Terms & Conditions
CAD Rooms (the service) Terms & Conditions - These Terms and Conditions (the “T&Cs”) constitute the binding contract between you (the “User”) and CAD Rooms ApS (the ”Company”) (“CAD ApS”, “we”, “us”) in relation to signing up with and using the platform CAD Rooms (the service) (the “CAD Rooms (the Platform)”), including any and all content, features, services, and applications therein provided by the Company through the CAD Rooms (the Platform), including use through the installed Desktop App on any operating system.
If the User is acting on behalf of a legal entity, the User represents and warrants that they are authorized to conclude an agreement and to enter into these T&Cs with the Company in the name and on behalf of that legal entity. Please read these T&Cs carefully before signing up with and using the CAD Rooms (the Platform). By accessing or using the CAD Rooms (the Platform), you agree to be bound by these T&Cs.
1. Definitions
CAD Rooms ApS: CAD ApS (the company), the holder and operator of CAD Rooms.
CAD Rooms (the Platform): The online environment for CAD Rooms, corresponding to the website, Desktop App, and services provided under the relevant domain.
User: Any person or legal entity who registers to use CAD Rooms, including professionals, companies, and other entities focused on private collaboration around product data, engineering, and manufacturing.
Content: Any type of material uploaded by Users to the CAD Rooms (the Platform), including designs, comments, links, documents, or data.
Team: A registered profile created by a User for a team under a brand or entity to manage, collaborate, and privately share Content.
Private Project: A repository for private Content shared within a closed group of Users, without public accessibility.
Sync: The process of syncing local folders with the cloud or local servers, applicable for local and enterprise installations of CAD Rooms (the Platform).
2. Acceptance of T&Cs By signing up for and using CAD Rooms (the Platform), the User agrees to be legally bound by these T&Cs. These T&Cs may be updated and/or modified by the Company at any time at its sole discretion in accordance with clause 18 below. The T&Cs apply to all Users, whether acting on behalf of a legal entity or as individuals.
3. Registration and Admissibility The User must register to use the features and services offered by CAD ApS. Registration requires the provision of accurate and complete information, including a Username, email address, and password. The User must keep this information up to date at all times. The use of the CAD Rooms (the Platform) is restricted to individuals who are at least 18 years old. Users registering on behalf of a legal entity represent and warrant that they are authorized to do so, and may be required to submit documentation to prove this authority.
The User is solely responsible for maintaining the confidentiality of their registration information, including their password. Any activities that occur under the User’s account are their responsibility. The User is prohibited from transferring or assigning their account to any third party without the Company’s prior written consent.
4. Third Parties’ Personal Data Provided by Users If the User provides personal data belonging to third parties, the User undertakes to ensure that the communication of such data to the Company and subsequent data processing in accordance with our Privacy Policy will occur in compliance with the applicable Privacy Law. The User must ensure that (i) such third parties have been duly informed, (ii) have been provided with a copy of our Privacy Policy, and (iii) have given their consent, if applicable law requires so.
5. Activity CAD Rooms (the service) is a Software-as-a-Service (SaaS) platform designed for professionals and organizations focused on private product innovation, collaboration, and product data management. CAD Rooms (the service) offers secure spaces for companies and teams to collaborate on their designs, engineering data, and manufacturing processes in a private manner. CAD Rooms (the service) does not offer for sale any goods or services between Users. Its sole purpose is to provide a secure and private environment for product innovation and collaboration, with no public access to the projects, content, or interactions occurring within the CAD Rooms (the Platform).
6. CAD Rooms (the service) Content and IP Rights The CAD Rooms (the Platform), its software, configuration, structure, and any proprietary Content (“CAD ApS Content”) are owned by CAD ApS or its licensors. Users are strictly prohibited from copying, reproducing, distributing, modifying, decompiling, reverse engineering, or otherwise exploiting the CAD Rooms (the Platform) or any CAD ApS Content, except as expressly permitted by the Company in writing. All intellectual property rights, including copyrights, patents, trademarks, trade secrets, and other proprietary rights, remain the exclusive property of the Company and its licensors.
The User shall not remove, alter, or obscure any proprietary notices or labels on the CAD Rooms (the Platform). Any use of the Company’s trademarks, logos, or other proprietary materials without prior written consent is strictly prohibited.
7. Users’ Content and IP Rights Users retain ownership of all intellectual property rights in the Content they upload or share on CAD Rooms (the Platform). By uploading Content to CAD Rooms (the Platform), the User grants the Company a limited, non-exclusive, transferable, sub-licensable, royalty-free license to use, store, display, reproduce, and modify such Content solely for the purpose of operating, providing, and improving the CAD Rooms (the Platform).
The User represents and warrants that they have all the necessary rights and permissions to upload, share, or collaborate on the Content within CAD Rooms (the Platform). The Company does not control or monitor Users’ Content; therefore, the User is solely responsible for ensuring that their Content does not infringe any third-party rights, including intellectual property rights. The Company disclaims any liability for any infringement or unlawful use of third-party rights by Users.
8. Services CAD Rooms (the service) provides subscription-based services for creating and managing private workspaces, controlling access to Content, and facilitating private collaboration around product data, engineering, and manufacturing. The services offered are intended for professional and commercial use. Users can manage permissions to control who can access or view the Content they upload to their private workspaces. CAD Rooms (the service) also offers the ability to sync local folders with cloud storage or local servers for Enterprise clients.
9. Paid Services: Subscriptions, Fees, and Payments CAD Rooms (the service) offers services through subscription fees, which may be billed on a monthly or annual basis. Users will be required to provide payment information, and all payments will be processed via a third-party Payment Processor. The Pricing Page, available on our website, forms part of these T&Cs, and may be updated from time to time at the Company’s discretion. The User is responsible for ensuring that their payment details are accurate and up to date. Users may be charged additional fees, including taxes, where applicable.
All payments are subject to the terms and conditions of the Payment Processor, and the Company is not responsible for any issues that arise during the payment process, including errors made by the Payment Processor.
10. Third-Party Services The CAD Rooms (the Platform) may include integrations or links to third-party services, which are provided solely for the convenience of Users. The Company does not endorse, control, or assume responsibility for these third-party services, their content, or their privacy practices. Users access third-party services at their own risk.
11. User Conduct Users agree to use CAD Rooms (the service) responsibly and lawfully. Users shall not:
Upload or share Content that is unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, invasive of another’s privacy, hateful, or racially, ethnically, or otherwise objectionable.
Infringe upon any intellectual property rights, including patents, trademarks, trade secrets, copyrights, or other proprietary rights.
Engage in any activity that disrupts or interferes with the CAD Rooms (the Platform) or its servers, networks, or infrastructure.
Attempt to gain unauthorized access to any part of the CAD Rooms (the Platform), other Users’ accounts, or any systems or networks connected to the Company.
Use CAD Rooms (the service) for any illegal or unauthorized purpose, including transmitting viruses, malware, or other harmful code.
Impersonate any person or entity, or falsely state or otherwise misrepresent their affiliation with a person or entity.
The Customer may not make copies of the CAD Rooms (the service) beyond the extent expressly permitted by applicable law or the Users’ Content. Nor may the Customer publish, distribute or otherwise make the CAD Rooms (the service) publicly available for others to copy.
The Company) reserves the right to investigate and take appropriate legal action against anyone who violates these provisions, including removing the offending Content and terminating the User’s account.
12. Confidentiality All Content uploaded to CAD Rooms (the service) is treated as confidential. The company) implements technical and organizational measures to protect the confidentiality and security of User Content. However, Users are responsible for managing access permissions within their private workspaces and ensuring that their Content is shared only with authorized individuals.
13. Termination The company may suspend or terminate a User’s access to CAD Rooms (the service) at any time, with or without notice, for any reason, including but not limited to a violation of these T&Cs. Upon termination, the User’s Content may be deleted permanently without further notice. The User acknowledges that certain provisions of these T&Cs, including intellectual property rights, warranty disclaimers, and limitations of liability, shall survive termination.
14. Disclaimer The CAD Rooms (the Platform), including any Content, features, and services provided therein, is provided on an “AS IS” and “AS AVAILABLE” basis, without any express or implied representations or warranties, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, and title. The Company does not warrant that the CAD Rooms (the Platform) will be secure, error-free, or available at all times.
The Company disclaims liability for any loss or damage arising from User interactions or reliance on any Content available through CAD Rooms (the Platform) and (the Service). Users are solely responsible for ensuring that their use of the CAD Rooms (the Platform) is lawful and that their Content is accurate and does not violate any laws or rights.
15. Indemnification The User agrees to indemnify, defend, and hold harmless the Company, its affiliates, and each of their respective officers, directors, employees, contractors, and agents from all claims, damages, liabilities, costs, and expenses (including legal fees) arising out of or in connection with:
The User’s access to or use of the CAD Rooms (the Platform) and services provided therein.
Any breach of these T&Cs by the User.
The infringement of third-party rights, including intellectual property rights, by the User or any Content uploaded by the User.
16. Limitation of Liability To the maximum extent permitted by applicable law, under no circumstances shall the Company, its affiliates, licensors, or suppliers be liable for any indirect, incidental, consequential, special, or punitive damages, including loss of profits, loss of revenue, loss of data, or business interruption, arising out of or in connection with the use or inability to use the CAD Rooms (the Platform) or the services provided therein, whether based on warranty, contract, tort, or any other legal theory.
The Company under no circumstances is liable to the User or any other person or company for any damage, be it directly or indirectly caused by instability or failure of the CAD Rooms (the Platform).
The Company cannot be held responsible for the availability, security or functionality of third-party solutions, including possible damage and/or possible loss caused by third party solutions. It is the responsibility of the User to prove that a loss suffered by the User cannot be attributed to third-party solutions.
The Company’s total liability to the User shall not exceed the greater of (i) the total amount paid by the User for the services during the twelve (12) months preceding the event giving rise to the claim or (ii) one hundred (100) euros.
17. Applicable Law and Jurisdiction These T&Cs and any disputes arising out of or in connection with them shall be governed by and construed in accordance with the laws of Denmark, without regard to its conflict of laws principles. Any disputes shall be exclusively resolved by the competent courts of Denmark, except where mandatory applicable law provides otherwise.
18. Modification of T&Cs The Company reserves the right to modify or replace any part of these T&Cs at its sole discretion. The Company will inform Users of any material modifications by posting a notice on the CAD Rooms (the Platform)’s homepage and, for registered Users, by email or through the User’s account. The User’s continued use of CAD Rooms (the service) after the effective date of such modifications shall constitute acceptance of those modifications. Users who do not accept modifications must cease all use of the CAD Rooms (the Platform).
19. Cancellation of Subscriptions Users may cancel their subscriptions by contacting the Company at [insert email]. No refunds will be provided for any unused portion of a subscription term. Upon termination or cancellation, the User will have a period of seventy-two (72) hours to download any files from their private projects. After this period, access to those private projects will be permanently disabled. In certain cases, upon written request, the Company may extend the download period at its sole discretion.
20. Language The English version of these T&Cs shall be the prevailing version in the event of any inconsistency between the English version and any translation provided for convenience purposes.
21. Privacy
Confidentiality of personal data is a significant part of our cooperation with customers. Read our policy on how we process and secure your personal data here: https://cadrooms.com/privacy.
The processing of personal data on behalf of our customers is governed by our standard Data Processing Agreement, attached hereto as Appendix 1.
22. Renunciation If the Company at any time fails or neglects to invoke any provision of these Terms & Conditions, this shall not be construed as a waiver of the Company’s rights under these Terms & Conditions and shall in no way, in whole or in part, affect the validity of the Terms & Conditions and shall not affect the Company’s right to take subsequent action.
23. Contacts CAD Rooms ApS is a registered company under the laws of Denmark, with registered office Sandbjergvej 49, DK-2950 Vedbæk, Denmark with CVR number 45499499. You may contact the Company at the aforesaid address or by email at support@cadrooms.com.
As per our compliance with EU regulations, any consumer Users that are residents in the EU also have at their disposition the Online Dispute Resolution platform to file a complaint or unresolved problem regarding our service. The European Online Dispute Resolution (ODR) platform is provided by the European Commission to make online shopping safer and fairer through access to quality dispute resolution tools.
Appendix I - Data Processing Agreement
Data Processing Agreement
For the purposes of Article 28(3) of Regulation 2016/679 (the GDPR)
between
[insert: customer name]
[insert: business registration no.]
[insert: address]
[insert: postcode and city]
[insert: country]
(the “Data Controller”)
and
CAD Rooms ApS
Business registration (CVR) no. 45499499
Sandbjergvej 49
2950 Vedbæk
Denmark
(the “Data Processor”)
each a ‘party’; together ‘the parties’
have agreed on the following Contractual Clauses (the “Clauses”) in order to meet the requirements of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and to ensure the protection of the rights of the data subject.
PREAMBLE
These Contractual Clauses (the “Clauses”) set out the rights and obligations of the Data Controller and the Data Processor, when processing personal data on behalf of the Data Controller.
The Clauses have been designed to ensure the parties’ compliance with article 28(3) of the GDPR.
Appendix A and B are attached to the Clauses and form an integral part of the Clauses.
Appendix A contains details about the processing of personal data, including the purpose and nature of the processing, type of personal data, categories of data subject and duration of the processing.
Appendix B contains the Data Controller’s conditions for the Data Processor’s use of sub-processors and a list of sub-processors authorised by the Data Controller.
THE RIGHTS AND OBLIGATIONS OF THE DATA CONTROLLER
The Data Controller is responsible for ensuring that the processing of personal data takes place in compliance with the GDPR, the applicable EU or Member State data protection provisions and the Clauses.
The Data Controller has the right and obligation to make decisions about the purposes and means of the processing of personal data.
The Data Controller shall be responsible, among other, for ensuring that the processing of personal data, which the Data Processor is instructed to perform, has a legal basis.
THE DATA PROCESSOR ACTS ACCORDING TO INSTRUCTIONS
The Data Processor shall process personal data only on instructions from the Data Controller, unless required to do so by Union or Member State law to which the processor is subject. Such instructions shall be specified in appendix A. Subsequent instructions can also be given by the Data Controller throughout the duration of the processing of personal data, but such instructions shall always be documented and kept in writing, including electronically, in connection with the Clauses.
The Data Processor shall immediately inform the Data Controller if instructions given by the Data Controller, in the opinion of the Data Processor, contravene the GDPR or the applicable EU or Member State data protection provisions.
CONFIDENTIALITY
The Data Processor shall only grant access to the personal data being processed on behalf of the Data Controller to persons under the Data Processor’s authority who have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality and only on a need-to-know basis. The list of persons to whom access has been granted shall be kept under periodic review. On the basis of this review, such access to personal data can be withdrawn, if access is no longer necessary, and personal data shall consequently not be accessible anymore to those persons.
The Data Processor shall at the request of the Data Controller demonstrate that the concerned persons under the Data Processor’s authority are subject to the abovementioned confidentiality.
SECURITY OF PROCESSING
GDPR article 32 stipulates that, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Data Controller and Data Processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
The Data Controller shall evaluate the risks to the rights and freedoms of natural persons inherent in the processing and implement measures to mitigate those risks. Depending on their relevance, the measures may include the following:
Pseudonymisation and encryption of personal data;
the ability to ensure ongoing confidentiality, integrity, availability and resilience of processing systems and services;
the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and
a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
According to GDPR article 32, the Data Processor shall also – independently from the Data Controller – evaluate the risks to the rights and freedoms of natural persons inherent in the processing and implement measures to mitigate those risks. To this effect, the Data Controller shall provide the Data Processor with all information necessary to identify and evaluate such risks.
Furthermore, the Data Processor shall assist the Data Controller in ensuring compliance with the Data Controller’s obligations pursuant to GDPR article 32, by inter alia providing the Data Controller with information concerning the technical and organisational measures already implemented by the Data Processor pursuant to GDPR article 32 along with all other information necessary for the Data Controller to comply with the Data Controller’s obligation under GDPR article 32.
USE OF SUB-PROCESSORS
The Data Processor shall meet the requirements specified in GDPR Article 28(2) and (4) in order to engage another processor (a sub-processor).
The Data Processor has the Data Controller’s general authorisation for the engagement of sub-processors. The Data Processor shall inform in writing the Data Controller of any intended changes concerning the addition or replacement of sub-processors at least 14 days in advance, thereby giving the Data Controller the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s). Longer time periods of prior notice for specific sub-processing services can be provided in Appendix B. The list of sub-processors already authorised by the Data Controller can be found in Appendix B.
Where the Data Processor engages a sub-processor for carrying out specific processing activities on behalf of the Data Controller, the same data protection obligations as set out in the Clauses shall be imposed on that sub-processor by way of a contract or other legal act under EU or Member State law, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the Clauses and the GDPR.
The Data Processor shall therefore be responsible for requiring that the sub-processor at least complies with the obligations to which the Data Processor is subject pursuant to the Clauses and the GDPR.
TRANSFER OF DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS
Any transfer of personal data to third countries or international organisations by the Data Processor shall only occur on the basis of documented instructions from the Data Controller and shall always take place in compliance with GDPR Chapter V.
ASSISTANCE TO THE DATA CONTROLLER
Taking into account the nature of the processing, the Data Processor shall assist the Data Controller by appropriate technical and organisational measures, insofar as this is possible, in the fulfilment of the Data Controller’s obligations to respond to requests for exercising the data subject’s rights laid down in GDPR Chapter III.
The Data Processor shall, furthermore, taking into account the nature of the processing and the information available to the Data Processor, assist the Data Controller in ensuring compliance with:
The Data Controller’s obligation to without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the competent supervisory authority, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons;
the Data Controller’s obligation to without undue delay communicate the personal data breach to the data subject, when the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons;
the Data Controller’s obligation to carry out an assessment of the impact of the envisaged processing operations on the protection of personal data (a data protection impact assessment); and
the Data Controller’s obligation to consult the competent supervisory authority, prior to processing where a data protection impact assessment indicates that the processing would result in a high risk in the absence of measures taken by the Data Controller to mitigate the risk.
NOTIFICATION OF PERSONAL DATA BREACH
In case of any personal data breach, the Data Processor shall, without undue delay after having become aware of it, notify the Data Controller of the personal data breach.
The Data Processor shall assist the Data Controller in notifying the personal data breach to the competent supervisory authority, meaning that the Data Processor is required to assist in obtaining the information listed below which, pursuant to GDPR Article 33(3), shall be stated in the Data Controller’s notification to the competent supervisory authority.
ERASURE AND RETURN OF DATA
On termination of the provision of personal data processing services, the Data Processor shall be under obligation to return all the personal data to the Data Controller and delete existing copies unless Union or Member State law requires storage of the personal data.
AUDIT AND INSPECTION
The Data Processor shall make available to the Data Controller all information necessary to demonstrate compliance with the obligations laid down in GDPR Article 28 and the Clauses and allow for and contribute to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller.
COMMENCEMENT AND TERMINATION
The Clauses shall become effective on the date of both parties’ agreement of the Terms and Conditions.
The Clauses shall apply for the duration of the provision of personal data processing services. For the duration of the provision of personal data processing services, the Clauses cannot be terminated unless other Clauses governing the provision of personal data processing services have been agreed between the parties.
APPENDIX A - INFORMATION ABOUT THE PROCESSING
A.1. The purpose of the Data Processor’s processing of personal data on behalf of the Data Controller is:
[insert description of the purpose of processing]
A.2. The Data Processor’s processing of personal data on behalf of the Data Controller shall mainly pertain to (the nature of the processing):
[describe the nature of the processing]
A.3. The processing includes the following types of personal data about data subjects:
[describe the type of personal data being processed]
A.4. Processing includes the following categories of data subject:
[describe category of data subjects]
A.5. The Data Processor’s processing of personal data on behalf of the Data Controller may be performed when the Clauses commence. Processing has the following duration:
[describe the duration of the processing]
APPENDIX B - AUTHORISED SUB-PROCESSORS
B.1. Approved sub-processors
On commencement of the Clauses, the Data Controller authorises the engagement of the following sub-processors:
NAME | CVR | ADDRESS | DESCRIPTION OF PROCESSING |
---|---|---|---|