General Terms and Conditions (GTC).

For thehyv.io and thehyv.io Platform (partners.thehyv.io)
B2B SaaS Collection Orchestration Platform Version: 07.10.2025
1. Parties, Scope, and Contract Formation
1.1 Provider. These GTC govern the relationship between Hyv Systems GmbH, registered at Friedenstr. 8h, 85221 Dachau, registered with the commercial register of Munich under HRB 302659 (“Provider”, “we”, “us”), and the business customer using the Services (“Merchant”, “you”).
1.2 B2B Only. The Services are offered exclusively to entrepreneurs (Unternehmer) within the meaning of §14 BGB (including legal entities under public law and special funds under public law). Consumers (§13 BGB) are excluded. Provider may require proof of business status.
1.3 Binding Agreement. A binding agreement arises upon (i) execution of an Order Form or online sign‑up and acceptance of these GTC, or (ii) API key issuance or first access to the Platform, whichever occurs first. If there is an Order Form, its commercial terms prevail over these GTC in case of conflict.
1.4 Language. The contract language is English. For legal interpretation, English prevails. German law applies (see Section 20).
2. Definitions
  • “Agencies” means third‑party debt collection agencies, law firms, or recovery vendors connected to the Platform.
  • “API” means the application programming interfaces we provide.
  • “Case” means a debt account/receivable placed by Merchant for orchestration.
  • “DPA” means the Data Processing Addendum referenced in Section 11.
  • “KPIs” means performance metrics exposed in the Platform (e.g., collection success rates, amounts recovered, case volumes, status).
  • “Platform” means thehyv.io SaaS environment, including dashboards, APIs and integrations.
  • “Services” means access to and use of the Platform as described in Section 3.
  • “Subprocessors” means third parties engaged by Provider to process personal data for the Services.
3. Services; Product Description
3.1 Collection Orchestration. The Platform enables you to upload Cases via CSV or through the API, route them to connected Agencies, and manage the entire collections workflow in one place. The Platform acts as your single source of truth for KPIs such as collection success rates, number of Cases placed, active status, and per‑Case timelines.
3.2 Agency Requests. Requests from Agencies (e.g., missing documentation, approvals, settlement offers) are handled directly inside the Platform, with audit trails and notifications.
3.3 No Legal Services. Provider supplies technology only. We are not a law firm, debt collector, payment institution, merchant of record or money transmitter. We do not provide legal advice and do not engage in regulated collection activities unless expressly agreed in a separate written addendum compliant with Applicable Laws.
3.4 Third‑Party Services. The Platform connects to third‑party services (Agencies, payment providers, comms tools). Their use is subject to their own terms; we are not responsible for their performance. You remain responsible for maintaining your direct contracts with Agencies/PSPs unless otherwise agreed in writing.
3.5 Changes. We may update the Services (security, performance, features). Changes that materially reduce core functionality will be announced with reasonable advance notice. Section 19 governs GTC updates.
4. Account Registration and Access
4.1 Registration. You must provide accurate business information. We may refuse or revoke access if eligibility is not met.
4.2 Credentials. You are responsible for users you authorize, safeguarding credentials, and ensuring least‑privilege access. You will notify us without undue delay upon suspected compromise.
4.3 Acceptable Use. You will not (i) misuse the Platform; (ii) attempt to bypass security, decompile, or reverse engineer; (iii) use the Services for unlawful, harmful, misleading, or harassing communications; or (iv) process Cases without a lawful basis.
5. Merchant Obligations
5.1 Lawful Placement. You warrant that each Case is valid, due and enforceable, not statute‑barred or discharged, and includes accurate balances and documentation.
5.2 Compliance. You are solely responsible for compliance with applicable laws and regulations, including consumer protection, unfair practices, and—where relevant— German RDG (Rechtsdienstleistungsgesetz), UWG, BDSG/GDPR, and e‑privacy/telecommunications laws. You will ensure required consents or legal bases for all processing and communications.
5.3 Policies & Instructions. You will set contact rules, vulnerable customer handling, dispute and hardship policies, and ensure Agencies act accordingly.
5.4 Data Quality. You will provide accurate and timely data feeds and updates (payments, disputes, recalls, bankruptcies), and respond to Agency requests in the Platform within your internal SLAs.
6. Provider Responsibilities
6.1 Operation & Support. We will operate the Platform with reasonable skill and care and provide support during business hours Europe/Berlin. Uptime targets are described in the SLA referenced in Schedule 1.
6.2 Security. We implement appropriate technical and organizational measures (encryption in transit/at rest, access controls, logging/monitoring, vulnerability management). Summary controls are set out in Schedule 1.
6.3 Suspension. We may suspend access to protect the Platform or comply with law, after giving notice where reasonable.
7. KPIs and Data Accuracy
7.1 Single Source of Truth. The Platform aggregates inputs from you and third parties to present KPIs and timelines. You acknowledge that accuracy depends on data provided by you and Agencies/PSPs.
7.2 No Guarantee of Recovery. KPIs are for operational insight only and are not a guarantee of recovery outcomes.
7.3 Exports. The Platform provides dashboard views, CSV exports and webhooks for your systems.
8. Fees and Payment
8.1 Fees. Fees are as agreed in the merchant services agreement. Fees are exclusive of VAT and other taxes.
8.2 Invoicing & Due Date. Unless otherwise agreed, invoices are issued monthly and due within 30 days of invoice date. You are in default without further reminder after the due date.
8.3 Default Interest and Costs. In case of default, statutory default interest applies pursuant to §288(2) BGB (commercial transactions) plus reasonable dunning costs.
8.4 Set‑off/Retention. You may only set off or exercise a right of retention with undisputed or finally adjudicated claims.
9. Intellectual Property; Licence
9.1 Ownership. Provider retains all rights in the Platform and documentation. No rights are granted other than those expressly set out.
9.2 Licence. During the term, we grant you a non‑exclusive, non‑transferable right to access and use the Platform for your internal business purposes, subject to these GTC.
9.3 Feedback. We may use ideas or suggestions you submit without restriction.
10. Confidentiality
10.1 Obligation. Each Party will protect the other’s Confidential Information with reasonable care, use it only to perform the contract, and disclose it only to personnel/contractors who need to know and are bound by confidentiality.
10.2 Exceptions. Information is not confidential if publicly available without breach, lawfully obtained from a third party, independently developed, or required to be disclosed by law (with notice where lawful).
11. Data Protection (GDPR)
11.1 Roles. For personal data processed in the Services, Merchant is Controller and Provider is Processor.
11.2 DPA. The Parties incorporate the Data Processing Addendum (DPA) available at [link] into these GTC. In case of conflict, the DPA prevails for data protection matters.
11.3 Subprocessors & Transfers. We may use Subprocessors subject to contractual safeguards and, where applicable, implement EU Standard Contractual Clauses and supplementary measures for international transfers.
11.4 Deletion/Return. Upon termination or on request, we delete or return personal data per the DPA, subject to statutory retention duties.
12. Warranties and Disclaimers
12.1 Authority. Each Party warrants it is duly organised and has authority to enter into these GTC.
12.2 Service Warranty. Provider warrants that the Services will materially conform to the documentation and be provided with reasonable skill and care.
12.3 Disclaimer. Except as expressly stated, the Services are provided “as is”. We do not warrant specific collection outcomes, uninterrupted operation, or error‑free performance.
13. Liability (German Law)
13.1 Unlimited Liability. Nothing limits liability for intent (Vorsatz), gross negligence (grobe Fahrlässigkeit), injury to life, body, or health, or under the German Product Liability Act.
13.2 Cardinal Duties. For slight negligence (einfache Fahrlässigkeit), we are liable only for breach of essential contractual obligations (wesentliche Vertragspflichten); in that case, liability is limited to typical and foreseeable damages.
13.3 Cap. Subject to Sections 13.1 and 13.2, each Party’s aggregate liability arising out of or in connection with the Services in any 12‑month period is limited to the net Fees paid or payable by Merchant for that period.
13.4 Exclusions. Liability for lost profits, savings not realized, and indirect or consequential damages is excluded, except where covered under Sections 13.1/13.2.
14. Indemnities
14.1 By Merchant. You will indemnify us against third‑party claims, fines or penalties arising from (i) unlawful placement or inaccurate Case data; (ii) your failure to obtain necessary consents or provide required notices; or (iii) your breach of law or these GTC.
14.2 By Provider. We will defend you against third‑party claims alleging that the Platform, as provided, infringes IP rights, and pay final damages awarded or settlements approved by us, provided you promptly notify us and allow us control of the defence. We may modify the Services or procure a licence; if not feasible, we may terminate affected features with a pro‑rata refund of prepaid Fees.
15. Term, Termination, and Suspension
15.1 Term. The contract term is as stated in the Order Form or online plan. If not stated, the initial term is 12 months, renewing automatically for 12‑month periods unless terminated with 60 days’ notice prior to renewal.
15.2 For Cause. Either Party may terminate for material breach if not cured within 30 days of notice. We may terminate immediately for unlawful use or serious security risk.
15.3 Effect. Upon termination, your access ends and fees due become payable. We will provide 30 days of reasonable export assistance. Data deletion/return is handled under the DPA.
16. Changes to Services and GTC
16.1 Service Changes. See Section 3.5.
16.2 GTC Changes. We may amend these GTC for valid reasons (changes in law, security, functionality). We will notify you in text form (Textform) at least 30 days before entry into force. If you object in text form before the effective date, the prior GTC continue until the end of the current term; thereafter, we may terminate with 30 days’ notice. Continued use after the effective date constitutes acceptance. This clause applies only B2B.
17. Force Majeure
Neither Party is liable for delays or failure due to events beyond reasonable control (e.g., outages by third‑party providers, strikes, natural disasters, governmental actions), but will use reasonable efforts to mitigate effects.
18. Assignment and Subcontracting
You may not assign the contract without our prior consent, except to affiliates in the same corporate group with notice. We may assign to an affiliate or in connection with a merger/acquisition. We may subcontract, remaining responsible for subcontractors.
19. Notices
Notices under these GTC must be in text form (e.g., email) unless a stricter form is required by law. Provider contact: support@thehyv.io (update as needed).
20. Governing Law and Venue; Exclusion of CISG
These GTC and any non‑contractual obligations are governed by the laws of Germany. The courts of Munich have exclusive jurisdiction. The U.N. Convention on Contracts for the International Sale of Goods (CISG) does not apply.
21. Final Provisions
21.1 Entire Agreement; Precedence. These GTC together with the Order Form and Schedules (including Schedule 1 — SLA & Security Summary and the DPA) constitute the entire agreement. In case of conflict: Order Form > DPA (for data protection) > these GTC > Schedule 1.
21.2 No Waiver. Failure to exercise a right is not a waiver. A waiver must be in writing.
21.3 Severability. If any provision is invalid, the remainder remains effective. The Parties will replace an invalid provision with a valid one that best achieves the intended economic purpose.
21.4 Export Controls and Sanctions. You warrant compliance with applicable export control and sanctions regimes and will not use the Services in violation thereof.
Schedule 1 — SLA & Security Summary (Extract)
  • Uptime target: 99.9% monthly (excluding planned maintenance notified 72h in advance).
  • Support hours: Business hours Europe/Berlin; responses within 24h Monday - Friday
  • Security controls: Encryption in transit/at rest; SSO/MFA; role‑based access; logging/monitoring; vulnerability management; annual penetration tests; secure development; data residency primarily in EU/EEA (unless otherwise agreed in the DPA).
  • Backups & DR: Regular backups; documented recovery plans; RPO/RTO targets available on request.
Made on
Tilda