Subject access requests

All individuals who are the subject of personal data held by Qmetrix are entitled to:

  • Ask what information the company holds about them and why.
  • Ask how to gain access to it.
  • Be informed how to keep it up to date.
  • Be informed how the company is meeting its data protection obligations.

If an individual contacts the company requesting this information, this is called a subject access request.
Subject access requests from individuals should be made by email, addressed to the data controller at [email address]. The data controller can supply a standard request form, although individuals do not have to use this.
Individuals will be charged £10 per subject access request. The data controller will aim to provide the relevant data within 14 days.
The data controller will always verify the identity of anyone making a subject access request before handing over any information.


Disclosing data for other reasons
In certain circumstances, the Data Protection Act allows personal data to be disclosed to law enforcement agencies without the consent of the data subject.
Under these circumstances, Qmetrix will disclose requested data. However, the data controller will ensure the request is legitimate, seeking assistance from the board and from the company’s legal advisers where necessary.

Providing information

Qmetrix aims to ensure that individuals are aware that their data is being processed, and that they understand:

  • How the data is being used
  • How to exercise their rights

To these ends, the company has this privacy statement, setting out how data relating to individuals is used by the company.