As of: 14/06/2026 (replaces all previous versions)

Preamble

Vimmera AI Solutions GmbH (hereinafter “Vimmera”) provides AI-supported software solutions and digital assistance systems (hereinafter collectively “software solutions”). These software solutions can be accessed and used at addresses provided by Vimmera, within applications and platforms, or in any other form intended by Vimmera. They are intended to support users in obtaining, processing, creating, and providing information, as well as in assisting with professional, technical, organizational, and project-related tasks. This may include, in particular, chatbot-based assistance systems.

The software solutions are offered and operated by Vimmera as its own services. They are not sold, not transferred to third parties as a product, and not permanently made available to third parties. Vimmera remains the operator of the software solutions and may enable third parties (e.g. customers, partners, or service providers) to use them within the scope of an access authorization.

The software solutions may be used in particular, but not exclusively, for the following subject areas and use cases:

• the provision and processing of information on products, services, processes, projects, organizations, or other professional topics,
• support with technical and functional questions, for example regarding systems, interfaces, configurations, components, or digital processes,
• project-related, organizational, or content-related support, for example in creating lists, structures, concept sketches, drafts, evaluations, suggestions, or other supporting content,
• general support through AI-supported software solutions and digital assistance systems in various areas of use, including example forms of application such as chatbots.

The above list is not exhaustive. The software solutions may also be used for other inquiries and use cases that are thematically, functionally, or substantively comparable or related, provided these are covered by the intended functional scope of the respective software solution and do not constitute uses prohibited by law or excluded under these terms.

Use of the software solutions is limited to the respective intended and permissible functional and application scope. In particular, any use for unlawful purposes and for content or inquiries that fall outside the intended area of use of the respective software solution is prohibited. Any further restrictions on use arising from these terms or from special provisions for individual software solutions remain unaffected.

The following terms are binding. Users must have read, understood, and accepted them in full before using the software solutions. Vimmera may amend these terms in accordance with Section 19; in such case, renewed confirmation by the user may be required. Where Vimmera provides for express consent (e.g. via checkbox or as part of a login process), this must be given before use.

This agreement is made available in several languages. In the event of contradictions or ambiguities, the German version shall be used as the binding document.

1. Scope of the Terms of Use

This user agreement applies to all persons who use the AI-supported software solutions and digital assistance systems provided by Vimmera (hereinafter collectively “software solutions”), regardless of whether they are:

• employees of Vimmera,
• employees of customer companies,
• external service providers,
• users of freely accessible AI systems, e.g. via web chats embedded on websites,
• partner companies, or
• other authorized users.

The software solutions are intended for use in a professional or business context. Where a user acts on behalf of a company, organization, or other third party, they warrant that they are duly authorized to do so.

This user agreement applies to the use of all software solutions provided by Vimmera within the meaning of these terms, including any chatbot-based applications, platform functions, modules, or other digital assistance systems, unless separate provisions have been agreed for them.

By first accessing a software solution and on each subsequent access, the user acknowledges these terms of use in their respective current version as binding.

1.1 Definitions

• “Software solutions” means the AI-supported software solutions and digital assistance systems provided by Vimmera, including all associated technical components, interfaces, models, configurations, modules, and user interfaces. This may include, in particular, chatbot-based applications.
• “User” means any natural person who uses a software solution.
• “Content” means all data and information entered, uploaded, transmitted, or otherwise provided by the user, as well as all content generated, output, or made available by the respective software solution.

2. Purpose-bound use

The software solutions are intended solely to support, within the scope of the usage scenarios provided by Vimmera and the respective intended functional scope, in particular:

• answering information requests,
• supporting typical professional, technical, organizational, or project-related questions,
• providing assistance, example suggestions, structures, drafts, evaluations, and explanatory content,
• orientation, navigation, and use within digital applications, platforms, or other technical environments, insofar as this is technically intended,
• as well as other comparable use cases in a professional or business context.

Any use of the software solutions is not permitted if it

• serves unlawful, abusive, or contractual-breach purposes,
• is aimed at impairing, circumventing, overloading, or endangering the software solutions, their technical infrastructure, or their security,
• serves the evaluation, analysis, or use of information for purposes outside the intended substantive and functional scope of application, or
• is not compatible with the legitimate interests of Vimmera or the respective permissible intended use.

The software solutions must always be used in accordance with Vimmera’s legitimate business interests and within the scope of the applicable legal and contractual requirements. In particular, they must not be used with the aim of causing economic, legal, technical, or reputational harm to Vimmera or third parties.

3. Prohibited use

Use of the software solutions for illegal, abusive, or otherwise impermissible purposes is strictly prohibited. This includes in particular, but is not limited to:

• the creation, request, processing, or dissemination of criminal, unlawful, insulting, discriminatory, extremist, racist, sexist, violence-glorifying, or otherwise immoral or unethical content,
• the use of the software solutions to spread misinformation, rumors, hate messages, manipulative or propagandistic content,
• requests to commit criminal offenses or instructions, assistance, or encouragement of unlawful acts,
• the creation, support, or description of malware, hacking activities, security attacks, or other actions aimed at impairing IT systems,
• any use that violates applicable laws, regulations, official orders, or third-party rights.

In particular, the following is also prohibited:

• any use of the software solutions outside the respective intended and permissible application and functional scope,
• use in the context of external projects or business activities, insofar as these are not covered by the intended area of use of the respective software solution,
• use to impair, circumvent, overload, disrupt, or endanger the software solutions, their technical infrastructure, or their security mechanisms,
• all forms of scraping, systematic querying, automated mass use, or other automation that impairs the operation of the software solutions or circumvents technical protective measures,
• use to obtain, evaluate, or reuse information in a manner that is not compatible with the intended purpose of use or Vimmera’s legitimate interests.

Use must at all times be fair, lawful, and exercised with appropriate responsibility.

3.1 Compliance with the EU AI Act (Regulation (EU) 2024/1689) and legal requirements

Use of the software solutions is permitted only within the scope of the applicable legal provisions. This includes in particular Regulation (EU) 2024/1689 (Artificial Intelligence Act, “EU AI Act”) in its respectively applicable version.

Users may not use the software solutions for purposes of preparing, enabling, instructing, or supporting actions that are prohibited or impermissible under the EU AI Act or other applicable law.

In particular, it is prohibited to use the software solutions directly or indirectly for or in connection with:

• manipulative or deceptive techniques that can materially distort the behavior of persons and thereby are likely to cause significant harm,
• the exploitation of vulnerabilities, in particular due to age, disability, or social or economic situation, with the aim or effect of influencing behavior in a harmful way,
• “social scoring”, i.e. the evaluation or classification of persons over a period of time based on social behavior or inferred personality traits, insofar as this leads to unjustified or disproportionate disadvantage,
• risk assessments to predict the commission of criminal offenses, insofar as these are based exclusively on profiling or personality traits,
• the creation or expansion of facial recognition databases through untargeted scraping of facial images, in particular from the internet or from video surveillance material,
• emotion recognition in the workplace or in educational institutions, insofar as this is not exceptionally permitted under applicable law,
• biometric categorization for the derivation of sensitive characteristics, in particular ethnic origin, political opinion, trade union membership, religion or belief, as well as sex life or sexual orientation,
• real-time remote biometric identification in publicly accessible spaces for law enforcement purposes, insofar as this is not expressly permitted in the individual case under applicable law.

The above examples apply in addition to the other prohibitions and restrictions in this user agreement. They do not limit the other provisions.

3.2 Additional usage restrictions of integrated AI, LLM, and cloud providers

Depending on their technical design, the software solutions may integrate AI models, language models, cloud services, transcription services, vector databases, security filters, moderation systems, or other technical services of external providers. These may include, in particular, providers such as Microsoft Azure, OpenAI, Mistral AI, or comparable technology providers.

Use of the software solutions is permitted only insofar as it is also compatible with the respective current usage guidelines, security requirements, acceptable use policies, codes of conduct, and other provider terms of the integrated providers. In the event of discrepancies between these terms of use and the requirements of integrated providers, the stricter requirement shall prevail in case of doubt.

Users may not enter any inputs, upload content, or perform any usage actions that would cause Vimmera, integrated providers, or other technical service providers to process data in a manner prohibited by their terms of use, security policies, or legal requirements. This also applies where such use appears technically possible or is not directly blocked by the software solution.

Vimmera is entitled to block, filter, reject, restrict, or disable requests, inputs, outputs, functions, or uses in whole or in part if this is necessary or appropriate to comply with legal requirements, these terms of use, the terms of use of integrated providers, technical security requirements, or to prevent abuse. There is no entitlement to the generation, display, storage, or disclosure of content that violates or may violate such requirements.

3.2.1 Terms of use of integrated AI, model, and infrastructure providers

Vimmera’s software solutions may integrate technical components, models, interfaces, cloud services, language models, transcription services, embedding models, image, audio, or other AI services from external providers. These may include, in particular, providers such as Microsoft Azure, OpenAI, Mistral AI, or other technology, model, or infrastructure providers used by Vimmera.

Accordingly, the use of the software solutions is additionally subject to the respectively applicable terms of use, acceptable use policies, usage policies, codes of conduct, security requirements, product terms, and other binding requirements of the respective integrated providers in their current version.

The user is obliged to use the software solutions only in a manner that is compatible both with these terms of use and with the respectively applicable provider terms. This applies regardless of whether the user is themselves the direct contractual partner of the respective provider.

Where provider terms impose stricter, broader, or additional restrictions, these must also be observed. Vimmera is entitled to reject, restrict, block, or terminate uses, content, inputs, outputs, or use cases if these violate legal requirements, these terms of use, or the terms of integrated providers, or if Vimmera considers there to be a corresponding risk.

This applies in particular to uses in connection with:

• unlawful, harmful, deceptive, abusive, or discriminatory content,
• weapons, ammunition, explosives, military or warfare use,
• chemical, biological, radiological, or nuclear hazardous substances,
• cyberattacks, malware, circumvention of security mechanisms, or unauthorized access,
• biometric identification, surveillance, profiling, or social scoring,
• high-risk decisions concerning natural persons,
• health, legal, tax, financial, or insurance decisions without qualified human review,
• political manipulation, disinformation, or election influence,
• exploitation, endangerment, or sexualization of minors,
• fraud, identity misuse, phishing, social engineering, or other deception,
• circumvention, removal, or manipulation of security filters, watermarks, provenance evidence, content credentials, or other protective mechanisms.

Vimmera may adjust the list of providers used and the resulting usage-related restrictions at any time if this is necessary due to technical, legal, security-related, or provider-related changes. The user has no entitlement to use a specific model, provider, or technical infrastructure unless this has been expressly agreed separately.

The user acknowledges that integrated providers may block, filter, reject, or technically restrict content, requests, or outputs due to their own security, compliance, or abuse-detection systems. Vimmera assumes no responsibility for every desired content or use case being processed or output by the providers used.

3.2.2 Priority in the event of provider restrictions

In the event of contradictions between these terms of use and the mandatory applicable terms of integrated AI, model, cloud, or infrastructure providers, the stricter or broader usage restriction shall apply, insofar as this is necessary to comply with legal, contractual, security-related, or provider-related requirements.

3.3 Prohibition of military, weapons-related, and security-critical use

Any use of the software solutions for or in connection with military, warfare, weapons-related, or comparably security-critical purposes is prohibited, unless this has been expressly reviewed and approved in writing by Vimmera in the individual case and is compatible with applicable law and the terms of use of integrated providers. Vimmera is not obliged to review or approve any such use.

In particular, any use for the development, design, procurement, manufacture, optimization, testing, repair, circumvention, control, targeting, or deployment of weapons, ammunition, explosives, military equipment, weapon systems, drones, targeting systems, fire control systems, as well as chemical, biological, radiological, or nuclear weapons, substances, or delivery systems, is prohibited.

Also prohibited is any use to support military or warfare operations, in particular for tactical or operational deployment planning, combat operations, target identification, target prioritization, situation analysis with direct operational relevance, development or support of autonomous or semi-autonomous weapon systems, selection or tracking of persons or objects as targets, as well as optimization of decision-making processes that can directly lead to the use of force, deprivation of liberty, injury, or killing of persons.

Furthermore, use for military, intelligence, or security-authority mass surveillance, for creating personal situational pictures, for identifying, tracking, locating, or profiling persons or groups of persons in an operational security, military, or conflict context, as well as for supporting actions that may violate human rights, international humanitarian law, sanctions law, or other mandatory legal provisions, is prohibited.

Purely general, historical, political, legal, ethical, or security-related discussions of such topics remain permitted, provided they do not contain operational, technical, tactical, or otherwise misuse-suitable instructions and do not violate legal requirements, these terms of use, or provider terms.

3.4 Prohibition of impermissible surveillance, biometric, and profiling use

The software solutions may not be used for impermissible surveillance, identification, classification, assessment, tracking, or profiling of natural persons. This includes in particular the creation, expansion, or use of facial recognition databases without an effective legal basis and the consent of the persons concerned, real-time remote identification using biometric data in publicly accessible spaces, impermissible emotion recognition in the workplace or in educational institutions, biometric categorization for deriving sensitive characteristics, as well as any form of social scoring.

Any use for the unauthorized aggregation, analysis, enrichment, linking, evaluation, or disclosure of personal or sensitive information about individuals or groups of individuals is also prohibited, especially where this may infringe personality rights, data protection rights, equal treatment principles, or other rights of third parties.

3.5 Impermissible cyber, security, and circumvention use

Any use of the software solutions for the preparation, support, or execution of cyberattacks, malware, phishing, social engineering, identity theft, credential theft, circumvention of technical protective measures, exploitation of security vulnerabilities, building or operating botnets, denial-of-service attacks, unauthorized access to systems, data, or accounts, as well as other security-threatening actions, is prohibited.

Any use to circumvent, disable, manipulate, or weaken security, moderation, content, privacy, access protection, or abuse-detection systems of Vimmera, integrated providers, or third parties is also prohibited. This includes in particular jailbreaking, prompt injection, prompt leaking, system prompt extraction, bypass formats, obfuscated requests, encoded or fragmented inputs, as well as other attempts to deliberately undermine protective mechanisms.

3.6 High-risk and decision-making use

The software solutions may not be used as the sole basis for decisions that have legal effect on natural persons or can otherwise significantly affect them in a comparable manner. This applies in particular to decisions in the areas of employment, applications, selection, promotion, termination, performance evaluation, remuneration, education, creditworthiness, insurance, healthcare, social benefits, law enforcement, migration, asylum, border control, or other areas of particular fundamental-rights relevance.

If use in such an area is intended, it requires prior separate legal, professional, and technical review as well as express written approval by Vimmera. Such use may only take place if appropriate human oversight, professional review, documentation, quality control, data protection review, and risk limitation are ensured and applicable law as well as provider terms are complied with.

3.7 Further prohibited content and protection categories

Any use for the creation, request, processing, or dissemination of content or actions in connection with

• sexual exploitation of children, depictions of sexual abuse of minors, or other material endangering the welfare of children,
• non-consensual intimate images, deepfakes, voice or identity impersonation without effective consent,
• human trafficking, exploitation, forced services, or other serious violations of human dignity,
• fraud, phishing, identity misuse, deception about identities or the origin of content, financial fraud, or other fraudulent acts,
• targeted disinformation, manipulation of democratic, governmental, judicial, or public decision-making processes,
• instruction, encouragement, or glorification of self-harm, suicide, violence, terrorism, or extremist acts,
• procurement, manufacture, distribution, or use of illegal drugs, prohibited substances, prohibited goods, or illegal services,
• unlawful discrimination, hate speech, harassment, threats, intimidation, or targeted denigration of persons or groups.

The above list is not exhaustive. The applicable statutory requirements, these terms of use, and the current requirements of integrated technology providers shall always also apply.

3.8 Provider-based blocking, filtering, and reporting

Users acknowledge that integrated AI, LLM, cloud, or security providers may use their own technical protective measures, content filters, abuse-detection systems, and blocking mechanisms. As a result, inputs, files, content, outputs, or functions may be blocked in whole or in part, shortened, not processed, not displayed, or not stored.

Vimmera cannot guarantee that every request will be processed or that every desired output will be generated. This applies in particular to requests that are legally sensitive, could violate provider terms, are suitable for misuse, or are classified as risky by technical security systems.

In the event of serious, repeated, or manifestly unlawful violations, Vimmera may restrict use, block access, secure processes for evidentiary purposes, and, where legally required or permitted, inform competent bodies, authorities, or integrated providers.

3.9 Protection of minors

The software solutions may not be used to create, request, process, disseminate, or support content that can endanger, exploit, sexualize, manipulate, or otherwise impair minors.

In particular, any use in connection with depictions of child sexual abuse, child sexual abuse material, grooming, sexualized or violence-related role play with minors, the initiation of exploitative contacts, the promotion of dangerous dares, self-harming behavior, age-inappropriate content, or other actions that may endanger the welfare of children or adolescents is prohibited.

If the software solutions are exceptionally to be used in an environment in which minors may be directly or indirectly affected, this requires prior express review and approval by Vimmera as well as compliance with special protection, information, consent, and supervision obligations.

3.10 Labeling AI-generated content and protection of provenance evidence

Users may not use AI-generated or AI-assisted content in a manner that can mislead third parties as to whether content was created by a human or by an AI system.

If AI-generated texts, images, audio files, videos, voices, avatars, synthetic media, or other automatically generated content are used, published, or shared with third parties, these must be appropriately labeled as AI-generated or AI-assisted, insofar as this is required by law, provider terms, internal policies, or the circumstances of the individual case, or is necessary to avoid misleading.

In particular, it is prohibited to remove, alter, obscure, or circumvent watermarks, provenance evidence, content credentials, metadata, provenance signals, or other markings indicating AI generation, editing, or the origin of content, unless this is expressly legally permissible and objectively necessary.

3.11 Critical infrastructure and security-relevant systems

The software solutions may not be used for the direct control, monitoring, optimization, or safeguarding of critical infrastructure or security-relevant systems unless express prior written approval has been granted by Vimmera and suitable professional, technical, legal, and security-related review has been carried out.

This applies in particular to systems and processes in the areas of energy supply, water supply, healthcare, transport, traffic, telecommunications, public safety, industrial control systems, production facilities, building and plant security, as well as other environments in which malfunctions, erroneous outputs, or misleading recommendations can lead to significant harm to persons, property, the environment, operations, or supply.

In such areas, the software solutions may at most be used in a supportive, preparatory, or documenting capacity. Human review, approval, and responsibility by qualified professionals remain mandatory.

3.12 Political influence, elections, and democratic processes

The software solutions may not be used for unlawful, manipulative, or covert influence on political opinion formation, democratic processes, elections, votes, citizen participation, administrative proceedings, or public decision-making processes.

In particular, any use to create or disseminate targeted disinformation, to deceive about identities, the origin, or the client of political content, for automated mass outreach, microtargeting of particularly vulnerable groups, voter suppression, demobilization of voters, manipulation of political debates, or circumvention of legal transparency, labeling, or disclosure obligations is prohibited.

General, neutral, non-manipulative information, analysis, or structuring services on political, social, or legal topics remain permitted, insofar as they do not violate legal requirements, these terms of use, or the terms of integrated providers.

3.13 Gambling, regulated goods, and regulated services

The software solutions may not be used to carry out, advertise, broker, or optimize unlawful gambling, betting, lotteries, speculative financial transactions, fraudulent investment offers, pyramid schemes, or other regulated or licensed activities, unless the necessary legal requirements are met.

Any use to procure, advertise, broker, or disseminate illegal or regulated goods and services is also prohibited, in particular illegal drugs, prohibited substances, weapons, ammunition, forged documents, stolen data, human trafficking, sexual exploitation, circumvention services, or other unlawful offerings.

3.14 Security testing, red teaming, and vulnerability assessments

Security tests, red teaming, penetration tests, stress tests, prompt injection tests, jailbreak attempts, vulnerability analyses, or comparable examinations of the software solutions, their models, interfaces, protective mechanisms, or connected systems are only permitted if they have been expressly approved in writing by Vimmera in advance.

Such approval may in particular define scope, duration, test methods, affected systems, permitted intensity, reporting channels, documentation obligations, and termination criteria. Without such approval, corresponding actions are deemed impermissible circumvention, security, or abuse actions within the meaning of these terms of use.

Reporting of unintentionally discovered security vulnerabilities or malfunctions remains permitted and must be addressed to Vimmera without delay. No third-party data may be disclosed, no systems may be impaired, and no further exploitation attempts may be made.

3.15 Use by or for authorities, security agencies, and intelligence services

Use of the software solutions by or for authorities, security agencies, intelligence services, military bodies, or comparable institutions is only permitted insofar as it is lawful, compatible with the intended purpose of use, and has been expressly approved by Vimmera in advance.

In particular, any use for intelligence analysis purposes, operational security measures, mass surveillance of persons, situation reports with personal reference, target selection, deployment planning, tracking, identification, prioritization, or assessment of persons or groups is prohibited, insofar as there is no express written approval, no clear legal basis, and no compatibility with the terms of integrated providers.

3.16 No circumvention of provider-based restrictions

Users may not attempt, through rewording, coding, translations, splitting into substeps, role play, hypothetical scenarios, technical obfuscation, or other circumvention methods, to generate content, requests, or results that are prohibited under these terms of use, under legal requirements, or under the terms of integrated providers.

This also applies if the software solution technically accepts a corresponding request, answers it in part, or does not automatically block it. What matters is not solely the technical possibility, but the legal, contractual, and provider-related permissibility of the use.

4. Reporting violations

If a user notices content, outputs, malfunctions, or other system behavior that violates or could violate these terms of use, they are obliged to report this to Vimmera without delay. This applies in particular to:

• outputs or content with obviously unlawful, discriminatory, misleading, or dangerous content,
• suspected technical manipulation, abusive use, or unauthorized use of the software solutions,
• suspected security incidents, vulnerabilities, or unauthorized access by third parties,
• significant malfunctions or other conspicuous behavior of the software solutions that could indicate a violation of these terms of use or a threat to proper operation.

Reports may be made to the known contact person at Vimmera or to Vimmera’s general contact addresses (e.g. info@vimmera.de).

5. Review and monitoring of use

Vimmera is entitled to review the use of the software solutions within the scope permitted by law and in compliance with data protection requirements. This may in particular include random or incident-based evaluations of log, usage, and system data in order to

• detect violations of these terms of use,
• investigate technical security incidents or cases of misuse,
• ensure the security, integrity, and availability of the software solutions, as well as
• ensure proper operation.

If irregularities, security risks, or violations of these terms of use are identified, Vimmera is entitled to conduct appropriate investigations and take suitable measures. These include in particular blocking individual accesses, restricting usage rights, adjusting system configurations, and involving internal or external bodies, especially in the areas of IT security, data protection, or legal advice.

6. Data protection and confidentiality

Vimmera undertakes, in providing and operating the software solutions, to comply with the applicable data protection laws, in particular the General Data Protection Regulation (GDPR), and to implement suitable technical and organizational measures to protect personal data.

The software solutions are generally designed so that their use is regularly possible even without entering personal data. Users are expressly encouraged to

• not enter personal data about themselves or third parties unless this is necessary for the intended purpose of use,
• not enter special categories of personal data within the meaning of Art. 9 GDPR (e.g. health data, political opinions, or religious beliefs) unless this is expressly intended and legally permissible,
• not enter, upload, or otherwise process confidential information, trade secrets, or other data requiring confidentiality unless this is expressly provided for within the respective use case, a separate agreement, or a specific project with Vimmera.

If personal data is nevertheless processed in the course of using the software solutions, such processing shall take place exclusively in compliance with the applicable data protection requirements, on the basis of a relevant legal basis, and in accordance with Vimmera’s privacy notices.

External technology or AI service providers (e.g. OpenAI, Microsoft Azure, or other providers) may be technically integrated into the provision of individual software solutions. In such a case, data processing shall take place exclusively on the basis of suitable contractual arrangements and, where necessary, under data processing agreements pursuant to Art. 28 GDPR and in compliance with the requirements of Art. 44 et seq. GDPR, insofar as processing involving third countries takes place.

Use of data arising from the use of the software solutions, in particular personal data or customer information, for Vimmera’s own training, development, or optimization purposes or those of integrated technology or AI providers does not take place unless this has been expressly, transparently, in writing, and lawfully agreed. Insofar as log or system data is processed for purely technical purposes, in particular to ensure stability, security, fault tolerance, or abuse detection, this is done in strict compliance with purpose limitation, data minimization, and appropriate deletion periods.

6.1 Clarification of data protection roles

The allocation of data protection roles depends on the respective use of the software solutions and the contractual arrangements made for this purpose.

Insofar as Vimmera provides software solutions independently and decides on the purposes and means of processing personal data, Vimmera acts as the controller within the meaning of the GDPR.

Insofar as a customer, partner, or other organization uses the software solutions for its own purposes and thereby processes personal data of its own employees, customers, prospects, conversation partners, website visitors, or other third parties, that organization is generally responsible for the lawfulness of the processing. This applies in particular to the selection of input data, informing the data subjects, determining the purpose of processing, reviewing the legal basis, and using and further processing the generated results.

If, in such a case, Vimmera processes personal data solely on behalf of and according to the instructions of the customer, partner, or respective organization, this is done on the basis of a separate data processing agreement pursuant to Art. 28 GDPR, insofar as such an agreement is legally required.

Deviating or supplementary role allocations, in particular joint controllership or independent responsibility of individual parties, may arise from special agreements, project-related provisions, privacy notices, or mandatory legal requirements.

6.2 Log data, purpose limitation, and deletion (specification)

Insofar as this is necessary for operation, stability, fault tolerance, security, or the detection and prevention of abusive use, Vimmera may process log, usage, and system data. This may in particular include timestamps, technical metadata (e.g. system, status, and error information), information about functions used, security events, and – insofar as technically necessary – user identifiers, access-related attributes, and network or connection data (e.g. IP addresses). Processing takes place exclusively for specified purposes, with data minimization, and in compliance with appropriate technical and organizational access restrictions.

Log, usage, and system data are stored only for as long as necessary for the stated purposes and are then deleted or anonymized. In addition, the information and retention periods contained in Vimmera’s privacy notices or privacy policy apply.

6.3 Notice regarding AI interaction

Users are informed that they are interacting with an AI-supported system or an AI-supported software solution. The corresponding notice is provided clearly and understandably no later than at the time of first interaction. Vimmera may provide, repeat, and update suitable notices in the user interface, in accompanying information, or elsewhere as appropriate in order to comply with legal transparency obligations.

Insofar as the software solutions provide or output synthetic, AI-generated, or otherwise automatically generated content, Vimmera may – where necessary and technically and organizationally appropriate – provide additional labels, notices, or other transparency measures in order to meet applicable legal requirements.

6.4 Responsibility for provided data, rights, and permissibility

Users are responsible for ensuring that all data, documents, prompts, content, templates, images, audio recordings, reference materials, personal data, trade secrets, copyrighted works, or other information entered, uploaded, transmitted, or otherwise provided by them may be lawfully used and processed.

This includes in particular compliance with data protection, copyright, personality rights, labor law, works constitution law, trade secret protection law, export control law, and other statutory or contractual requirements. Vimmera generally does not review user-provided content to determine whether it may lawfully be entered into or processed by the software solutions.

Incomplete, outdated, contradictory, impermissible, or insufficiently authorized data as well as unclear or unsuitable inputs can lead to erroneous, incomplete, or unusable results. The professional review and use of the results are the responsibility of the respective users or the organization on whose behalf the use takes place.

6.4.1 Audio recordings, meeting recordings, and transcriptions

If users enter, upload, transmit, or have processed in the software solutions audio recordings, video recordings, meeting recordings, conversation recordings, transcripts, or other content from conversations, meetings, telephone calls, video conferences, or comparable communication situations, they are solely responsible for ensuring that the recording, storage, transmission, upload, and processing of this content is lawfully permissible.

In particular, the user warrants that they possess all rights, authorizations, legal bases, consents, approvals, or other permissions required for this purpose and that all affected persons, in particular conversation, meeting, or conference participants, have been informed in a legally sufficient manner before recording and processing, insofar as this is required by law.

This includes in particular compliance with data protection, personality rights, labor law, works constitution law, copyright, trade secret protection, and criminal law requirements. In particular, uploading or processing audio or conversation recordings created secretly, without authorization, or without a sufficient legal basis is impermissible.

Vimmera generally does not review audio recordings, meeting recordings, or transcripts provided by users to determine whether they may lawfully be created, recorded, stored, transmitted, or processed. If there is any doubt as to the permissibility of a recording or processing, the user must refrain from using the software solution and carry out a legal review in advance.

6.5 Priority of special data protection agreements

If a data processing agreement, a Data Processing Agreement, a confidentiality agreement, or any other special data protection or security agreement has been concluded for a specific use, a customer project, or an organization, these provisions shall apply supplementarily within their respective scope and, insofar as they concern mandatory data protection issues, shall take precedence. Mandatory statutory data protection requirements shall always remain unaffected.

7. Responsibility and security

Users bear sole responsibility for their inputs and for the manner in which they use the content generated, provided, or output by the software solutions. The software solutions serve solely as supporting assistance and information tools and do not replace careful independent review or professional, legal, economic, technical, or other professional advice, insofar as such advice is required in the individual case.

If individual user accounts, access credentials, or authentication data are assigned for individual software solutions or systems, users are obliged to

• treat them confidentially,
• protect them from access by unauthorized third parties and
• not to be passed on to other persons.

If there is any suspicion of misuse, unauthorized use, or unauthorized access, Vimmera must be informed immediately so that appropriate security measures can be taken.

8. Technical Limitations and Availability

Vimmera is entitled to take the software solutions wholly or partially

• temporarily out of operation, in particular for maintenance, updates, further development, capacity adjustments, or troubleshooting,
• to change, restrict, or expand their functionality,
• as well as to temporarily or permanently restrict or block access to individual or all software solutions for technical, operational, legal, or security-related reasons.

There is no entitlement to the software solutions being available at all times, without interruption, or without errors. Vimmera endeavors to remedy disruptions, interruptions, and impairments to operations as promptly as possible, but assumes no warranty in this regard.

9. System Integrity and IT Security

Users may not take any measures aimed at

• analyzing the source code, internal interfaces, or system components without authorization,
• bypassing or disabling security mechanisms,
• overloading the system through excessive or automated requests (e.g. DDoS, bots, scraping),
• obtaining unauthorized access to data or functions.

Violations of these provisions may result in civil and criminal consequences and lead to immediate blocking of access.

10. Ownership of Generated Content

The rights to the software solutions, the technology underlying them, the models, systems, components, user interfaces used, as well as the underlying software and system architecture, remain with Vimmera or the respective rights holders, in particular licensors, technology providers, or providers of AI models.

Vimmera grants users a simple, non-exclusive, non-transferable, and revocable right to use the content provided or generated within the scope of the software solutions solely within the intended purpose of use and in accordance with these terms of use. Any use beyond this, in particular public, systematic, independent commercial use or use outside the contractual purpose, publication, exploitation, marketing, or disclosure, requires Vimmera’s express prior consent, unless mandatory statutory provisions provide otherwise.

By using content generated or provided by the software solutions, users may not create the false impression that it constitutes binding, final, or official statements, opinions, approvals, or communications from Vimmera or third parties, unless it is expressly marked or authorized as such.

10.1 Protection of Confidential Technology, System Prompts, and Model Components

All software components, system components, frameworks, methods, templates, models, model components, model weights, parameters, embeddings, system prompts, configurations, workflows, interface logic, security mechanisms, documentation, technical concepts, and other solution components used or provided by Vimmera may constitute confidential technology, know-how, and trade secrets of Vimmera or integrated technology providers.

Users are prohibited from copying, extracting, decompiling, reverse engineering, rebuilding, reconstructing, disclosing, publishing, making available to third parties, using for the development of competing solutions, or using outside the intended purpose of use such components in whole or in part. This applies in particular to system prompts, internal instructions, tool configurations, agent logic, security rules, guardrails, technical protection mechanisms, data structures, interface logic, and non-publicly accessible system information.

Likewise prohibited are targeted attempts to disclose, read out, or make usable such information through special inputs, role-playing, circumvention instructions, technical queries, prompt injection, structured extraction, automated querying, or other circumvention methods.

11. Use with Other AI Systems

The combination, integration, or other linking of the software solutions with other AI systems, automation tools, external data processing environments, or training environments is not permitted without Vimmera’s express written consent. This applies in particular to

• the systematic transfer of inputs, outputs, results, or other content of the software solutions to other AI models or external systems,
• the use of content generated, provided, or processed by the software solutions as training, test, or optimization data for third-party AI systems,
• the setup, derivation, or operation of systems, applications, or processes that automatically make decisions or perform further processing on the basis of results from the software solutions without this having been expressly approved by Vimmera.

Without Vimmera’s express written consent, it is also not permitted to

• export, aggregate, or use content or results of the software solutions to a significant extent for training, fine-tuning, or optimizing third-party systems,
• integrate the software solutions into automated process, decision-making, or AI pipelines that lie outside the technical or functional scope of use intended by Vimmera,
• disclose, pass on, evaluate, or use system instructions, system prompts, internal configurations, technical protection mechanisms, or other non-public technical details for the purpose of rebuilding, imitating, or circumventing the system.

12. Third-Party Links

To the extent that the software solutions refer to external websites, content, interfaces, data sources, or other third-party services, access them, or enable their integration, Vimmera assumes no responsibility for their content, accuracy, completeness, availability, security, or legality. Use of such external resources is solely at the user’s own risk. The respective operators or providers are solely responsible for third-party content and services.

13. Feedback and Further Development

Users may voluntarily submit feedback, error reports, notes, or suggestions for improvement regarding the software solutions to Vimmera. Vimmera is entitled to use this feedback free of charge, without time limitation, and without any obligation to name the user or author, for the analysis, further development, optimization, and improvement of the software solutions as well as other products, services, and systems of Vimmera.

14. International Use and Export Control

Use of the software solutions may be subject to export control, sanctions, or embargo restrictions. Users may neither use the software solutions in a manner nor from locations, by persons, or for purposes that violate applicable export control, sanctions, or embargo regulations.

Vimmera is entitled to restrict or block access to the software solutions for legal or regulatory reasons in certain countries, regions, or for certain user groups.

15. Force Majeure

Vimmera is not liable for delays, disruptions, restrictions, or outages of the software solutions insofar as these are based on events beyond Vimmera’s reasonable control. These include in particular natural disasters, war, terrorism, pandemics, strikes, lawful industrial action, official measures, outages or disruptions of energy, telecommunications, or other infrastructures, as well as service disruptions or outages of third-party providers.

16. No Legally Binding Advice

The software solutions do not constitute legally binding or professionally conclusive advice, assessment, or decision support. This applies in particular to

• legal, tax, regulatory, or compliance-related issues,
• medical, therapeutic, psychological, or other health-related issues,
• security-critical, operationally relevant, or technically sensitive configurations, decisions, or measures, especially in production or otherwise risk-prone environments.

In such cases, a suitably qualified professional must always be consulted. The content provided by the software solutions can at most serve as an initial, non-binding orientation or supportive structuring.

17. Protection of Intellectual Property

Users may not enter, upload, transmit, or otherwise process any content into the software solutions

• to which they do not have the rights, usage authorizations, or other permissions required for this purpose,
• that infringes trade secrets, confidential information, or other protected rights of third parties,
• that is protected by copyright, trademark, database, design, or other statutory rights without corresponding authorization.

Vimmera reserves the right to take appropriate measures in the event of obvious or sufficiently concrete indications of legal violations. These include in particular blocking access, restricting use, securing relevant processes for evidentiary purposes, and initiating legal action.

17.1 Indemnification for Unlawful or Unauthorized Content Provided

The user, or the organization on whose behalf the user acts, shall indemnify Vimmera against all claims, demands, damages, costs, and expenses asserted by third parties against Vimmera because content provided, entered, uploaded, transmitted, or otherwise processed by the user was used unlawfully, impermissibly, or without sufficient rights, authorizations, consents, legal bases, or other permissions.

This applies in particular to claims in connection with personal data, audio recordings, video recordings, meeting recordings, conversation recordings, transcripts, images, documents, confidential information, trade secrets, copyrighted works, trademark rights, personality rights, data protection rights, or other third-party rights.

The indemnification also covers reasonable costs of legal defense, including necessary legal, court, and advisory costs, insofar as these arise from a justified claim or the reasonable review and defense against corresponding claims.

This does not apply insofar as Vimmera itself has caused the respective claim intentionally or through gross negligence, or mandatory statutory provisions preclude indemnification.

18. Sanctions for Violations

In the event of violations of these terms of use or misuse of the software solutions, Vimmera is entitled, depending on the nature, severity, duration, and frequency of the violation, in particular to take the following measures:

• oral or written warnings,
• temporary restrictions of individual functions or usage rights,
• temporary blocking of user accounts, access, or individual software solutions,
• permanent blocking of user accounts, access, or use as a whole,
• assertion of civil claims, as well as
• filing criminal complaints, where there is cause to do so.

The selection, combination, and design of the measures shall be at Vimmera’s due discretion.

19. Changes to the Terms of Use

Vimmera is entitled to amend these terms of use at any time with effect for the future, in particular in the event of

• changes or further development of the technical systems,
• the introduction of new functions or software solutions,
• adjustments to changed legal, regulatory, or official framework conditions,
• changes, expansions, or restrictions of the scope of functions or usage options.

The current version of the terms of use will be made available in an appropriate form, in particular via the website, within the respective application, or by other suitable means. Changes are generally announced with reasonable advance notice, usually at least 14 days before they take effect, unless a shorter-term change is required to address security risks, prevent misuse, or implement mandatory legal, regulatory, or official requirements.

By continuing to use the software solutions after the changes take effect, the updated terms of use are deemed accepted. Users who do not agree with the changes must discontinue use of the affected software solutions. Vimmera reserves the right to require express renewed confirmation of the updated terms of use in individual cases.

20. Liability and Limitation of Liability

The content generated, provided, or output by the software solutions may be wholly or partially AI-based, automated, or generated probabilistically. It may therefore be factually incorrect, incomplete, misleading, or outdated. Vimmera assumes no warranty that such content is factually correct, complete, up to date, free of third-party rights, or suitable for a particular purpose.

The software solutions in particular provide

• no legally binding information,
• no legal, tax, or other binding advice,
• no medical, therapeutic, safety-related, or technical expert advice within the meaning of liability law,
• no reliable basis for decisions that require qualified professional review.

Users must therefore not make decisions solely on the basis of content generated or provided by the software solutions. Independent review remains necessary at all times, as well as, where required by the nature of the issue, consultation of appropriately qualified professionals.

To the extent permitted by law, Vimmera is liable for damages in connection with the use or non-use of the software solutions only in cases of intent and gross negligence.

In the case of slight negligence, Vimmera is liable only for the breach of essential contractual obligations, the fulfillment of which makes proper use of the software solutions possible in the first place and on whose compliance the user may regularly rely. In this case, liability is limited to the foreseeable damage typical for the contract.

The above limitations of liability do not apply in cases of mandatory statutory liability, in particular in the event of injury to life, body, or health, as well as under product liability law or where Vimmera has exceptionally assumed an express guarantee.

21. Dispute Resolution and Jurisdiction

In the event of disputes, disagreements, or claims in connection with these terms of use or their application, interpretation, performance, or validity, the parties shall first attempt to reach an amicable settlement.

To the extent permitted by law, the exclusive place of jurisdiction for all disputes arising out of or in connection with these terms of use shall be the registered office of Vimmera AI Solutions GmbH. This applies in particular if the user or the legal entity, company, or other organization on whose behalf the user acts is a merchant, a legal entity under public law, or a special fund under public law.

If no exclusive place of jurisdiction can be agreed under the preceding paragraph or mandatory statutory provisions conflict with this, the statutory rules on jurisdiction shall apply.

The law of the Federal Republic of Germany shall apply, excluding the conflict-of-law rules of private international law and, where applicable, the UN Convention on Contracts for the International Sale of Goods (CISG), insofar as mandatory statutory provisions do not conflict with this.

22. Age Restriction

The software solutions are intended exclusively for use by adults, i.e. persons who have reached the age of 18. If users act on behalf of a company, organization, or other third party, they must ensure and, upon request by Vimmera, prove that they are duly authorized to do so.

23. Final Provisions

The law of the Federal Republic of Germany shall apply, excluding the UN Convention on Contracts for the International Sale of Goods (CISG).

Amendments and supplements to these terms of use generally require text form, unless mandatory statutory provisions prescribe a stricter form. This also applies to the waiver of this text form requirement.

23.1 Relationship to Special Agreements and Provider Terms

Individual written agreements, special usage approvals, data processing agreements, confidentiality agreements, project-specific security requirements, as well as mandatory statutory requirements, shall take precedence over these terms of use insofar as they contain expressly deviating or stricter provisions for the respective area of regulation.

Terms of use, security policies, acceptable use policies, codes of conduct, and other requirements of integrated technology providers apply in addition. To the extent such requirements contain stricter or more extensive usage restrictions, these must be complied with. Vimmera is entitled to restrict use accordingly if this is necessary or appropriate to comply with such requirements.

24. Severability Clause

Should a provision of these Terms of Use be or become wholly or partially invalid, void, or unenforceable, the validity of the remaining provisions shall remain unaffected. In place of the invalid provision, such an effective provision shall be deemed agreed upon that comes closest to the economic purpose of the invalid provision. The same applies in the event of gaps in the provisions.