Terms of Service (ToS)

Personalrampe Digital

Terms of Service (ToS)

Personalrampe Digital

Provider: <ProviderInfo />, <ProviderAddress />

Email: <ProviderContact type="email" />

§ 1 Scope

  1. These Terms of Service ("ToS") govern all contracts between <ProviderInfo />, operating under the name "Personalrampe Digital" (hereinafter "Provider"), and companies, legal entities under public law or special funds under public law (hereinafter "Customer") regarding the use of the SaaS platform "Personalrampe Digital" and the associated document digitisation services.
  2. Conflicting or deviating terms of the Customer do not become part of the contract unless the Provider has expressly agreed to them in writing.
  3. These ToS apply exclusively to contracts with entrepreneurs within the meaning of § 14 BGB (B2B). Consumers within the meaning of § 13 BGB are excluded from using the Platform.

§ 2 Service Description

  1. The Provider makes the cloud-based software platform "Personalrampe Digital" available to the Customer. The Platform enables in particular:
    • Upload of personnel file documents (e.g. employment contracts, annexes, HR correspondence) as PDF,
    • Optical character recognition (OCR) and text extraction from uploaded documents,
    • Structuring of extracted content into export-ready data (e.g. JSON/CSV),
    • AI-supported generation of overviews, summaries and insights based on the extracted data,
    • Provision of an AI assistant to support HR users in querying and analysing the structured personnel file data.
  2. The Provider additionally offers a document digitisation service which is billed per personnel file. One personnel file is defined as one uploaded PDF file (or a logical bundle of documents) up to 1,000 pages. For each further started block of 1,000 pages, an additional personnel file is deemed to be processed for billing purposes.
  3. The exact scope of services is defined by the current feature set described on the Provider's website and in the Customer’s account.
  4. The Provider is entitled to further develop the Platform technically and to change its appearance, provided this does not materially impair core functionalities.
  5. The Platform is provided as Software-as-a-Service (SaaS). The Customer does not acquire a licence to the software itself, but a time-limited right of use.
  6. The AI assistant and AI-based analyses are support tools. They provide suggestions and summaries that may contain errors or be incomplete. They do not constitute legal, tax or employment law advice. All personnel and compliance decisions remain solely with the Customer.

§ 3 Contract Conclusion and Term

  1. The contract is concluded when the Customer registers on the Platform and accepts these ToS.
  2. The Platform usage (SaaS) is offered as a subscription with a monthly fee of EUR 79. The minimum contract term is 1 month. The contract automatically renews for a further 1 month unless terminated with 14 days' notice prior to the end of the respective term.
  3. Per-document digitisation (OCR and structuring of personnel files) is an additional usage-based service that can be ordered by uploading personnel file PDFs via the Platform. A separate minimum term does not apply to this per-document service.
  4. The right to extraordinary termination for good cause remains unaffected. Good cause includes in particular material breach of these ToS or failure to fulfil payment obligations despite reminder.
  5. Termination requires text form (email suffices). Termination does not affect payment obligations already incurred for digitisation services that have been rendered or initiated.

§ 4 Rights of Use and Restrictions

  1. The Provider grants the Customer a non-exclusive, non-transferable right to use the Platform during the contract term, limited to EU territory unless otherwise agreed.
  2. The Customer is not entitled to:
    • Copy, modify, reverse-engineer or create derivative works from the Platform or any part thereof,
    • Sub-licence, rent or transfer the Platform to third parties,
    • Conduct automated access (scraping, bots) without prior written consent,
    • Use the Platform in any manner that violates applicable law, in particular data protection or employment law.
  3. The Customer may only use the Platform for its own internal HR purposes. Use on behalf of third parties (e.g. as an HR service provider for other companies) requires the written consent of the Provider.

§ 5 Customer Obligations

  1. The Customer is obligated to keep login credentials confidential and not grant access to unauthorised third parties.
  2. The Customer is responsible for all activities that take place under its account.
  3. The Customer alone is responsible for ensuring that the upload and processing of personnel files in the Platform complies with applicable data protection requirements (in particular GDPR, BDSG, works agreements, co-determination rights of the works council pursuant to § 87(1)(6) BetrVG).
  4. The Customer undertakes to conclude the Data Processing Agreement (DPA) with the Provider before any personal employee data is entered or uploaded.
  5. The Customer ensures that content entered and documents uploaded do not infringe third-party rights or violate applicable law.
  6. The Customer is solely responsible for the selection of persons invited to the Platform and for assigning roles and permissions. If the Customer invites users with access to personnel files or to AI analysis features who should not see this data, any resulting data breach is attributable to the Customer, not to the Provider.
  7. The Platform offers different permission levels (e.g. read, add, edit, delete personnel data, audit log access, user management, AI chat). The Customer is responsible for configuring these permissions in line with the principle of least privilege and applicable internal policies.
  8. The Customer must implement appropriate security measures on its side (e.g. secure email accounts, strong passwords, two-factor authentication where available) and is responsible for preventing social engineering attacks against its own users.

§ 6 AI Features and Special Risk Features

  1. The Platform provides an AI assistant capable of answering questions and generating analyses based on structured personnel file data.
  2. In the default configuration, the AI assistant accesses only pseudonymised identifiers and structured metadata to minimise the amount of personal data processed by the AI model.
  3. The Platform offers an optional "Deep AI Analysis" feature which allows the AI model to access more detailed content from personnel files in order to generate more in-depth analyses. This feature is clearly marked in the user interface (e.g. via a checkbox with a "reduced safety" badge) and must be actively enabled by the Customer’s authorised users.
  4. By enabling and using the "Deep AI Analysis" feature, the Customer acknowledges that:
    • Detailed content from personnel files, including potentially sensitive personal data, will be transmitted to the AI model operated by the Provider’s cloud provider (e.g. Microsoft Azure OpenAI in an EU data zone),
    • Despite technical measures (e.g. masking of certain identifiers), it cannot be guaranteed that no sensitive information is ever processed by the AI service,
    • Any resulting data protection risks must be assessed and accepted by the Customer as Controller.
  5. The Provider is not responsible for any data breaches or misuse resulting from:
    • The Customer’s decision to enable "Deep AI Analysis",
    • The Customer entering or pasting sensitive data into free-text fields or AI prompts,
    • Social engineering, credential theft or other attacks against the Customer or its users.

§ 7 Availability and Support

  1. The Provider aims for Platform availability of 99% per calendar month (measured 24/7, excluding planned maintenance windows).
  2. Planned maintenance will be announced with at least 24 hours' notice where possible and conducted during low-traffic periods.
  3. Support is provided via email (<ProviderContact type="support" />). Response times are not guaranteed; the Provider aims to respond within 2 business days.

§ 8 Fees and Payment

  1. Usage fees are set out in the pricing model on the Provider's website at the time of ordering. Unless otherwise agreed in writing:
    • The monthly subscription fee for the Platform is EUR 79 (net),
    • The fee for digitising personnel files is EUR 20 (net) per processed personnel file up to 1,000 pages,
    • Each additional started block of 1,000 pages within a personnel file is billed as an additional personnel file.
  2. All prices are net prices plus applicable VAT, where applicable.
  3. Fees for digitisation services become due when the respective processing job is started by the Platform (e.g. upon upload and confirmation).
  4. Invoices are payable within 14 days of the invoice date without deduction, unless a different payment term is shown during checkout.
  5. Payment processing and billing are handled by Polar Software, Inc. ("Polar.sh") using Stripe, Inc. as sub-processor. Polar.sh acts as Merchant of Record (MoR) for paid plans and issues invoices and collects payments in its own name. The Customer's billing contact details (name, email, billing address, payment method) are transmitted to these US-based providers. The transfer is based on the EU–US Data Privacy Framework (DPF) and Standard Contractual Clauses (SCCs). No employee data from personnel files is transmitted.
  6. In the event of payment default, the Provider (or Polar.sh as MoR) is entitled to suspend access to the Platform after prior written notice. No data will be deleted during the suspension period; data remains retrievable for 30 days following suspension.

§ 9 Data Protection and Data Processing

  1. To the extent the Customer enters or uploads personal data of its employees (including personnel files) into the Platform, the Provider processes that data as a data processor within the meaning of Art. 28 GDPR.
  2. The conclusion of a separate Data Processing Agreement (DPA) is mandatory and a prerequisite for GDPR-compliant use of the Platform.
  3. Further details on data processing, sub-processors and data security are set out in the Provider's Privacy Policy.

§ 10 Liability

  1. The Provider has unlimited liability for damages arising from injury to life, body or health, and for damages based on wilful misconduct or gross negligence.
  2. In the event of slightly negligent breach of material contractual obligations (cardinal obligations), liability is limited to foreseeable, typically occurring damage.
  3. Any further liability of the Provider for slight negligence is excluded.
  4. Liability limitations also apply to the Provider's vicarious agents.
  5. The Provider is not liable for data loss caused by inadequate data backup on the Customer's side.
  6. The Provider is not liable for data breaches caused by:
    • Incorrect configuration of roles and permissions by the Customer,
    • Erroneous invitations or sharing of access credentials by the Customer,
    • Social engineering, phishing or other attacks against the Customer or its users.
  7. The Provider is not liable for decisions made by the Customer based on AI-generated analyses or suggestions. AI outputs are recommendations only; all personnel decisions are the sole responsibility of the Customer.

§ 11 Confidentiality

  1. Both parties undertake to keep confidential information of the other party that becomes known in the course of this contract, not to disclose it to third parties, and to use it only for the performance of the contract.
  2. Confidential information includes in particular: personnel file contents, trade secrets, technical information, pricing information and all information marked as confidential.

§ 12 Amendments to the ToS

  1. The Provider reserves the right to amend these ToS with at least 6 weeks' notice. Amendments will be communicated to the Customer by email or within the Platform.
  2. If the Customer does not object within 6 weeks of receiving the amendment notice, the amended ToS are deemed accepted. The Provider will explicitly draw the Customer's attention to this consequence in the amendment notice.

§ 13 Final Provisions

  1. The law of the Federal Republic of Germany applies, excluding the UN Convention on Contracts for the International Sale of Goods (CISG).
  2. If the Customer is a merchant, a legal entity under public law or a special fund under public law, the exclusive place of jurisdiction for all disputes arising from this contract is the Provider's registered place of business.
  3. Should individual provisions of these ToS be or become invalid, the validity of the remaining provisions is not affected.

This document is current as of March 2026. For the most recent version, please contact us at support@personalrampe.com