Geschäftsbedingungen

Zuletzt aktualisiert: 4. Juli 2025

Diese Allgemeinen Geschäftsbedingungen (“Bedingungen”) regeln Ihren Zugriff auf und Ihre Nutzung der C2 All-in-One Human Resource Information System (HRIS) Plattform (“Plattform”), die von Agile Futurist (“C2”, “wir”, “uns” oder “unser”) bereitgestellt wird. Agile Futurist ist ein Einzelunternehmen, das nach niederländischem Recht registriert ist und seinen Hauptsitz in Cuijk, Niederlande, hat. Durch den Zugriff auf oder die Nutzung der Plattform erklären Sie (“Kunde”, “Sie” oder “Ihr”), eine Geschäftseinheit, die in der Europäischen Union (“EU”) tätig ist oder personenbezogene Daten von EU-Dateninhabern verarbeitet, sich mit diesen Bedingungen einverstanden zu erklären. Wenn Sie mit diesen Bedingungen nicht einverstanden sind, dürfen Sie die Plattform nicht nutzen.

Diese Bedingungen sind in erster Linie auf die Einhaltung der Datenschutz-Grundverordnung (EU) 2016/679 (“DSGVO”), um den Schutz personenbezogener Daten für unsere europäischen Kunden zu gewährleisten.

1. Definitionen

  • KundendatenAlle Daten, einschließlich personenbezogener Daten im Sinne der DSGVO, die Sie oder Ihre autorisierten Benutzer auf der Plattform eingeben.
  • Personenbezogene DatenInformationen in Bezug auf eine identifizierte oder identifizierbare natürliche Person (“betroffene Person”), wie in der DSGVO definiert, die über die Plattform verarbeitet werden (z. B. Mitarbeiternamen, Kontakt Details, Gehaltsinformationen).
  • PlattformDie C2 All-in-One HRIS-Plattform, einschließlich ihrer Software, Funktionen und Dienste, wie integrierte Personalbeschaffung, Onboarding, Mitarbeiterverwaltung, Leistungsmanagement, Mitarbeiterbindung, Compliance-Tools und Berichterstattung.
  • Autorisierte Benutzer: Ihre Mitarbeiter, Auftragnehmer oder bevollmächtigten Agenten, die in Ihrem Namen auf die Plattform zugreifen dürfen.
  • AbonnementplanDer von Ihnen gewählte spezifische Plan (z. B. Start-up, KMU oder Enterprise), der den Umfang des Zugangs, die Funktionen und die Gebühren bestimmt.
  • Datenverarbeitungvereinbarung: The agreement governing the processing of Personal Data by C2 as data processor on your behalf, incorporated into these Terms and publicly available on the Vertrauenszentrum at cognitis.cloud/trust-center/.
  • AI Assistant: The AI-powered HR assistant feature of the Platform, described further in Section 4.5.

2. Access and Use of the Platform

2.1 Licence Grant

C2 grants you a non-exclusive, non-transferable, revocable licence to access and use the Platform for your internal business purposes during the term of your Subscription Plan, subject to these Terms, the DPA, and any applicable service agreement.

2.2 Authorised Use

  • You may use the Platform to manage HR functions, including recruitment, onboarding, employee records, performance evaluations, compliance, and engagement, as described in your Subscription Plan.
  • You are responsible for ensuring that Authorised Users comply with these Terms and GDPR requirements.

2.3 Restrictions

  • You may not:
    • Copy, modify, reverse-engineer, decompile, or disassemble the Platform.
    • Distribute, sublicence, or resell access to the Platform.
    • Use the Platform for unlawful purposes or in violation of GDPR or other applicable laws.
    • Attempt to gain unauthorised access to the Platform or its systems.
  • Any unauthorised use may result in immediate suspension or termination of your access and potential GDPR-related penalties.

2.4 Subscription Plan

  • Access to the Platform is provided under the terms of your selected Subscription Plan (e.g., Start-up, SME, or Enterprise).
  • Features and usage limits (e.g., number of users, data storage) are determined by your plan, as outlined in your service agreement or order form.

3. Client Responsibilities

3.1 Account Management

  • You are responsible for maintaining the security of your account credentials and for all activities conducted under your account.
  • You must promptly notify C2 of any unauthorised access or security breaches, as required by GDPR Article 33.

3.2 Client Data and GDPR Compliance

  • You are the data controller (as defined by GDPR) for Personal Data entered into the Platform and are responsible for:
    • Ensuring the accuracy, lawfulness, and appropriateness of Client Data.
    • Obtaining necessary consents or legal bases for processing Personal Data (e.g., employee consent or contract necessity).
    • Complying with data subject rights requests (e.g., access, rectification, erasure) under GDPR Articles 15 to 22.
  • You represent and warrant that you have the necessary rights and lawful bases to upload and process Client Data in compliance with GDPR and other applicable data protection laws.

3.3 Technical Requirements

You must maintain compatible hardware, software, and internet connectivity as specified by C2 to access the Platform securely.

3.4 Compliance with Laws

  • You agree to use the Platform in compliance with GDPR, EU employment laws, and other applicable regulations.
  • You are responsible for ensuring that your use of the Platform aligns with your internal policies and any collective bargaining agreements.

4. C2 Responsibilities

4.1 Platform Availability

C2 will maintain the Platform’s availability at a minimum of 99.5% uptime per calendar month, calculated excluding scheduled maintenance windows. Scheduled maintenance will be announced at least 48 hours in advance and conducted outside peak business hours (09:00 to 17:00 CET) where feasible. Current uptime history is available on request from support@cognitis.cloud.

4.2 Support Services

C2 provides the following support tiers:

  • Standard support: business hours (09:00 to 17:00 CET, Monday to Friday, excluding EU public holidays), available by email at support@cognitis.cloud and via the in-platform helpdesk portal.
  • Critical issues (Platform wholly unavailable): 24/7, with initial acknowledgement within four (4) hours.

Response time targets for non-critical issues and any additional support commitments are set out in your service agreement.

4.3 GDPR Compliance

C2 acts as a data processor (as defined by GDPR) for Personal Data processed via the Platform and will:

  • Process Personal Data only on your documented instructions, as set forth in these Terms and the DPA.
  • Implement technical and organisational measures to ensure the security of Personal Data, per GDPR Article 32.
  • Assist you in fulfilling data subject rights requests under GDPR Articles 15 to 22, and in conducting Data Protection Impact Assessments (DPIAs) as required by GDPR Articles 35 to 36.
  • Notify you without undue delay (within 72 hours) of any personal data breach, per GDPR Article 33.
  • Engage sub-processors only with your prior written authorisation (general or specific, as set out in the DPA) and ensure sub-processors comply with GDPR via contractual agreements.

C2 is working towards ISO 27001 certification (internal gap assessment underway in 2026) and is conducting an internal NIS 2 applicability review. Current technical and organisational security measures are described in full in Schedule 2 of the DPA, available at cognitis.cloud/trust-center/.

4.4 Updates

C2 will periodically update the Platform to enhance functionality, security, and GDPR compliance. Updates are provided at no additional cost, provided you comply with these Terms.

4.5 AI-Assisted Features

The Platform includes an AI HR Assistant (“AI Assistant”). This feature uses a large language model to respond to HR-related queries. Only query text and relevant excerpts from C2’s internal knowledge base are transmitted to the language model provider; no personal employee data (including names, employment records, payroll or performance data) is transmitted. Knowledge retrieval is handled by a self-hosted vector database hosted exclusively on EU (Ireland, eu-west-1) infrastructure. Language model inference is governed by Standard Contractual Clauses (SCC Module 2) with the provider. Enterprise-tier customers may request an EU-hosted or self-hosted language model alternative on request.

AI-generated outputs are indicative only. You remain solely responsible for verifying and acting on any content generated by the AI Assistant.

5. Fees and Payment

5.1 Subscription Fees

  • You agree to pay the fees for your Subscription Plan as outlined in your service agreement or order form.
  • Fees are non-refundable except as specified in your service agreement or these Terms.

5.2 Payment Terms

  • Payments are due per the schedule in your service agreement (e.g., monthly, quarterly, or annually).
  • Late payments incur interest at 1.5% per month or the maximum rate permitted by applicable law, plus reasonable collection costs.

5.3 Taxes

You are responsible for all applicable taxes (e.g., VAT) related to your use of the Platform, excluding taxes based on C2’s net income. C2 will provide VAT-compliant invoices for EU clients.

5.4 Fee Changes

C2 may adjust fees upon renewal of your Subscription Plan, with at least 60 days’ written notice prior to the renewal term.

6. Data Ownership and GDPR Obligations

6.1 Client Data Ownership

  • You retain all rights, title, and interest in Client Data, including Personal Data.
  • C2 claims no ownership over Client Data and processes it solely to provide the Platform’s services.

6.2 Data Processing Agreement (DPA)

The processing of Personal Data is governed by the DPA, incorporated into these Terms and publicly available at cognitis.cloud/trust-center/. The DPA outlines C2’s obligations as a data processor, including data security, sub-processor management, and breach notification. If your internal policy requires a countersigned copy, Kontakt dpo@cognitis.cloud.

6.3 Data Security

C2 implements industry-standard measures to protect Personal Data, including encryption, access controls, and regular security audits, per GDPR Article 32. In case of a personal data breach, C2 will notify you within 72 hours, as required by GDPR Article 33, and cooperate with you to mitigate the impact.

6.4 Data Subject Rights

  • C2 will assist you in responding to data subject requests (e.g., access, rectification, erasure) under GDPR Articles 15 to 22, subject to reasonable fees for requests that are manifestly unfounded or excessive within the meaning of GDPR Article 12(5).
  • You must notify C2 promptly of any data subject requests to ensure timely compliance.

6.5 Data Export

Upon your request, C2 will provide an export of Client Data in a structured, commonly used, machine-readable format during the term or within 60 days of termination, in accordance with GDPR Article 20. One full data export per subscription year is included at no charge; additional exports may be subject to reasonable processing fees as set out in your service agreement.

6.6 Data Retention

C2 will retain Client Data during the term of your Subscription Plan. Upon termination, C2 will delete Client Data within 90 days, unless required to retain it by applicable EU law (e.g., for tax or regulatory purposes).

7. Intellectual Property

7.1 C2 Intellectual Property

  • The Platform, including all software, code, designs, documentation, and trademarks, is owned by C2 or its licensors.
  • You are granted no ownership or intellectual property rights beyond the licence in Section 2.1.

7.2 Client Intellectual Property

C2 claims no rights to intellectual property you create or upload to the Platform, except as necessary to provide the Platform’s services.

7.3 Feedback

Feedback you provide about the Platform may be used by C2 to improve its services, without obligation or compensation to you.

8. Confidentiality

8.1 Definition

“Confidential Information” includes non-public information disclosed by either party in connection with these Terms, such as Client Data, business plans, pricing, and Platform specifications.

8.2 Obligations

Each party will:

  • Use Confidential Information only to fulfil its obligations under these Terms.
  • Not disclose Confidential Information to third parties without prior written consent, except as required by law.
  • Protect Confidential Information using measures at least as protective as those used for its own confidential information, and in any event no less than reasonable care consistent with GDPR and industry standards.

8.3 Exceptions

Confidential Information excludes information that: (a) is or becomes publicly available through no fault of the receiving party; (b) was independently developed by the receiving party without reference to the Confidential Information; or (c) was rightfully received from a third party without restriction.

9. Term and Termination

9.1 Term

These Terms remain in effect for the duration of your Subscription Plan, as specified in your service agreement.

9.2 Termination by Client

You may terminate your Subscription Plan in accordance with your service agreement (e.g., with 90 days’ written notice before the end of the then-current term, unless your plan specifies a shorter notice period).

9.3 Termination by C2

C2 may suspend or terminate your access if you:

  • Fail to pay fees when due and do not remedy the failure within 14 days of written notice.
  • Materially breach these Terms or the DPA and fail to cure within 30 days of written notice.
  • Use the Platform unlawfully or in violation of GDPR.

C2 may also terminate these Terms on reasonable notice if required by applicable law or if the Platform is discontinued.

9.4 Effect of Termination

  • Upon termination, your right to access the Platform ceases and you must stop using it immediately.
  • You remain liable for all outstanding fees accrued up to the date of termination.
  • C2 will assist with data export per Section 6.5, subject to the timelines set out in Section 6.6.

10. Warranties and Disclaimers

10.1 C2 Warranties

  • C2 warrants that the Platform will perform substantially as described in its documentation and will be available at least 99.5% uptime per calendar month, as set out in Section 4.1.
  • C2 will provide services in compliance with GDPR and applicable industry standards.

10.2 Client Warranties

You warrant that you have full authority to enter into these Terms and that your use of the Platform complies with GDPR and all other applicable laws.

10.3 Disclaimers

Except as expressly stated in these Terms, the Platform is provided on an “as is” basis. C2 makes no further warranties, express or implied, including any implied warranties of satisfactory quality or fitness for a particular purpose. C2 does not warrant that the Platform will be error-free or uninterrupted at all times.

11. Limitation of Liability

11.1 Liability Cap

Subject to Section 11.3, C2’s total aggregate liability to you under or in connection with these Terms shall not exceed the total fees paid by you in the 12 months immediately preceding the event giving rise to the claim.

11.2 Exclusions

Subject to Section 11.3, neither party shall be liable to the other for any indirect, incidental, consequential, or punitive damages arising out of or in connection with these Terms, including loss of profits, loss of revenue, or loss of data, even if that party has been advised of the possibility of such damages.

11.3 Exceptions

The limitations and exclusions in Sections 11.1 and 11.2 do not apply to liability arising from: (a) gross negligence or wilful misconduct; (b) GDPR violations or breach of the DPA; (c) breach of confidentiality obligations under Section 8; or (d) any liability that cannot be excluded or limited by applicable Dutch law.

12. Indemnification

12.1 C2 Indemnity

C2 will defend and indemnify you against third-party claims alleging that the Platform, as provided by C2 and used in accordance with these Terms, infringes any third-party intellectual property rights, provided you: (a) notify C2 promptly in writing of such claim; (b) grant C2 sole control of the defence and settlement; and (c) reasonably cooperate with C2 in the defence.

12.2 Client Indemnity

You will defend and indemnify C2 against third-party claims arising from: (a) your misuse of the Platform in breach of these Terms; (b) your violation of GDPR or other applicable data protection laws; or (c) any intellectual property infringement arising from Client Data you have uploaded to the Platform.

13. Governing Law and Dispute Resolution

13.1 Governing Law

These Terms and any dispute or claim arising out of or in connection with them (including non-contractual disputes or claims) are governed by and construed in accordance with the laws of the Netherlands, subject to GDPR.

13.2 Dispute Resolution

In the event of a dispute, the parties will first attempt to resolve the matter through good-faith negotiations for a period of at least 30 days from the date one party notifies the other in writing of the dispute. If the dispute is not resolved through negotiation, it shall be referred to and finally resolved by binding arbitration under the rules of the Netherlands Arbitration Institute (NAI), with the seat of arbitration in Amsterdam, the Netherlands, conducted in English. The arbitral award is final and binding on both parties. Nothing in this Section prevents either party from seeking urgent interim or injunctive relief from a court of competent jurisdiction.

14. Miscellaneous

14.1 Entire Agreement

These Terms, together with your service agreement and the DPA, constitute the entire agreement between the parties with respect to the subject matter hereof, and supersede all prior and contemporaneous agreements, representations, and understandings.

14.2 Amendments

C2 may update these Terms at any time. For material changes, C2 will give at least 30 days’ written notice before the change takes effect, either by email to the address associated with your account or by posting a prominent notice at www.cognitis.cloud. If you object to a material change, you may terminate your Subscription Plan within the notice period in accordance with Section 9.2. Continued use of the Platform after the effective date of any change constitutes your acceptance of the updated Terms.

14.3 Assignment

  • You may not assign or transfer these Terms or any rights or obligations under them without C2’s prior written consent, except in connection with a merger, acquisition, or sale of all or substantially all of your assets.
  • C2 may assign these Terms to a successor entity without your consent, provided the successor assumes all of C2’s obligations under these Terms.

14.4 Force Majeure

Neither party will be liable for any delay or failure to perform its obligations under these Terms to the extent caused by circumstances beyond its reasonable control, including natural disasters, acts of government, internet or telecommunications outages, or pandemics, provided the affected party notifies the other promptly and takes reasonable steps to mitigate the impact.

14.5 Notices

All notices required or permitted under these Terms must be in writing and delivered by email. Notices to C2 should be sent to c2.hris@cognitis.cloud. Notices to you will be sent to the email address associated with your account. Notices are effective upon confirmed receipt.

14.6 Severability

If any provision of these Terms is held to be invalid, illegal, or unenforceable, that provision will be modified to the minimum extent necessary to make it enforceable, and the remaining provisions will continue in full force and effect.

14.7 No Waiver

Failure by either party to enforce any provision of these Terms on one occasion shall not be construed as a waiver of that party’s right to enforce that provision on any future occasion.

15. Kontakt Information

For questions about these Terms or your service agreement:

C2 HRIS Platform
Email: c2.hris@cognitis.cloud
Webseite www.cognitis.cloud

For GDPR compliance, DPA questions, data subject rights requests, or DSAR submissions:

Data Protection Officer (DPO)
Email: dpo@cognitis.cloud

For platform support and technical assistance:

Unterstützung
Email: support@cognitis.cloud
Contact form