TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 16:17:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs(legal): Updated agreements and policies v2 (#3823)

Browse Source 
* tos

* adds cloud service

* cloud service description WIP

* action minute

* service level description

* SAML and last revised

* tos credit and payment

* dpa basic, profile, and payment data

* service description: authenticated requests

* cloud service description: ui

* add notification box

* sla description

* support services

* removes dedicated instance annex

* remove dedicated instance annex sidebar, links

* update dedicated terms

* merge additional terms in sidebar

* privacy formatting

* pp update piid table

* remove cloudflare cookies

* privacy customer portal cookies

* revert editing guides

* dates

* docs: test

* modification of services

* Apply suggestions from code review

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* add disclaimer to regions list

Co-authored-by: Maximilian Panne <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: mffap <mpa@zitadel.com>
This commit is contained in:
Fabi 2022-06-15 08:30:58 +02:00 committed by GitHub
parent 72b696ccb2
commit 7e35775681
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 207 additions and 344 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
docs/docs/legal/_piid-table.mdx Normal file
View File

@ -0,0 +1,93 @@
<table>
<tr>
<th>Type of personal data</th>
<th>Examples</th>
<th>Affected data subjects</th>
</tr>
<tr>
<td><strong>Basic data</strong></td>
<td>
<ul>
<li>Surname and first name</li>
<li>Email addresses</li>
<li>User name</li>
</ul>
</td>
<td>All users</td>
</tr>
<tr>
<td><strong>Login data</strong></td>
<td>
<ul>
<li>Randomly generated ID</li>
<li>Password</li>
<li>Public keys / certificates ("FIDO2", "U2F", "x509", ...)</li>
<li>User names or identifiers of external login providers</li>
<li>Phone number(s)</li>
</ul>
</td>
<td>
<p>All users</p>
<p>Password: Users who use authentication methods with password.</p>
<p>Public Keys: Users who use an authentication procedure with cryptographic keys.</p>
<p>External login provider identifiers: Users who use an external login provider.</p>
<p>Phone number: Users who use authentication methods with SMS</p>
</td>
</tr>
<tr>
<td><strong>Profile data</strong></td>
<td>
<ul>
<li>Profile pictures</li>
<li>Gender</li>
<li>Language</li>
<li>Nickname</li>
<li>Display name</li>
<li>Phone number(s)</li>
</ul>
</td>
<td>Users who voluntarily add profile data</td>
</tr>
<tr>
<td><strong>Communication data</strong></td>
<td>
<ul>
<li>Emails</li>
<li>Chats</li>
<li>Call metadata</li>
</ul>
</td>
<td>Customers and users who communicate with us directly (e.g. support)</td>
</tr>
<tr>
<td><strong>Payment data</strong></td>
<td>
<ul>
<li>Billing address</li>
<li>Payment information</li>
<li>Customer number</li>
<li>Customer history</li>
<li>Credit rating information</li>
</ul>
</td>
<td>
<p>Customers who use services that require payment</p>
<p>Credit rating information: Only customers who pay by invoice</p>
</td>
</tr>
<tr>
<td><strong>Usage meta data</strong></td>
<td>
<ul>
<li>User agent</li>
<li>IP addresses</li>
<li>Operating system</li>
<li>Time and date</li>
<li>URL</li>
<li>Referrer URL</li>
<li>Accept Language</li>
</ul>
</td>
<td>All users</td>
</tr>
</table>

31
docs/docs/legal/cloud-service-description.md Normal file
View File

@ -0,0 +1,31 @@
---
title: Cloud Service
custom_edit_url: null
---
## Introduction
This annex of the [Framework Agreement](terms-of-service) describes the service levels offered by us for our Services.
## Definitions
**Monthly quota** means the available usage per measure for one billing period. The quota is reset to zero with the start of a new billing period.
**Authenticated request** means any request to our API endpoints requiring a valid authorization header. We exclude requests with a server error, discovery endpoints, and endpoints to load UI assets.
**Action minutes** means execution time, rounded up to 1 second, of custom code execution via a customer defined Action.
**Adequate Country** means a country or territory recognized as providing an adequate level of protection for Personal Data under an adequacy decision made, from time to time, by (as applicable) (i) the Information Commissioner's Office and/or under applicable UK law (including the UK GDPR), or (ii) the [European Commission under the GDPR](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).
## Data location
Data location refers to a region, consisting of one or many countries or territories, where the customer's data is stored in our database and processed by our systems.
We can not guarantee that during transit the data will only remain within this region. We take measures, as outlined in our [privacy policy](privacy-policy), to protect your data in transit and in rest.
The following regions will be available when using our cloud service. This list is for informational purposes and will be updated in due course, please refer to our website for all available regions at this time.
- **Global**: All available cloud regions offered by our cloud provider
- **Switzerland**: Exclusively on Swiss region
- **GDPR safe countries**: Exclusively [Adequate Countries](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) as recognized by the European Commission under the GDPR
Last revised: June 14, 2022

101
docs/docs/legal/data-processing-agreement.md → docs/docs/legal/data-processing-agreement.mdx
View File

@ -2,6 +2,7 @@
title: Data Processing Agreement
custom_edit_url: null
---
import PiidTable from './_piid-table.mdx';
## Background
@ -16,99 +17,7 @@ This annex reflects the commitment of both parties to abide by the applicable da
The duration of the Processing shall correspond to the duration of the Agreement, unless otherwise provided for in this Annex or unless individual provisions obviously result in obligations going beyond this.
In particular, the following Personal Data are part of the processing:
<table>
<tr>
<th>Type of personal data</th>
<th>Examples</th>
<th>Affected data subjects</th>
</tr>
<tr>
<td><strong>Basic data</strong></td>
<td>
<ul>
<li>Surname and first name</li>
<li>Email addresses</li>
<li>User name</li>
<li>Language</li>
</ul>
</td>
<td>All users</td>
</tr>
<tr>
<td><strong>Login data</strong></td>
<td>
<ul>
<li>Randomly generated ID</li>
<li>Password</li>
<li>Public keys / certificates ("FIDO2", "U2F", "x509", ...)</li>
<li>User names or identifiers of external login providers</li>
<li>Phone number(s)</li>
</ul>
</td>
<td>
<p>All users</p>
<p>Password: Users who use authentication methods with password.</p>
<p>Public Keys: Users who use an authentication procedure with cryptographic keys.</p>
<p> External login provider identifiers: Users who use an external login provider.</p>
<p>Phone number: Users who use authentication methods with SMS</p>
</td>
</tr>
<tr>
<td><strong>Profile data</strong></td>
<td>
<ul>
<li>Profile pictures</li>
<li>Gender</li>
<li>Birthday</li>
<li>Language</li>
<li>Address(es)</li>
<li>Phone number(s)</li>
</ul>
</td>
<td>Users who voluntarily add profile data</td>
</tr>
<tr>
<td><strong>Communication data</strong></td>
<td>
<ul>
<li>Emails</li>
<li>Chats</li>
<li>Call metadata</li>
</ul>
</td>
<td>Customers and users who communicate with us directly (e.g. support)</td>
</tr>
<tr>
<td><strong>Payment data</strong></td>
<td>
<ul>
<li>Billing address</li>
<li>Customer number</li>
<li>Customer history</li>
<li>Credit rating information</li>
</ul>
</td>
<td>
<p>Customers who use services that require payment</p>
<p>Credit rating information: Only customers who pay by invoice</p>
</td>
</tr>
<tr>
<td><strong>Usage meta data</strong></td>
<td>
<ul>
<li>User agent</li>
<li>IP addresses</li>
<li>Operating system</li>
<li>Time and date</li>
<li>URL</li>
<li>Referrer URL</li>
<li>Accept Language</li>
</ul>
</td>
<td>All users</td>
</tr>
</table>
<PiidTable />
## Scope and responsibility
@ -226,3 +135,9 @@ The following measures exist for regular review, assessment and evaluation of ef
1. At least annual audit and evaluation of processes within the framework of an information security management system
2. Responsible Disclosure and Bug Bounty policies
3. External audit of system security ("penetration testing")
## Entry into force
This agreement is valid from 15.07.2022.
Last revised: June 14, 2022

77
docs/docs/legal/dedicated-instance-annex.md
View File

@ -1,77 +0,0 @@
---
title: Annex to the Dedicated Instance Terms
custom_edit_url: null
---
## Introduction
This annex to the [Dedicated Instance Terms](terms-of-service-dedicated) describes the dedicated instance services and guarantees under different configurations.
Last revised: July 20, 2021
## Overview
### Service differences
The following table compares the different services, based on the preferred provider (Google Cloud). If you choose a different provider than our preferred provider the [Gurantees](#guarantees) stated in this document apply.
Service Levels
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Monitoring | 24x7 | 24x7 | 24x7
[Availability Objective](service-level-description#availability-objective) | 99.95% | 99.5% | 99.9%
Performance | up to [rate limits](rate-limit-policy#what-rate-limits-do-apply) | up to [rate limits](rate-limit-policy#what-rate-limits-do-apply) | up to [rate limits](rate-limit-policy#what-rate-limits-do-apply)
[Support hours](support-services#description-of-services) | Business | Business | Extended
[Response time (Sev 1)](support-services#slo---initial-response-time) | 1h | 2h | 1h
[Technical account manager](support-services#technical-account-manager) | n/a | n/a | 2h / week
High-availability configuration
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Multi-zone HA | yes | yes | yes
Geographic HA | yes | option | option
Multi-provider HA | yes | option | option
Upgrade and backup schedule
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Update flexibility | no | no | yes
Backup flexibility | no | yes | yes
Security
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
DDOS Protection | yes | option | option
Strict TLS | yes | yes | yes
Web Application Firewall | yes | option | option
DNS Protection | yes | no, bespoke | no, bespoke
DNSSEC | yes | no, bespoke | no, bespoke
Features
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Audit log retention | 13 months | unlimited | unlimited
Tenancy | shared | dedicated | dedicated
Data region | CH | custom | custom
Data processing | CH | custom | custom
## Guarantees
### Infrastructure Provider
CAOS offers the following guarantees for a given infrastructure provider and customer satisfies the [prerequisites](https://docs.zitadel.com/docs/guides/installation/managed-dedicated-instance).
Guarantees | Google Cloud | Static / Other | Self-hosted
---|---|---|---
Maintained by CAOS | yes | yes, product only | no
24x7 monitoring | yes | yes, product only | yes, product only
Availability SLO | [up to 99.9%](service-level-description#availability-objective) | none | none
Performance SLO | up to [rate limits](https://docs.zitadel.com/docs/legal/rate-limit-policy#what-rate-limits-do-apply) | none | none
### Backup
ZITADEL Cloud creates hourly backups. We do not guarantee recovery time objective. Recovery point objective is in the context of our [event-sourcing pattern](../concepts/eventstore) not meaningful.

117
docs/docs/legal/privacy-policy.md → docs/docs/legal/privacy-policy.mdx
View File

@ -2,6 +2,7 @@
title: Privacy Policy
custom_edit_url: null
---
import PiidTable from './_piid-table.mdx';
## Introduction
@ -20,8 +21,8 @@ Contact for questions and issues regarding data protection is:
CAOS AG
Data Protection Officer
Teufener Strasse 19
9000 St. Gallen
SWITZERLAND
9000 St. Gallen
SWITZERLAND
Phone: 043 215 27 44
E-mail: legal@zitadel.com
@ -68,99 +69,7 @@ You can revoke your consent to the storage of the data, the e-mail address and t
The use of our services is generally only possible with registration. During registration and in the course of using the services, we collect and process various personal data.
In particular, the following personal data are part of the processing:
<table>
<tr>
<th>Type of personal data</th>
<th>Examples</th>
<th>Affected data subjects</th>
</tr>
<tr>
<td><strong>Basic data</strong></td>
<td>
<ul>
<li>Surname and first name</li>
<li>Email addresses</li>
<li>User name</li>
<li>Language</li>
</ul>
</td>
<td>All users</td>
</tr>
<tr>
<td><strong>Login data</strong></td>
<td>
<ul>
<li>Randomly generated ID</li>
<li>Password</li>
<li>Public keys / certificates ("FIDO2", "U2F", "x509", ...)</li>
<li>User names or identifiers of external login providers</li>
<li>Phone number(s)</li>
</ul>
</td>
<td>
<p>All users</p>
<p>Password: Users who use authentication methods with password.</p>
<p>Public Keys: Users who use an authentication procedure with cryptographic keys.</p>
<p> External login provider identifiers: Users who use an external login provider.</p>
<p>Phone number: Users who use authentication methods with SMS</p>
</td>
</tr>
<tr>
<td><strong>Profile data</strong></td>
<td>
<ul>
<li>Profile pictures</li>
<li>Gender</li>
<li>Birthday</li>
<li>Language</li>
<li>Address(es)</li>
<li>Phone number(s)</li>
</ul>
</td>
<td>Users who voluntarily add profile data</td>
</tr>
<tr>
<td><strong>Communication data</strong></td>
<td>
<ul>
<li>Emails</li>
<li>Chats</li>
<li>Call metadata</li>
</ul>
</td>
<td>Customers and users who communicate with us directly (e.g. support)</td>
</tr>
<tr>
<td><strong>Payment data</strong></td>
<td>
<ul>
<li>Billing address</li>
<li>Customer number</li>
<li>Customer history</li>
<li>Credit rating information</li>
</ul>
</td>
<td>
<p>Customers who use services that require payment</p>
<p>Credit rating information: Only customers who pay by invoice</p>
</td>
</tr>
<tr>
<td><strong>Usage meta data</strong></td>
<td>
<ul>
<li>User agent</li>
<li>IP addresses</li>
<li>Operating system</li>
<li>Time and date</li>
<li>URL</li>
<li>Referrer URL</li>
<li>Accept Language</li>
</ul>
</td>
<td>All users</td>
</tr>
</table>
<PiidTable />
Unless otherwise mentioned, the nature and purpose of the processing is as follows:
@ -199,19 +108,17 @@ Our websites use cookies. These are small text files that make it possible to st
In particular, we use the following cookies to provide our services:
### Cloudflare
\_\_cfuid
\_\_cflb
\_\_cf\_bm
For further reference see Cloudflare's [privacy policy](https://www.cloudflare.com/privacypolicy/) or their article [Understanding the Cloudflare Cookies](https://support.cloudflare.com/hc/en-us/articles/200170156-Understanding-the-Cloudflare-Cookies).
### ZITADEL
\_\_useragent
\_\_csrf
### Customer Portal
\_\_state
\_\_pkce.code
\_\_callback-url
Cookies are only used for technical purposes to enable the functionality and efficient use of our website and our offers, such as:
- Session management
@ -275,6 +182,6 @@ If you have any questions about our data processing, please email us or contact
## Entry into force
This privacy policy is valid from 16.06.2021
This privacy policy is valid from 15.07.2022.
St. Gallen, 16.06.2021
Last revised: June 14, 2022

41
docs/docs/legal/service-level-description.md
View File

@ -2,10 +2,19 @@
title: Service Level
custom_edit_url: null
---
:::note
This document describes the current version of our offering. For terms regarding to our previous offering, which is being shut down on 31.12.2022, please refer to the [agreements under docs-v1.zitadel.com](https://docs-v1.zitadel.com/).
:::
## Introduction
This annex of the [Framework Agreement](terms-of-service) describes the service levels offered by us for our Services (ZITADEL Cloud).
Last revised: June 14, 2022
## Definitions
**Monthly Uptime Percentage** means total number of minutes in a month, minus the number of minutes of Downtime suffered from all Downtime Periods in a month, divided by the total number of minutes in a month.
@ -40,6 +49,7 @@ This excludes specifically:
- **Authentication API** Endpoints
- **OpenID Connect 1.0 / OAuth 2.0 API** Endpoints
- **SAML 2.0** Endpoints
- **Login Service** means the graphical user interface of ZITADEL Cloud for users to Login, Self-Register, and conduct a Password Reset.
- **Identity Brokering Service** means the component of ZITADEL Cloud that handles federated authentication of users with third-party identity provider, excluding any failure or misconfiguration by the third-party
@ -58,30 +68,11 @@ Achieved vs. Guaranteed| 99.50% | 99.90% | 99.95%
1. During the term of the subscription agreement under which CAOS has agreed to provide ZITADEL Cloud to Customer, the Core Services will provide a Monthly Uptime Percentage to Customer conditional on the subscription plan as follows (the “SLO”):
Subscription plan | Monthly Uptime Percentage
Option | Monthly Uptime Percentage
--- | ---
FREE | Not applicable
OUTPOST | 99.50%
STARBASE | 99.90%
FORTRESS | 99.95%
DEDICATED STANDARD | 99.50%
DEDICATED ADVANCED | 99.90%
Default | 99.50%
Extended SLA | 99.95%
2. If CAOS Ltd. does not meet the guaranteed service level, Customer might be eligible to receive Financial Credit as described in this document. Financial Credit shall be the sole and exclusive remedy for breach of this SLA.
3. The Customer must request Financial Credit and must notify CAOS Support in writing within 30 days of becoming eligible for Financial Credit and must prove Failed Customer Requests during Downtime Periods. Financial Credit will be made in the form of a monetary credit applied to the next possible subscription invoice of ZITADEL Cloud, may only be used to book services in the future, and will in no case be paid as a cash equivalent. No further guarantees are provided.
4. The Service Level commitments apply only to organizations with a subscription plan where a Service Level is applicable and does not include any other organizations of the same customer. The Customer is not entitled to any Financial Credit, if it is in breach of the Agreement at the time of the occurrence of the event giving rise to the credit.
### Quality of Service Objective
1. During the term of the subscription agreement under which CAOS has agreed to provide ZITADEL Cloud to Customer, the Customer Requests will be prioritized according to the the Quality of Service Level included in the respective Subscription Plan
Subscription plan | Quality of Service Level | Request Priority
--- | --- | ---
FORTRESS | high | When ZITADEL Cloud receives concurrent requests, it will try to process these requests first, and with higher priority over other requests
STARBASE | medium | Give way to requests with priority high
OUTPOST | low | Give way to requests with priority high or medium
FREE | best effort | No priority for requests
DEDICATED STANDARD | n/a | Dedicated instance, single tenancy
DEDICATED ADVANCED | n/a | Dedicated instance, single tenancy
2. The Service Level commitments apply only to organizations with a subscription plan where a Service Level is applicable and does not include any other organizations of the same customer. Customers are not entitled to Financial Credit or further reimbursement.
1. If CAOS Ltd. does not meet the guaranteed service level, Customer might be eligible to receive Financial Credit as described in this document. Financial Credit shall be the sole and exclusive remedy for breach of this SLA.
2. The Customer must request Financial Credit and must notify CAOS Support in writing within 30 days of becoming eligible for Financial Credit and must prove Failed Customer Requests during Downtime Periods. Financial Credit will be made in the form of a monetary credit applied to the next possible subscription invoice of ZITADEL Cloud, may only be used to book services in the future, and will in no case be paid as a cash equivalent. No further guarantees are provided.
3. The Service Level commitments apply only to organizations with a subscription plan where a Service Level is applicable and does not include any other organizations of the same customer. The Customer is not entitled to any Financial Credit, if it is in breach of the Agreement at the time of the occurrence of the event giving rise to the credit.

49
docs/docs/legal/support-services.md
View File

@ -3,13 +3,19 @@ title: Support Services
custom_edit_url: null
---
:::note
This document describes the current version of our offering. For terms regarding to our previous offering, which is being shut down on 31.12.2022, please refer to the [agreements under docs-v1.zitadel.com](https://docs-v1.zitadel.com/).
:::
## Introduction
This annex of the [Framework Agreement](terms-of-service) and the [Support Service Terms and Conditions](terms-support-service) describes the support services offered by us for our Services.
Support Services for products and services provided by CAOS is offered to customers according to the terms and conditions outlined in this document. The customer may purchase support services from CAOS Ltd. directly.
Last revised: August 23, 2021
Last revised: June 14, 2022
## Support Services
@ -19,31 +25,38 @@ Last revised: August 23, 2021
**Ticket** means a discrete technical or non-technical issue that was submitted by the customer and exists in the support portal. A ticket includes a record of all communication associated with the issue.
### Description of Services
## Description of Services
Customers in ZITADEL Cloud FREE plan or using the Open Source Version of ZITADEL are excluded from the support plans. Support features for Subscription plans are as follows:
### Cloud
Subscription Plans | FREE | OUTPOST | STARBASE | FORTRESS | DEDICATED STANDARD | DEDICATED ADVANCED
--- | --- | --- | --- | --- | --- | ---
Support hours | not applicable | Business hours | Business hours | Business hours | Business hours | Extended hours
Response Time <br/> (Severity 1) | n/a | Best effort | 4 business hours | 1 business hour | 2 business hours | 1 business hour
eMail Support | n/a | yes | yes | yes | yes | yes
Chat Support | n/a | no | yes | yes | yes | yes
Phone Support | n/a | no | yes | yes | yes | yes
Technical Account Manager | n/a | n/a | n/a | n/a | n/a | 2h / week
Support features for cloud subscriptions are as follows:
CAOS and Customer may mutually agree on different support hours in writing.
Subscription Plans | Default | Extended SLA | Self-hosted or dedicated
--- | --- | --- | ---
Support hours | Business hours | Business hours | Business hours
Response Time (Severity 1) | Best effort | 1 business hour | bespoke
eMail Support | yes | yes | yes
Phone Support | no | no | yes
Chat Support | no | no | optional
If you want to add a [Technical Account Manager] or need assistance during onboarding, please [get in touch](https://zitadel.com/contact).
### Self-hosting and dedicated instances
Support plans for self-hosting and dedicated instances according to your purchase order.
Customers can choose support hours (business, extended, 24x7), initial response time, Technical account manager, and communication channels.
### SLO - Initial response time
CAOS service level objective (SLO) for Support Services is defined in terms of initial response time to a support request, as outlined in the table below per plan. CAOS will use reasonable efforts to resolve support requests, but does not guarantee a work-around, resolution or resolution time.
Subscription Plans | FREE | OUTPOST | STARBASE | FORTRESS | DEDICATED STANDARD | DEDICATED ADVANCED
--- | --- | --- | --- | --- | --- | ---
Severity 1| not applicable | not applicable | 4 business hours | 1 business hours | 2 business hours | 1 business hours
Severity 2| not applicable | not applicable | 12 business hours | 2 business hours | 12 business hours | 2 business hours
Severity 3| not applicable | not applicable | 24 business hours | 12 business hours | 24 business hours | 12 business hours
Severity 4| not applicable | not applicable | 48 business hours | 24 business hours | 48 business hours | 24 business hours
Subscription Plans | Default | Extended SLA
--- | --- | ---
Severity 1| Best effort | 1 business hour
Severity 2| Best effort | 2 business hour
Severity 3| Best effort | 12 business hour
Severity 4| Best effort | 24 business hour
If we fail to provide the initial response time objective, you will be entitled to service credits. For every 15 minutes exceeding the state objective, 1 day will be added as extension to the current term.

6
docs/docs/legal/terms-of-service-dedicated.md
View File

@ -4,7 +4,7 @@ custom_edit_url: null
---
## General
Last revised: July 20, 2021
Last revised: June 3, 2022
### Background
@ -20,9 +20,7 @@ Each Dedicated Instance consists, except agreed otherwise in writing, of a multi
CAOS will install and manage the Dedicated Instance on infracstructure provided by preferred cloud providers. Costs for infrastructure or cloud providers are not included in the Subscription, if not agreed otherwise in writing.
You may choose to provide the required infrastructure yourself. You must comply with the [requirements and prerequisites](https://docs.zitadel.com/docs/guides/installation/managed-dedicated-instance) as documented.
Please refer to the [annex](dedicated-instance-annex) with regards to limitations of the deployment options, especially when using an own infrastructure provider. By accepting these terms you also accept the terms in the annex.
You may choose to provide the required infrastructure yourself. You must comply with the requirements and prerequisites outlined in the purchase order.
You may not modify, maintain or attempt to modify the Dedicated Instance, except with prior instructions by CAOS.

12
docs/docs/legal/terms-of-service.md
View File

@ -15,6 +15,7 @@ The terms of service (**"TOS"**) outlined in this document establish the most im
This Agreement has the following appendices. When you enter the Agreement with us, you accept these agreements.
* [**Data Processing Agreement**](data-processing-agreement) - How we process personal data on behalf of you
* [**Service Description**](cloud-service-description) - What service we offer under this agreement
* [**Service Level Description**](service-level-description) - What service levels do we guarantee you
* [**Support Service Descriptions**](support-services) - How we provide support services to you
@ -27,7 +28,6 @@ The following policies complement the TOS. When accepting the TOS, you accept th
This Agreement is extended with additional terms, in case your Subscription requires a Dedicated Instance. When you enter the Agreement with us, you accept these additional agreements.
* [**Dedicated Instance Terms**](terms-of-service-dedicated) - How we provide our services for a dedicated instance
* [**Annex to the Dedicated Instance Terms**](dedicated-instance-annex) - Describe differences of services and guarantees with different providers
### Alterations
@ -61,9 +61,7 @@ The [Annex of the data processing agreement](data-processing-agreement#annex-reg
We offer Support Services directly related to the use of our Services. The Description of Support Services is available as [Annex](support-services) to this document.
Customers without a Subscription or a Subscription plan that does not include Support Services should post inquiries and issues regarding ZITADEL from customers to our [GitHub Discussions](https://github.com/zitadel/zitadel/discussions), whenever feasible.
If you need support integrating or setting up ZITADEL, please contact our consulting team.
Customers without a subscription can contact us via the official [communication channels](https://zitadel.com/contact).
### Limited influence
@ -113,7 +111,7 @@ You will ensure that your vicarious agents, customers and third parties fulfill
### Credit and payment
Signup to our Services does not require you to open a payment account. However, a payment account is required for the purchase of our Subscriptions. The costs for the services you have purchased will be debited periodically and in advance from your payment account.
Signup to our Services does not require you to open a payment account. However, a payment account is required for the purchase of our Subscriptions. The costs for the services you have purchased will be debited periodically from your payment account.
### Payment procedure
@ -195,9 +193,9 @@ Should any provision of these TOS be or become invalid, this shall not affect th
### Entry into force
These TOS shall enter into force as of 16.06.2021.
These TOS shall enter into force as of 15.07.2022.
Last revised: July 20, 2021
Last revised: June 14, 2022
### Amendments

7
docs/docs/legal/terms-support-service.md
View File

@ -38,6 +38,8 @@ We provide the Services under the conditions stated on our websites and the PO a
We are entitled to offer new services, to withdraw existing services (**Termination**) or to modify the specifications and prices of existing services (**Modification**) at any time. If the modification or termination affects a service that you are using at that time, we will inform you via email that said service will be automatically modified and/or is no longer available after a period of 30 days.
If such modification would have a disadvantageous impact on the Customer use of service, CAOS and Customer must discuss the change with the Customer first and, to the best of its ability, find a solution that is acceptable to both Parties. If such a solution cannot be found, CAOS may implement the modification and Customer may submit notice of termination of the relevant Service (email is sufficient) before the modification becomes effective without being obliged to pay contractual penalties or termination fees. CAOS may modify the prices for a service after the minimum term of the agreement.
### Modification of services booked by you
You may change or terminate Services booked by you at any time. Modifications will take effect in the next billing period, or as agreed otherwise between the Parties. Changing services booked by you requires a new PO, stating the new conditions of the services after Modification, to be accepted by the Parties.
@ -102,7 +104,6 @@ You will take appropriate measures to prevent any misuse of the services you boo
### Disaster recovery
Any liability for damages, indirect or direct, in case of data loss is explicitly rejected.
### Reporting obligations
@ -212,9 +213,9 @@ Should any provision of these TOS be or become invalid, this shall not affect th
### Entry into force
These TOS shall enter into force as of August 23, 2021.
These TOS shall enter into force as of 15.07.2022.
Last revised: August 23, 2021
Last revised: June 14, 2022
### Amendments

16
docs/sidebars.js
View File

@ -237,25 +237,19 @@ module.exports = {
"legal/data-processing-agreement",
{
type: "category",
label: "Service Descriptions",
label: "Service Description",
collapsed: false,
items: ["legal/service-level-description", "legal/support-services"],
items: ["legal/cloud-service-description", "legal/service-level-description", "legal/support-services"],
},
{
type: "category",
label: "Dedicated Instance",
collapsed: false,
label: "Additional terms",
collapsed: true,
items: [
"legal/terms-support-service",
"legal/terms-of-service-dedicated",
"legal/dedicated-instance-annex",
],
},
{
type: "category",
label: "Support Program",
collapsed: false,
items: ["legal/terms-support-service"],
},
{
type: "category",
label: "Policies",

1
internal/qrcode/readme.md
View File

@ -12,4 +12,3 @@ s.Rect(currX, currY, qs.blockSize, qs.blockSize, "fill:black;stroke:none")
```
This allows the svg to be styled by css more easily and does not compromise Content Security Policy (CSP).