General Terms and Conditions

These General Terms and Conditions apply to all offers, contracts, and services of Rieger Systems GmbH, Fernpa��-Stra��e 4a, A-6465 Nassereith (hereinafter "Rieger Systems").

By using online services, purchasing services, or placing an order, the customer expressly accepts these GTC.

These GTC apply to all services exclusively vis-a-vis entrepreneurs within the meaning of Section 1 UGB. Hardware sales (refurbished/used goods) may additionally be made to consumers; in such cases, the special provisions of Sections 3 and 4a apply. Online registrations and digital services are addressed exclusively to entrepreneurs.

Any deviating, conflicting, or supplementary terms of the customer shall become part of the contract only if Rieger Systems expressly agrees to them in writing.

Notice regarding B2C exclusion. Public ordering or registration options are directed exclusively to entrepreneurs. Rieger Systems is entitled to request suitable proof of entrepreneurial status (e.g., VAT ID, company register excerpt) and to reject orders if such proof is not provided.

"Written form" includes text form (in particular email), unless a qualified electronic signature is expressly required.

Offers made by Rieger Systems are non-binding unless expressly designated as binding.

A contract is concluded by written or electronic confirmation from the customer and subsequent order confirmation by Rieger Systems.

Electronically transmitted documents and digital signatures (e.g., via email, DocuSign, or PDF signature) are deemed legally binding. Rieger Systems is entitled to use electronic communication protocols, log files, or timestamps as evidence of contract conclusion or approvals.

The primary communication channel is email. Telephone calls or verbal agreements are binding only after written confirmation.

Form of handover. Electronic form (email, ticket system, e-signature) is sufficient for the effectiveness of acceptance requests, handover protocols, and approvals. Screenshots, timestamps, and log entries may be used as evidence.

Changes, amendments, or ancillary agreements require written form, including electronic form (e.g., email).

Legal basis. Consumers within the meaning of Section 1 KSchG are entitled, in distance selling contracts for hardware, to a statutory right of withdrawal under Sections 11 et seq. FAGG; the withdrawal period is 14 days from the day on which the consumer or a third party designated by the consumer takes possession of the goods.

Exclusion/loss. The right of withdrawal does not apply in the cases provided by law under Section 18 para. 1 FAGG, in particular for individually configured goods or sealed goods that are unsuitable for return for reasons of health protection or hygiene once the seal has been removed.

Form. Withdrawal may be declared informally, e.g., by email to kontakt@rieger-systems.eu or by post; timely dispatch within the withdrawal period is decisive (Section 13 para. 1 FAGG). A model withdrawal form in accordance with Annex I Part B FAGG is provided online.

Reversal. Following an effective withdrawal, Rieger Systems shall refund all payments received within 14 days in accordance with Section 14 FAGG; return shipping costs are borne by the consumer provided that the delivered goods corresponded to the order.

Compensation for value reduction. The consumer owes compensation for any diminished value resulting from use beyond what is necessary to examine the nature and characteristics of the goods pursuant to Section 15 para. 4 FAGG.

The specific scope of services is determined by the respective offer, order confirmation, or a separate service description.

Rieger Systems is entitled to engage suitable third parties to provide services. Subcontractors are commissioned in compliance with contractual obligations, in particular with regard to data protection and confidentiality.

When subcontractors are used, Rieger Systems ensures that contractual data protection, confidentiality, and security requirements are observed (Art. 28 para. 4 GDPR).

If performance is impaired or prevented by third parties engaged by the customer (e.g., domain providers, IT service providers, agencies), this shall not constitute delay in performance by Rieger Systems.

Services in software development, web design, AI integration, hosting, or maintenance are provided in accordance with the agreed scope, timeline, and remuneration model.

Consulting services. Rieger Systems provides IT and technology consulting to the best of its knowledge and according to the state of the art. Consulting recommendations are non-binding and do not constitute any guarantee of success. The customer is obliged to independently review and implement consulting recommendations at its own responsibility. Rieger Systems is not liable for damages resulting from the implementation of consulting recommendations unless caused by intent or gross negligence. Consulting fees are billed based on the agreed hourly rate or fixed fee.

Rieger Systems does not provide legal or tax advice. Automated text or data processing systems do not constitute legal or medical recommendations. System-generated content (including AI-supported outputs) is solely an aid and does not replace legal, tax, or medical advice.

AI systems and automated decisions. Rieger Systems develops and integrates AI systems to the best of its knowledge and according to the state of the art. AI systems are probabilistic systems. The customer acknowledges that their outputs may not represent objectively correct or complete information. AI-generated content, recommendations, or decisions are aids and do not replace human review. Rieger Systems is not liable for incorrect decisions, misinformation, or damage arising from AI systems, unless caused by intent or gross negligence. The customer is obliged to critically review AI outputs and not use them without review.

The customer is responsible for the lawful use of AI outputs, in particular under GDPR, sector-specific laws, and the EU AI Act. The customer shall ensure that end users are informed about the use of AI systems and that decisions are not made without human review.

Where open-source models are used, the respective license terms apply; Rieger Systems assumes no liability for their algorithmic or semantic correctness.

Training data and model improvement. The customer's personal data shall not be used for model enhancement (training, fine-tuning, evaluation) without an explicit contractual basis. Anonymized or aggregated operational data may be used for quality improvement, provided that personal reference is permanently excluded.

Content and third-party rights. The customer warrants that provided content is free of third-party rights and may be used lawfully. Rieger Systems does not perform legal review of content. Third-party claims arising from content supplied by the customer shall be borne by the customer.

Indemnification. The customer shall indemnify Rieger Systems against all third-party claims resulting from content provided by the customer (including reasonable legal defense costs). Rieger Systems shall inform the customer without undue delay of any asserted claims.

IP indemnification by Rieger Systems. Rieger Systems shall indemnify the customer against third-party claims arising from culpable infringement of intellectual property rights by work results originally developed and contractually provided by Rieger Systems, provided that the customer (a) informs Rieger Systems in writing without undue delay, (b) leaves legal defense and settlement negotiations to Rieger Systems, and (c) provides reasonable support. Excluded are claims based on customer specifications, customer-provided content, or OSS license conditions. In case of justified claims, Rieger Systems may, at its discretion, procure the right of use, modify or replace the services, or withdraw the right of use against reimbursement of the affected remuneration less a usage share.

If, during the defect analysis, it turns out that a disruption is not attributable to Rieger Systems (e.g., third-party providers, systems within the customer's responsibility, configurations), Rieger Systems is entitled to charge the examination and analysis effort at agreed or customary hourly rates. Billing is based on the current price list or agreed hourly rate; partial hours are charged pro rata.

Time increments/billing units. All services billed on a time-and-materials basis (including analysis, defect examination, support, consulting, change requests, statutory disclosures/audits) are billed in 15-minute units; each commenced 15-minute unit counts as a full unit.

Open-source software. The respective license terms apply to OSS used; the customer undertakes to comply with them and pass them on to third parties if the customer distributes OSS components or derivative works thereof. Upon request, the customer receives a component list including license notices (OSS notice). Rieger Systems assumes no liability for license changes, updates, or security vulnerabilities in OSS components unless Rieger Systems has developed or modified the component itself. If a maintenance agreement is in place, Rieger Systems considers security-relevant updates of OSS components within reasonable limits.

License compliance. To the extent deliverables contain OSS components, Rieger Systems shall, upon request, fulfill information obligations (e.g., provision of license notices and, where applicable, source code offer pursuant to the license). Warranty or indemnification claims arising from OSS licenses are excluded to the extent permitted by law.

Customer data and usage rights. All content and data provided by the customer ("customer data") remain the property of the customer. Rieger Systems receives a non-exclusive right of use limited to the term of the contract for contract performance (operation, support, backups, tests). Operational and telemetry data (e.g., logs, metrics) may be processed for operational security, error analysis, and service improvement; personal reference is avoided or pseudonymized where possible.

Changes or extensions after contract conclusion shall be documented exclusively via a change request and require the consent of both parties.

Change requests. Changes to the scope of services are described in CR documents with content, effort, schedule impact, and remuneration, and become binding only after written approval. Oral change requests are not binding, even if implemented by employees of Rieger Systems. Work on change requests begins only after written approval by both parties.

Pricing basis for change requests. Change requests are billed according to Rieger Systems' price list/rate card valid at the time of commissioning. Rieger Systems is entitled to update the price list reasonably; Section 6 remains unaffected.

All changes, adaptations, or extensions requested after project completion and acceptance are deemed new, chargeable services. This applies regardless of scope or designation ("minor change", "correction", etc.).

For the purchase and sale of used and refurbished IT hardware, the provisions of this section apply in addition.

Purchase. Rieger Systems purchases used IT hardware from businesses (B2B) and, in exceptional cases, from private individuals (B2C). Valuation is based on condition, age, and market value. Rieger Systems reserves the right to adjust or withdraw offers after examining the hardware.

Data erasure. Professional data erasure is performed by partner AfB gGmbH in accordance with certified standards. Rieger Systems is liable for the careful selection and supervision of this partner; no liability is assumed for services performed by AfB outside Rieger Systems' sphere of influence. The customer is obliged to create its own backups before handover. Rieger Systems does not act as a waste disposal company or data destruction entity under waste law; responsibility for proper disposal lies with partner AfB.

Sale of refurbished hardware. Refurbished hardware is sold with a warranty from partner AfB. Warranty conditions follow AfB provisions. Rieger Systems is liable for its own errors in mediation or handover and for careful selection and supervision of the partner; no liability is assumed for the partner's independent services.

Retention of title. Delivered hardware remains the property of Rieger Systems or the respective partner until full payment has been made (extended retention of title).

B2C right of withdrawal. For sales to consumers within the meaning of KSchG, the statutory right of withdrawal under Sections 11 et seq. FAGG applies for 14 days after receipt of the goods. The right of withdrawal expires in the cases of Section 18 para. 1 FAGG, in particular if the hardware was used or damaged after delivery in a manner exceeding what is necessary to examine its properties, condition, and functionality.

Warranty for hardware. For hardware, statutory warranty periods of 24 months from delivery apply. For used hardware, the warranty period may be reduced to 12 months if expressly agreed.

Consumer rights. For consumers, the mandatory protective provisions of KSchG (in particular Sections 5a-5f information duties, Section 9 mandatory character) and the provisions of FAGG apply; any deviating agreements to their detriment are invalid.

Transfer of risk/shipping. In B2B, risk passes upon handover to the carrier; for consumers, only upon handover to the consumer.

Cost structure. In purchase transactions, costs for data erasure, AfB intake fee, and Rieger Systems' share are deducted from the goods value. The remaining amount is paid out to the customer or offset against the purchase price in case of buyback.

For the distribution of finished software products, AI systems, or SaaS solutions, the provisions of this section apply in addition.

License agreements. When distributing finished software, Rieger Systems enters into a license agreement with the customer. The customer receives a non-exclusive, non-transferable right to use the software for the agreed purpose and period.

SaaS agreements. In software-as-a-service (SaaS), the customer receives access to software via the internet. Use is subject to the agreed term and conditions of use. Rieger Systems reserves the right to update, modify, or discontinue the software, provided that the customer is notified at least 3 months in advance.

Updates and support. In software distribution, updates and support are owed only to the agreed extent. Regular updates may be agreed separately. Rieger Systems is not obliged to update or expand software permanently unless expressly agreed.

Warranty. For the distribution of finished software, statutory warranty periods of 24 months from delivery apply. In SaaS contracts, the warranty period starts at contract commencement. Defects must be reported in writing within 14 days after discovery.

Termination. The customer may terminate SaaS contracts by ordinary notice of 3 months to month-end, unless a minimum term has been agreed. Rieger Systems may terminate SaaS contracts without notice in case of payment default or violation of usage terms. After contract end, access to the software expires.

Data export and offboarding (SaaS). During the term, the customer may commission an export of its business data in a common format (e.g., JSON/CSV or SQL dump); a reasonable cost contribution based on effort applies. Source code, build pipelines, operational and configuration scripts, and internal operations documentation are not owed. After contract end, Rieger Systems shall provide a one-time export within 30 days upon written request. Additional migration services (e.g., re-hosting, data cleansing, interface adjustments) must be commissioned separately.

For research and development projects in the field of artificial intelligence, the provisions of this section apply in addition.

No guarantee of success. Research and development are performed to the best of current knowledge and according to the state of the art. Rieger Systems does not guarantee the achievement of specific research results, milestones, or technical specifications. Research outcomes may deviate from originally defined objectives.

Intellectual property. Research results, inventions, patents, and know-how arising within research projects remain with Rieger Systems unless expressly agreed otherwise. Research results may constitute intellectual property under copyright or patent law; decisions on patent filings are made solely by Rieger Systems. The customer receives usage rights to the research results to the agreed extent.

Publication rights. Rieger Systems is entitled to publish research results provided no confidential customer information is disclosed. The customer may object to publication if legitimate interests conflict with it.

Cooperation projects. In cooperation projects (e.g., with universities or research institutions), the provisions of the cooperation agreement apply in addition. IP rights are regulated in the cooperation agreement.

Funded projects. In publicly funded projects (e.g., EU, FFG), the respective funding guidelines apply in addition. Rieger Systems is obliged to comply with the funding conditions.

Liability. Rieger Systems is not liable for research results not achieved, failures, or deviations from research hypotheses unless caused by intent or gross negligence.

For training courses, trainings, and further education in the IT and technology field that Rieger Systems provides to entrepreneurs within the meaning of Section 1 UGB, the provisions of this section apply in addition.

Registration and participation. Registrations for trainings must be made in writing or electronically. Rieger Systems reserves the right to cancel or postpone trainings if the number of participants is too low (fewer than 3 participants). The customer will be informed no later than 7 days before the training start.

Cancellation. Cancellations by the customer are free of charge up to 14 days before training start. In case of later cancellation, 50% of the training price is due; in case of cancellation on the training day or no-show, 100% is due. In case of cancellation by Rieger Systems, replacement dates may be offered.

Training materials. All training materials (presentations, scripts, exercises) are protected by copyright and remain the property of Rieger Systems. The customer receives a non-exclusive right of use for personal use. Transfer or reproduction is not permitted.

Certificates. Attendance confirmations or certificates are issued only upon full participation. Rieger Systems does not guarantee recognition of certificates by third parties.

Technical requirements. The customer is obliged to ensure technical prerequisites (hardware, software, internet connection) for online trainings. Rieger Systems is not liable for technical problems on the customer's side.

Substitute participants and recording. The customer may nominate a substitute participant at no additional cost. Audio/video recordings of trainings are prohibited without prior written consent.

Liability. Rieger Systems is not liable for learning success or applicability of conveyed content. No guarantee of success is given.

The customer undertakes to provide all information, access credentials, materials, and approvals required for contract performance no later than 7 calendar days before project start.

The customer ensures that provided test data does not contain real personal data. If real data must be used, this is permitted only upon explicit written agreement and in compliance with GDPR. Rieger Systems is not liable for data protection violations caused by real data transmitted by the customer in test environments.

The customer undertakes to keep its own access credentials confidential and to prevent unauthorized access.

The customer is responsible for identity, role, and permission management of its users (including password strength, MFA, revocation upon personnel changes). Damages resulting from improper account management are within the customer's responsibility.

Security responsibility. The customer shall ensure that user accounts are protected with strong passwords/MFA and that credentials are not shared. In case of security incidents within the customer's sphere of influence (e.g., compromised end devices/credentials), the customer shall notify Rieger Systems without undue delay and cooperate in containment/forensics.

Delays attributable to late cooperation by the customer shall extend agreed delivery and performance deadlines accordingly.

If the customer fails to fulfill cooperation obligations on time, all deadlines and payment schedules shall be postponed accordingly. In case of customer delay exceeding 14 days, Rieger Systems is entitled to issue interim invoices or demand a reasonable lump-sum compensation for downtime/additional costs; proof of higher/actual costs remains reserved.

Rieger Systems is entitled to temporarily pause projects if the customer is in default with payments, feedback, or approvals. Work resumes only after settlement of outstanding claims or written confirmation of new timelines.

If the customer does not fulfill cooperation obligations despite reminder, Rieger Systems may terminate the contract and invoice accrued effort.

The customer is solely responsible for backing up its data before and after project work.

Rieger Systems documents material versions, releases, and changes during project execution. The customer receives access to version history and documentation to the agreed extent. The customer is obliged to secure the current version independently. Subsequent restoration of older versions or provision of additional documentation is possible only against compensation.

To ensure long-term functionality of systems, the customer is obliged to commission regular software updates or maintenance. The customer is informed that security vulnerabilities may arise if updates or maintenance are not performed. Rieger Systems is not liable for incompatibilities or outages resulting from omitted maintenance.

All prices are net plus statutory value-added tax.

Standard payment schedule. Rieger Systems invoices all project-related and ongoing services (software development, consulting, training/workshops, SaaS, hosting, maintenance, support) retroactively for the preceding month on the first calendar day of the following month or, alternatively, on the next banking business day. All services rendered in the respective calendar month, including pass-through third-party costs, are recorded.

Due date. Invoices are payable within 14 calendar days from invoice date without deductions; payment is deemed timely if the invoice amount is credited to the specified account no later than on the due date.

Lump-sum and fixed-price contracts are likewise billed monthly in accordance with documented project progress; partial acceptances or milestones are shown in the next monthly invoice.

Time-and-materials billing. Services not covered by lump sum are billed according to the currently valid price list/rate card in 15-minute units; each commenced 15-minute unit counts as a full unit.

Invoicing. Invoices are transmitted electronically (PDF); paper invoices are issued only upon request and against reimbursement of costs. Collective invoices include the service period, records of services, and any third-party costs.

Payment methods. Payments are made by SEPA bank transfer to the notified account. Additional payment methods (e.g., credit card, PayPal) require separate agreement; any associated fees are borne by the customer.

Training courses, workshops, and hardware or license purchases are included in the respective monthly invoice after service delivery or delivery of goods. For third-party services requiring pre-financing, Rieger Systems may request reasonable advance payments.

Fee adjustment (index clause). Recurring fees may be adjusted once per year effective on the first day of the following month. The benchmark is CPI 2020 (Statistics Austria); the reference value is the index level stated in the offer/contract. If the index increases, the fee may be adjusted by the percentage change, up to a maximum of 5% p.a. A decrease in the index does not automatically lead to a reduction. Adjustments are announced at least 30 days before taking effect; the customer may terminate the affected continuing obligation contract extraordinarily at the adjustment date within 14 days of receiving the notice.

Third-party price changes. Charges depending on third-party providers (e.g., domains, certificates, API usage fees) may be adjusted by Rieger Systems in line with provider changes as they take effect. Rieger Systems will notify the customer in advance.

Pass-through of third-party charges. Price changes, fees, levies, or third-party costs caused by third parties (e.g., domain registrars, certification bodies, API providers) are recharged one-to-one; any processing/handling fees are shown transparently.

Default and collection costs. In case of payment default, Rieger Systems is entitled to charge default interest pursuant to Section 456 UGB (Austrian National Bank base rate + 9.2 percentage points p.a.); vis-a-vis consumers (hardware only under Section 4a), default interest is 4% p.a. In addition, the statutory flat fee of EUR 40 for collection costs pursuant to Section 458 UGB in conjunction with Section 1333 para. 2 ABGB applies; further necessary debt collection and legal enforcement costs shall be reimbursed.

The following reminder fee regulation applies only to entrepreneurs. Vis-a-vis consumers, only actually necessary and reasonable collection costs are asserted.

Reminder schedule. The reminder process is transparent: (a) payment reminder on the 5th calendar day after due date without fee, (b) second reminder from day 12 with processing fee of EUR 15, (c) third reminder from day 20 with processing fee of EUR 35 and announcement of transfer to debt collection or legal counsel. From transfer to external entities onward, the actually incurred collection and legal enforcement costs are charged pursuant to Section 1333 para. 2 ABGB.

Set-off against claims of Rieger Systems is permitted only with undisputed or legally established counterclaims. The customer has a right of retention only for claims arising from the same contractual relationship.

Statutory disclosure and cooperation duties. Legally required support services (e.g., information requests, eDiscovery, audit support), insofar as they exceed the ordinary contractual scope, are remunerated according to the valid price list/rate card.

Reverse charge. For cross-border services to entrepreneurs in the EU/outside the EU, value-added tax is owed under the reverse-charge procedure where applicable; the recipient of the service is liable for the tax.

Until full payment has been made, all rights to services rendered, source code, designs, and concepts remain with Rieger Systems. This also applies to all interim results, drafts, and versions not used in production.

After full payment, the customer receives a non-exclusive, non-transferable right of use to the agreed services.

Rieger Systems retains ownership and all rights to generic modules, libraries, frameworks, and technical components used within the project. The customer receives only a right of use limited to the project scope.

In case of payment default exceeding 30 days, Rieger Systems is entitled to temporarily block access to services (e.g., system access, staging/production, deployments, ticket support) until outstanding amounts are fully paid. Statutory warranty rights remain unaffected.

Transfer, sublicensing, or modification of the works without written consent is prohibited.

After project completion, Rieger Systems is entitled to name and publicly present the services rendered as a reference (e.g., on the website or in portfolios). The customer may object to this use in writing at any time.

Source code escrow (optional). Upon request, an escrow agreement may be concluded against separate remuneration. Release events (e.g., permanent service discontinuation, insolvency) entitle the customer to use the deposited sources exclusively for error correction in its own operations.

Acceptance process. Rieger Systems provides a testable version with brief acceptance documentation (release notes/handover protocol) and sets a reasonable review period (at least 5 working days). If no substantial defect notice of classes A/B is made within that period, the service is deemed accepted. Minor deviations (class C) do not prevent acceptance. Productive use of individual deliverables is deemed partial acceptance of those parts.

Rieger Systems is entitled to render partial services and request partial acceptances if this corresponds to project progress.

Rieger Systems provides test systems. No liability is assumed for damages or data losses caused by faulty content or operation by the customer. After customer approval, go-live is deemed accepted.

Acceptance criteria and defect classes. Acceptance testing is performed on the basis of the agreed specification. Defects are classified as follows: Class A (critical): productive use impossible or security risk -> acceptance suspended. Class B (material): use materially impaired, workaround possible -> acceptance possible, remedy within a reasonable period. Class C (minor): no material impairment -> no obstacle to acceptance; remedy within next maintenance/release cycles. Productive use is deemed acceptance of the parts used.

For software and web projects, minor deviations that do not materially impair use are not deemed defects.

Warranty periods. Software/SaaS/consulting (B2B): 12 months from acceptance. Hardware (B2B): 24 months, reduced to 12 months for used hardware if expressly agreed. Hardware (B2C): statutory periods; reduction to 12 months applies only to used goods and only if expressly agreed. Section 377 UGB remains unaffected.

Notice of defects (B2B only). For entrepreneurs, Section 377 UGB applies (prompt notice of obvious or hidden defects). For consumers (hardware only under Section 4a), statutory provisions apply.

Rieger Systems may, at its discretion, remedy defects, provide replacement, or reduce the price.

Hosting services include operation, backups, security updates, monitoring, and technical support of systems commissioned by the customer.

Operation is carried out exclusively on servers of Hetzner Online GmbH (Germany/EU) or equivalent EU providers.

Availability and measurement. The stated availability of 98% refers to the calendar month and is determined based on server/service uptime according to Rieger Systems monitoring/logs. Excluded are: (a) announced maintenance windows (at least 24 h in advance), (b) disruptions outside our sphere of influence (e.g., general network disruptions, DDoS, failures of upstream suppliers/cloud providers), (c) emergency security updates, (d) operating errors or configurations within the customer's responsibility. Credits or contractual penalties exist only if regulated in a separately agreed SLA addendum.

SLA priority. With regard to scope and legal consequences of availabilities and response times, a written SLA addendum takes precedence over these GTC in case of conflict.

Response and recovery times are best effort within available resources. There is no entitlement to specific response times without a separate SLA.

The minimum term is 12 months from contract commencement. If no written termination is made at least 3 months before expiry, the contract is automatically extended by one additional year.

Support requests are handled on working days from 9:00 to 17:00. Outside these times, there is no entitlement to immediate response. Emergency support outside these times may be agreed and billed separately.

Definitions of time. "Working days" are Monday to Friday excluding statutory public holidays at the seat of Rieger Systems (Austria/Tyrol). The relevant time zone for deadlines and availability measurement is CET/CEST.

Permitted use and right to suspend. The customer shall refrain from any use that violates laws or endangers operations (e.g., spam dispatch, unauthorized scanning, malware, copyright infringements). In case of justified suspicion, Rieger Systems may temporarily suspend affected services and inform the customer. The right to suspend does not affect payment and cooperation obligations.

Planned maintenance work is carried out outside normal business hours where possible. Short interruptions for maintenance do not count as downtime.

The customer is responsible for safeguarding its business content. Backups created by Rieger Systems serve solely for system restoration and do not replace customer data backups.

Rieger Systems performs regular system backups; restoration is on a best-effort basis and without guarantee of error-free restorability of data.

Operational, security, and monitoring data (technical operational data without personal reference, e.g., logs, metrics, alerts) generated during hosting may be used by Rieger Systems for operational security, error analysis, and service improvement. Personal reference is avoided or pseudonymized where possible; otherwise, the DPA applies. System and evaluation rights to this operational data remain with Rieger Systems.

Retention periods. Technical logs (e.g., access/error logs) are retained for a maximum of 180 days unless security or evidentiary requirements justify longer retention. Backups are maintained according to internal backup policy (at least daily backups, multiple retention) with a retention period of 30 days unless contractually agreed otherwise.

SLA notice. Specific availabilities, response times, RPO, and RTO are regulated exclusively in an SLA addendum. Without an SLA addendum, no contractual penalties or credits apply.

Backups and project data are retained for 30 days after contract end and then deleted. Longer retention may be agreed against a fee.

Rieger Systems is not liable for outages resulting from force majeure, network disruptions, or unforeseeable maintenance work.

For the protection of personal data, the data processing agreement (DPA) under Art. 28 GDPR applies in addition. The current version of the DPA is an integral part of these GTC. The DPA is provided upon contract conclusion or available online.

After termination of the hosting, maintenance, or other service contract, all services connected to Rieger Systems infrastructure (e.g., server operation, mail services, API access, databases, monitoring or security systems) are deactivated and discontinued.

The customer acknowledges that provided systems are functional only within an ongoing contractual relationship. After contract end, these services are no longer available, and Rieger Systems is not obliged to ensure their functionality on third-party infrastructure.

Shutdown of infrastructure and systems after contract end is not deemed service disruption, but regular contract termination.

Rieger Systems is not liable for loss of functionality or usage restrictions arising after contract termination because systems or services are no longer connected to the original infrastructure.

Upon request, the customer receives a one-time data backup (e.g., website backup or export of software data). This handover is provided in simple and unmodified form, without guarantee of functionality outside Rieger Systems systems.

Data format. The one-time data backup is provided as an unmodified export/backup (e.g., database dump, file package) without warranty of functionality on third-party infrastructure and without adapting dependencies.

A work result or functional success on third-party infrastructure is not owed unless separately commissioned and remunerated.

Relocation, migration, or technical integration into another infrastructure (e.g., by a new provider) constitutes a separate, chargeable service and requires a separate written order.

Access credentials. After contract end, all credentials, API keys, authentication tokens, and access permissions must be changed or deactivated without undue delay. Rieger Systems is not liable for damage caused by continued use of old credentials.

After completion of handover and expiry of statutory periods, all remaining data, access credentials, and backups are permanently deleted from Rieger Systems systems.

The following limitations of liability apply only vis-a-vis entrepreneurs. Statutory liability rules apply vis-a-vis consumers.

Rieger Systems is liable for damages caused by intent and gross negligence. In case of slight negligence, Rieger Systems is liable only for breach of essential contractual obligations (cardinal obligations) and, in this case, is limited to the typically foreseeable damage.

In case of breach of essential contractual obligations, liability is limited to the typically foreseeable damage.

Liability is limited per case of damage to twelve times the monthly remuneration of the affected contract, but not more than EUR 50,000, unless expressly agreed otherwise.

Contributory fault and mitigation of damages. Contributory fault of the customer (e.g., breach of cooperation obligations, improper configuration) reduces corresponding claims. The customer must take economically reasonable measures to mitigate damages (e.g., off switch, isolation of affected systems).

The liability cap does not apply in cases of intent, gross negligence, injury to life, body, or health, or in cases of mandatory statutory liability.

A reversal of the burden of proof to the detriment of Rieger Systems is excluded.

Rieger Systems is liable for data loss only if the customer can prove proper data backups.

Liability for loss of profit, consequential damages, or indirect damages is excluded.

Rieger Systems assumes no liability for disruptions, errors, or outages caused by third-party services, in particular hosting providers, email services, DNS systems, captcha, or advertising services. Likewise, no warranty is assumed for SEO results, search engine rankings, or email delivery rates.

Rieger Systems is not liable for malfunctions, outages, or data losses caused by external interfaces (APIs, webhooks, integrations with third-party providers).

Rieger Systems is not liable for damages, impairments, or data losses resulting from independent changes, interventions, or software installations by the customer or third parties.

Neither party is liable for non-performance due to force majeure events (including natural events, war, terrorism, pandemics, governmental measures, large-scale network/cloud disruptions). Performance periods are extended by the duration of the impairment plus a reasonable restart period.

Project-related contracts terminate automatically upon proper acceptance of the agreed service.

Early termination of project-related contracts (B2B). If the customer terminates a project without good cause, (a) services rendered up to that point must be remunerated based on effort/milestone, (b) already commissioned third-party services must be reimbursed, and (c) 15% of the outstanding order value must be paid as cancellation lump sum.

Continuing obligations (hosting, maintenance, service agreements) are subject to the terms defined in Section 9.

Any termination requires written form.

Rieger Systems may terminate the contract without notice for good cause. Good cause exists in particular if the customer, despite reminder, is in payment default for more than 30 days, breaches cooperation duties or confidentiality, or uses the system unlawfully (e.g., security breaches, spam dispatch, unauthorized changes).

Rieger Systems processes personal data exclusively in accordance with GDPR and the Austrian Data Protection Act.

Rieger Systems may reject or terminate projects if they violate European data protection or ethical standards. Services already rendered must be remunerated. Further claims by the customer are excluded to the extent permitted by law.

Rieger Systems implements reasonable technical and organizational measures (VPN, firewall, access protection) to protect customer data.

Security incidents. Both parties shall inform each other without undue delay of known security incidents concerning the subject matter of the contract and shall cooperate in investigation and required notifications under Art. 33 GDPR.

The parties undertake to treat confidential information as strictly confidential and not disclose it to third parties (see NDA).

Duration. Confidentiality obligations continue for 5 years beyond the contract term.

The customer remains the controller within the meaning of GDPR; Rieger Systems acts as processor.

Subprocessors. Rieger Systems may engage subprocessors and maintains an up-to-date list available at https://www.rieger-systems.eu/subprocessors or upon request. Changes are announced at least 14 days in advance. If the customer objects in writing for important data protection reasons, the parties will seek a solution within a reasonable period. If the customer objects in due time and no reasonable alternative is possible, either party may extraordinarily terminate the affected service; further contracts remain unaffected.

Priority. In case of conflict between these GTC and the DPA, the DPA prevails for all matters of data processing.

Regulatory changes (EU AI Act, GDPR guidelines). Rieger Systems is entitled to adjust technical and organizational measures, documentation duties, and processes insofar as required to comply with new or amended legal requirements (in particular EU AI Act, implementing acts, EDPB guidelines). Additional effort resulting therefrom beyond the contractually agreed scope is treated as a change request.

Data portability and deletion. After contract end or upon written request, Rieger Systems deletes all personal data within 30 days unless statutory retention obligations prevent this. The customer has the right to receive its data in a structured, common, and machine-readable format.

Austrian law applies exclusively, excluding the UN Convention on Contracts for the International Sale of Goods.

Place of performance. The place of performance for all services and payments is 6465 Nassereith, Austria, unless otherwise agreed in writing.

Export and sanctions compliance. Rieger Systems processes personal data and provides services exclusively for customers who are not listed on EU sanctions lists and have no connections to embargoed countries. Rieger Systems reserves the right to refuse or terminate services if: (a) the customer is on a sanctions list, (b) the service violates export regulations (e.g., Dual-Use Regulation), (c) the customer originates from or operates in an embargoed country. Rieger Systems is entitled to conduct compliance checks and request corresponding evidence.

Limitation period. Contractual claims of the customer against Rieger Systems become time-barred vis-a-vis entrepreneurs within 12 months from due date or acceptance, to the extent permitted by law. Statutory limitation periods apply vis-a-vis consumers. Claims for intent, gross negligence, and injury to life, body, or health remain unaffected.

Jurisdiction. For consumers (hardware only under Section 4a), statutory places of jurisdiction apply. Otherwise (B2B services), Innsbruck is the exclusive place of jurisdiction. The contract language is German.

Disputes shall first be resolved amicably. At the request of either party, mediation may be initiated at the Tyrol Chamber of Commerce. Mediation is voluntary; both parties must agree. Court proceedings may be initiated only after an unsuccessful amicable attempt or rejection of mediation.

Language versions. In case of discrepancies between language versions, the German version shall prevail.

Assignment. Assignment of rights or transfer of obligations from this contract by the customer requires prior written consent of Rieger Systems.

Rights and obligations under this contract transfer to legal successors or affiliated companies of Rieger Systems GmbH.

Rieger Systems reserves the right to update these GTC in ongoing continuing obligations. Information about changes to the GTC is provided by email to the address specified by the customer; objection is possible within 14 days. If the change results in a materially adverse deterioration for the customer, the customer is entitled to extraordinarily terminate the affected continuing obligation contract until the change takes effect.

In case of conflict between GTC and individual contracts, the more specific agreement shall prevail.

Entire agreement. This contract including annexes (offer, order confirmation, DPA, SLA, service descriptions) constitutes the entire agreement between the parties. There are no oral side agreements.

Should individual provisions of these GTC be invalid, the validity of the remaining provisions remains unaffected. Invalid provisions shall be replaced by economically equivalent regulations.

Survival. Provisions on confidentiality, IP rights, limitations of liability, payment claims, choice of law, and jurisdiction survive contract termination.

Notice: This version replaces all previous versions of Rieger Systems General Terms and Conditions and is binding for all contracts from 2025-12-01 onward.