We don't track you. Privacy Policy

Xetion AG – Terms of Use

These Terms of Use (TOU) shall apply to all services offered by Xetion AG (hereafter „Xetion“). By using our services you accept the following terms and conditions completely without any alteration.

1. Scope of application and conclusion of contract

1.1 These TOU cover the use of services and products which Xetion provides or offers to its customers (hereafter „Customer“).

1.2 Consent to these TOU is given by using the corresponding services and products. The Customer may when requesting individual services be requested to reiterate his consent to the TOU by activating a corresponding check box. When delivering a contract or a customised quote relating to Xetion services and products, Xetion shall provide these TOU to the Customer together with the contractual documents in writing by mail or by email. The Customer shall in this case confirm his consent to the TOU by signing and returning the quote or the contract, or by using the service or paying the invoice. The TOU shall form an integral part of the contract with the Customer.

2. Services and rights of Xetion

2.1 General Xetion provides both free and chargeable services. The Customer shall select the services to be provided by Xetion from the range of services available at the time of use. The conditions published on the websites of Xetion or in the Xetion Control Panel, or the conditions of the customised quote as the case may be, shall apply to all services. Xetion may at any time change the range of services and limit individual services and/ or cease providing them.

2.2 cloud services

2.2.1 As part of cloud services Xetion shall provide the Customer to the extent selected by the latter with storage space and server services on an infrastructure connected to the internet.

2.2.2 The services are calculated based on the average use of the Xetion resources. The resources provided for artificial intelligence cloud (in particular, storage space, traffic, CPU/RAM use) may only be used for the ordinary operations of the Customer website. Storage space for email or other data files will be provided to the Customer for the intended use. Subletting storage space is not permitted unless otherwise agreed in writing with the Customer. This service offer is designed for use by individuals and small or medium-sized companies. Xetion may at any time set thresholds or other usage restrictions – in particular with respect to the monthly volume of uploaded data, the permitted size and type of uploaded files or the permitted number of stored email boxes (Fair Use Policy). Individual offers may be made on request for institutions (e.g. schools or universities) and larger companies requiring storage for a quantity of email boxes that exceeds the normal requirements of individuals and small or medium-sized companies.

2.2.3 With respect to resource-intensive use of the Customer website by the Customer or by users of the Customer website (e.g. up/download of sound that goes beyond ordinary operations, video, streaming, games, high resolution images and graphics, high number of simultaneous accesses to the website, excessive storage of data files, in particular, caching files, on the server, excessive hard drive access (read and/or write), etc.), Xetion is also permitted to set thresholds for individual Customers or Customer groups at any time and in its absolute discretion for the resource consumption or other usage restrictions (Fair Use Policy) and to limit the provision of the service for the Customer accordingly.

2.2.4 Xetion also reserves the right to block the user account of the Customer if the latter’s user behaviour or the user behaviour of the users of the Customer website (e.g. a high number of simultaneous access attempts through DDoS attacks) in any way adversely affects the way the service or the Customer website operates. Xetion shall inform the Customer (if possible within the scope of its operating resources and with respect to the concrete circumstances) in advance or immediately after the blocking.

2.2.5 Xetion shall endeavour within the limits of its operational resources to offer the services continuously round the clock without any interruptions. Maintenance work, rectification of problems, expansion of services, measures to protect Xetion’s infrastructure, etc. may make temporary operating interruptions necessary. The Customer shall be informed early on of such operating interruptions if this is possible in the circumstances.

2.3 Domain name services Xetion offers customers services for the management, registration and/or transfer of domain names. By utilising the domain name services the Customer accepts the General Terms and Conditions for Domain Names in addition to these TOU.

2.4 Applications and additional services of Xetion and third party providers

2.4.1 Xetion offers the Customer via the Xetion Control Panel applications and other additional services of Xetion or third party providers. By using the application or the additional service the Customer additionally accepts the licensing terms, terms of business, terms and conditions of use and/or the conditions of Xetion or the respective third party provider, as described on the respective offer page or in the Xetion Control Panel, that apply to the corresponding applications or additional services.

2.4.2 Xetion may at any time and without prior notice limit the use of applications or other additional services and/or remove individual applications or additional services from the range that is offered. The Customer also acknowledges that with regard to the applications there is no entitlement of any kind to receive support services from Xetion and that he bears sole responsibility for backing up his data in connection with the use of the applications (see Cl. 4.1).

3. Rights and obligations of the Customer

3.1 General

3.1.1 The Customer is authorised to make the intended legal use of the services and products and undertakes to comply with these TOU and any instructions of Xetion, in particular with regard to maintenance, updating or deletion of software.

3.1.2 When ordering and registering and in the context of using the services the Customer is obligated to provide truthful and verifiable information. Xetion may at any time and without providing reasons request that the Customer subsequently provides documents or information which enable Xetion to verify the accuracy of the information provided by the Customer. Xetion is entitled to defer the acceptance of an order or registration, to suspend services or to terminate the contract with the Customer with immediate effect in the event that the Customer fails to provide the requested documents or information within the deadline set by Xetion.

3.1.3 The Customer undertakes to select passwords appropriately, keep them carefully and protect them from access by third parties. The Customer bears full and sole responsibility for the use of the passwords. If the Customer finds that his account is being misused, he must inform Xetion immediately in writing (by email with subsequent acknowledgement of receipt by Xetion).

3.1.4 The Customer is not authorised to provide a service (for free or chargeable) purchased by him to third parties. If Xetion finds that the services purchased by the Customer are not being used by the latter but by a third party, Xetion shall be authorised to suspend provision of the relevant service until this defect is remedied. The Customer shall in such a case remain obligated to make payment in full of the fee due for this service.

3.1.5 The Customer undertakes to keep the applications and software used by him (both in respect of the server and the client) up to the latest technical standard, maintain them regularly and conduct regular updates. The Customer also undertakes to delete applications and software which he no longer needs and uses from the server.

3.1.6 The Customer is obligated to notify Xetion immediately of any disruptions and interruptions in the services requested by him and where possible assist Xetion in remedying the disruption. The Customer shall bear the costs of Xetion isolating and remedying disruptions if the Customer has called for the investigation and the cause of the disruption is attributable to the behaviour of the Customer or the equipment used by him or to the behaviour of the users of the Customer website.

3.2 The Customer’s responsibility for contents

3.2.1 The Customer is responsible for the content of the information (language, images, sounds, computer programs, databases, audio/video files etc.) which he himself and third parties communicating with him through Xetion arrange to be transmitted or processed, disseminate or keep available for retrieval. The Customer is also responsible for references (in particular, links) to such information. Xetion is not obligated to monitor the contents made accessible by the Customer.

3.2.2 The Customer is obligated while using the products and services of Xetion to make only permitted contents accessible. The following contents are prohibited: contents which infringe or jeopardize rights of Xetion or third parties, in particular intellectual property rights in the wider sense (for example, copyrights or trademarks) or personal rights, provisions of the Unfair Competition Act (UWG), including the contact data obligation of the Customer pursuant to Art. 3 (1) lit. s UWG, or the commercial repute; all contents which constitute criminal acts (namely in the areas of pornography, depictions of violence, racism, business secrets, libel and fraud) are also prohibited (hereafter jointly referred to as „Prohibited Contents“). When using cloud services, the Customer further undertakes to comply with the Usage Guidelines for cloud Services.

3.2.3 Xetions reserves the right to inspect contents made accessible by the Customer by means of using the cloud services upon receipt of a Notice pursuant to the Code of Conduct – cloud (hereinafter „CCH“) or at the request of courts or authorities. Xetion remains entitled to conduct random checks even without having been served with a Notice.

3.2.4 Any disputes between joint holders of an account or the Customer and third parties relating to the use of the account or the information disseminated via the relevant account or via the Customer website are exclusively a matter for the joint holders of the account or the Customer. If Xetion receives queries/ complaints from individual joint holders of accounts or from third parties in relation to an account or in relation to contents provided via an account or via the Customer website, Xetion shall pass the query/complaint to the other joint holder(s) or the Customer to deal with. Xetion still has the right to inform third parties of the identity of the Customer at the request of courts or authorities (see Cl. 9.2).

3.2.5 Queries/complaints received from third parties are passed to the Customer in accordance with the notice-and-notice procedure described in the CCH (hereinafter „Notice-and-Notice Procedure“). The Customer shall familiarise himself with the Notice-and-Notice Procedure and with the notice-and-takedown procedure pursuant to the CCH (hereinafter „Notice-and-Takedown Procedure“). The CCH can be viewed here.

3.2.6 Xetion is entitled to block access to the Customer website entirely or partly and to cease providing the cloud services if, (i) the requirements of the Notice-and-Takedown Procedure have been fulfilled, (ii) a court or authority has requested Xetion to do so, or (iii) Xetion could otherwise become subject to civil responsibility or liable for criminal sanctions, or (iv) if a random check has given rise to concrete indication or well-founded suspicion of a breach of the Usage Guidelines or that access is being allowed to Prohibited Contents (see Cl. 3.2.2). Xetion also reserves the right to reject and delete emails that have viruses and to block Prohibited Contents.

3.2.7 Xetion is entitled to invoice the Customer for the expense arising in connection with any measures taken pursuant to Cl.

3.1.4–3.2.6. The assertion of further damages remains reserved. Xetion is entitled to require the Customer to provide a security deposit as a precautionary measure to ensure coverage of the expenses and the further damages. Xetion is entitled to suspend the services or to terminate the contract without giving notice if the security deposit is not provided or if the Customer does not comply with the instructions given in connection with the measures taken.

4. Data Backup

4.1 The Customer bears sole responsibility for taking the appropriate and necessary security measures to recover information and data in the event of loss or unauthorised or unintentional alteration. The security measures the Customer must take depend on the level of protection needed as well as the likelihood and severity of the risk. Xetion recommends as a rule that Customers back up their data regularly. The Customer can download its web data and databases through the Control Panel or from Xetion generated links in order to, for example, create its own back up. To back up email data, Xetion recommends using a mail client.

4.2 In the case of cloud services (see Cl. 2.2), Xetion also offers different protection packages for the protection of databases, files and emails of the Customer. The frequency of the backups and the period of availability depend on the chosen data package (e.g. standard or business). The currently available packages with the range of included services in the service package as well as the prices and other conditions of service are described on the Xetion website.

4.3 The service packages referred to in Cl. 4.2 are supplementary to the security measures taken by the Customer, in particular the Customer’s own back-up copies (see Cl. 4.1). Xetion assumes no warranty of any kind for the back-up of the data stored on its server and points out to its customers that, depending on the type of data and the chosen data package, the data is backed up at different times and at different intervals. It can therefore not be ruled out that a data loss might occur in a specific case. In exceptional cases it is also possible that due to technical reasons, for instance, due to maintenance work, disruptions in the system or necessary replacement of parts in the server infrastructure, Xetion will be unable to perform data backups or restorations for a few hours or on certain days. The obligation to restore lost data does not in any case apply to volatile data such as, for example, temporary data files as well as emails that are filed by the spam filter in the special box for spam mail. This box is not backed up, but is deleted on a regular basis.

5. Invoicing and payment terms

5.1 The payment obligation for chargeable services and products shall commence upon conclusion of the contract or upon using the service.

5.2 Xetion generally invoices the Customer for the selected contractual term in advance. The invoice is payable by the due date stated on the invoice.

5.3 If the Customer breaches the aforementioned payment terms Xetion shall be authorised to charge 8% late interest and, in addition, as of the 2nd reminder it is entitled to charge dunning fees in the amount to cover costs. Xetion is also authorised to terminate the service pursuant to Cl. 11.2.3. In addition, Xetion has the right to suspend the service after the 1st unsuccessful reminder to the Customer.

5.4 The parties waive their right to offset mutual claims against each other.

6. Warranty

6.1 Xetion strives to provide the cloud services carefully and professionally. Xetion cannot however guarantee that the Customer website will be available continuously on the internet and that the data requested by the Customer is transmitted correctly over the internet. Xetion, in addition, assumes no warranty that the services provided by Xetion and any third parties used will put the Customer in the position of achieving the financial or other purpose intended by him.

6.2 Reports by the Customer of malfunctions of the cloud service must contain a written (by registered letter, fax with confirmation of transmission or email with subsequent acknowledgment of receipt by Xetion) notice of defect with a comprehensible description of the defects claimed. The Customer must also set Xetion a reasonable grace period of at least 30 days to remedy the defects specified in the notice of defect. After the grace period has passed without the situation being remedied the Customer is authorised to immediately terminate the contract. Xetion shall reimburse the Customer for any previously paid fee pro rata for the period in which the Customer no longer uses the service due to the termination. Any kind of additional compensation is excluded subject to Cl. 7 of these TOU.

6.3 The applications provided in the Xetion Control Panel (see Cl. 2.4) shall be installed and used at the Customer’s own responsibility and risk. Xetion shall assume no warranty in this regard. In particular, Xetion gives no assurance or warranty as to the completeness, accuracy, consistency, reliability, proper functioning, marketability, quality, suitability for a specified intended purpose or for certain results, absence of defects etc. with regard to the applications.

7. Liability of Xetion

7.1 Xetion shall not be liable to the Customer for loss or damage, unless caused by proven gross and wilful negligence.

7.2 Liability shall be limited to the amount of CHF 100,000.00 per calendar year.

7.3 Liability shall be expressly excluded for slight negligence and for indirect loss or damage or consequential damage. Consequential loss or damage includes, without limitation, lost profits, lost production, harm to reputation, and damages resulting from a loss of data.

7.4 Any kind of liability for damages resulting from the abusive use of or unauthorised access to Xetion’s communications infrastructure or the Customer website by third parties is also excluded. This includes in particular, without limitation, any interference by means of using computer viruses or DDoS attacks, as well as any change by hackers or unauthorised sending of emails. The exclusion of liability also applies to damages incurred by the customer as a result of measures taken by Xetion necessary to defend against such third-party attacks (e.g. blocking access to the customer's website to protect Xetion's infrastructure and the websites of other customers from DDoS attacks).

7.5 The above exclusions and limitations of the liability of Xetion shall not apply in the case of death, physical injury and impairment to health and in the case of mandatory statutory regulations, including the regulations in the Product Liability Act.

8. Liability of the Customer The Customer shall be fully liable to Xetion for loss or damage caused by wilful intent or gross negligence. The Customer’s liability for slight negligence is expressly excluded.

9. Confidentiality and data protection

9.1 Xetion und the Customer mutually undertake to safeguard the confidentiality of all information and data not generally known which becomes accessible to them in preparing for and implementing the contract. This duty shall remain even after the contract has come to an end as long as there is a legitimate interest therein.

9.2 Xetion and the Customer shall be responsible for ensuring data protection and data security in their respective spheres of influence and responsibility. Xetion collects and processes personal information as described in Xetion’s privacy policy, in accordance with any additional agreements with the Customer and in compliance with applicable data protection laws.

10. Intellectual property

10.1 Customers shall receive the non-transferable, non-exclusive right to make use of and utilise the service throughout the term of the contract.

10.2 All existing intellectual property rights in and to the services of Xetion and all intellectual property rights arising when the contract is implemented (e.g. programs, samples, data, Control Panel) shall remain with Xetion or with the third parties used by Xetion.

11. Contractual term and termination

11.1 Term – general These TOU shall apply throughout the entire period during which services are used by the Customer.

11.2 cloud service contract

11.2.1 The contract between Xetion and the Customer for cloud services (see Cl. 2.2) shall come into effect upon delivery of the contractual documents by Xetion to the email address stated by the Customer for contract-related messages, by confirmation of the customised quote by the Customer or by use of the services by the Customer, and shall apply for the term selected in the Customer’s order or in the customised quote (6, 12 or 24 months). The contract may be terminated by either party with a notice of 30 days as at the end of the agreed contractual term. The termination notice shall be submitted in writing by registered letter, fax with confirmation of transmission or online by using the Xetion ID in the Xetion Control Panel. Xetion shall also be entitled to serve the termination notice by email to the email address stated by the Customer for contract-related messages. If it is not terminated within the due time the contract shall be automatically renewed in each case for the agreed contractual term.

11.2.2 Cancellation advice: The Customer may cancel his order for cloud services within 30 days, without stating reasons, in text form (registered letter, fax with confirmation of transmission, email with subsequent acknowledgment or receipt by Xetion or online by using the Xetion ID in the Control Panel – provided that the Customer as the result of an existing Customer relationship already has access to the Control Panel). The period shall commence after receipt of this cancellation advice. Timely dispatch of the cancellation suffices to prove that the cancellation period has been complied with. The cancellation must be sent to contact@xetion.swiss. The Customer must use the contact email address notified to Xetion as sender. In his email the Customer must also include the contract documents provided by Xetion as an enclosure. The cancellation right shall apply only when an order is made through the Xetion website and only for cloud services that are not customised. The cancellation right does not apply to (in particular, without limitation) domain names.

11.2.3 If the Customer breaches contractual provisions (including the Usage Guidelines for cloud Services), misuses services for illegal purposes, makes Prohibited Contents accessible, or threatens to harm Xetion’s reputation, Xetion is authorised in its own discretion to deactivate the Customer website without delay and/or terminate the contract without notice. The Customer shall owe Xetion the charges due up until ordinary termination of the contract as well as compensation for all additional costs incurred in connection with terminating the contract without notice.

11.3 Xetion may also terminate the contract with the Customer with immediate effect if proceedings havebeen initiated against the Customer for bankruptcy or insolvency or if it otherwise becomes clear that the Customer can no longer meet his payment obligations, and if the Customer does not prior to the expiry of the contractual term advance the costs for the next contractual term or provides a corresponding security.

11.4 After the expiry of the contract Xetion is authorised to delete the data of the Customer. The Customer is himself responsible for backing up his data in a timely manner.

12. Amendments to the contractual conditions

12.1 Xetion shall endeavour to keep its infrastructure up to date to a standard which corresponds to the security specifications and technical standard that are customary for the industry. The Customer acknowledges that new technical developments, security specifications and/or changes in the range of services of contractual partners of Xetion or the open source software used by Xetion may result in the range of services being expanded or restricted and may also have an impact on the way the price changes.

12.2 Xetion therefore expressly reserves the right to amend the contractual terms, including these TOU, at any time. Amendments to the TOU shall be made accessible on the Xetion website and shall come into effect when they are activated. Any price increases or restrictions in services that adversely affect the Customer during the contractual term shall be notified by Xetion to the Customer in writing by email in the case of cloud service contracts. If the Customer does not accept the amendments, he has the option of informing Xetion of this in writing within 30 days of receipt of the message by registered letter, fax with confirmation of transmission or online by using the Xetion ID in the Control Panel and terminating the contract as at the end of the month. If there is no written message within this period, the changes shall be deemed to be approved by the Customer.

13. Additional provisions

13.1 In the case of customers with cloud service contracts, contractrelated messages such as the notification of price changes are sent by email to the owner email address defined by the Customer in the Control Panel. The Customer shall be responsible for ensuring that the customer data saved in the Control Panel (invoice and administration contact and technical contact) throughout the entire term of the contract is up to date, complete and correct. Xetion is not obligated to take heed of any customer data other than the customer data saved in the Control Panel or to make enquiries itself with regard to correcting this data. Xetion is, however, authorised to correct or delete input in the Control Panel that is patently incorrect or that infringes third party rights.

13.2 Rights and duties under the cloud service contract can only be transferred to third parties with the written consent of the other party. This provision does not apply to the transfer of the contract from Xetion to a legal successor or associated company.

13.3 These TOU and any disputes arising under or in connection with the contractual relationship between Xetion and the Customer shall be subject exclusively to Swiss law, excluding its conflict of laws rules and the provisions of the UN Convention on Contracts for the International Sale of Goods (CISG).

13.4 The ordinary courts at the registered office of Xetion shall have exclusive jurisdiction. Xetion also has the option of taking legal action against the Customer at the latter’s domicile. Zollikon-Zurich, January 2023

These Usage Guidelines for cloud services (hereafter „Usage Guidelines“) shall apply to all cloud services offered by Xetion AG („Xetion“).

By using our cloud services you accept the following Usage Guidelines completely without any alteration.

1. Scope of application and conclusion of contract

1.1 These Usage Guidelines cover the use of cloud services which Xetion provides to its customers (hereafter „Customer“). They are subject to the General Terms and Conditions (TOU) of Xetion.

1.2 By using the cloud services the Customer accepts these Usage Guidelines in addition to the TOU. They shall apply throughout the entire term of use of cloud services.

1.3 If there are discrepancies between provisions of the TOU und the provisions of these Usage Guidelines the provisions of the TOU shall prevail unless these Usage Guidelines expressly provide otherwise with reference to the corresponding provision of the TOU.

2. Use of the cloud services

2.1 The use of the cloud services may only happen in accordance with the TOU, these Usage Guidelines and the law applicable in Switzerland and abroad. The following actions in particular are prohibited: • Committing a crime (fraud, computer crime, money laundering, infringement of business secrets, document forgery, violence and threats against authorities and civil servants, unauthorised gaming etc.), participating in a criminal act (collab- orating, instigating, aiding and abetting), or the transferral of the cloud services for the purpose of the committing of a criminal act by third parties who are under the supervision of the Customer, such as children, employees, subcon- tractors etc. (hereafter „Agents“). • Disseminating or making accessible contents that are against the criminal law or civil law (depictions of violence, so-called soft and hard pornography, incitement to disturb the public peace, disruption of freedom of religion and culture, racial discrimination, libel, defamation, infringement of privacy etc.) by the Customer himself or by his Agents. Soft porn may, however, be made accessible if the Cus- tomer installs effective controls which merely enable those over 16 years of age to access corresponding contents. • Unauthorised receipt, storage or dissemination of contents which are protected by law (copyright, trademark, data protection, design and patent law).

2.2 The Customer is obligated to take suitable precautions to prevent the illegal use of the cloud services and to inform Xetion immediately of anything appropriate that is found that would prevent the cloud services from being misused. Notwithstanding the limitations on liability provided in Cl. 8 of the TOU, the Customer shall indemnify Xetion in full for all claims made against Xetion in connection with the use of the cloud services by the Customer and the individuals under his supervision. The loss or damage to be compensated also includes the costs of a proper legal defence of Xetion. The Customer undertakes to assist Xetion and the third party used by it in any proceedings. Xetion is entitled to require the Customer to provide a security deposit as a precautionary measure to ensure coverage of the loss or damage. Xetion is entitled to suspend the services or to terminate the contract without giving notice if the security deposit is not provided.

2.3 The installation of resource-intensive applications/scripts on the servers of Xetion, resource-intensive downloads and other resource-intensive uses of the cloud services by the Customer which might jeopardize the normal function or security of the network through which Xetion provides the cloud services are allowed only with the prior written consent of Xetion. Xetion is still authorised at any time to revoke with immediate effect a consent that has been granted, on the grounds of ensuring that the infrastructure can operate, and to prevent the use of the relevant applications/software immediately. Executing the following processes is prohibited in all cases: • Peer-to-Peer software; • Network scanners; • Brute force programs/scripts/applications; • Mailbombs/spam scripts • Proxies; • VolP software; • Game servers; • Bots, webcrawlers, IRC servers, clients; • Terminal emulations; • Crypto-Mining software. This list is not exhaustive and it is the responsibility of the Customer, prior to in- stalling an application/script, to check whether activation is permitted based on these Usage Guidelines. The Customer can for this purpose send a query to Xetion.

3. Electronic mail

3.1 The Customer is responsible for the content of the messages which he sends while using a Xetion service. The Customer shall indemnify Xetion if third parties assert claims against Xetion in connection with the transmission of messages on the part of the Customer.

3.2 Sending identical emails to a large number of addressees is prohibited to the extent that this is done without the prior consent of the addressees (opt-in), without correctly stating the identity of the sender or without a reference to a simple and free opt-out (spamming). By way of exception, sending information concerning goods and services without a prior opt-in of the recipient is permitted if the recipient concerned is already a customer of the sender and the message contains information on goods and services similar to the ones already received by the recipient as well as a reference to a simple and free opt-out (Art. 3 (1) lit. o UWG).

3.3 The use of a third party mail server as a distribution station (relay) for the processing of identical unsolicited messages to a large number of addressees with the domain name registered with us is prohibited.

3.4 Offering banner exchange and email exchange pages is prohibited.

3.5 Advertising web sites and services which are operated on the infrastructure provided by Xetion, by means of identical, unsolicited messages to a large number of addressees is prohibited (spamvertising).

4. Security guidelines

4.1 A breach of system and network security constitutes a contractual breach for which the Customer shall be liable under civil law. The limitations on liability provided in Cl. 8 of the TOU shall not apply. If the necessary preconditions are met the Customer shall also be liable under criminal law. The following actions in particular constitute such breaches of system and network security: • Unauthorised access to or unauthorised use of data, systems and network ele- ments, checking the vulnerability of the system or network competence without prior agreement (scanning) or the attempt to penetrate security measures and authorisation measures, without first obtaining the prior written consent of the affected party. • Unauthorised monitoring of the data traffic without the prior written consent of the competent authorities or the network owner (sniffing). • Harming of the systems of Xetion and its customers, including by mail bombs, mass mailing or other attempts to overload the system (flooding). • Hacking management information in TCP/IP packets (packet headers), e.g. the TCP/lP addresses or information in the management section (e.g. address of re- cipients/senders), in an electronic message.

4.2 The passwords or other identifying parameters notified to the Customer are intended for personal use by the recipient and must be treated as confidential. Xetion may rely on the fact that the person using an identification parameter is authorised to do so.

4.3 The Customer and his Agents are obligated to terminate use of the cloud services in accordance with the procedure recommended by Xetion (for example, closing the browser by clicking on „Logout“, „Sign off“ or „Exit“).

5. Anti-phishing measures

5.1 We attach a great deal of importance to protecting our customers from potential damage caused by spam. Technical measures include filters to identify and intercept suspicious e-mails. By deleting or moving suspicious e-mails, we reduce the risks for our customers. We can also apply these measures to e-mails that are already in your inbox but are subsequently identified as phishing e-mails. We reserve the right to access suitable external sources of information to improve our detection of phishing e-mails. We follow the industry association Swico’s industry recommendation for phishing e-mails (see https://www.swico.ch/de/wissen/normen-standards/brachenempfehlung-anti-phishing/).

5.2 To ensure that our measures are even more effective and that the perpetrators of phishing attempts are brought to justice, we reserve the right to report identified phishing e-mails to the relevant authorities and organizations (e.g. the National Cyber Security Centre [NCSC] at https://antiphishing.ch/en/). To improve filtering and law enforcement, we may, for example, forward suspicious URLs, the sender server’s IP addresses and relevant characteristics of e-mail headers to third parties (e.g. the Swiss Internet Security Alliance [SISA], the NCSC or Swiss law enforcement authorities). Where possible, no personal data will be disclosed. In exceptional cases, however, the information transferred may also include personal data such as names, e-mail addresses and personal e-mail content. However, personal data may only be used by the recipients for the purpose of identifying, combating and tracking phishing attempts.

5.3 Technical measures designed to combat phishing are not errorfree and may incorrectly classify e-mails as suspicious (“false positives”) or fail to detect phishing e-mails (“false negatives”). We do not accept any liability for damage or data loss in connection with anti-phishing measures, unless gross negligence or willful conduct on our part has resulted in the same.

6. Prosecuting breaches

6.1 Xetion will prosecute breaches of these Usage Guidelines in accordance with the TOU (see in particular Cl. 3.2.2 and 3.2.6 of the TOU).

7. Messages and changes

7.1 The Customer is obligated to inform Xetion immediately of the defects, disruptions or interruptions of cloud services, systems or software, including all cases of illegal or non-contractual use of the service by third parties (e.g. hackers), which have come to his attention.

7.2 Messages in connection with the Usage Guidelines stipulated here must be sent to: contact@xetion.swiss.

7.3 Xetion reserves the right to amend these Guidelines in accordance with the principles contained in the TOU. Zollikon-Zurich, August 2023