Illustration of person relaxing on phone

Terms of Use and General Terms and Conditions

Supertext Free Terms of Use

1. Supertext AG, Hardturmstrasse 253, 8005 Zurich, Switzerland (Supertext), provides users with a free AI translation service for texts and documents (the free service) at supertext.com (the website). By using the service, the user accepts these Terms of Use.

2. Supertext grants the user the right to use the free service for their own private and business purposes subject to the relevant restrictions outlined on the website, in particular regarding the number of languages, characters, translation orders and volumes.

3. When using the free service, the user must comply with the following rules:

  • The free service may not be used in exchange for remuneration from third parties or on behalf of third parties.
  • The free service may not be used to translate texts or documents that contain racist, pornographic, sexist or otherwise illegal content.
  • The free service must not be used to translate texts or documents that contain personal data or confidential information such as third-party trade secrets, information protected by confidentiality agreements, information subject to legal professional secrecy requirements or similar.

4. Supertext reserves the right to make the use of the free service subject to additional terms and conditions at any time or to change, supplement, develop or entirely discontinue the free service.

5. The free service is provided on an as-is basis. Supertext does not guarantee the accuracy, completeness or general quality of the translations produced by the free service or that they are suitable for a particular purpose. Supertext also does not guarantee that the free service will be available at all times without interruption, error or malfunction.

6. All rights to the free service, with the exception of the open-source components, belong to Supertext. The user is aware that they have no rights to the free service that go beyond the rights of use provided for in these Terms of Use.

7. The user acknowledges that Supertext may use the texts and documents submitted by them and the translations created by the free service for its own purposes, in particular to optimise and improve our (free and paid) services. These purposes also include training our artificial intelligence.

8. The General Terms and Conditions of Supertext AG apply to the human verification of translations created via the free service (known as Verification).

9. Supertext may amend these Terms of Use at any time.

Last updated: January 2025

General Terms and Conditions (T&Cs) of Supertext AG

General provisions
Section 1 Validity of the T&Cs

  • Supertext AG, Hardturmstrasse 253, 8005 Zurich, Switzerland (Supertext), provides text services (text services). The following General Terms and Conditions (T&Cs) govern the contractual relationship between Supertext and the client with regard to the provision of the text services (individual project) specified and agreed in the order form. The client can enter the individual project via their user account at https://www.supertext.com (the website). The contract between the parties (contract) is formed as soon as Supertext accepts the individual project entered, with Supertext having the right to adjust the agreed price in accordance with Section 19 even after the contract has been concluded.

  • In addition, Supertext operates a cloud-based platform for the AI translation of texts (AI translation service), which is also available via the website. The following T&Cs govern the contractual relationship between Supertext and the client with regard to the use of the AI translation service by the client. The contract is formed when the client takes out a corresponding subscription on the website.

  • The AI translation service is also available in a free version that can be used without taking out a subscription; the free version is subject to separate terms of use.

  • The T&Cs are, however, applicable to the Verification service, which can be used in connection with the AI translation service, both in the paid and free versions. In this case, the contract is concluded as soon as the client submits the request for Verification via the corresponding function on the website.

  • Contractual provisions of the client are hereby expressly ruled out.

  • Supertext is entitled to amend or supplement these T&Cs at any time. Ancillary agreements, assurances and other arrangements as well as amendments and supplements to the contract must be made in writing to be effective.

Section 2 Additional terminology

  • An administrator is a user who is assigned to a team and has administrative rights.

  • Work results are the texts translated or processed within the framework of the services.

  • A client is the user or the team to which the user is assigned.

  • Services are the text services and the AI translation service.

  • A user is the owner of a user account. Only natural persons may be users.

  • Texts are the texts, documents and other content provided by the client for the purpose of providing the services.

Section 3 Registration

  • Unless otherwise provided for in these T&Cs, a user must create a user account on the website in order to be able to use the services themself or for a team.

  • Each user can be assigned to one team; membership in multiple teams is ruled out. If the user is assigned to a team, their actions are considered the actions of their team, provided that Supertext has accepted the team as the client. A user has no right to demand that Supertext accept the team as the client.

  • A user can be assigned to a team by

    • creating a team themself, which makes them the administrator;
    • being invited by an administrator to join a team; or
    • being assigned to a team by Supertext.

  • A user can have their membership in a team withdrawn by being removed from the team by the administrator or by Supertext.

Section 4 Involvement of third parties

  • Supertext is entitled to involve third parties in the provision of the services.

  • The text services are also performed by its commissioned, independent, verified professionals (specialist translators, copywriters, editors and proofreaders). In all cases, however, contractual relationships are formed exclusively with Supertext and not directly with the respective professional.

  • The provisions of the commissioned data processing contract set out in Annex 1 concerning the involvement of subcontractors take precedence.

Section 5 Obligations of the client

  • The client is responsible for the behaviour of their users in the same way as they are responsible for their own behaviour. Every activity of their users is attributed to them.

  • The client ensures that the login information is kept confidential and, in particular, that the users do not disclose it to each other. The client shall immediately inform Supertext of any unauthorised use of the login information, any other known or suspected security breach or any other misconduct by their users (which shall not, however, relieve the client of the above obligations).

  • The client is solely responsible for the accuracy and completeness of the texts. The client shall immediately inform Supertext of any errors or inconsistencies in the texts. Supertext reserves the right to retroactively adjust the price in cases such as this.

  • The client is prohibited from transmitting racist, pornographic, sexist or otherwise illegal content or content that infringes third-party rights to Supertext in the context of the services.

Section 6 Blocking

  • Supertext reserves the right to immediately block the client’s access if there is reasonable suspicion that the texts contain racist, pornographic, sexist or otherwise illegal content or content that infringes third-party rights, if there is reasonable suspicion that the client otherwise violates or has otherwise violated these T&Cs or if the client allows the grace period set by Supertext to expire without payment in the event of payment default. This may involve the blocking of individual users or all users.

  • Supertext will inform the administrator in a timely manner and in an appropriate way about the reason for the block. The block will be lifted as soon as the reason for the block no longer applies. Supertext reserves the right to extraordinary termination.

Section 7 Intellectual property rights

  • All rights to the texts and work results are held by the client. The client grants Supertext all the rights of use necessary for Supertext to provide the services and to use them for its own purposes as agreed in the contract.

  • All rights to the website and the services are held by Supertext. Any reverse engineering is prohibited within the legally permissible framework. It is prohibited for the client to license, sell, rent, lease, transfer, assign, distribute, display, host, disclose or otherwise commercially exploit the website and the services, or to make them available to third parties, except for their users and as specified in the contract.

Section 8 Data privacy

  • Supertext is the controller within the framework of the text services, the Verification service and user management; this is subject to other agreements in individual cases. As the controller, Supertext complies with the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR), where applicable.

  • In the context of AI translations, Supertext is considered the processor and the client is considered the controller. The client shall comply with all applicable data protection laws when processing personal data. If the client is based in a country that, from the point of view of the FADP or the GDPR, where applicable, does not have an adequate level of data protection, Supertext reserves the right to require the conclusion of additional agreements to ensure compliance with the applicable data protection legislation.

Section 9 Confidentiality

  • Supertext takes appropriate measures to keep the texts, work results and other confidential information, data and documents that the client transmits to Supertext (confidential information) confidential.

  • The client shall inform Supertext if confidential information is subject to a legal duty of confidentiality.

  • Supertext undertakes to disclose confidential information only to those employees and auxiliaries who are subject to a legal or contractual duty of confidentiality.

  • The above does not restrict Supertext

    • in responding to requests from competent authorities, if Supertext considers the disclosure of information to be lawful;
    • in the disclosure of information necessary to defend against third-party legal claims or to investigate a potential misuse of the website or the services; or
    • in the use of any know-how – in particular but not exclusively – with respect to industry- or field-specific terminology, jargon or phrases gained in the provision of the services, provided that confidential information is not disclosed to third parties.
Section 10 Payment terms

  • The price and fees agreed in the individual case are subject to the applicable value-added tax. The client can only make payment with the effect of discharging the debt in Swiss francs within the framework of the payment methods made available by Supertext.

  • If Supertext grants the client the option of payment by invoice, this invoice is usually made available for download solely in .pdf format or is sent by email to the email address provided by the client.

  • Invoices are due ten (10) days after the date of invoicing. If the client fails to pay by the expiration of this period, the client is automatically in default.

  • Licence fees and similar remunerations must be paid in advance for each payment period; this is subject to any other agreements. The client is automatically in default when this payment period expires.

  • In the event of payment default, Supertext will grant the client a suitable grace period. If the client fails to pay within this grace period, Supertext is entitled to charge interest on arrears at a rate of 5% p.a. If Supertext is able to prove higher damages caused by default, it is entitled to claim them.

Section 11 Offsetting/non-assignment clause

  • The offsetting of any claims of Supertext with counterclaims of the client requires prior written agreement between Supertext and the client.

  • The assignment of rights under this contract is not permitted without the consent of Supertext.

Section 12 Liability/limitations of liability

  • To the extent permitted by law, Supertext, its employees and auxiliaries shall not be liable for direct or indirect damages, consequential damages, lost profits or claims of third parties resulting from or in connection with the use of the services, for delays, non-delivery or incorrect deliveries, unavailability of the services, data loss or infringement of third-party rights or otherwise.

  • The amount of the liability for damages caused by the use of services by Supertext, by incorrect storage or transmission of data through Supertext or by Supertext’s handling of texts and documents is limited to the proven damages. In any case, liability is limited to CHF 300.00 per page and must not exceed the foreseeable maximum amount of CHF 15,000.00.

Section 13 Indemnification

The client shall defend Supertext against and indemnify Supertext for all damages incurred by Supertext (i) arising from or in connection with a claim by a third party alleging that the texts or their use infringe or have damaged the rights of such third party or of any other third party, or (ii) arising from a breach of a duty under the contract.

Section 14 Prohibition against enticement

The client undertakes to not entice any specialists employed or subcontracted by Supertext or to employ them without the consent of Supertext during the period of cooperation between the parties and for a period of one year thereafter. For each case of culpable infringement, the client undertakes to pay a contractual penalty of CHF 20,000.00. The payment of a contractual penalty does not release the client from compliance with the prohibition against enticement.

Specific provisions for text services
Section 15 Performance specification

  • Supertext undertakes to provide the text service in a professional and competent manner in the desired language and with the appropriate care.

  • If the text service consists of a translation, Supertext undertakes to ensure that this is carried out without any cuts, additions or other content-related changes. Translations are made literally or in a way that is consistent with the meaning of the original text and in a way that is consistent with the intention, in accordance with the average, generally accepted quality standards of the translation industry in the respective language area.

  • A client’s individual technical terminology is only taken into account if it is agreed on and if sufficient and complete documentation, e.g. previous translations or word lists, is provided at the time that the project is ordered. Specialist terms are otherwise translated or used as in common practice in accordance with the quality standards in Section 15.

  • Only text is translated or edited. If the text to be translated contains images, it may be rejected. Texts containing illegal content and texts that violate good moral standards may also be rejected. In addition, the text may be rejected if there are special circumstances that make it unreasonable to process the text. This may be the case in particular when, due to the difficulty and/or the volume of the document, a translation cannot be produced to the appropriate quality in the time frame specified by the client. Supertext will inform the client of this fact as soon as possible. In the event of a rejection, there is no claim for remuneration.

  • In the event that a text gains copyright protection as a result of the work done by the relevant professional, Supertext guarantees that the client will – within the scope of what is legally permissible – obtain the unrestricted usage and exploitation rights in terms of location, content and time. This includes the right to modify the text and transfer it to third parties.

Section 16 Acceptance/obligation to give notice of defects

  • After the work has been completed, the work result is available to the client for download via their user account or the user account of a user. The client or user will receive a download invitation by email. The client must ensure that the download takes place immediately after they are informed of completion.

  • Other forms of delivery, such as by post or fax, are only carried out on the basis of a separate express agreement, for example in the case of certified documents.

  • Supertext may make the provision of the work result for download dependent on the presentation of a written power of attorney, a prepayment or a bank guarantee declaration.

  • The client must examine the work result for any defects immediately on receipt. Obvious defects in processing are to be reported in writing, with the defects specified, immediately after download or after receipt in the client’s reception area (in the case of other forms of dispatch), and hidden defects are to be reported in writing immediately after their discovery, with the defects specified. If no written complaint is made within 10 days at the latest, processing is considered to have been performed in accordance with the contract.

  • Supertext bears the risk of data loss up to the point of the download of the work result to the client’s hard disk/cache. The client is responsible themself for the download process to their own hard drive/cache, and they release Supertext from any liability in this regard. If other forms of delivery (post, email, fax) have been expressly agreed, the risk only passes to the client when the text is handed over to the carrier, when the corresponding email arrives in the recipient’s inbox or when the corresponding fax is printed out by the recipient.

Section 17 Improvement

  • To the extent that the work result deviates from the requirements agreed on, Supertext will make the necessary improvements within a reasonable period of time. Improvement is ruled out if the deviations have been caused by the client themself, e.g. by providing incorrect or incomplete information or by providing incorrect texts.

  • If the appropriate period for improvement expires without result, the client may withdraw from the contract.

  • All claims are ruled out if the deviation only reduces the value or suitability of the work result negligibly.

Section 18 Warranty

Supertext does not guarantee that the work result is permissible and suitable for the client’s purpose. This is particularly true if the work result is published or used for advertising purposes. The legal risk of usability or publication thus lies solely with the client.

Section 19 Price

  • The price of a text service is calculated based on the volume of the document to be processed and the prices listed on the website.

  • The volume of a document to be processed is determined electronically and thus the price is calculated electronically.

  • Supertext is explicitly entitled to adjust the price of the text service to the actual volume of the document (in accordance with the current prices of Supertext) even after the project has been ordered by the client, if the automatic determination of the volume of the text to be processed cannot be carried out with sufficient accuracy due to technical reasons (for example, if the text to be processed contains text fields that are not recognised as text to be processed by the detection software or if a format is used that cannot always be counted accurately online, such as the .pdf or .xls formats).

Section 20 Contract termination

  • The client may cancel the individual project at any time up to the completion of the translation.

  • If an individual project is cancelled by the client, the costs incurred up to that point must be refunded pro-rata according to the degree of completion. However, the claim for reimbursement of costs is at least 50% of the project value in each case.

  • Supertext may terminate the contract extraordinarily at its own discretion in the event of grounds for blocking as per Section 6 of this agreement or if the client seriously breaches the contract in any other way.

  • Supertext reserves the right to store the texts received from the client within the framework of the individual project for archiving purposes after the individual project has been completed. The texts are erased only in the event of an express written request from the client.

Specific provisions for Verification
Section 21 Performance specification

  • Verification can also be used without creating a user account.

  • Supertext undertakes to review the work results translated by AI in the context of Verification in a competent and professional manner, with the appropriate care. The client is aware, however, that Verification is purely a quality control measure to correct false or incomplete translations or those that distort the meaning in any other way.

Section 22 Additional provisions

  • The price is based on the prices listed on the website.

  • The client has no claim to the improvement of the work results checked and possibly revised during Verification.

Specific provisions for the AI translation service
Section 23 Performance specification

  • Supertext provides the client with the AI translation service during the term of a subscription, subject to the limitations displayed on the website at the time of the conclusion of the contract, in particular with regard to the number of languages, characters and translation projects as well as volumes. In this context, Supertext grants the client a non-exclusive, non-transferable right to use the AI translation service and to allow authorised users to use the service, exclusively for the client’s own purposes.

  • The client is aware of and agrees to the following conditions for the use of the AI translation service:

    • the client has taken out a subscription for the use of the AI translation service;
    • a user has successfully logged into their user account;
    • there is a functioning internet connection on the user’s end device for which the client is responsible.

  • Supertext has taken appropriate measures to protect the AI translation service from unauthorised access and manipulation as well as from misuse.

  • Supertext uses the work results it has created for the client as part of a text service in order to improve the AI translation service provided to the client (“fused translation”). These improvements are exclusively for the benefit of the client and are not used for other clients.

  • The client is aware that Supertext only stores the texts and work results transmitted and created in the context of the AI translation service for as long as is technically necessary and only processes them in the scope that is technically necessary.

Section 24 Warranty

  • The AI translation service is provided “as is” and on a “best effort” basis. Implied warranties are ruled out to the extent permitted by law, including warranties of quality, functionality, marketability or legality.

  • The client is particularly aware that the AI translation service does not replace a professional human translation, but serves as an aid in this respect. Supertext does not guarantee the accuracy or completeness of the work results created using the AI translation service.

  • Unless otherwise expressly agreed, Supertext does not guarantee that the AI translation service can be used at all times without interruption and/or at a specific time, or that it is free of errors and interruptions. The user has no claims in this regard, except as provided for below.

Section 25 Fees

  • The fees are calculated based on the prices and calculation methods displayed on the website at the time of the contract’s conclusion.

  • Supertext reserves the right to adjust the fees at any time, in particular due to technical or legal changes. The client will be informed in good time of such adjustments, and the adjustments will take effect at the beginning of the next payment period. If the client is not in agreement with the adjustment of the fee, they may terminate the contract effective at the end of the current payment period.

Section 26 Updates and upgrades

  • Supertext may at any time change and develop the AI translation service in accordance with its stated purpose, for example by means of updates and upgrades. The client has no right to demand that Supertext develop updates or upgrades.

  • Supertext will typically make adjustments, changes and additions to the AI translation service and take measures to identify and resolve malfunctions in such a way that these only lead to a temporary interruption or impairment of availability, if this is necessary for technical reasons.

  • If the existing range of functions can no longer be offered or can no longer be offered to the same extent for technical or legal reasons, Supertext may make the necessary adjustments immediately.

  • If Supertext develops any updates or upgrades, it usually provides these to the client without an additional fee. For additional functionalities in particular, Supertext reserves the right to adjust the fee in accordance with Section 25.

  • Supertext informs the client early on about updates and upgrades that significantly change the range of functions of the AI translation service. If the change in the range of functions results in unreasonable impairment for the client, the client may terminate the contract immediately.

Section 27 Contract term and termination

  • The contract for the use of the AI translation service will be concluded for the respective planned term. Subject to any other agreements, the contract may be terminated at the end of the respective term.

  • If the parties do not terminate the contract at the end of the term, the contract automatically renews for another term.

  • The right to extraordinary and immediate termination for good cause remains reserved. Good cause includes, in particular, if there are grounds for blocking as per Section 6 of this agreement.

Final provisions
Section 28 Contract amendments

  • Supertext may amend or supplement these T&Cs, including Annex 1, at any time at its sole discretion.

  • The client will be notified of the amendments in text form (including by email) at least 30 days before the amendment comes into effect. Exceptions are amendments or supplements that do not affect the subject matter or the content of the T&Cs, such as, in particular, the correction of typing errors.

  • The client may object to the amendment within 14 days, provided that they have concluded a subscription for the use of the AI translation service (and this is still valid at the time the amendment to the T&Cs comes into effect).If the client objects to an amendment within the period stated, Supertext has the right to terminate the contract without any liability consequences within a period of 30 days, provided that the amendment to the T&Cs was proposed for good reason.

Section 29 Various provisions

  • Projects outside the range of the services defined in these T&Cs in connection with the services of Supertext are not subject to these T&Cs. These include in particular: additional services such as DTP, printing, HTML files, etc. Such services are agreed separately.

  • The place of performance for all contractual services is the Supertext headquarters in Zurich, Switzerland.

  • If the parties have agreed on written form, this is also fulfilled by email.

  • The validity of the other provisions of this contract shall not be affected by the invalidity or non-enforceability of any individual provision. The invalid or non-enforceable provision shall be replaced by the relevant legal provisions, in line with the meaning of the original provision. The same applies accordingly if a provision has been omitted.

Section 30 Place of jurisdiction and applicable law

  • Contracts concluded on the basis of these T&Cs are exclusively subject to Swiss law.

  • Zurich, Switzerland, the headquarters of Supertext, is the exclusive place of jurisdiction for all disputes, claims or disagreements arising from or in connection with this contractual relationship, including those related to its validity, invalidity, breach or termination.

Last updated: January 2025

ANNEX 1: COMMISSIONED DATA PROCESSING AGREEMENT

Supertext AG (“service provider”) and the client (“client”) have entered into a principal contract under which the service provider shall process personal data on behalf of the client. The agreement is intended to govern this commissioned data processing for the purposes stated in the FADP and, where applicable, the GDPR, including any possible transfer of personal data to a non-secure third country and any possible processing of personal data for the service provider’s own purposes.

I. TERMINOLOGY

  • The following defined terminology is used in this agreement. In addition, terminology is valid as defined in the FADP and, where applicable, as defined in the GDPR, including in particular “personal data”, “processing”, “processor”, “subcontractor”, “controller” and “data subject”.

  • The “FADP” is the Swiss Federal Act on Data Protection in its valid version, including its ordinances.

  • The “GDPR” is Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

  • The “FDPIC” is the Swiss Federal Data Protection and Information Commissioner.

  • The “EU SCC” are the standard contractual clauses as approved by the European Commission in its Implementing Decision of 4 June 2021 [C(2021)3972 final].

  • “EEA” stands for the European Economic Area.

  • “Clause” means a clause of the EU SCC.

  • A “country with an adequate level of data protection” is a country or territory whose legislation ensures an adequate level of data protection both according to an adequacy decision of the European Commission and according to a corresponding assessment by the FDPIC or a corresponding finding by the Swiss Federal Council.

  • An “affiliated company” is a legal person that is directly or indirectly controlled by the party, that directly or indirectly controls the party or that is directly or indirectly under the control of the same legal person as the party.

II. COMMISSIONED DATA PROCESSING

A. Scope and characteristics of commissioned data processing

  • This agreement governs the processing of personal data by the service provider as a processor or subcontractor of the client as the controller or processor in the context of the performance of the principal contract.

  • To the extent that the client is also the processor (e.g. of one of their clients), they are solely responsible for communication with their controller and the service provider may consider the client’s instructions to be those of the controller and assume that they always act on their behalf.

  • All personal data that the service provider receives from the client, an affiliated company of the client or a third party within the framework of the processing, or which the service provider themself creates within the framework of the processing, is covered.

  • The subject matter, duration, nature and purpose of the processing, as well as the categories of the personal data processed and the categories of the data subjects concerned, are as set out in Annex 1A.

B. Obligations of the client

The client shall undertake and guarantee to the service provider that:

  • a) the processing, the engagement of the service provider and their instructions to the service provider shall be carried out in compliance with the FADP, where applicable, the GDPR and any other applicable data protection legislation and in a way that is lawful in all other respects, and this shall remain the case for the term of the agreement;

  • b) the technical and organisational measures set out in Annex 1B (Technical and organisational measures) are appropriate in relation to the processing and the associated risks and this shall remain the case for the term of the agreement;

  • c) they have made or obtained all notifications, registrations, official approvals and consent from the data subjects that are necessary for the lawful processing of personal data by the service provider as the processor under the FADP, where applicable, the GDPR and other applicable data protection legislation; and

  • d) they shall respond to all requests concerning processing from data subjects who exercise their rights under the applicable data protection regulations, from supervisory authorities and from other third parties in a legally compliant and appropriate manner.

C. Processing of personal data by the service provider
1. Duties of the service provider

The service provider undertakes the following with respect to the client:

  • a) to process personal data, unless otherwise agreed, only for the client’s purposes and, in each case, only for the purpose of fulfilling the principal contract in accordance with the documented instructions of the client; the principal contract including this agreement, as well as the services agreed on by the parties, the configurations and options selected by the client and the instructions provided for in the principal contract are the final and binding instructions of the client, unless otherwise agreed. If the client wishes to amend these instructions, they shall propose this to the service provider; provided that there is no special process in place for contract amendments, the service provider shall examine the amendment request in good faith; if the parties cannot agree on an amendment within 30 days, the client may terminate the commissioned data processing extraordinarily and the services in the principal contract affected by this, provided that they show that the requested contract amendment is necessary under data protection legislation;

  • b) to not disclose or transmit any personal data outside the country, except:

    • (i) to the client themself, to their affiliated companies or to third parties in fulfilment of an instruction from the client or as provided for in the principal contract (this does not apply to communications to subcontractors of the service provider or to other third parties engaged by the service provider);
    • (ii) unless a more stringent provision has been agreed in the principal contract, to a recipient in a country with an adequate level of data protection;
    • (iii) unless a more stringent provision has been agreed in the principal contract, to a recipient that is not in a country with an adequate level of data protection, provided that the conditions required for a lawful disclosure or transfer of personal data under the FADP and, where applicable, the GDPR have been met; or
    • (iv) this is agreed with the client in the principal contract or otherwise;

  • c) to provide and maintain the technical and organisational measures set out in Annex 1B (Technical and organisational measures) to ensure at all times the confidentiality, integrity and availability of personal data and the traceability of their processing in accordance with the requirements of the applicable data protection regulations, and to protect personal data against unauthorised processing, unauthorised access or unauthorised disclosure and against accidental or unlawful falsification, destruction or loss, it being further agreed between the parties in relation to the traceability of the processing that the client shall ensure that any logging obligations incumbent on the parties (such as, in particular, those under Article 4 of the Swiss Ordinance on Data Protection, where applicable) are complied with; the service provider may adapt these measures as necessary, provided that the overall level of protection is essentially maintained; in such cases, the service provider shall adapt Annex 1B (Technical and organisational measures) and shall inform the client in an appropriate manner;

  • d) to limit the processing of personal data to employees and other auxiliaries (including all third parties working on the instruction of the service provider and subject to Article 29 GDPR) who are contractually or legally bound to confidentiality;

  • e) to delegate the processing of personal data to third parties (other than employees and other auxiliaries who meet the requirements under Point II.C.1.e) of this section) only with the written consent of the client and only to a subcontractor who has agreed to the commissioned data processing provisions under the FADP and, where applicable, under Article 28(3) GDPR. Consent is generally deemed to have been given for all subcontractors on the subcontractor list named by the parties in Annex 1C or in the principal contract; if the service provider wishes to add to or amend the subcontractor list, they shall notify the client in a suitable manner in text form at least sixty 60 days in advance (e.g. by email or by using a notification function on amendment to the list, if such a function is made available on the internet). The client may object to an addition to or amendment of the list within fifteen 15 days in writing; they shall only do so for data protection and legitimate reasons; if the parties cannot agree within fifteen 15 days, the client may terminate the commissioned data processing and the services in the principal contract affected by this extraordinarily, provided that they show that the objection is necessary under data protection legislation; the involvement of subcontractors in the client’s favour is subject to more stringent provisions in the principal contract;

  • f) to promptly notify the client at the email address specified by the client of any breach of data security (including any breach of the protection of personal data as per the GDPR and the FADP) and to provide all information that is reasonably available to the service provider in accordance with Article 33(3) GDPR and the corresponding provisions of the FADP;

  • g) to assist the client, at their request, in complying with the GDPR, the FADP and other applicable data protection regulations, taking into account the nature of the processing and the information available to the service provider, in particular in fulfilling its obligations (i) to data subjects in respect of the rights exercised by the data subjects under the applicable data protection regulations (including Chapter III of the GDPR and the corresponding provisions of the FADP and other applicable data protection regulations) and (ii) under Articles 32 to 36 GDPR and the corresponding provisions of the FADP and other applicable data protection regulations;

  • h) to inform the client immediately if, in their opinion, an instruction by the client infringes applicable data protection regulations or other applicable regulations;

  • i) to provide the client with all the information necessary to demonstrate the service provider’s compliance with this Point II.C.1 and to allow and cooperate in audits and inspections by the client or by audit firms appointed by the client; the client agrees to only exercise this right of audit, as far as possible, by relying on the audit of any certifications and audit reports of independent audit firms made available by the service provider; and

  • j) in accordance with the client’s choice, subject to applicable legal retention obligations, to return or erase all or certain personal data to the client at the end of the principal contract or at the client’s request, without keeping a copy, and to confirm this erasure to the client.

2. Special expenditure, indemnification

  • Unless otherwise agreed in the individual case, the client shall reimburse the service provider for the costs and expenses incurred by the service provider as a result of providing support services to the client in accordance with Point II.C.1, allowing or supporting the client’s audits, implementing changes required by the client in connection with the commissioned data processing, or otherwise supporting the client in complying with the FADP, where applicable, the GDPR and other applicable data protection legislation, provided that the client cannot show that these costs and expenses were caused by the service provider themself or are not to be borne by the client in accordance with an express provision in the principal contract.

  • The client shall fully indemnify the service provider against any claims by third parties due to a breach of this agreement (including Section III, if agreed) or applicable data protection regulations. Such an indemnification shall apply in particular with respect to all damages, costs, administrative sanctions, claims or expenses incurred by the service provider as a result of such infringements. It is not subject to any liability limitations or exclusions agreed in the principal contract, in the absence of an express agreement to the contrary with respect to this clause, as is also the case with any claim for damages by the service provider and its affiliated companies.

III. TRANSMISSION TO THE CLIENT IN NON-SECURE THIRD COUNTRIES

If the client is located in a country with an inadequate level of data protection, the following applies. In the event of any conflict, the provisions of this Section III shall take precedence over those of Section II.

A. Validity of the EU SCC

If and to the extent that the client is not located in a country with an adequate level of data protection, the EU SCC shall be deemed to have been agreed between the parties in relation to the transfer of personal data to the client as the controller of the processing as defined in Annex 1A as follows, with the client being the “data importer” and the service provider being the “data exporter”:

  • a) Clauses 1-6;

  • b) Clause 8 with the provisions for “Module Four”, including the introductory paragraph;

  • c) Clauses 10-12 with the provisions for “Module Four”, including clause 11(a), but without the provisions of the optional paragraph in clause 11(a);

  • d) Clauses 14-15 with the provisions of “Module Four”, if and to the extent that the service provider combines the personal data received from the client with personal data that the service provider has collected in the EEA or Switzerland within the framework of the processing; the service provider may invoice the client for its costs and expenses in connection with Clauses 14-15 and their compliance in accordance with the provisions of Point II.C.2.; the parties agree that the client shall prepare the documentation required under Clause 14(d) and shall submit it to the service provider on first request; the client is also responsible for any further transfer impact assessments that may be necessary due to the forwarding of data collected in the EEA or Switzerland and they shall verify compliance with this responsibility to the service provider on first request;

  • e) Clause 16 with the provisions for “Module Four”;

  • f) Clause 17 with the provisions for “Module Four”, with the law of Switzerland being considered as the law agreed by the parties for the purposes of Clause 17;

  • g) Clause 18 with the provisions for “Module Four”, with the courts of Switzerland being the competent courts for the purposes of Clause 18;

  • h) Insofar as transfer is subject to the FADP, the following amendments to the above agreed EU SCC clauses also apply (these amendments have no impact on the purposes of the GDPR):

    • (i) References to “Regulation (EU) 2016/679” or “this regulation” are to be understood as references to the FADP, where applicable;
    • (ii) References to “Regulation (EU) 2018/1725” are removed;
    • (iii) The terms “Union”, “EU” and “EU member state” are to be understood as referring to Switzerland;
    • (iv) As long as the FADP of 19 June 1992 applies, the parties agree that the EU SCC shall also protect data of legal entities in relation to transfers subject to the FADP.
B. Structure of the annexes

The following applies to the EU SCC annexes referred to in the clauses as per the preceding point:

  • a) Annex I.A consists of:

    • (i) the information in the principal contract and the client’s user account, with the client being considered the “data importer” acting as the “controller” and the service provider being considered the “data exporter” acting as the “processor”;
    • (ii) the contact information of the client as per its user account and the contact information of the service provider as per the principal contract;
    • (iii) the activities in line with the processing as defined in Annex 1A for the commissioned data processing;

  • b) Annex I.B consists of the relevant information as per (i) the processing and (ii) any subcontractor processing, as defined in Annex 1A and 1C for the commissioned data processing or in the list referenced therein;

  • c) Annex II consists of Annex 1B to this agreement.

C. Further provisions

  • a) The parties confirm that they have the EU SCC to hand and that they thus do not need to be attached to this agreement as a copy.

  • b) The client shall provide the service provider with appropriate support with compliance with the FADP, where applicable, the GDPR and other applicable data protection legislation in connection with transfers to recipients not located in a country with an adequate level of data protection, at the client’s expense and on first request.

IV. OTHER PROVISIONS

Furthermore, the parties agree the following:

  • a) Each party shall bear the costs of implementing this agreement themselves, provided that there is an express connection to this agreement and unless otherwise agreed in this agreement.

  • b) Each party shall comply with its obligations as per the data protection regulations applicable to it, in particular those as per the FADP and, where applicable, the GDPR. This is particularly the case when the service provider processes personal data received from the client or otherwise obtained in connection with the principal contract as the controller. In this context, the client authorises the service provider to process personal data and other data for the following purposes: (i) the purposes of the principal contract and the rights and obligations arising from it (e.g. for the provision and billing of services), (ii) for the improvement of the service provider’s products and services, (iii) non-personal purposes (e.g. statistical evaluations), provided that no personal data is published or passed on to third parties not bound by confidentiality provisions, and (iv) compliance with legal and self-regulatory obligations. The client shall draw the attention of the data subjects to the privacy policy of the service provider on request, insofar as the service provider does not do so themself. Insofar as the client transfers personal data to the service provider for processing as the controller (e.g. details of the recipient of the service), the client is responsible for ensuring that they are permitted to do this and that the service provider is permitted to process this personal data in accordance with the contract.

  • c) Any amendments to this agreement must be made in writing and signed in a legally valid form by authorised representatives of the parties. However, the service provider may at any time require an amendment to this agreement insofar as the FADP or the GDPR or other reasons of data protection, data security or confidentiality require this in the service provider’s reasonable opinion; the client will not refuse such an amendment without good reason.

  • d) Any previous agreements between the parties regarding the commissioned data processing are hereby superseded by this agreement as of the date of this agreement.

  • e) This agreement is considered a discrete agreement in addition to the principal contract. In the event of any conflict between the provisions of this agreement and those of the principal contract, the provisions of this agreement shall take precedence, if and insofar as they relate to the processing of personal data by the service provider in the context of the principal contract.

  • f) The provisions of this agreement shall also apply after the termination of the principal contract and shall remain in force as long as the service provider is in possession of or has access to the personal data covered by this agreement.

The provisions of this agreement are subject to Swiss law and are to be interpreted in accordance with the substantive law of Switzerland. For all disputes arising from or in connection with this agreement, the place of jurisdiction is Zurich.

ANNEX 1A: DESCRIPTION OF DATA PROCESSING

The processing is defined as follows:

  • Subject/purpose of the processing: Operation of the AI translation service for AI-assisted text translation.

  • Categories of the data subjects: All individuals whose personal data is included in the texts to be translated.

  • Categories of the personal data: All personal data contained in the texts to be translated; this may include, in individual cases, particularly sensitive personal data or personal data of a special nature.

  • Type of processing: Collecting, storing, retaining, using, changing, disclosing, erasing.

  • Duration of the processing: The data is deleted after each translation project.

ANNEX 1B: TECHNICAL AND ORGANISATIONAL MEASURES

1. Access control (measures to prevent unauthorised access to data processing equipment)

  • Technical measures
    - Automatic access control system
    - Alarm system
    - Biometric access barriers
    - Security locks

  • Organisational measures
    - Person identification
    - Access logging
    - Key control
    - Careful selection of personnel
    - Video surveillance

2. Access control (measures to prevent unauthorised access to data processing systems)

  • Technical measures
    - Person authentication
    - Use of firewall
    - Housing locking

  • Organisational measures
    - Authorisation concept
    - Administrators manage user permissions
    - Creation of user profiles

3. Access control (authorised persons may only access the data covered by their access authorisation)

  • Technical measures
    - Access logging

  • Organisational measures
    - Minimum number of administrators
    - Administrators manage user permissions
    - Privacy and data security policy

4. Share control (measures to prevent unauthorised reading, copying, altering or deletion of data during transport or storage on data storage devices)

  • Technical measures
    - Exclusive transfer via encrypted SSH tunnelling

  • Organisational measures
    - Employee awareness

5. Availability and resilience check

  • Technical measures
    - Uninterruptible power supply
    - Protection against fire, smoke, flooding, humidity, etc.
    - Backups

  • Organisational measures
    - Backup concept
    - Disaster recovery plan

6. Regular review and evaluation

  • Technical measures
    - Employee access to internal data protection regulations

  • Organisational measures
    - Employee awareness

7. Incident response management

  • Technical measures
    - Use of firewall, regularly updated
    - Use of spam filters, regularly updated
    - Intrusion detection system
    - Intrusion prevention system

  • Organisational measures
    - Process for detecting and reporting security incidents
    - Documented procedures for dealing with data security incidents

8. Privacy-friendly defaults: privacy by design

  • Technical measures
    - No storage of text segments (to be translated or translated) after completion of the translation process

  • Organisational measures
    - Consideration of privacy by design principles in the development process
    - Employee awareness

ANNEX 1C: LIST OF SUBCONTRACTORS

No subcontractors are involved in data processing for AI translation.