Terms of Service (Terms)

1. Introductory provisions and contracting parties

These Terms of Service (the "Terms") govern the legal relationship between:

Provider:
Jan Malatinský
Company ID: 19152361
Registered seat: Jasmínová 2241/12, Mizerov, 733 01 Karviná, Czech Republic
Tax ID (VAT): CZ19152361 (VAT-exempt under § 6 of Act No. 235/2004 Coll. — see Art. 7)
Email: [email protected]
Not registered in the commercial register — a natural person doing business under the Trade Licensing Act. On request we'll set up a data box for clients who prefer delivery via a data box.

Client: a natural or legal person who concludes a contract with the Provider for the provision of the DataNostro service under the conditions set out in these Terms.

The Terms are governed by Act No. 89/2012 Coll., the Civil Code, as amended (the "CC"). For Clients who are consumers within the meaning of § 419 CC, the provisions on consumer contracts (§ 1810 et seq. CC) and Act No. 634/1992 Coll. on consumer protection also apply.

2. Definitions

• Service — managed hosting of server-side Google Tag Manager (sGTM) containers on the Provider's infrastructure, further described in Art. 4.
• Plan — a variant of the Service with a defined scope (number of requests, number of containers, level of support) and price, published on the Pricing page.
• Account — the Client's user account created after completing registration at datanostro.com.
• Container — a single sGTM instance running in an isolated environment for the Client's domain.
• Request — a single HTTP/HTTPS request processed by the Container (pageview, event, conversion). The counter is deducted from the Plan's monthly limit.
• Consumer — a natural person concluding the contract outside the scope of their business activity.
• Business — a person concluding the contract in the course of their business activity.
• SLA — Service Level Agreement, the contractually guaranteed availability of the Service (Art. 11).

3. Conclusion of the contract

1. The Client submits a proposal to conclude the contract by sending the registration form, selecting a Plan, and actively confirming these Terms and the Privacy Policy.
2. The contract is concluded at the moment the Provider's confirmation email is delivered to the Client (acceptance of the proposal).
3. The Client must provide true and complete details. For businesses, this includes the company ID and VAT ID. Knowingly providing false details is grounds for immediate termination of the contract by the Provider.
4. One Account belongs to one entity. Sharing an Account among multiple entities (e.g. by an agency for multiple clients) is possible only on a Plan that expressly allows sharing, or via the client accounts feature.
5. The Provider reserves the right to refuse registration, in particular where there is suspicion of misuse of the Service for illegal purposes, where the registering person is on an EU/US sanctions list, or where the same applicant has previously seriously breached the Terms.

4. Subject and description of the Service

For the duration of the contract, the Provider undertakes to provide:

• Operation and management of the sGTM Container for the Client's domain on infrastructure in the EU (Hetzner Cloud, Germany).
• Issuance and renewal of the TLS/SSL certificate (Let's Encrypt) for the Client's domain.
• Availability monitoring, automatic updates of the runtime environment (sGTM, OS, security patches).
• Technical support to the extent of the chosen Plan — answering questions on business days, resolving incidents.
• Access to the admin interface (dashboard) for managing domains, containers, billing, and users.
• A record of the monthly request volume, ad-hoc data quality reports, incident monitoring.

The Service is not: configuring specific tags and triggers in the Client's GTM (that is done by the Client or their supplier), creating a tracking strategy, analytics consulting beyond setting up the Container, nor a guarantee that tags configured by the Client will work as they envision. These activities are offered separately as part of DataNostro Care and are subject to a separate contract.

5. Plans and changing your Plan

• The current Plans, their contents, and prices are listed on the Pricing page. That page is an integral part of these Terms.
• The Client may upgrade to a higher Plan at any time during the contract. The change takes effect immediately. The price is recalculated pro rata for the remaining days of the billing period.
• A downgrade to a lower Plan takes effect from the next billing period. The amount prepaid for the higher Plan is not refunded (except for the consumer right under Art. 14).
• The Provider reserves the right to change the Pricing. Changes will be announced to the Client by email and on the website at least 30 days before they take effect. If the Client doesn't agree with the change, they have the right to terminate the contract as of the change's effective date (Art. 13).

6. Limits and overage

• Each Plan includes a monthly limit on the number of Requests. The current limit and the overage rate are stated in the Pricing.
• When the limit is exceeded, the Service keeps running (the Provider doesn't suspend it automatically), but the Provider charges an overage fee per the Pricing for every completed 100,000 Requests over the limit.
• If the Client activates the "Smart Pause" feature in the dashboard (suspend the Service when the limit is reached), the Container stops serving Requests after exceeding 100% of the limit and resumes at the start of the next billing period or on a manual Plan upgrade.
• The Client acknowledges that Request measurement is accurate to > 99% (scanners, bot traffic, transient DDoS attempts may not be filtered out perfectly). Complaints about individual Requests are not accepted. Only the total monthly balance can be disputed, if it deviates from the actual volume by more than 10%.

7. Prices, VAT, and billing

• All prices are stated in Czech koruna (CZK) excluding VAT. The Provider is currently VAT-exempt under § 6 of Act No. 235/2004 Coll. on value added tax (the Client doesn't pay VAT and has no right to deduct it). If the Provider becomes VAT-registered during the contract, it will notify the Client and, from the next billing period, will charge VAT at the statutory rate.
• Billing is done monthly in advance, always on the first day of the new billing period. The annual plan is billed once and provides the discount stated in the Pricing.
• Invoices are due 14 days from the issue date.
• Accepted payment methods: bank transfer (a CZK account held at Česká spořitelna / Fio banka), payment card, Apple Pay, and Google Pay via the Comgate payment gateway (operated by ComGate Payments, a.s., company ID 27924505).
• If payment is more than 14 days overdue, the Provider sends an automatic reminder. If it's more than 30 days overdue, the Service may be temporarily suspended (the Container stops serving Requests but isn't deleted). If it's more than 60 days overdue, the Provider has the right to terminate the contract and delete the Client's data after a further 30 days — see Art. 13.
• The Provider is entitled to charge statutory default interest under Government Regulation No. 351/2013 Coll.

8. Discount codes and campaigns

• A discount code can be applied only once per Account and only to the extent stated in the code's conditions (typically the first 3 billing periods, or one annual cycle).
• Discount codes cannot be stacked or combined with other discounts or promotions unless the code's conditions expressly state otherwise.
• The Provider reserves the right to end the validity of a specific code at any time (with already-activated codes remaining valid for the rest of their originally agreed period).

9. Duration of the contract

• The contract is concluded for an indefinite term, with a minimum duration of one billing period per the chosen Plan (typically 1 month, or 12 months for an annual plan).
• The contract automatically renews for another billing period unless one party gives the other notice of termination by the end of the current billing period at the latest.
• Before each automatic renewal of an annual plan, the Provider sends the Client an email notice about the upcoming renewal, at least 14 days before the end of the current period.

10. Trial period

• A new Client is entitled to a 14-day free trial with the full functionality of the STARTER plan. The trial begins at the moment registration is completed.
• During the trial, the Client is charged no consideration and may terminate the contract at any time without penalty and without giving a reason (Article 13).
• If the Client doesn't activate a paid Plan by the end of the trial, the Service is automatically deactivated and the contract terminates with no further obligations on either side.

11. SLA — Service Level Agreement

The Provider guarantees the monthly availability of the Service (the Container) and measures it with independent external monitoring and an internal health-check system.

• FREE plan: no guaranteed availability, provided „best-effort\
• Guaranteed availability for the STARTER, PRO, BUSINESS Plans: 99.9% monthly (max ~43 minutes of unplanned downtime per month).
• Guaranteed availability for the ENTERPRISE Plan: 99.95% monthly (max ~22 minutes).
• Scheduled maintenance (max. 4 hours per month, announced at least 48 hours in advance) is not counted in the availability calculation.
• Outages caused by third parties (Cloudflare, Hetzner, the Client's domain registrar, the Client's DNS provider) are not counted, unless they were caused by the Provider's choice.
• Outages caused by the Client (incorrect tag configuration, exhausting the limit, late payment, deleting a DNS record) are not counted.
• Beta / preview features expressly marked as beta or experimental are excluded from the SLA calculation and provided „as-is\
• The SLA is calculated only for the hot-path tracking ingest endpoint (/t/collect/, /t/c/) and the sGTM container. Secondary interfaces (dashboard, billing, statistics, API documentation) are excluded from measurement — their outage does not give rise to an SLA credit.

If the guaranteed availability is not met, the Client becomes entitled to the following credit, applicable against the next invoice:

• 99.0% – 99.9%: a credit of 10% of the monthly payment for the Plan
• 95.0% – 99.0%: a credit of 25% of the monthly payment
• below 95.0%: a credit of 50% of the monthly payment

Automatic credit, no request needed. If the Provider measures availability below the guaranteed level for the Plan in a given calendar month, it issues a credit note automatically within 5 working days of the month's end and applies the credit against the next invoice — without the Client having to request the credit or open a ticket. The Client receives an email notice with the calculation details (minutes of downtime, components affected, credit in CZK).

If the Provider's and Client's measurements document a difference, the Client may, within 30 days of the month's end, send an independent monitoring trace (Pingdom, UptimeRobot, Better Stack, etc.) to [email protected] with a request for recalculation — we'll resolve it within 5 working days. The credit does not roll over to the next billing period if it cannot be applied against a future invoice, and cannot be paid out in cash — the exception being termination of the contract, where an unused credit is refunded pro rata.

The current historical availability is publicly available at datanostro.com/status/.

12. Client's rights and obligations

The Client undertakes to:

• Use the Service in accordance with these Terms, the law, and good morals.
• Comply with the Acceptable Use Policy (AUP).
• Ensure valid consent to cookies / tracking on their websites to the extent required by Act No. 127/2005 Coll. (the Electronic Communications Act) and the GDPR.
• Be the responsible controller of the personal data of the end users of their websites (the Provider is only a processor in this relationship — see the DPA).
• Ensure the correct configuration of their domain's DNS records to route traffic to the Container.
• Protect their Account access credentials (password, API keys). On suspicion of compromise, immediately change the password and notify the Provider.
• Truthfully report any changes to billing details (company ID, registered seat, VAT status) no later than 7 days after they take effect.

In particular, the Client must not:

• Use the Service to send spam, phishing, distribute malware, or other content that breaks the law.
• Load the Provider's infrastructure in a way that disrupts operation for other Clients (DDoS, abnormal traffic patterns).
• Attempt to bypass security mechanisms or gain unauthorized access to the Provider's admin interface or to other Clients' data.
• Use the Service as a proxy for routing third-party traffic that falsely claims to be the domain owner.

On breach of these obligations, the Provider is entitled to suspend the Service even without prior notice and, in the case of a serious breach, to terminate the contract immediately (Art. 13). The cost of restoring the Service after a suspension for a breach is borne by the Client.

13. Termination of the contract

13.1 Termination by the Client

• The Client may terminate the contract at any time from the admin interface (dashboard → Settings → Cancel account) or by email to [email protected].
• Termination takes effect at the end of the current billing period. Prepaid fees for the remaining part of the period are not refunded (except for the consumer right under Art. 14).
• For an annual plan, termination applies to the next renewal — the already-paid year runs to its end.

13.2 Termination by the Provider

• Standard termination: a 30-day notice period running from the first day of the calendar month following delivery of the notice by email.
• Immediate termination with no notice period in the case of a serious breach of the Terms by the Client (in particular Art. 12), or payment more than 60 days overdue, or where the Client provided false details at registration.
• If the Provider terminates the contract through no fault of the Client (e.g. ceasing business, technical reasons), it refunds the Client the pro-rata part of the prepaid fees for the unused period.

13.3 What happens after termination

• The Container stops serving Requests at the moment termination takes effect.
• The configuration, statistics, API keys, and other operational data are archived for a further 30 days — during this time the Client may request reactivation or a data export (CSV / JSON via the dashboard or API).
• After the 30-day period elapses, all operational data is irreversibly deleted from the primary databases. Accounting records (invoices, contractual documents, the audit log of financial transactions) are retained by the Provider for 10 years under Act No. 563/1991 Coll., on Accounting — see Privacy Policy.

14. Special consumer rights (B2C)

This article applies exclusively to Clients who are consumers within the meaning of § 419 CC (natural persons concluding the contract outside the scope of their business activity). The rights below are provided in addition to Art. 13.

14.1 The right to withdraw from the contract within 14 days

Under § 1829 CC, a consumer has the right to withdraw from the contract without giving a reason within 14 days of the date the contract was concluded. The deadline is met if the consumer sends the notice of withdrawal on the last day of the period.

Notice of withdrawal can be sent by email to [email protected] or by post to the Provider's registered seat. A sample form to download: Complaints Policy.

In the case of withdrawal, the Provider refunds the Consumer all funds already paid within 14 days of receiving the withdrawal, in the same way the payment was made, unless agreed otherwise.

14.2 Exception — consent to commence performance

If the Consumer expressly requests that the Service begin before the 14-day period elapses (typically by activating a paid Plan during the trial), the Consumer is obliged, in the event of subsequent withdrawal, to pay the pro-rata part of the price for the days the Service was actually used. Having paid for 1 month of STARTER (CZK 349) and used 5 of 30 days, the Consumer would pay 5/30 × CZK 349 ≈ CZK 58; the rest is refunded.

14.3 Out-of-court dispute resolution

In the case of a dispute that can't be resolved by agreement, the Consumer has the right to turn to the Czech Trade Inspection Authority (ČOI) with a proposal to initiate out-of-court dispute resolution (ADR) under Act No. 634/1992 Coll. Address: Czech Trade Inspection Authority, Štěpánská 567/15, 120 00 Prague 2, web www.coi.cz, online form adr.coi.cz.

The Consumer can also use the online dispute resolution platform set up by the European Commission at ec.europa.eu/consumers/odr.

15. Claims for defects of the Service

The complaint procedure, deadlines, and the Client's rights in the case of defects in the provision of the Service are governed by the separate Complaints Policy, which is an integral part of these Terms.

16. Personal data protection and confidentiality

• The processing of personal data is governed by the Privacy Policy.
• If the Client processes the personal data of the end users of their websites via the Service, the Client is the controller of that data and the Provider is the processor. The relationship is governed by the separate Data Processing Agreement (DPA), which is concluded automatically together with this contract and is an integral part of it.
• The parties undertake to keep confidential all confidential information of the other party that they obtain in connection with performing the contract. The duty of confidentiality continues for 5 years after the contract ends.

17. Intellectual property

• Software, designs, documentation, training materials, and other materials created by the Provider remain its property. The Client obtains a non-exclusive, non-transferable right to use the Service for the duration of the contract to the extent of the chosen Plan.
• The configuration of tags, triggers, and the Client's own data in the Container are the exclusive property of the Client. The Provider will not use them for any purpose other than what is necessary to operate the Service and to meet legal obligations.
• The Client grants the Provider a limited, revocable right to process the data necessary to operate the Service (load balancing, anti-fraud, aggregated metrics for billing purposes).
• Prohibition of reverse engineering and cloning: neither the Client nor anyone they give access to the Service may (i) decompile, disassemble, reverse-analyze, or otherwise attempt to derive the source code or architectural principles of the Service; (ii) use knowledge gained while using the Service to create, offer, or distribute a competing product with comparable functionality; (iii) systematically copy the API structure, database schema, endpoint names, or error-message format. The exception is reverse engineering permitted by law for interoperability purposes (§ 66 of the Copyright Act) — the Client undertakes to inform the Provider of such an intent in advance.
• Customer reference / logo: the Provider is entitled to display the Client's business name and logo on its website (the "Our clients" section), in marketing materials, and in case studies in a neutral tone describing the subject of the cooperation, for the duration of the contract. The Client may revoke this right at any time by written notice to [email protected]; the Provider will ensure removal within 30 days. A detailed case study (numbers, screenshots) always requires the Client's prior written consent.

18. Force majeure

Neither party is liable for failing to perform its obligations due to force majeure events, i.e. extraordinary, unforeseeable, unavoidable circumstances beyond its control — in particular natural disasters, war, sanctions, power outages at the data processing center lasting > 24 h, outages of backbone internet nodes or cloud providers (Hetzner, Cloudflare) lasting > 4 h, or extraordinary legislation. The party affected by such an event informs the other immediately, as soon as possible.

For the duration of force majeure, performance of the affected obligations is suspended and neither party is entitled to penalties or an SLA credit. If the event lasts more than 60 days, either party may terminate the contract with immediate effect.

19. Limitation of liability

• The Provider provides the Service "as-is" within the agreed parameters. It does not guarantee that the Service will meet every specific requirement of the Client beyond the description in Art. 4, nor that it will be error-free or uninterrupted beyond the SLA under Art. 11.
• The Provider is not liable for damages caused by incorrect configuration of tags, triggers, or variables in the GTM interface by the Client or a third party acting on the Client's behalf.
• The Provider is not liable for outages or changes in third-party services (Google Analytics, Meta Pixel, Sklik, TikTok Pixel, Apple ITP, Google Consent Mode, the Client's domain registrar).
• The Provider is not liable for interruptions to the Service caused by force majeure, the performance of scheduled maintenance under Art. 11, or the intervention of a public authority.
• Contractual liability cap: the Provider's aggregate liability for any damages, lost profit, indirect damages, reputational harm, or data loss from any cause related to this contract is limited to the amount of fees actually paid by the Client over the last 12 months (or since the contract was concluded, if less). The limitation does not apply to damages caused intentionally or by gross negligence, as set out in § 2898 CC.
• Exclusion of indirect damages: in particular, the Provider is not liable for lost profit, loss of expected turnover, loss of business opportunities, loss of goodwill, data loss beyond the SLA credit under Art. 11, or damages arising from the Client's incorrect marketing decisions made on the basis of data processed by the Service. These categories of damage are categorically excluded to the maximum extent permitted by § 2898 CC.
• Time limit for asserting claims: any claim arising from the contract must be asserted in writing with the Provider within 90 days at the latest from the day the Client became aware, or could have become aware with ordinary care, of the claim arising. After this period the claim lapses. This time limit is in accordance with § 630 CC and applies to all claims except those where the law does not permit it (e.g. a consumer complaint under Art. 14).
• Data backup — Client's responsibility: the Service does not include a guarantee of data backup on the Client's side. The Provider takes daily database backups for disaster recovery purposes, but not as a substitute for the Client's backup strategy. The Client is responsible for regularly exporting their data from the dashboard (the "Export ZIP" feature) and keeping the export outside the Provider's infrastructure. The Provider is not liable for data loss caused by the Client's gross negligence (leaving the export only within the Service, deleting data via the API, incorrect API key rotation).
• Beta / preview features: any feature expressly marked as „beta\", „preview\", „alpha\", or „experimental\" is provided with no guarantee of functionality, availability, or continuity. The Provider is entitled to change or remove such a feature at any time. The SLA does not apply to these features and the Client has no right to compensation for damages caused by their unavailability or malfunction.

19a. Client representations and indemnification

The Client represents and warrants that:

• it has a proper legal basis, obtained in accordance with the GDPR (in particular Art. 6(1)), for processing the personal data it processes via the Service (consent, legitimate interest, performance of a contract, or another ground).
• it has implemented a functional, end-user-visible consent collection system (a CMP — Consent Management Platform) and Consent Mode v2, where relevant to its data.
• it has published a current privacy policy on its own website naming DataNostro as its processor (sub-processor), where it processes personal data in the European Economic Area.
• it does not send through the Service categories of data whose processing is not covered by a legal basis (in particular sensitive personal data under Art. 9 GDPR — health data, biometrics, sexual orientation — without explicit consent).
• it keeps valid and current billing details and notifies the Provider of changes no later than 14 days before the due date of the nearest invoice.

Indemnification: the Client undertakes to indemnify the Provider and restore it to its position before the harm arose in the event of any claim, lawsuit, proceeding, or fine (including reasonable legal representation costs) raised by a third party (in particular a data subject, the ÚOOÚ supervisory authority or another EU regulator, or a platform such as Google, Meta, TikTok, etc.), where the claim arose as a result of:

• a breach of the Client's representations or warranties above;
• a breach by the Client of the AUP or the terms of third-party providers (Google Tag Manager Terms, Meta Business Tools Terms, etc.);
• an infringement of a third party's copyright, trademark, trade secret, or other intellectual property rights in content the Client sent through the Service;
• illegal content (illegal, offensive, or deceptive advertising) sent by the Client or on its behalf via the Service.

The Provider must inform the Client of an asserted claim without delay (within 5 working days of receiving it), allow the Client to participate in the defense, and not enter into a settlement without the Client's consent (unless such a settlement is required by a regulator in the urgent interest of protecting data subjects).

20. Assignment of the contract and change of contracting party

• The Client may not assign the contract or any part of it to a third party without the Provider's prior written consent.
• The Provider is entitled to transfer the contract to a successor company (e.g. on converting from a sole trader to an Ltd., or selling the business) — it informs the Client of the transfer by email at least 30 days in advance. If the Client doesn't agree with the transfer, they have the right to terminate the contract as of the transfer date.

21. Changes to the Terms

The Provider reserves the right to amend the Terms unilaterally. Changes to the Terms must be notified to the Client by email to the address held in their Account, at least 30 days before the change takes effect. At the same time, the new version of the Terms is published on the website with the effective date marked.

If the Client doesn't agree with the proposed change, they may terminate the contract no later than the change's effective date. If the Client doesn't terminate the contract in that time and continues to use the Service after it takes effect, this is deemed acceptance of the new Terms.

Changes of a legal nature (bringing the Terms into line with a GDPR amendment, a change to the VAT rate, correcting typographical errors) take effect immediately and do not give the Client a right to terminate.

22. Governing law and dispute resolution

• The contract and these Terms are governed by the law of the Czech Republic, in particular Act No. 89/2012 Coll. (the Civil Code) and Act No. 480/2004 Coll. (on certain information society services).
• The parties undertake to resolve disputes primarily by agreement. If no agreement is reached, the materially and locally competent court in the Czech Republic has jurisdiction to resolve disputes.
• For disputes with businesses (B2B), the locally competent Regional Court in Ostrava is agreed, where a regional court has material jurisdiction.
• For disputes with consumers, § 87(1) of Act No. 99/1963 Coll. applies (the general court of the defendant) and the ADR option described in Art. 14.3.

23. Survival of provisions after termination

Termination of the contract for any reason does not affect those provisions of the Terms whose nature or express wording presupposes their continuation after the contractual relationship ends. In particular, the following survive:

• Art. 7 (Prices, VAT, and billing) — the obligation to pay fees already invoiced,
• Art. 16 (Personal data protection and confidentiality) — the duty of confidentiality for 5 years after termination,
• Art. 17 (Intellectual property) — in particular the prohibition of reverse engineering and cloning,
• Art. 19 (Limitation of liability) — including the time limit for asserting claims and the contractual compensation cap,
• Art. 19a (Indemnification) — for claims arising from facts during the term of the contract,
• Art. 22 (Governing law and dispute resolution).

The DPA and its provisions on the return/erasure of personal data (Art. 11 DPA) survive until the relevant obligations are fulfilled; Art. 6 DPA (confidentiality) survives indefinitely.

24. Final provisions

• If any provision of these Terms becomes invalid, ineffective, or unenforceable, the remaining provisions remain in force. The parties undertake to replace the invalid provision with one that comes closest to its economic purpose.
• Communication between the parties takes place primarily by email to the addresses listed in the Account. The Client is responsible for keeping their email address up to date.
• For formal legal acts (termination, withdrawal, asserting a claim, demands for performance), registered post with a delivery receipt to the registered seat of the other party is permitted alongside email. An email sent to the registered address is deemed delivered on the third working day after sending, unless evidence of earlier delivery is provided.
• The Client acknowledges that these Terms are part of the contract and, by concluding the contract, confirms that they have read them in full, understood them, and agree to them.
• These Terms supersede all previous versions. Contracts concluded before this version took effect are governed by the version valid on the day of conclusion until they are automatically renewed.