Terms of Service and Data Processing Addendum

The agreement between ContentPaul and its users that governs the services provided.

Terms of Service
Data Processing Addendum (DPA)

Terms of Service

  1. Scope

    1. ContentPaul AG, Giesshübelstrasse 106, 8455 Zurich (Company) offers a content operations and digital marketing platform via the website application (and if available the corresponding native application) of the Company (Service).
    2. These Terms of Service (Terms of Service) cover the use of the Service by a natural person or legal entity (Customer).

  2. Conclusion of the Agreement

    1. The agreement between the Company and the Customer (Agreement) is concluded by acceptance of an order form of the Company (Order Form) by the Customer, by an electronical order by the Customer through the Company’s website (e.g. via clicking corresponding checkboxes and/or purchase button during the login and/or order process) or at latest when the Customer starts using the Service. The Terms of Service and – if applicable - the Order Form of the Company are an integral part of the Agreement.

    2. If a natural person is acting on behalf of a legal entity, such natural person confirms that:

      1. he/she has full legal authority to bind the legal entity (e.g. its employer) to the Agreement; and
      2. he/she agrees to the terms of the Terms of Service on behalf of the legal entity.

    3. If a natural person is acting for itself, the natural person confirms that he/she:

      1. is at least 18 years; or if he/she is younger than 18 years, he/she has the legally valid consent of its legal representatives to conclude the Agreement; and
      2. he/she agrees that he/she has read, understood and is bound to the Terms of Service.

  3. The Service

    1. Description. The Service provided by the Company to the Customer includes a platform accessible via the Company’s website application (and if available the corresponding native application) (Software-as-a-Service) (Platform) and accompanying services according to these Terms of Service and if applicable the Order Form. The Platform offers tools for the creation, planning, approval and publishing of marketing and communication content as well as asset management and collaboration features.
    2. AI features. The Company may use artificial intelligence ("AI") technologies to enhance the functionalities of the Platform. These technologies may help the Customer especially to improve texts and pictures within the Platform. We provide AI technologies of the Company or of certain Subcontractors (see 10.7). The Customer may opt out of the AI features, which will limit the functionality of the Platform accordingly.
    3. API. The Company may provide API (application programming interfaces) as part of the Platform which enable the Customer to access or use a third party's application, service, software, network, website, database, or information via the Platform. The Customer's access to and use of such third-party services are subject to the terms, disclaimers, and policies of that third-party provider. The Company is not responsible or liable for, and makes no representations as to, any aspect of such third-party services.
    4. Plans. The Company will provide the Customer with Services as specified in the Order Form or as chosen by the Customer via the website of the Company. The Company may offer the Service in various plans (Plan(s)), (e.g. with different sets of features or modules, higher Limits than the standard Limits – regarding Limits see section 3.5).
    5. Service Limits. The Company may set and enforce limits on the use of the Service by the Customer, including the number of Users, workspaces, projects, storage capacity (Limits). The Limits are defined in the Order Form or on the Company’s website. Unless agreed otherwise the storage capacity is limited to 50 GB per Customer. The Company may monitor the Customer’s use of the Service to ensure compliance with the Limits. If the Customer exceeds the applicable Limits,
      (a) Customer will be required to pay a higher price according to the applicable Plan for the relevant Term and
      (b) Company may temporary suspend access of the Customer to the Service until compliance with the Limits is restored or the higher price is paid.
    6. Monitoring. The Company may monitor the Customer’s use of the Service to ensure quality, security and compliance with these Terms of Service, including by employing technical measures. The Customer will not interfere with such monitoring. The Company may audit (or appoint an independent auditor subject to appropriate confidentiality obligations to audit) the Customer’s systems and records to confirm compliance with these Terms of Service. The Customer will provide the Company with any documentation that the Company reasonably re-quests to demonstrate your compliance with these Terms of Service.
    7. Updates. The Company may, in its sole discretion, at any time, with or without notice, and without liability to the Customer, make updates to the Service, and change or discontinue the availability of certain functionalities of the Service.
    8. Availability, Maintenance and Support. The availability and maintenance of the Service are provided on a best-effort basis. Customer support is provided on best effort basis.

  4. Customer’s Obligations

    1. Platform Access Information. The Customer provides all details and information requested by the Company for accessing the Platform.
    2. Users. Any individual person who accesses and/or uses the Platform through the Customer’s account (User) is assigned unique login credentials that grant the User access to the Platform. The Customer is responsible for all Users assigned to its account (i.e. employees of Customers, employees of third parties such as employees of agencies or clients of agencies etc.) and has to instruct its Users to comply with the Agreement and especially these Terms of Service. The Customer is fully liable towards the Company for the behavior of all its Users in connection with the Agreement.
    3. Credentials. The Customer and its Users will keep its credentials and all login information related to the account secure. The Customer and its Users will not share its login credentials with any third party.
    4. Lawful use of Service. The Customer must only use the Service in a manner that is compatible with applicable laws and regulations. The Customer must use the Platform in a manner that is lawful, ethical, and in compliance with these Terms of Service. The Customer must not use the Service for any illegal or unauthorized purposes. The Customer’s use of the Service must not infringe or violate any rights of third parties (including but not limited to intellectual property rights of third parties). The Customer must not upload or store any illegal, harmful or otherwise infringing files on or via the Platform. The Customer must not engage in any activities that could harm the functionality or security of the Platform or that could otherwise violate these Terms of Service.
    5. Data. While using the Service the Customer will share certain information (e.g. text, images and videos) (Data) with the Company. The Customer warrants that the Data does not comprise any unlawful or illegal content and in no way infringes any personal, intellectual or other rights of third parties. The Customer represents and warrants and will continuously ensure that it has the rights and/or the sufficient licenses or permissions to share the Data with, and make the Data available to the Company.
    6. Personal Data. Customer confirms that it is allowed to share with Company any personal data which are part of the Data.
    7. Notification. The Customer shall promptly notify Company of any suspected or alleged violation of the Terms of Service and shall cooperate with Company with respect to investigation of any suspected or alleged violation of the Terms of Service.

    8. Further Obligations. In connection with the use of the Service, the Customer will not, and will not authorize or encourage any third party to, directly or indirectly:

      1. rent, lease, loan, sell, sublicense, assign, or otherwise transfer any rights in or to the Service; and
      2. distribute or resell the Service or any portion of the Service, or attempt to do any of the foregoing; and
      3. remove any proprietary notices or confidentiality notices from the Service or any portion of it; and
      4. modify, translate, reverse engineer, disassemble, reconstruct, decompile, or create derivative works of the Service; and
      5. use or access the Service to monitor the availability, performance or functionality of the Service, or for any similar benchmarking purposes; and
      6. use the Service in a manner likely to cause a material degradation in the Services provided by the Company to its other customers; and
      7. engage in any activity that interferes with, disrupts, harms, damages, or accesses in an unauthorized manner the servers, security, networks, data, applications, or other properties or services of the Company; and
      8. conduct any load testing or penetration testing on the Service without the Company's prior written consent; and
      9. bypass or circumvent any Service technical restrictions or security measures, including limitations on calls to the Service; and
      10. distribute viruses, malware, spyware, adware, or other harmful programs through the Service; and
      11. falsify or alter any unique identifier assigned to the Customer (e.g. credentials); and
      12. develop another service or application whose primary purpose is to migrate customers off the Service.

  5. Price and payment

    1. Fee. In order to use the Service, the Customer will be charged a one-time and/or recurring fee (Fee) as defined the Order Form or on the Company's website. The Company may change the Fee in its sole discretion effective as of the next Term giving the Customer an advanced notice according to the Notice Period defined in section 9.
    2. Taxes. If not explicitly mentioned otherwise, all fees are exclusive of taxes. To the extent taxes are applicable (e.g., VAT), the Company will charge the Cus-tomer such taxes and the Customer will pay such taxes on top of the Fees. If the Customer is required to deduct or withhold tax from its payment, then the Costumer will pay such additional amount and will ensure that the net amount the Company receives and retains equals the full amount which the Company would have received and retained had the deduction or withholding not been required.
    3. Payment. The Customer will make payment through such means as the Company communicates to the Customer (including by wire transfer, credit card payment, or other means of payment). If not agreed otherwise, payments are due 30 calendar days after receipt of an invoice. If the Customer fails to timely satisfy its payment obligations, the Customer shall pay additional five percent per month on the outstanding amount. After five business days’ written notice, the Company may suspend access to the Platform if the Customer has failed to timely satisfy its payment obligations until full payment of the outstanding Fee(s). Except as expressly set forth herein or in an applicable Order Form (e.g. “money back guarantee”) or on the Company’s website, all payment obligations are non-cancellable and all amounts paid are non-refundable. If an upfront payment is agreement (e.g. in the Order Form), the Customer may only use the Service the first working day after receipt of payment by the Company.

  6. Data Security, Privacy, Usage Information

    1. Data Security. The Service is provided as software-as-a-service from servers operated by Amazon Web Services, Inc. (AWS) and Cloudflare, Inc. (Cloudflare) which are located in Frankfurt (AWS) and European Union (Cloudflare). Please see https://aws.amazon.com/de/contact-us/compliance-support/ for information regarding the data security provided by AWS. Please see https://www.cloudflare.com/trust-hub/compliance-resources/ for information regarding the data security provided by Cloudflare. The Company provides the Service with reasonable security measures and over encrypted channels (e.g., https://).
    2. Data Privacy. The Company’s Privacy Policy which can be found on the Company’s website is applicable. The Customer may conclude a data processing agreement with the Company regarding the processing of personal data by the Company (as processor) for the Customer (as controller) as available in the Platform or as Annex to this Agreement.
    3. Usage Information and Statistics. The Company may collect information about the Customer’s usage of the Service, including information about the type and number of calls to the Service. The Customer agrees that the Company may use the information about the usage of the Service for any purpose, including to improve the Service and any other of its products and services. The Company has the right to utilize anonymized data for statistical purposes and for the improvement of its Service. This may include but is not limited to the analysis of Customers behaviour, trends and patterns to enhance the functionality, efficiency and the Customers experience of the Service. The Company assures that all data used for statistical purposes or for the im-provement of the Service will be anonymized to protect the privacy and confidentiality of the Customers. No personally identifiable information will be disclosed or used for these purposes without the explicit consent of the Customer, in accordance with applicable data protection laws and regulations.

  7. Intellectual Property Rights

    1. Ownership in the Service. The Company or its licensees own all right, title, and interest, including all Intellectual Property Rights, in and to the Service, its docu-mentation, and all other products, services, marks and branding of the Company; and no rights are granted to the Customer regarding the Company’s Intellectual Property Rights except as expressly set forth in these Terms of Service; while Intellectual Property Rights means all worldwide (a) rights associated with works of authorship, including copyrights, moral rights, and database rights; and (b) trademarks; and (c) trade secrets and know how; and (d) patents and designs; and (e) other intellectual and industrial property rights of every kind and nature, however designated, whether arising by operation of law, contract, license or otherwise; and (f) registrations, initial applications, renewals, extensions, continuations, divisions or reissues of the foregoing.
    2. Service License. Subject to these Terms of Service, the Company grants the Customer a non-exclusive, worldwide, non-transferable, non-sublicensable, limited license to use the Service in accordance with its then-current description or documentation as available on the website of the Company and/or as shown in the documentation of the Service and/or as described in these Terms of Service.
    3. Data. The Customer retains its ownership rights in the Data. The Customer grants the Company a non-exclusive, irrevocable, worldwide, transferable, sub-licensable license at no charge to copy, store, transmit, edit, translate, transform, and create derivative works of, the Data to the extent reasonably required for the Company’s performance of the obligations and the exercise of the rights under these Terms of Service and for the purpose of creating, generating, training, testing and verifying machine learning and other artificial intelligence systems, tools, applications, algorithms and models of the Company or its licensors or subcontractors.
    4. Feedback. If the Customers provides any feedback regarding the Service or other products or services of the Company, the Customer agrees that the Company will be free to use such feedback for any purpose, including to improve the Service and other products or services of the Company, and to develop new products and services.

  8. Warranty and Liability

    1. No warranties. The Service is provided by the Company without any warranty of any kind, express or implied, including but not limited any warranty to merchantability, fitness for a particular purpose, security, confidentiality or noninfringement.
    2. Limitation of Liability. The liability of the Company in connection with the Agreement is excluded to the extent possible by applicable law, especially the liability for slight negligence and auxiliary persons is excluded. The Company is not liable for any damages of Customer caused by (a) interruptions of the Service; (b) loss, manipulation, destruction, damage or recovery of Data; or (c) by force majeure (including pandemics and epidemics).
    3. Indemnification. To the extent permitted by applicable law, the Customer will indemnify, hold harmless and defend at its expense, the Company from any and all third party claims, actions, proceedings, and suits brought against the Company or its representatives, and all related liabilities, damages, settlements, penalties, fines, costs or expenses (including reasonable attorneys' fees and other litigation expenses), arising out of or relating to: (a) the Customer’s breach of these Terms of Service; or (b) the Customer’s use of the Service; or (c) violation of applicable laws by the Customer; or (d) any third party Intellectual Property Rights or privacy rights in connection with the Service; or (e) Data that is uploaded, transmitted, stored, or otherwise processed by the Customer or on its behalf in connection with the Service.
    4. Data Loss. The Company is not obliged to provide the Customer any copies of Data in case the Customer loses its Data.
    5. Intellectual Property. The Customer shall not infringe the intellectual property rights of the Company or of any third parties. The Customer expressly agrees to defend, hold harmless and indemnify the Company against any claim, demand, suit or proceeding made or brought against the Company by any third party alleging that the Data or use of the Data infringes any intellectual property rights of a third party, or violates any applicable laws or regulations. The Customer agrees to (a) promptly give the Company written notice of any such claim, demand, suit or proceeding; and (b) give the Company sufficient control to defend and settle such claim, demand, suit or proceeding (provided that the Customer may not settle any claim, demand, suit or proceeding itself and the settlement unconditionally releases the Company from all liability).

  9. Term and Termination

    1. Term. The Agreement starts on the date defined in the Order Form or at latest with the first use of the Service by the Customer. The Agreement – if not agreed otherwise - is valid for one year (Initial Term) and automatically renews for consecutive (one) years (Renewal Term(s); Initial and Renewal Terms together Term). If a monthly subscription is agreed, the Agreement is valid for one month (Initial Term) and automatically renews for consecutive (one) months (Renewal Term(s); Initial and Renewal Terms together Term).
    2. Ordinary Termination. In case of an annual subscription, each party may terminate the Agreement with a notice period sixty (60) days in advance of the end of the current Term (Notice Period), in which case the Agreement shall terminate as of the end of the current Term. In case of a monthly subscription, each party may terminate the Agreement with a notice period fifteen (15) days in advance of the end of the current Term (No-tice Period), in which case the Agreement shall terminate as of the end of the current Term. The Notice Period shall apply also if the Customer wants to downgrade its current Plan, including but not limited to reducing the number of Users or changing the Limits. Termination shall be made via e-mail or – if available – trough the Platform.
    3. Extraordinary Termination of the Service. The Company may immediately and without notice terminate the Agreement or suspend or limit the use of the Platform if the Company determines in its sole discretion that the Customer is in breach of the Terms of Service or that the Customer’s use of the Service poses a security or legal risk to the Company. The obligation to pay the Fee is not affected by such a termination, suspension or limitation.
    4. Consequences. Upon termination of the Agreement, all rights and licenses granted to the Customer by the Company under these Terms of Service will immediately terminate, and the Customer will immediately cease use of the Service. Following termination of Agreement, the Company reserves the right to delete Data and has no obligation to store Data, provided that the Company may retain Data as required to comply with applicable laws.

  10. General Provisions

    1. Publicity. During the Term, the Company may include Customer’s name and logo in the Company’s website, press releases, promotional and sales literature, and lists of customers.
    2. Consumer Laws. These Terms of Service do not restrict any rights granted to the Customer by mandatory consumer protection laws in its jurisdiction. However, the Customer agrees that these Terms of Service and such laws should be interpreted in a manner that allows for maximum compatibility.
    3. Amendments. The Company may amend or change these Terms of Service. Amended Terms of Service have to be announced by the Company to the Customer with at least 30 days advanced notice period. They come into force on the date indicated by the Company (Amendment Starting Date) if not explicitly and via e-mail rejected by the Customer within 14 days after communication of the Company. If Customer rejects the amended Terms of Service, Customer may extraordinary terminate the Agreement by the Amended Starting Date whereas Fees paid by Customer for the period between the Amended Starting Date und the end of the then current Term will be refunded by the Company to the Customer.
    4. Assignment. Neither party may assign or otherwise transfer this Agreement, or any of a party’s rights or obligations under this Agreement, to any third party without the other party’s prior written consent, which consent must not be unreasonably withheld, delayed or conditioned; provided, however, that the Company may assign or otherwise transfer this Agreement, (a) to a successor-in-interest in connection with a merger, acquisition, reorganization, a sale of all or substantially all of its assets, or other change of control, or (b) to a affiliate.
    5. No Partnership. Nothing in the Agreement is intended nor shall be deemed to create any partnership, agency or joint venture relationship by or between the parties.
    6. No Third Party Beneficiaries. These Terms of Service are intended for the benefit of the parties and their respective permitted successors and permitted assigns, and are not for the benefit of, nor may any provision of these Terms of Service be enforced by, any other person or entity.
    7. Subcontractors. The Company may at its sole discretion use services of third parties for the performance of the Service (e.g. hosting services) (Subcontractors). The Company is reliable for the performance of its Subcontractors.
    8. Severability. Should any part or provision of this Agreement be held to be invalid or unenforceable, the other provisions of this Agreement will nonetheless remain valid. In this case, the invalid or unenforceable provisions shall be replaced by a substitute provision that best reflects the economic intentions of the parties.
    9. Applicable Law. The Agreement and all claims arising out of, or in connection with, this Agreement (including all claims arising out of contract, tort, or unjust enrichment) are in all respects governed, construed, and enforced according to the substantive laws of Switzerland excluding conflict laws and the UN Sales convention.
    10. Jurisdiction. The courts at the registered seat of the Company have exclusive jurisdiction for any and all disputes arising out of or in connection with this Agreement.


Version 1.0 / Date 24.12.2024

Data Processing Addendum (DPA)

Annex to the Terms of Service of ContentPaul AG

The Company (as defined in the Main Agreement) provides software services to the Customer (as defined in the Main Agreement). The rights and obligations of the parties in this regard are set out in the Terms of Service and/or a separate agreement (hereinafter collectively referred to as the Main Agreement). This data processing agreement (DPA) specifies the data protection obligations of the parties arising in connection with the Main Agreement.Against this background, the parties agree the following:

  1. Scope

    1. Scope of the DPA

      This DPA shall apply to all activities related to the Main Agreement in which the Company or its employees or third parties mandated by the Company process personal data for the Customer. The processing of personal data in accordance with this DPA is carried out in accordance with the Swiss Federal Act on Data Protection of September 25, 2020 (FADP) and, if applicable, the European General Data Protection Regulation (GDPR).

    2. Subject, nature and purpose of the processing

      The Company shall process personal data in accordance with the provisions of the Main Agreement. The object of the processing is the processing of personal data within the scope of the Main Agreement. In particular, the following types of personal data are processed: Surname, first name, e-mail address, related company, social media information, profile information, marketing information. In particular, the following categories of data subjects are affected: Employees and other auxiliary persons including external providers of the Customer. The purpose of the processing is the fulfillment of the Main Agreement.

  2. Duration and place of processing

    1. Duration

      The processing of personal data lasts as long as provided for in the Main Agreement.

    2. Location

      The place of processing of personal data in accordance with this DPA is generally in Switzerland and the European Union. In addition, personal data may also be processed in countries with an adequate level of protection in accordance with Art. 16 para. 1 FADP (or Art. 45 GDPR). If personal data is processed in a country without the corresponding protection pursuant to Art. 16 para. 1 FADP (or Art. 45 GDPR), the Company shall ensure that a guarantee pursuant to Art. 16 para. 2 FADP (or Art. 46 et seq. GDPR) is in place for the corresponding processing. The servers used by the Company to store personal data in accordance with this DPA are located in Germany. Processing in other countries takes place, for example, when using external services, which take place via servers in other countries.

  3. Sub Processors

    1. Mandating of sub processors

      The Customer agrees that the Company may mandate sub processors to fulfill obligations arising from the Main Agreement and this DPA and may grant them access to the personal data in accordance with this DPA.The Company shall carefully select the sub processors, taking into account the suitability of the technical and organizational measures taken by the sub processors.Further sub-subcontracting by the sub processors etc. is permitted subject to compliance with the provisions of this DPA. Insofar as the GDPR is applicable, the Company shall notify the Customer of any intended change to a sub-processor, giving the Customer the opportunity to object.

    2. Obligation of the sub processor

      The Company must ensure that the sub processors comply with the requirements regarding data security in accordance with the FADP and GDPR. Insofar as the GDPR is applicable, the Company must conclude a written agreement (documented in the original or in electronic format).

    3. Place of processing by sub processors

      With regard to the place of data processing by sub processors, section 2.2 above is applicable.

  4. Obligations of the Company

    1. Confidentiality

      The Company undertakes to ensure that all persons entrusted with the processing of personal data, are bound to confidentiality or are subject to an appropriate statutory duty of confidentiality.

    2. Technical and organizational measures

      The Company undertakes that it has taken and maintains all necessary technical and organizational measures to ensure data security in accordance with the applicable data protection regulations (Art. 8 FADP and Art. 32 GDPR) in order to prevent unauthorized processing, loss or damage to personal data.

    3. Obligation to provide support

      The Company is obliged to support the Customer upon request in complying with the applicable data protection regulations, taking into account the information available to it and to the extent possible with reasonable effort (in particular in reporting any breaches of data security to the competent authorities and claims for information by data subjects).

    4. Duty to inform

      The Company undertakes to notify the Customer in the event of (a) a breach of data security and/or the applicable data protection regulations in connection with this DPA, (b) requests from data subjects in connection with the processing of personal data in accordance with this DPA, or (c) the existence of any requests for access and actual access to personal data by authorities, unless such notification is prohibited by law. If the GDPR is applicable, the Company must also inform the Customer if it is of the opinion that an instruction violates the GDPR.

    5. Return and deletion

      The Company undertakes to (a) return all personal data to the Customer after termination of this DPA, subject to statutory retention obligations, in accordance with the Customer's instructions, or (b) delete it without retaining a copy, and to confirm the deletion to the Customer accordingly. Statutory retention obligations remain reserved.

  5. Rights and obligations of the Customer

    1. Right to issue instructions

      The Company undertakes to process the personal data exclusively for the purposes of the Main Agreement, this DPA and the instructions of the Customer. The Customer acknowledges that, in case of Customer's instructions (e.g. to delete certain personal data), the Company's performance obligations under the Main Agreement may no longer be completely fulfilled.

    2. Right of control

      The Customer shall have the right to satisfy itself of compliance with the provisions on data protection and this DPA to a reasonable extent. With regard to costs, clause 6.1 is applicable

    3. Duties as controller

      Within the scope of this DPA, the Customer is responsible for compliance with the statutory data protection provisions in its role as controller, in particular for the lawfulness of the transfer of data to the Company, for the lawfulness of data processing and for safeguarding the rights of data subjects. The Customer is responsible for the reporting obligations under data protection law.The Customer shall inform the Company immediately and in full if it discovers any errors or irregularities with regard to data protection provisions in connection with this Agreement.

  6. Final provisions

    1. Assumption of costs

      The Customer shall compensate the Company for all expenses incurred in connection with the performance of duties under this DPA at the hourly rates customary in the industry (excl. VAT).
      The regulation pursuant to this clause 6.1 shall apply to all obligations of the Company arising from this DPA, unless another cost regulation has been explicitly agreed.

    2. Duration, termination, amendment

      The start and duration of this DPA corresponds to the start and duration of the Main Agreement. This DPA ends automatically upon termination of the Main Agreement.
      The DPA may be terminated by the parties at any time in accordance with the formal requirements set out in section 6.5 by mutual agreement.

    3. Liability

      Both parties are liable to the persons concerned in accordance with the statutory provisions.

    4. Trade secrets

      Both parties are obliged to keep all knowledge of business secrets and data security measures of the other party obtained within the scope of the contractual relationship strictly confidential during the term of the DPA and after termination of the DPA.

    5. Form and notifications

      Regarding form and notifications the provisions of the Main Agreement apply.

    6. Severability clause

      Should provisions of this DPA be or become invalid, this shall not affect the validity of the remainder of this DPA. In such a case, the parties shall reach an agreement to replace the provision in question with a valid provision that is as close as possible to the economic intent of the invalid provision.

    7. Applicable law and place of jurisdiction

      The DPA shall be governed by Swiss law to the exclusion of the conflict of laws rules. The exclusive place of jurisdiction shall be at the place of the Company's registered office.


Version 1.0 / Date 24.12.2024