Terms and Conditions

1.1 The following General Terms and Conditions apply to all business relationships between the customer and IT-Service Harting, hereinafter referred to as "us/we". They form part of all contracts concluded with the customer and also apply to future services and offers, even if they are not separately agreed again.

1.2 Terms and conditions of our customers or third parties do not apply and do not become part of the contract, even if we do not separately object to their validity in individual cases.

1.3 We expressly reserve the right to change our General Terms and Conditions and prices by prior notification via the customer account or via the email address provided as contact.

1.4 Our employees and third parties commissioned by them are not authorised to make verbal side agreements or give assurances.

1.5 Insofar as domains are the subject of this contract, the corresponding allocation conditions shall additionally apply.

2.1 The contract is concluded through the customer's order and our acceptance in accordance with the provisions under point 2.4.

2.2 Our offers are non-binding and without obligation. Technical and other changes are reserved within reasonable limits.

2.3 The customer assures that the data provided by them is correct and complete and shall notify changes in writing within 14 days at the latest. Upon request, they shall provide appropriate evidence of the correctness of the data.

2.4 By placing an order, the customer bindingly declares their contract offer. We are entitled to accept or reject the contract offer contained in the order within 5 working days of receipt. The confirmation of receipt does not yet constitute binding acceptance of the order.

2.5 Unless otherwise agreed, contracts are concluded for an indefinite period.

2.6 The contract may be terminated by either party with 30 days' notice without giving reasons. Different notice periods may apply to our customers depending on the service description. Termination may be made in text form by letter, email or via the secure online administration area.

2.7 Furthermore, we reserve the right to terminate the contractual relationship without notice for good cause. Such good cause exists, among other things, if the customer fails to meet their payment obligations or violates other important customer obligations. Another important reason that may lead to blocking or termination without notice exists if the customer uses content that impairs the regular operating behaviour or security of the infrastructure or product or constitutes violations of paragraphs 8.1. - 8.3. of these General Terms and Conditions.

2.8 If the customer intends to transfer their contractual rights and obligations to a third party, our consent is required for this. A transfer must be made in writing. We are obliged to verify the legitimacy of the transferor and the identity of the third party.

3.1 The scope of the contractual service results from the offer information valid at the time of the order and the written agreements resulting therefrom. We reserve the right to discontinue services offered free of charge after prior notice or to offer them only for a fee.

3.2 Insofar as the subject of the contractual relationship is the registration of domain names, we only owe the brokerage of the desired domain. We exclude liability and warranty for the actual subsequent allocation of the ordered domain name. The customer may only assume that the domain name has actually been allocated when this has been confirmed by us. We have no influence on domain allocation.

3.3 We undertake to make economically reasonable efforts to achieve an annual average network availability of 99% for our products.

3.4 If the service includes the allocation of an IP address, we point out that no blacklist check of this IP address takes place and the customer has no claim to a specific IP address. If necessary, a change of the IP address can be made by us after prior notification.

3.5 If we offer technical support services beyond the service description, we will charge for these separately.

4.1 The contractually agreed services are charged at the updated prices, viewable on itsh.dev, plus statutory VAT. If the service is a goods delivery, the price is understood to be ex specified warehouse location plus postage and packaging.

4.2 Depending on the contractual agreement, billing takes place monthly, quarterly, half-yearly or annually with the agreed payment methods. The customer undertakes to comply with the terms and conditions of the payment service used.

4.3 If the granted payment deadline is exceeded, we are entitled, even without a reminder, to charge default interest from the day of maturity. The amount is determined according to the provisions of section 288 BGB (German Civil Code).

4.4 The customer is obliged to pay all fees and taxes arising from their use of the services or from third parties designated by them. Invoicing takes place exclusively in electronic form free of charge. Corresponding fees apply for postal delivery.

4.5 The customer is obliged to comply with any applicable export and import control regulations, in particular US regulations and all other relevant regulations.

5.1 For the service areas vServer/VPS, the customer has full and sole administration rights. These must be managed and secured by them at their own expense and risk.

5.2 By using the services, the customer undertakes to set up and manage their servers in such a way that the integrity and availability of networks, servers and data of third parties are not endangered. In particular, it is strictly prohibited to use the servers for (D)DoS attacks or to operate open mail relays or other systems on the server that can perform these actions. In case of violations, we reserve the right – without prior notice – to block the server and terminate the contract without notice.

5.3 The customer is obliged to use the services provided properly and to refrain from abusive and illegal actions.

5.4 The customer is responsible for regular backup (backup copy) of their data outside the server provided by us. Insofar as data is transmitted to us, the customer undertakes to regularly create backup copies thereof. The customer is obliged to perform a complete data backup before any changes made by them or commissioned by them. In the event of data loss nevertheless occurring, the customer is obliged to transmit the relevant data again to us free of charge or to restore it.

6.1Data processing takes place in accordance with GDPR. For more information, please see our Privacy Policy.

6.2 If the customer also wishes to process personal data of third parties with our services, the customer alone remains the controller within the meaning of data protection law. We only process personal data as a processor pursuant to Art. 28 GDPR if the customer concludes a data processing agreement with us. This data processing agreement is not concluded automatically.

6.3 We point out that we generally cannot determine whether the customer processes personal data. The customer is therefore obliged to provide us with the necessary information, in particular whether personal data of third parties is processed, for what purpose this data is processed and to which categories the personal data and data subjects can be assigned. As long as we have not received a data processing agreement with the necessary information from the customer, we assume that the customer does not process personal data of third parties with our services, so we do not take any measures based on data protection law.

6.4 We point out that in data protection for data transmission on the internet, according to the current state of technology, there is still no comprehensive protection. The customer is responsible for the security and backup of the data stored by them.

7.1 The customer is entitled to grant third parties a contractual right of use to their commissioned services. In this case, the customer nevertheless remains the sole contracting party. The customer continues to be solely and fully liable for compliance with the contractual agreements between the customer and us.

7.2 If the involvement of the third party is required for changes of any kind, the customer shall ensure, at the time of transferring the right of use, that all legal and contractual provisions are complied with.

7.3 If the third party violates the contractual obligations or does not fulfil the duty to cooperate, if the data provided by them is incorrect or incomplete, or if other problems arise with the granting of these rights of use, the customer is fully liable for all resulting damages and furthermore indemnifies us from all claims made against us by the third party or others.

8.1 The customer is obliged to independently verify and comply with the legal provisions arising from the use of the contractually agreed services, in particular the Telecommunications Act, the Telemedia Act, as well as national and international commercial and intellectual property rights, personal rights, and the provisions of competition and data protection law. They shall indemnify us from all third-party claims arising from violations of these obligations.

8.2 The customer undertakes not to publish any content that violates the rights of third parties or otherwise violates applicable law. This includes, but is not limited to, pornographic or obscene materials, extremist content or content violating public decency, gambling, material suitable for seriously endangering the morals of children or young people or violating the rights of third parties (copyright, name, trademark and data protection rights). This also includes the publication of defamatory content, insults or denigration of persons or groups of persons.

8.3 Sending spam emails is prohibited. This includes, in particular, sending impermissible, unsolicited advertising to third parties. When sending emails, it is also prohibited to provide false sender data or to disguise the identity of the sender in any other way. Furthermore, the operation of applications for mining cryptocurrencies is prohibited. This includes, but is not limited to, mining, farming, plotting of cryptocurrencies. In case of non-compliance, we are entitled to block access.

8.4 Upon becoming aware of illegal actions, we are obliged under section 7 DDG (German Digital Services Act) to request you to immediately remove the objected content and are entitled to block your access.

9.1 Use of the services is at your own risk. We are liable for indirect damages in case of intent or gross negligence, but not for lost profits. For culpable violations that were not caused by gross negligence or intent, we are liable for the typically foreseeable damage under the contract, up to a maximum of 100% of the customer's monthly product costs.

9.2 If the customer violates the obligations mentioned in paragraph 8 with their content, in particular legal prohibitions and public decency, they are liable to us for compensation of all direct or indirect damages arising therefrom, including financial losses. Furthermore, the customer undertakes to indemnify us from third-party claims – regardless of the legal basis – resulting from them or from third parties designated by them. The indemnification obligation also includes all legal defence costs incurred.

If the service is a goods delivery, a limitation period of 12 months after delivery applies for defect claims. If the service consists of the delivery of used goods, we exclude any defect liability. For damage claims in case of intent and gross negligence as well as injury to life, body and health based on an intentional or negligent breach of duty by the user, the statutory limitation period applies.

The EU Commission provides a platform for online dispute resolution (OS platform), which is available at https://ec.europa.eu/consumers/odr. We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.

13.1 For these General Terms and Conditions and the contractual relationship between us and the customer, the law of the Federal Republic of Germany applies, excluding the UN Convention on Contracts for the International Sale of Goods and international private law.

13.2 The exclusive, including international, place of jurisdiction for all disputes arising from the contractual relationship is our business location in Suhl. However, we are entitled in all cases to sue at the customer's location. Overriding statutory provisions, in particular on exclusive jurisdiction, remain unaffected.

13.3 Should any provision be or become wholly or partially invalid or unenforceable, this shall not affect the validity of the remaining provisions. The same applies if and insofar as a gap should become apparent in this contract. Instead of the invalid or unenforceable provision, an appropriate provision shall apply which, as far as legally possible, corresponds to the meaning and purpose of the invalid or unenforceable provision or to the presumed intention of the parties, had they considered this point.

All account types include free written support during the specified support hours. If this is included in the respective offer, free telephone support is also offered. Written support requests by the customer are made via the self-service customer portal. The customer must use their customer access to the customer portal (login: contact email, password: customer password).

In general, support orders by the customer are included in the flat rate of the product. Special support requests that are not included in the services of IT-Service Harting are only processed in exceptional cases. If more than 15 minutes of working time is required to resolve these problems, IT-Service Harting charges, after prior consultation with the customer, EUR 19.99 (incl. 19% VAT) per commenced quarter of an hour.

• Web server (HTTP)
• Mail system (SMTP, POP3, IMAP, spam filter, virus scanner, mail sending volume)
• Server services (FTP, SSH, NTP)
• Databases (MySQL, PostgreSQL)
• Server load
• Hard drives (S.M.A.R.T., storage utilisation)

A system outage is usually announced on https://status.itsh.dev or announced in advance for planned maintenance work. Status notifications by email can be subscribed to in the self-service customer portal.

The hourly sending volume of emails must not exceed 500 emails. Sending mass emails/newsletters via email accounts of the web hosting account or via the website of the web hosting account is not permitted. Sending unsolicited advertising is prohibited. IT-Service Harting is entitled to immediately block customer accounts that violate this.

All web hosting packages have daily/weekly/monthly/yearly backup of all data. Data is retained for a maximum of 5 years. Restoring the backup is possible via our support. Both restoring individual files and complete folders or an account is possible.

Changes by support staff, such as deleting, moving, overwriting content and sensitive data uploaded and/or received by the customer, can only be carried out if this request is verified via the self-service customer portal or in writing with company stamp and handwritten signature. For work that can be done by the customer themselves and is possible, there is no entitlement to execution by support staff.

In general, except for the listed exceptions, no individual adjustments in configuration files are possible for web hosting accounts. This applies to system settings and the services offered. The following settings can be changed:

To ensure the security and stability of the server, process monitoring takes place, which terminates the corresponding process in case of excessive runtime and/or RAM utilisation.

The installation of additional software or libraries is not carried out by support. The operation of additional software that requires root rights for installation or operation is generally not possible.

Each email account has an optionally deactivatable server-side spam filter for pre-sorting suspicious emails into a designated folder. This folder is accessible via IMAP and webmail. Emails identified as spam are automatically deleted after a specified period of time. The strength of the filter can be set by the customer. Furthermore, IT-Service Harting operates a blacklist that temporarily or permanently blocks IP addresses from which spam emails arrive. The blocking of individual IP addresses can be manually deactivated by customers. IT-Service Harting also uses a virus filter for emails. Incoming emails containing viruses are not accepted for security reasons. The sender of the email is notified of this. Sending emails containing viruses is prevented.

To enable us to operate a high-performance and reliable network for our customers, the operation of applications for mining cryptocurrencies is prohibited.

All Kubernetes products include free written support during the specified support hours. Written support requests are made via the self-service customer portal.

Support covers questions about the Kubernetes infrastructure, but not debugging of customer applications or support for application development. Special support requests that go beyond the standard services are charged, after prior consultation, at EUR 19.99 (incl. 19% VAT) per commenced quarter of an hour.

Namespace: Shared control plane with dedicated resource quotas (vCPU, RAM). Suitable for development, testing and smaller production environments.

Cluster: Dedicated control plane and worker nodes. Full network isolation and dedicated hardware available.

Add-ons: Optional extensions such as persistent storage (RWX), managed databases (PostgreSQL, Redis) and extended backup capacities.

Resource usage (CPU, RAM, storage) is limited according to the booked product tier. If the included quotas are exceeded, usage-based billing takes place according to the current price list on itsh.dev.

Processes that consume excessive resources and endanger the stability of the infrastructure may be terminated without prior notice. The operation of applications for mining cryptocurrencies is prohibited pursuant to section 8.3 of the General Terms and Conditions.

We aim for network availability of 99% as an annual average (cf. section 3.3 of the General Terms and Conditions). Planned maintenance work is announced via the status page.

Updates and security patches are automatically applied by IT-Service Harting. Nodes may be automatically restarted as part of regular maintenance to apply operating system updates.

common.important: The customer is responsible for configuring their deployments to be tolerant of node restarts or failures (e.g. through multiple replicas, Pod Disruption Budgets).

All Kubernetes products include daily, encrypted backups of the cluster configuration and persistent volumes. The retention period depends on the booked product.

Recovery requests can be made via the self-service customer portal. The customer is additionally responsible for application-specific backups of their data and configurations.

Namespace-Tier: Isolation through Kubernetes RBAC and Network Policies within a shared control plane.

Cluster-Tier: Complete network isolation with dedicated hardware and private networking available.

All tiers are operated in ISO 27001 certified EU data centres. SSL/TLS encryption is enabled by default.

Access to the Kubernetes cluster is via kubectl with the provided kubeconfig file. The customer is responsible for the secure storage and management of their access credentials.

Root or admin access to the underlying infrastructure (nodes, control plane) is not granted. Changes to the infrastructure are made exclusively by IT-Service Harting.

In addition to the prohibitions mentioned in section 8 of the General Terms and Conditions, the following are particularly prohibited:

• Operation of tools for (D)DoS attacks or network scanning of other customers
• Exploiting security vulnerabilities in the Kubernetes infrastructure
• Resource abuse that affects the stability or performance of other customers

Violations may result in immediate throttling or blocking of access as well as termination without notice.

IT-Service Harting acts as an intermediary between the customer and the respective registration authority in domain registration. There is no entitlement to allocation of a specific domain (cf. section 3.2 of the General Terms and Conditions).

The customer is responsible for checking whether the desired domain violates the rights of third parties (in particular trademark, name or identification rights). IT-Service Harting does not carry out any such check.

For the registration and management of domains, the respective allocation conditions of the competent registration authorities additionally apply. This includes in particular:

• DENIC eG for .de domains
• ICANN-accredited registrars for generic TLDs (.com, .net, .org, etc.)
• National registration authorities for country-specific TLDs (.at, .ch, .eu, etc.)

The customer undertakes to comply with the applicable guidelines in each case. The current conditions can be viewed on the websites of the respective registration authorities.

The customer is obliged to provide correct and complete holder data (registrant data). This is a requirement of ICANN and other registration authorities. Changes to the data must be notified within 14 days in accordance with section 2.3 of the General Terms and Conditions.

WHOIS privacy protection is offered for supported TLDs, insofar as this is permitted by the respective registration authority.

Domains are equipped with a transfer lock by default to prevent unauthorised transfers. This can be deactivated by the customer in the self-service customer portal.

For transfer to another provider, an AuthCode (authorisation code) is required, which can be requested via the self-service customer portal. The AuthCode is valid for 30 days. The customer is responsible for initiating the transfer with the new provider.

All domains include complete DNS management via the self-service customer portal. 26 different DNS record types are supported (including A, AAAA, CNAME, MX, TXT, SRV, CAA).

The customer is responsible for the correct configuration of their DNS records. IT-Service Harting assumes no liability for malfunctions resulting from incorrect DNS configurations.

Domain contracts have a term of 12 months and are automatically renewed for a further 12 months unless terminated in due time.

Termination must be made at least 30 days before the end of the contract term. After the contract ends, the domain will be released in accordance with the guidelines of the respective registration authority.

Domain disputes (e.g. due to trademark infringements) are handled according to the procedures of the competent registration authority. For generic TLDs, the Uniform Domain-Name Dispute-Resolution Policy (UDRP) of ICANN particularly applies.

IT-Service Harting is not a party to domain disputes between the customer and third parties and does not assume any mediator role.