Legal
Legal Notice and Terms
On this page: Legal Notice · Website Terms of Use · General Terms of Service
Legal Notice · IX is powered by ISEGRIM X AG
IX is a brand of ISEGRIM X AG, a stock corporation (Aktiengesellschaft) headquartered in Germany. ISEGRIM X AG contracts US clients directly; there is no separate US entity.
United States (contact)
ISEGRIM X AG101 Montgomery Street, Suite 1900
San Francisco, CA 94104
USA
Phone: +1 415 248 7808
Email: ix@isegrim-x.com
Germany (registered seat)
ISEGRIM X AGIttenhauser Strasse 10
88048 Friedrichshafen
Germany
Phone: +49 160 90624216
Email: ix@isegrim-x.com
Register details
Commercial Register: HRB 741723
Register Court: Ulm, Germany
VAT Identification Number (§27a UStG): DE341171629
Authorized representative: Alexander Fuerst (CEO)
Disclaimer of Liability
The content provided on this website is for informational purposes only and does not constitute legal, compliance, or professional advice. While we strive to provide accurate and up-to-date information, users should consult with qualified professionals for authoritative guidance.
We make no warranties or representations about the accuracy, completeness, or reliability of any content on this website. Use of any information provided is at the user's own risk.
AI-Generated Content
IX uses artificial intelligence to produce deliverables and provide information. All AI-generated content is reviewed by qualified professionals before delivery. However, AI-generated content should not be treated as a substitute for professional judgment. Users are responsible for reviewing and validating all deliverables for their specific context.
Intellectual Property
All content, design, and materials on this website are the property of ISEGRIM X AG unless otherwise noted. Reproduction, distribution, or use of any content without prior written consent is prohibited.
“ISO” and “IEC” are trademarks of the International Organization for Standardization and the International Electrotechnical Commission, respectively. “CMMC” is a trademark of the U.S. Department of Defense. “TISAX” is a registered trademark of the ENX Association. “SOC 2” refers to a report defined by the American Institute of Certified Public Accountants (AICPA). All trademarks remain the property of their respective owners. IX is not affiliated with, endorsed by, or officially associated with any of these organizations.
Website Terms of Use
1. Scope
These Terms of Use govern the use of this website operated by ISEGRIM X AG ("IX"). They do not govern the provision of consulting or certification readiness services; engagements with IX are governed exclusively by the individual offer and IX's General Terms of Service.
2. Informational Content Only
The content of this website is provided for general information. It does not constitute legal, compliance, or security advice, and it does not create an advisory or contractual relationship. Certification, label, attestation, and assessment decisions are made exclusively by independent certification bodies, assessment providers, or auditors; nothing on this website promises or guarantees such a decision.
3. Readiness Check Submissions
Submitting the readiness check form does not create a contract. It is a request for contact. IX reviews submissions and responds as stated on the confirmation page. Any engagement requires a separate offer and its acceptance.
4. Intellectual Property
All content of this website, including text, structure, graphics, and design, is protected by copyright and other intellectual property rights of IX or its licensors. TISAX is a registered trademark of the ENX Association; use of the trademark on this website does not imply endorsement. Reproduction beyond statutory limits requires IX's prior consent in text form.
5. Acceptable Use
Users may not disrupt the operation of the website, attempt unauthorized access to systems or data, or use the website's forms to transmit unlawful, misleading, or malicious content, including automated mass submissions.
6. Third-Party Links and Analytics
The website may contain links to third-party websites, for whose content the respective operators are responsible. Information on analytics, cookies, and identifiers used on this website is provided in the Privacy Policy.
7. Liability for Website Content
IX provides this website with reasonable care but does not warrant that the website is uninterrupted, error-free, or that its informational content is complete or current at all times. IX's liability in connection with the use of this website is limited to intent and gross negligence, except for injury to life, body, or health and other cases of mandatory statutory liability.
8. Changes
IX may amend these Terms of Use with effect for the future; the version published on this website applies.
9. Governing Law
These Terms of Use are governed by the laws of the Federal Republic of Germany, excluding its conflict-of-law rules. Mandatory rights under the law of the user's jurisdiction remain unaffected.
General Terms of Service
General Terms of Service of ISEGRIM X AG (v1.0). These Terms apply to business clients only (B2B); ISEGRIM X AG is the sole contracting entity. English language, German law.
1. Scope and Applicability
1.1 These General Terms of Service ("Terms") govern all consulting, certification readiness, and related professional services ("Services") provided by ISEGRIM X AG, a stock corporation under German law with its registered seat in Germany ("IX"), to its clients.
1.2 IX provides Services exclusively to entrepreneurs within the meaning of Section 14 of the German Civil Code (BGB), legal entities under public law, or special funds under public law. IX does not contract with consumers.
1.3 The contractual relationship consists of, in descending order of precedence: (a) the individual offer, statement of work, or order confirmation ("Offer"), (b) these Terms. Deviating, conflicting, or supplementary terms of the client do not apply, even where IX performs Services without expressly objecting to them, unless IX has agreed to them in writing.
1.4 These Terms apply to all current and future engagements between IX and the client without the need for renewed reference.
2. Nature of the Services
2.1 IX provides certification and assessment readiness services, including for TISAX assessments, ISO/IEC 27001 certification, SOC 2 examinations, CMMC assessments, and comparable frameworks, as specified in the Offer.
2.2 IX's contractual obligation is the professional performance of the Services and, where the Offer so specifies, the delivery of defined work results, directed at achieving audit or assessment readiness on the scope defined in the Offer. Certification, label, attestation, or assessment decisions are made exclusively by independent certification bodies, assessment providers, or auditors. IX does not owe, promise, or guarantee the granting of any certificate, label, or attestation, and no statement by IX shall be construed as such a promise.
2.3 IX performs the Services with the care of a prudent professional and in accordance with the current state of practice in information security management at the time of performance.
3. Offers and Conclusion of Contract
3.1 Offers by IX are valid for 30 days from their date unless the Offer states otherwise.
3.2 A contract is concluded upon the client's acceptance of the Offer in text form (Section 126b BGB, including email), or upon IX's order confirmation, whichever occurs first.
3.3 Fixed prices apply only where the Offer expressly designates a fixed price. All other Services are provided on the basis stated in the Offer.
4. The IX Readiness Commitment
4.1 Where the Offer expressly designates a Service as a fixed-price readiness engagement including the IX Readiness Commitment, the following applies in addition to the other provisions of these Terms.
4.2 IX commits to achieving the readiness result defined in the Offer (the "Readiness Result") at the fixed price stated in the Offer. All professional fees of IX required to achieve the Readiness Result on the scope defined in the Offer are included in the fixed price, irrespective of the effort or duration actually required.
4.3 The commitment under Section 4.2 applies provided that (a) the client fulfills its cooperation obligations under Section 5, and (b) the scope remains as defined in the Offer; scope changes are governed exclusively by Section 7 and may adjust the fixed price only by agreement.
4.4 Timelines stated in the Offer for fixed-price readiness engagements are planning dates, not binding deadlines, unless expressly designated as binding (Section 8.1). Delays, from whatever cause, do not affect the fixed price under Section 4.2.
4.5 If the engagement cannot progress for a continuous period of 3 months for reasons within the client's sphere, despite a reminder in text form setting a reasonable grace period, IX may terminate the engagement for good cause (Section 15.2); Section 15.3 applies to the fees.
4.6 The IX Readiness Commitment does not extend to the certification, label, or assessment decision itself (Section 2.2), nor to expenses of third parties (certification body fees, assessment fees, travel expenses), which remain payable as agreed.
5. Client Obligations and Cooperation
5.1 The Services depend on the client's cooperation. The client shall, at its own expense and without separate remuneration: (a) make the decisions required for the engagement without undue delay; (b) provide complete and accurate information, documentation, and facts relevant to the scope; (c) provide access to premises, systems, personnel, and records as reasonably required; (d) implement the measures allocated to the client in the project plan or deliverables; (e) designate a single authorized point of contact with decision-making authority.
5.2 Unless the Offer states otherwise, the client shall respond to requests, drafts, and deliverables requiring the client's input or approval within 5 business days.
5.3 If the client fails to fulfill cooperation obligations, agreed timelines and planning dates extend accordingly. IX may charge additional demonstrable effort caused by the client's delay at the rates stated in the Offer or, absent such rates, at IX's standard rates. Statutory rights of IX under Sections 642, 643 BGB remain unaffected.
6. Fees, Expenses, and Payment
6.1 Fees are as stated in the Offer. Fixed prices cover the scope defined in the Offer and nothing else.
6.2 Unless the Offer states otherwise, invoicing is as follows: (a) readiness and scope check engagements and evidence roadmap engagements are invoiced in full upon commencement; (b) fixed-price readiness build engagements are invoiced 50 percent of the fixed price upon commencement, 25 percent upon delivery of the documentation stack defined in the Offer, and 25 percent upon delivery of the Readiness Result.
6.3 Third-party fees and expenses (including certification body and assessment provider fees) are not included in IX's fees unless the Offer expressly includes them. Necessary travel expenses are charged as stated in the Offer.
6.4 Invoices are due net within 14 days of receipt. In case of default, statutory default interest under Section 288 BGB applies. All fees are net of applicable VAT and any withholding or similar taxes, which are borne by the client where legally permissible.
6.5 The client may set off only undisputed or finally adjudicated claims, and may exercise retention rights only for claims from the same contractual relationship.
7. Change Requests
7.1 Either party may propose changes to the scope. IX will assess the impact on fees, timeline, and, where applicable, the fixed price, and provide a change offer. Changes become binding only upon agreement in text form.
7.2 IX may reject changes that are not feasible or that would materially alter the character of the engagement.
8. Timelines, Delays, Force Majeure
8.1 Dates and periods are binding only where expressly designated as binding in the Offer.
8.2 In fixed-price readiness engagements including the IX Readiness Commitment, Section 4 governs the relationship between timelines and the fixed price.
8.3 Neither party is responsible for delays caused by events beyond its reasonable control (force majeure), including labor disputes, acts of public authorities, epidemics, war, sabotage, and failures of public infrastructure. Affected timelines extend by the duration of the event plus a reasonable restart period.
9. Deliverables, Review, and Approval
9.1 IX provides deliverables in the form and format stated in the Offer.
9.2 The client shall review deliverables submitted for approval and declare approval or specify deficiencies in text form within 5 business days of submission. If the client does neither, IX may set a further period of 5 business days by reminder in text form referencing the consequence of this Section 9.2; upon expiry of the reminder period without specified deficiencies, the deliverable is deemed approved.
9.3 IX will remedy duly specified deficiencies attributable to IX within a reasonable period at no additional charge.
10. Intellectual Property
10.1 Upon full payment of the fees due for the respective deliverable, the client receives a non-exclusive, perpetual, worldwide right to use the deliverables for its internal business purposes, including for certification, assessment, and audit processes and towards its customers, auditors, and regulators.
10.2 Methods, templates, tools, software, know-how, and materials of IX existing prior to or developed independently of the engagement remain the exclusive property of IX. Where embedded in deliverables, they are licensed to the extent of Section 10.1.
10.3 Materials provided by the client remain the client's property. The client grants IX the right to use them to the extent required for the Services and warrants it is entitled to provide them.
11. Confidentiality
11.1 Each party shall treat as confidential all information of the other party designated as confidential or recognizable as confidential by its nature, use it only for the purposes of the engagement, and protect it with at least the care applied to its own comparable information.
11.2 The obligation does not apply to information that is or becomes public without breach, was lawfully known before disclosure, is lawfully received from third parties, or must be disclosed by law or authority order; in the latter case the disclosing party will, where legally permissible, inform the other party in advance.
11.3 The confidentiality obligations survive the end of the engagement for 5 years; for trade secrets within the meaning of the German Trade Secrets Act (GeschGehG), for as long as they remain trade secrets.
12. Data Protection, Regional Delivery, Controlled Data
12.1 Each party complies with applicable data protection law. Where IX processes personal data on behalf of the client, the parties will conclude a data processing agreement pursuant to Article 28 GDPR before processing begins.
12.2 Where the Offer designates an engagement for delivery on US infrastructure, IX performs the project work and stores project data on infrastructure located in the United States, as further specified in the Offer. Absent such designation, IX delivers from its European operations.
12.3 The client is responsible for identifying, before transfer to IX, any data subject to export control or comparable regimes (including ITAR, EAR, and Controlled Unclassified Information in the CMMC context) and for informing IX of applicable handling requirements. IX will only handle such data within the environment and under the requirements agreed in the Offer.
13. Subcontractors and Partners
13.1 IX may engage vetted subcontractors and delivery partners, including partners located in the client's region where the Offer so specifies. IX remains responsible for their performance as for its own.
13.2 IX imposes confidentiality obligations consistent with Section 11 on subcontractors with access to client information.
14. Warranty and Liability
14.1 IX warrants performance of the Services with professional care (Section 2.3). Section 9.3 governs the remedy of deficiencies in deliverables.
14.2 IX is liable without limitation for damage caused by intent or gross negligence, for injury to life, body, or health, under the German Product Liability Act, and under any guarantee expressly designated as such.
14.3 For slight negligence, IX is liable only for the breach of material contractual obligations (obligations whose fulfillment enables the proper performance of the contract in the first place and on whose fulfillment the client regularly relies), and limited to the foreseeable damage typical for this type of contract.
14.4 In the cases of Section 14.3, IX's aggregate liability per engagement is limited to the total fees payable under the respective Offer.
14.5 Liability for indirect and consequential damage, lost profits, and loss of business is excluded in the cases of Section 14.3.
14.6 The client's claims under this Section 14 become time-barred 12 months after the statutory commencement of the limitation period, except in the cases of Section 14.2.
14.7 For the avoidance of doubt: the refusal, revocation, or conditioning of a certificate, label, or attestation by a certification body, assessment provider, or auditor does not in itself constitute a defect of the Services or a damage caused by IX (Section 2.2).
15. Term and Termination
15.1 Fixed-scope engagements end upon delivery of the agreed results. Engagements for ongoing services (including the provision of an external Information Security Officer) have the term stated in the Offer.
15.2 The right to terminate for good cause remains unaffected. Good cause for IX includes the client's default on a not insignificant part of the fees despite reminder, and a material breach of Section 5 that persists despite a warning and reasonable grace period.
15.3 If the client terminates a fixed-price engagement for convenience (Section 648 BGB where applicable), IX is entitled to the fees for Services performed and demonstrable expenses incurred until termination, plus the agreed remuneration for the remaining scope less saved expenses; the parties may agree a specific arrangement for this in the Offer.
16. References and Publicity
16.1 IX may name the client as a reference, describe the engagement, or publish results only with the client's prior consent in text form. Agreed anonymized case descriptions require that the client is not identifiable.
17. Final Provisions
17.1 These Terms and all engagements are governed by the laws of the Federal Republic of Germany, excluding the UN Convention on Contracts for the International Sale of Goods (CISG) and the conflict-of-law rules.
17.2 Exclusive place of jurisdiction for all disputes is the registered seat of IX, where the client is a merchant, a legal entity under public law, or a special fund under public law.
17.3 These Terms are drawn up in English. Where a German version exists, the English version prevails for engagements concluded in English.
17.4 Amendments and side agreements must be in text form; this also applies to the amendment of this text-form requirement.
17.5 Should individual provisions be or become invalid, the validity of the remaining provisions remains unaffected.
17.6 The client may assign rights and obligations under the engagement only with IX's prior consent in text form; Section 354a of the German Commercial Code (HGB) remains unaffected.