Only the German version is legally binding.
1. Scope and exclusive application
These General Terms and Conditions (hereinafter "GTC") govern the contractual relationship between Grafenau digital solutions GmbH, Moosweg 2a, 9520 Treffen am Ossiacher See, Austria, FN 588872 p (hereinafter "Provider" or "we") and its customers (hereinafter "Customer" or "you") regarding the provision of Software-as-a-Service products, in particular GK Routenplaner and TomsClock (hereinafter "Service" or "SaaS service").
These GTC apply exclusively. Conflicting, deviating or supplementary general terms and conditions of the Customer do not become part of the contract unless we have expressly agreed to their application in writing. This also applies if we render the service without reservation despite being aware of the Customer's conflicting terms.
Important — business-to-business (B2B) only:
Our SaaS services are aimed exclusively at entrepreneurs within the meaning of § 1 UGB (Austrian Business Code) or § 14 BGB and at legal persons under public law. Concluding a contract with consumers within the meaning of § 1 KSchG is excluded. By concluding the contract, the Customer confirms that they are acting as an entrepreneur and in no way as a consumer. The provisions of the Consumer Protection Act (KSchG) do not apply.
2. Subject matter of the contract and description of services
The subject matter of the contract is the time-limited, paid provision of a cloud-based software application via the internet (Software-as-a-Service). The specific scope of functions results from the product description valid on our website at the time the contract is concluded, as well as from the currently applicable version of the software.
The software is hosted on our servers or the servers of our sub-processors and is made available to the Customer for use via a standard web browser or a progressive web app. The Customer acquires no ownership and no copy of the software, but merely a simple, non-transferable, non-sublicensable right of use for the duration of the contractual relationship.
We expressly reserve the right to further develop the software at any time and to add, change or remove functions, provided this is reasonable for the Customer. There is no entitlement to the unchanged continuation of individual functions.
3. Conclusion of the contract
The SaaS services presented on our website do not constitute a binding offer, but merely an invitation to submit an offer. The contract is concluded in one of the following ways:
- by creating an account in the Provider's Ultra Admin Dashboard following individual arrangement,
- by self-registration (where technically enabled),
- by taking out a subscription via the checkout function integrated into the product (via Stripe).
The contract is only concluded upon our express acceptance, but at the latest upon activation of access.
4. Trial period
New customers are granted a 30-day free trial period ("trial") for GK Routenplaner. During this trial period, the full range of functions is available. The trial period begins when the customer account is created and ends automatically 30 days later, without the need for a separate termination.
After the trial period ends, access to the service is blocked unless the Customer takes out a paid subscription. The data entered during the trial period is initially retained during this time — however, the deletion periods set out in section 9 of these GTC apply.
There is no entitlement to be granted a trial period. We reserve the right to shorten or end the trial period at any time without giving reasons.
5. Prices and payment terms
At the time of this version of the GTC, the prices for GK Routenplaner are:
- Monthly subscription: EUR 149 net per month (plus statutory VAT), recurring
- One-off setup fee: EUR 799 net (plus VAT), one-off upon conclusion of the contract
- Promotional prices: From time to time we offer temporary or permanent promotions (e.g. discounts on the setup fee). The applicable prices are shown transparently at checkout.
All prices are in euros, plus the statutory VAT applicable at the time. The first payment (setup fee + first monthly instalment, less any active promotions) is due upon conclusion of the subscription and is collected via our payment service provider Stripe Payments Europe Ltd. Subsequent monthly instalments are automatically debited on the same day of the following month.
We reserve the right to adjust prices with a notice period of at least 30 days. In the event of price increases, the Customer has an extraordinary right of termination effective as of the date the new prices take effect. If the Customer does not terminate within 14 days of the announcement of the price adjustment, this is deemed to be acceptance of the new price.
In the event of late payment, we are entitled to demand default interest of 9.2 percentage points above the base interest rate (§ 456 UGB) as well as reimbursement of reminder and collection costs. In the event of repeated late payment or failed debit, access to the service may be blocked.
6. Contract term, termination, reactivation
The subscription runs for an indefinite period and can be terminated by the Customer at any time, without giving reasons, effective at the end of the current billing period (i.e. at the end of the paid month). Termination is conveniently carried out via the integrated Stripe Customer Portal (the "Payment" tab in the admin area) or by email to office@grafenau.at.
After termination, access to the service remains fully available until the end of the paid period. Access is then blocked and the data deletion period pursuant to section 9 begins.
Our right to extraordinary termination for good cause remains unaffected. Good cause exists in particular in the case of: gross breach of these GTC by the Customer, repeated late payment, unlawful use of the service, misuse to circumvent technical protection measures, or endangering the security or availability of the service for other customers.
Reactivation within the grace period: The Customer can be reactivated within the 30-day grace period (see section 9) by taking out a new subscription. In this case, no new setup fee is charged — only the monthly subscription is reactivated. After the grace period has elapsed and deletion has taken place, reactivation is no longer possible; a new contract including a setup fee can be concluded.
7. Customer obligations
The Customer is obliged:
- to provide complete, truthful and up-to-date information at all times when concluding the contract and during the contract term,
- to keep the access data provided to them (username, password, 2FA codes) confidential and to protect it from access by unauthorised third parties,
- to use secure passwords in accordance with the state of the art and to change them regularly,
- to inform us without undue delay if unauthorised access is suspected,
- to use the service only as intended and in compliance with applicable laws — in particular not to enter or upload any unlawful or criminal content or content that infringes the rights of third parties,
- not to attack, overload or circumvent the technical infrastructure of the service (no reverse engineering, no brute force, no scraping, no security scans without our express written permission),
- when processing personal data of third parties (e.g. the Customer's end customers), to independently fulfil the data protection obligations and to obtain the necessary consents,
- to take care of the regular backup of the data entered into the service themselves (see section 11). The Customer can request a data export at any time via the product interface or by request to office@grafenau.at.
In the event of a breach of these obligations, we are entitled to block access to the service and to terminate the contractual relationship extraordinarily. The Customer is liable for all damages incurred by us as a result of a breach of these obligations and indemnifies us against claims by third parties resulting from unlawful use.
8. Data protection and processing on behalf of a controller
We process the Customer's personal data and the data entered by the Customer within the service in accordance with the provisions of the Privacy Policy, which forms part of these GTC.
Insofar as the Customer processes personal data of third parties (in particular end-customer data) when using the service, the Customer is the controller within the meaning of the GDPR. The Provider processes this data exclusively on instructions as a processor pursuant to Art. 28 GDPR.
The provisions on processing on behalf of a controller (DPA) are contained in the Privacy Policy under the section "Software-as-a-Service (SaaS) products". Upon conclusion of the contract, this section is deemed to be a data processing agreement agreed in writing pursuant to Art. 28(3) GDPR. At the Customer's request, a separate DPA can also be signed; the request should be directed to office@grafenau.at.
9. Data deletion after the end of the contract
Upon the end of the contractual relationship (through termination or extraordinary termination), the following deletion periods apply:
- Blocking of access: Immediately upon expiry of the paid period or when the extraordinary termination takes effect.
- Grace period (30 days): The data is retained in our systems for a further 30 days. During this time, the Customer can request an export of their data or reactivate their subscription.
- Irrevocable deletion after 30 days: After the grace period has elapsed, all data of the Customer — including all end-customer data, documents, photos, reports, routes, appointments, employee data, usage history and technical metadata — is deleted irrevocably and completely. This includes data in the database, in the object storage and in all backups.
- Exception: Invoice-relevant data and documents that we are legally obliged to retain (in particular § 132 BAO — 7 years) are kept separately and deleted after the statutory periods have elapsed.
After the grace period has elapsed, there is no further entitlement to recovery, release or provision of the deleted data — not even for a fee. The Customer is responsible for exporting their data in good time before the grace period ends.
10. Availability of the service
We strive for the highest possible availability of the service, but do not owe any specific availability. Neither a service level agreement (SLA) nor a guaranteed uptime is assured.
In particular, we are entitled to temporarily suspend the service for the following reasons, without the Customer being entitled to any claims as a result:
- scheduled maintenance work (where possible outside normal business hours),
- unplanned maintenance or repair of hardware or software,
- security incidents that require a block,
- failure of sub-processors (Hetzner, Stripe, Google, Mailjet),
- force majeure, power outages, network outages, DDoS attacks, hacker attacks, pandemics, official orders,
- events beyond our control.
11. Exclusion and limitation of liability
Please read this section particularly carefully. By concluding the contract, you expressly agree to the following exclusions of liability.
11.1 Principle
We are liable exclusively for damages based on intent or gross negligence on our part. For slight negligence we are not liable to the full extent, insofar as this is legally permissible. As the contract is concluded exclusively with entrepreneurs within the meaning of the UGB, this exclusion of liability is permissible under Austrian law (§§ 879, 1293 et seq. ABGB in conjunction with the UGB).
Liability for personal injury (life, body, health) remains unaffected and is neither excluded nor limited. The same applies to mandatory statutory grounds for liability (e.g. the Product Liability Act).
11.2 Exclusion of liability for consequential and financial damages
We are in no case liable — not even in the case of gross negligence, insofar as legally permissible — for:
- lost profit,
- loss of revenue,
- business interruptions,
- production losses,
- lost orders,
- lost customers or customer relationships,
- indirect damages and consequential damages of any kind,
- reputational damage,
- non-material damages.
11.3 Explicit exclusion in the event of data loss — NO BACKUPS
⚠️ Important note: We do NOT create backups of your data!
Grafenau digital solutions GmbH operates the SaaS service without its own backup infrastructure for customer data. Neither daily nor any other automated backups of the data you enter into the service (end-customer data, documents, photos, reports, routes, appointments, employee data, etc.) are created. In the event of a technical defect, a failure of our sub-processors, a security incident or for other reasons, a complete, irrevocable loss of data may occur. Recovery from backups is then technically not possible.
The Customer is obliged to back up the data regularly themselves — at least weekly, and daily in the case of intensive use. The export function integrated into the product interface is available for data export; alternatively, the export can be requested from us in writing (office@grafenau.at). The exported data must be kept by the Customer in a secure location independent of our systems (e.g. their own server, external hard drive, their own cloud storage).
By concluding the contract, the Customer confirms that they have been informed of the absence of backups by the Provider and accepts personal responsibility for backing up the data.
We accept no liability whatsoever for data loss or data corruption — regardless of the cause. This includes in particular (but not exclusively):
- loss of customer data, end-customer data, employee data, documents, photos, reports, routes, appointments,
- data loss due to failure of our servers or the servers of our sub-processors (Hetzner, Stripe, Google, Mailjet),
- data loss due to faulty software, bugs, updates, migrations, schema changes,
- data loss due to incorrect entries, operating errors or accidental deletions by the Customer themselves or their employees (including in the case of soft delete and subsequent grace-period deletion),
- data loss due to synchronisation errors between offline and online components (in particular in the technician portal with local IndexedDB and outbox pattern),
- data loss due to automatic deletion after the end of the contract (section 9 — grace period),
- data loss due to ransomware, hacker attacks, database corruption, hard drive defects,
- data loss due to force majeure, disasters, acts of war, sabotage, pandemics, official orders,
- consequential damages arising from data loss (e.g. lost orders, recourse claims from end customers, reputational damage).
A failure by the Customer to back up data regularly constitutes predominant contributory negligence within the meaning of § 1304 ABGB, as a result of which any liability on our part is entirely excluded. If the Customer has no current backup of their own, they cannot assert any claims against us in the event of damage.
By concluding this contract, the Customer expressly warrants that they (a) have understood the duty to cooperate by backing up data independently, (b) actually fulfil this duty and establish a documented backup process, and (c) expressly waive the setup of backups by the Provider.
11.4 Exclusion of liability for IT security incidents
We are not liable for damages resulting from attacks, unauthorised access or data leaks, insofar as this is legally permissible. This includes in particular:
- hacker attacks, DDoS attacks, ransomware, malware infection,
- injection of malicious code, phishing, social engineering,
- spying out of access data (even if the attack takes place on the Customer's side),
- data leaks at our sub-processors (Hetzner, Stripe, Google, Mailjet) or at their subcontractors,
- zero-day vulnerabilities in the libraries, operating systems or infrastructure components used,
- compromised transport routes (man-in-the-middle, DNS hijacking, BGP routing attacks),
- misuse of the API by the Customer or by third parties authorised by the Customer,
- security incidents resulting from the Customer's inadequate password security,
- compromise of the Customer's devices or networks.
We merely undertake to secure the service against known threats in accordance with the generally recognised state of the art (see technical and organisational measures in the Privacy Policy). Absolute security is technically impossible and is not owed by us. In the event of security incidents, we will inform the Customer in accordance with the notification obligations of the GDPR (Art. 33, 34 GDPR).
11.5 Exclusion of liability for data accuracy and functionality
We accept no liability for the accuracy, timeliness, completeness or plausibility of the data entered by the Customer or calculated by the service. This applies in particular to:
- automatically generated reports, PDFs and documents,
- calculated routes, estimated travel times and distances,
- geocoded address data (coordinates),
- KPIs, statistics, dashboards and analyses,
- maintenance appointments, reminders, notifications,
- invoice amounts and price calculations (the automated pricing is purely supportive — only the invoices approved by the Customer are legally binding).
The Customer is obliged to check all outputs generated by the service for plausibility, accuracy and completeness on their own responsibility before using them towards third parties (in particular in the case of legally binding documents such as maintenance reports, inspection protocols, signatures). We are not liable for damages arising from the unchecked use of automatically generated outputs.
11.6 Liability for third-party services
Our service integrates external services, in particular Google Maps / Google Routes (geocoding, route calculation), Stripe (payment processing), Mailjet (email delivery), Hetzner (hosting/storage). We accept no liability for the availability, functionality, accuracy and security of these third-party services. Claims by the Customer due to failure, malfunction or data protection breach by third parties must be directed exclusively at the respective third-party provider.
11.7 Amount of liability (insofar as any liability exists at all)
Insofar as we are liable at all under the preceding sections, liability is limited per damage event and per calendar year to a maximum of the total of the subscription fees (excluding the setup fee) actually paid by the Customer in the last 12 months before the event giving rise to the damage. This maximum liability limit also applies if several damage events are based on a single cause.
11.8 Limitation period
Notwithstanding § 1489 ABGB, any claims for damages by the Customer against us become time-barred within six months of becoming aware of the damage, but at the latest within one year of the event giving rise to the damage.
12. Warranty
The service is provided "as is". We do not owe any specific properties or functions. The warranty is limited to the elimination of reproducible, serious errors (total failure, serious data corruption) and is provided at our discretion by rectification or replacement.
For entrepreneurs, the statutory warranty pursuant to §§ 922 et seq. ABGB is reduced to 6 months from handover (activation of the service). Obvious defects must be reported in writing within 7 days of discovery; hidden defects within 7 days of becoming aware of them. A later notice of defects is excluded (§ 377 UGB — duty to give notice of defects in commercial transactions).
13. Intellectual property
The software, the design of the interface, all logos, brand names, texts, graphics, icons, photos, program code and all other copyright-protected elements of the service are the exclusive property of Grafenau digital solutions GmbH or its licensors. By taking out the subscription, the Customer acquires merely a simple, non-transferable, non-sublicensable right of use for the duration of the contractual relationship.
In particular, the Customer may not: copy, decompile, disassemble, reverse-engineer, modify, extract parts of or reuse the software in their own products, make it available to third parties for use (not even for a fee), or offer it as a white-label solution.
The content and data entered into the service by the Customer remain entirely the property of the Customer. However, the Customer grants us a non-exclusive right of use to this data, unlimited in time and space, insofar as this is necessary to provide the service (technical storage, processing, display to authorised users). This right of use ends with the deletion of the data pursuant to section 9.
14. Amendments to the contract
We reserve the right to amend these GTC at any time. Amendments are communicated to the Customer at least 30 days before they take effect, by email to the administrator address on file as well as by a notice within the service. If the Customer does not object to the amendment within 14 days of receiving the notification, this is deemed to be consent. In the event of a timely objection, we are entitled to terminate the contractual relationship extraordinarily as of the date the amendments take effect.
15. Force majeure
Neither party is liable for delays or non-performance of the service due to events of force majeure. Force majeure includes in particular: natural disasters, wars, terrorist attacks, pandemics, strikes, official orders, power outages, network outages, internet backbone outages, large-scale cyberattacks, as well as all comparable events beyond the control of the affected party.
16. Written form
Amendments and additions to this contract must be made in writing. This also applies to any amendment of this written-form clause. There are no verbal side agreements. Electronic form (email) is deemed equivalent to written form.
17. Place of jurisdiction, applicable law
All disputes arising from or in connection with this contract are governed exclusively by Austrian law, excluding its conflict-of-law rules and the UN Convention on Contracts for the International Sale of Goods (CISG).
The exclusive place of jurisdiction for all disputes arising from or in connection with this contract is the court with subject-matter jurisdiction at the registered office of Grafenau digital solutions GmbH (Klagenfurt, Austria). However, we are also entitled to sue the Customer at their general place of jurisdiction.
18. Severability clause
Should individual provisions of these GTC be or become wholly or partially invalid, void or unenforceable, the validity of the remaining provisions is not affected thereby. The invalid, void or unenforceable provision is replaced by a valid provision that comes closest to the economic purpose of the invalid provision. The same applies in the event of a gap in the provisions.
19. Status of the GTC and contact
These GTC are valid from 11.04.2026 and replace all previous versions. Please direct any questions about these GTC to:
Grafenau digital solutions GmbH
Moosweg 2a
9520 Treffen am Ossiacher See
Austria
Email: office@grafenau.at
Phone: +43 664 / 4128491
Company register number: FN 588872 p
VAT ID: ATU78591169
These GTC have been drafted carefully to the best of our knowledge and taking into account the current Austrian legal situation. However, they do not replace individual legal advice. Grafenau digital solutions GmbH recommends that customers consult their own lawyer in case of uncertainty. Grafenau digital solutions GmbH accepts no liability for the legal validity of each individual provision.