Confimedis GmbH
By signing a contract or creating a user account with a purchase transaction via the internet presence of Confimedis GmbH, the Customer accepts the following General Terms and Conditions (GTC). Individual contractual provisions shall always take precedence and thus apply over conflicting or competing provisions in these GTC. The subject of a contractual relationship is usually the use of the Confimedis software in a Software-as-a-Service (SaaS) model, which may be extended by individual services.
These General Terms and Conditions consist of eight provisions that should be observed when using Confimedis’s offers. Although these eight conditions may seem standard and self-evident to some, please read these terms of use carefully. These terms of use not only protect our interests, but compliance with these terms also protects your own interests and the interests of third parties. Violation of these terms may result in your account being suspended or even lead to claims for damages. In some cases, you may also be provided with a user account by a party with whom you are collaborating (in which case you are a user of Confimedis).
All contracts for deliveries and services by Confimedis are based on these GTC. Counter-confirmations by the customer referring to their own GTC will only be accepted insofar as they do not contradict our GTC. Supplementary or deviating agreements require the express written consent of Confimedis. Customers are all natural or legal persons who conclude a contract with Confimedis or have registered and completed a purchase via the internet presence.
Confimedis reserves the right to amend these GTC at any time and without stating reasons in a manner reasonable for the customer. Individual agreements in a contractual relationship always take precedence over these GTC and require express consent for their amendment. Changes to the GTC will be offered to the customer by email at least eight weeks before the amended GTC come into force. If the customer does not object to the amended GTC within eight weeks of receiving the email regarding the change, silence shall be deemed consent to the amended GTC. This deemed consent does not apply to amendments of essential contractual terms — in particular those relating to remuneration, liability, scope of services, and data protection — which always require the customer’s express written consent. If the customer objects in due time, both parties have a special right of termination at the time the new GTC come into force, provided that no individually agreed fixed term (e.g. for a study) precludes this. In this case, the previous GTC shall continue to apply until the end of the term.
The subject of the contract is the provision of Confimedis software in the Software-as-a-Service (SaaS) model for use via the internet, as well as the storage and processing of customer data (data hosting). Furthermore, the customer may commission consulting, training, and development services from Confimedis employees within the framework of the contract. The performance of these services will take place according to individual agreement between the customer and Confimedis.
The contractual relationship between the customer and Confimedis comes into existence through a signed written contract (with the date of the last signature) or through registration via Confimedis’s internet presence with a completed purchase. Users who are invited to an existing project are not to be considered customers, but rather users. Performance is subject to availability if it depends on third parties and these third parties cause the unavailability. After a delay in performance of more than 4 weeks, the customer has the right to set a deadline of at least 14 days for the performance. After this period, the customer may withdraw from the contract by written declaration, provided that the performance has not yet been rendered. Any advance payments already made will be refunded in this case, whereby the customer must allow for services received to be set off against them. Unless gross negligence or intent is involved, compensation for damages due to delayed performance is excluded.
Access data are for personal use only and must not be passed on to third parties. The customer is responsible for their secure storage and is liable for all actions performed via the account assigned to them.
During the rental period, Confimedis provides the software in its current version for use via the internet. All usage rights not expressly granted remain with Confimedis or, if different, with the respective author. The customer’s right of use cannot be sublicensed to third parties without Confimedis’s consent.
For software operation, Confimedis stores the software on a server that is accessible to the customer via the internet.
Confimedis provides updates to the software included in the scope of services free of charge during the contract period. This includes, in particular, security updates and the rectification of general technical software errors. The following services are not regular services and are therefore subject to a fee:
Support and troubleshooting are available Monday to Friday, 09:00–18:00. The customer and Confimedis jointly define persons responsible for reporting malfunctions. See also Chapter 5.1, Defects.
Confimedis continuously monitors the functionality of the software and rectifies all software errors that limit or make the use of the software impossible, to the extent technically feasible. Confimedis is entitled to add and remove new functions to the software. Should the removal of functions disproportionately restrict the customer’s use, the customer shall have an immediate special right of termination.
All work results developed or adapted for the customer in the course of this contract, in particular study designs, eCRF structures, database configurations, evaluation logics, documentation, and other project-specific developments, shall pass to the customer’s exclusive, unrestricted right of use — unlimited in time, place, and subject matter — upon their creation.
The customer is in particular entitled to reproduce, edit, further develop, and make these work results available to third parties — including competitors of the Service Provider — for use.
The Service Provider shall receive only a non-exclusive right of use therein to the extent necessary for the performance of the contract.
The remuneration for the use of the software (subscription) is based on the scope of the subject matter of the contract, as defined under 2.1. If the customer chooses a paid subscription, they undertake to pay Confimedis the agreed fee for the software provision and data hosting plus the applicable sales tax. The billing cycle (monthly, quarterly, or annually) is defined in the individual contract. Payments are subject to the contractual performance by Confimedis. If the customer is in arrears with a payment for at least 30 days, Confimedis is entitled to refuse performance until the outstanding remuneration is paid. This can happen, for example, by blocking access to the software. If the customer is in arrears with a payment for at least 60 days, Confimedis is entitled to extraordinarily terminate the entire contractual relationship. It is clarified that all claims for overdue payments from the customer remain unaffected by such an extraordinary termination.
Amendments to the agreed scope of services shall be agreed upon in writing and shall take effect from the date specified therein.
The term and conditions for termination are governed by the individual agreements in the contract. Ordinary termination is possible at the end of the agreed billing period by email.
If the underlying clinical study is terminated, suspended, or regulatorily prohibited, the customer is entitled to terminate the contract with four weeks’ notice to the end of the month. In this case, remuneration will be charged on a pro-rata basis up to the date of termination.
The customer has the option to export their data independently in a machine-readable format (CDISC-ODM including audit trail) until the termination takes effect. Thereafter, Confimedis shall retain the customer’s data free of charge for at least 12 months after the termination takes effect and shall provide it upon request in a regulatorily recognized, validated format (CDISC-ODM including audit trail). After these 12 months, Confimedis is entitled to delete the user account including all data, unless an individual archiving agreement exists. Earlier deletion may be requested in writing at any time.
The right of the parties to immediate termination of the contract for good cause remains unaffected. A good cause exists for Confimedis in particular if the customer:
Confimedis has the right to terminate free demo accounts with 30 days’ notice after communicating it to the customer.
The use of Confimedis’s services is at the customer’s own expense and risk. The customer is responsible for using a secure device with a stable internet connection and an up-to-date web browser. The customer is also responsible for informing their employees about the GTC and ensuring compliance.
The customer acknowledges and agrees that they are solely and entirely responsible for the manner in which they use Confimedis’s services. In this regard, they hereby warrant that they will not use Confimedis’s services in violation of any laws or regulations that may be applicable to them, Confimedis, or the persons whose information they wish to process through Confimedis’s services.
Furthermore, the customer agrees not to infringe upon the rights of Confimedis or the rights of third parties. Without prejudice to the foregoing, this includes, for example:
The customer undertakes to take appropriate precautions to prevent unauthorized third-party access to the software. This includes, in particular, keeping the password secret and not making it accessible to any third party. The customer is also responsible for informing their employees about this. The password should be chosen and set by the user themselves. Users bear the responsibility and liability for all actions performed from their account. They are obliged to inform Confimedis immediately if they know or suspect that their account or access data are in the hands of unauthorized third parties. Furthermore, users are obliged to immediately take effective measures, such as changing login data.
Confimedis strongly recommends activating two-factor authentication to ensure that the user’s account is protected even if the password or email account is compromised.
The customer warrants that the use of Confimedis’s services and all data stored or otherwise processed with the aid of the services do not violate or infringe upon applicable law or the rights of third parties. Furthermore, the customer expressly warrants that they have a valid legal basis for processing personal data if they use Confimedis’s services to process personal data.
Unless strictly necessary, the customer should not use Confimedis’s services to store or otherwise process directly identifiable personal information (e.g., names, addresses, social security numbers, etc.) without ensuring that the customer uses (additional) security measures to secure such information, e.g., encryption functions to encrypt such information.
The customer shall defend, indemnify, and hold harmless Confimedis from and against all claims, actions, proceedings, losses, damages, expenses, and costs arising out of or in connection with the breach of the above representations and warranties.
The customer is aware that Confimedis is designed as a research tool. Content found in the software or on the website does not constitute medical advice and should not be used as a basis for medical decisions. Confimedis has no direct influence on how the services provided are used. Everything the customer does with Confimedis’s services and all data processed with the services are the sole responsibility of the customer.
The customer acknowledges that the use of Confimedis is subject to regulations related to medical research. The customer is aware that all actions are logged in an audit trail and linked to usernames and IP addresses. These actions may include logging in or out, creating forms, managing users, entering, removing, or changing data, sending surveys, and changing settings.
Confimedis’s services may contain information derived from and/or referring to (e.g., through hyperlinks, banners, or buttons) third-party websites, products, or services. Since Confimedis has no control over such third-party websites, products, or services, the customer agrees that Confimedis is not responsible or liable for the content of such information, websites, products, or services.
Privacy is Confimedis’s highest priority. Users’ personal data are handled with particular care. Users agree that their personal data may be stored and processed. Without notice and explicit consent from the users, personal data will not be made accessible to third parties, unless disclosure is necessary for one of the following reasons:
Users will be informed about product news within the software or by email. The contracting parties undertake to comply with the provisions of the General Data Protection Regulation (GDPR).
Confimedis undertakes to maintain secrecy regarding all business or trade secrets that come to its knowledge in the course of preparing, executing, and fulfilling the contract, and not to disclose or otherwise exploit them.
Confimedis is obliged to take appropriate precautions against data loss and unauthorized third-party access to the customer’s data. The specific technical and organizational measures are documented in Annex 3 (TOM). The customer has no right to restoration of data whose loss is due to their own fault. Individual data reconstruction is possible upon request and will be charged according to effort.
The customer remains the sole entitled party to the data in any case and can therefore demand from Confimedis at any time, especially after termination of the contract, the surrender of individual or all data, without any right of retention on the part of Confimedis. The data is provided via an export function in the software in the standardized CDISC-ODM format with audit trail.
Confimedis provides the service essentially as recorded in the individual contractual relationship.
If the services to be provided by Confimedis under this contract are defective, Confimedis will remedy or re-perform the services after notification by the customer. Confimedis undertakes to respond within the reaction times specified in the offer, initiate troubleshooting, and then rectify the malfunction as quickly as possible. All reaction times refer to business hours (Monday to Friday, 09:00–18:00 CET), excluding public holidays. The customer is obliged to report defects to Confimedis without delay via the usual support channel. If rectification or replacement by Confimedis fails within a reasonable period, the customer is entitled, at their discretion, to reasonably reduce the service price or to terminate the contract.
Confimedis makes no assurance, guarantee, or warranty that:
a) The use of the products will meet the customer’s requirements or expectations.
b) All defects or errors concerning the products, or software provided to the customer as part of the product, will be rectified, unless they affect the core functionality or individually agreed functions necessary for the implementation of a study.
Unless expressly agreed otherwise, advice or information received by the customer from the Service Provider shall not give rise to any warranty claims against the Service Provider.
Confimedis does not warrant that the software is suitable or available for use in other locations outside the contract territory.
Confimedis is liable for damages without limitation in cases of intent and gross negligence. In cases of slight negligence, Confimedis is only liable for the breach of essential contractual obligations (cardinal obligations); in such cases, liability is limited to the contract-typical, foreseeable damage.
Notwithstanding the foregoing, liability is not limited where damages arise directly from the breach of data protection, confidentiality, or regulatory obligations. In these cases, Confimedis is liable for the actual damage incurred, to the extent the statutory requirements are met.
Confimedis cannot be held liable for the misuse of information and data made accessible by users themselves to third parties.
The customer bears sole legal responsibility for stored data, content, and files and is responsible for compliance with legal regulations regarding data protection, licensing, and compliance. If an individual contract includes the validation of the software, Confimedis undertakes to provide the customer with all necessary documents with which compliance with legal regulations can be checked. These documents will be provided through access to Confimedis’s Quality Management System (QMS).
The parties mutually undertake to indemnify the respective other party from all third-party claims and to reimburse the costs incurred thereby, to the extent the respective party has caused such claims through its own culpable breach of obligation. The customer shall in particular indemnify Confimedis from third-party claims based on unlawfully stored or processed data. Confimedis shall in particular indemnify the customer from third-party claims based on a culpable breach of data protection, confidentiality, or regulatory obligations by Confimedis.
Confimedis is entitled to immediately suspend the account if there is a reasonable suspicion that the stored data has been obtained unlawfully and/or infringes the rights of third parties. A reasonable suspicion of illegality and/or infringement exists in particular if courts, authorities, and/or other third parties inform Confimedis thereof. Confimedis must inform the customer of the suspension and the reason for it without delay. The suspension shall be lifted as soon as the suspicion has been dispelled.
All notifications must be sent in writing to the addresses provided. Transmission by email shall suffice for the written form requirement. The contracting parties are obliged to inform the other contracting party immediately of any changes of address, otherwise notifications sent to the last address provided in writing shall be deemed legally effective.
The customer may only set off against or assert a right of retention with claims other than their contractual counterclaims from the respective affected legal transaction if this claim is undisputed by Confimedis or has been legally established.
The law of the Federal Republic of Germany shall apply. In the case of individually negotiated contracts with customers domiciled in the United States of America, the law of the state in which the customer has its registered office shall apply. Notwithstanding the application of foreign law, the limited liability status of Confimedis GmbH under German law shall remain in full effect, and no member of Confimedis shall be personally liable for any obligations of the company beyond the extent provided for under German law.
The exclusive place of jurisdiction for all disputes between the parties arising from or in connection with the business relationship shall be the competent court at Confimedis’s registered office. In the case of individually negotiated contracts with customers domiciled in the United States of America, the exclusive place of jurisdiction shall be the competent court at the customer’s registered office.
Should individual provisions or parts of the contract prove to be ineffective, the validity of the overall agreement shall not be affected thereby. In such a case, the contracting parties shall adapt the contract in such a way that the purpose pursued with the void or ineffective part is achieved as far as possible.
Confimedis undertakes to comply with the SPECTARIS Code of Conduct in its current version. The Code forms an integral part of this contract. A serious or persistent breach of the Code of Conduct entitles the customer to extraordinarily terminate the contract, provided that Confimedis has not remedied the breach following written notice and the setting of a reasonable cure period of at least 30 days.