Terms & Conditions

These General Conditions of Service (hereinafter, the “Conditions”) govern the contractual relationship between Sefthy (cloud service provider) and the Customer/User (Managed Service Provider – MSP, or System Integrator) who purchases Sefthy’s services for the purpose of reselling them to third parties. The User fully accepts these Conditions at the time of online purchase of the services or in any case through the use of the same. The resulting contract is to be considered concluded in a unilateral and binding form when Sefthy confirms the order or activates the services purchased by the User.

1. Object and Description of Services

Sefthy provides professional cloud solutions, including in particular:

• Backup Services – Cloud space and platforms for the safe saving of copies of data and systems, with the possibility of recovery in the event of information loss.
• Disaster Recovery (DR) Services – Solutions for the continuous replication of systems and data at Sefthy infrastructures, in order to guarantee operational continuity in the event of failures or catastrophic events that affect the User’s main infrastructure.
• Virtualization Services (Virtual Machines) – Virtual computing resources (servers, CPUs, RAM, storage) hosted on Sefthy data centers, which the User can configure and manage to provide IT services to its customers.
• Cloud Storage Services – Remote storage space for data and files, accessible via the Internet in a secure manner, with scalability options based on needs.

(In this Agreement, the services listed above and any other related cloud services provided by Sefthy are collectively referred to as the “Services”.)

The technical specifications, features and limits of each Service are described in the documentation and/or information sheets published on the Sefthy website, which the User declares to know and accept. Sefthy reserves the right to update or modify the characteristics of the Services at any time (for example, to improve performance, security or regulatory compliance), without prejudice to compliance with the guaranteed service levels and these Conditions.

2. Acceptance and Validity of the Contract

The User declares to have read and understood these Conditions and, by purchasing the Services online (for example by selecting the option “I accept the Terms of Service” during registration or by finalizing an order on the Sefthy website) or by starting to use the Services themselves, expresses his/her consent and full acceptance of this contract. The Conditions are considered accepted even in the absence of a manual signature, through online membership or use of the Services, and this will have full legal validity pursuant to art. 1326 of the Civil Code (contract concluded through conclusive conduct).

The contract is considered effective from the date on which Sefthy confirms the activation of the Services purchased by the User and will remain valid for the entire duration of use of the Services by the User. Unless otherwise provided, the contract has an indefinite duration. The User may withdraw at any time by interrupting the use of the Services and communicating in writing to Sefthy the desire to terminate the contractual relationship; the withdrawal will become effective at the end of the current billing period (where applicable) and without prejudice to any amounts still due. Sefthy, for its part, reserves the right to withdraw from this contract with a 30-day written notice to the User, without prejudice to the right to immediately suspend or terminate the contract in cases of serious breach by the User as regulated in these Conditions.

3. User Obligations

The User, as a purchaser and/or reseller of Sefthy Services, undertakes to comply with the following obligations in the use of the Services themselves, both directly and by ensuring that their end customers (recipients of resale) comply with the same rules:

• Use in accordance with the law: You must use the Services only for lawful purposes and in compliance with all applicable laws and regulations. You are expressly prohibited from using the Services for fraudulent purposes, to commit or promote illegal activities (such as, by way of example, the infringement of copyright or intellectual property rights, the dissemination of child pornography, hacking, phishing, spamming, or other violations of the law) or in a way that causes damage to third parties. You are solely responsible for the content of the data, software and any other information that you upload, store or transmit through the Services, and you guarantee that such content does not violate the rights of third parties or mandatory regulations. In the event of violations, you agree to indemnify and hold Sefthy harmless from any prejudicial consequences, claims or sanctions arising from such improper use.
• Correct use of the Services: The User is required to use the Services in accordance with the technical instructions provided by Sefthy and not to interfere in any way with the normal functioning of the Sefthy infrastructure. In particular, the User must not: violate or attempt to violate Sefthy’s security systems, access the resources of other customers or Sefthy without authorization, perform penetration tests or scans of Sefthy’s networks without written consent, use resources in an anomalous or excessive manner that compromises the stability of the servers (except as provided for in the agreements on elastic provisioning), nor carry out activities that may damage, overload or deteriorate Sefthy’s servers or network.
• Access and security credentials: The User is responsible for the safekeeping of his/her authentication credentials (username, password, API key and similar) provided by Sefthy for access to the Services. These credentials are personal and non-transferable; the User must take adequate measures to keep them confidential and safe from unauthorized access. In the event of loss, theft or suspected compromise of the credentials or unauthorized access to his/her account, the User must immediately inform Sefthy, which may take the necessary measures (e.g. temporary suspension of the credentials and issuing new ones) to protect the security of the Services. It is understood that any activity carried out through the User’s account (including that of any sub-users or end customers) is presumed to be carried out under the responsibility of the User himself/herself.
• Obligations to End Customers (Resale): When reselling the Services to your end customers, you remain solely responsible to such customers for the correct provision of the Services and for the contractual obligations you have undertaken towards them. Sefthy does not have any direct contractual relationship with your end customers nor does it assume any direct obligations towards them. You agree to ensure that the contracts entered into with your end customers contain conditions of use of the services that are consistent with these Terms (in particular with regard to limitations of use, warranty exclusions and limitations of liability) and to ensure that your end customers comply with such conditions. You shall also indemnify and hold Sefthy harmless from any claims, actions or requests for compensation made by your end customers against Sefthy in relation to the Services provided.

4. Fees, Payment Methods and Invoicing

The User undertakes to pay Sefthy the amounts due for the Services purchased, according to the prices and economic conditions indicated in the official price list of Sefthy or in the personalized offer provided to the User at the time of the order. Unless otherwise agreed in writing, all fees are net of VAT and any other applicable taxes, which will be added to the invoice in accordance with current tax legislation.

Payment for the Services must be made in the manner and within the terms indicated by Sefthy. Sefthy, through its payment and invoicing platform (e.g. Paddle), usually supports payment methods such as credit card or other electronic methods indicated on its website or in the purchase order. The User is required to provide and keep updated the necessary payment data (e.g. credit card details) and authorizes Sefthy, through the payment and invoicing platform used, to charge the amounts due on such instruments, according to the expected invoicing frequency (e.g. monthly, yearly or one-off, depending on the Service).

It is the User’s responsibility to verify the accuracy of the tax registration data communicated and to promptly report any errors.

In the event of a delay in the payment of any amount by the relevant deadlines, default interest will automatically accrue, without the need for formal notice, to be paid by the User in the amount provided for by Legislative Decree 231/2002 (legal interest for late payment in commercial transactions) or, if higher, in the different amount possibly indicated in the specific economic conditions. The further remedies of Sefthy in the event of non-payment, described in the following articles (suspension of service and termination of contract for non-payment), remain unaffected.

5. Suspension of Service

If the User fails to pay one or more amounts due (in whole or in part) on time by the due date indicated on the invoice or in the order summary, Sefthy will have the right to suspend, even without further notice, the provision of the Services connected to the non-payment (suspension for non-payment). The suspension may concern access to all resources provided within the scope of the Services in question (e.g. virtual machines turned off, blocking of backup/restore operations, inaccessibility of data on cloud storage) until the User has paid the sums due in full. During the suspension period, the User remains obliged to pay the accrued fees and may not claim reimbursements or extensions of the service for the period of non-use due to the suspension itself.

Sefthy undertakes to inform the User of the suspension by sending a communication (for example via email to the account reference address) indicating the reason for the suspension (unpaid) and inviting the User to make payment within a short time. Where the User pays in full the amount due, Sefthy will reactivate the suspended Services in the shortest time technically possible (indicatively within 24 hours of confirmation of payment, except for different technical times for the propagation of the reactivation).

6. Cancellation of Service and Data for Non-Payment

If the User does not settle his outstanding amount within the mandatory term of 5 (five) calendar days from the date of suspension of the Service due to non-payment (or, in any case, within 5 days of non-payment of the relevant invoice), Sefthy will have the right to proceed with the termination of the contract by operation of law limited to the outstanding Services, pursuant to and for the purposes of art. 1456 of the Italian Civil Code, by simple written communication to the User (including via email). As a result of the termination, Sefthy will proceed with the definitive deactivation of the Services concerned and the automatic deletion of all the User’s data and configurations relating to such Services from its systems.

⚠️ After the 5 days of grace period without receipt of payment, the deletion of the data will occur irreversibly: all backups, virtual machines, storage volumes and any other data associated with the suspended Services may be permanently deleted from Sefthy’s servers, without further notice. The User acknowledges and accepts that, in such an eventuality, he/she will not be entitled to any compensation or indemnity for the loss of deleted data, as such consequence is attributable to his/her non-fulfilment. It is therefore the User’s responsibility to maintain updated backup copies of his/her critical data in systems external to Sefthy, or to promptly settle invoices in order to avoid the deletion of data beyond the deadline indicated above.

In any case, Sefthy’s right to act for the recovery of outstanding credits in the manner provided by law remains intact. Any reactivation of Services after their cancellation due to non-payment will be at the sole discretion of Sefthy and may involve additional reactivation costs and the impossibility of recovering previously archived data.

7. Service Level Agreement (SLA)

Sefthy undertakes to guarantee a level of availability of the Services equal to 99.7% on an annual basis (SLA – Service Level Agreement). This means that, over a calendar year, the Services will be available and functioning for at least 99.7% of the time. The SLA applies to the infrastructure under the direct control of Sefthy and to the reachability of the Services via the Internet.

The calculation of the percentage of availability excludes all service interruptions due to:

• Scheduled maintenance, of which Sefthy has given prior notice to the User (for example scheduled hardware or software updates, security patches, infrastructure upgrades). Sefthy will try, where possible, to carry out scheduled maintenance at night or during less frequent use, and to provide reasonable notice (e.g. at least 48 hours) via communication on the site or via email.
• Force majeure events (as defined in the following Limitation of Liability clause) or in any case causes not attributable to Sefthy (for example malfunctions of global Internet networks, problems arising from the User’s connectivity providers, cyber attacks of an exceptional and unforeseeable nature).
• Suspensions of Service ordered by Sefthy in accordance with this contract (e.g. suspensions for non-payment pursuant to art. 5, or suspensions for security reasons/technical emergencies).
• Any other circumstances expressly excluded from the SLA according to any service specifications communicated to the User.

If Sefthy is unable to maintain the agreed SLA (or if an uptime lower than 99.7% per year occurs for reasons attributable to Sefthy), the User may request compensation from Sefthy through a compensatory credit, determined according to Sefthy’s service policies possibly attached to this contract or published on the site. Such compensation – where applicable – will constitute the sole and exclusive remedy available to the User in the event of failure to comply with the guaranteed service levels. In any case, to activate the SLA verification procedure and any recognition of credit, the User must submit a specific written report to Sefthy within 30 days of the occurrence of the disservice, providing all the details necessary for verification (dates and times of unavailability found, description of the impact, etc.). Sefthy, upon receipt of the report, will carry out the appropriate checks and provide feedback to the User, crediting any compensation due as established.

8. Limitation of Liability

To the maximum extent permitted by law, Sefthy limits its liability to you as follows:

• Indirect and consequential damages: Sefthy will not be liable under any circumstances for indirect, consequential damages or loss of profits suffered by the User or third parties in connection with the use (or inability to use) the Services. This includes, by way of example and not limited to, loss of business, commercial opportunity, revenue or profits, business interruption, loss of goodwill or reputation, or loss of data (except in the case of willful misconduct or gross negligence of Sefthy, to the extent that by law it cannot be excluded).
• Maximum limit of compensation: Sefthy’s overall liability for any proven direct damages resulting from breaches attributable to it may not in any case exceed 50% of the amount of the fees actually paid by the User to Sefthy, relating to the specific Service that caused the damage, in the 12 (twelve) months immediately preceding the damaging event. If the contract has had a shorter duration, the total paid by the User up to that moment for the Service in question will be considered.
• Data loss or alteration: The User acknowledges that Sefthy provides data protection services (backup, redundant storage, etc.), but no computer system is totally immune from failures or anomalies. Consequently, except as may be provided for by specific SLA clauses or additional contractual guarantees, Sefthy assumes no responsibility for any loss, destruction, alteration or failure to find User data stored on its systems, nor for damages resulting from accidental disclosure or unauthorized access to data (without prejudice to Sefthy’s obligation to adopt adequate security measures, as indicated in the GDPR clause). It is the User’s responsibility to maintain external and updated backup copies of data considered critical. In any case, the User hereby waives any claim for compensation against Sefthy for the loss of data or for their restoration, except in the case in which such loss is a direct consequence of Sefthy’s willful misconduct or gross negligence.
• Temporary unavailability of the Services: Sefthy cannot be held in breach of its contractual obligations nor liable for malfunctions or temporary interruptions of the Services, when these arise from causes not attributable to Sefthy or are in any case contained within the limits of the guaranteed SLA (99.7% per year, as per clause 7). In particular, the User acknowledges and accepts that temporary disruptions, slowdowns, unavailability or limitations of the Services may occur due to the very nature of cloud services (for example for urgent maintenance interventions, system updates, traffic peaks, events beyond Sefthy’s control). Provided that such events fall within the exclusions or limits of the SLA, they will not constitute a contractual breach by Sefthy.
• Force Majeure: Sefthy shall not be liable for delays or failures to perform caused by Force Majeure events, i.e. events beyond its reasonable control, including (by way of example) fires, floods, earthquakes or other natural events, wars, terrorist acts, strikes (including strikes of its own staff), epidemics/pandemics, prolonged interruptions of electricity or telecommunications services not attributable to Sefthy, government measures, acts of public authorities or other similar unforeseeable and unavoidable circumstances. In the event of a Force Majeure event that prevents Sefthy from providing the Services, Sefthy’s obligations will be suspended for the duration of the event; Sefthy will promptly inform the User of the event and will make every reasonable effort to restore normal operations. If the force majeure event persists for a continuous period of time exceeding 60 days, each party shall have the right to terminate the contract by written communication, without this entailing further liability or penalties, except for the obligation for the User to pay the amounts due for the services used up to that time.
• Sefthy Indemnity for Use of the Service: The User acknowledges that Sefthy does not exercise any control over the content of the information transmitted or stored by the User (or its end customers) through the Services. Therefore, Sefthy is not liable for any content that may be illicit, offensive, infringing the rights of third parties or otherwise inappropriate that may be introduced or conveyed by the User through the use of the Services. The User assumes full responsibility for such content as provided in clause 3, undertaking to indemnify Sefthy from any prejudicial consequences. Furthermore, Sefthy will not be liable for the User’s failure to fulfill obligations towards third parties (including end customers) nor for claims made by the latter relating to the provision or operation of the Services resold by the User.
• Esclusione di garanzie ulteriori: Salvo quanto espressamente stabilito nel presente contratto (ad esempio in tema di SLA), i Servizi sono forniti da Sefthy “così come sono” (as-is) e “secondo disponibilità”. Sefthy non riconosce garanzie ulteriori, espresse o implicite, e in particolare non garantisce che i Servizi soddisferanno tutte le specifiche esigenze dell’Utente, che funzioneranno senza interruzioni, ritardi o errori, né garantisce l’accuratezza o l’affidabilità dei risultati ottenuti con il loro utilizzo, oltre i limiti e le garanzie espressamente previste da queste Condizioni. Nessuna informazione o consiglio, orale o scritto, fornito da Sefthy all’Utente potrà costituire garanzia ulteriore se non espressamente previsto dal contratto.

Any request for compensation for damages against Sefthy must in any case be communicated by the User within 30 days from the moment in which the event that gave rise to the claim occurred (or from the moment in which the User became aware of it), under penalty of forfeiture. It is understood that nothing in this limitation of liability clause may operate in conflict with mandatory provisions of law: where the exclusion or limitation of certain liabilities or guarantees is not permitted by law, the limitations provided for above will apply to the maximum extent permitted, without prejudice to the User’s rights deriving from the applicable law.

9. Personal Data Protection (GDPR)

The parties undertake to process personal data in accordance with the European and Italian legislation in force on the matter, in particular Regulation (EU) 2016/679 (GDPR) and Legislative Decree 196/2003 (Privacy Code), where applicable. The respective roles and obligations in relation to the personal data processed in the context of this contractual relationship are described below:

• End-customer data and User content: For any personal data that may be uploaded, stored or otherwise processed by the User through the Services (for example, data contained in backups, virtual machines or files stored on cloud storage, belonging to the User or its end customers), the User assumes the role of Data Controller. The User guarantees that he has acquired and validly possesses all the legal bases, consents and authorizations necessary to process such data and to entrust the processing thereof to Sefthy within the scope of the Services. Sefthy will act with respect to such data as Data Processor pursuant to art. 28 GDPR, limited to the operations necessary for the provision of the Services (storage, backup, transmission at the User’s request, etc.), adhering to the documented instructions provided by the User and undertaking not to access or use the data for its own unauthorized purposes. Sefthy adopts adequate technical and organizational measures to guarantee a level of security appropriate to the risk (in accordance with art. 32 GDPR) in the storage and processing of such personal data, in order to prevent their destruction, loss, modification, unauthorized disclosure or access, whether accidental or unlawful. If the User processes personal data of third parties (end customers) through the Services, the User undertakes, upon request by Sefthy, to sign a separate Data Processing Agreement (DPA) that regulates in detail the processing carried out by Sefthy as Data Processor, integrating these Conditions, and to provide adequate privacy information to its end customers pursuant to art. 13-14 GDPR.
• User’s personal data (contract holder): The personal data provided by the User to Sefthy for registration to the service, creation of the account and conclusion of the contract (such as name/company name, name and surname of the contact person, address, VAT number/tax code, email and telephone numbers, payment data) will be processed by Sefthy as Data Controller. Such processing will take place for contractual and administrative purposes related to the provision of the Services (execution of contractual obligations, invoicing, customer service, legal compliance, etc.), as well as – with the User’s separate consent – for any commercial or marketing purposes by Sefthy. The data will be processed in compliance with the principles of correctness, lawfulness, transparency and protection of confidentiality, as detailed in the Sefthy Privacy Policy, available on the official website. The User declares to have read this information. At any time the User may exercise the rights recognized to the interested parties by the articles. 15-22 of the GDPR (access, rectification, cancellation, opposition, portability, limitation of processing, etc.) by contacting Sefthy using the methods indicated in the information.

Both parties undertake to fully comply with the privacy legislation. In particular, if the use of the Services involves an exchange of personal data between Sefthy and the User other than that described above, the parties will collaborate to ensure a correct classification of the processing and the adoption of any additional contractual or operational measures necessary (e.g. appointment of an external manager, definition of specific security measures, notifications of any violations of personal data – data breach – according to art. 33 GDPR, etc.). The User remains solely responsible for the lawfulness of the data entered by him into Sefthy’s systems; if Sefthy detects that the User is processing personal data through the Services in violation of the GDPR or other regulations (for example, excessive or irrelevant data, or processing of special categories of data without adequate guarantees), it may suspend the processing of such data and request clarifications from the User, reserving the right to interrupt the Service in serious cases pursuant to the suspension clause.

10. Applicable Law and Jurisdiction

This contract is subject to Italian law. For anything not expressly provided for in these Conditions, the provisions of the law in force in the Italian legal system will apply, with particular reference to the provisions of the Civil Code and any special laws applicable to the services covered by the contract.

For any dispute relating to the validity, interpretation, execution or termination of this contract, the Court of Bari will have exclusive jurisdiction. The parties expressly agree to waive any other jurisdiction that may be provided by law as an alternative or competitor. It is understood that Sefthy will in any case have the right to take action before a jurisdiction other than the one agreed upon, if this is necessary to promote injunctive or conservative actions to protect its rights (for example, debt collection proceedings, to be initiated at the competent court based on the registered office/residence of the User). In any case, this agreement does not affect the mandatory rights that the law may attribute to the User where he/she can be classified as a consumer; However, the parties acknowledge that the User enters into this contract as a professional operator (MSP/System Integrator) and not as a consumer, therefore the consumer protection legislation (including Legislative Decree 206/2005, Consumer Code) does not apply to the contractual relationship in question.

Read, approved and digitally signed by the User through online acceptance pursuant to clause 2.