Terms of Use

1. Definitions

For clarity, the following definitions apply:

• “Issuer”: User/organization that creates, manages, or issues certificates/records.
• “Team/Roles”: Role and permission model within an organization (e.g., owner/admin/member) for managing data, certificates, imports and integrations.
• “Holder”: Recipient/subject of a certificate (e.g., customer, product, part, batch).
• “Verifier”: Person/organization verifying a certificate (e.g., via link or QR code).
• “Certificate/Record”: A digital dataset with metadata and possibly attachments managed and verified through the Service.
• “Credits/Quota”: A planned usage quota for issuing certificates/records (e.g., 1 issuance = 1 credit), where provided by the applicable plan.
• “Security levels (S1–S4)”: Technical protection levels for the external verification path (link/QR), e.g., against copying/misuse, without requiring process redesign.
• “Verification”: A technical consistency/integrity check; not a legal or content assessment.
• “Audit log/Audit trail”: Technical logging of relevant actions/events (e.g., creation, upload, status changes, integrations) for traceability—depending on plan/setup.

2. Service description

Certifylize is a technical platform for creating, managing, and verifying digital records and certificates. The Service may provide traceability and integrity mechanisms such as cryptographic checksums (hashes), technical references (e.g., PDF fingerprints), and verification links/QR codes. Depending on plan/setup, the Service may also include audit logs, role/approval mechanisms, bulk/series workflows (including education use cases), and integrations (API/webhooks). Technical anchoring or verification does not replace legal, tax, or regulatory assessments.

3. Registration, accounts & credentials

Some areas are accessible only after registration. Users must provide accurate information and keep credentials confidential. Actions performed via an account are generally attributed to the account holder unless proven unauthorized. Users must notify us promptly of suspected misuse or security incidents. For organization-based accounts, the applicable roles/permissions apply; the account holder/organization is responsible for internal access management.

4. Acceptable use

You may use the Service only in compliance with applicable law and these Terms. In particular, you must not:

• store, transmit, or make available unlawful content,
• infringe third-party rights (e.g., IP, trade secrets, data protection),
• bypass security mechanisms or access systems/data without authorization,
• overload the Service (e.g., automated attacks, DoS, excessive scraping),
• introduce malware or exploit vulnerabilities,
• expose API keys or credentials to third parties in an insecure manner,
• misuse or manipulate verification pages/links (including QR) or intentionally mislead third parties.

In case of violations, we may temporarily or permanently suspend access, apply rate limits, rotate tokens/keys, or take further measures as necessary to prevent abuse, ensure security, or enforce rights.

5. User content & responsibility

Users/issuers are responsible for all content they upload or process in the Service (e.g., product data, documents, metadata, validity statements). Users warrant they have the necessary rights and do not violate third-party rights. The Service provides technical infrastructure; content review, approvals, or certification are not performed by Certifylize unless explicitly agreed. Issuers remain responsible for what they publish or make accessible to third parties via verification paths.

6. Verification, integrity & blockchain references

The Service may provide technical verification mechanisms. In particular:

• Verification checks technical consistency/integrity (e.g., hash/reference comparison, PDF fingerprint) and does not replace expert, legal, or regulatory review.
• Issuers decide which content/metadata is included. Verifiers should request additional evidence where necessary.
• Security levels (S1–S4) relate to protecting the verification path (link/QR) and may reduce misuse; they do not validate content.
• Blockchain references (e.g., hash anchors) may be used to make subsequent changes detectable. Files (e.g., PDFs) are typically not stored on-chain.

Suitability for regulatory purposes depends on context, process design, and underlying data.

7. API usage, API keys, webhooks & automation

Where API and/or webhook functionality is offered, users may automate certificate creation/updates or receive events into their own systems. In particular:

• API keys/secrets must be kept confidential and must not be stored in public repositories.
• Users are responsible for actions triggered with their API keys/secrets unless proven unauthorized.
• Rate limits, abuse detection, signatures and technical restrictions may be applied to protect the Service.
• We may evolve endpoints, event schemas, and fields; material changes will be communicated where practical.

Please send only data necessary for the purpose and avoid unnecessary personal data.

8. Availability, maintenance & changes

We aim for high availability, but uninterrupted availability cannot be guaranteed, especially due to:

• maintenance and security updates,
• technical issues or required adjustments,
• events outside our control (e.g., network/third-party outages, blockchain/explorer availability).

9. Intellectual property

Content, trademarks, logos, designs, text, graphics, and software components are protected by IP laws. Any use beyond intended use requires our consent. Users retain rights to their own content but grant the rights necessary to operate the Service (e.g., storage, processing, and display within platform features).

10. Third parties, external links & integrations

The Service may include links or integrations with third parties (e.g., hosting, email, payment providers, blockchain infrastructure). Third-party providers are responsible for their content and services. External links are provided for convenience; we have no control over linked content.

11. Liability

We are liable without limitation for intent and gross negligence and for injury to life, body, or health. For simple negligence, we are liable only for breaches of essential contractual obligations and limited to foreseeable typical damage.

• We do not assume responsibility for user-provided content.
• Verification outputs are technical indicators based on provided data/references (e.g., hash/fingerprint/status) and are not a guarantee of content accuracy or legal compliance.
• Users should maintain their own backups/exports where necessary.
• Where external systems are involved (e.g., email delivery, third-party storage, blockchain infrastructure), their availability may affect certain components.

Mandatory statutory liability remains unaffected.

12. Termination, suspension & account closure

Unless additional contractual terms apply, users may stop using the Service at any time. Additionally:

• We may suspend or terminate accounts for serious or repeated violations where necessary.
• Legal retention obligations may prevent immediate deletion; see the Privacy Policy.
• Depending on setup, security level, and purpose, verification links may remain usable if technical references exist and this is not legally prohibited.
• If credits/quotas are used, they may be time-limited or expire depending on the applicable plan/contract documents.

13. Changes to these Terms

We may update these Terms when required for legal, technical, or operational reasons (e.g., service evolution, security requirements). For material changes, we will inform users where practical.

14. Governing law

German law applies, excluding the UN Convention on Contracts for the International Sale of Goods (CISG). Mandatory consumer protection rules of your habitual residence remain unaffected.

15. Contact

Questions about these Terms can be sent to support@certifylize.com. support@certifylize.com.

16. Severability

If any provision is invalid or unenforceable, the remaining provisions remain in effect.