update terms+finance doc

Legal/Terms_en.md

@@ -4,20 +4,19 @@
 
 For the purposes of these TERMS:
 
-* AFFILIATED/AFFILIATES means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
-* COUNTRY refers to Germany
 * COMPANY (referred to as either "the Company", "We", "Us" or "Our" in this AGREEMENT) refers to jingga, Gartenstr. 26, 61206 Woellstadt.
+* SERVICE(S) refers to all deliveries, performances, offers including but not limited to the WEBSITE, APPLICATIONS, consulting and functionality offered by the Company
+* TERMS, POLICIES or AGREEMENT mean these terms that form the entire agreement between You and the Company.
 * DEVICE means any device that can access the SERVICE such as a computer, a cellphone or a digital tablet.
-* SERVICE(S) refers to the WEBSITE, APPLICATIONS, consulting and functionality offered by the Company
-* TERMS, POLICIES or AGREEMENT mean these terms that form the entire agreement between You and the COMPANY regarding the use of the SERVICE.
-* Third-party Social Media Service means any services or content (including data, information, products or services) provided by a third-party that may be displayed, included or made available by the SERVICES.
+* Third-party Social Media Service means any services or content (including data, information, products or services) provided by a third-party that may be displayed, included or made available by the SERVICES and APPLICATIONS.
 * WEBSITE refers to jingga.app
-* APPLICATION refers to all downloadable or installable content which can therfore be used on a given DEVICE.
+* APPLICATION refers to all downloadable, online applications or installable content.
 * You means the individual accessing or using the SERVICES, or the company, or other legal entity on behalf of which such individual is accessing or using the SERVICE, as applicable.
+* PARTIES referes to You and the Company
 
 ## Acknowledgement
 
-These are the TERMS governing the use of the SERVICES and the agreement that operates between You and the Company. These TERMS set out the rights and obligations of all users regarding the use of the SERVICES.
+These are the TERMS governing the use of the SERVICES and the agreement that operates between You and the Company. These TERMS set out the rights and obligations of all PARTIES.
 
 Your access to and use of the SERVICES  is conditioned on Your acceptance of and compliance with these TERMS. These TERMS apply to all visitors, users and others who access or use the SERVICES.
 
@@ -25,9 +24,19 @@ By accessing or using the SERVICES You agree to be bound by these TERMS. If You
 
 Your access to and use of the SERVICES is also conditioned on Your acceptance of and compliance with the Privacy Policy of the Company. Our Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your personal information when You use the SERVICES and tells You about Your privacy rights and how the law protects You. Please read Our Privacy Policy carefully before using Our SERVICES.
 
+These TERMS shall also apply to all future business relations, unless otherwise specified.
+
+## Offers and contracts
+
+All offers of the Company are subject to change and non-binding. Offers of the Company are valid for 30 days unless otherwise specified. The Company reserves the right to conduct a credit check and further security inquiries of You.
+
+Drawings, illustrations, dimensions, weight or other performance data are only binding if they have been expressly agreed in writing.
+
+Details from brochures, price lists or the offer are not legally binding unless they have expressly become part of the contract. Verbal probmisis and ancillary agreements that go beyond the written contract are not permitted.
+
 ## Copyright
 
-Unless otherwise noted, all materials including without limitation, logos, brand names, images, designs, photographs, videos, audio, source code and written and other materials that appear as part of our SERVICES and WEBSITE are copyrights, trademarks, service marks, trade dress and/or other intellectual property whether registered or unregistered ("Intellectual Property") owned, controlled or licensed by jingga. Our WEBSITE as a whole is protected by copyright and trade dress. Nothing on our WEBSITE should be construed as granting, by implication, estoppel or otherwise, any license or right to use any Intellectual Property displayed or used on our WEBSITE, without the prior written permission of the Intellectual Property owner. jingga aggressively enforces its intellectual property rights to the fullest extent of the law. The names and logos of jingga, may not be used in any way, including in advertising or publicity pertaining to distribution of materials on our WEBSITE, without prior, written permission from jingga. jingga prohibits use of any logo of jingga or any of its affiliates as part of a link to or from any WEBSITE unless jingga approves such link in advance and in writing. Fair use of jingga Intellectual Property requires proper acknowledgment. Other product and company names mentioned in our SERVICES and WEBSITE may be the Intellectual Property of their respective owners.
+Unless otherwise noted, all materials including without limitation, logos, brand names, images, designs, photographs, videos, audio, source code and written and other materials that appear as part of our SERVICES and WEBSITE are copyrights, trademarks, service marks, trade dress and/or other intellectual property whether registered or unregistered ("Intellectual Property") owned, controlled or licensed by jingga. Our WEBSITE as a whole is protected by copyright and trade dress. Nothing on our WEBSITE should be construed as granting, by implication, estoppel or otherwise, any license or right to use any Intellectual Property displayed or used on our WEBSITE, without the prior written permission of the Intellectual Property owner. jingga aggressively enforces its intellectual property rights to the fullest extent of the law. The names and logos of jingga, may not be used in any way, including in advertising or publicity pertaining to distribution of materials on our WEBSITE, without prior, written permission from jingga. jingga prohibits use of any logo of jingga or any of its affiliates as part of a link to or from any website unless jingga approves such link in advance and in writing. Fair use of jingga Intellectual Property requires proper acknowledgment. Other product and company names mentioned in our SERVICES and WEBSITE may be the Intellectual Property of their respective owners.
 
 ## Links
 
@@ -35,15 +44,21 @@ Our SERVICES and WEBSITE may contain links to third-party web sites or services
 
 The Company has no control over, and assumes no responsibility for, the content third-party web sites or services that You visit.
 
+## Reliability
+
+The Company makes commercially reasonable efforts to ensure that their respective SERVICES and APPLICATIONs have a high reliability. However, technical failures, acts of God and routine maintenance may render our SERVICES and APPLICATIONs unavailable at times, and/or may result in the loss of information. We shall not be liable to You or anyone else for any loss of information or for the non-availability of any SERVICES and APPLICATIONs.
+
 ## Termination
 
 We may terminate or suspend Your access immediately, without prior notice or liability, for any reason whatsoever, including without limitation if You breach these TERMS.
 
-Upon termination, Your right to use the SERVICES will cease immediately unless the SERVICES represents a "offline" SERVICE, a SERVICE or APPLICATION which doesn't require any online connection, other SERVICES which We terminated, or third-party services. We have no control over third-party resources and services which may be necessary for some of Our SERVICES. Changes by these third-parties may lead to the termination of the SERVICES or reducing their functionality. You understand these dependencies and SERVICE  limitations and accept that the termination or reduced functionality cannot be used as reason for dispute, revocation or similarly.
+SERVICES free of charge may be terminated at any time if the Company decides to do so. Paid SERVICES may be terminated after a 30 days notice period before the end of the respective SERVICE contract by either PARTY.
+
+Upon termination, Your right to use the SERVICES will cease immediately unless the SERVICES represents a "offline" SERVICE, a SERVICE or APPLICATION which doesn't require any online connection. We have no control over third-party resources and services which may be necessary for some of Our SERVICES. Changes by these third-parties may lead to the termination of the SERVICES or reducing their functionality. You understand these dependencies and SERVICE  limitations and accept that the termination or reduced functionality cannot be used as reason for dispute, revocation or similarly.
 
 ## Limitation of Liability
 
-Notwithstanding any damages that You might incur, the entire liability of the Company and any of its suppliers under any provision of this TERMS and Your exclusive remedy for all of the foregoing shall be limited to the amount actually paid by through and for the SERVICES.
+Notwithstanding any damages that You might incur, the entire liability of the Company and any of its suppliers under any provision of this TERMS and Your exclusive remedy for all of the foregoing shall be limited to the amount actually paid by through and for the SERVICES to the Company.
 
 To the maximum extent permitted by applicable law, in no event shall the Company or its suppliers be liable for any special, incidental, indirect, or consequential damages whatsoever (including, but not limited to, damages for loss of profits, loss of data or other information, for business interruption, for personal injury, loss of privacy arising out of or in any way related to the use of or inability to use the SERVICES, third-party software and/or third-party hardware used with the SERVICES, or otherwise in connection with any provision of this TERMS), even if the Company or any supplier has been advised of the possibility of such damages and even if the remedy fails of its essential purpose.
 
@@ -51,7 +66,7 @@ Some states or countries do not allow the exclusion of implied warranties or lim
 
 ## Disclaimer
 
-The SERVICES are provided to You "AS IS" and "AS AVAILABLE" and with all faults and defects without warranty of any kind. To the maximum extent permitted under applicable law, the Company, on its own behalf and on behalf of its AFFILIATES and its and their respective licensors and service providers, expressly disclaims all warranties, whether express, implied, statutory or otherwise, with respect to the SERVICES, including all implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, and warranties that may arise out of course of dealing, course of performance, usage or trade practice. Without limitation to the foregoing, the Company provides no warranty or undertaking, and makes no representation of any kind that the SERVICES will meet Your requirements, achieve any intended results, be compatible or work with any other software, applications, systems or services, operate without interruption, meet any performance or reliability standards or be error free or that any errors or defects can or will be corrected.
+The SERVICES are provided to You "AS IS" and "AS AVAILABLE" and with all faults and defects without warranty of any kind. To the maximum extent permitted under applicable law, the Company, on its own behalf and their respective licensors and service providers, expressly disclaims all warranties, whether express, implied, statutory or otherwise, with respect to the SERVICES, including all implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, and warranties that may arise out of course of dealing, course of performance, usage or trade practice. Without limitation to the foregoing, the Company provides no warranty or undertaking, and makes no representation of any kind that the SERVICES will meet Your requirements, achieve any intended results, be compatible or work with any other software, applications, systems or services, operate without interruption, meet any performance or reliability standards or be error free or that any errors or defects can or will be corrected.
 
 Without limiting the foregoing, neither the Company nor any of the company's provider makes any representation or warranty of any kind, express or implied: (i) as to the operation or availability of the SERVICES, or the information, content, and materials or products included thereon; (ii) that the SERVICES will be uninterrupted or error-free; (iii) as to the accuracy, reliability, or currency of any information or content provided through the SERVICES; or (iv) that the SERVICES, its servers, the content, or e-mails sent from or on behalf of the Company are free of viruses, scripts, trojan horses, worms, malware, timebombs or other harmful components.
 
@@ -59,9 +74,11 @@ Some jurisdictions do not allow the exclusion of certain types of warranties or
 
 ## Governing Law
 
-The laws of the COUNTRY, excluding its conflicts of law rules, shall govern these TERMS and Your use of the SERVICES. Your use of the SERVICES may also be subject to other local, state, national, or international laws.
+These TERMS and the entire legal relationship between the Company and You shall be governed by the laws of the Federal Republic of Germany, including the International Sales Convention (CISG).
 
-The ineffectiveness of one or more provisions of this agreement does not affect the validity of the others. Each party to these TERMS can in this case demand that a new valid provision be agreed which best achieves the economic purpose of the ineffective provision.
+Insofar as You are a merchant within the meaning of the German Commercial Code, a legal entity under public law or a special fund under public law, the Companys registered office shall be the exclusive place of jurisdiction for all disputes arising directly or indirectly from the contractual relationship. The Company shall also be free to sue You at Your place of business.
+
+Should any provision of these TERMS be or become invalid, ineffective or unenforceable in whole or in part, the validity, effectiveness and enforceability of the remaining provisions shall not be affected thereby. In lieu of the void, invalid, unenforceable or unenforceable provision of these TERMS, the parties shall endeavor to agree by negotiation upon a provision that is reasonable in terms of place, time, measure and statute and case law and that, to the extent legally possible, comes as close as possible to what was intended by the parties in terms of the meaning and purpose of the invalid provision. The foregoing shall apply mutatis mutandis to any gaps in these TERMS.
 
 ## Dispute Resolution
 
@@ -79,6 +96,8 @@ The delivery of any SERVICES unless specified differently takes place within 30
 
 The payment terms are always prepayment unless otherwise agreed upon. Payments must be done via credit card.
 
+If You are in default of payment, the Company reserves the right to charge interest at the maximum statutory rate above the respective prime rate of the Deutsche Bundesbank as liquidated damages from the date concerned.
+
 ## Reservation of ownership
 
 Until the complete payment the ownership of the SERVICES belongs to Us. Ownership of SERVICES only include user licenses and in no way ownership for the assets, intellectual property and especially the source code of the SERVICES. You have no right to create copies of Our SERVICES or re-distribute our SERVICES under any circumstance.
@@ -93,10 +112,6 @@ We reserve the right, at Our sole discretion, to modify or replace these TERMS a
 
 By continuing to access or use Our SERVICE after those revisions become effective, You agree to be bound by the revised terms. If You do not agree to the new terms, in whole or in part, please stop using the SERVICES.
 
-## Contact
+All agreements made between the Company and You for the purpose of executing any SERVICES shall be in writing.
 
-For questions regarding these TERMS, privacy policies, or practices of any third party websites or services please feel free to contact us at info@jingga.app. You further acknowledge and agree that the Company shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any such content, goods or services available on or through any such websites or services.
-
-We strongly advise You to read the terms and conditions and privacy policies of any third-party web sites or services that You visit.
-
-Version 2022-11-19
+Version 2023-09-05

Policies & Guidelines/IT/Backup & Data Recovery.md

@@ -38,7 +38,7 @@ This type of backup is done incrementally, meaning only changes are stored.
 
 ### Manual backup
 
-Once a quarter a full data backup (clone) is created and stored on an external hard drive. The purpose of these backups are to provide long term backups which are not replaced/overwritten. Additionally, these backups provide some fall back solution for sleeper malware or malware which encrypts backup files. Only 4 quarters at a maximum are allowed to be stored on the same hard drive. The backup is stored in a separate building than the main backup or in a bank vault. 
+Once a quarter a full data backup (clone) is created and stored on an external storage device. The purpose of these backups are to provide long term backups which are not replaced/overwritten. Additionally, these backups provide some fall back solution for sleeper malware or malware which encrypts backup files. Only 4 quarters at a maximum are allowed to be stored on the same hard drive. The backup is stored in a separate building than the main backup or in a bank vault. 
 
 ## Data storage
 

Policies & Guidelines/IT/IT Security.md

@@ -10,7 +10,7 @@ These security guidelines and policies should reduce the risk of a unauthorized
 
 #### Format
 
-Passwords protect confidential company data, as well as customer and supplier data. The length and the combination of different character types (i.e. lower case letters, upper case letters, numerics and special characters) can have a significant impact on the strength of a password. For this reason the IT department should configure the password settings if possible in such a way that the following format must be used:
+Passwords protect confidential company data, as well as customer and supplier data. The length and the combination of different character types (i.e. lower case letters, upper case letters, numeric and special characters) can have a significant impact on the strength of a password. For this reason the IT department should configure the password settings if possible in such a way that the following format must be used:
 
 * At least 8 character length
 * At least one upper case letter
@@ -22,12 +22,6 @@ Passwords protect confidential company data, as well as customer and supplier da
 
 Additionally, if it is possible to define a password change interval it should be set to once a year. This way passwords don't become stale and in case of a password leak get rotated out. Shorter password change intervals could lead to friction for the employees resulting in a security fatigue. 
 
-#### Additional protection
-
-For direct server access ssh keys must be used instead of passwords. In addition, these ssh keys should be password protected according to the above mentioned format specifications. If possible second factor authentication should be enabled for direct server access. This second factor authentication should be bound to the owner of the ssh key (i.e. SMS authentication, app authentication, ...)
-
-Sometimes it becomes necessary for third party partners to access the servers (i.e. maintenance or support), in such a case second factor authentication is mandatory. The second factor authentication for third parties must be configured in such a way that only the head of IT can approve the access.
-
 ### Access Restrictions
 
 Every user must have their own user-ID and authentication. The user can be assigned to multiple groups. Permissions can be granted for groups and individual users. 
@@ -38,6 +32,12 @@ In general only whitelist user access permissions instead of blacklisting them.
 
 The servers are located in a locked server room. Only the IT department has access to this room. Additionally, the server room has a camera recording the access.
 
+#### Remote Server access
+
+For remote server access ssh keys must be used instead of passwords. In addition, these ssh keys should be password protected according to the above mentioned format specifications. If possible second factor authentication should be enabled for direct server access. This second factor authentication should be bound to the owner of the ssh key (i.e. SMS authentication, app authentication, ...)
+
+Sometimes it becomes necessary for third party partners to access the servers (i.e. maintenance or support), in such a case second factor authentication is mandatory. The second factor authentication for third parties must be configured in such a way that only the head of IT can approve the access.
+
 ### Permissions
 
 Permissions should always be defined as low as possible and only get expanded if required. The IT department can decide to reject a permission change if they consider the request inappropriate.
@@ -66,6 +66,15 @@ Security software which must be used on the main server are:
 * Firewall (not defined)
 * Intrusion detection system (not defined)
 
+### Server logs
+
+All bash commands from users on the server must be logged and backed up during the backup process.
+
+```bash
+# .bash_profile
+export PROMPT_COMMAND='if [ "$(id -u)" -ne 0 ]; then echo "$(date "+%Y-%m-%d.%H:%M:%S") $(pwd) $(history 1)" >> /var/www/html/backup/bash/$(date "+%Y-%m-%d").log; fi'
+```
+
 ## Responsible
 
 The responsibility for the IT security lies with the head of IT. Other IT employees may only take over these tasks if the head of IT considers these employees sufficiently trained in this area.