PunchCommerce is a product of netzdirektion | Gesellschaft für digitale Wertarbeit mbH
PunchCommerce is a product of netzdirektion | Gesellschaft für digitale Wertarbeit mbH
PunchCommerce Business PunchCommerce Enterprise Features & Pricing Documentation Roadmap Journal
Open a new account

Existing customer? log in now

PunchCommerce

Terms of Service for the „PunchCommerce" Product from netzdirektion | Gesellschaft für digitale Wertarbeit mbH

General Terms and Conditions

Version dated 12 May 2026

⚠️ IMPORTANT LEGAL NOTICE

This English translation is provided for convenience and informational purposes only. The German-language version of these General Terms and Conditions is the sole legally binding version.

In the event of any inconsistency, ambiguity, or conflict between the German and English versions, the German version shall prevail.

The binding German version is available at:
https://punchcommerce.de/de/terms-of-service

By using the services covered by these General Terms and Conditions, the User acknowledges that the German version constitutes the authoritative document governing the contractual relationship.

Introduction

netzdirektion | Gesellschaft für digitale Wertarbeit mbH (hereinafter referred to as the "Provider") provides its contractual partner (hereinafter referred to as the "User") with software for the creation of online product catalogs (hereinafter referred to as the "PunchOut Catalog").

These catalogs are used by each customer of the User (hereinafter referred to as the "Customer") to procure the products contained in a catalog from the User. The purchasing process takes place outside the platform and is not part of the Provider's services.

Access to the catalog takes place via a specific protocol that may be selected by the User per Customer from a list of available protocols.

Within the meaning of these General Terms and Conditions, an Authorized End User is a natural person accessing the PunchOut Catalog on behalf of the Customer, or a software application operated by the Customer itself and under its own control (in particular eProcurement or ERP systems) for the execution of internal procurement processes. Non-authorized end users include, in particular, AI-supported procurement agents, aggregators, crawlers, indexing services, or comparable automated third-party systems that are not under the direct control of the Customer.

1. Services

1.1. The Provider makes available the contractual services, in particular access to the software, within its sphere of disposal (from the interface of the data center to the Internet). The scope of services, the characteristics, the intended use, and the conditions of use of the contractual services result from the service description in clauses 2.1 to 2.7 (hereinafter referred to as the "Basic Services"). In addition, the Provider provides – at the User's request – additional services as set forth in clause 2.9 below.

1.2. The Provider is entitled to provide updated versions of the software. The Provider will inform the User of updated versions and corresponding usage instructions electronically and make them available accordingly.

2. Service Description

2.1. Upon conclusion of the contract, the User obtains the option to create Customers on the Provider's platform within a protected area (account; administrative interface for the User, accessible at: https://punchcommerce.de/login).

  1. For each Customer, the User may select either "Hosted Catalog" or "Gateway" as the operating mode.
  2. For each Customer, the User may select the desired PunchOut protocol.
  3. The following protocols are currently supported in the respective scope indicated:
    • SAP OCI 4.0 / 5.0 PunchOut in accordance with the specification dated 4 October 2012: PunchOut without the additional functions DETAIL, VALIDATE, SOURCING, and BACKGROUND_SEARCH. Further, without Secure Handshake and without XML-based communication.
    • cXML PunchOut in accordance with the specification from version 1.2.039 onward: PunchOut Level 1 without final PurchaseOrder is supported. Further document types are not supported.
    • IDS Connect version 2.5 without Heating-Label functionality.
  4. The Provider declares that it has implemented the essential functions of the selected PunchOut protocol in accordance with the published specifications.
  5. Use outside the respective published specifications requires a separate agreement.
  6. If a Customer is to have multiple access options, the User must create that Customer multiple times (each with a different protocol).
  7. For each Customer, the platform generates a username and password. The username and password cannot be changed and serve the Customer for programmatic access to the PunchOut Catalog by Authorized End Users within the meaning of these GTC. The transfer or technical provision of the access data to non-authorized end users, in particular automated third-party systems, is prohibited.
  8. For each Customer, the platform generates an access address that is displayed in the User's account.
  9. For the transmission of the access data to the Customer, the User may retrieve a PDF document from their account area. This document contains general instructions for setting up the respective protocol in a third-party system – i.e., typically a system operated by the Customer that accesses the platform for the purpose of product transfer – as well as the generated access data.

2.2. For each Customer in the "Hosted Catalog" operating mode, the User may transmit products to the platform. This may be done either via file upload or via programmatic access through a REST API (interface).

  1. The file formats supported for file upload are Excel (XLS, XLSX), CSV, and XML.
  2. For file upload as an Excel file, a maximum of 500 rows is supported.
  3. For file upload as a CSV file, a maximum of 1,000 rows is supported.
  4. The Provider makes available to the User a list of the supported fields including data types and function description, retrievable from the User's account.
  5. The set of fields supported by the Provider may change at any time. The Provider will notify the User of such changes in the "Documentation" section within the application. If the User uses the REST API connection, it is incumbent upon the User to make any necessary adjustments at their own cost and risk.
  6. For each product, an image may be defined. The User bears responsibility for verifying authorship and, where applicable, for obtaining the necessary image rights.
  7. Images must be provided by the User on a server that makes the images available via the SSL protocol (https://). Access via an unencrypted connection is not supported. Only the image formats JPEG and PNG are supported by the platform.
  8. All valid products contained in a product list uploaded by the User are immediately made available to Customers in a catalog interface for viewing and for the PunchOut.
  9. Products that are already stored in the platform but are not contained in the product list are automatically deleted and are no longer available to the Customer for selection.
  10. The User is solely responsible for the accuracy and timeliness of the data uploaded or transmitted by them.

2.3. The following usage limits apply to the operation of the catalog at the Provider (Hosted Catalog):

  1. Up to 1,000 products per Customer and catalog may be transmitted.
  2. For each product exceeding the quantity of 1,000 products, the Provider charges the User a fee of EUR 0.03 plus applicable VAT per month and product.

2.4. For each Customer, the User may create an individual field mapping (assignment of system fields to protocol fields) and select it for use with the Customer.

2.5. The Customer may access a catalog interface using the access data provided to the User.

  1. The catalog interface presents the products in a hierarchical structure and offers the possibility to add them to a shopping cart.
  2. The Provider ensures that the catalog interface, in its delivered state, is operable with the respective current and actively developed version of a browser.
  3. Beyond that, the User has the option at any time to commission the Provider with the creation of a customized version of the catalog interface. The Provider will provide the User with an offer for this upon request.

2.6. For the "Gateway" operating mode, identifiable by the suffix "-Gateway" in the protocol designation, the following deviating provisions apply:

  1. Products cannot be transmitted to the platform by the User.
  2. After successful login to the platform, the Customer is redirected to an Internet address configurable by the User (typically the User's online shop) to compile a shopping cart there.
  3. The User ensures that, upon completion of the compilation, the shopping cart is transferred to the platform in accordance with the specification available in the "Documentation" area.
  4. The platform validates the shopping cart in accordance with the published specification and transmits it to the Customer's system if the shopping cart is valid.

2.7. For the "Gateway" operating mode, identifiable by the suffix "-Gateway" in the protocol designation, the following deviating usage limits apply:

  1. OCI 4.0/5.0 PunchOut Gateway: 100 positions per transaction
  2. cXML PunchOut Gateway: 100 positions per transaction
  3. IDS Connect 2.5: 50 positions per transaction

2.8. Compensation for Basic Services

The Provider charges the User a monthly fee of EUR 49.00 plus applicable VAT per Customer created in the "Gateway" operating mode. For the "Hosted Catalog" operating mode, an additional monthly fee of EUR 50.00 plus applicable VAT is charged per Customer.

  1. Billing takes place in accordance with the agreed billing interval, in each case at the beginning of the month or year in advance; the payment term is 14 days.
  2. Unless otherwise agreed, monthly payment by bank transfer is deemed agreed.
  3. Invoices are transmitted by e-mail to the e-mail address provided by the User at registration. Alternatively, the User may inform the Provider of a different invoice e-mail address.

2.9. Service Performance / Additional Compensation

The Provider makes available to the User an option for commissioning service performance (the "Support" menu item).

  1. In addition to the Basic Services, the Provider provides the following services at the User's request (hereinafter referred to as "Service Performance"):
    • Consulting, training, and support services in connection with the functions of the subject matter of the contract;
    • Development of extensions or modifications for the subject matter of the contract;
    • Maintenance of content within the subject matter of the contract;
    • Implementation of configuration changes to the subject matter of the contract.
  2. Billing for Service Performance takes place in 15-minute increments.
  3. The hourly rate for Service Performance is EUR 150.00 plus applicable VAT.
  4. The Provider reserves the right to change the compensation for Service Performance following electronic notification (e.g., by e-mail), subject to (x) a period of six weeks to the end of a contract year and (y) the conditions of the following two paragraphs. Such a change must not exceed the compensation of the preceding twelve-month period by more than 5%.
  5. If the compensation is increased by more than 5% of the compensation of the preceding twelve-month period, the Customer may terminate the contract in writing with a period of four weeks to the date of the increase. The Provider will invoice the compensation for the past month at the beginning of each month. Invoices are due for payment without deduction within 14 days of the invoice date.
  6. The response time refers to the period within which the Provider provides an assessment of the task or error.
  7. After receiving a sufficiently specified task or error description, the response time set out below applies.
  8. The response time for all inquiries is generally 5 business days (Monday to Thursday), but only within the Provider's regular business hours.
  9. Events of force majeure that make it substantially more difficult or impossible for the Provider to perform entitle the Provider to postpone the fulfillment of its obligations by the duration of the impediment and by a reasonable start-up period. Strikes, lockouts, natural disasters, pandemics, or similar circumstances are equivalent to force majeure, provided they are unforeseeable, serious, and not caused by fault. The Provider must inform the User of the occurrence of such a circumstance.
  10. Development services must be accepted by the User or its representatives within 14 days of notification via the ticket system. Acceptance takes place through the closure of the ticket. For all other services, no acceptance is required; the mere performance of the service by the Provider is sufficient.

2.10. Error Reports

The Provider makes available to the User a means of reporting errors within the platform.

  1. The processing of error reports, which may also be submitted to the Provider via the "Support" function, takes place within the scope of the Provider's obligation of subsequent performance, unless the reported error is a user error.
  2. Upon receipt of the error report, the Provider will first classify it and inform the User whether the reported error is a user error or a software error.
  3. User errors are treated as Service Performance pursuant to clause 2.9 above.
  4. Error handling within the meaning of this contract includes the isolation of the cause of the error, error diagnosis, and services aimed at eliminating the error (in particular patches and service packs). Error handling services may, at the Provider's discretion, also be performed by means of a workaround or by an update or upgrade delivery.
  5. The Provider is not obligated to remedy errors in third-party computer programs.

2.11. Availability and Response Times

  1. Availability. The Provider guarantees an average monthly availability of the Platform of 99.0%, measured against the total time of the respective calendar month, less periods of scheduled maintenance pursuant to Section 2.11.3. Availability is calculated as follows: Availability (%) = ((Total minutes in month − Maintenance minutes − Unplanned downtime minutes) / (Total minutes in month − Maintenance minutes)) × 100
  2. Definition of Downtime. Downtime is defined as any continuous period exceeding ten (10) minutes during which the essential functions of the Platform (account access, PunchOut transactions, product data transmission) are inaccessible to the User or the User’s customers. Disruptions caused by the User, the User’s customers, third parties (specifically network operators, third-party systems, or Authorized AI Partners pursuant to Section 3.5), or by force majeure within the meaning of Section 2.9 shall not be considered downtime.
  3. Maintenance Windows. The Provider is entitled to perform scheduled maintenance work. Maintenance activities expected to result in inaccessibility exceeding five (5) minutes shall be announced to the User at least 24 hours in advance via email or through the Platform. Brief updates (Continuous Deployment) resulting in inaccessibility of up to five (5) minutes per operation may be performed without prior notice; the cumulative duration of such brief interruptions shall not exceed 30 minutes per calendar day.
  4. Response Times for Disruptions. In the event of complete inaccessibility of the Platform or the inability to perform PunchOut transactions, the response time shall be eight (8) hours. For all other disruptions, the response time shall be two (2) business days. The response times apply during the Provider's business hours (Monday to Thursday 09:00–17:00, Friday 09:00–15:00, excluding public holidays at the Provider's registered office). The response time refers to the period between the receipt of a qualified fault report and the Provider's first qualified response. There is no obligation to resolve the issue within the response time.
  5. Extended Service Levels. Within the scope of individual contractual agreements, extended service levels (specifically higher availability, shorter response times, dedicated maintenance windows) may be agreed upon in exchange for separate remuneration.

2.12. Bookable Additional Services (Add-ons)

  1. The Provider optionally makes additional functions, modules, or services ("Add-ons") available to the User. Add-ons may be booked either:
  • per customer (customer-specific Add-ons), effective exclusively for the respective selected customer; or
  • for the User's entire account (account-specific Add-ons), effective for all of the User's customers.
  1. The currently available Add-ons, their scope of services, prerequisites, and the applicable remuneration are set forth in the booking form provided within the Provider's account area. Booking is effected by the User exclusively via this booking form.
  2. The billing of Add-ons follows the general provisions set out in Section 2.8, unless a deviating provision is specified in the booking form.
  3. Unless otherwise agreed in the booking form, the same contract term and termination provisions apply to Add-ons as apply to the Main Agreement pursuant to Section 5. Individual Add-ons may be terminated via the booking form or the Provider's platform without affecting the Main Agreement.
  4. The Provider is entitled to expand, modify, or discontinue its range of Add-ons at any time. Add-ons that have already been booked remain unaffected by this until the end of their respective agreed-upon term. In the event that an already booked add-on is discontinued, the Provider shall notify the User with reasonable advance notice; the provisions set forth in Clause 12.6 shall apply accordingly.

3. Scope of Use

3.1. The contractual services may be used only by the User and only for the purposes agreed in the contract. During the term of the contract, the User may access the contractual services via telecommunications (the Internet) and use the functionalities associated with the software in accordance with the contract by means of a browser or another suitable application (e.g., an "app"). Further rights, in particular to the software or to any infrastructure services provided in the relevant data center, are not granted to the User. Any further use requires the prior written consent of the Provider.

3.2. In particular, the User may not use the software beyond the agreed scope of use, nor have it used by third parties, nor make it accessible to third parties. In particular, the User is not permitted to reproduce, sell, or temporarily transfer, rent, or lend the software or parts thereof.

3.3. In any case in which a contractual service is used without authorization within the User's area of responsibility, the User must pay damages in the amount of the compensation that would have been incurred for contractually compliant use within the framework of the minimum contract term applicable to such service. The User reserves the right to prove that they are not responsible for the unauthorized use or that no damage or only substantially lesser damage has occurred. The Provider remains entitled to claim further damages.

3.4. The Provider is entitled to take reasonable technical measures to protect against use that is not in accordance with the contract. The use of the services in accordance with the contract must not be more than insignificantly impaired thereby.

3.5. The use of the platform by automated systems not operated by the Customer itself – in particular AI-supported procurement agents, aggregators, crawlers, indexing services, or comparable third-party applications – is prohibited without the prior express written consent of the Provider and the respective User. This applies regardless of whether access takes place technically using a Customer's valid access data.

The Provider operates a partner program ("PunchCommerce Authorized AI Partner") through which operators of automated third-party systems may obtain controlled and contractually regulated connection to the platform. Participation requires successful technical certification as well as the conclusion of a separate cooperation and licensing agreement with the Provider. The applicable requirements, conditions, and terms are set forth in the Provider's currently published program documentation.

The Provider is entitled to detect, throttle, or block access by automated third-party systems technically, insofar as such systems are not authorized within the framework of the Authorized AI Partner program. Systems authorized within the framework of the program are obligated to identify themselves uniquely vis-à-vis the platform (e.g., by means of an API key and/or user-agent designation issued by the Provider).

Any compensation for the use of the platform by authorized third-party systems within the framework of the Authorized AI Partner program is settled exclusively between the Provider and the respective third-party system operator and does not constitute an additional obligation of the User.

3.6. Product and catalog data retrieved via the platform may be used exclusively for the purpose of direct procurement by the retrieving Customer or the retrieving system. Any further use – in particular permanent storage, indexing, inclusion in proprietary search or comparison indices, transfer to third parties, or use for the enrichment or training of AI or language models – is prohibited without the express written consent of the Provider and the respective User.

3.7. In the case of a contractually non-compliant exceeding of the scope of use by a Customer or in the case of an unauthorized transfer of use, the User must, upon request, immediately provide the Provider with all information available to them for asserting claims due to the contractually non-compliant use, in particular communicating the name and address of the Customer.

3.8. The Provider may revoke the User's access authorization and/or terminate the contract if the User significantly exceeds the use permitted to them or violates provisions for protection against unauthorized use. Associated with this, the Provider may interrupt or block access to the contractual services. The Provider must generally grant the User an appropriate grace period to remedy the situation in advance. The mere revocation of the access authorization does not simultaneously constitute termination of the contract. The Provider may maintain the revocation of the access authorization without termination only for a reasonable period, a maximum of 3 months.

3.9. The Provider's claim to compensation for use exceeding the agreed use remains unaffected. The Provider is, in particular, entitled to charge separate compensation for the connection and use by automated third-party systems within the meaning of clause 3.5. The applicable conditions are announced in a separate price list published by the Provider.

3.10. The User has a claim to reinstatement of the access authorization and the access option after demonstrating that they have ceased the contractually non-compliant use and have prevented future contractually non-compliant use.

4. General Obligations of the User

4.1. The User must protect the access authorizations and identification and authentication information assigned to them or to the Customers from access by third parties and must not pass them on to unauthorized persons.

4.2. The User is obligated to indemnify the Provider against all third-party claims based on infringements of rights resulting from the User's unlawful use of the subject matter of the services or occurring with the User's approval. If the User recognizes or must recognize that such an infringement is imminent, there is an obligation to immediately notify the Provider.

4.3. The User must use the options made available by the Provider to secure their data within their area of responsibility.

4.4. The User is obligated to impose on its Customers, within the scope of its contractual relationship with them, the restrictions relevant for the use of the platform – in particular the provisions of clauses 3.5 and 3.6 as well as the obligation of access exclusively by Authorized End Users. The User shall, to a reasonable extent, work toward ensuring that its Customers comply with these restrictions.

4.5. If the User recognizes or must recognize that the platform is being used by a Customer or a third-party system deployed by the Customer in violation of the provisions of these GTC, the User must immediately inform the Provider and cooperate to a reasonable extent in the clarification.

5. Contract Term and Termination

5.1. The provision of the contractually agreed services takes place from the date specified in the contract, initially for the duration of the term agreed in the contract.

5.2. The minimum contract term for contracts with monthly payment is one calendar month. The minimum term for contracts with annual payment is one year. During the minimum term, premature ordinary termination is excluded for both parties.

5.3. The contract may be terminated by either contracting party at any time as of the end of the current billing period. If this does not occur, the contract is extended by one month at a time, unless it has been ordinarily terminated with one month's notice as of the end of the respective extension period.

5.4. The right of each contracting party to extraordinary termination for cause remains unaffected.

5.5. The User may carry out the termination exclusively via the Provider's platform; the termination requires the deletion of the User's access. Terminations by the Provider may be made in electronic form (e.g., by e-mail).

5.6. The User will secure their data inventories on their own responsibility in good time before the end of the contract. Access by the User to these data inventories will no longer be possible after termination of the contract for data protection reasons.

6. Service Protection

6.1. The User may only offset against undisputed or legally established claims or exercise a right of retention.

6.2. The Provider reserves ownership and rights to be granted to the services until full payment of the compensation owed; justified retention amounts for defects shall be taken into account. Furthermore, the Provider reserves ownership until all of its claims arising from the business relationship with the User are fulfilled.

The Provider is entitled to prohibit the User from further use of the services for the duration of a payment default by the User. The Provider may exercise this right only for a reasonable period, as a rule not exceeding 6 months. This does not constitute a withdrawal from the contract. § 449 (2) of the German Civil Code (BGB) remains unaffected.

6.3. The User is obligated, in the case of a permissible transfer of rights of use to deliveries and services, to impose on the recipient their contractually agreed restrictions.

6.4. If the User does not settle a due claim in whole or in part on the contractually agreed payment date, the Provider may revoke the agreed payment terms for all claims. The Provider is further entitled to provide further services only against advance payment or against security by means of a performance guarantee from a credit institution or credit insurer licensed in the European Union. The advance payment must cover the respective billing period or, in the case of one-time services, their compensation.

6.5. In the event of the User's economic inability to fulfill its obligations vis-à-vis the Provider, the Provider may terminate existing exchange contracts with the User by withdrawal and continuing obligations by termination without notice, including in the event of the User's insolvency application. § 321 BGB and § 112 of the German Insolvency Code (InsO) remain unaffected. The User will inform the Provider in writing at an early stage of any imminent inability to pay.

6.6. Fixed performance dates should be agreed only expressly and in documented form. The agreement of a fixed performance date is subject to the proviso that the Provider receives the services of its respective upstream suppliers on time and in accordance with the contract.

7. Cooperation, Cooperation Obligations, Confidentiality

7.1. The User and the Provider each appoint a responsible contact person. Communication between the User and the Provider takes place, unless otherwise agreed, via these contact persons. The contact persons must obtain all decisions related to the execution of the contract without delay. Decisions must be documented in a binding manner.

7.2. The User is obligated to support the Provider as necessary and to create within its operating sphere all conditions required for the proper execution of the order. In particular, the User will provide necessary information and, where possible, enable remote access to the User's system. To the extent that remote access is not possible for security or other reasons, deadlines affected thereby shall be extended appropriately; the contracting parties shall agree on an appropriate arrangement for further effects. The User further ensures that qualified personnel is available to support the Provider.

To the extent that it is agreed in the contract that services may be performed on-site at the User, the User shall, at the Provider's request, provide sufficient workstations and work resources free of charge.

7.3. Unless otherwise agreed, the User will ensure proper data backup and failure prevention for data and components (such as hardware, software) appropriate to their nature and importance.

7.4. The User must report defects without delay in a comprehensible and detailed manner, providing all information useful for defect identification and analysis. In particular, the work steps that led to the defect occurring, the form of its appearance, and the effects of the defect must be specified. Unless otherwise agreed, the procedures provided by the Provider for this purpose shall be used.

7.5. The User will appropriately support the Provider, upon request, in examining and asserting claims against other parties involved in connection with the performance of the services.

7.6. The contracting parties are obligated to maintain confidentiality regarding business secrets and other information designated as confidential (e.g., in documents, records, data inventories) that become known in connection with the execution of the contract, and not to use such information beyond the purpose of the contract or to disclose it without the written consent of the other contracting party.

The respective receiving contracting party is obligated to take appropriate confidentiality measures for business secrets and information designated as confidential. The contracting parties are not entitled to obtain business secrets of the other contracting party by observing, examining, reverse-engineering, or testing the subject matter of the contract. The same applies to other information or items received during the execution of the contract. The disclosure of business secrets and other information designated as confidential to persons not involved in the conclusion, execution, or settlement of the contract may take place only with the written consent of the respective other contracting party.

Unless otherwise agreed, the obligation to maintain confidentiality for other information designated as confidential ends five years after the respective information becomes known, but in the case of continuing obligations not before their termination. Business secrets must be kept confidential indefinitely.

The contracting parties will also impose these obligations on their employees and any third parties engaged.

7.7. The contracting parties are aware that electronic and unencrypted communication (e.g., by e-mail) is subject to security risks. In this type of communication, they will therefore not assert any claims based on the absence of encryption, except to the extent that encryption has previously been agreed.

8. Disruptions in Service Performance

8.1. If the User can withdraw from the contract due to improper performance by the Provider and/or claim damages in lieu of performance, or asserts such, the User will, at the Provider's request, declare in writing within a reasonable period whether they assert these rights or continue to desire performance of the service. In the case of withdrawal, the User must reimburse the Provider for the value of previously existing usage options; the same applies to deteriorations through use as intended.

If the Provider falls into default with service performance, the User's compensation for damages and expenses due to the default is limited to 0.5% of the price for the part of the contractual service that cannot be used due to the default for each completed week of default. Liability for default is limited to a total of no more than 5% of the compensation for all contractual services affected by the default; in continuing obligations, based on the compensation for the respective affected services for the full calendar year. Supplementarily and predominantly, a percentage of the compensation agreed at the time of conclusion of the contract applies. This does not apply insofar as a default is based on gross negligence or intent on the part of the Provider.

8.2. In the case of a delay in performance, the User has a right of withdrawal within the framework of statutory provisions only if the delay is the responsibility of the Provider. If the User justifiably claims damages or expenses in lieu of performance due to the delay, they are entitled to demand 1% of the price for the part of the contractual service that cannot be used due to the delay for each completed week of the delay, but no more than 10% of this price in total; in continuing obligations, based on the compensation for the respective affected services for the full calendar year. Supplementarily and predominantly, a percentage of the compensation agreed at the time of conclusion of the contract applies.

9. Defects in Quality and Title, Reimbursement of Expenses

9.1. Defects in Quality

The Provider warrants the contractually owed condition of the services. In the case of only an insignificant reduction in the suitability of the services for use in accordance with the contract, no claims of the User due to defects exist. The Provider's liability independent of fault for defects that already existed at the time of conclusion of the contract is excluded.

Claims due to defects also do not exist in the case of excessive or improper use, natural wear and tear, failure of components of the system environment, software errors that are not reproducible or otherwise verifiable by the User, or damage arising from special external influences not provided for under the contract. This also applies in the case of subsequent modification or repair by the User or third parties, unless this does not impede the analysis and elimination of a defect in quality.

9.2. Defects in Title

For infringements of third-party rights through its service, the Provider is liable only insofar as the service is used in accordance with the contract and, in particular, in the contractually agreed environment of use, or otherwise in the intended environment of use, without modification.

  1. The Provider is liable for infringements of third-party rights only within the European Union and the European Economic Area, as well as at the place of contractual use of the service.

  2. If a third party asserts to the User that a service of the Provider infringes their rights, the User must inform the Provider thereof immediately in writing.

  3. The User is not entitled to acknowledge third-party claims before having given the Provider the opportunity to defend against the third-party rights in another way.

  4. If a service of the Provider infringes the rights of third parties, the Provider will, at its own discretion and at its own expense:

    1. obtain for the User the right to use the service; and/or
    2. design the service to be free of infringements; and/or
    3. take back the service against reimbursement of the compensation paid for it by the User (less reasonable compensation for use), if the Provider cannot achieve any other remedy with reasonable effort.

    The interests of the User will be appropriately taken into account.

9.3. The statute of limitations for claims due to defects in quality/title is one year from the statutory commencement of the limitation period. The statutory periods for recourse under § 478 BGB remain unaffected.

The same applies insofar as the law prescribes longer periods pursuant to § 438 (1) No. 2 or § 634a (1) No. 2 BGB, in the case of an intentional or grossly negligent breach of duty by the Provider, fraudulent concealment of a defect, and in cases of injury to life, body, or health, as well as for claims under the German Product Liability Act.

The processing by the Provider of a defect-in-quality/title notice from the User only leads to a suspension of the limitation period to the extent that the statutory requirements for it are present. A new commencement of the limitation period does not occur as a result.

9.4. Reimbursement of Expenses

The Provider may demand compensation for its expenses to the extent that:

  1. it takes action based on a report without a defect being present, except where the User could not, with reasonable effort, have recognized that no defect was present; and/or
  2. a reported disturbance is not reproducible or otherwise verifiable by the User as a defect; and/or
  3. additional effort arises due to non-fulfillment of the User's obligations in accordance with the contract.

9.5. Clause 10 below applies to claims for damages and reimbursement of expenses.

10. General Liability of the Provider

10.1. The Provider is always liable to the User:

  1. for damages caused intentionally or by gross negligence by the Provider, its legal representatives, or vicarious agents;
  2. under the German Product Liability Act; and
  3. for damages arising from injury to life, body, or health for which the Provider, its legal representatives, or vicarious agents are responsible.

10.2. In the case of slight negligence, the Provider is not liable, except insofar as it has breached an essential contractual duty the fulfillment of which makes the proper execution of the contract possible in the first place, or whose breach jeopardizes the achievement of the contractual purpose and on whose compliance the User regularly may rely.

This liability is limited, for property damage and financial losses, to the typical and foreseeable damage. This also applies to lost profits and missed savings. Liability for other remote consequential damages is excluded.

For an individual case of damage, liability is limited to the value of the contract; in the case of ongoing compensation, to twice the amount of the compensation per contract year. The provisions of clause 9.3 above apply correspondingly to the limitation period. The contracting parties may agree upon further liability in writing at the time of conclusion of the contract, usually against separate compensation. An individually agreed liability sum takes precedence. The liability under clause 10.1 above remains unaffected by this paragraph.

Supplementarily and predominantly, the Provider's liability for slight negligence arising from the respective contract and its execution for damages and reimbursement of expenses, regardless of legal grounds, is limited overall to the percentage of the compensation agreed at the time of conclusion of the contract specified in this contract. The liability under clause 10.1(b) above remains unaffected by this paragraph.

10.3. Under a guarantee declaration, the Provider is liable for damages only if this has been expressly assumed in the guarantee. This liability is subject, in the case of slight negligence, to the restrictions in clause 10.2 above.

10.4. For the necessary restoration of data or components (such as hardware, software), the Provider is liable only for the expenditure required for restoration in the case of proper data backup and failure prevention by the User. In the case of slight negligence on the part of the Provider, this liability arises only if, prior to the disruption event, the User has carried out data backup and failure prevention appropriate to the nature of the data and components. This does not apply insofar as this is agreed as a service of the Provider.

11. Data Protection

11.1. To the extent that the Provider can access personal data of the User or from its area, it acts exclusively as a Processor and processes and uses such data only for the execution of the contract. The Provider will observe the User's instructions for the handling of this data. The User bears any adverse consequences of such instructions for the execution of the contract. The User will agree with the Provider on the details for the Provider's handling of the User's data in accordance with data protection requirements.

11.2. The User remains the Controller both generally in the contractual relationship and in the data protection sense. If the User processes personal data in connection with the contract (including collection and use), the User is responsible for being entitled to do so under the applicable, in particular data protection, provisions and indemnifies the Provider in the case of a violation against third-party claims.

11.3. For the relationship between Provider and User, the following applies: Vis-à-vis the data subject, the User bears responsibility for the processing (including collection and use) of personal data, except insofar as the Provider has to be held responsible for any claims of the data subject due to a breach of duty attributable to it. The User will responsibly examine, process, and respond to any inquiries, requests, and claims of the data subject. This also applies in the event of claims against the Provider by the data subject. The Provider will support the User within the scope of its obligations.

11.4. The Provider warrants that the User's data is stored exclusively in the territory of the Federal Republic of Germany, in a member state of the European Union, or in another contracting state of the Agreement on the European Economic Area, unless otherwise agreed.

11.5. In addition to the foregoing agreements, the contracting parties agree that the User must conclude with the Provider the data protection agreements necessary for the handling of personal data.

12. Final Provisions

12.1. German law applies. The application of the UN Convention on Contracts for the International Sale of Goods is excluded.

12.2. The Provider performs its services on the basis of these General Terms and Conditions (hereinafter referred to as the "Provider's GTC"). The User's GTC do not apply, even if the Provider has not expressly objected to them.

Acceptance of the services by the User shall be deemed acknowledgment of the Provider's GTC under waiver of the User's GTC.

Other conditions are binding only if the Provider has acknowledged them in writing; supplementarily, the Provider's GTC then apply.

12.3. Subject to the provisions in clause 12.6, mutually agreed amendments and additions to this contract require text form; in particular, an e-mail or a notification via the Provider's platform shall be sufficient. There are no oral side agreements.

12.4. The place of performance and venue is Rüsselsheim am Main.

12.5. Should individual parts of these General Terms and Conditions be or become invalid, the validity of the remaining provisions shall remain unaffected. In place of invalid or void provisions, the statutory regulation shall apply.

12.6. Notwithstanding clause 12.3, the Provider is entitled to adjust these GTC with effect for the future in the event of substantial changes to the technical, legal, or market-related framework conditions. Planned changes shall be communicated to the User in text form at least 60 calendar days prior to entry into force; the notification shall contain a comprehensible presentation of the substantial changes and the reasons for them. If the User does not object to the changes in text form within 30 calendar days of receipt of the notification, the changes shall be deemed accepted. The Provider will expressly inform the User of this legal consequence in the change notification. In the event of an objection, the User is entitled to terminate the contract extraordinarily as of the effective date of the changes; the Provider may, on its part, ordinarily terminate the contractual relationship as of the same date. For changes that are merely favorable to the User or are purely clarifying without affecting the contractual balance, no notification with a right of objection is required.

⚠️ FINAL REMINDER

This English translation is provided for informational purposes only. The German-language version of these General Terms and Conditions is the sole legally binding version.

In the event of any inconsistency, the German version shall prevail.

The binding German version is available at:
https://punchcommerce.de/de/terms-of-service

Translation of: AGB Version vom 12. Mai 2026 This translation: 12 May 2026

PunchCommerce® ist ein Produkt der Netzdirektion GmbH
Give feedback now - your opinion helps us to become even better!