User agreement and data protection information for the supplier portal of Deutsche Telekom MMS GmbH

Content
1. User agreement
2. Data protection

1. User agreement

1.1. Preamble

Deutsche Telekom MMS GmbH (hereinafter referred to as “Telekom MMS”) shall be the owner of this portal. The following conditions shall regulate use of the portal. As a user of the portal, you shall be entitled to access the portal and use the services and content solely for purposes related to the (intended) business relationship with Telekom MMS.

You can refer to the latest version of the user agreement at any time in your account under “Terms & Conditions”.

1.2. Scope of application

Telekom MMS has created the portal and maintains it to provide you with a collection of materials in which you and other interested parties (individually the user and collectively referred to as the users respectively) can obtain or share information on purchasing-specific topics of Telekom MMS. If you access or use the portal on behalf of your employer or as a consultant or representative of a third party (collectively referred to as your company) please declare and guarantee that you are authorized to act on behalf of your company and to bind it legally to the conditions of this User Agreement (NV), whereby any reference to “you” implies “your company”.

1.3. Scope of regulations

Unless otherwise agreed in writing in a separate agreement between your company and Telekom MMS (collectively also referred to as “Business Partner”), this user agreement shall be applicable for your access to the portal and its use, the content and other services (all services) that are provided on the portal. Furthermore, use of the portal as well as the content and services may also be subject to disclaimers, legal notices, click-through agreements or other legal agreements (additional legal regulations respectively) that may be published on other websites of Telekom MMS. This user agreement and the corresponding additional legal provisions (collectively referred to as the key provisions) shall constitute a legally binding agreement between you and Telekom MMS with respect to your access to the portal and use of the content and services available on the portal. In the event of a conflict, the additional legal provisions shall take precedence over the provisions of this user agreement. By accessing or using the portal, you accept this user agreement and shall ensure compliance with it. If you do not agree to the provisions of this user agreement, you may neither access nor use the portal.

1.4. Range of services

The portal has a publicly accessible section as well as a non-public section. Registration and approval from Telekom MMS is required for the non-public section. After successful login, the non-public section can be accessed, and a basic offer and a role-specific offer of information and applications are available to the registered suppliers.

1.5. Costs

Telekom MMS shall not charge a fee for provision and use of the portal. If chargeable services are procured via the portal, then separate agreements shall be made. Telekom MMS shall not reimburse the expenses incurred by the user within the scope of using the portal, in particular those for internet use, self-administration and the acquisition of appropriate hardware and software.

1.6. Organizational requirements

Access to the non-public pages of the portal is restricted to the employees of Telekom MMS and the suppliers specified by Telekom MMS. The suppliers are registered in the portal database via a two-step registration process. Registration is done exclusively by authorized master/administrators within your company. The master/administrators are saved in the portal as standard contact persons for your company.

After you have submitted the data for the first part of the online registration process, an intermediate check is performed by Telekom MMS. If the check is positive, then you shall receive the access data (username and initial password). Telekom MMS shall reserve the right to decide whether the supplier is assigned access data. After logging on to the portal for the first time, the supplier is given access to the second part of the online registration process. After receiving the data of the second part of the online registration process, Telekom MMS shall check the data provided by the supplier. Telekom MMS shall reserve the right to decide whether the supplier is included in the portal database.

The supplier is not entitled to registration and inclusion in the portal database. The supplier shall guarantee the validity and completeness of the data entered by him in the online registration process.

The user must log in using his access data at the beginning of each use (session). T- Systems MMS shall reserve the right to subsequently withdraw access rights at any time and without prior notice. In case of a change in the data submitted by him, the supplier is obligated to correspondingly update the data saved in the portal immediately and without a prior request.

1.7. Technical access requirements

The current technical access requirements are internet and browser access.

1.8. Duration and scope of usage authorization

Usage rights for non-public pages of the portal are limited to employees of T- Systems MMS as well as employees of the suppliers specified by Telekom MMS. The aforementioned group of people may solely use the portal within the scope of the existing business relations with Telekom MMS. The use is limited in time and content to the fulfilment of the respective contractual obligations. Any use beyond this scope is excluded. This is applicable particularly even if the role assigned to the user includes unnecessary authorizations. Telekom MMS shall be entitled to determine the duration and scope of concrete access authorizations as well as the general scope of services that are offered within the portal.

If Telekom MMS terminates the relationship of use without a plausible reason, although the user requires the access to fulfil his contractual obligations towards Telekom MMS, then Telekom MMS cannot make any default claims due to the non-fulfilment of the obligations. The user as well as Telekom MMS may terminate the user relationship at any time.

1.9. Deletion of the registration

Telekom MMS shall reserve the right to delete those suppliers that have already registered and are included in the database from the portal, as well as some of the data submitted by them, at any time and without stating any reasons, as well as to block the access to the portal.

Suppliers can request deletion of their registration and all data included in the database of the portal in writing at any time and without stating reasons, provided that no transaction data is available. This data is deleted immediately if it does not conflict with the processing of ongoing contractual relationships. A request for deletion should be sent at the following email address: srm-eingang@t-systems-mms.com

1.10. Termination and responsibility

In the event of a substantial violation of the significant regulations on your part, Telekom MMS may, at its sole discretion, deny you the use of the portal at present or in the future. Telekom MMS also has the right to discontinue the operation of the portal at any time. Telekom MMS can remove content placed on the portal at its own discretion. Telekom MMS shall not be liable towards you or third parties for the discontinuation or changes in the content on the portal and/or the services.

If you send or upload confidential or protected content of third parties without their permission, or if you transfer or upload content that will affect, damage or otherwise compromise the operation of the portal or the computer systems of other users, then Telekom MMS shall be entitled to file criminal charges in order to hold you accountable under applicable law.

You agree to comply with the Code of Conduct of Deutsche Telekom AG and not to use the portal for the following purposes:

to publish, upload, post, dispatch email, transfer or otherwise make any content available a) for which you do not have an authorization to publish, b) which is illegal, harmful, vulgar, obscene, hateful or includes racial, ethnic or otherwise unacceptable statements, or c) which violates the intellectual property rights of a party, d) unsolicited and unauthorized advertising, contains advertising material, surveys, junk e-mail, spam, chain letters or any other type of request, be it of a commercial or other nature, e) contains a software virus, Trojan, worm, time bomb, cancelbot, corrupt file or any other computer file or software designed to damage the functionality of computer hardware or software or limit its operability;
to impersonate any other person or an organization, particularly a senior executive of Telekom MMS, Telekom employee or any third party, or otherwise misrepresent your association with a person or organization;
to forge email headers or otherwise manipulate identifiers in order to hide the origin of any content, which was transferred through the services;
to download files or content, which has been posted by other users that you may be aware of or should be aware of, this content may not be lawfully reproduced, displayed, stated or distributed in this manner
to access or disrupt the services or the servers or networks, which support these services, or violate any regulations, procedures, policies or other rules of networks, which are linked to the services
to violate any applicable laws or regulations of a regional, supraregional, national or international scope of applications;
to retrieve, record or store personal information or data of other users.

1.11. Due diligence obligations of the user

Access authorizations shall be granted on a personal basis. The user must ensure that no unauthorized third party is aware of his password. If the user observes that an unauthorized third party has gained access to his password, or suspects that his access data has been misused, then he must change his password immediately. In case this is not possible, he has to inform the standard contact immediately. In the event of a change of job and/or task, the user must initiate the correction of existing access authorizations with the standard contact in accordance with his changed task. Furthermore, the user is obligated to inform the responsible standard contact if the basis for the allocation of the access authorization is inapplicable, for example upon cessation of his employment with his company or in case of premature termination of the contractual relationship between T- Systems MMS and the supplier.

In the event of violation of these regulations, particularly, in case of misuse of the personal access data, Telekom MMS shall reserve the right to block the access authorization and to take further legal actions.

1.12. General terms and conditions of purchase

Within the scope of his registration, the supplier shall accept the general terms and condition of purchase and guidelines relevant for the respective contractual relationship. Telekom MMS shall reserve the right to customize these on significant grounds, e.g. due to a changes in law, high court legislation or market conditions. Customizations without impact on the regulation content are also possible without an important reason. The supplier shall be informed of the customization electronically. This information contains a hyperlink to the Deutsche Telekom Group website, where the amended provisions can be seen and downloaded. The new provisions shall be deemed accepted unless the supplier objects in writing within a period of two weeks from receipt of the communication regarding customization.

1.13. Confidentiality

Irrespective of any other existing legal or contractual obligations of privacy and confidentiality, the following shall be applicable indefinitely and thus also beyond the end of the user relationship:

The content of the portal, with the exception of those websites which are clearly marked as non-public, is designed as public domain and shall be subject to these conditions. You agree not to disclose any confidential or proprietary information, which you or your owner do not wish to be made public neither to Telekom MMS nor to any other users. Content which you submit on the portal or upload on this website shall NOT be deemed as confidential or proprietary, and you expressly acknowledge and agree to waive all rights to business secrets and other confidentiality rights with regard to such uploaded content. Apart from the abovementioned prominent limited rights, you shall not acquire any rights to confidential information.

You shall agree not to reproduce any confidential information, which is made accessible to you through the portal in any way, unless you are authorized to do so in case of a disclosure. Any duplication of confidential information of Telekom MMS shall remain the property of T- Systems MMS and must contain all instructions and notes on its confidential or protected nature, which are included in the original. You shall undertake a) to take all the appropriate steps (defined below) to treat all confidential information as highly confidential; b) to use confidential information only within the scope of your authorization as it was at the time of disclosure and c) not to disclose confidential information to third parties without the written consent of Telekom MMS. Apart from the abovementioned prominent limited rights, you shall not acquire any rights to confidential information. You may not use confidential information in any case to create, enhance, modify, rent, loan, sell, distribute or service, or create work that competes with the services partially or totally. In this user agreement, the term confidential information is used for all business and company secrets and other information and services , which are protected by Telekom MMS or third parties against unrestricted disclosure to others and that are deemed as confidential, that are accessed via a protected section of the portal or that can be identified as confidential based on the information and the nature and method of disclosure; reasonable steps refers to those steps that you and/or your company shall take to protect your own confidential information, and should not be less than the appropriate level of diligence.

Content is uploaded to the portal at your own risk for all public and non-public areas. Telekom MMS shall not assume responsibility for the use or misuse of such content by other users of the portal.

1.15. Liability

The portal shall be operated with due care. However, the availability of the portal and the correctness and accuracy of the information contained therein cannot be guaranteed. Any liability for damages arising directly or indirectly from the use or non-usability of the portal is excluded, unless it is the result of intentional or gross negligence. For clarification, it has been defined that the limitation of liability included in this section shall not affect the supplier’s right to hold Telekom MMS accountable for the non-availability of the portal as well as the incorrectness or inaccuracy of information claims of Telekom MMS against the supplier, provided that the portal was used in a manner that was contractually agreed upon and required for the provision of the supplier’s service. If the portal refers to internet pages that are operated by third parties, then Telekom MMS shall not assume responsibility for their content.

To the extent permitted by law, Telekom MMS and its associated companies, subsidiaries, senior executives, employees, agents, partners/suppliers and licensors shall not be liable to the user for direct, indirect, incidental, exemplary, damages or consequential damages, in particular in the form of damages for loss of profit, loss of use, loss of data and other non-pecuniary damage (even if Telekom MMS has been advised of the possibility occurrence of such damages), irrespective of the cause and whether these damages are due to the contract, tort or any other reason, based on the following:

the use or impossibility to use the portal or the services
the cost of procuring replacement goods and services resulting from the fact that content or services were not used or could not be used via the portal
unauthorized access to your communication or data or their modifications
the declarations or behavior of third parties on the portal
other facts related to the portal or the services.

Notwithstanding deviating regulations in this user agreement, these limitations shall not be applicable in the event of willful misconduct or gross negligence on the part of Telekom MMS and liability under the Product Liability Act.

1.16. Responsibility for links and content

Telekom MMS shall be solely liable for the content that is available on the portal within the scope prescribed by the German Telemedia Act (TMG). The portal may contain links to external websites and the information provided there by partners of Telekom MMS and third parties. T- Systems MMS shall not assume responsibility for content, changes or updates of linked websites. You shall further agree that Telekom MMS shall not be responsible or liable, neither directly nor indirectly, for any damage or loss caused or alleged to be caused by or related to the use or application of any content, goods or services available on these websites or through these linked websites. The person or organization providing the content shall solely be liable for all contributions, information, data, codes, texts, software, documentation, graphics, images, advertising material, videos, photos, messages or contributions in forums, wikis or blogs on the portal (content of any kind), whether publicly posted or personally forwarded.

1.17. Liability exemption

You shall agree to indemnify Telekom MMS, executive employees, partners/suppliers, employees and licensees and dismiss all possible claims and demands of the third-party (including appropriate legal fees), which are attributed to your content or your use of the portal or the services, your breaches of this user agreement or the copyright regulations and data privacy statement of Telekom MMS or an alleged breach of any other rights of third-party on your part.

1.18. Exclusion of software warranties

The portal, content and the services shall be provided without any warranty. Telekom MMS assumes no warrantee with respect to the features and quality of the portal, the content or the services and also does not assume any guarantees with respect to quality. Declarations and explanations regarding portal, content, software or services from the advertising material or on the portal and in the documentation are exclusively of explanatory nature. It does not represent any warrantee or assured qualities. You cannot derive any warranty or obligation from the descriptions and advertising texts published by Telekom MMS, except you were given an explicit and written confirmation of such by Telekom MMS. Warranties require the explicit and written confirmation by Telekom MMS.

Telekom MMS assumes no guarantees or warranties with respect to accuracy and reliability of (i) links of the websites of the third-party contained on the portal and the content available on such websites and (ii) the information provided by third parties on the portal. T- Systems MMS only checks, whether the content of the concerned websites contain evidently illegal content or violations of the rights of the third-party while inserting the link and information provided by the third-party on the portal. Telekom MMS does not check and test the linked websites and the information provided by the third-parties on a regular basis; however, deletes the corresponding links and/or information, if this is sufficiently displayed. Telekom MMS shall not be liable for any damages, which occur by using the content and/or information, unless the concerned damages are attributed to deliberate misconduct, severe negligence or non-fulfillment of inspection obligations by Telekom MMS according to the provisions contained here.

1.19. Trademark

Unless otherwise specified, all the trademarks used within the scope of the portal are protected by the trademark laws in favor of Telekom MMS or its associated companies. This is applicable especially for brands, type designations, logos and emblems.

1.20. Intellectual property rights, granting of license

If you have copyrights for the content, which you transfer to the portal, then the ownership of these rights, which you grant to Telekom MMS under this agreement, remains unchanged within the scope of all rights of use. No provision of this user agreement prevents you from providing your content to third-parties under a separate agreement or granting them the corresponding rights of use.

By transferring or uploading the content on the portal, you grant Telekom MMS the unlimited, unrestricted, irrevocable, free of charge and internationally valid right to use this content, to reproduce, customize, represent, apply, modify, transfer, translate, distribute and create from derived work; and to proceed with this content at discretion (including the right to further assign the above-mentioned rights). Furthermore, you shall declare and assume guarantee to Telekom MMS that you are authorized to grant these rights to Telekom MMS. Telekom MMS is free not to post or publish the content sent or uploaded by you. If Telekom MMS decides to post the content or publish, then Telekom MMS can decide in its discretion to withdraw the posted or published information due to any reasons and without any prior notice.

The copying, distribution, modification and public displaying or listing of copyright protected work without corresponding authorization represent a violation of rights of the copyright owner. You shall declare not to violate the intellectual property rights of Telekom MMS or third-parties in any way by using the portal. You shall not remove, overwrite or alienate the mentions of the originator, brands, logos, memorandums and other information regarding property from the source or copies of Telekom MMS and third-party software provider or from the content made accessible via portal. Intellectual property rights as defined in this agreement are all types of patents, design patents, utility patents or other rights to invent, copyrights, brands, rights to business secretes, confidentiality rights and all other immaterial property rights, which are globally recognized in any legal system, including the claims referring to this on the basis of legal provisions, customary law or contractual agreements, irrespective of, whether these are entered or registered or can be entered or registered, already exist or occur only at a later point of time or are applicable.

You shall agree to adhere to the conditions of preceding Telekom MMS copyright provisions.

1.21. Supplementary provisions for standard contacts

The following provisions are applicable for standard contacts. The standard contact is the central organizational contact person of the supplier within the scope of portal use. It organizes and coordinates the electronic communication between the supplier and Telekom MMS. The standard contact basically receives all the information, which is related to the operation and the use of portal server and has access to all the information of the portal server, which is determined for its company. The standard contacts are appointed by the respective supplier and act on their behalf. The standard contacts are responsible to mandatorily forward and confirm the approval applications of only the authorized persons to Telekom MMS via email to srm-eingang@t-systems-mms.com and ensure that the user agreement is adhered by the user of your company confirmed by Telekom MMS. You shall maintain the user data of your company at own responsibility and keep this up-to-date. You are obligated to initiate the correction of the existing access authorizations according to its changed task during the job and/or task change of the user, for example termination of its employment in its company or a premature termination of the concerned contractual relationship between Telekom MMS and the supplier. Furthermore, the standard contacts are obligated to deactivate or to delete the user data when the user is off-boarded or upon the request of the user. A deletion is possible only, if the transaction data is not yet available.

1.22. Continued existence

Your confidentiality obligations that are described here shall continue to exist even after the termination or deactivation of your access authorizations and other terminations of collaboration. In case of termination of your account or upon written request by Telekom MMS, you must stop using the confidential data and/or services and restore or destroy all the confidential information in your possession or under your control.

1.23. Final provisions

If the changes in this user agreement are required, then Telekom MMS shall inform the user about it and offer the continuation of the user relationship under changed conditions. If the user refuses the change, then Telekom MMS shall terminate the user relationship and delete the existing access authorizations. If a regulation of this user agreement is or becomes ineffective, then the validity of this user agreement shall not be affected. Telekom MMS and the supplier shall be obligated to act in good faith and within the scope of reasonability in terms of replacing the ineffective provision by equivalent, permitted provision in their economic success, if it does not lead to any significant change of the content. The provisions of these conditions as well as the legal relationships of parties are subject to the German Law. The place of fulfilment and exclusive place of jurisdiction for all disputes, which result from or in connection with this user agreement, is Dresden.

Terms of use of supplier portal
Deutsche Telekom MMS GmbH
Valid from: 23^rd March 2023
Replace the issue on 20^th January 2020

2. Data privacy statement

2.1. Which data is recorded, how is it used and how long is it stored?

a) While visiting the portal

While visiting the portal, the automatic information is sent to the server of our website through the browser used on your terminal device. This information is temporarily stored in a log file. Thus, the following information is recorded without your assistance and stored till the automatic deletion:

IP-address of the requesting computer,
Date and time of the access,
Name and URL of the retrieved file

The logged data is exclusively used for the purpose of data security, especially for protection against hacking attacks on our web server and for statistical evaluations. It is neither used for creating individual user profiles nor forwarded to the third-party and is deleted after 7 days.

The legal basis for the data processing is Art. 6 Abs. 1 S. 1 lit. f GDPR. Our legitimate interest is followed by above listed purposes for data collection. We never use the collected data for the purpose of drawing conclusions about you personally.

b) while using the portal

A stable communication between the business partners is essential, in order to ensure the business processes in the applications. Thus, the data must be stored in the portal while setting up your account and creating business data, from which some can also be of personal nature. The storing of contact information is required, in order to collect the information between different business partners within the (purchase) organization as well as between (purchase) organization and their suppliers. For this purpose, we save your personal data (including your username, password, name, address, email address, landline number, mobile number, fax number and your profile photo). If you participate in the purchase processes (e.g. for requests, RfPs, auctions, contracts, orders etc.), then this data can be displayed to the other users participating in this process (who are authorized to access these processes).

Furthermore, the business-critical transaction data, which serve the revision purposes, is stored in the internal logs, as this is required for an effective monitoring of business processes. This includes the access (read-only mode) to critical data, files or application pages as well as changes in this data (write mode), which are made in your account.

Personal data is to be deleted, if there is no need for further storage. The data is required and stored at least for the duration of business relationship. In case of existence of the legal retention period, the deletion comes into question only after the expiry of respective retention period.

The legal basis for data processing is 6 Abs. 1 S. 1 lit. a, 6 Abs. 1 S. 1 lit. b and. 6 Abs. 1 S. 1 lit. f GDPR.

c) while activating our customer support

If you seek the customer support and report a problem with respect to your user account or associated transaction data, an expert may access this account, in order to provide a solution. If in this case you give your consent, your access data shall be used by Telekom MMS exclusively for resolving the problem reported by you.

The legal basis for the data processing is Art. 6 Abs. 1 S. 1 lit. a GDPR.

d) Use of cookies

We use cookies, in order to provide you an optimal website-experience. These are small text files, which are stored on your computer. This portal exclusively uses technically required cookies. These cookies are required, so that you are navigated through the pages and can use significant functions. It enables basic functions.

Company	Purpose	Validity
Order processor	Status of settings for pop-up-windows As the pop-up-window is required for using the portal, the corresponding setting in your browser is checked and information regarding this is displayed, if required.	30 days
Order processor	For conducting the session, without having to login again	Session
Order processor	Status of table layout (columns expanded or compressed) Stores the settings, in order to be able to show you the same layout in all the tables	7 days

Legal basis for these cookies is Art 6 Abs 1 S. 1 lit. b GDPR.

2.2. Who is responsible for the data processing? Who is my contact person at Telekom MMS, if I have questions regarding data protection?

Deutsche Telekom MMS GmbH, Riesaer Straße 5, 01129 Dresden is the data owner. Our data protection officer is Mr. Dr. Claus D. Ulmer, Friedrich-Ebert-Allee 140, 53113 Bonn. In case of questions as well as asserting your rights as concerned person, please get in touch with us at: mms-datenschutz@t-systems.com.

2.3. Which rights do I have?

You have the right,

a) to request information regarding categories of processed data, processing purposes, possible recipients of data, the planned storage period (Art. 15 GDPR);

b) to request the authorization or addition of unauthorized or incomplete data (Art. 16 GDPR);

c) to revoke the given consent at any time with future effect (Art. 7 Abs. 3 GDPR);

d) to contradict a data processing, which should be done on the basis of legitimate interest, for reasons, which result from your special situation (Art 21 Abs. 1 GDPR);

e) to request deletion of data in specific cases within the framework of Art. 17 GDPR - particularly if the data is no longer required for the intended purpose or processed illegally or you have revoked your consent according to above mentioned point (c) or declared contradiction according to above mentioned point (d). The deletion results in deactivation of your account. An access to your transaction data is no longer possible from this moment. The deletion of your personal data can be requested within the portal for the support address mentioned there. Please note that the integrity of log files of application remains unchanged even after deleting your personal data from the applications. These log files include business-critical transaction data, which serve as a basis for revision purposes.

f) to request the restriction of data under certain conditions, if a deletion is no longer possible or the obligation to delete is disputed (Art. 18 GDPR)

g) on data portability i.e., you can receive your data provided to us, in a common machine-readable format such as CSV and transfer to other, if required (Art. 20 GDPR;)

h) to lodge a complaint about the data processing to the responsible supervisory authority (Art. 77 GDPR).

2.4. To whom and under which conditions Telekom MMS forwards my data?

To order processor, i.e. companies, which we commission in the legally provided framework with the processing of data, Art. 28 GDPR (service provider, agents).Furthermore, Telekom MMS is also responsible in this case for the protection of your data.
On the basis of legal obligation: In specific cases, we are legally obligated to transfer the specific data to the requesting public authority.

2.5. Where is my data processed?

Your data is basically processed in Germany and in foreign countries within Europe. Your data is rarely processed in countries outside European Union (in so-called third-countries), if you have expressly agreed to this or it is required for our service provision or it is legally provided (Art. 49 GDPR). Furthermore, your data is processed in third-countries only if using specific measures, it is ensured that an appropriate data protection level is available for this (e.g. adequacy decision of EU-commission or suitable guarantees, Art. 44ff. GDPR).

Status of data protection information: 23^rd March 2023
You can access the data protection information at any time under “Terms & Conditions” in your account.