TERMS AND CONDITIONS

these terms and conditions are issued by Risk Flow s.r.o., company ID: 178 30 788, with registered office at U Hřbitova 235/25, Kylešovice, 747 06 Opava, file number C 91229, registered at the Regional Court in Ostrava

(hereinafter referred to as "Terms and Conditions")


I. Introductory provisions

1. The company Risk Flow s.r.o., ID No.: 178 30 788, with registered office at U Hřbitova 235/25, Kylešovice, 747 06 Opava, file number C 91229, registered at the Regional Court in Ostrava (hereinafter referred to as the "Provider") is the operator of the Risk Flow application.

2. The Risk Flow application is a software for simplifying the risk management process available in a web interface on the relevant internet domain established by the Provider , under the terms and conditions agreed in these Terms and Conditions (hereinafter referred to as the "Application").

3. These Terms and Conditions govern the terms and conditions of use of the Application, in particular the rights and obligations of the Provider and the User under the Digital Content Service Agreement (the "Agreement").

4. User means any person who enters into contracts or negotiates contracts with the Provider.

5. The Provider declares that he has all property rights to the application, which is a copyrighted work. The agreement also includes the license arrangements for the use of the application as set out below.

6. If the user is not a consumer, the provisions of § 2389a to § 2389u of the Civil Code do not apply and all rights and obligations are governed by the terms and conditions.

7. Arrangements and contractual terms relating to consumer contracts are contained in Art. X of these terms and conditions. If the User is a consumer, these arrangements shall prevail over the other provisions of these Terms and Conditions

II. Conclusion of the contract

1. The offer to provide application services is only informative and the provider is not obliged to conclude a contract regarding these digital content services; the provisions of § 1732 par. 2 of Act No. 89/2012 Coll., the Civil Code (hereinafter referred to as the "Civil Code") do not apply.

2. The user delivers to the provider a request for the conclusion of a contract, in which he/she provides his/her identification data, e-mail and, if applicable, a specification of the variant of the application in which the user is interested.

3. On the basis of the request, the provider delivers an offer to the user's e-mail address, which is a proposal for the conclusion of contracts. The user accepts the proposal by e-mail confirmation.

4. In the case of further negotiations between the provider and the user regarding the content of the contracts, the final proposal for the conclusion of the contracts is the offer, which the user accepts without reservation by e-mail confirmation; the first sentence of § 1740(3) of the Civil Code does not apply.

5. The Contract is concluded upon acceptance of the Proposal or Final Proposal and payment of the Annual Fee in accordance with these Terms and Conditions.

III. The application and the conditions necessary for its operation

1. The application serves as a supporting and auxiliary tool for conducting risk analyses and risk assessment. The user can create asset lists and risk analyses in the application and set up their approval processes. The application only gives recommendations to the user, the actual risk assessment and the adoption of appropriate measures is left to the user.

2. On the web portal, the provider offers different variants of the application, whereby the individual variants of the application differ in the scope of the functions made available and in the amount of the monthly fee. The specific content of each variant is defined in the price list. The user is entitled to add additional services within the individual variants to the extent and at the prices as defined in the price list. Additional services are included in the application.

3. The application can only be used as a web application, it cannot be downloaded to the user's device. The application is operated in the SaaS (Software as a Service) system.

4. In order to use the application, the user needs in particular an internet browser and an internet connection with a minimum speed of 5 to 10 Mbps (hereinafter referred to as the "user's digital environment").

5. A prerequisite for the proper functioning of the application is its proper use and data input in accordance with the instructions, aids and other materials available to the user on the website and in the section https://docs.riskflow.eu (hereinafter referred to as "instructions"). The user is obliged to familiarize himself with the published materials.

6. The provider hereby informs the user that all documents, analyses, values and other results that are output from the application are processed on the basis of data entered by the user and are only informative, supportive and recommendatory.

7. The Provider undertakes to guarantee 95% availability to the User within the agreed application variant.

IV. Application fee

1. The fee for the use of the application including additional services is set monthly and is governed by the price list, unless otherwise agreed in the contract. The website provides indicative fee amounts for the different variants of the application.

2. The user is obliged to pay the fee one year in advance before the application is made available, unless otherwise agreed in the contract. The fee is payable on the basis of the provider's invoice by bank transfer to the bank account indicated on the invoice. The User agrees to receive invoices electronically to the email address provided in the request.

V. Making the application available

1.The provider shall make the application available to the user within 3 days of the date of conclusion of the contract. The application is made available to the user by sending a link through which the user sets up his login data to the user account in the application to the e-mail address specified in the request. The application shall be made available to the user for the duration of the contract.

2. The user is authorised to use the application only through his/her user account. The user is obliged to secure the login data to the user account in a suitable way to ensure its confidentiality. The User shall be liable for unauthorised use of the login data or the user account and for damage caused by unauthorised use to the Provider or other users of the Application. The User is obliged to immediately report the loss, theft or misuse of the login data to the Provider by e-mail.

3. The Provider shall be entitled to deny the User access to the application, in particular if it suspects that the User is using the application in violation of the contract or the legal regulations of the Czech Republic, or if the User provides false information about himself/herself;

VI. Terms of use of the app

1. The User is obliged to use the Application in accordance with these Terms and Conditions, only for the purpose defined in these Terms and Conditions. The User may not perform penetration testing, i.e. active attempts to break the security of the Application, without the express written consent of the Provider. Further, the User shall not use the Application for any illegal acts.

2. The user is obliged to inform the persons to whom he/she grants access to the application of the contents of the contract and these terms and conditions and undertakes to ensure, within the meaning of § 1769, second sentence of the Civil Code, that these persons will comply with the contract and the terms and conditions. The User is obliged to compensate the Provider for any damage caused by the breach of the contract or the terms and conditions by these persons.

3. For the use of the application, the provider grants the user a license within the limited scope agreed in this article

4. The license is agreed as non-exclusive. The Provider is entitled to narrow the territorial scope of the license during the term of the license agreement.

5. Unless otherwise specified below, a license means an unrestricted right to use the application exclusively for your own personal and internal business purposes, not for commercial purposes.

6. The user is not entitled to use the application in any way other than as stated in these terms and conditions, i.e. in particular, the user is not entitled to modify the application, interfere with its source code, reproduce it, distribute it, rent it, lend it, display it, communicate it to the public or grant a sub-license to it.

7. The license fee is included in the application fee.

8. In the event that the user uses the application in violation of the license granted, the user is obliged to compensate the provider for the damage caused by this violation.

A. Variant Team and Enterprise

9. For the Team and Enterprise versions of the application, the license also includes an unlimited right to use the application for commercial purposes exclusively to the extent of providing the application services to the user's clients. The license for commercial purposes includes in particular the management and risk analyses for the user's clients and the creation of client accounts.

B. Application Extensions

10. Unless otherwise expressly agreed, the Provider and the User agree that the Provider grants the User a non-exclusive license to extend the Application according to the User's requirements (in particular by adding new functions or features) (hereinafter referred to as "Extension").

11. A license in this case means a license under para. 9 of this Article. The user is entitled to use the extension only when using the application in the agreed variant.

12. The provider and the user agree that the user will not have access to the source code of the extension.

VII. Data entered into the application

1. The user is obliged to enter data into the application in accordance with the instructions. The user is obliged to enter data into the application only in accordance with the purpose of the application. The user must not enter data into the application that is the result of an unlawful act or data with violent, discriminatory or other illegal content.

2. The user is entitled to export his/her data from the application in pdf and MS excel format at any time during the term of the contract; the user acknowledges that the export of data may affect the proper functioning of the application, i.e. the outputs from the application.

3. The User acknowledges that upon the expiration of the last day of the contract, the Provider will prevent the User from accessing the application (account deactivation). The User is obliged to ensure that all data is exported from the application before the termination of the contract. After termination of the contract, the user is entitled to request the export of data by sending an e-mail to the provider's e-mail address indicated on the web portal within 20 days of the date of termination of the contract.

4. The User acknowledges that after 30 days from the date of termination of the contract, all data and the User's account will be irreversibly deleted.

5. The user grants the provider consent to access the user interface and data for the purpose of contract performance, in particular technical support, troubleshooting, etc.

6. The provider is entitled to monitor the operation of the application, the user's activity and data in the application. By monitoring, the provider does not export any data from the user account. The provider is entitled to export and use the data entered in the user account within the catalog function.

VIII. Application updates

1. The Provider is entitled to add or remove functions or features of the Application, modify or introduce storage restrictions or other features at any time.

2. The Provider undertakes to provide the User with the updates necessary for the proper functioning of the application.

3. The Provider is entitled to limit the availability of the application for the time necessary to perform updates, maintenance, removal of defects or other reasons necessary for the proper functioning of the application

IX. Responsibility of the provider

A. Provider's liability for defects and rights arising from defective performance

1. The provider is responsible for the proper functioning of the application in accordance with the contract.

2. It is not an application defect if the documents, analyses, values and other results that are output from the application, which are processed on the basis of data entered by the user, are incorrect or do not correspond to reality.

3. The provider is not liable in particular for defects that:

4. The defects are divided according to their nature and severity into critical, serious and common, whereby:

5. If the application has a defect, the user is entitled to demand:

6. The user is obliged to point out the defect without undue delay, no later than the end of the contract.

7. The User is obliged to report defects electronically to the Provider's e-mail address support@riskflow.freshdesk.com. The User is obliged to describe the defect and its manifestations in the defect notification. The User is obliged to provide the Provider with assistance in order to assess the defect and, if necessary, to remedy it.

8. The provider is obliged to settle the rights from the defective performance:

from the date the defect was duly pointed out, but only if the pointing out of the defect was justified.

9. In the case of an unjustified criticism of a defect, the Provider shall notify the unjustified criticism of the defect no later than 30 days from the date on which it became aware of the unjustified criticism.

10. The period for the settlement of the right from defective performance is extended by the period of time during which the user was in delay in providing assistance for the settlement of the right from defective performance.

B. Provider's responsibility regarding data

11. The Provider is not responsible for:

12. The user acknowledges that the application operates on the Internet on a server operated by a third party (hosting provider). The user account and the data in the application are secured by the login and security features provided by the hosting provider.

C. Liability of the provider for damages

13. The User, who is an entrepreneur, hereby waives the right to compensation for damages incurred in the performance of the contract or in connection with it ; the provisions of § 2898 of the Civil Code are not affected.

14. The parties agree that the User shall pay the damages for which the Provider would be liable to third parties in whose interest the performance of the contract is for (in particular the User's clients); this applies only to the User who is an entrepreneur.

X. Provisions relating to consumer contracts

1. This Article applies only to contracts concluded with a user who is a consumer

A. Pre-contractual communication

2. The fees for the individual application variants on the web portal are indicative only. The price is negotiated with the user on the basis of the price list or by individual agreement. The price list is provided to the user upon request. The fee for the selected application variant and service including all taxes and fees is sent to the user in the offer. The license fee is already included in the fee.

3. The fee is payable for the duration of the contract (1 year) before the application is made available based on the provider's invoice.

4. According to Section 1829 of the Civil Code, the user is entitled to withdraw from the contract without giving any reason within 14 days from the date of conclusion of the contract. The user is entitled to grant the provider consent to make the application available to the user before the expiry of the withdrawal period. If the user gives such consent, the right to withdraw from the contract according to the first sentence of this paragraph shall cease once the application has been made available to the user. Withdrawal from the contract shall terminate the contract in its entirety.

5. The User may withdraw from the contract by any unequivocal statement made to the Provider. For this purpose, the User is entitled to use the withdrawal form available on the web portal and sent to the User at the latest with the offer.

6. For the proper functioning of the application, the user is obliged to ensure a suitable digital environment according to Art. III par. 4 of these terms and conditions.

7. When making a claim, the user is obliged to provide assistance in accordance with par. 17 of this article. In the event that the user fails to provide such cooperation, it is up to the user to prove that the application has the defect claimed in the complaint and that the provider is liable for it.

8. In the event of a complaint, users may contact the relevant employee of the provider free of charge via the e-mail address support@riskflow.freshdesk.com. The User is hereby informed of the right to use the possibility of out-of-court dispute resolution arising in connection with the Contract and the possibility to address a complaint to the supervisory or state supervisory authority, which is the Czech Trade Inspection Authority, Central Inspectorate - ADR Department, at Štěpánská 15, 120 00 Prague 2, e-mail: adr@coi.cz, http://adr.coi.cz/. The user is entitled to submit a proposal for the initiation of an out-of-court settlement of a consumer dispute at the following link: https://www.coi.cz/mimosoudni-reseni-spotrebitelskych-sporu-adr/. The user may also use the online dispute resolution platform established at http://ec.europa.eu/consumers/odr/. The Czech Trade Inspection Authority handles out-of-court complaints from consumers in the manner and under the terms of the relevant legislation.

9. The User is entitled to contact the Provider at the e-mail address riskflow@riskflow.eu or at the telephone number +420 730 547

B. Rights from defective performance

10. The Provider shall be liable to the User that the Application:

11. The Provider is also liable for any defect caused by incorrect connection of the application to the User's digital environment, which was performed by or under the responsibility of the Provider in accordance with the contract. This applies even if the connection was made by the user and the defect is due to a deficiency in the instructions provided by the provider.

12. The user is entitled to complain about a defect that appears or occurs during the term of the contract. The Provider must prove that the application is provided without defects.

13. If the application has a defect, the user can:

14. The provider is not liable for defects caused by insufficient or inadequate digital environment of the user.

15. The user is entitled to choose the right of defective performance in accordance with par. 13 of this article; however, he may not unilaterally change his choice. He can only change this choice if the provider agrees to it.

16. The User may notify the defects at any of the Provider's premises, or in writing by sending it to the Provider's registered office address, by data mailbox, or electronically to the e-mail address support@riskflow.freshdesk.com, whereby the notification shall include a description of the defect or its manifestations (hereinafter referred to as the "complaint"). The complaint shall also include the determination of the right from the defective performance chosen by the User

17. In order to assess the legitimacy of the complaint, the user is obliged to provide the provider with the necessary cooperation.

18. The Provider is obliged to issue a written confirmation to the User when the claim is made, in which it indicates the date when the User made the claim, what the content of the claim is, what method of handling the claim the User requires and the contact details of the User for the purpose of providing information on the handling of the claim.

19. In the event that the user has filed a claim with the provider legitimately and at the same time:

  1. the user requests the removal of the defect, the provider shall remove the defect within a reasonable time after it has been pointed out, taking into account the nature and agreed purpose of the application, but no later than 30 days from the date of the complaint;
  2. the user requests a reasonable discount or withdraws from the contract, the provider shall pay the user the funds due to the defective performance without undue delay, no later than 14 days from the date of the claim, in the manner chosen by the user.

20. The User and the Provider may agree on a longer period of time for handling the complaint.

21. The Provider is obliged to issue the Consumer with a confirmation of the date and manner of the complaint, including confirmation of the repair and the duration of the repair, or a written justification for the rejection of the complaint

22. In the event of an unjustified claim, the user is not entitled to compensation for his costs associated with the settlement of the claim. In such a case, the Provider is entitled to reimbursement of the costs incurred on its side due to the unjustified claim.

23. In the event of a justified claim, the user is entitled to compensation for the costs reasonably incurred in making the claim. However, if the user does not exercise the right to compensation within one month after the expiry of the period within which the defect should have been raised, the court shall not grant the right if the provider argues that the right to compensation was not exercised in time.

C. Other terms and conditions

24. The Provider is entitled to add, modify or remove functions or features of the Application, modify or introduce storage restrictions or other features (updates) at any time for the following legitimate reasons:

  1. change in legal requirements affecting the operation of the application (especially in the area of security, data storage, etc.);
  2. a change in the terms and conditions of the hosting provider or a change in the hosting provider;
  3. changing algorithms within the application search;
  4. enhancements to existing application features and functions and addition of new application features and functions;
  5. increase application performance;
  6. fixing application defects that do not affect the functionality of the application for the user or do not affect the user in the application;
  7. A change in the appearance of the application environment that does not affect its functionality;

25. The user is entitled to withdraw from the contract in the cases agreed in this contract and also in the cases provided by law.

26. The User is entitled to deliver documents that result in the termination of the contract also by e-mail.

XI. Duration of the contract

1. The contract is concluded for a period of one year from the date of conclusion of the contract, unless otherwise agreed in the contract.

2. The contract expires:

  1. at the end of the agreed period;
  2. by withdrawing from the contract;
  3. by agreement of the parties;

3. The user is entitled to request an extension of the contract. The contract shall be extended by 1 year after the expiry of the agreed period if the user has paid the fee for the use of the service for the next year of the contract according to the invoice sent by the provider to the user within 30 days of the expiry of the contract; by agreement, the contract shall be extended according to this paragraph from the last day of the agreed period (i.e. the contract expired on 31 December 2022 and the user pays the fee for the next year on 30 January 2023, the contract shall expire on 31 December 2023 after its extension). The contract may be renewed repeatedly under this paragraph.

4. The user acknowledges that he/she has no legal right to extend the contract and that the provider does not have to agree to the extension.

5. The User further acknowledges that the Provider is entitled to extend the contract pursuant to para. 3 of this article to change the amount of the fees for the use of the application and the terms and conditions and the User has no legal right to extend the contract under the existing conditions.

6. The User is entitled to withdraw from the contract only if the Provider is in delay in making the application available for more than 30 days.

7. The Provider is also entitled to withdraw from the contract if the user has used the application in violation of these terms and conditions, in particular if the user

  1. breached its obligations under Art.VI par. 1 of these Terms and Conditions;
  2. breached his obligations under VII para. 0 of these Terms and Conditions.

8. The withdrawal has ex nunc effects and is effective upon delivery to the other party. The User is obliged to pay to the Provider a pro rata portion of the fee for the period of time the Application was provided to the User.

XII. Personal data protection and processing principles

1. Issues related to data protection and the principles of processing personal data in connection with the contract are governed by the Personal Data Processing Policy.

XIII. Other arrangements

1. All communication between the parties shall be by e-mail or telephone.

2. All documents will be sent to the User to the e-mail address provided to the Provider in the request. The Provider shall be served with all documents at the email address provided, if provided for in these Terms and Conditions, or at the email address provided on the Website.

3. Letters that result in the termination of the contract may only be delivered by data box, courier or postal service provider to the provider at the registered office address and to the user at the address specified in the contract, unless the party has notified the other party of a change of address before sending such a document. A document shall be served at the moment of its receipt, refusal to accept it or the expiry of the time limit for its receipt.

4. By express agreement, this Agreement and the rights and obligations arising from it (including rights and obligations arising from any breach of this Agreement that has occurred or will occur) shall be governed by the law of the Czech Republic, in particular the Civil Code. For the purposes of contracting with an international element, in accordance with Article III. 593/2008 Coll., on the law applicable to contractual obligations (and in the event that this Regulation does not apply, in accordance with Article 87 of Act No. 91/2012 Coll., on Private International Law, as amended), the Parties declare, to the exclusion of conflict of laws rules, that they have chosen Czech law as the law applicable to this Contract and the rights and obligations arising from it (including rights and obligations arising from a breach of this Contract that has occurred or will occur).

5. For the purposes of legal relations with an international element, the jurisdiction of the court for future litigation shall be determined by agreement in accordance with Article 25 of Regulation (EC) No 1215/2012 of the European Parliament and of the Council (and, in the event that this Regulation does not apply, in accordance with Article 85 of Act No 91/2012 Coll., on Private International Law, as amended), so that the competent court is the court of the Provider's registered office with territorial and subject matter jurisdiction.

XIV. Final provisions

1. If any provision of the contract or the terms and conditions is or becomes invalid or ineffective, the invalid provision shall be replaced by a provision whose meaning is as close as possible to the invalid provision. The invalidity or ineffectiveness of one provision shall not affect the validity of the other provisions.

2. The Contract may only be amended in writing; for the purposes of amendments to the Contract, email communication is also considered to be in writing.

3. These terms and conditions shall come into force and effect on 31.3.2023.


In Brno on 1.3.2023