Terms and Conditions
Effective date:
RESILENS AG SaaS-Service Terms and Conditions
Based on the order for SaaS-Services (hereinafter the "Order") provided by RESILENS AG (hereinafter the "Provider" or individually the "Party" and together with the Customer the "Parties"), the customer (hereinafter the “Customer” or individually the "Party" and together with the Provider the "Parties") agrees to be bound, without reservation, to the following RESILENS SaaS-Service Terms and Conditions (hereinafter “T&C”).
The Order (including its annexes), these T&C and the annexes mentioned herein are all an integral part of the agreement between the Provider and the Customer (hereinafter the "Agreement").
1. Services
1.1. General
1.1.1. The Provider operates the software platform as described in the Order (hereinafter the "Platform") and in connection therewith provides to the Customer certain Software-as-a-Service services (hereinafter "SaaS-Services") as specified in the Order and in these T&C.
1.1.2. As part of its SaaS-Services, the Provider:
a) sets up its Platform as specified in Annex 1;
b) operates the Platform and provides the support services according to the Service Level Agreements in Annex 2 (hereinafter the "Support Services");
c) grants the Customer access to the Platform to use the Platform and to receive the Support Services.
1.1.3. The SaaS-Services are subject to these T&C and to the timely payment of the fees set forth in Annex 3 (hereinafter the "Fees") by the Customer.
1.2. Support Services and Upgrades
1.2.1. During the Term the Provider will provide the Support Services to the Customer, and may apply Upgrades to the Platform, in accordance with the service level agreement set out in Annex 2.
1.2.2. The Provider may sub-contract the provision of any of the SaaS-Services including Support Services at its own free discretion without requiring the consent of the Customer.
1.2.3. The Provider may suspend, restrict or technically limit access to the Platform, in whole or in part, where the Customer’s use materially exceeds normal expected usage, threatens the security, integrity, availability or stability of the Platform, adversely affects other customers or users, or is inconsistent with the Permitted Purpose or the Agreement. Where reasonably practicable, the Provider shall notify the Customer in advance or without undue delay after taking such measures.
1.3. Customisation
1.3.1. Customisation is not included in the standard SaaS-Services unless expressly agreed in the applicable Order, Statement of Work, or other written agreement between the Parties.
1.3.2. From the date when a Customisation is first made available to the Customer, the Customisation shall form part of the Platform under the Agreement, and accordingly from that date the Customer's rights to use the Customisation shall be governed by these T&C.
1.3.3. The Customer acknowledges that the Provider may make any Customisation available to its other customers at any time following the making available of that Customisation to the Customer.
1.3.4. Any and all intellectual property rights in the Customisations shall, as between the Parties, be the sole and exclusive property of the Provider.
Customer Rights and Obligations
2.1. Use of Services by Customer
2.1.1. Subject to the Customer’s compliance with the Agreement and payment of the Fees, the Provider grants the Customer a non-exclusive, non-transferable, subscription-based right to access and use the Platform during the Term for the Permitted Purpose. The right of use is limited to the subscribed organisational environment and the scope, plan and number of Managed Sites set out in the applicable Order. Unless expressly stated otherwise in the Order, the licence is not granted on a per-seat or per-use basis, and authorised users within the Customer’s subscribed organisational environment may access the Platform for the Permitted Purpose.
2.1.2. The use of the Platform by the Customer shall be subject to the following licensing terms:
a) the Customer may only use the Platform for the Permitted Purpose;
b) the Customer must not and agrees not to:
(i) copy or reproduce Platform or any part of the Platform other than in accordance with the licence granted in the Order and/or these T&C;
(ii) sell, sub-license, resell, rent, lease, loan, supply, distribute, redistribute, publish or re-publish the Platform or any part of the Platform;
(iii) modify, alter, adapt, translate or edit, or create derivative works of, the Platform or any part of the Platform;
(iv) reverse engineer, decompile, disassemble the Platform or any part of the Platform (except as mandated by applicable law);
(v) use the Platform other than in accordance with the Provider's instructions;
(vi) use the Platform in any way that is unlawful, illegal, fraudulent or harmful or use the Platform in connection with any unlawful, illegal, fraudulent or harmful purpose or activity;
(vii) upload, submit, or otherwise make available through the Platform any data, content, or materials that:
(viii) are unlawful;
(ix) infringe third-party rights;
(x) contain malicious code or harmful components; or
(xi) include special categories of personal data or other sensitive data unless expressly permitted by the Agreement and supported by an appropriate lawful basis and required safeguards.
(xii) use the Platform in any way that causes, or may cause, damage to the Platform or impairment of the availability or accessibility of the Platform, or any of the areas of, or services on, the Platform; or
(xiii) circumvent or remove or attempt to circumvent or remove the technological measures applied to the Platform for the purposes of preventing unauthorised use.
(xiv) use any robot, scraper, crawler, spider, harvesting tool, or other automated means to access, extract, copy, monitor, or systematically collect data, outputs, or content from the Platform, except to the extent expressly permitted by the Provider in writing;
(xv) perform bulk downloading, systematic export, or automated extraction of outputs or metadata for the purpose of replicating, benchmarking, reverse engineering, or competing with the Platform;
(xvi) circumvent or attempt to circumvent any usage controls, authentication controls, export limitations, technical restrictions, or rate limits applicable to the Platform.
c) the Platform may only be accessed and used by the Customer’s employees and by the Customer’s agents and subcontractors, in each case solely to the extent necessary to support the Customer’s internal use of the Platform for the Permitted Purpose and not for such person’s own independent business purposes;;
d)the Customer must not and agrees not to sub-license its right to access and use the Platform or allow any unauthorised person to access or use the Platform
2.1.3. For the avoidance of doubt, the Customer has no right to directly or indirectly via a third party access the source code of the Platform, either during or after the Term.
2.1.4. The Customer shall keep access credentials confidential, ensure that user accounts are used only by authorised persons, promptly disable or request the disabling of access for users who no longer require access, and notify the Provider without undue delay of any suspected unauthorised access, credential compromise or misuse of the Platform.
2.2. Duty to cooperate
2.2.1. The Customer shall provide the information and data reasonably required for the provision of the SaaS-Services in the format and through the channels specified by the Provider in the Documentation, onboarding materials, or the applicable Order. Any API access, integrations, or structured data exchange services shall only be provided if expressly agreed in the applicable Order or other written agreement. The Customer is responsible for ensuring that data submitted to the Platform is accurate, complete in all material respects, and kept reasonably up to date to the extent required for the intended use of the SaaS-Services.
2.2.2. The Customer will ensure that all instructions in relation to the Agreement and Customer's use of the SaaS-Service will be given by a duly authorized representative of the Customer to the Provider representative as notified to the Customer by the Provider in the Order.
2.2.3. The Provider:
a) may treat all such instructions as the fully authorised instructions of the Customer; and
b) will not comply with any other instructions in relation to the Agreement without first obtaining the consent of a Customer representative.
3. Fees
3.1. The Customer agrees to pay the Fees as set forth in the Order and Annex 3.
3.2. If the Customer does not timely pay any amount properly due to the Provider, the Provider may charge the Customer interest on the overdue amount at the rate of 5% per year from time to time (which interest will accrue daily and be compounded quarterly).
3.3. The Provider may suspend access to the Platform and the provision of the SaaS-Services if any undisputed amount due to the Provider remains overdue for more than 30 calendar days following written notice.If the Customer disputes an invoice in good faith, it must notify the Provider in writing within 10 days of the invoice date, specifying the reasons and the disputed amount. The Customer shall pay any undisputed portion when due. Amounts not disputed in accordance with this paragraph shall be deemed undisputed. In the case of a suspension of the SaaS-Service, the Customer remains fully obligated to pay the Fees and the Customer is not entitled to claim any refunds or damages.
Intellectual Property
All intellectual property rights pertaining to the SaaS-Services and the Platform shall, as between the Parties, be the exclusive property of the Provider. This includes intellectual property rights in Customisations as per Section1.3..
For the avoidance of doubt, the Provider retains all right, title, and interest in and to the Platform, the SaaS-Services, all software, models, methodologies, scoring logic, documentation, workflows, interfaces, improvements, Updates, Upgrades, and Customisations, as well as all related intellectual property rights.
The Platform may include or be provided with certain third-party or open-source software components that are subject to their own applicable licence terms. To the extent required by the applicable open-source licence terms, such terms shall prevail over the Agreement with respect to the relevant open-source components only.
5. Data Ownership and Use of Customer Data
5.1. “Customer Data” means data and information made available by or on behalf of the Customer in connection with the use of the Platform, including in particular:
(a) account and organisational data, such as user names, business email addresses, and organisation details;
(b) site-related and building-related data entered, uploaded, or maintained by the Customer;
(c) survey responses and other user-provided operational or assessment-related inputs, including where attributable to individual users; and
(d) Customer documents, files, exports, and other content processed through the Platform.
Customer Data does not include Provider-generated metadata, usage statistics, system logs, anonymised or aggregated data, or Provider models, methodologies, scoring logic, algorithms, derived service improvements, or other Provider technology, provided that such data, materials or outputs do not identify, and cannot reasonably be used to identify, the Customer, any individual, workspace, site, facility or other customer-specific deployment.
5.2. The Customer retains all right, title and interest in and to Customer Data. The Provider processes Customer Data on behalf of the Customer subject to the Agreement.
5.3. For clarity, this clause is intended to allow the Provider to derive and use non-identifying statistical, technical and analytical insights mainly for internal validation, research, data quality, model development and platform improvement. The Provider may generate and use statistical, technical, operational and analytical insights derived from anonymised and/or aggregated data, including for methodology validation, platform health and performance analysis, data quality analysis, product development, model calibration, model validation and internal research, provided that no Customer, individual, workspace, site, facility or other customer-specific deployment can reasonably be identified.
5.4. For clarity, this clause is intended to allow the Provider to create high-level sector, regional, market or national-level insights from anonymised and/or aggregated data, without revealing any Customer or customer-specific deployment. The Provider may use anonymised and/or aggregated data to create and use high-level sector insights, regional insights, market trend reports, national inventory-style reporting and comparable high-level analytical outputs, provided that the relevant reporting group is sufficiently broad and the output does not identify, and cannot reasonably be used to identify, the Customer, any individual, workspace, site, facility or other customer-specific deployment.
5.5. For clarity, this clause is intended to allow the Provider to provide benchmark ranges and high-level comparisons in or through the Platform or SaaS-Services, as long as the benchmark group is broad enough and no Customer or customer-specific deployment can be identified. The Provider may use anonymised and/or aggregated data for benchmarking purposes, including to show benchmark ranges, sector or regional comparisons, general vulnerability patterns, general measure patterns or comparable high-level insights, provided that the relevant benchmark group is sufficiently broad and the output does not identify, and cannot reasonably be used to identify, the Customer, any individual, workspace, site, facility or other customer-specific deployment.
5.6. The Provider shall not use Customer Data, customer-specific outputs, workspace-specific data, site-specific data, facility-specific data or other re-identifiable Customer information from one customer for another customer, partner or third party, except:
(a) where such use is based on anonymised and/or aggregated data in accordance with this Section;
(b) where expressly agreed in a separate written agreement with the relevant Customer; or
(c) where such access is required by subprocessors, professional advisers or service providers acting on behalf of the Provider for the performance, support, maintenance, security or improvement of the SaaS-Services and subject to appropriate confidentiality and data protection obligations.
5.7. Without a separate written agreement, the Provider shall not provide customer-specific benchmarking against identifiable peers, disclose granular lessons or insights from one customer workspace to another customer, share identifiable best-practice examples between customers, or allow one customer to view aggregate or individual scores of another identifiable customer, supplier, facility, site or workspace.
5.8. Named case studies, public references, visible benchmark participation, inclusion in external reports, events, studies, policy research or academic research, and disclosure of non-anonymised or re-identifiable datasets to public authorities, universities, research institutions or other third parties require the Customer’s explicit prior written opt-in.
5.9. The Provider shall not disclose customer-specific contact-person data or vulnerable-site information to other customers or third parties, except to subprocessors, professional advisers or service providers where necessary for the performance, support, maintenance, security or improvement of the SaaS-Services and subject to appropriate confidentiality and data protection obligations.
5.10. The Provider retains all right, title and interest in and to the Platform, the SaaS-Services, Provider-generated metadata, usage statistics, system logs, anonymised or aggregated data, Provider models, methodologies, scoring logic, algorithms, AI systems, service improvements, technical improvements and analytical methods, provided that the foregoing does not include Customer Data in identifiable form.
6. Warranties
6.1. The Customer warrants to the Provider that
a) it has the legal right and authority to enter into and perform its obligations under the Agreement;
b) it will use the SaaS-Services and the Platform strictly in compliance with any law and the conditions set forth in the Agreement.
6.2. The Provider warrants to the Customer that:
c) it has the legal right and authority to enter into and perform its obligations under the Agreement;
d) it will perform its obligations under the Agreement with reasonable care and skill.
6.3. The Customer acknowledges that:
a) complex software is never wholly free from defects, errors and bugs, and the Provider gives no warranty or representation that the Platform will be wholly free from such defects, errors and bugs; and
b) complex software is never entirely free from security vulnerabilities; and subject to the other provisions of the Agreement, the Provider gives no warranty or representation that the Platform will be entirely secure; and
c) the Provider does not warrant or represent that the Platform will be compatible with any application, program or software not specifically identified as compatible in Annex 1.
d) Without limitation, the Provider does not warrant that the Platform or any outputs generated through the Platform will be complete, error-free, or suitable for every possible Customer use case. The Platform and its outputs are intended to support climate adaptation assessment, prioritisation, and related decision-making processes. However, depending on the context and the significance of the decision, Customer remains responsible for reviewing and validating relevant outputs before relying on them for engineering, regulatory, legal, procurement, funding, or investment decisions.
6.4. All of the Parties' warranties and representations in respect of the subject matter of the Agreement are expressly set out in the terms of the Agreement. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of the Agreement will be made or implied into the Agreement.
7. Limitations and exclusions of liability
7.1. Nothing in the Agreement will:
a) limit or exclude the liability of a Party for death or personal injury resulting from negligence;
b) limit or exclude the liability of a Party for fraud or fraudulent misrepresentation by that Party;
c) limit any liability of a Party in any way that is not permitted under applicable law; or
d) exclude any liability of a Party that may not be excluded under applicable law.
7.2. The Provider will not be liable:
a) in respect of any loss of profits, income, revenue, use, production or anticipated savings;
b) for any loss of business, contracts or commercial opportunities;
c) for any loss of or damage to goodwill or reputation;
d) in respect of any loss or corruption of any data, database or software;
e) in respect of any special, indirect or consequential loss or damage; and
f) for any losses arising out of a Force Majeure Event, a Force Majeure Event meaning an event, or a series of related events, that is outside the reasonable control of the Party affected (including failures of or problems with the Internet or a part of the Internet, hacker attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, explosions, fires, floods, riots, terrorist attacks and wars).
Subject to the foregoing, the Provider’s aggregate liability under or in connection with the Agreement shall not exceed the Fees paid or payable by the Customer under the Agreement in the 12 months preceding the event giving rise to the claim.
8. Data protection
8.1. The Customer is responsible for ensuring that it has all necessary rights, notices, lawful bases, permissions and, where required, consents to provide Personal Data to the Provider and to authorise the Provider to process such Personal Data in accordance with the Agreement. Nothing in this Agreement permits the Provider to use Personal Data in identifiable form for benchmarking, external reporting, public references, academic or policy research, AI model training, product marketing or cross-customer insights, unless expressly agreed in writing and supported by an appropriate lawful basis. The Provider may use Personal Data only in anonymised form for the purposes described in Section Data Ownership and Use of Customer Data, provided that the resulting data is no longer Personal Data under applicable data protection laws.
8.2. The Provider warrants that:
a) it will act only on instructions from the Customer in relation to the processing of any Personal Data performed by the Provider on behalf of the Customer; and
b) it has in place appropriate security measures (both technical and organisational) against unlawful or unauthorised processing of Personal Data and against loss or corruption of Personal Data processed by the Provider on behalf of the Customer.
c) To the extent the Provider processes Personal Data on behalf of the Customer in connection with the SaaS-Services, the Customer acts as controller and the Provider acts as processor, unless otherwise expressly stated in the Agreement or applicable law.
d) If the Provider becomes aware of a Personal Data Breach affecting Personal Data processed on behalf of the Customer, the Provider shall notify the Customer without undue delay and provide reasonable assistance in relation to the Customer’s applicable notification and response obligations.
e) The Provider shall ensure that access to Customer Confidential Information and Personal Data processed on behalf of the Customer is limited to those employees, agents, contractors, and subprocessors who require such access for the performance, support, maintenance, security, or improvement of the SaaS-Services and who are bound by appropriate confidentiality obligations. The Provider may engage subprocessors for the performance of the SaaS-Services, provided that the Provider remains responsible for the performance of such subprocessors in accordance with the Agreement.
9. Confidentiality and publicity
9.1. The Provider shall keep confidential and not disclose any Customer Confidential Information except as expressly permitted under the Agreement. For the avoidance of doubt, Customer Data, Personal Data processed on behalf of the Customer, non-public business information relating to the Customer, and non-public information relating to the Customer’s use of the Platform shall be deemed Customer Confidential Information whether or not marked as confidential. Nothing in this Section shall restrict the Provider from engaging third-party providers in accordance with the Agreement.
9.2. The Customer covenants to keep confidential and not disclose any information disclosed (whether in writing, orally or otherwise) by the Provider to the Customer (hereinafter "Provider Confidential Information") save as expressly permitted by the Agreement.
9.3. Confidential information of a Party may be disclosed by the other Party to that other Party's officers, employees, agents, insurers and professional advisers, provided that the recipient is bound in writing to maintain the confidentiality of the confidential information disclosed.
9.4. The obligations set out in this Section 9 shall not apply to:
a) confidential information that is publicly known (other than through a breach of an obligation of confidence);
b) Customer Confidential Information that is in possession of the Provider prior to disclosure by the Customer, and Provider Confidential Information that is in possession of the Customer prior to disclosure by the Provider;
c) Customer Confidential Information that is received by the Provider, and Provider Confidential Information that is received by the Customer, from an independent third party who has a right to disclose the relevant confidential information; or
d) confidential information that is required to be disclosed by law, or by a governmental authority, stock exchange or regulatory body, provided that the Party subject to such disclosure requirement must where permitted by law give to the other Party prompt written notice of the disclosure requirement.
9.5. Neither Party shall identify the other Party in any press release, public announcement, website, customer reference, case study, marketing material, external report, event, study, benchmark, academic research, policy research or similar public or external communication without the other Party’s prior written consent. The Provider shall not include the Customer, its sites, facilities, workspaces, benchmark participation or customer-specific results in any externally identifiable form without the Customer’s explicit prior written opt-in.
10. Term and Termination
10.1. The Agreement is entered into for the fixed term specified in the Order (hereinafter the "Term").
10.2. Either Party may terminate the Agreement immediately by giving written notice to the other Party if the other Party:
a) commits any breach of any term of the Agreement, and:
(i) the breach is not remediable; or
(ii) the breach is remediable, but the other Party fails to remedy the breach within 30 calendar days of receipt of a written notice requiring it to do so; or
(iii) persistently breaches the terms of the Agreement (irrespective of whether such breaches collectively constitute a material breach).
b) the other Party:
(i) is dissolved;
(ii) ceases to conduct all (or substantially all) of its business;
(iii) is or becomes unable to pay its debts as they fall due;
(iv) is or becomes insolvent or is declared insolvent; or
(v) an Order is made for the winding up of the other Party, or the other Party passes a resolution for its winding up (other than for the purpose of a solvent company reorganisation where the resulting entity will assume all the obligations of the other Party under the Agreement).
11. Effects of termination
11.1 Upon termination or expiry of the Agreement:
(a) the Customer’s right to access and use the Platform shall cease, unless otherwise expressly agreed in writing;
(b) the Provider may disable Customer access to the Platform and associated accounts;
(c) subject to the Agreement, the applicable Order and payment of all undisputed outstanding amounts, the Customer may request the export or return of Customer Data for a period of 30 days following termination or expiry in a format reasonably made available by the Provider;
(d) the Provider shall delete or return Customer Data in accordance with the Agreement, the applicable Order and the Provider’s retention and deletion procedures, subject to any legal retention obligations;
(e) all Fees accrued or payable up to the effective date of termination shall remain due and payable; and
(f) any transition assistance, custom export support, data migration support or other offboarding services beyond the Provider’s standard offboarding process shall require separate agreement and may be subject to additional Fees.
11.2 Termination or expiry of the Agreement shall not affect either Party’s accrued rights, remedies, obligations or liabilities as at the effective date of termination.
12. Force Majeure Event
12.1. Where a Force Majeure Event gives rise to a failure or delay in either Party performing its obligations under the Agreement (other than obligations to make payment), those obligations will be suspended for the duration of the Force Majeure Event.
12.2. A Party who becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in performing its obligations under the Agreement, will:
a) immediately notify the other; and
b) will inform the other of the period for which it is estimated that such failure or delay will continue.
12.3. The affected Party will take reasonable steps to mitigate the effects of the Force Majeure Event.
13. Miscellaneous
13.1. No breach of any provision of the Agreement will be waived except with the express written consent of the Party not in breach.
13.2. If a clause of the Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other clauses of the Agreement will continue in effect. If any unlawful and/or unenforceable clause would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the clause will continue in effect (unless that would contradict the clear intention of the Parties, in which case the entirety of the relevant clause will be deemed to be deleted). The Parties commit themselves to substitute the ineffective clause with one that most closely reflects the economic intention of the ineffective clause. The same applies to unintentional gaps in the contract.
13.3. Nothing in the Agreement will constitute a partnership, agency relationship or contract of employment between the Parties.
13.4. The Provider may update these T&C from time to time with effect for the future, provided that the Customer is given reasonable prior notice of any material changes in text form. If the Customer does not object in text form before the proposed effective date of the changes and continues to use the SaaS-Services after that date, the updated T&C shall be deemed accepted. Any amendments to the specific commercial terms of an Order or to any individually agreed provisions of the Agreement shall require agreement in text form unless a stricter form is required by applicable law.
13.5. The Customer may not assign any or all of its contractual rights and/or obligation without the prior written consent of the Provider.
13.6. The Customer hereby agrees that the Provider may freely assign any or all of its contractual rights and/or obligations under the Agreement to any Affiliate or any successor to all or a substantial part of the business of the Provider from time to time.
13.7. Neither Party will, without the other Party's prior written consent, either during the term of the Agreement or within 6 months after the date of effective termination of the Agreement, engage, employ or otherwise solicit for employment any employee, agent or contractor of the other Party who has been involved in the performance of the Agreement.
13.8. Each Party agrees to execute (and arrange for the execution of) any documents and do (and arrange for the doing of) any things reasonably within that Party’s power, which are necessary to enable the Parties to exercise their rights and fulfil their obligations under the Agreement.
13.9. This Agreement is made for the benefit of the Parties, and is not intended to benefit any third Party or be enforceable by any third party. The rights of the Parties to terminate, rescind, or agree any amendment, waiver, variation or settlement under or relating to the Agreement are not subject to the consent of any third party.
13.10. This Agreement constitutes the entire agreement between the Parties in relation to the subject matter of the Agreement, and supersedes all previous agreements, arrangements and understandings between the Parties in respect of that subject matter.
13.11. This Agreement will be governed by and construed in accordance with the substantive laws of Switzerland excluding its conflict of law provisions and excluding the United Nations Convention on the International Sale of Goods (CISG); and the exclusive place of jurisdiction is Zürich (City), Switzerland.
Annex 1 – Set-up
The Platform is a cloud-based software platform for climate adaptation assessment and portfolio as well as site-level decision support across Managed Sites.
The standard Platform scope includes functionality for climate risk assessment, prioritisation, core climate-risk and measure workflows, site data input and editing, export capabilities (subject to any trial-specific limitations), and multi-user collaboration within the subscribed organisational environment.
The Platform is designed for use across managed sites and related operational portfolios, depending on the applicable configuration, data coverage, and subscribed scope.
The Provider may update, enhance, modify, or discontinue Platform features from time to time, provided that the overall nature of the SaaS-Services is not materially reduced during the applicable Term, except where changes are required for legal, regulatory, security, or technical reasons.
A “Managed Site” means the operational decision unit assessed and managed within the Platform. In most cases, this is an individual building or a clearly defined infrastructure location. In some cases, a campus or larger operational site may count as one Managed Site if assessed and managed as one coherent decision unit.
Unless expressly agreed in the applicable Order, the Platform does not necessarily include all optional, advanced, or newly introduced features, including certain reporting, survey, integration, or enterprise administration functionalities.
Trial access, if granted, is limited to a guided 30-day trial following a demo, with export functionality limited during the trial unless otherwise stated in the applicable Order or trial confirmation.
The scope of access may vary depending on the subscribed plan, including in particular the number of Managed Sites, onboarding level, review cadence, success contact model, workspace scope, and support level as set out in the applicable Order.
Annex 2 - Service Level Agreement (SLA)
1. Service Availability
The Provider will use commercially reasonable efforts to ensure that the Platform will be available for 99.5% of the time, calculated on a calendar monthly basis. "Downtime" (calculated as the difference between 100% of the time in a calendar month and the actual percentage of time during that month that the Platform is available) will exclude unavailability due to (i) scheduled maintenance; (ii) technical malfunctions in the provider's website systems or any other circumstances beyond the Provider's reasonable control (for example but not limited to Internet delays, network congestion and ISP malfunctions).
2. Helpdesk
For standard paid plans, the Provider will make available an email helpdesk during Business Hours.
Premium 24x7 support shall only apply if expressly included in the applicable Order.
The Customer must make all requests for Support Services through the helpdesk at support@resilens.com.
2.1. Response Times
The Provider will use reasonable endeavours to respond to requests for Support Services made through the helpdesk as swiftly as possible and within the following response times:
Level | Description | Service Time | Response Time |
1 | complete outage or material failure of core functionality affecting all or substantially all users | 8/5 | 4 hours during business hours |
2 | significant impairment of important functionality, but workaround or partial use remains possible | 8/5 | 1 business day |
*Business Day meaning Monday-Friday except Swiss public national holidays and holidays in the municipality of Zurich City.
2.2. Resolution Times
The Provider will use reasonable endeavours to resolve issues raised by the Customer through the Helpdesk as swiftly as possible taking into account the severity of the incident, it being understood, however, that the Provider cannot guarantee resolution times.
3. Limits on Support Services
The Provider shall have no obligation under the Agreement to provide Support Services in respect of any fault or error caused by:
a) the improper use of the Platform by the Customer; or
b) the use of the Platform otherwise than in accordance with the terms and conditions of the Agreement.
4. Upgrades
The Customer acknowledges that from time to time during the Term the Provider may apply Upgrades to the Platform, "Upgrade" meaning new versions of, and updates to the Platform, whether for the purposes of fixing an error, bug or other issue or enhancing the functionality of the Platform. The Customer acknowledges that such Upgrades may, result in changes to the appearance and/or functionality of the Platform.
The Provider will give to the Customer prior written notice of any significant Upgrade to the Platform. Such notice shall include details of the specific changes to the functionality of the Platform resulting fromthe Upgrade.
5. Annexed maintenance
The Provider may suspend its SaaS-Services (including access to the Platform and/or the Application) in order to carry out scheduled maintenance, such maintenance to be carried out whenever possible outside office hours (as per Section 2.1 above).
The Provider will give reasonable prior notice of scheduled maintenance where practicable.
6. Data Storage
6.1. Operational Data Storage
Data is stored at rest using AES-256 Server Side Encryption. Infrastructure include automatic failover and automated health checks. Customer Data is hosted in Switzerland and/or the EEA, as specified in the applicable service documentation or Order. The Provider may change data centre locations within Switzerland and/or the EEA, provided that the applicable level of data protection and security is maintained.
6.2. Operational Data Transport
All communication between the Application and internal or external components (e.g. web browsers) are protected by TLS encryption.
7. Data Backups
Backups are performed on a rolling basis in the following intervals:
● Hourly
● Daily
● Weekly (every Sunday)
● monthly (first day of each month)
Historical backups are stored as follows:
● hourly backups are kept on a rolling basis of a 5-day history
● daily backups are kept on a rolling basis of a 14-day history
● Weekly backups are kept on a rolling basis of a 90-day history
● all monthly backups remain kept.
All backups are stored using AES-256 Server Side Encryption.
8. System Access
Access to Customer Data is restricted to authorized personnel and subprocessors on a need-to-know basis. The Provider will provide, upon request, a list of relevant service providers engaged in connection with the processing of Customer Data.Where access from outside Switzerland or the EEA is required, such access is subject to appropriate safeguards in accordance with applicable data protection laws (e.g., Standard Contractual Clauses). The Provider implements appropriate technical and organizational measures, including encryption and access controls, to protect Customer Data against unauthorized or unlawful access, including access requests from third-country authorities that are not based on applicable legal grounds or are not compliant with applicable data protection laws.
Non-customer access to the running system is restricted to the Provider's engineers for the purpose of support, system testing and maintenance.
9. Contract Termination
Upon termination or expiry of the Agreement, the Provider will delete or return Customer Data in accordance with the Agreement, the applicable Order, and the Provider’s retention and deletion procedures, subject to any legal retention obligations. The Provider may retain anonymised or aggregated data, provided that such data does not identify, and cannot reasonably be used to identify, the Customer, any individual, workspace, site, facility or other customer-specific deployment.
Annex 3 - Fees
1. General
1. Subscription Fees
The Fees for the SaaS-Services are set out in the applicable Order. Unless otherwise stated in the Order, Fees are charged on an annual subscription basis.
2. Plan Scope
The applicable Order shall specify, as relevant:
(a) the subscribed plan;
(b) the maximum number of Managed Sites included;
(c) the included onboarding and support level; and
(d) any agreed review cadence, workspace scope or success contact model.
3. Additional Fees
Additional Fees may apply, if expressly agreed in the applicable Order, for example for:
(a) additional workspaces;
(b) consulting services;
(c) bundled implementation or advisory support;
(d) premium support;
(e) integrations, custom work or Customisations; and
(f) programme or partner-specific commercial models.
4. Taxes
All Fees are exclusive of VAT or any similar taxes, unless expressly stated otherwise.
5. Invoicing and Payment
Fees shall be invoiced and paid as set out in the applicable Order.