General Terms and Conditions for the use of fintract

GTC Software-as-a-Service (SaaS) fintract

§ 1. Introduction



The following General Terms and Conditions regulate the relationship between the company fino data services GmbH (hereinafter referred to as “operator” or “fino”) and the account creator (hereinafter referred to as “customer”) of the online service fintract.io (hereinafter also referred to as “fintract” or “fino service”). A customer is any natural or legal person who has legally registered for the above mentioned service and whose order has been accepted by the operator. The offer for the use of the fino service is exclusively directed at entrepreneurs in the sense of § 14 BGB (German Civil Code). Consumers in the sense of § 13 BGB are not eligible to participate. These General Terms and Conditions regulate the relationship between the operator and the customer. The use of the service is governed exclusively by these General Terms and Conditions together with any individual contractual supplementary agreements and the correspondingly agreed prices. Deviating general terms and conditions of the customer shall only become part of the contract if their validity has been expressly agreed in writing. These GTC and the agreed prices shall also apply if the operator provides services without reservation in the knowledge of deviating general terms and conditions of the customer. These GTC only regulate the service relationship between fino and the customer for the offer fintract. In the relationship with employees of the customer, fino acts only as a vicarious agent of the customer.



By registering on fintract.io and the associated service, the customer agrees to the validity of the General Terms and Conditions.



The operator is entitled to make changes to the service description or the general terms and conditions and other conditions. The operator will only make these changes for valid reasons, in particular due to new technical developments, changes in case law or other equivalent reasons. If individual provisions place the customer in a worse position in such a case, the operator grants the customer an extraordinary special right of termination of the contract, which is not bound to any period of notice. If the contractual balance between the parties is considerably disturbed by the amendment, the amendment shall not be made. Amendments to these General Terms and Conditions shall be offered to the customer for acceptance at least two months before they take effect. The customer may either accept or reject the amendments before their proposed effective date. Consent to an amendment to the General Terms and Conditions shall be deemed to have been given if the customer has not given notice of rejection before the proposed date on which the amendment is to take effect. The customer shall be notified in writing or in text form of any changes in performance under this clause at least two months before they take effect. The customer may terminate the service affected by the change in service within one month of notification of the change in service when it comes into effect, in writing or in text form. After further development, the respective current functional scope of the software results from the service description on the Operator’s website at https://fintract.io/en/.

§ 2 Formation of contract



The subject matter of the contract is the provision of the Operator’s software for use via the Internet and the storage of the Customer’s data (data hosting).

The fino service consists of the following service components:

  • fintract is a REST API service that enables fast and easy OCR data extraction from documents in real time. The use of the fino service is enabled by providing an API key.
  • The different document types suitable for the service can be seen in the customer centre. Depending on the document type, the operator reserves the right to limit the number of pages for data extraction. The maximum number of pages available per document type is ten pages. Any deviations from this limit can be agreed upon individually and adjusted by the operator in the customer centre.
  • fintract processes the following data input formats: pdf, tiff, jpeg, png.
  • fintract transmits the data determined from the documents to the customer in JSON format.

For the use of the services offered by the operator, internet access and up-to-date browser software is required.

The customer is responsible for checking the content of the data collected with fintract.



After registering on fintract.io, the customer receives a personal account consisting of an e-mail address and password, which the customer creates himself during registration. These access data may not be passed on. The customer is responsible for their safekeeping. The operator reserves the right to make the use of a second factor for authentication available to the customer as an option. If this option for authentication exists, it is expressly recommended by the Operator for security reasons.

The customer undertakes to provide only truthful information about himself and his company when registering for fintract and to keep his data up to date at all times. Registration under false names and first names, false addresses and fictitious e-mail accounts is not permitted. In the case of obviously fictitious information, the operator reserves the right to delete the account.

The contract for the use of the offered services is concluded when a representative authorised by fino accepts the order placed by the customer. The acceptance is confirmed in writing or implied by the first fulfilment act. The operator is entitled to refuse the conclusion of the contract without giving reasons. Insofar as the operator uses third parties for the fulfilment of the agreed service, these do not become contractual partners of the customer.



The customer undertakes not to misuse the service, in particular not to introduce data into the system that contains a computer virus (infected software) and not to use it in a way that negatively affects the availability of the service for other customers. The customer is responsible for the contents of the documents.

The customer is obliged to report any functional failures, malfunctions or impairments immediately and as precisely as possible.

The customer undertakes to prevent unauthorised access to the software by third parties by taking suitable precautions. This includes significantly keeping “User ID” (e-mail address) and password secret and not making them accessible to third parties. For this purpose, it is recommended to log out of the application when leaving the workplace. The access data must be stored in such a way that it cannot be misused by third parties. Personal passwords must be changed regularly, at least once a year. The customer must also inform his users of this. The customer is responsible for entering and maintaining the data and information required to use the service. This includes, in particular, the creation and maintenance of the chargeable user accounts.

If it is suspected that the confidentiality of the access data has been compromised, the customer is obliged to inform the operator of this immediately so that appropriate measures can be taken (e.g. allocation of new access data or temporary blocking of access).

The customer is obliged to cooperate as a whole insofar as this is necessary for the proper performance of the services. In particular, the customer shall, without being requested to do so, provide all documents necessary for the performance of the services in full and in good time so that they can be processed within a reasonable period of time. The same applies to the provision of information about all processes and circumstances that may be of importance for the performance of the services.

The customer is obliged to comply with the instructions for the installation and use of the software provided and to create the specified system requirements.

If and insofar as the Client provides the Operator with data such as receipts, etc., in particular for the purpose of generating data records, it shall be the sole responsibility of the Client to ensure the correctness of the pre-systems used by it from a tax and other legal point of view as well as the correctness and completeness of the data transmitted to the Operator; this shall apply in particular to the verification of the correctness of the reading in of data by means of OCR technology. The verification of the correctness and completeness of the scanning of data by means of OCR technology of the transmitted data is not included in the contractual relationship, unless otherwise stipulated by individual agreement.

The customer shall be liable for all breaches of duty by third parties who commit breaches of duty in the sphere controllable by the customer, unless the customer proves that it is not responsible for the breaches of duty.



2.4.1 The operator provides the customer with the software solution fintract for the subscription period or the period of use within the framework of “pay per use” in the respective current version via the Internet against payment for non-exclusive, non-transferable, and non-sublicensable use. For this purpose, the operator stores the software on a server that is accessible to the customer via the Internet. Updates are included in the subscription.

2.4.2 The Operator shall continuously monitor the functional capability of the software and shall eliminate all software errors that restrict the use of the software or make it impossible, by the technical possibilities.

2.4.3 The customer shall not be granted any rights to the software, in particular no rights to edit or further exploit it, beyond the transfer regulated in this paragraph.



2.5.1 The Customer undertakes to pay the agreed remuneration to the Operator for the provision of software and data hosting.

2.5.2 The Customer shall pay the agreed fee by bank transfer to the Operator’s bank account after receipt of the invoice.

2.5.3 Invoices are sent to the customer by e-mail to the e-mail address provided during registration. The operator reserves the right to make the invoices available to the customer alternatively in his user account. The customer agrees to receive electronic invoices. The claim to the provision of a paper invoice by § 14 paragraph 1 sentence 5 UStG is excluded.



2.6.1 Every customer can use fintract free of charge for a one-month test phase after registration. The free trial phase can be canceled at any time. After this trial period, the customer does not automatically enter into a paid subscription. If the customer wishes to continue using fintract, he will be requested by the system in his customer account to select and book a fintract service package before the end of the free test phase. If the customer does not comply with this request, he can continue to log in to his customer account, but cannot continue to use the service after the trial phase has expired without booking a package.

2.6.2 The fee to be paid according to § 2.5 for the use of fintract after the test phase is determined according to the selected usage model and the valid price conditions deposited in the customer area at the time of the conclusion of the contract or individual contractual supplementary agreements. The prices stated there do not include the value added tax applicable at the time of maturity.



Various service packages are available to the customer. The booking of another package by way of an upgrade or downgrade is possible at any time. The scope of services of the new packages shall be available to the customer from the first day of the following month after activation of the new package.



2.8.1 Termination of the contract for the use of fintract is possible at any time in the respective account (menu item/Billing). Alternatively, the customer can terminate his contract in writing or in text form. The customer is required to save his data in advance. The account including all data will be deleted no later than 30 days after the last billing.

2.8.2 Both parties are free to terminate the contract without notice for good cause. An important reason for the Operator exists in particular if:

  • insolvency proceedings are opened over the assets of the customer or the opening of insolvency proceedings was rejected due to lack of assets,
  • the customer is in arrears with payment obligations arising from this contractual relationship and has been reminded unsuccessfully by setting a period of grace and threatening to terminate the contract,
  • the customer culpably violates legal provisions or infringes copyrights, industrial property rights or the rights to a name of third parties when using the service which is the subject matter of the contract, or
  • the customer carries out or supports criminal, illegal or ethically questionable actions when using the distributed service.

§ 3 Data protection and data security



The operator adheres to the regulations of the EU’s basic data protection regulation as well as other data protection regulations applicable in the contractual territory of Germany. To be able to fulfill these requirements, the following agreements are additionally concluded for the use of fintract:

A valid data protection declaration together with attachments can be viewed on the website of the operator and is available for download there.

For companies subject to the EU-DSGVO: An order processing agreement (AVV) between fino data services GmbH and the customer can be requested from the operator. The customer is responsible for checking whether an order processing contract is required. If the uploaded documents do not contain any personal data in the sense of the GDPR, no order processing contract has to be concluded.



3.2.1 The Operator undertakes to maintain the strictest secrecy about all confidential processes, in particular, business or trade secrets of the Customer, which come to its knowledge in the course of the preparation, execution, and fulfillment of the contract, and to neither disclose nor exploit them in any other way. This shall not apply insofar as this information either becomes public knowledge or the customer’s interest in maintaining secrecy has discernibly ceased to exist.

3.2.2 The Operator undertakes to obtain knowledge of third-party secrets within the meaning of the preceding paragraph only to the extent that this is necessary for the performance of the contract. When using third parties, the Operator undertakes to oblige them in text form to maintain secrecy and to inform them of the penal consequences of a breach of duty, insofar as they could obtain knowledge of third-party secrets within the meaning of this agreement in the course of their activities.

3.2.3 The following shall apply in addition to the professional groups named in § 203 StGB (German Penal Code): The Operator shall participate as a service provider in the professional activities of Clients who are subject to a professional confidentiality obligation. The operator shall, in full knowledge of the criminal law consequences of a breach of duty under Section 203 of the German Criminal Code (custodial sentence of up to one year or a fine) and the otherwise applicable legal provisions, protect third-party secrets made accessible to it by such clients. In addition to clause, customers who fall under one of the professional groups mentioned in §203 StGB conclude the §203 StGB agreement on professional secrecy with the operator upon conclusion of this contract on the use of fintract, which can be called up at https://fintract.io/anlage-agb-berufsgeheimnis/ The agreement on professional secrecy is valid for all customers. The §203 StGB agreement is part of this contract on the use of fintract.

3.2.4 The duty of confidentiality according to paragraphs 3.2.1 to 3.2.3 does not exist, as far as the operator is obliged to disclose due to an official or judicial decision. Insofar as this is permissible and possible in individual cases, the Operator shall inform the Customer of the obligation to disclose.



To ensure customer protection, all communication with fintract is encrypted using the HTTPS protocol.



The operator is obliged to take appropriate precautions against data loss and to prevent unauthorized access to the customer’s data by third parties.

To secure all data of the Client accruing during use, the Operator creates a backup twice a day. This backup is stored on other servers that have multiple redundant backups. This backup provides a safeguard against system failures. The customer has no right to restore data that he has deleted himself. When and whether the operator restores data is at the operator’s discretion. The customer is obliged to back up his data himself, e.g. by regular exports.

In the event of loss of data, the operator shall only be liable for the effort required to restore the data if the customer has properly backed up the data. In the event of simple negligence on the part of the Operator, this liability shall only apply if the Operator has simultaneously breached a material contractual obligation with the action leading to the loss of data.

The customer may demand the return of all data from the operator, in particular after the termination of the contract, without the operator having a right of retention. The data shall be surrendered by sending it via the data network in a structured, common, and machine-readable format. This provision and release of data and its invoicing shall take place according to the agreement and expenditure. The customer shall not be entitled to also receive the software suitable for the use of the data.

Special provisions apply to the transfer of personal data. These are contained in the data protection declaration and described in the GCU.

§ 4 Warranty/Availability



The operator warrants the functional and operational readiness of the fino service as well as that the customer can use the contractual software without infringing the rights of third parties. The warranty for material defects does not apply to defects that are based on the fact that the contractual software is used in a hardware and software environment that does not meet the requirements or for changes and modifications that the customer has made to the software without being entitled to do so by law, by contract or based on a prior written consent of the operator.



For technical reasons beyond the control of the Operator, the platform may be unavailable. In this case, the Operator guarantees to do everything in its power to restore availability as quickly as possible. The Operator has taken preventive measures under 3.4.

§ 5 Liability



The operator is not liable for damages, in particular loss of data, or damages to software or hardware or financial losses, which result from its performance, unless these are based on grossly negligent or intentional actions of the operator, its vicarious agents, or its legal representatives.

The operator is liable without limitation for damage to health, body, or life as well as claims for damages arising from the Product Liability Act.

Even in the case of slight negligence, the operator is liable for the breach of obligations that are of particular importance for achieving the purpose of the contract (cardinal obligations), in which case liability is limited to the amount of the typically foreseeable damage. This also applies in the case of a simple negligent breach of duty by the legal representatives and vicarious agents of the operator.

Exclusions or limitations of liability do not apply if the operator has expressly given a guarantee to the customer which had the specific purpose of protecting against the occurrence of the asserted damage.

Liability under the Product Liability Act remains unaffected, as does producer liability.

Except in the case of intent and gross negligence as well as in the case of the assumption of a guarantee, the operator is not liable for indirect damages, such as additional expenses, lost profits, or missed savings.



The operator is not liable for the unauthorized acquisition of knowledge of personal customer data by third parties (e.g. through unauthorized access to the database by hackers). The operator cannot be held liable for the misuse by third parties of data and information that the customer himself has made accessible.



The customer alone is responsible for the contents of his stored files. It is his responsibility to ensure that no files are stored that violates applicable law. The operator declines any responsibility for the customer’s stored files.



In the event of an infringement of third-party rights by a contracting party, the latter shall indemnify the respective other contracting party against all resulting claims and claims for damages as well as against the costs of legal defense in an appropriate amount against proof, provided that the claim is attributable to a fault of the respective contracting party. The indemnification shall be subject to the proviso that the contracting party against which a claim is made shall only settle or acknowledge the claims asserted by the third party with the prior written consent of the respective contracting party.



The operator is entitled to immediately block the account if there is reasonable suspicion that the stored data is illegal and/or infringes the rights of third parties. A reasonable suspicion of illegality and/or infringement of rights exists in particular if courts, authorities, and/or other third parties inform the operator of this. The operator shall immediately notify the customer of the removal and the reason for it. The block shall be lifted as soon as the suspicion is invalidated.



5.6.1 The Operator is not liable for the fiscal and legal correctness of the data created or sent by the Client. Furthermore, the Operator does not provide any tax or legal advice within the meaning of the German Tax Consultancy Act (StBerG) or the German Legal Services Act (RDG).

5.6.2 The Operator stores the results produced and regularly create data backups. During this period, the Client can pull the data – depending on the agreed scope of services – via the API or receives it pushed.

5.6.3 The Operator shall take all reasonable economically justifiable measures to ensure the data security of the stored data. However, the Operator shall not be liable for the permanent storage of the documents beyond the end of the contractual relationship. The fulfillment of any existing retention periods under tax law is not included in the functional scope of fintract described in the service description.

§ 6 Legitimization

To use the automated document retrieval service, the customer must appoint the operator as his authorized representative and transfer to the operator the authority to automatically retrieve the information on his behalf from the external source, if necessary using the access data provided.

§ 7 Responsibility

The use of fintract is solely the responsibility of the customer. In particular, the operator does not assume any responsibility for possible violations by the customer of agreements between the customer and third parties, which prohibit the use of the automated document exchange or the transmission of data of the customer’s contractual partners to third parties.

§ 8 Support and customer service

The operator will answer inquiries (via ticket system or e-mail) of the customer regarding the use of the contractual software as soon as possible after receipt.

§ 9 Notifications