General Terms and Conditions for ZEFORT’S Services
Last Updated Date 19th May 2025
1. GENERAL
1.1 These general terms and conditions (the “Terms”) apply to the Agreement between Zefort Oy (“Zefort”) and the Customer regarding Zefort's Services. They constitute an appendix to the Agreement and form an integral part of the Agreement. In the event of a conflict between these Terms and the provisions of the Agreement, the provisions of the Agreement shall prevail.
1.2. Zefort may amend the Terms from time to time at its own discretion. In case the amendments significantly impact the rights or responsibilities of the Customer, Zefort shall notify the Customer of such changes thirty (30) days before such changes enter into force. If the Customer does not accept the changes, the Customer shall notify Zefort hereof within ten (10) days of receipt of the notification of the changes. Each Party may then, at their own discretion, terminate the agreement.
For other changes, such as changes of a technical nature, which do not significantly impact the rights or responsibilities of the Customer, Zefort has the right to inform the Customer by notifying of the changes on its website or other communication channel as it deems appropriate. Such changes shall take effect at a time to be determined by Zefort. The changes become binding on the Customer unless the Customer notifies Zefort before the changes take effect that it does not accept the changes. If the Customer does not accept the changes, the Parties shall have the right to terminate the Agreement upon thirty (30) days’ notice.
1.3. The Service supplied by Zefort enables contract lifecycle management, electronic agreement signing and verification, sending agreements to your contracting parties for signature, archiving agreements and utilizing electronic forms.
2. DEFINITIONS
Affiliates: Party’s officers, directors, employees, agents, service providers, licensors, sub-contractors and entities which are controlled by, controlling or under common control with such entity.
Agreement: The agreement between Zefort and the Customer under which the Customer engages Zefort to supply the Services.
Content: Any Customer documents, content and data stored and processed by Zefort for the Services.
Customer: Zefort’s customer under the Agreement.
eIDAS: Electronic Identification, Authentication, and Trust Services Regulation, Regulation (EU) No 910/2014
Data protection legislation: The data protection legislation framework applicable to the Controller, including but not limited to the General Data Protection Regulation (EU) 2016/679 (the GDPR) applicable from 25 May 2018. The data protection legislation includes applicable national law of the country where the Controller is registered that regulates the processing of Personal Data.
Zefort Sign: Refers to agreement signing with the aid of the mobile identification mechanisms or other electronic identification methods approved by eIDAS, or a separate signature mechanism determined by Zefort and provided by a third party.
a) Electronic signature (or Simple Electronic signature) means data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.
b) Advanced electronic signature means an electronic signature which meets the requirements set out in Article 26 in eIDAS. Advanced electronic signature is uniquely linked to the signatory; is capable of identifying the signatory; is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.
External Solution: Refers to any third-party software or service not developed or maintained by Zefort, which can be integrated with the Zefort CLM platform. Examples of External Solutions are external e-signature solutions (such as DocuSign) and destination storage solutions of Zefort’s Cloud Data Mirror (such as Azure and AWS).
Party/Parties: Zefort and/or the Customer.
Production Environment: An instance of the system which is used by Customer for live support of its business.
Service: The Services supplied by Zefort to the Customer under the Agreement, facilitating the management of contracts, electronically signing agreements and storing them in the electronic Zefort archive, as well as utilizing electronic forms.
Test Environment: An instance of the system which is used for testing and evaluating the system or components of the system separately from the Production Environment.
Working Day: Monday to Friday excluding public holidays in the applicable territory where the Service is provided by Zefort.
Zefort: Trade name of Zefort Oy.
Controller, Data Subject, Personal Data, Processor, Processing, Personal Data Breach, Supervisory Authority and Third Party have the meanings described in the GDPR.
3. CUSTOMER'S RESPONSIBILITY
3.1. The Customer is responsible for all handling of electronic identification, user names and passwords and undertakes in particular to not disclose the electronic identification, user names and/or passwords to any unauthorized person or otherwise allow any unauthorized person to access the Services under the Customer’s electronic identification, user names and/or passwords. If the Customer has reason to believe that an unauthorized person has gained access to the Customer’s user names and/or passwords the Customer must immediately inform Zefort. The Customer is responsible for ensuring that all the Customer’s personnel comply with the provisions of this section.
3.2 The Customer is responsible for all use of the Services under the usernames and/or passwords provided to Customer by Zefort.
3.3 The Customer is responsible for properly configuring the Services. Zefort log-in credentials are for Customer’s internal use only and the Customer may not sell, transfer or sublicense them to any other entity or person, except in situation where the customer may disclose their log-in credentials to their affiliates or third-party consultants performing work on the Customer’s behalf.
3.4 The Customer shall take care of acquiring and maintaining hardware, software and telecommunication links required by the Services as well as of other technical equipment relating to the use of the service and costs related to them. Zefort recommends using the newest browser versions to maintain user’s data security and general functionality of the Services.
3.5 The Customer is responsible for the quality of all content provided to Zefort.
3.6 Regardless of delivery method (which may include but is not limited to delivery via e-mail or by the Customer uploading content directly to Zefort’s servers) the transfer of content from the Customer to Zefort is at the Customer’s risk.
3.7 The Customer is responsible for ensuring that exporting the Services to a country of operation does not violate any prohibitions or permits and service features are applied according to a country and agreement domain specific requirements.
3.8. The Customer bears the responsibility of verifying the legality of the electronic signature within the jurisdiction where it is utilized. Zefort is not liable if a legal act is deemed invalid due to the usage of Zefort Sign. Certain legal transactions, such as the sale of real estate, require the signature to be made in a standard form, in which case the electronic signature may not be valid.
3.9 The Customer guarantees that it owns or otherwise controls all necessary rights to the Content for the purpose of Zefort providing the Services. The Customer shall indemnify and hold harmless Zefort from any claims regarding infringements of a third party’s rights attributable to the Content. The Customer agrees to not provide Zefort with any Content (including but not limited to by uploading Content to Zefort’s servers) which (i) contains viruses, corrupted data, malicious software or other programs that may harm computers or other property or (ii) is defamatory, constitutes agitation against an ethnic group, infringes the rights of any third party or is otherwise unlawful. Zefort has the right to immediately remove from Zefort’s servers any Content that Zefort in its sole discretion deems is in breach of this section or the Terms otherwise. Zefort shall without undue delay notify the Customer thereof.
3.10 The Customer may not use Zefort Product, Service or Technology in any manner or for any purpose other than as expressly permitted by this Agreement. The Customer may not attempt to, (a) modify, alter, tamper with, repair, or otherwise create derivative works of any software included in the Services (except to the extent software included in the Services are provided to the Customer under a separate license that expressly permits the creation of derivative works), (b) reverse engineer, disassemble, or decompile the Services or apply any other process or procedure to derive the source code of any software included in the Services, (c) access or use the Services in a way intended to avoid incurring fees or exceeding usage limits or quotas, or (d) resell or sublicense the Services (except agreed under a separate license that expressly permits the resell or sublicense of Zefort services). All licenses granted to the Customer in this Agreement are conditional on Customer’s continued compliance with this Agreement, and will immediately and automatically terminate if Customer does not comply with any term or condition of this Agreement. During and after the term, the Customer will not assert, nor will authorize, assist, or encourage any third party to assert, against Zefort or any of Zefort’s affiliates, customers, vendors, business partners, or licensors, any patent infringement or other intellectual property infringement claim regarding any Services the Customer have used.
4. ZEFORT'S RESPONSIBILITY
4.1 If the Parties have entered into a Service Level Agreement (SLA), Zefort’s responsibility for Services is regulated in such SLA. These Terms shall equally apply to such SLA, unless otherwise stated therein.
4.2 If the Parties have not entered into a SLA, Zefort assumes no liability for the accessibility or other functionality of the Services.
4.3 Zefort will, as part of the Services
(i) operate the Service with ISO 27001 certification, ensuring robust information security management.
(ii) provide the Client with Zefort’s standard customer support services during Working Days;
(iii) follow its back-up processes by taking back-ups of Content and
(iv) notify the Client if it becomes aware of any information security incidents affecting the security of the Service or the Content.
4.4. The Service is typically available 24 hours a day. Nonetheless, Zefort reserves the right to temporarily suspend the Service or parts of it for maintenance, installation, modification, excessive system load, or similar reasons, without assuming liability for any damages incurred.
4.5. Zefort consistently endeavors making its Services accessible to all users.
5. PROPRIETARY RIGHTS
5.1 All copyright, patent or other intellectual property rights attributable to the Services are owned by or licensed to Zefort. The Services, and any software included therein, may only be used by the Customer and its affiliates during the Term and as described in the Agreement and may only be copied or otherwise reproduced by the Customer to the extent it is permitted by Zefort in writing.
5.2 Without limiting the generality of the foregoing, in the event that Zefort as part of the Services delivers any services, material or applications tailored for the Customer (“Customer Applications”), Zefort shall be the sole owner of all such Customer Applications and the Customer may only use the Customer Applications during the term of the Agreement. The Customer may not use any Customer Applications upon expiry of the Agreement without Zefort’s prior written consent.
5.3 For clarity, neither Party shall acquire any right under the Agreement to the other Party’s trademarks, product trademarks, distinctive marks and other symbols which are used in connection with the Services and any use of such marks or symbols of the other Party requires such Party’s prior written consent. All Content is, and shall remain, the property of the Customer.
6. DATA PROCESSING AND PERSONAL DATA
6.1. In the processing of personal data, Zefort complies with Data Protection Legislation and processes personal data in accordance with its current Data Privacy Statement. Matters related to data processing and personal data are further described in the Personal Data Processing Annex which is an integral and inseparable part of these Terms.
6.2. In addition, the Zefort may use the personal data and other Content in the Service internally under the agreed confidentiality obligations for development purposes to improve and optimize its Services to the Customer. Personal data and Content may not in any way be processed for any other purposes
7. INTEGRATING ZEFORT WITH EXTERNAL SOLUTIONS
7.1 Zefort provides customers with the option to integrate the Zefort services with external solutions ("External Solutions") to enhance their contract management processes. Such integrations may involve sharing data or establishing connections between Zefort and External Solutions.
7.2 The Customer acknowledges and agrees that when integrating Zefort with External Solutions, they bear full responsibility for the information security and data protection of the external system. The Customer must exercise due diligence in configuring the integration correctly and maintaining the External Solution in a manner that ensures the security and integrity of their data.
7.3 Zefort shall not be liable for any breaches, data leaks, or security incidents that may arise from the Customer's use of External Solutions or any misconfiguration or improper maintenance of such solutions.
7.4 It is the Customer's obligation to review and comply with the privacy policies, terms of service, and security practices of the External Solution providers. Zefort shall not be responsible for the security practices, data handling, or compliance measures of these External Solutions.
7.5 Zefort may offer support and guidance in the integration process, but such assistance does not absolve the Customer of their responsibility for the security of the External Solution.
7.6 Zefort reserves the right to discontinue or limit the integration with any External Solution at its sole discretion if it deems the integration poses potential security risks or adversely impacts the performance or integrity of the Zefort services.
8. CHANGES
8.1 Zefort may change, discontinue, or deprecate any of the Service offerings (including the Service offerings as a whole) or change or remove features or functionality of the Service offerings from time to time. Zefort will notify the Customer of any material change to or discontinuation of the Service offerings. However, if Zefort changes, discontinues or deprecates its Service offerings [any APIs (Application Programming Interface)] for the Services from time to time, Zefort will use commercially reasonable efforts to continue supporting the previous version of any API changed, discontinued, or deprecated for 12 months after the change, discontinuation, or deprecation (except if doing so (a) would pose a security or intellectual property issue, (b) is economically or technically burdensome, or (c) is needed to comply with the law or requests of governmental entities).
9. FEES AND PAYMENT TERMS
9.1 The fees shall be set out in the Agreement and Appendices.
9.2 All fees shall be invoiced in the currency set out in the Agreement.
9.3 If an invoice is more than thirty (30) days overdue and the Customer has not paid such invoice within ten (10) days from a reminder, Zefort is entitled to immediately suspend provision of the Services.
9.4 Value added tax will be added to all fees to the extent required by law. In the event that value added tax is not initially charged, Zefort shall be entitled to charge value added tax at a later stage should relevant tax authorities decide that value added tax should be charged.
9.5 Zefort reserves the right to amend the fees in the Agreement and Appendices.
10. NO WAIVERS
10.1 The failure by either Party to enforce any provision of this Agreement will not constitute a present or future waiver of such provision nor limit such Party's right to enforce such provision at a later time. All waivers by a Party must be in writing to be effective.
11. TERMINATION
11.1 Each Party shall be entitled to terminate the Agreement by written notice with immediate effect if:
(i) the other Party is in material breach of the Agreement and does not remedy such breach (where possible to remedy) within thirty (30) days from written notice thereof,
(ii) the other Party is declared bankrupt, enters into liquidation, commences proceedings for a corporate reconstruction and/or when it otherwise becomes apparent that a Party is insolvent in some other way,
(iii) if Zefort’s relationship with a third party partner who provides software or other technology Zefort uses to provide the Services expires, terminates or requires Zefort to change the way they provide the software or other technology as part of the Services,
(iv) if Zefort believes providing the Services could create a substantial economic or technical burden or material security risk for Zefort,
(v) in order to comply with the law or requests of governmental entities.
12. EFFECT OF TERMINATION
12.1 Upon termination of the Agreement, all rights under this agreement to use Zefort services will immediately terminate.
12.2 Upon termination of the Agreement, Zefort will delete all content provided by the Customer, unless the Customer notifies Zefort otherwise within thirty (30) days from the termination of the Agreement. The Customer shall compensate Zefort for any additional costs resulting from the Customer's instructions regarding handling of the content.
12.3 Upon termination of the Agreement, the customer is responsible for all fees and payments incurred through the date of termination, including fees and payments for agreed in-process tasks completed after the date of termination.
13. DISCLAIMER OF WARRANTY
13.1. Using big data, artificial intelligence, machine learning, modelling techniques as well as professional expertise, the insights, points of view, learning modules and other data should be correct in the assessment, but are directional in nature and may not suit for all particular needs, therefore cannot be relied on. Zefort is not liable for the outcomes or results out of use of them and they cannot be construed as specific advice.
13.2 Zefort does not give warranties and is not responsible for damage, loss of data or other harm that results from use of the Services.
13.3 Zefort is not responsible for any disturbances the Services may cause to any other software when the Services are used together with such software or otherwise.
13.4 Zefort is not liable for any delay or disruption in transmission of content or malfunctions caused by (i) the quality of the content provided to Zefort, (ii) the Customer’s mistake when uploading content (whether in breach of Zefort’s instructions or not), including but not limited to the Customer providing incorrect format information when uploading content or (iii) otherwise by the Customer’s incorrect use of the Services.
14. LIMITATION OF LIABILITY
14.1 Neither Party shall be liable for any loss of profits, loss of production, reduced turnover in business and similar costs or losses or any other indirect damages. Neither Party shall be liable for damage caused by the acts or omissions of the other Party. Both Parties’ maximum liability for any event is limited to direct damages up to an amount corresponding to one month´s fee for the Services.
14.2 Each Party shall present any claims against the other Party at the latest three (3) months from the date when the Party discovered, or should have discovered, the reason for the claim.
15. FORCE MAJEURE
15.1 If a Party is prevented from fulfilling its commitments in accordance with the Agreement, by circumstances beyond its control that it could not reasonably be expected to have foreseen, and the result of which the Party could not reasonably be expected to have avoided or overcome such as including but not limited to strike, labour conflict, war, warlike hostilities, insurrection or riot, mobilization or general military call-up, civil war, requisition, seizure, fire, lightning, earthquake, flood or water damage, altered decisions by authorities, intervention by authorities, legislation or official restrictions, currency restrictions, export or import restrictions, general shortage of goods, lack of bandwidth and faults or delays in services from a subcontractor, such Party shall be relieved from liability for a failure to perform any obligation under the Agreement.
15.2 Any Party that invokes relief in accordance with the above shall inform the other Party thereof without delay. If the performance of any obligation is prevented for a period longer than three (3) months as a result of any such circumstance stated above, each Party is entitled to terminate the Agreement free from liability to compensate the other Party.
16. SUBCONTRACTORS
16.1 Zefort shall be entitled to engage subcontractors to fulfill its undertakings under the Agreement. Zefort shall
be responsible for all work performed by the subcontractor as though the work had been performed by Zefort.
17. ASSIGNMENT
17.1 Each Party may assign its rights or obligations under the Agreement to an affiliated company or to an entity to which such Party has transferred its business operations.
18. CONFIDENTIALITY
18.1 Each Party undertakes not to disclose to any third-party details of the Agreement or information regarding the other Party’s activities which may be deemed as business or professional secrets, without the other Party’s express written consent. Information which the Party states to be confidential will always be deemed to be business or professional secrets. The duty of confidentiality does not include such information which a Party can prove has come to its knowledge other than through the Services, or which is generally known, nor does the duty of confidentiality apply where a Party is obligated under law to supply the information.
18.2 Each Party undertakes to supervise that employees or other engaged persons do not convey confidential information to any third party.
18.3 The duty of confidentiality shall apply during the Term of this agreement and three (3) years thereafter. Customer’s Content shall be confidential information of the Customer and confidentiality obligations by Zefort in relation to Content shall remain perpetually.
19. MARKETING
19.1 All PR, public announcements and marketing with respect to the Agreement shall be jointly approved by the Parties. Zefort shall however be entitled to publish the Customer's name and logotype on its website and to refer to the Customer as Zefort’s customer in marketing and promotion material.
20. INDEMNIFICATION
20.1 The Customer will defend and indemnify Zefort, Zefort’s affiliates, and each of their respective employees, officers, directors, and representatives from and against any direct out of pocket damages, costs, and expenses (including reasonable legal fees) relating to any claim by an independent third party alleging that (i) the Customer’s use of the Services (including any activities under Customer’s Zefort account and use by Customer’s employees and personnel) in violation of this Agreement or in violation of applicable law by the Customer or (ii) Customer’s Content, including any claim involving alleged infringement or misappropriation of third-party rights by Customer’s Content or by the use, Customer’s Content; breaches such third party’s rights.
20.2 Zefort will defend and indemnify the Customer, Customer’s affiliates, and each of their respective employees, officers, directors, and representatives from and against any direct out of pocket damages, costs, and expenses (including reasonable legal fees) relating to any claim by an independent third party alleging that the Services or Customer’s use thereof (including any activities under Customer’s Zefort account and use by Customer’s employees and personnel) breach (i) any third party intellectual property or other rights; or (ii) any applicable law to the extent such breach is attributable to Zefort.
21. NOTICES
21.1 Any notice given by one Party to the other shall be deemed properly given if specifically acknowledged by the receiving Party in writing (e-mail is sufficient provided it comes from an official account) or when delivered to the receiving Party by hand, registered mail or courier during normal business hours.
21.2 Notice is considered to be delivered one day after it is sent, if by official e-mail or by next day delivery by a major commercial delivery service.
22. GOVERNING LAW AND DISPUTES
22.1 This Agreement and any non-contractual obligations arising out of or in connection with it shall be governed by substantive Finnish law, excluding the choice-of-law principles.
22.2 Any dispute, controversy or claim arising out of or in connection with the Agreement or any non-contractual obligation arising out of or in connection with the Agreement shall be finally settled by arbitration administered by the Arbitration Institute of the Finland Chamber of Commerce. The place of arbitration shall be Helsinki, Finland. The language used in the proceeding shall be English, unless the Parties agree otherwise.
22.3 The Rules for Expedited Arbitrations shall apply where the amount in dispute does not exceed EUR 100,000. Where the amount in dispute exceeds EUR 100,000 the Arbitration Rules shall apply. The Arbitral Tribunal shall be composed of a sole arbitrator where the amount in dispute exceeds EUR 100,000 but not EUR 1,000,000. Where the amount in dispute exceeds EUR 1,000,000, the Arbitral Tribunal shall be composed of three arbitrators.