Service Order Sectigo SSL

This Service Order (hereinafter "SO") forms an integral and substantive part of the General Conditions of Service (hereinafter “GCS") published on Register's website( https://www.register.it/company/legal/ ).
The GCS and this SO establish the terms and conditions for the provision of the SSL Certificate of Sectigo Limited (hereinafter "Service") by Register to the Customer (hereinafter "Customer"). The capitalized terms used in this SO have the same meaning as defined in the GCS.
The offer published online on the website https://www.register.it forms an integral part of these conditions ("Offer").


1. Object of the Agreement
The Service allows the Customer to activate an SSL Certificate with the Certification Authority Sectigo, to the benefit of the Subscriber, in accordance with the conditions set out in the following articles and with the features and procedures established in this Agreement and its Annexes.
The SSL Certificate consists of a key pair and of verified identity information.
The Customer is informed that Register acts as a reseller of an external supplier, Sectigo Limited, as identified below.


2. Definitions
For the purposes of this Agreement, the following definitions shall apply:
- "Register": Register S.p.A. with registered office in Viale della Giovine Italia 17, Florence (FI), VAT no. 04628270482 which, in agreement with Sectigo, sells the Sectigo SSL Certificate service to the Customer;
- “Sectigo”: Sectigo Limited, a limited company incorporated under the laws of England and Wales, with registered number 04058690 and registered offices at 26 Office Village, 3rd Floor, Exchange Quay, Trafford Road, Salford, Manchester M5 3EQ, United Kingdom;
- "Customer": the person requesting the Service from Register. The Customer may be the same as the Subscriber, if the latter requests the Service for its own benefit, or may not be the same as the Subscriber, if the Customer requests the Service to be activated for the benefit of one or more Subscribers other than the Customer;
- “Subscriber”: any natural or legal person identified in a certificate issued by Sectigo;
- “Agreement": Register's GCS, this Service Order ("SO"), the Offer and the documents attached thereto and the documents referred to therein ("Annexes") which, taken together, constitute the rules governing the relations between the parties;
- Annexes: the documents forming an integral part of this Agreement, including the "Certificate Subscriber Agreement" and other contractual documentation prepared by Sectigo Limited relating to the Service, available in the "Legal" section of the Sectigo website at https://sectigo.com/legal.


3 - Conclusion of the Agreement and activation of the Service
3.1 Sending of the Order by the Customer to Register implies full acceptance of the Agreement and its Annexes by the Customer.

3.2 The Customer acknowledges and accepts, and declares to make the Subscriber aware of and to have the Subscriber accept and enforce the contractual documentation relating to the Service purchased, including the documentation prepared by Sectigo Limited, available in the "Legal" section of the Sectigo website at https://sectigo.com/legal , as an integral and substantive part of this Agreement.

3.3 The Certificate covered by this service is an SSL Certificate, used to support SSL/TLS sessions between a web browser and a web server using encryption. Upon receipt by Register of the necessary payment and completion of the activation procedures required for the selected Certificate, Register shall contact Sectigo to process the Certificate Request containing the Certificate Signing Request (hereinafter "CSR") in the format specified by the CA. If the Certificate Request is approved by Sectigo, Sectigo shall issue a Certificate of Use to the Subscriber. After obtaining the Certificate, the Subscriber shall review the information contained therein and promptly notify Sectigo of any errors. Upon receipt of such notification, Sectigo may revoke the Certificate and issue the correct Certificate.

3.4 The Customer and the Subscriber declare that they have duly read and understood the features, functionalities and methods of use of the Service, in accordance with the provisions of this Agreement, of the further Annexes and of current legislation.

3.5 The Customer and the Subscriber are, in any case, responsible for the truthfulness, correctness, completeness and updating of the information communicated to Register and Sectigo regarding the Service.



4. CSR (Certificate Signing Request) generation tool
4.1 If, optionally, the Customer decides to use the CSR (Certificate Signing Request) generation tool provided by Register, it undertakes, under its sole responsibility, to save the CSR (Certificate Signing Request) and the relating private key obtained through the tool on its own media and to safely store it. Any violation of the private key may not be attributable to Register.

4.2 Register informs the Customer that under no circumstances shall it save, even temporarily, the information generated by this tool on its systems. The Customer may therefore not contact Register to retrieve the CSR (Certificate Signing Request) and the relating private key.

4.3 The foregoing will also apply if the Customer subscribes exclusively to the CSR (Certificate Signing Request) generation tool provided by Register, offered by the latter as a stand-alone service. In the latter case, the other articles of this SO will apply in any case, except if objectively incompatible, and in particular Articles 3, 5, 6, 7 and 8 of this SO. The General Conditions of Service (hereinafter "CGS") published on the Register website (https://www.register.it/company/legal/) and the commercial offer relating only to the CSR generation service will also apply. Certificate Signing Request) provided by Register and published online on the website https://www.register.it will form an integral part of these conditions ("Commercial Offer").



5. Duration of service
This Agreement shall be effective until expiration of the Certificate, according to the term indicated in the public Offer, or its early revocation.


6. Consideration and renewal of the Service.
6.1 The Consideration for the provision of the Service requested is the amount indicated in the Offer. The provision of the Service is deemed to have been agreed from the time of payment of the Service consideration by means indicated in the Offer. The renewal price shall be the list price applied by Register at the time of the Customer's request and resulting from the control panel.

6.2 Renewal at expiration may be automatic or manual.

6.2.1 Expiration with automatic renewal:
In the case of expiration with automatic renewal and credit card payment, the consideration referred to in the following paragraph “Consideration and Payments" shall be charged, within the established time limits and under the conditions existing at the time of renewal, as indicated in the control panel, directly by Register on the Customer's credit card, upon communication by e-mail. If it is not possible for Register to make such a charge, the agreement may not be automatically renewed and shall be considered as having expired within the established time limit. In such a case, the Customer may renew the Service by following the manual renewal procedure.
In the case of expiration with automatic renewal and payment by a system other than credit card, 20 days before expiration, Register shall proceed, after notice by email, to renew and send the invoice to the Customer, which shall be paid within the time limit provided therein. The invoice and related payment instructions shall be sent by ordinary mail to the address stored in the files at the time of ordering. In the event that the Customer does not proceed with the payment within the established time limits, Register may interrupt the provision of the Service at any time, subject to the provisions of art. 6 of the GCS.

6.2.2 Expiration with manual renewal:
In the case of expiration with manual renewal, the Customer may ask Register, through the online procedure made available by Register, to renew the Service with this SO for further and subsequent periods within the time limits that will appear on the Customer's control panel and at the technical and economic conditions in force at the time of renewal of the Service and executing the renewal procedure. In the event of non-renewal, in the forms and within the time limits indicated above, upon expiration, the Service will cease to be provided and this SO will cease to produce its effects by law, without need for any communication by Register.


7. Protection of personal data and Confidentiality.
Once the service has been purchased or renewed, the Client is required to activate the certificate by accessing the control panel and filling in the appropriate form in order to proceed with the issuing of the requested certificate.

When renewing the certificate, the Client may decide to use the CSR obtained during the activation phase and stored by Register, or choose to continue with the generation of a new CSR and the relative private key.

In the first case, Register will continue to retain the CSR obtained by the Client during the activation phase until the next renewal unless the Client, at this stage, decides to provide a new CSR. Otherwise, Register will continue to store the CSR until the next renewal. In the second case, where the Client decides to issue a new CSR and a new private key for the renewal of the certificate, Register will delete the CSR previously obtained from the Client from its systems and will only keep the newly provided CSR.

The data processing is carried out by Register as data controller and is aimed at pursuing a legitimate interest of Register, pursuant to Article 6(1)(f) of EU Regulation 679/2016 (GDPR). In particular, Register has the legitimate interest to improve the quality of the activation and renewal service of the SSL Certificates of its clients, which, thanks to the retention of the CSR by Register, allows for a fast renewal process.

In any case, the provision of the Client's data through the generation or transmission of the CSR is optional, but if such data is not provided it will not be possible to proceed with the activation or renewal of the certificate. The data provided by the Client for the purpose of issuing the certificate will be disclosed to Sectigo Limited., as autonomous data controller, in order to execute the contract between the Client and Register. The Client has the right to access his/her data in accordance with Art. 15 of the GDPR, to request the restriction of data processing in the cases provided for in Art. 18 of the GDPR, and to lodge a complaint with the competent supervisory authority pursuant to Art. 77 of the GDPR. Since the CSR is composed of codes generated automatically by the generation tool referred to in point 4.1), it should be noted that in practice it is not possible to request the correction or deletion of the CSR itself, except by generating a new CSR using the same tool. The Client may formulate a request to object to the processing of their data pursuant to Art. 21 of the GDPR in which the reasons for the objection to processing are provided. The Data Controller shall in any case reserve the right to assess the Client's request. Requests to Register must be made in writing to dpo@dada.eu.


8 Disclaimers and limitations of liability
8.1 Register undertakes to provide the Service in compliance with the provisions of this Agreement and the Annexes thereto, and accepts no liability other than that expressly set forth herein.

8.2 To the fullest extent permitted by law, Register offers no implied or express warranty, including without limitation, no warranty of merchantability, fitness for a particular purpose, of satisfaction of the Customer's or Subscriber's requests, of non-infringement of rights, non-interruption of supply, lack of errors or any other warranty that may arise from the performance of the Agreement, from commercial practices or from negotiations relating to the Service.

8.3 The Customer takes on all responsibility in relation to the Orders sent to Register and undertakes, to the fullest extent permitted by law, to indemnify and hold Register harmless from any claim, cost, penalty, towards third parties, including the competent judicial authorities, relating to or in any way connected with the performance of this Agreement and/or breach, by the former or the Subscriber, of the obligations, representations and warranties set forth in this Agreement.

8.4 Specific disclaimers and limitations of liability

8.4.1 The Subscriber and the Customer agree to indemnify and hold Register and Sectigo harmless, as well as their directors, shareholders, officers, agents, employees, successors and assigns from each and every claim, legal action, proceeding, sentence, damage and cost (including any reasonable fees or legal costs) of third parties arising from: (i) breach of any warranty, representation and obligation in accordance with this Agreement, (ii) false or misleading declarations made in the Certificate Request, (iii) any violation of an intellectual property right of any person or entity in the information or content provided by the User, (iv) failure to disclose material facts in the Certificate Request if the false declaration or omission was carried out in negligence or with the intent to deceive one of the parties or (v) failure to protect the private key or failure to use a reliable system, or failure to adopt precautionary measures to prevent the compromise, loss, disclosure, modification or unauthorized use of the private key in accordance with the terms of this Agreement.

8.4.2 Application of warranties. The Subscriber and the Customer acknowledge that the warranty of the entrusting party is only for the benefit of the entrusting parties. The Subscriber and the Customer have no rights under the warranty, including any right to enforce the terms of the warranty or to file a claim under the warranty.

8.4.3 Disclaimer of warranty. Register offers no implied or express warranty, including without limitation, no warranty of merchantability, fitness for a particular purpose, of satisfaction of the Customer's requests, of non-infringement of rights, non-interruption of supply, lack of errors or any other warranty that may arise from the performance of the Agreement, from commercial practices or from negotiations relating to the Service.

8.4.4. Limitation of liability. SUBJECT TO SECTION 8.4.5. THE FULL LIABILITY OF SECTIGO AND REGISTER AND THEIR AFFILIATES AND ANY OF THEIR OFFICERS, DIRECTORS, PARTNERS, EMPLOYEES AND CONTRACTORS, RESULTING FROM OR RELATED TO THIS AGREEMENT, IS LIMITED TO THE AMOUNT PAID BY THE CUSTOMER OR SUBSCRIBER FOR THE SERVICES OFFERED. LIABILITY. THE CUSTOMER AND THE SUBSCRIBER WAIVE THEIR LIABILITY FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGE. THIS WAIVER INCLUDES ALL DAMAGES FOR LOSS OF PROFITS, REVENUE, USE OR DATA AND APPLIES EVEN IF SECTIGO OR REGISTER ARE AWARE OF THE POSSIBILITY OF SUCH DAMAGES. These limitations shall apply to the fullest extent permitted by law regardless of 1) the cause or nature of the liability, including claims, 2) the number of any claims, 3) the extent or nature of the damages, and 4) any other provisions of this Agreement have been violated or shown to be ineffective.

8.4.5. Exceptions. Nothing in this Agreement shall exclude or limit the liability of either party for death or personal injury resulting from negligence of that party or for any fraudulent misrepresentation by either party.