e-szignó certificate authority general terms of agreement...
TRANSCRIPT
e-Szignó Certificate Authority
General Terms of Agreement for qualified electronic signatures certification services and qualified time-stamping services
This is a courtesy translation of the original Hungarian document.
Despite our best efforts our translation may contain errors. In case of any discrepancies,
the official text is that of the Hungarian document.
Identifier: 1.3.6.1.4.1.21528.2.1.1.13.1.6
Version: 1.6
Entry into force of first version: 19/11/2006
Security classification: PUBLIC
Approved by: András Ellbogen
Date of approval: 30/04/2009
Date of entry into force: 01/06/2009
MICROSEC Software Engineering and Consulting Ltd.
Marcibányi tér 9., Budapest, Hungary, H-1022
ÁSZF-HSZ-ÁLT 1.6
2
Revision Changes
Version Change Description Date of effect Created by:
1.0
First version OID:
1.3.6.1.4.1.21528.2.1.1.13 2006-11-19 Dr. István Zsolt Berta
1.1
Complementation according to the
remarks of the Hungarian National
Media and Communications
Authority.
OID: 1.3.6.1.4.1.21528.2.1.1.13.1.1
2006-12-04 Dr. István Zsolt Berta
1.2
Change in Consumer Protection
Authority’s contact details
OID: 1.3.6.1.4.1.21528.2.1.1.13.1.2
2007-10-28 Dr. István Zsolt Berta
1.3
Change again in Consumer Protection
Authority’s contact details
OID: 1.3.6.1.4.1.21528.2.1.1.13.1.3
2008-01-01 Dr. István Zsolt Berta
1.4
Did not come into effect.
OID: 1.3.6.1.4.1.21528.2.1.1.13.1.4
2008-10-01 Dr. István Zsolt Berta
1.5
Change in terms of payment.
OID: 1.3.6.1.4.1.21528.2.1.1.13.1.5
2008-12-20 Dr. István Zsolt Berta
1.6
Change in terms of payment.
OID: 1.3.6.1.4.1.21528.2.1.1.13.1.6
2009-06-01 Dr. István Zsolt Berta
© Microsec Kft. All rights reserved.
ÁSZF-HSZ-ÁLT 1.6
3
Table of Contents
1 The Service Provider ....................................................................................................................... 5
1.1 Services Associated with Electronic Signatures....................................................................... 5
1.2 e-Szignó Certificate Authority.................................................................................................. 6
2 The Purpose, Scope and Publication of the GTA............................................................................ 6
2.1 Purpose ..................................................................................................................................... 6
2.2 Scope ........................................................................................................................................ 7
2.3 Publication and Notifications ................................................................................................... 7
3 Establishing the Agreement............................................................................................................. 8
4 The Subscriber’s Rights .................................................................................................................. 8
5 The Subscriber’s Obligations .......................................................................................................... 9
6 The Service Provider’s Rights....................................................................................................... 11
7 The Service Provider’s Obligations............................................................................................... 12
8 The Subscriber’s Liability ............................................................................................................. 12
9 The Service Provider’s Liability.................................................................................................... 12
10 Fees, Device Prices and Conditions of Payment ......................................................................... 15
10.1 The Types of Various Fee Items........................................................................................... 15
10.1.1 Usage fees...................................................................................................................... 16
10.1.2 Base fees........................................................................................................................ 16
10.1.3 Occasional fees.............................................................................................................. 16
10.2 The Various Fee Items.......................................................................................................... 16
10.2.1 In connection with electronic signature certification service and device services ........ 16
10.2.2 In connection with the time-stamping and online certificate-status service.................. 17
10.2.3. In connection with invoicing.................................................................................. 17
10.3 Terms of Payment................................................................................................................. 17
10.4 Modification of the Pricelist ................................................................................................. 19
10.5 The Cooperation of the Parties in the Course of Service Delivery....................................... 19
11 Amendment and Termination of the Agreement ......................................................................... 20
11.1 Amendments to the GTA and the Certificate Practice Statement ........................................ 20
ÁSZF-HSZ-ÁLT 1.6
4
11.2 Amendments to the Service Agreement ............................................................................... 20
11.3 Expiry of the Agreement ...................................................................................................... 20
11.3.1 The subscriber’s death or dissolution without a legal successor ................................... 21
11.3.2 The Dissolution of the Service Provider........................................................................ 21
11.3.3 Termination for Convenience........................................................................................ 21
11.3.4 Termination for Cause................................................................................................... 21
12 Data Retention Rules, Non-Disclosure Obligation...................................................................... 22
13 Procedure to be Observed in Case of Legal Disputes.................................................................. 22
ÁSZF-HSZ-ÁLT 1.6
5
1 The Service Provider
Name: MICROSEC Software Engineering and Consulting Ltd.
Company registration number: 01-09-078353, Budapest Metropolitan Court as Court of
Registration
Registered office: Marcibányi tér 9, Budapest,
H-1022, HUNGARY
Site of operations: Záhony u. 7, Graphisoft Park, building ‘D’, Budapest,
H-1031, HUNGARY
Telephone number: +36 1 5054444
Fax number: +36 1 5054445
Website: http://www.microsec.hu,
http://www.e-szigno.hu
Certifications: ISO 9001, ISO 27001
1.1 Services Associated with Electronic Signatures
Microsec Ltd. is registered by the Hungarian National Media and Communications Authority as a
non-qualified service provider since May 31, 2002 with respect to electronic signature certification
services, time-stamping services and installation of signature-generation data on signature
generation device service (referred to henceforth as: device service) as specified in Act XXXV of
2001 on electronic signatures. The registration number of Microsec is: MH 6834 1/2002.
Microsec Ltd. is also registered by the Hungarian National Media and Communications Authority
as a qualified service provider with respect to electronic signature certification services, as well as
time-stamping and device services since May 15, 2005.
Microsec Ltd. is also registered by the Hungarian National Media and Communications Authority
as a service provider with respect to providing electronic archiving services. (Case file identifier of
the resolution on registration: HL-3549-2/2007.) The starting date for launching electronic
archiving services is February 1, 2007.
ÁSZF-HSZ-ÁLT 1.6
6
1.2 e-Szignó Certificate Authority
Name of service delivery unit: e-Szignó Hitelesítés Szolgáltató
Customer services: 1031 Budapest, Záhony u. 7, Graphisoft Park,
Building ‘D’
Customer services business hours: 9:00 AM to 12 PM and 2 PM to 4:30 PM on business days
Customer services phone number: +36 1 5054444
Customer services e-mail address: [email protected]
Information about the service may be accessed at:
http://www.e-szigno.hu
Complaints may be reported to: MICROSEC Számítástechnikai Fejlesztő Kft. 1031 Budapest, Záhony u. 7, Graphisoft Park, Building ‘D’
Competent consumer protection inspectorate:
Hungarian Authority for Consumer Protection (NFH) Central Hungary Regional Inspectorate
1052 Budapest, Városház u. 7.
1364 Budapest, Pf. 270.
phone: (+36-1) 318-2681
fax: (+36-1) 318-1639
2 The Purpose, Scope and Publication of the GTA
2.1 Purpose
The purpose of these General Terms of Agreement (referred to henceforth as the GTA) is to set out
the detailed regulation of the legal relationship between the provider of the services, MICROSEC
Kft. (referred to henceforth as the Service Provider) and the party who/which subscribes to the
service (referred to henceforth as the Subscriber). The Service Agreement let in writing, this GTA,
and the applicable Certificate Practice Statement, moreover the individual declarations established
between the parties shall apply and prevail in respect of the legal relationship collectively. The
Service Provider shall deliver the following services to the Subscriber in the scope of the
Agreement (referred to as henceforth as the Agreement):
• Electronic signature certification service (as specified in Act XXXV of 2001 on electronic
signatures),
• installation of signature-generation data on signature generation device (as specified in Act
XXXV of 2001 on electronic signatures), referred to henceforth as: device service,
ÁSZF-HSZ-ÁLT 1.6
7
• online certificate-status service (that allows the verification of the status of certificates
issued by e-Szignó Hitelesítés Szolgáltató),
• time-stamping service (as specified in Act XXXV of 2001 on electronic signatures),
The electronic signature certification service, the device service and the time-stamping service are
provided as a qualified service provider according to this GTA. The online certificate-status service
is provided by Service Provider for those certificates that have been issued in the frame of its
qualified services in scope of this Agreement. The above mentioned services which are provided in
scope of the Agreement are jointly called: Services.
The Service Provider is providing the Services in accordance with the document “e-Szignó
Certification Service Provider certificate practice statement for qualified electronic signature
certification service and qualified time-stamping service” referred to henceforth as: Certificate
Practice Statement.
In case of electronic signature certification service the Service Provider is issuing certificates for
Signatories named by the Subscriber. Service Provider has a separate written contract with
Signatories about the usage of Services. The Subscriber and all the Signatories associated with him
are collectively named: Client.
2.2 Scope
a) The GTA shall be valid for an indefinite term as of the date of entry into force as indicated on
the document’s title page.
b) Unless the Parties agree otherwise, the Agreement shall be concluded for an indefinite term.
c) The territorial scope of the GTA shall be the territory of Hungary. The legal regulations of
Hungary as may be effective at the time shall prevail in respect of the Service Provider’s
operations. Electronically provided services under the Agreement shall be available all over the
world. Their term of validity as established under the Agreement shall be irrespective of the
geographic location where they were created, as well as the geographic location where they are
used.
2.3 Publication and Notifications
a) The Service Provider shall disclose this GTA on its website in electronic form, the GTA may
furthermore be viewed at the Service Provider’s customer services office.
ÁSZF-HSZ-ÁLT 1.6
8
b) The Service Provider may also send written notifications to the Subscriber by way of sending
simple notifications bearing no electronic signature to the e-mail address the Subscriber
specified. The Parties may not terminate the Agreement by means of simple notification that
bears no electronic signature.
3 Establishing the Agreement
a) The legal relationship shall be established upon the Service Provider’s signing the Service
Agreement that is set in writing.
b) This GTA and the Certificate Practice Statement applicable to the provision of Services shall
constitute annexes to the Agreement. Simultaneously with signing the Service Agreement, the
Subscriber shall explicitly accept the provisions of this GTA, as well as those of the Certificate
Practice Statement as well.
c) The Service Provider may also conclude agreements subject to terms and conditions that are
different from those articulated in the GTA. In such cases, any and all deviations from the GTA
must be specified accurately in the Agreement. The Service Provider shall represent that it
possesses the personal and material conditions necessary for performing the Services, moreover
that the Services comply with the authority and statutory requirements as may be effective at
the time.
d) The Subscriber shall represent that it possesses the conditions necessary for using the Services
as specified in this GTA, as well as the Certificate Practice Statement.
4 The Subscriber’s Rights
a) The Client shall have the right to use the Services under the Agreement if their use complies
with the provisions of the Agreement and the fees associated with the Services will have been
paid by deadline.
b) Subscriber shall have the right to expand the list of Signatories pertinent to the Agreement with
new Signatories and shall have the right to delete existing signatories from this list.
c) Subscriber shall have the right to initiate the revocation, suspension and recovery of the
certificate of Signatories pertinent to the Agreement. Service provider handles such requests in
accordance with the Certificate Practice Statement.
ÁSZF-HSZ-ÁLT 1.6
9
d) Subscriber shall have the right to authorize Signatories in accordance with the Certificate
Practice Statement to act on behalf of Subscriber. Only such Signatories has the right to initiate
the suspension of certificates on behalf of the Subscriber at the 24 hour helpdesk of Service
Provider. Persons authorized in any other way, has no right to represent Subscriber at the 24
hour helpdesk of Service Provider. The issuance and revocation of authorizations is the
responsibility of Subscriber, Service Provider assumes the authorized Signatory as the
representative of the Subscriber as long as it receives an authorization revocation statement
from subscriber.
e) Subscriber shall have the right to request certificate status information with the online
certificate-status service in case it has a valid subscription for the service. The certificate status
responses are issued by Service Provider in accordance with the Certificate Practice Statement.
f) Subscriber shall have the right to request time-stamps from Service Provider in case it has a
valid subscription for the service. Service Provider issues the time-stamps in accordance with
the Certificate Practice Statement.
g) The rights of Signatories belonging to Subscriber are included in the Certificate Practice
Statement.
5 The Subscriber’s Obligations
a) Subscribers shall be obliged to acquaint themselves with the Certificate Practice Statement
before using the service. By signing the Service Agreement, Subscribers shall represent that
they have perused and acquainted themselves with the terms and conditions of this GTA.
b) Subscribers shall be obliged to provide the data necessary for using the service as requested by
the Service Provider and are obliged to provide valid data.
c) Subscribers shall be obliged to use the Services solely for the purposes allowed or not
prohibited by legal regulations, according to the provisions of the Certificate Practice
Statement.
d) Subscribers shall be obliged to ensure that solely duly authorized individuals are permitted
access to the data and tools (passwords, secret codes, smartcards, private keys) necessary for
using the service. Subscribers shall acknowledge their consumption by the passwords linked to
the subscription, as well as by individuals identified on the basis of certificates belong to the
Subscriber’s subscription, and they may only object to this in a substantiated way if any of the
affected certificates will have been suspended or revoked.
ÁSZF-HSZ-ÁLT 1.6
10
e) In case Subscribers learn that any information appearing on any certificate belonging to their
subscription – particularly names, positions, affiliation to organizations – are changed, they
shall be obliged to report this fact to the Service Provider forthwith, and will be obliged to
initiate the suspension and/or revocation of certificates thus affected.
f) Subscribers are obliged to acknowledge that the Service Provider will only display true,
verified information on issued certificates. Accordingly, the Service Provider shall verify the
data to be entered on certificates in accordance with the Certificate Practice Statement, and
should any of the data appearing on a certificate change, the Service Provider will revoke the
certificate in accordance with the Certificate Practice Statement.
g) Subscribers shall be obliged – upon being called upon to do so – to cooperate with the Service
Provider in the interest of verifying the data necessary for issuing certificates, and to do
everything they can to allow the soonest possible completion of such verification.
h) Subscriber shall be obliged to call the attention of Signatories belonging to him, to get
acquainted with the Certificate Practice Statement before service usage. This doesn’t exempt
Service Provider from its obligations to inform set out in relevant legislation. Subscriber
acknowledges the fact that the Signatories belonging to Subscriber has a direct contract also
with Service Provider (signatory contract).
i) In case Subscriber becomes aware of the fact that any of its Signatories’ signature creation data,
secure signature creation device (or signature creation device) or the secret codes for the
activation of the devices have fallen into wrong hands or has been destroyed, Subscriber shall
be obliged to report this fact without delay in written form to the Service Provider and is
responsible for initiating the revocation or suspension of the certificates belonging to the
devices involved.
j) In case any of the Signatories belonging to Subscriber requests such a certificate where
signatory appears as the employee of an organisation, Subscriber should note that Service
Provider will not issue the certificates without the written consent of the organisation
represented. Subscriber should note that the above mentioned organisation also shall have the
right to suspend or revoke the certificate of Signatory.
k) Subscribers shall be obliged to notify the Service Provider in the event of any changes
occurring in their status, thus particularly if they are dissolved through legal succession or
without any legal successor.
l) The Certificate Practice Statement or the Service Agreement or any other declaration may
contain further obligations for the Subscriber.
ÁSZF-HSZ-ÁLT 1.6
11
6 The Service Provider’s Rights
a) The Service Provider shall have the right to refuse or restrict the provision of Services in
justified cases, particularly if the data provided by the Client are not valid according to what the
Service Provider observes or determines. The Service Provider shall notify the Subscriber about
this refusal or restriction.
b) The Service Provider shall have the right to refuse or restrict the provision of the Services in
case the Client jeopardizes the security or availability of the Services. The Service Provider
shall notify the Subscriber about this refusal or restriction.
c) The Service Provider may store data that Client provide, as well as those associated with using
the Services in its own records, moreover may hand them over to its subcontractors and agents
– in respect of data sets that are not specified in the legal regulation, and upon the Client’s
explicit consent – to the extent and for the purpose that may be required for the provision of the
Services. Manufacturing the devices necessary for using the Service, invoicing, the assertion of
claims against Clients or marketing and advertising related to the Service Provider’s products
shall qualify as such purposes.
d) The Service Provider shall have the right to restrict the provision of Services at the rate
described in clause 10.3, moreover to terminate the Agreement effective immediately in case
the Subscriber fails to discharge its payment related obligations by deadline. This restriction
shall entail the suspension and/or revocation of certificates that are associated with the
subscription, as well as the disabling of online services. The Service Provider shall reserve the
right to terminate the Agreement effective immediately if the Subscriber fails to settle its
outstanding fees even upon being called upon to do so.
e) The Service Provider shall be entitled to name the Subscriber as a reference, assuming that the
Service Agreement does not provide for otherwise nor does the Subscriber, in writing.
f) Service Provider shall have the right to publicize the certificate revocation information of
Signatory’s certificate in order for service provision. In case Signatory gives written consent
Service Provider shall have the right to publicize even the certificate of Signatory.
g) Service Provider shall have the right to revoke the certificate of Signatory in case Subscriber or
any of the Signatories belonging to Subscriber commit a breach of the Agreement, or in case
Service Provider learns from any source that the data provided for the issuance of the certificate
by Client is invalid or has changed since the issuance of the certificate.
h) The Certificate Practice Statement or the Service Agreement or any other declaration may
contain further rights of the Service Provider.
ÁSZF-HSZ-ÁLT 1.6
12
7 The Service Provider’s Obligations
a) The Service Provider shall be obliged to deliver the Services according to the Certificate
Practice Statement and the GTA that may exist at the time.
b) In the case of changes to legislation governing the Services, it shall be obliged to notify the
Subscriber about the changes.
8 The Subscriber’s Liability
a) The Subscriber shall be responsible for observing its obligations.
b) Should the Subscriber cause any damage through breach of the Agreement, neglecting its
obligations articulated in this GTA or the Certificate Practice Statement, or by failing to
observe the provisions set forth in these, it shall bear unlimited liability towards the aggrieved
party in respect of damages arising out of the said under the general rules of civil law.
9 The Service Provider’s Liability
a) The Service Provider shall be liable – under the rules of causing damage outside of contract as
set out in the Civil Code of the Republic of Hungary (Civil Code Article 339) – for any damage
caused in connection with the Services to third parties (affected parties) that are not in a
contractual relationship with it.
b) The Service Provider shall be liable for damages caused by Service Provider according to the
15.§ (1) of Act XXXV of 2001 on electronic signatures.
c) The Service Provider shall recompense damages once every document necessary for judging
the damage claim, moreover those evidencing the Service Provider’s responsibility, as well as
the time and amount of the damage, are available.
d) The Service Provider shall rule out its liability if the Client proceeds in a manner other than that
specified in the Agreement or in breach of law.
e) The Service Provider shall disclose the certificate revocation lists it issues in a manner that is
accessible to everyone, and will not assume any liability for their use.
f) In case the Service Provider uses external registration organizations in the interest of delivering
the Services, it shall be liable for such organizations also functioning in accordance with the
provisions of the Certificate Practice Statement.
ÁSZF-HSZ-ÁLT 1.6
13
g) In the case of the certificate’s suspension and/or revocation, the Service Provider shall only be
liable in connection with disclosing the altered revocation status of the certificate upon the
completion of a successfully concluded suspension and/or revocation process. The Certification
Practice Statement contains the description of the suspension, reinstation and revocation
workflows. The Service Provider shall be liable for suspension and revocation under the
provisions of the Certificate Practice Statement.
h) The Service Provider may limit – in line with effective legal regulations – any damage
compensation that is payable for proven damages arising in the scope of its liability in respect
of clients that are in a contractual relationship with it. The extent of such restriction may vary
depending on the price package the Subscriber chooses; the exact amount of the restriction may
be set out in the Service Agreement and/or the Certificate Practice Statement. Restriction of
damage compensation may extend to cover material and non-material damages, lost profits,
costs (to each and every type of losses and damages) that arise out of the Service Provider’s
fault. The possible restriction of the Service Provider’s liability for damages may be determined
in respect of any discount on the Service fees, at the rate of the provided discounts, and in
proportion with such. Limitation of liability may not extend to any damage caused to life and
bodily integrity.
i) The Service Provider shall rule out its liability in case for any reason – including system
management and operational problems occurring at Service Provider – the full signature
verification process can not be carried out or is not being carried as it should be according to
the Certificate Practice Statement at the time of the verification of the signature and still the
electronic signature and the electronically signed document gets accepted by the verifier of the
electronic signature.
j) The Service Provider shall not bear any liability whatsoever for damages arising on account of
failure to observe the restrictions applicable to the usability of the certificate, as may be
indicated in the certificate.
k) The Service Provider shall accept no liability for the following once the signature-creation data
belonging to the certificate has been transferred to the Subscriber’s possession:
(a) for the protection of the signature creatin device, the secret codes and passwords
required for the usage of signature-creation device and the signature-creation data;
ÁSZF-HSZ-ÁLT 1.6
14
(b) for the electronic signatures created by the signature-creation data; (except for that
case if Client reports to Service Provider according to the Certificate Practice
Statement that the signature-creation data has fallen into wrong hands or if the
Client requests the revocation or suspension of the certificate. In this case Service
Provider shall bear liability for the damage caused by the electronic signatures
created by the signature-creation data according to the Certificate Practice
Statement.)
(c) for the damage caused by the electronic signatures created by the signature-
creation data if the Client didn’t follow the rules of the Certificate Practice
Statement especially if it fails to report any change that has happened since the
application for the service in the data provided during the application.
l) The Service Provider shall be liable for certificate status responses being issued according to
the provisions of the Certificate Practice Statement.
m) The Service Provider shall be liable for the correctness of certificate status responses.
n) The Service Provider shall be liable for publishing certificate status responses according to the
provisions of the Certificate Practice Statement.
o) The Service Provider shall not be liable for certificate status queries or responses being lost or
delayed for reasons that are not attributable to the Service Provider. In particular, such cases
include the data transmission network (internet) routed to the Service Provider being
overloaded, unavailable, or an operational irregularity of the Subscriber’s information
technology system.
p) The Service Provider shall be liable for the issuance of time-stamps according to the provisions
of the Certificate Practice Statement
q) The Service Provider shall be liable for the availability of the time-stamping service according
to the Certificate Practice statement
r) The Service Provider shall not be liable for time-stamp requests or responses being lost or
delayed for reasons that are not attributable to the Service Provider. In particular, such cases
include the data transmission network (internet) routed to the Service Provider being
overloaded, unavailable, or an operational irregularity of the Subscriber’s information
technology system.
ÁSZF-HSZ-ÁLT 1.6
15
10 Fees, Device Prices and Conditions of Payment
a) In exchange for its Services, the Service Provider shall charge the fees specified either in the
Pricelist effective at the time or the custom fees specified for the Subscriber in the Service
Agreement. The Pricelist shall be the pricelist published on the Service Provider’s website,
which contains the unit prices of the various services, as well as the combined price of grouped
services. Discounts and changes in fees shall be announced in the Pricelist.
b) Service Provider shall determine different price packages in connection with its different
services, the different packages can bear different liability limits, or in case of the electronic
signature certification service provided as a qualified service they can have different transaction
limits.
c) The price package chosen by the Subscriber shall be specified in the Service Agreement, this
price package may be modified subsequently upon the Subscriber’s request. The Service
Provider may charge a fee for modifying the price package.
d) In the interest of the easier comprehension of its prices, as well as to allow choosing an
appropriate combination of its products and services, the Service Provider shall also offer its
Services jointly, in the scope of complex packages (referred to henceforth as the Packages), and
will disclose the prices and contents of the Packages it offers in the Pricelist available on the
Service Provider’s website. Discount prices and additional conditions apply to Services used in
the scope of Packages. The fees, prices and payment terms of Services used in Packages are not
specified in this section of this GTA, rather in the document entitled “e-Szignó Certification
Service Provider general terms of agreement for e-Szignó packages”. In the case of agreements
applicable to Packages, this document shall also constitute an inseparable part of the
Agreement, and by signing the Service Agreement the Subscriber shall acknowledge that it has
become familiar with these general terms of contract and will explicitly accept them. This
section of this GTA shall specify the fees, prices, and conditions applicable to Services used
directly (i.e. not in the scope of Packages).
e) The Service Provider shall be entitled to apply custom prices in the case of custom subscriber
requests.
10.1 The Types of Various Fee Items
Service fees may be
• usage fees,
• base fees,
• occasional fees.
ÁSZF-HSZ-ÁLT 1.6
16
10.1.1 Usage fees
Usage fees are fees charged on the basis of the volume of used services.
10.1.2 Base fees
Base fees are maintenance fees applicable to the Agreement’s term of validity, fees for performing
the tasks in the scope of the Service Provider’s responsibility in the framework of the Service
Agreement, which are independent of actual use.
10.1.3 Occasional fees
Occasional fees are fees for changes carried out – under the operational terms and conditions
specified in the Agreement and applied by the Service Provider – upon the Client’s request or due
to its being subject to any obligation.
10.2 The Various Fee Items
10.2.1 In connection with electronic signature cert ification service and
device services
a) Fee for changing price packages (occasional fee): This is the fee the Service Provider shall
charge if the Subscriber requests that it is switched to any other price packages.
b) Certificate base fee (base fee): Paying this fee shall authorize the Subscriber (or an individual
designated by the Subscriber) for request a given type of certificate according to the Certificate
Practice Statement, taking into consideration the fact that such requesting takes time. In case
the certificate expires or is revoked during the term of the Agreement, the Subscriber shall
become entitled to request a new (e.g. renewed) certificate in exchange for the fee that was
already paid. The invalidity of a certificate, particularly its suspension, revocation, or any
overlap existing or not existing between the validity period of old and new certificates in the
course of certificate replacement shall have no bearing on fee payment.
c) Occasional fees associated with certificates: Fees associated with maintaining certificates,
particularly registration, reinstating, certificate replacement, changing the data on the
certificates (including any change of the e-mail address that appears in the certificate). The fee
payable for reinstating suspended certificates shall be payable for the issuing of new certificates
instead of revoked certificates (certificate replacement) as long as such revocation occurred on
account of the Subscriber’s late payment.
d) Device prices (occasional fees): The price of devices (cards, card readers, software, etc.)
provided by the Service Provider.
ÁSZF-HSZ-ÁLT 1.6
17
e) Service restart fee (occasional fee): The Service Provider shall charge this fee upon the repeated
conclusion of the Agreement as long as the Subscriber did not terminate the previous agreement
more than two months before. The Service Provider shall be entitled to dispense with charging
this fee on the basis of individual treatment.
10.2.2 In connection with the time-stamping and o nline certificate-
status service
a) Time-stamping basic fee: This fee is payable for the availability of Service Provider in a given
time period. The fee shall be paid in the billing period irrespective of the service usage volume
of Subscriber in the given time period.
b) Basic fee for access (basic fee): Service Provider shall charge this fee for every username-
password pair or authentication certificate that Subscriber uses for accessing the service.
c) Traffic fees: This fee shall be paid in accordance with the volume of time stamp and online
certificate-status responses issued for subscriber.
d) Occasional fees associated with time-stamping and online certificate-status service: These are
fees especially which are associated with the connection and reconnection (in case of payment
delay) of the Customer to Service Provider’s IT system.
10.2.3. In connection with invoicing
a) Fee for issuing a detailed invoice (incidental fee).
b) In case electronic invoicing is an option in respect of any of the Services, the Service Provider
will be entitled to provide a discount to the Subscriber provided the Subscriber chooses
electronic invoicing.
10.3 Terms of Payment
a) The due date of invoices shall be the 15th calendar day following the issue of the invoice.
b) Invoices may be settled by transfer to the bank account number indicated on the invoice or by
direct payment at the cash desk.
c) Default interest shall be determined in the case of late payment, with a rate twice the Hungarian
central bank base rate.
d) The Service Provider shall be entitled to terminate the Agreement in the case of payment that is
30 days late.
ÁSZF-HSZ-ÁLT 1.6
18
e) Subscribers may raise complaints about the invoiced amount until the due date of payment
indicated on the invoice. In the case of legitimate complaints, the Service Provider shall make
out a new invoice about the correct amount, which the Subscriber will have to settle until the
new payment deadline indicated on it. Should a Subscriber only raise a complaint about the
amount of an invoice that was issued incorrectly after the due date of payment, it shall be
obliged to pay default interest on the correctly specified amount according to the original
payment deadline. If the Subscriber objects to the amount of an invoice that has already been
paid and its complaint is legitimate, the Service Provider shall credit or refund the amount due
to the Subscriber within 8 days after the investigation of the complaint. Even in case of an
unsubstantiated invoice related complaint, the Subscriber shall be obligated to pay default
interest of the abovementioned rate in respect of the unsettled amount. In the case of the
Service Provider’s late payment, the Subscriber shall be entitled to default interest under the
Civil Code.
f) The Service Provider may claim any uncharged or mistakenly uncollected fees within the
general superannuation time limit, and shall accept complaints about mistakenly charged and/or
collected fees within one year.
g) The expiry of the Agreement shall have no bearing on fees the Subscriber has paid.
h) The Service Provider may issue invoices in monthly or annual periods, and shall always issue
invoices at the beginning of the month. The Subscriber shall be obliged to indicate if it does not
receive an invoice about used services. A monthly or yearly invoicing period may be chosen in
respect of the various Services or price packages if this option is indicated in the Service
Provider’s Pricelist as disclosed on its website.
i) Occasional fees associated with the Services always appear on the next invoice that is due.
j) The Service Provider shall charge usage fees associated with the Services after the invoicing
period. The invoicing period shall be the preceding period, in other words the calendar month
or year that precedes the issuing of the invoice. Invoices shall indicate the fees applicable to
this invoicing period.
k) Usage fees shall be tallied separately during the various invoicing periods – every month in the
case of monthly invoicing and every year in the case of yearly invoicing – therefore discounts
awarded regarding usage fees subject to ranged pricing during a given invoicing period may not
be taken over to another invoicing period.
l) The Service Provider shall be entitled to issue mid-term invoices if the usage fees that can be
charged to the Subscriber reach or exceed the amount specified on the Pricelist.
ÁSZF-HSZ-ÁLT 1.6
19
m) The Service Provider shall charge the base fees associated with Services at the start of the
respective service period (service provision month or service provision year). By service
period, the parties shall mean the period of the next month or year that follows the start of use
(i.e. not the calendar month or calendar year).
n) Switching to yearly invoicing from monthly invoicing shall become effective on the next
monthly service delivery start statement date.
o) Switching to monthly invoicing from yearly invoicing shall become effective on the next
annual service delivery start statement date.
p) The Subscriber shall acknowledge that the expiry or revoking of a certificate shall not mean the
cancelling of the service in respect of the certificate’s subject. In case a Subscriber does not
cancel the service separately, the Service Provider shall continue maintaining the certificate
(carrying out the steps necessary for renewing the certificate), therefore any and all associated
fees will need to be paid going forward.
q) The Subscriber may modify the Services to which it subscribed in the scope of the Agreement
and/or switch between the price packages applicable to the services solely in case it has no
outstanding fees.
r) The Service Provider shall not provide any refunds from service fees that have already been
paid, unless the Agreement expires because of the Service Provider’s error.
10.4 Modification of the Pricelist
The Service Provider shall reserve the right to modify the pricelist. The Service Provider shall
disclose any such modification on its website at least 15 days before the modification enters into
force, and also notify the Subscriber by electronic mail. Modifications will not affect the price of
services paid in advance. In case the Subscriber does not accept the modification, the Subscriber
shall be entitled to terminate the Agreement effective immediately, within 15 days calculated from
the disclosure of the modification.
10.5 The Cooperation of the Parties in the Course o f Service
Delivery
The provisions that are applicable in this regard are contained in the Certificate Practice Statement.
ÁSZF-HSZ-ÁLT 1.6
20
11 Amendment and Termination of the Agreement
11.1 Amendments to the GTA and the Certificate Prac tice
Statement
a) The Service Provider shall be entitled to amend the GTA and the Certificate Practice Statement
unilaterally.
b) The Agreement shall be amended in the case of any change to the GTA or the Certificate
Practice Statement.
c) The Service Provider shall be obliged to disclose any such amendment on its website at least 15
days before entry into force, as well as to notify the Client by electronic mail.
d) In case the Subscriber does not accept the amendment, it shall be entitled to terminate the
Agreement effective immediately, within 15 days calculated from its disclosure or receiving
notification thereof.
11.2 Amendments to the Service Agreement
a) The Parties may only amend the Service Agreement through common understanding and in
writing.
b) The Subscriber shall be entitled to initiate data change in the case of any change in his or her
identity. The Service Provider may refuse such data change if the new subscriber fails to satisfy
the criteria specified in the GTA or the Certificate Practice Statement regarding contract
conclusion. The Service Provider may charge a fee for carrying out the data change, which it
will disclose in the pricelist.
c) Data change is not applicable in the case of Signatory data change is therefore ruled out.
11.3 Expiry of the Agreement
The Agreement between the Service Provider and the Subscriber shall expire:
a) upon the subscriber’s death or dissolution without a legal successor,
b) upon the Service Provider’s dissolution,
c) through termination for convenience or termination for cause served in writing by any Party,
d) by common understanding.
Termination shall become effective upon certified receipt by the other party.
ÁSZF-HSZ-ÁLT 1.6
21
11.3.1 The subscriber’s death or dissolution withou t a legal successor
In the case of the Subscriber’s death or dissolution without a legal successor, the Agreement shall
expire effective immediately.
11.3.2 The Dissolution of the Service Provider
The provisions that are applicable in this regard are contained in the Certificate Practice Statement.
11.3.3 Termination for Convenience
Any of the Parties may initiate the termination of the Agreement in writing. The Agreement’s
termination shall be subject to 30 days notice, which commences on the date notification about
termination is received. Exercising the right of termination provided to the Subscriber which is
specified in clause 11.1 shall constitute termination for convenience.
11.3.4 Termination for Cause
a) In the case of the Client’s gross breach of contract, the Service Provider shall be entitled to
terminate the Agreement – and provide an explanation in writing – effective immediately.
b) The Subscriber’s failing to pay the fees associated with using the Services by deadline and
despite being advised to do so shall constitute gross breach of contract.
c) In addition to this, the Client jeopardizing the security or availability of Services, or violating
any of its obligations listed in the Agreement, the GTA or the Certificate Practice Statement –
particularly the following ones – will also constitute the Client’s gross breach of contract:
a. if the Client does not provide valid data,
b. if the Client fails to promptly notify the Service Provider about changes in its data
as previously specified,
c. if the Subscriber or any Signatory affiliated with the Subscriber uses their
certificate for purposes that are not allowed under legal regulations and/or the
Certification Practice Statement,
d. if the appropriate protection of the cryptographic private key or the device on
which it is stored or any passwords, PIN and PUK-codes associated with such is
not accomplished due to reasons that are chargeable to the Client, moreover if
unauthorized persons are able to access the said,
e. if it can be assumed that unauthorized individuals have access to the data and
devices mentioned in the previous clause and the Client fails to initiate the
suspension or revocation of the certificate without delay.
ÁSZF-HSZ-ÁLT 1.6
22
d) The Agreement shall expire effective immediately upon the receipt of termination for cause.
e) The Subscriber shall be entitled to terminate the Agreement effective immediately in case the
Service Provider fails to ensure the availability of services that constitute the object of the
agreement as stipulated in the legal regulation or if the Service Provider violates any other
requirement prescribed in any other legislation. Subscribers may serve termination for cause to
the Service Provider in writing.
12 Data Retention Rules, Non-Disclosure Obligation
a) The Parties shall undertake the obligation to retain any and all business secrets which they learn
in the course of delivering or using the Services according to the provisions of the applicable
legal regulations.
b) The clauses entitled The Service Provider’s Obligations and The Subscriber’s Obligations,
moreover the Certificate Practice Statement contain additional stipulations associated with data
retention.
c) Barring statutory obligation, being obligated by an authority or the government or the courts, as
well as the cases specified in this document, the Parties may solely deliver data and information
they learn during the delivery and use of Services in the scope of the Agreement to third parties
upon the written consent of the persons who/which are the data subjects.
13 Procedure to be Observed in Case of Legal Disput es
The provisions that are applicable in this regard are contained in the Certificate Practice Statement.