Legal Information for
working with us Legal Information for
working with us

By using VetZ’s cloud applications, VetZ processes personal data on your behalf. To this end, you hereby commission VetZ to process data in accordance with the following terms and conditions, as defined in Article 28 of Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR). The provisions set forth in this Section 14 therefore apply directly to activities in which VetZ employees or subprocessors commissioned by VetZ process the client’s personal data. Where terms from the GDPR are used, the definitions set forth in Article 4 of the GDPR shall apply. The term of this agreement corresponds to the term of the main contracts entered into.

VetZ will have access to your personal data. Unrestricted access by VetZ is necessary to perform the agreed-upon work and/or services. Accordingly, VetZ has the ability to view this data. Depending on the main contracts entered into, this applies to the following types and categories of data: name, address, phone number, fax number, email address, date of birth, profile picture, vetsXL-ID, petsXL ID, position, function, laboratory, imaging, and health data of animals, examination certificates for animals, communication data, veterinary referral data, pet health insurance data, appointment data, order and contract data, animal registration data, bank details, creditworthiness data (not viewable), as well as billing and payment data.

Within the scope of certain functions of the cloud-based applications vetOS and petsXL, supporting processes based on Artificial Intelligence (AI) may be used. These AI processes serve exclusively for the analysis, transcription, classification, structuring, summarization, and generation of suggestions to support veterinary, animal health, or administrative processes. They do not replace human decision-making. The processing of personal data in these AI processes takes place exclusively within system environments controlled or commissioned by VetZ and is subject to the same technical and organizational measures in accordance with Article 32 of the GDPR.

VetZ may engage specialized AI subprocessors for this purpose. The current subprocessors are listed in the current subprocessor list. Temporary AI intermediate data is stored exclusively for the technical execution of the respective function, as well as for short-term post-processing or correction initiated by the client within a period of no more than 48 hours, and is subsequently automatically deleted, provided that no legal obligations preclude this. Use for training or development purposes takes place only in anonymized or aggregated form.

The processing of personal data affects your employees and customers, as well as veterinary practices, companies, and organizations with which you collaborate.

You are the controller within the meaning of Article 4(7) of the GDPR for the processing of data on your behalf by VetZ. Pursuant to Article 14(2) of this Agreement, VetZ has the right to notify you of any data processing that it deems legally impermissible.

As the controller, you are responsible for safeguarding the rights of data subjects. VetZ will inform you immediately if data subjects assert their rights against VetZ.

You have the opportunity to inform yourself, to a reasonable extent, prior to the commencement of data processing and thereafter on a regular basis in accordance with these provisions, regarding compliance with the technical and organizational measures for data security implemented by VetZ, provided that you have a reasonable basis to believe that VetZ will not fulfill or is not fulfilling its obligations to a reasonable extent. You must provide justification for any concerns. You may document the outcome in an appropriate manner.

You have the right to issue supplementary instructions to VetZ at any time regarding the nature, scope, and procedures of data processing. Instructions may be provided in writing or via email. You must immediately confirm any verbal instructions—provided such instructions are permissible under this contract—in writing (e.g., via email) to VetZ.

You may designate persons authorized to issue instructions. You shall notify VetZ of these persons prior to the commencement of processing. In the event that the persons authorized to issue instructions change, you shall notify VetZ in writing or in text form.

You shall inform VetZ immediately if you discover any errors or irregularities in connection with the processing of personal data by VetZ.

VetZ processes personal data exclusively within the scope of the agreements entered into and/or in compliance with any supplementary and documented instructions you may have provided, unless VetZ is required to do so by the law to which VetZ is subject. In such a case, VetZ will notify you of these legal requirements prior to processing, unless the applicable law prohibits such notification due to an important public interest. The purpose, nature, and scope of data processing are governed exclusively by this Agreement and the concluded license, support, and usage agreements and/or your instructions.

When using AI systems, VetZ undertakes to use only such technologies and subprocessors that are contractually obligated to comply with the GDPR as well as the security and data protection standards specified by VetZ. VetZ ensures that the personal data processed within the scope of AI processes is used exclusively for the purposes authorized by the client. The current AI subprocessors are listed in the current subprocessor list. Automated decision-making with legal effects pursuant to Article 22 of the GDPR does not take place.

VetZ undertakes to carry out data processing on your behalf exclusively within the European Union (EU), unless you have expressly consented to data transfers to other third countries. No processing takes place outside the European Union. This expressly applies to the cloud-based provision of vetOS as well, which takes place exclusively in certified European data centers (in accordance with ISO 27001 or equivalent standards).

VetZ is obligated to structure its business and operational processes in such a way that the data processed by VetZ on your behalf is secured to the extent necessary and protected against unauthorized access by third parties.

VetZ will inform you immediately if, in its opinion, an instruction you have issued violates legal regulations. VetZ is entitled to suspend the execution of the instruction in question until it is confirmed or amended by you.

VetZ will inform you immediately if a supervisory authority takes action against VetZ pursuant to Article 58 of the GDPR and this may also concern an audit of the processing that VetZ performs on your behalf.

VetZ will notify you of any personal data breach without delay. Where available, the notification shall include a description of the nature of the breach and any potential adverse consequences of the unlawful access, as well as the measures taken by VetZ to mitigate the breach or prevent it in the future. VetZ is aware that you may be subject to a reporting obligation under Articles 33 and 34 of the GDPR, which requires notification to the supervisory authority or the data subjects. VetZ will assist you with any such reporting obligations.

VetZ will designate the persons authorized to receive instructions.

If a form of processing is likely to result in a high risk to the rights and freedoms of natural persons, you must conduct an assessment of the impact of the intended processing operations on the protection of personal data. VetZ shall assist you in complying with the obligations set forth in Articles 35 and 36 of the GDPR, taking into account the nature of the processing and the information available to it.

Data carriers and data records provided remain your property.

Upon completion of the contractually agreed services or earlier upon your request, but no later than upon termination of the service agreement, VetZ shall hand over to you all documents, processing and usage results generated, and data sets (as well as any copies or reproductions thereof) related to the contractual relationship to you or, with your prior consent, to destroy them in accordance with data protection regulations, unless there is a legal obligation under the law to which VetZ is subject to store the personal data.

VetZ may retain documentation serving as evidence of proper and compliant data processing in accordance with the respective retention periods until their expiration, even beyond the end of the contract. Alternatively, VetZ may hand them over to you upon contract termination for the purpose of exonerating itself.

You have the right to audit VetZ’s compliance with data protection laws and/or the contractual provisions agreed between you and VetZ and/or VetZ’s compliance with your instructions at any time to the extent necessary, whereby an audit is required if you have reasonable grounds to believe that VetZ is not fulfilling its obligations to an adequate extent. VetZ is obligated to provide you with information to the extent necessary to carry out the inspection as described in the preceding sentence.

You may request access to the data processed by VetZ on your behalf, as well as to the data processing systems and programs used, to the extent necessary for the performance of the monitoring as defined in the preceding paragraph.

In the event of measures taken by the supervisory authority against you within the meaning of Article 58 of the GDPR, particularly with regard to obligations to provide information and allow inspections, VetZ shall, to the extent available, provide the necessary information to you and the relevant supervisory authority; furthermore, an on-site inspection must be permitted. To the extent permitted by law, you must be informed of any such planned measures by VetZ. The statutory duties of confidentiality and rights to refuse to testify remain unaffected.

VetZ is permitted to engage other veterinary practices, companies, and organizations (subprocessors). VetZ will disclose all subcontracting relationships already in place at the time the contract is concluded. VetZ will expressly notify you at least 20 days in advance, in writing or electronically, of any intended changes to this list involving the addition or replacement of subcontractors, thereby affording you sufficient time to raise objections to these changes before the relevant subcontractor(s) is/are engaged. VetZ will provide you with the necessary information so that you can exercise your right to object.

VetZ must carefully select the subprocessor and verify, prior to engaging them, that the subprocessor is capable of complying with the agreements made between you and VetZ. In particular, VetZ must verify in advance and regularly throughout the term of the contract that the subprocessor has implemented the technical and organizational measures required under Article 32 of the GDPR to protect personal data. VetZ must document the results of this verification and provide them to you upon request.

VetZ must ensure that the provisions agreed upon in this contract and, where applicable, any supplementary instructions from you also apply to the subprocessors.

VetZ must enter into a data processing agreement with the subprocessor that complies with the requirements of Article 28 of the GDPR and the present agreements on data processing. A copy of the data processing agreement must be provided to you upon request.

In particular, VetZ is obligated to ensure through contractual provisions that your control powers and those of supervisory authorities also apply to the subprocessor and that corresponding control rights are agreed upon by you and the supervisory authorities. It must also be contractually stipulated that the subprocessor must tolerate these control measures and any on-site inspections.

Services that VetZ obtains from third parties as purely ancillary services in order to carry out its business activities shall not be considered subcontracting relationships within the meaning of these paragraphs 14.4.1 through 14.4.5. These include, for example, cleaning services, pure telecommunications services without a specific connection to services that VetZ provides for you, postal and courier services, transportation services, and security services. VetZ is nevertheless obligated to ensure, even in the case of ancillary services provided by third parties, that appropriate safeguards and technical and organizational measures have been taken to ensure the protection of personal data. The maintenance and support of IT systems constitute a subcontracting relationship requiring consent and data processing within the meaning of Article 28 of the GDPR if such maintenance and support concern IT systems that are also used in connection with the provision of services to you.

If VetZ engages specialized subprocessors to provide AI-supported functions, these are contractually bound as processors within the meaning of Article 28 of the GDPR. VetZ ensures that the obligations regarding data security, transparency, purpose limitation, and erasure also apply without restriction to these systems.

Such subprocessors may, in particular, perform AI-based analysis, transcription, classification, structuring, summarization, or documentation processes for vetOS or petsXL on our behalf. Depending on the module used, the processing includes, in particular, audio, text, image, video, and historical treatment data, as well as personal data, provided that such data is mentioned in records, findings, or documentation or can be derived from animal-specific identification characteristics. The current AI subprocessors are listed in the current subprocessor list. VetZ ensures that this sub-processing takes place exclusively in European data centers or in countries with an adequacy decision, and that temporary AI intermediate data is stored exclusively for the technical execution of the respective function as well as for short-term post-processing or correction initiated by the client within a period of no more than 48 hours and is subsequently automatically deleted, provided that no legal obligations preclude this.

VetZ is obligated to maintain confidentiality regarding data it receives or becomes aware of in connection with the order when processing data. VetZ undertakes to observe the same confidentiality rules as those applicable to you. You are therefore obligated to inform VetZ of any special confidentiality rules.

VetZ warrants that it will familiarize its employees with the applicable data protection provisions and bind them to confidentiality. Furthermore, VetZ will require all employees providing services in connection with the order to commit in writing to treat all your data, in particular the personal data processed on your behalf, as confidential. This obligation on the part of the employees must be demonstrated to you upon request.

You are responsible for safeguarding the rights of data subjects.

To the extent that VetZ’s cooperation is required to protect data subjects’ rights—in particular the rights to access, rectification, restriction, or erasure—VetZ will take the necessary measures in accordance with your instructions.

VetZ undertakes to comply with the technical and organizational measures necessary to comply with the applicable data protection regulations. This includes, in particular, the requirements of Article 32 of the GDPR.

You agree that changes to the technical and organizational measures may be necessary to adapt to technical and legal circumstances. VetZ will consult with you in advance regarding any significant changes that could compromise the integrity, confidentiality, or availability of personal data. Measures that entail only minor technical or organizational changes and do not negatively affect the integrity, confidentiality, and availability of personal data may be implemented by VetZ without prior consultation. You may request a current version of the technical and organizational measures taken by VetZ at any time.

VetZ will regularly review the effectiveness of the technical and organizational measures it has implemented, as well as on an ad hoc basis. In the event that optimization and/or changes are required, VetZ will inform you.

AI-based components are used exclusively in system environments controlled by VetZ or operated by contractually bound subprocessors. All data transfers are encrypted, and internal processes are in place to ensure the traceability of processing steps. The current AI subcontractors are listed in the current list of subcontractors. VetZ regularly reviews the effectiveness of these measures and does not process personal data outside the authorized system architecture.

Upon installation of easyVET, VetZ grants you the simple, non-exclusive right (hereinafter referred to as the “License”), limited to the term of this Agreement, to use the copy of the contractual software on a single platform, i.e., on a single computer. If the platform is a multi-user system, the copy may only be used simultaneously on as many computers as the number of multi-user licenses purchased.

You are prohibited from modifying, translating, reverse engineering, decompiling, or disassembling easyVET without the written consent of VetZ, from creating derivative works based on easyVET, or from reproducing, translating, or modifying the written material, or from creating derivative works based on the written material.

By purchasing easyVET, you acquire only ownership of the physical data carriers on which easyVET is recorded. This does not entail the acquisition of any rights to easyVET itself. VetZ specifically reserves all rights of publication, reproduction, adaptation, and exploitation of easyVET.

You are prohibited from selling, renting, or lending easyVET without the consent of VetZ.

easyVET is protected by copyright. Making a single copy is permitted only for backup purposes. You are obligated to affix VetZ’s copyright notice to the copy or to include it therein. Any copyright notice contained in easyVET, as well as any license numbers included therein, may not be removed. It is expressly prohibited to copy or otherwise reproduce easyVET, in whole or in part, in its original or modified form, or in a form combined with other software or incorporated into other software.

The license is granted for an indefinite period. VetZ is entitled to terminate this contract for cause if you violate any of its terms. Upon termination of the right of use, you are obligated to return the original data carriers and all copies, including any modified copies, as well as the written materials to VetZ or, at VetZ’s discretion, to destroy them.

VetZ is entitled to create updates and upgrades for easyVET at its own discretion. VetZ is under no obligation to develop and provide updates on a regular basis.

VetZ warrants that, at the time of delivery, the data carriers on which easyVET is recorded are in perfect condition.

If the data carriers are not error-free, you may request a replacement. To do so, you must return the data carriers to VetZ and request an error-free delivery.

VetZ notes that, given the current state of technology, it is not possible to develop easyVET in such a way that it operates error-free in all applications and combinations. The subject matter of the contract is therefore only software that is fundamentally usable in accordance with the program description and the integrated help system.

For these reasons, VetZ assumes no liability for the error-free operation of easyVET. In particular, VetZ does not guarantee that easyVET will meet your requirements and purposes or that it will be compatible with other programs you have selected. You bear responsibility for the correct selection and the consequences of using easyVET, as well as for the results intended or achieved thereby. The same applies to the written material accompanying easyVET. If easyVET is not fundamentally usable, you have the right to rescind the contract. VetZ has the same right if the production of usable software is not possible with reasonable effort.

VetZ is liable to you only for intentional or grossly negligent acts. The limitation of liability does not apply to damages resulting from injury to life, limb, or health, nor to damages resulting from the breach of material contractual obligations (so-called cardinal obligations). In the event of a breach of cardinal obligations, liability for slight negligence is limited to the amount that was foreseeable at the time of the respective performance.

Liability for consequential damages not covered by the warranty is excluded, as is liability for lost profits and data loss.

VetZ’s liability under warranty is excluded.

Neither force majeure, operational disruptions for which VetZ is not responsible, nor temporary interruptions in use caused by technically unforeseeable circumstances shall give rise to liability on the part of VetZ.

In the event that both contracting parties are registered merchants, you agree to inspect the software delivered by VetZ immediately upon receipt and to notify VetZ in writing of any damage, defects, or complaints within a reasonable period of time. If defects are not reported in a timely manner, your warranty claim is excluded, unless the defect was not detectable upon inspection and within the reasonable period.

VetZ will provide the support services using such technical tools as VetZ deems necessary or appropriate and which are available to VetZ. This also includes remote support via the Internet, provided that this is technically possible and made available by you. VetZ is entitled to commission subcontractors to perform the tasks in accordance with a data processing agreement. By commissioning support from VetZ in accordance with these support terms, you also agree to this.

VetZ generally provides support services on business days from Monday through Friday between 8 a.m. and 5 p.m., unless otherwise specified below or in the respective individual offer, particularly for urgent and unpostponable emergencies.

VetZ provides all support services in compliance with the applicable data protection regulations and VetZ’s Data Processing Agreement.

VetZ will respond to reports of defects in easyVET that occur during the term of this contract within the following timeframes:

• For critical defects (malfunctions causing a failure of easyVET or significant parts thereof, rendering its use entirely or nearly entirely impossible) within one hour of receiving the report;
• For significant defects (malfunctions that impair the use of easyVET to such an extent that reasonable work with easyVET is no longer possible or is only possible with disproportionately great effort) within two hours of receiving the report;
• In the event of other defects, within one business day of receiving the report.

VetZ will remedy the defects within the following timeframes:

• Critical defects within one business day of receiving the report;
• Significant defects within two business days of receiving the report;
• Other defects within ten business days of receiving the report, but no later than with the next version of easyVET.

If it is foreseeable that a critical or significant defect cannot be resolved within the timeframes defined above, VetZ will provide a workaround.

You must use the helpdesk’s designated communication channels to report a defect so that the aforementioned response times can be met.

VetZ offers three different contract types: Standard Support Contract, Software Support Contract, and Premium Support Contract. You select the contract type when purchasing easyVET.

• Standard Support Contract:
  The Standard Support Contract grants you access to the VetZ Helpdesk for questions regarding the use and functionality of easyVET, as well as for the installation of easyVET updates. The Helpdesk is available Monday through Friday from 8 a.m. to 5 p.m. You can contact us by phone or email.
• Software Support Contract:
  The Software Support Contract provides you with paid access to our helpdesk for questions regarding the use and functionality of easyVET, as well as for the installation of easyVET updates. The paid helpdesk is available Monday through Friday from 8 a.m. to 5 p.m. You can contact us by phone or email.
• Premium Support Contract:
  The Premium Support Contract provides you with access to our help desk for questions regarding the use and functionality of easyVET, as well as for the installation of easyVET updates. The help desk is available on business days, Monday through Friday, from 8 a.m. to 5 p.m. In urgent and unpostponable emergencies, the help desk is also available 24 hours a day, 7 days a week, including public holidays. You can contact us by phone or email. If you encounter problems with easyVET that cannot be resolved by our Helpdesk, VetZ offers on-site assistance. In urgent and unpostponable emergencies, on-site support is provided within 24 hours between 8 a.m. and 5 p.m., including weekends and public holidays.

• On-site services not covered by Section 3;
• Services following an intervention by you and/or other third parties in easyVET or in the system settings, to the extent that this complicates the provision of support;
• Services regarding the interaction of easyVET with other software that is not the subject of this contract;
• Services for the installation, commissioning, or maintenance of easyVET;
• Customizations and programming for easyVET;
• Services for instruction and training in easyVET;
• Support for other software or IT systems;
• Data entry.

The services listed under Section 1.2.4 are not covered by the support contract but may, if necessary, be agreed upon separately for a fee in accordance with our currently valid price list.

The ongoing development of operating systems and other software may result in changes to the technical requirements for easyVET. The resulting technical changes, hardware upgrades or modifications, operating system changes, and organizational requirements are your responsibility and may, if applicable, be agreed upon for a separate fee.

You must describe error messages and questions in detail. This includes, in particular, written descriptions of defects specifying the program name, version number, intermediate results, and, if applicable, the results you believe to be correct. If it is necessary to review a data backup at our business premises to resolve the error, you are obligated to make it available immediately. You agree to provide all necessary informational materials.

You shall ensure that competent personnel trained in the operation of the system are available during the term of the contract.

You shall ensure that the technical requirements for remote support via the Internet are met in your practice or business.

You are required to follow the operating instructions contained in the user manuals and circulars. In particular, you are required to implement the measures specified therein to perform at least one daily data backup.

VetZ shall only have access to personal data in the context of support measures to the extent necessary for error analysis or contract fulfillment. No further access or storage shall take place.

Prices and payment terms are based on the respective individual offer. If monthly or other recurring fees are agreed upon in the individual offer, these fees will increase automatically by 3% compared to the most recently applicable fee, first after 12 months from the start of the contract and thereafter every 12 months.

We provide the support services set forth in these terms and conditions or services separately commissioned by the customer in accordance with the terms of these General Support Terms and Conditions. If, upon inspection by us, the reported defect cannot be identified, you shall bear the costs of the inspection, in particular in the event of improper use of easyVET or in the event of other malfunctions for which we are not responsible. The warranty does not apply to programs or program components that have been modified or expanded by the customer after we have made them available.

If more than two of our attempts at rectification are unsuccessful or if we do not offer a newer version or a workaround for the error, you may terminate the support contract with a notice period of 2 months. If you assert warranty rights or terminate the support contract, this shall have no effect on other contracts concluded between you and us.

Claims on your part shall become time-barred within one year from the statutory commencement of the limitation period.

We are liable for the loss of data and programs and their restoration only to the extent that such loss could not have been prevented by reasonable precautionary measures on your part, in particular by regularly and at least daily creating backup copies of all data and programs. Liability for data loss is limited to the typical restoration costs that would have been incurred had backup copies been made regularly and in accordance with the risk. In any case, the obligation to pay compensation is limited to foreseeable damages.

Liability under the Product Liability Act remains unaffected.

VetZ is not liable

• for outages for which VetZ is not directly responsible, in particular external DNS and routing issues, attacks on our network or email infrastructure, and outages of parts of the Internet beyond our control;
• for outages caused by you, in particular outages caused by incoming or outgoing hacking attacks due to faulty and/or insufficient maintenance of your own hardware and software;
• for outages resulting from the improper use or repair of your own hardware or software, or from systems not being installed, operated, and/or maintained in accordance with our guidelines or the manufacturer’s specifications;
• for outages that were incorrectly reported to you due to errors in internal or external monitoring;
• for outages caused by maintenance work performed by VetZ.

VetZ is also liable for any culpable injury to life, limb, or health. Otherwise, VetZ is liable without limitation only for gross negligence and intent. VetZ is liable for slight negligence only if a duty is breached whose fulfillment is of particular importance for achieving the purpose of the contract (so-called cardinal duty). In the event of a breach of a cardinal obligation, liability is limited to twice the annual support contract fee for easyVET and to such damages as are typically to be expected within the scope of the contract. In the event of damages resulting from delay and slight negligence, you are entitled to a claim limited to 10 percent of the agreed support contract fee for easyVET.

The minimum contract term for new contracts is 24 months, unless otherwise agreed in the respective individual offer. The contract may be terminated with three months’ notice prior to the expiration of the minimum contract term. If the contract is not terminated in a timely manner, it automatically renews for an additional 12 months.

Support hours refer to the period during which the responsible technical customer service team is available via the appropriate communication channels. The provisions of Section 1.2 Support Terms apply to availability, support hours, and communication channels, unless otherwise agreed upon in the respective individual offer for hosting services.

The provisions agreed upon in Section 1.2 Support Conditions apply accordingly to response times for hosting services, unless otherwise agreed upon in the respective individual offer. The response time generally begins upon receipt of your report by VetZ via the specified communication channel. If your report does not reach VetZ via the correct channel, delays may occur.

Within the specified response time, you will receive a qualified statement from a VetZ employee containing an initial assessment of the report and information on the next steps, and, where possible, the solution itself. The statement also includes information on the expected duration and scope of the reported issue.

For recovery times regarding hosting services, the provisions agreed upon in Section 1.2 Support Conditions apply accordingly, unless otherwise agreed upon in the respective individual offer. The starting point for this timeframe is also the receipt of the report by VetZ via the aforementioned communication channels.

General maintenance work is not covered by these Cloud Terms and does not constitute a disruption within the meaning of these Cloud Terms . General maintenance work is generally not performed during normal business hours. VetZ will provide notice of scheduled system maintenance as early as possible.

VetZ is not liable for:

• Outages for which VetZ is not directly responsible, in particular external DNS and routing issues, attacks on VetZ’s network or email infrastructure (viruses), and outages affecting parts of the Internet beyond VetZ’s control.
• Outages caused by you, in particular those resulting from incoming or outgoing hacking attacks due to faulty and/or insufficient maintenance of your own hardware and software.
• Outages resulting from the improper use or repair of your own hardware or software, or from systems not being installed, operated, and/or maintained in accordance with the manufacturer’s or VetZ’s guidelines or specifications.
• Outages that were falsely reported due to errors in your internal or external monitoring.
• Outages caused by maintenance work performed by VetZ.

In any case, liability is limited to the monthly fee for the subscribed product.

VetZ shall have unlimited liability in cases of intent or gross negligence, for injury to life, limb, or health, in accordance with the provisions of the Product Liability Act, and to the extent of any warranty assumed by VetZ. Furthermore, all other claims arising from a breach of duty by VetZ, regardless of their nature or legal basis, are limited to the order value of the individual order affected by the breach of duty, unless otherwise required by law. Claims for compensation for consequential damages resulting from defects, in particular lost profits, are excluded, unless they involve personal injury.

These Terms of Use govern the contractual rights and obligations between you, as a user of the cloud-based software platform vetOS, and VetZ GmbH. Together with the associated Service Level Agreement (SLA), they constitute the General Terms of Service for vetOS. By using vetOS, you agree to these Terms of Service, the Data Processing Agreement (DPA), and our Privacy Policy.

With vetOS, VetZ provides a multi-tenant cloud platform for practice management, diagnostics, and communication. The exact scope of functions is set forth in the respective product descriptions and the published service features.

VetZ reserves the right to continuously develop or adapt the scope of functions to improve efficiency, security, and user-friendliness. Changes are made while safeguarding the legitimate interests of vetOS users.

The use of vetOS is reserved exclusively for veterinarians, veterinary facilities, and their authorized employees. Authentication is performed using appropriate proof of identity (veterinary license or equivalent identification documents).

You are obligated to keep your login credentials secure and prevent unauthorized access.

You agree to use vetOS exclusively for its intended purposes and in accordance with applicable law. In particular, it is prohibited to manipulate vetOS, make unauthorized copies, disclose information, or circumvent security-related systems.

You are responsible for the accuracy of the data you enter.

VetZ performs regular, automated data backups in European data centers. These backups are redundant and encrypted. You are not required to perform your own backups.

VetZ guarantees data integrity, data availability, and data recoverability in accordance with the following SLA.

The processing of personal data is carried out in accordance with the data protection regulations and the General Terms and Conditions of VetZ GmbH. Personal data will only be disclosed to third parties to the extent necessary to fulfill the contractual services.

VetZ may use automated or AI-supported systems to perform certain analysis, evaluation, structuring, summarization, or documentation functions. These systems are operated exclusively in accordance with applicable data protection regulations and serve to optimize processes, ensure quality, and increase efficiency in veterinary practice.

VetZ may engage specialized subcontractors for certain AI-based functions. Depending on the module used, these service providers may process, in particular, audio, text, image, video, and historical treatment data that is generated, uploaded, or reprocessed for short-term correction during the use of vetOS. In doing so, personal data or data that enables the identification of individuals may be processed. Processing is carried out exclusively on your behalf and for the purposes you have specified, such as transcription, analysis, classification, structuring, summarization, or documentation. The current AI subprocessors are listed in the current subprocessor list.

Temporary AI intermediate data is stored exclusively for the technical execution of the respective function as well as for short-term post-processing or correction initiated by the user within a period of no more than 48 hours and is subsequently automatically deleted, provided that no legal obligations preclude this. VetZ ensures that all AI functions are operated without automated decision-making with legal effect and that all sub-processors are contractually obligated to process data in compliance with the GDPR. VetZ ensures that no impermissible profiling or automated decision-making within the meaning of the GDPR takes place.

VetZ uses third-party software components and libraries in vetOS, including open-source software. These are used exclusively in accordance with the applicable license terms.

VetZ ensures that no disclosure obligations regarding its own source code arise and that no rights are infringed.

The list of open-source components used is available upon request.

To expand its functionality, vetOS can be connected to third-party services via standardized application programming interfaces (APIs), for example for AI-supported analyses, transcriptions, structuring, summaries, image evaluations, or external diagnostics. To the extent that subcontractors are used in this context, the current providers are listed in the current list of subcontractors.

VetZ regularly reviews the data protection and technical suitability of these providers and ensures that the processing of personal data takes place exclusively within the European Union (EU). No processing takes place outside the European Union.

You do not receive any separate right of use for these third-party software components. These are exclusively part of the vetOS overall application and may neither be used in isolation nor extracted. VetZ remains responsible for their proper licensing, integration, and maintenance.

VetZ assumes no liability for disruptions directly attributable to external systems; however, it undertakes to monitor these immediately and to take appropriate measures to restore operations.

The use of vetOS is based on monthly license fees, which include all support and services in accordance with the SLA. All fees are subject to the applicable statutory value-added tax.

VetZ reserves the right to adjust prices in the event of significant changes in technical, legal, or operational conditions.

Additional services subject to a fee, such as installations, data migrations, system integrations, and training, are not included in the monthly license fee and—if utilized—will be billed separately on a time-and-materials basis.

VetZ shall have unlimited liability in cases of intent or gross negligence, as well as in cases of injury to life, limb, or health. In cases of simple negligence, VetZ shall be liable only if a material contractual obligation has been breached.

VetZ is liable for data loss only if such loss is attributable to intentional or grossly negligent conduct.

The user contract is concluded for an indefinite period and may be terminated with 30 days’ notice.

The right to terminate the contract without notice for good cause remains unaffected.

Upon termination of the contract, all personal data will be deleted in accordance with the statutory retention periods.

German law applies, excluding the UN Convention on Contracts for the International Sale of Goods.

The place of jurisdiction is Hanover, provided that you are a merchant within the meaning of the German Commercial Code (HGB).

This Service Level Agreement (SLA) specifies the service, support, and availability standards mentioned in the Terms of Use for vetOS. It applies in addition to the Terms of Use for vetOS.

The monthly license fee covers all support and service provisions for vetOS.

To ensure clear and efficient support, VetZ operates a three-tier support system that builds upon each other:

• 1st Level Support – AI-powered initial contact
  The integrated AI chatbot answers frequently asked questions, assists with navigation in vetOS, and directs users to relevant content in the vetOS knowledge base. It thus provides immediate assistance without wait times.
• 2nd Level Support – Advanced Technical Support
  If the AI chatbot cannot fully resolve an issue, qualified VetZ staff take over during regular business hours (Monday through Friday, 8:00 AM–5:00 PM, excluding public holidays). They analyze technical details, access internal tools, and resolve more complex issues to restore practice operations as quickly as possible. Contact is made by phone or, if necessary, via remote access.
• 3rd Level Support – Expert Service (24/7)
  Expert telephone support is available around the clock. Here, specialists from development, product management, and system administration work on technical escalations or critical system events.

In addition, the comprehensive vetOS knowledge base is at your disposal. It contains step-by-step instructions, best-practice examples, video tutorials, and articles on all vetOS features. It serves both as a self-help resource and for the continuous knowledge transfer to practice teams.

The scope of services included in the monthly license fee specifically includes:

• Access to the vetOS knowledge base with articles, videos, and best-practice examples
• Use of the integrated AI-based support chatbot (1st level)
• 2nd-level telephone support provided by VetZ staff during business hours (Monday through Friday, 8:00 AM–5:00 PM, excluding public holidays)
• 24/7 expert hotline (3rd level) for technical escalations and system failures
  Proactive system monitoring, troubleshooting, and maintenance
  Regular security and feature updates

Additional services subject to a fee, such as installations, training, data migrations, and custom system adaptations, are not included in the standard service scope and will be billed on a time-and-materials basis according to the current price list.

Support requests are primarily handled via the integrated AI chatbot. If the issue cannot be resolved there, you will be automatically forwarded to telephone support (2nd level).

VetZ uses an internal, GDPR-compliant system for documenting support cases.

• 1st Level Support (AI chatbot): Available 24 hours a day, 7 days a week
• 2nd Level Support (VetZ staff): Monday through Friday, 8:00 AM–5:00 PM (except on public holidays)
• 3rd Level Support (VetZ specialists): Available 24 hours a day, 7 days a week

Maintenance work is generally performed outside of peak usage hours and announced in advance.

VetZ commits to processing support requests according to their urgency with defined response and resolution targets. The severity of an issue is determined based on its impact on practice operations.

For critical issues (Priority 1) that affect the entire system operation or essential functions of vetOS, VetZ responds within one hour—regardless of the day of the week or time—and works with the highest priority to restore functionality. The goal is to resolve the issue within eight hours.

For medium-priority incidents (Priority 2), where core functions are limited but basic operations remain possible, a response is provided within two hours during support hours. The goal is to resolve the issue within 24 hours.

For low-priority issues (Priority 3) that do not immediately impact practice operations, VetZ responds within four hours during business hours and typically resolves the issue within three business days.

General inquiries, suggestions for improvement, and cosmetic issues (Priority 4) are addressed as part of the release planning process.

VetZ will notify you if a longer processing time is anticipated and will keep you updated on progress.

VetZ guarantees a monthly system availability of at least 99% (excluding scheduled maintenance windows). Availability is continuously monitored and documented.

VetZ performs regular technical maintenance, functional updates, and security optimizations. Major changes are announced and documented in advance.

All data is automatically backed up and encrypted in EU data centers. VetZ guarantees daily backups as well as recovery in emergency mode. You do not need to perform your own data backups.

VetZ continuously monitors vetOS for stability, performance, and security.
Upon request, proof or status reports regarding system availability can be provided to you.

This SLA is part of the Terms of Use for vetOS and takes effect upon the first use of vetOS. Changes will be announced with 30 days’ notice. In the event of an objection, the contract may be terminated for cause.

These Terms of Use govern the provision and use of the veterinary communication and integration platform vetsXL by VetZ GmbH.

vetsXL digitally connects veterinary practices, laboratories, diagnostic companies, pharmaceutical manufacturers, universities, insurance companies, and other partners in the veterinary ecosystem. Through vetsXL, veterinary data, laboratory results, images, orders, and documents are exchanged and stored securely and in a structured manner.
The technical infrastructure is hosted in a secure environment provided by Deutsche Telekom in Hanover, operated on VetZ’s own hardware.

VetZ continuously develops vetsXL to ensure functionality, security, and user-friendliness. Changes are made while safeguarding your legitimate interests.

Registration is required to use vetsXL. This can be done manually or—provided there is integration with easyVET—automatically.

Use is reserved exclusively for professional users (veterinarians, veterinary facilities, and authorized employees). Proof of professional qualification may be provided through appropriate documents (veterinary license, proof of practice, or business registration).

Upon completion of registration, the user agreement between you and VetZ is concluded.

vetsXL is designed for the secure and encrypted transmission, storage, and management of veterinary data between authorized communication partners. VetZ does not perform any content review or editorial processing of the transmitted data, but stores it permanently to the extent necessary for provision, traceability, and legally permissible archiving.

You grant VetZ a simple right of use to the transmitted data, limited to the duration of use, which is required exclusively for technical storage, provision, and transmission within vetsXL. VetZ does not use the data for any other purpose.

vetsXL enables connection and communication with external providers such as laboratories, pharmaceutical companies, or insurance companies. The content, services, and data provided by these providers are subject to their own terms of use and privacy policies. VetZ provides only the technical connection and is not a contracting party for third-party services processed via vetsXL.

The General Terms and Conditions and the Privacy Policy of VetZ GmbH apply in addition to all services mediated or integrated via vetsXL.

The processing and storage of personal data in connection with the use of vetsXL is carried out on behalf of VetZ GmbH in accordance with Article 28 of the GDPR and the provisions of the Data Processing Agreement (DPA).

VetZ processes and stores personal data transmitted via vetsXL to the extent necessary to fulfill the contractually agreed services. This includes, in particular, the secure storage, archiving, and provision of communication, order, and diagnostic data between veterinary practices and their partners.

All data is processed and stored in a secure VetZ server environment. VetZ ensures compliance with applicable data protection regulations, in particular the GDPR, as well as the technical and organizational measures listed in the DPA.

Personal data will only be disclosed to third parties to the extent necessary for the respective communication or order purpose or where there is a legal obligation to do so.

You agree to use vetsXL exclusively for its intended purposes, not to transmit any prohibited content or infringe upon the rights of third parties, to treat access data confidentially, and to prevent unauthorized access.

In the event of recognizable security risks, malfunctions, or unauthorized access, you are obligated to inform VetZ immediately.

VetZ guarantees that vetsXL will be available and secure in accordance with the state of the art.

VetZ shall be liable without limitation in cases of willful misconduct and gross negligence, as well as in cases of injury to life, limb, or health. In cases of ordinary negligence, VetZ shall be liable only for breaches of material contractual obligations and only for foreseeable damages typical for this type of contract.

VetZ is not liable for outages that are beyond VetZ’s control (such as internet disruptions, errors by third-party providers, or attacks by third parties).

VetZ operates vetsXL with the goal of high technical stability and continuous availability. The platform is generally available around the clock; scheduled maintenance work is carried out outside of peak usage times whenever possible and announced in a timely manner.

Support requests can be submitted during regular business hours via the usual communication channels. VetZ strives to respond to incoming support requests within a reasonable timeframe and to resolve any issues promptly.

VetZ does not guarantee a specific response or recovery time, but ensures the best possible availability through continuous system monitoring and proactive maintenance.

All rights to the vetsXL platform, including software, APIs, design, and documentation, remain with VetZ.

Use is permitted exclusively within the scope of the granted license agreement. Distribution, reproduction, or decompilation of the software is prohibited.

The user agreement is entered into for an indefinite period. It may be terminated by either party with 30 days’ notice to the end of the month.

The right to terminate the agreement without notice for good cause remains unaffected.

Upon termination of the contract, all stored personal data will be deleted or anonymized in accordance with statutory retention periods.

VetZ reserves the right to amend these Terms of Use in the event of technical or legal changes. You will be informed of any changes in writing in a timely manner. If you do not object to the changes within 30 days, they shall be deemed accepted.

German law applies, excluding the UN Convention on Contracts for the International Sale of Goods.

The place of jurisdiction is Hanover, provided that you are a merchant within the meaning of the German Commercial Code (HGB) or have your registered office outside of Germany.

These Terms of Use govern the contractual rights and obligations between VetZ GmbH and you as a registered user of the petsXL platform—a web-based and mobile application for pet owners to manage animal health-related information and communicate with veterinary practices.

Use of petsXL is free of charge; individual optional additional features can be unlocked for a fee via in-app purchases.

By registering for and using petsXL, you agree to these Terms of Use for petsXL and the Privacy Policy of VetZ GmbH.

petsXL enables you to digitally manage your pets’ health, access health records, and communicate with participating veterinary practices. In addition, petsXL offers additional features such as online appointment scheduling, digital patient registration, electronic signatures, reminders for vaccinations and preventive care, invoice management, payment processing, and a comprehensive health record.

VetZ reserves the right to continuously develop and adapt the scope of functions to enhance security, user-friendliness, and efficiency. Changes will be made while safeguarding your legitimate interests.

Use of petsXL requires you to register as a user. You agree to provide accurate and complete information during registration and to keep your login credentials confidential.

The petsXL app is available for all major operating systems via app stores as well as a web application.

When you connect to a veterinary practice via petsXL, you expressly consent to the exchange of data between you and the veterinary practice. The connection is established only after mutual confirmation (consent from both you and the veterinary practice).

You can terminate this connection yourself at any time. After termination, no new data will be exchanged. Data already transmitted remains with the respective contractual partners in accordance with applicable data protection regulations.

VetZ processes personal data exclusively in accordance with the General Data Protection Regulation (GDPR) and the VetZ Privacy Policy.

The processing of personal data takes place exclusively within the European Union (EU). No processing takes place outside the European Union. The data is operated in a certified data center of Deutsche Telekom on VetZ’s own hardware.

Personal data is only disclosed to third parties to the extent necessary to fulfill contractual obligations or if you have expressly consented.
All transmissions between petsXL, affiliated veterinary practices, and third parties are encrypted.

petsXL uses AI-based systems to assist you in searching for information, communicating, and organizing animal health-related data. This includes, in particular, a digital AI assistant (chatbot) that answers general questions about animal health, petsXL features, or communication with veterinary practices. In the future, additional AI-powered modules may be integrated, for example to provide personalized health content or to analyze anonymized data patterns to improve the platform.

All AI systems are intended solely to provide support and increase efficiency and do not replace veterinary advice or diagnosis.

VetZ and its partners do not make automated individual decisions with legal effects within the meaning of Article 22 of the GDPR. Data processed by AI systems is processed exclusively within the European Union (EU) and used solely for the purpose of providing the service. No processing takes place outside the European Union. Data is stored for training or development purposes only in anonymized or aggregated form.

VetZ uses only carefully selected and contractually bound technology providers and subprocessors who are obligated to comply with the GDPR as well as the security and data protection standards specified by VetZ. The current subprocessors are listed in the current subprocessor list. You will be clearly notified in petsXL when you interact with an AI feature. VetZ ensures that all systems used are regularly reviewed for security, fairness, transparency, and traceability.

Temporary AI intermediate data is stored exclusively for the technical execution of the respective function and for any short-term post-processing or correction initiated by the user within a period of no more than 48 hours, and is subsequently automatically deleted, provided that no legal obligations prevent this.

You agree to use petsXL exclusively for its intended purposes and not to upload or transmit any content that violates applicable law or the rights of third parties.

You may not misuse petsXL to compromise or circumvent the security or integrity of the system.

You are responsible for the data you enter and the content you share.

The basic functions of petsXL are available free of charge.

Some additional features can be activated via in-app purchases or optional subscriptions. The respective fees are clearly displayed and billed through the relevant app store systems.

VetZ bears unlimited liability in cases of intent or gross negligence, as well as in cases of injury to life, limb, or health. In cases of simple negligence, VetZ is liable only for breaches of material contractual obligations.

VetZ is not liable for damages caused by improper use, technical malfunctions beyond its control, or by third parties.

The user contract is concluded for an indefinite period. You may delete your registration at any time without notice.

VetZ reserves the right to terminate the contract for good cause with immediate effect, in particular in the event of misuse or violations of these terms and conditions.

Upon termination of the contractual relationship, personal data will be deleted in accordance with the statutory retention and deletion periods.

VetZ reserves the right to amend these Terms of Use in the event of technical or legal changes. You will be informed of any changes in writing in a timely manner. If you do not object to the changes within 30 days, they shall be deemed accepted.

German law applies, excluding the UN Convention on Contracts for the International Sale of Goods.

The place of jurisdiction is Hanover, provided that you are a merchant within the meaning of the German Commercial Code (HGB) or have your registered office outside of Germany.

Note:

The original version of these Terms and Conditions is in German. The English version is an automatically generated translation and is provided for convenience only. In case of any conflict or inconsistency, the German version shall prevail.

When you use the contact forms on our websites or the email addresses provided there to contact us, we automatically store the personal data you submit.

When you register with vetsXL or petsXL, we store your IP address as well as the date and time of your registration in addition to the personal data you provide.

When you subscribe to our newsletters, we store your IP address as well as the date and time of your registration in addition to the personal data you provide.

We use Rapidmail to send newsletters. Signing up for our newsletter is done via a so-called “double opt-in process.” After signing up, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent unauthorized persons from signing up using your email address.

When you subscribe to the newsletter, your IP address as well as the date and time of registration are stored. This serves to prevent misuse of our services or your email address. Your data will not be disclosed to third parties. An exception applies if there is a legal obligation to disclose such data. Your data will be used exclusively for sending the newsletter. You can cancel your subscription to the newsletter at any time.

You may also revoke your consent to the storage of your personal data at any time. Your consent provides us with the legal basis for processing your data in accordance with Article 6(1)(a) of the GDPR. The legal basis for sending the newsletter following the sale of goods or services is Section 7(3) of the UWG.

We use the provider Rapidmail to send newsletters via email. The server is located in Germany. For marketing purposes, emails sent via Rapidmail contain a so-called tracking pixel that connects to Rapidmail’s servers when the email is opened. This allows us to determine whether a newsletter has been opened. Clicking on links in the newsletter can also be tracked in this way.

When you apply for a position with us, we store the personal data you provide as well as your application documents.

When you use Microsoft Teams, information regarding users, email addresses, profile pictures, preferred language, meeting metadata, as well as text, audio, and video data is processed. This depends on the information you provide. If you use the chat function, the text you enter is processed to display it. To enable video display and audio playback, data from your device’s microphone and video camera is processed accordingly for the duration of the meeting. You can turn off the camera or microphone yourself at any time.

VetZ GmbH is responsible for data processing directly related to the conduct of online meetings.

If you access the Microsoft Teams website, the provider of Microsoft Teams is responsible for data processing.

When you participate in remote maintenance, TeamViewer GmbH processes not only your IP address but also your location, your computer’s MAC address, and the start and end times of the TeamViewer connection. We do not process any connection data. During technical maintenance work, technicians may gain access to the contents on your computer. No further data processing takes place.

You may request confirmation as to whether personal data concerning you is being processed by us. If such processing is taking place, you may request the following information from us:

• the purposes for which the personal data is processed;
• the categories of personal data being processed;
• the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
• the planned duration of storage of the personal data concerning you or, if specific details are not available, the criteria for determining the storage period;
• the existence of a right to rectification or erasure of the personal data concerning you, a right to restrict processing by the controller, or a right to object to such processing;
• the existence of a right to lodge a complaint with a supervisory authority;
• all available information regarding the origin of the data, if the personal data is not collected from the data subject, or
• the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and—at least in such cases—meaningful information regarding the logic involved, as well as the significance and intended consequences of such processing for you as the data subject.

You have the right to request information regarding whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Article 46 of the GDPR in connection with the transfer.

You have the right to have your personal data rectified and/or completed if the personal data concerning you that is being processed is inaccurate or incomplete. We will carry out the rectification without delay.

Under the following conditions, you may request the restriction of the processing of your personal data:

• if you contest the accuracy of the personal data concerning you for a period that allows us to verify the accuracy of the personal data;
• the processing is unlawful and you oppose the erasure of the personal data and instead request the restriction of the use of the personal data;
• we no longer need the personal data for the purposes of processing, but you need it to assert, exercise, or defend legal claims; or
• if you have objected to the processing pursuant to Article 21(1) of the GDPR and it has not yet been determined whether our legitimate grounds override your interests.

If the processing of your personal data has been restricted, such data—apart from its storage—may be processed only with your consent or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of an important public interest of the Union or a Member State.

If the restriction on processing has been imposed in accordance with the above conditions, we will notify you before the restriction is lifted.

You may request that the personal data concerning you be erased without delay, and we are obligated to erase this data without delay if any of the following grounds apply:

• The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
• You withdraw your consent on which the processing was based pursuant to Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal basis for the processing.
• You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
• The personal data concerning you has been unlawfully processed.
• The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union law or the law of the Member States to which we are subject.
• The personal data concerning you was collected in relation to information society services offered pursuant to Article 8(1) of the GDPR.

If you wish to request the erasure or modification of any other personal data we have stored about you, please contact us in writing at privacy@vetz.de.

If we have made the personal data concerning you public and are obligated to delete it, we will take appropriate measures, including technical measures, taking into account available technology and implementation costs, to inform the controllers processing the personal data that you, as the data subject, have requested the deletion of all links to this personal data or of copies or replicas of this personal data.

The right to erasure does not apply to the extent that the processing is necessary

• for the exercise of the right to freedom of expression and information;
• to comply with a legal obligation which requires processing under Union or Member State law to which we are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
• for reasons of public interest in the area of public health pursuant to Article 9(2)(h) and (i) and Article 9(3) of the GDPR;
• for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, insofar as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of such processing; or
• to assert, exercise, or defend legal claims.

If you have exercised your right to rectification, erasure, or restriction of processing against us, we are obligated to notify all recipients to whom your personal data has been disclosed of this rectification, erasure, or restriction of processing, unless this proves impossible or involves disproportionate effort.

You have the right to request that we inform you of these recipients.

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller to whom the personal data has been provided, without hindrance from us, provided that the processing is based on consent or a contract and is carried out using automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly by us to other controllers, to the extent that this is technically feasible. The freedoms and rights of other individuals must not be infringed upon as a result.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

You have the right to object at any time to the processing of your personal data based on Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.

We will no longer process the personal data concerning you unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.

If the personal data concerning you is processed for the purpose of direct marketing, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such marketing; this also applies to profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

You have the right to withdraw your consent under data protection law at any time. Withdrawing your consent does not affect the lawfulness of the processing carried out on the basis of your consent prior to withdrawal. Please send your withdrawal to privacy@vetz.de.

Profiling refers to the creation, updating, and use of profiles through the collection of data, followed by analysis and evaluation, for the purpose of optimizing (direct) marketing.

You have the right not to be subject to a decision based solely on automated processing—including profiling—that produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

1. is necessary for the conclusion or performance of a contract between you and us,
2. is permitted under Union or Member State law to which we are subject, and that law provides for appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, or
3. is based on your explicit consent.

However, these decisions may not be based on special categories of personal data, unless otherwise provided by law and appropriate measures have been taken to protect your rights and freedoms as well as your legitimate interests.

With regard to the cases mentioned in 1. and 2. , we take appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, which include at least the right to request human intervention on our part, to present your own point of view, and to challenge the decision.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

The supervisory authority to which the complaint was submitted shall inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Article 78 of the GDPR.

vetOS uses only technically necessary cookies and session tokens that are required for authentication and the secure operation of the application. These cookies are automatically deleted after logging out or closing the session. Tracking for marketing or analytical purposes does not take place in vetOS.

So-called social plugins are functions and/or buttons from social media platforms such as Facebook, Instagram, LinkedIn, or Vimeo that we have integrated into our websites www.vetz.de, www.petsXL.com, and vetos.vet. This feature allows you to interact with the corresponding social media platform with a simple click on such a button.

We ensure that your personal data—such as your IP address—is not transmitted to the respective social media account simply by visiting a webpage. This only occurs after you click the corresponding button. We inform you about the data transfer as soon as you hover your mouse pointer over the button.

We use Facebook fan pages provided by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter referred to as “Facebook”) for our online presence. Please note that you use the Facebook fan pages and their features at your own risk. This applies in particular to the interactive features on Facebook.

We are jointly responsible with Facebook for data processing operations within the meaning of Article 26 of the GDPR, provided that we actually make a joint decision with the operators regarding data processing and that we also have an influence on the data processing. Your rights (right of access pursuant to Article 15 of the GDPR, right to rectification pursuant to Article 16 of the GDPR, right to erasure pursuant to Article 17 of the GDPR, right to restriction of processing pursuant to Article 18 of the GDPR, right to data portability pursuant to Article 20 of the GDPR, and right to lodge a complaint pursuant to Article 77 of the GDPR) may generally be exercised with respect to both us and Facebook. Please note that, despite our joint responsibility under Article 26 of the GDPR with the operators of social networks, we do not have full control over the data processing carried out by the individual social networks. The corporate policies of the respective provider have a significant influence on our options. In the event that data subject rights are exercised, we would only be able to forward these requests to the operator of the social network.

When you visit us on Facebook, you trigger the processing of your personal data. Facebook processes personal data related to your account, your IP address, and the devices you use. Cookies are used for data collection. Facebook describes in general terms what information it receives and how it is used in its Privacy Policy. There you will also find information on how to contact Facebook, your options for objecting to data processing, and settings for managing advertisements.

The Data Policy is available at the following link: http://de-de.facebook.com/about/privacy.
You can find Facebook’s complete data policies at https://de-de.facebook.com/full_data_use_policy.

Facebook may use this information to provide us, as the operator of the Facebook pages, with statistical information such as gender and age distribution regarding the use of the Facebook page. In addition, Facebook may display further information or advertisements to you based on your preferences. You can find more information here: http://de-de.facebook.com/help/pages/insights.

The data collected about you in this context is processed by Facebook Ltd. and may be transferred to countries outside the European Union. Facebook does not clearly specify—and we are not aware of—how Facebook uses the data from visits to Facebook pages for its own purposes, to what extent activities on the Facebook page are attributed to individual users, how long Facebook stores this data, or whether data from a visit to the Facebook page is shared with third parties. When you access a Facebook page, your IP address is transmitted to Facebook. According to Facebook, a “German” IP address is anonymized and deleted after 90 days. Facebook also stores information about its users’ devices. This may allow Facebook to associate IP addresses with individual users. If you are currently logged into Facebook as a user, there is a cookie on your device containing your Facebook ID. This enables Facebook to track that you have visited this page and how you used it. This also applies to all other Facebook pages. Through Facebook buttons embedded in websites, Facebook can track your visits to these websites and associate them with your Facebook profile. Based on this data, content or advertising can be tailored to you. If you wish to avoid this, you should log out of Facebook or deactivate the “stay logged in” feature, delete the cookies stored on your device, and close and restart your browser. This will delete Facebook information that can be used to directly identify you. This allows you to use our Facebook page without your Facebook ID being revealed. When you access interactive features on the page, a Facebook login screen will appear. After logging in, you will once again be recognizable to Facebook as a specific user. Alternatively, you can use a different browser than usual when visiting our Facebook page.

For information on how to manage or delete information about you, please visit the following Facebook Support pages: https://de-de.facebook.com/about/privacy#

We do not collect or process any other data from your use of our Facebook fan pages.

For our profile on Instagram, we use the technical platform and services of Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA (hereinafter referred to as “Instagram”). Please note that you use this Instagram page and its features at your own risk. This applies in particular to the use of interactive features.
When you visit our Instagram page, Instagram collects, among other things, your IP address and other information stored on your computer in the form of cookies. This information is used to provide us, as the operator of the Instagram pages, with statistical information regarding the use of the Instagram page. The data collected about you in this context is processed by Instagram Inc. and may be transferred to countries outside the European Union. Instagram describes in general terms what information it receives and how it is used in its Privacy Policy. There you will also find information on how to contact Instagram and on the settings options for advertisements. The Privacy Policy is available at the following link: https://help.instagram.com/519522125107875

When you access an Instagram page, the IP address assigned to your device is transmitted to Instagram. According to Instagram, a “German” IP address is anonymized and deleted after 90 days. Instagram also stores information about its users’ devices. This may allow Instagram to associate IP addresses with individual users. Instagram does not clearly state—and we are not aware of—how Instagram uses the data from visits to Instagram pages for its own purposes, to what extent activities on the Instagram page are attributed to individual users, how long Instagram stores this data , or whether data from a visit to the Instagram page is shared with third parties. If you are currently logged into Instagram as a user, there is a cookie on your device containing your Instagram ID. This enables Instagram to track that you have visited this page and how you used it. This also applies to all other Instagram pages.

Through Instagram buttons embedded in websites, Instagram can track your visits to these websites and associate them with your Instagram profile. Based on this data, content or advertising can be tailored to you. If you wish to avoid this, you should log out of Instagram or disable the “stay logged in” feature, delete the cookies on your device, and close and restart your browser. This will delete Instagram information that can be used to directly identify you. This allows you to use our Instagram page without your Instagram ID being revealed. If you access interactive features on the page, an Instagram login screen will appear. After logging in, you will once again be recognizable to Instagram as a specific user. You can find information on how to manage or delete information about you in the Instagram Help Center.

We do not collect or process any other data from your use of our Instagram profile.

For our profile on LinkedIn at https://www.linkedin.com/company/vetz, we use the technical platform and services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (hereinafter referred to as “LinkedIn”). Please note that you use this LinkedIn page and its features at your own risk. This applies in particular to the use of interactive features.

When you visit our LinkedIn page, LinkedIn collects your IP address as well as other information stored on your computer in the form of cookies. This information is used to provide us, as the operator of the LinkedIn pages, with statistical information regarding the use of the LinkedIn page. You can find more information from LinkedIn here: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv.

The data collected about you in this context is processed by LinkedIn Inc. and may be transferred to countries outside the European Union. LinkedIn describes in general terms what information it receives and how it is used in its Data Use Policy. There you will also find information on how to contact LinkedIn and on advertising settings. The Data Use Policy is available at the following link: https://www.linkedin.com/legal/privacy-policy.

When you access a LinkedIn page, the IP address assigned to your device is transmitted to LinkedIn. According to LinkedIn, a “German” IP address is anonymized and deleted after 90 days. LinkedIn also stores information about its users’ devices. This may allow LinkedIn to associate IP addresses with individual users. LinkedIn does not clearly state on how it uses data from visits to LinkedIn pages for its own purposes, to what extent activities on the LinkedIn page are attributed to individual users, how long LinkedIn stores this data, or whether data from a visit to the LinkedIn page is shared with third parties, and we are not aware of this information. If you are currently logged in to LinkedIn as a user, a cookie containing your ID is stored on your device. This allows LinkedIn to track that you have visited this page and how you used it. This also applies to all other LinkedIn pages.

Through LinkedIn buttons embedded in websites, LinkedIn can track your visits to these websites and associate them with your LinkedIn profile. Based on this data, content or advertising can be tailored to you. If you wish to avoid this, you should log out of LinkedIn or disable the “stay logged in” feature, delete the cookies on your device, and close and restart your browser. This will delete LinkedIn information that can be used to directly identify you. This allows you to use our LinkedIn page without your LinkedIn ID being revealed. If you access interactive features on the page, a LinkedIn login screen will appear. After logging in, you will once again be recognizable to LinkedIn as a specific user. For information on how to manage or delete information about you, please visit: https://www.linkedin.com/legal/privacy-policy.

We do not collect or process any other data from your use of our LinkedIn profile.

For our XING profile, we use the technical platform and services of XING AG, Dammtorstraße 30, 20354 Hamburg, Germany (hereinafter referred to as “XING”). Please note that you use the service offered here and its features at your own risk. This applies in particular to the use of interactive features.

If you visit the site while logged into your XING account, XING can directly associate your visit to our website with your XING account. If you do not want XING to associate your data with your account, you must log out of XING before visiting our website.

Data about you may be collected via this social media profile through cookies, regardless of whether you have an account with XING or not. They are regularly stored on the user’s device when visiting a XING page, including this profile. The information stored in the cookies is received, recorded, and processed by XING, particularly when the user visits XING services, services provided by other members of the corporate group, and services provided by other companies that use XING services. In addition, other entities such as XING partners or even third parties may use cookies on the XING services to provide services to companies advertising on XING. For more information on XING’s use of cookies, please refer to their Privacy Policy.

Cookies are primarily set to enable us to display personalized advertising to visitors of the XING websites, for example. This is done by displaying ads from XING’s advertising partners on our XING profile to users, based on the websites they have previously visited. In addition, cookies enable the creation of statistics regarding the use of a social media profile, allowing XING and us to track the use of a social media profile.

The collection of your data via cookies in connection with the use of the social media profile is neither legally nor contractually required. Nor is this necessary for the conclusion of a contract. There is therefore no obligation to transmit your data to XING. However, failure to transmit your data (for example, by blocking cookies) means that we cannot offer you our social media profile, or can only do so to a limited extent.

We operate this XING page to present ourselves to XING users and other interested individuals who visit this XING page, to provide information regarding recruitment and career opportunities with us, and to communicate with users. The processing of users’ personal data is based on our legitimate interest in optimizing our corporate presentation (Article 6(1)(f) of the GDPR).

XING users can use the advertising preferences settings to control the extent to which their user behavior is tracked when visiting our XING page. Additional options are available through the XING settings or the form for exercising the right to object.

The processing of information via the cookies used by XING can be prevented by disabling third-party cookies or XING cookies in your browser settings.
You can find further details on XING’s use of cookies at https://privacy.xing.com/de/datenschutzerklaerung.

We have integrated videos from the provider Vimeo LLC, headquartered at 555 West 18th Street, New York, New York 10011 (hereinafter referred to as “Vimeo”), into our online offering.

Some of our web pages contain videos from Vimeo. When you visit such a page on our website, a connection is established with the Vimeo servers. This transmits information to the Vimeo server regarding which of our web pages you have visited. If you are logged in as a Vimeo member at that time, Vimeo associates this information with your personal user account. Clicking the play button on a video may also associate this information with an existing user account. You can prevent this association by logging out of your Vimeo user account before using our website and deleting the relevant Vimeo cookies.

We use this service within our online offering based on a legitimate interest—in the analysis, optimization, and economic operation of our online offering. The legal basis is Article 6(1)(f) of the GDPR.

Further information on data processing and privacy notices from Vimeo can be found at https://vimeo.com/privacy.

In addition, Vimeo calls up the Google Analytics tracker via an iFrame in which the video is displayed. This is Vimeo’s own tracking system, to which we have no access. You can prevent tracking by Google Analytics by using the opt-out tools that Google offers for some web browsers. Users can also prevent the collection of data generated by Google Analytics and related to their use of the website—including their IP address—by Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Our websites use so-called web fonts provided by Google to ensure consistent font display. When you visit a page, your browser loads the required web fonts into its cache to display text and fonts correctly.

To do this, the browser you are using must connect to the servers of Monotype GmbH. As a result, Monotype GmbH becomes aware that our website has been accessed via your IP address. The use of web fonts is in the interest of a consistent and appealing presentation of our websites. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR.

If your browser does not support web fonts, a standard font from your computer will be used. For more information, please refer to the Monotype GmbH Privacy Policy.

Some of our websites use the web analytics service Google Analytics. Google Analytics stores cookies on your device so that we can analyze your use of our websites. The information generated by the cookie, along with your IP address, is transmitted to a Google server in the United States and stored there. Analysis by Google Analytics is conducted only with your consent in accordance with Article 6(1)(a) of the GDPR. You can revoke your consent at any time on our website by changing your settings.

Google uses this information to evaluate your use of our websites, to compile reports on website activity for us, and to provide other services related to website and internet usage. Google may transfer this information to third parties where required by law or where such third parties process the data on Google’s behalf. Google will in no case associate your IP address with other data held by Google. Google has developed a browser add-on to disable Google Analytics. It gives you more options regarding the collection of your data by Google Analytics. The add-on communicates with Google Analytics JavaScript (ga.js) to indicate that no information about your website visits should be sent to Google Analytics. It can be downloaded from the following website: http://tools.google.com/dlpage/gaoptout

At petsXL, we use the Bing Maps service (operated by Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA) to display geographic information.

By using Bing Maps, data regarding your use of petsXL may be transmitted to, collected by, and used by Microsoft. Each time you use Bing Maps, Microsoft may set a cookie. This allows Microsoft to process your user settings and user data. This cookie is not deleted when you exit petsXL but expires after a certain period of time, unless you manually delete it beforehand. For more information, please refer to Microsoft’s privacy policy. If you do not consent to the processing of your data, you can disable the JavaScript function in your web browser so that no data is transmitted to Microsoft. Please note that in this case, you will not be able to use Bing Maps, or your use will be limited.

We use the Sentry service provided by Functional Software Inc. to detect, analyze, and log technical issues within vetOS and petsXL. This allows us to ensure the stability and quality of our applications and to continuously improve them.

In the event of a malfunction and when monitoring system stability, information such as IP address, browser type, technical device data, timestamps, and usage data (e.g., URLs accessed or user interactions) may be collected and processed.

Data processing is based on Article 6(1)(f) of the GDPR. Our legitimate interest lies in providing our services in a secure, trouble-free, and user-friendly manner. The data is processed exclusively on servers within the European Union (located in Germany). We have entered into a data processing agreement with the provider in accordance with Article 28 of the GDPR.