[1.1] Use of Cookies
Our website uses cookies and similar technologies to enhance functionality, analyze website traffic, deliver targeted advertisements, and improve your browsing experience. Some cookies are necessary for the basic operation of the site, while others require your consent.

[1.2] Types of Cookies We Use
We use the following categories of cookies:

• Essential cookies – Required for core website functionality such as login, security, and navigation.
• Analytics cookies – Help us understand how visitors interact with our website (e.g., Google Analytics).
• Marketing cookies – Used to deliver relevant advertisements based on your interests (e.g., Facebook Pixel, Google Ads).
• Functionality cookies – Remember your preferences, such as language and region.

[1.3] Consent and Control
When you visit our site for the first time, a cookie banner will request your consent for non-essential cookies. You can update or withdraw your consent at any time through the banner or your browser settings.

You may also adjust your browser to block or delete cookies. However, disabling certain cookies may affect site functionality.

[1.4] Third-Party Cookies
We may allow trusted third parties (such as advertising partners or analytics providers) to place cookies on your device. These providers may use cookies for their own purposes in accordance with their privacy policies.

You can review or manage third-party cookies directly via your browser settings or ad settings provided by platforms like Google or Facebook.

[1.5] More Information
For details about how we process personal data, please review our Privacy Policy.

[1. Introduction]
This Privacy Policy explains how RojIT AB ("RojIT", "we", "us", or "our") collects, processes, stores, and protects your personal data when you use our services, visit our website, or interact with our systems.

We are committed to processing your personal data lawfully, fairly, and transparently, in accordance with the EU General Data Protection Regulation (GDPR) and other applicable privacy legislation.

For data processing performed as part of our services, RojIT acts as a Data Processor. The Customer (you or your organization) is the Data Controller.

[2. Data We Collect]
We may collect and process the following types of personal data:

• Full name
• Contact details (email address, phone number, mailing address)
• Billing and payment information
• Login details (username, IP address, access logs)
• Support tickets and communication records
• Domain registration data
• Technical identifiers (browser version, cookies, usage logs)

[3. How We Use Your Data]
We use your personal data for the following purposes:

• To provide and manage the services you purchase
• To process payments and invoicing
• To deliver support and service-related communications
• To manage your account and ensure service security
• To comply with legal obligations (e.g., financial reporting, tax)
• To detect and prevent abuse, fraud, or security threats
• For internal performance monitoring and service optimization

We never sell your data to third parties.

[4. Legal Basis for Processing]
We process your personal data based on one or more of the following legal bases:

• Contractual necessity – to provide the services you request
• Legal obligation – to comply with laws and regulations
• Legitimate interests – to secure and improve our services
• Consent – where explicitly required (e.g., marketing communications)

[5. Subprocessors and Third Parties]
We may share your data with approved subprocessors necessary for delivering our services (e.g., domain registrars, payment providers, infrastructure vendors).
All subprocessors are bound by data protection agreements to ensure GDPR compliance.

[6. International Transfers]
If we transfer your data outside the EU/EEA, we ensure appropriate safeguards are in place.

[7. Data Security]
We implement industry-standard technical and organizational security measures to protect your data from unauthorized access, loss, or disclosure. These include:

• Access controls and encryption
• Intrusion detection and logging
• Data minimization and pseudonymization practices
• Regular risk and vulnerability assessments

More information is provided in our Data Processing Agreement (Appendix A).

[8. Data Subject Rights]
You have the right to:

• Access your personal data
• Rectify incorrect or incomplete data
• Request erasure (“right to be forgotten”)
• Data portability (receive a copy in a structured format)
• Withdraw consent where applicable

Requests can be made by contacting us.

[9. Data Retention]
We retain personal data to fulfill the purposes outlined in this policy, or as required by law (e.g., accounting rules).

[10. Cookies]
We use cookies to personalize your experience, analyze traffic, and support essential service functionality. For details, see our full Cookie Statement.

[11. Changes to This Policy]
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings.

The most recent version will always be available on our website at https://www.rojit.com/legal.
The subscriber is responsible for periodically reviewing this page to stay informed of any updates.

12. Contact Information
For all privacy-related questions or requests, please contact:

RojIT AB
Org. No: 559457-7941
Nibblevägen 8C, 177 36
Stockholm, Sweden
📧 [email protected]
🌐 https://www.rojit.com/legal

[3.1 Acceptable Use]
Our servers must not be used for illegal activities, including but not limited to:

• Hosting malware or phishing sites
• Distributing copyrighted materials without authorization
• Engaging in spam or DDoS attacks
• Storing, sharing, or distributing pornographic content, including child abuse material or other unlawful content
• Engaging in or supporting cryptocurrency mining
• Hosting or promoting terrorism, terrorist organizations, or activities linked to such groups

[3.2 Resource Usage]
Clients must use server resources within the limits defined by their hosting plans. Excessive or abusive use may result in service limitations, additional fees, or suspension.

[3.3 Data Backup]
While RojIT performs regular backups, clients are solely responsible for maintaining their own up-to-date backups to prevent potential data loss.

[3.4 Server Maintenance]
Scheduled maintenance will be announced in advance whenever possible. Emergency maintenance may occur without notice to maintain service integrity and security.

[3.5 Suspension and Termination]
We reserve the right to suspend or terminate access to our servers in the event of any violation of these policies, including but not limited to illegal use, unauthorized mining, or hosting prohibited content.

[3.6 Security Responsibility]
Clients are responsible for securing their own systems, including regularly updating software, securing login credentials, and preventing unauthorized access.

[3.7 Personal Data Hosting]
Clients are responsible for any personal data stored or processed on our servers and must ensure full compliance with applicable data protection laws, including the GDPR. See our Data Processing Agreement for more details.

[3.8 Backup Limitations]
Backups are provided as a courtesy. RojIT does not guarantee data recoverability. Clients should maintain independent backups for critical data.

[3.9 Abuse and Monitoring]
RojIT may monitor server activity for abuse detection, security, and legal compliance. We may take investigative or preventive actions including service suspension where necessary.

[1.1 Scope of Agreement]
These Terms of Service ("Terms") establish the relationship between you, the Client, and RojIT AB, a Swedish corporation with registration number [insert number], hereinafter referred to as “RojIT.” These Terms apply to the services you have ordered or used (the “Service”).

The Service encompasses any product or solution provided directly by RojIT or through its partners or service providers. This includes, but is not limited to:

• Web hosting
• Domain name registration
• DNS services
• API access
• Virtual private servers (VPS)
• Dedicated servers hosted in third-party data centers
• SSL certificates
• Email services
• Software licenses
• Support services
• Other related or future offerings available through RojIT’s platform

[2.1 Description of the Service]
The specific features, limitations, and components of the Service are defined in the individual order confirmation, invoice, or product specification provided at the time of purchase. The scope of the Service may vary depending on the plan you selected, additional options, or third-party services included in your order.

[2.2 Modifications to the Service]
RojIT reserves the right to modify the scope, functionality, or content of the Service or to discontinue all or parts of it if such changes are necessary for technical, operational, legal, or regulatory reasons. This includes but is not limited to, decisions or directives issued by public authorities or applicable law.

In the event of a material change that significantly impacts the Client’s use of the Service, the Client has the right to terminate the Agreement without penalty, subject to the applicable notice periods and conditions outlined in these Terms.

[2.3 Support Services]
During the subscription period, RojIT will provide technical and customer support for the Service via email, ticket, or through documentation and resources available on RojIT’s website.

Response and resolution times may vary, especially if the issue involves a third-party service provider. RojIT may refer the Client to the relevant provider’s support channels in such cases. RojIT’s ability to assist may be limited by the third party’s availability and policies.

[2.4 Data Sharing with Third Parties]
Client data may be shared with third-party service providers when necessary for the proper delivery, functionality, or maintenance of the Service. All such processing and transfers follow applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

RojIT ensures that any third party involved in processing personal data on its behalf is bound by appropriate data processing agreements and confidentiality obligations.

[2.5 Domain Name Ownership and Management]
All domain names registered through RojIT are registered in the Client’s name and are the Client's property. However, RojIT reserves the right to be listed as the domain name's administrative, technical, and/or billing contact, where necessary, to ensure proper management, support, or compliance with registry requirements.

The Client retains full ownership and control of the domain name, subject to the terms and conditions of the relevant domain registry.

[2.6 DNSSEC and Domain Security]
RojIT reserves the right to enable DNSSEC (Domain Name System Security Extensions) for all domain names registered through RojIT on behalf of the Client to enhance security and prevent DNS spoofing.

If the Client does not wish to use DNSSEC, it can be manually deactivated at any time through the Client Panel or by contacting RojIT support.

[2.7 Eligibility]
To be eligible to order and use the Service, the Client must be at least 18 years of age and have the legal capacity to enter into binding agreements under applicable law.

[3.1 Term and Termination of the Agreement]
The Service is provided for the duration the Client selects at the time of order, with a maximum term of 36 months, starting from the date RojIT issues the order confirmation.

After the agreed period has expired, the Agreement will continue on a rolling basis and may be terminated by the Client with one (1) month’s written notice unless otherwise specified.

The Service automatically expires at the end of the registration period for domain name registrations unless the Client proactively renews the domain before its expiration.

Suppose the Agreement was entered into remotely (e.g., online). In that case, the Client has the right to withdraw from it within 30 days of the date stated on the order confirmation, following Swedish distance selling regulations and applicable EU consumer protection laws. The Client must notify RojIT in writing to exercise this right of withdrawal.

[3.2 Exceptions to the Right of Withdrawal]
Notwithstanding Section 3.1, the right of withdrawal does not apply to domain name registrations or other third-party products or services if the Client has expressly requested that RojIT begin fulfillment during the withdrawal period or if the Client has started using the Service in any way.

Such use includes, but is not limited to:

• Paying the advance invoice,
• Accessing the Service, or
• Logging into the RojIT Client Panel.

[3.3 Termination of the Agreement]
The Agreement may be terminated either by:

• Submitting a formal notice of termination, or
• Failure to pay for the upcoming service period, in which case the Service will expire at the end of the paid term.

[3.4 Changes to Subscription Period]
If the Client wishes to change the subscription period, RojIT must receive the request no later than the final day of the current subscription term. Any outstanding invoices must be paid in full before the change can occur.

The requested change will only be considered valid once RojIT has the following:

• Processed the request, and
• An updated invoice and written confirmation stating the new subscription period were applied.

[3.5 Termination with Immediate Effect]
Either party may terminate the Agreement with immediate effect and in writing, via email or postal mail, under the following circumstances:

• If the other party commits a material breach of contract and, where rectification is possible, fails to remedy the breach within 14 days after receiving a written notice demanding such rectification, or
• If the other party is declared bankrupt, enters into liquidation, becomes subject to composition or restructuring proceedings, or is otherwise clearly insolvent.

• Continued publication, storage, or dissemination of information through the Service is reasonably believed to violate applicable law or regulations issued by a public authority;
• Operational disturbances or system issues that can reasonably be attributed to the Client's use of the Service occur; or
• The Client is found to be misusing RojIT’s support services, including repeated, unreasonable, or abusive contact.

[3.6 Suspension and Immediate Discontinuation of Service]
In any situation where RojIT is entitled to terminate the Service with immediate effect, RojIT also reserves the right to suspend or discontinue the Service immediately, without prior notice, while an investigation is ongoing.

RojIT may suspend or restrict access to the Service if:

• A police report, legal dispute, regulatory inquiry, or similar investigation is initiated concerning the Service;
• RojIT determines that suspension is necessary to prevent ongoing or potential criminal activity, unauthorized access, or tampering with evidence;
• The Client’s software installation is found to be outdated, insecure, or poses a risk to system stability, data integrity, or other customers.

[3.7 Termination Notice and Reactivation]
RojIT reserves the right to notify the Client of service termination either by email or by publishing a notice on the Client’s website where technically feasible.

If the Service is later reactivated, the Client may be required to pay a startup or reactivation fee, following RojIT’s current price list or as specified in the invoice.

[4.1 Payment Terms]
Fees for the Service must be paid in advance upon receipt of an invoice from RojIT. Payment is due no later than 30 days from the invoice date and must be completed before the current service period expires to avoid suspension or termination of the Service.

The Customer is responsible for ensuring that the correct OCR/reference number is included with the payment to enable accurate matching of the payment to the corresponding invoice.

[4.2 Renewal and Client Responsibility]
Before starting a new contract period, and where RojIT is able and intends to offer renewal, at least one renewal invoice will be sent to the Client.

RojIT is not responsible for restoring or maintaining the Service if the Client:

• Fails to pay the renewal invoice by the due date and/or before the current Service period expires, or
• Fails to make full payment of the renewal fee.

[4.3 Suspension Due to Non-Payment]
If the Client fails to pay on time or in full, RojIT reserves the right to deactivate or suspend the Service, provided that at least one written reminder or warning has been sent to the Client by email or postal mail.

RojIT may also issue a notice of termination via email or, where technically feasible, by displaying a message on the Client’s website.

If the Service is later reactivated, the Client will be charged a startup or reactivation fee, as specified in RojIT’s current pricing or invoicing terms.

[4.4 Invoice Disputes]
The Customer must immediately notify RojIT if they believe that an invoice is incorrect. The objection must be made before the invoice due date and must include reasonable and specific grounds for the dispute.

If the objection is submitted in due time and deemed valid for review, RojIT may grant a grace period for the payment of the disputed amount. During this period, any undisputed amounts remain payable as usual.

In the event that the Customer is found to be partially or fully liable for the disputed amount, statutory interest on arrears will apply to the portion of the amount the Customer is required to pay.

[4.5 Interest on Late Payments]
In the event of late payment, penalty interest will be charged by the Swedish Interest Act (1975:635), calculated from the invoice due date until full payment is received.

[4.6 Changes to Fees]
Any change to the Service fees will only take effect at the start of a new subscription period.

In the case of a fee increase, the Client must be notified in writing at least one (1) month in advance, either by email, post, or via a notice published on RojIT’s website. No advance notice is required for fee reductions.

[4.7 Promotional Pricing]
Temporary promotional prices or discounts apply only to new purchases or specified promotional periods, and do not affect the fees for existing or ongoing services under an active subscription.

[4.8 Non-Refundable Domain Fees]
Fees paid for domain name registrations, renewals, or transfers are non-refundable, regardless of whether the domain is used, canceled, or transferred during the subscription period. This applies due to the irreversible nature of domain registration with external registries.

[4.9 No Refund in Case of Termination for Breach]
If RojIT terminates the Service prematurely due to the Client’s breach of contract, as described in Section 3.5, the Client is not entitled to any refund of fees already paid for the current or future subscription period.

[4.10 Expiration and Grace Periods]
If a Service is not renewed due to non-payment and/or termination, it will expire immediately after the paid period, except for domain names.

Expired domain names will enter a dormant or quarantine period of up to 90 days, depending on the rules of the relevant registry. During this period, the Customer may still be able to reactivate the domain by paying a redemption or reactivation fee, as determined by the registry and/or RojIT.

[4.11 Handling of Overpayments and Account Credit]
If the Client makes an incorrect payment, such as an overpayment or fee, on a credit (negative) invoice, the surplus amount will be registered as a credit on the Client’s account. This credit can be used to pay future invoices.

Unless otherwise required by law, any unused credit will expire after two (2) years from the date it was registered unless:

• The Client is classified as a consumer under the Swedish Distance and Off-Premises Contracts Act (SFS 2005:59) and
• The unused credit exceeds SEK 1,000.

[4.12 Third-Party Service Payments]
If the Client orders or activates any service provided by RojIT’s partners or third-party providers through RojIT’s platform, the Client is solely responsible for the full payment of such services, including any associated fees, regardless of whether the service is invoiced by RojIT or directly by the third party.

[5.1 Assignment of the Service] The Client may assign the Service to another party only with RojIT’s prior written consent. Any assignment must comply with RojIT’s current procedures and requirements, available at www.RojIT.com.
The assignment becomes effective on the date RojIT confirms approval in writing.
The withdrawing party (original Client) remains liable for all obligations and payments that arose before the assignment took effect.
The acceding party (new Client) assumes responsibility for all obligations from the date of assignment onward.
The Service cannot be transferred until any outstanding debts owed by the withdrawing party have been fully settled.

[5.2 Restrictions on Pledging Rights]
The Client may not pledge, transfer, or otherwise assign any of its rights or obligations under this Agreement to any third party without RojIT’s prior written consent.

[6.1 Service Availability and Maintenance]
RojIT and/or its authorized subcontractors have the right to take actions that may temporarily affect the availability of the Service when such actions are necessary for technical, maintenance, operational, or security reasons or due to:

• Applicable laws or regulations,
• Decisions issued by public authorities or
• Instructions from accredited domain registrars or organizations overseeing top-level domains.

[6.2 Limitation of Liability for Defects]
RojIT is liable for defects in the Service only to the extent that the Service fails to meet the agreed specifications set out in the Agreement or service description.

Minor deviations, interruptions, or limitations in availability that fall within the scope of what RojIT is permitted under these Terms, including scheduled maintenance or legally required actions, shall not be considered defects and do not give rise to any liability or right to compensation.

[6.3 Fee Reduction Due to Service Defects]
If the Client has been unable to use the Service due to a defect directly attributable to RojIT, the Client is entitled to request a proportionate reduction of the applicable fee. The reduction shall reflect the duration and extent of the defect along with the total service fee for the affected period.

To be valid, any claim for a fee reduction must be submitted in writing no later than one (1) month after the defect has been resolved.

[6.4 Limitation of Liability]
RojIT shall be liable for losses only where such losses are caused by RojIT’s negligence. Except in cases of intentional misconduct or gross negligence, RojIT’s total liability for damages shall be limited to direct losses and shall not exceed the total fees paid by the Client for the applicable subscription period during which the loss occurred.

RojIT shall not be liable for any indirect or consequential losses, including but not limited to:

• Loss of profit,
• Loss of revenue or sales,
• Loss or corruption of data, or
• Damages resulting from unauthorized access, hacking, or other third-party interference with RojIT’s systems or infrastructure.

6.5 Disclaimer of Warranties
RojIT provides its services “as is” and “as available” without express or implied warranties, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, or uninterrupted service.

RojIT makes no guarantees regarding its services' availability, accuracy, or results. The Client acknowledges that using the Services is at their sole risk. To the extent permitted by law, all such warranties are disclaimed.

This disclaimer does not affect statutory rights available to consumers under Swedish or EU law.

6.6 Limitation of Liability
Under no circumstances shall RojIT be liable for any indirect, incidental, special, or consequential damages, including but not limited to loss of data, business interruption, loss of revenue, or loss of business opportunity, even if RojIT has been advised of the possibility of such damages.

In any event, RojIT’s total liability for any claim under this Agreement shall be limited to the amount the Client paid for the specific Service giving rise to the claim, during the 12 months preceding the event.

[6.7 Consumer Protection Exception]
The limitation of liability stated in Section 6.4 does not apply to Clients who are classified as consumers under the Swedish Distance and Off-Premises Contracts Act (SFS 2005:59). In such cases, RojIT’s liability shall be governed by mandatory consumer protection laws.

[6.8 Time Limit for Claims]
To be valid, any claim for damages must be submitted in writing within a reasonable time after the Client became aware, or should reasonably have become aware, of the circumstances giving rise to the claim. In any event, no claim may be made later than three (3) month from the incident that caused the damage.

[6.9 Data Handling During the Service]
RojIT will not delete any Client data while the Service is active unless the Client has explicitly requested the deletion in writing and has provided verifiable proof of identity.

For system or technical reasons, RojIT reserves the right to relocate stored data to other storage media without affecting availability or integrity.

Certain data may be removed in the following cases:

• Product-specific information may be deleted when the Service is downgraded or assigned to another party.
• Domain-related data will be deleted when a domain name is removed from the Service.

[6.10 Backups and Client Responsibility]
Even if RojIT provides backup services, there is no guarantee that backup copies will function correctly or that all content will be fully restored or retain its original format.

The Client is solely responsible for maintaining separate and up-to-date backups of any data deemed important or critical. RojIT shall not be held liable for data loss, corruption, or failure to restore content, regardless of whether backups were offered as part of the Service.

[6.11 End-of-Life (EOL) of Service Components]
From time to time, RojIT may discontinue support for certain features, technologies, or components of the Service due to End-of-Life (EOL) status. When this occurs, RojIT will reasonably try to replace or upgrade the affected components with comparable alternatives, where feasible.

The declaration of an End-of-Life does not constitute a breach of the Agreement. It does not entitle the Client to compensation, provided that the core functionality of the Service remains intact.

[6.12 Confidentiality and Data Protection]
RojIT treats all Client information as confidential and processes personal data following applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Details about how RojIT collects, uses, and protects personal data are outlined in RojIT’s Privacy Policy, available at:
https://www.rojit.com/legal

The Data Processing Agreement (Appendix A), which forms an integral part of this Agreement, provides additional terms regarding data processing.

[6.13 Access to Client Information]
RojIT is entitled to access and process information stored or transmitted through the Service to the extent necessary to fulfill its rights and obligations under this Agreement, including for technical support, maintenance, compliance, and security purposes.

All such access and processing shall follow applicable data protection laws and the terms in the Privacy Policy and Data Processing Agreement (Appendix A).

[6.14 Preventive and Protective Measures]
If a defect, security risk, or potential damage arises—whether affecting the Client, RojIT’s systems, or other customers—RojIT is entitled to take immediate and reasonable actions to prevent or mitigate harm.

This includes the right to remedy security-related defects or vulnerabilities in the Client’s code or installation if such issues pose a risk to system integrity, security, or the services of other users.

[6.15 Handling of Suspected Malicious Code]
RojIT reserves the right to submit any code or software found within the Client’s Service environment—if RojIT reasonably suspects it to be malicious or harmful to RojIT, its systems, or other customers—to a third-party security expert or analysis service for investigation.

Any such third party will be bound by strict confidentiality obligations.

If the analysis confirms that the code is malicious or poses a threat, RojIT is entitled to immediately remove or disable the code without prior notice to protect the integrity and security of the Service and its users.

[6.16 Continuous Security Monitoring]
RojIT may conduct ongoing security checks of the Client’s services and hosted content to help reduce the risk of malicious code, unauthorized access, operational disruptions, or similar threats.

Such monitoring is performed solely to maintain the security, stability, and integrity of RojIT’s infrastructure and to protect all Service users.

[7.1 Responsibility for Content and Legal Compliance]
The Client is fully responsible for ensuring that all data, content, or information stored, published, or otherwise processed through the Service does not infringe upon the rights of any third party and does not violate any applicable Swedish laws or regulations.

This includes, but is not limited to, compliance with laws governing intellectual property, privacy, defamation, hate speech, and data protection.

[7.2 Prohibited Use and Unauthorized Access]
The Client agrees not to:

• Access or attempt to access any system, service, or resource belonging to RojIT or its subcontractors that is not expressly intended for the Client;
• Use the Service in violation of any applicable laws or regulations, including but not limited to those related to unauthorized access, cybercrime, and data misuse;
• Create, distribute, or transmit computer viruses, malware, or any form of malicious code through or in connection with the Service.

[7.3 Client’s Duty to Maintain Security]
The Client agrees to use the Service in a manner that helps maintain the security and stability of RojIT’s systems, network, and infrastructure.

This includes, but is not limited to:

• Ensuring that only safe and trusted software is uploaded or installed,
• Regularly updating applications and systems with relevant security patches, and
• Keeping login credentials, passwords, and access details confidential and not sharing them with unauthorized parties.

[7.4 Responsibility for Third-Party Content]
If third parties (e.g., website visitors or users) submit or publish content through websites or services managed by the Client under this Agreement, the Client is responsible for monitoring such content and ensuring that any unlawful or infringing material is removed or disabled in accordance with applicable legislation.

The Client must take prompt and appropriate action to prevent the continued dissemination of content that violates laws, regulations, or the rights of others.

[7.5 Prohibition of Sexually Explicit Content]
The Client is responsible for ensuring that sexually explicit content is not published, hosted, or otherwise made accessible through any website or service covered by this Agreement.

Additionally, domain names registered through or managed by the Service may not:

• Point to,
• Redirect to, or
• Be associated in any way with websites or services containing sexually explicit material.

[7.6 Domain Ownership]
The Client is responsible for ensuring that all domain names added to or administered under the Service are legitimately owned or controlled by the Client.

Use of domain names that belong to third parties without proper authorization may result in suspension of the Service and may constitute a violation of applicable laws or registry policies.

[7.7 Client Identification and Website Transparency]
The Client must ensure that accurate and up-to-date identification details are always on file with RojIT, including contact information that clearly identifies the responsible individual or legal entity.

In addition, websites hosted under the Service must clearly display or make available information identifying the person or organization responsible for the content in accordance with applicable laws and regulations, including transparency requirements under Swedish and EU law.

[7.8 Valid Email Contact]
The Client must ensure that a valid and active email address for the authorized contact person is always registered with RojIT.

This email address will serve as the primary communication channel for important notifications and information related to the Service, including but not limited to billing, maintenance, security updates, and policy changes.

Failure to maintain an up-to-date contact email may result in missed communications, for which RojIT shall bear no responsibility.

[7.9 Compliance with Domain Registrar Requirements]
The Client acknowledges and accepts that ICANN, or any other applicable top-level domain (TLD) registrar, may impose certain obligations and conditions on RojIT as a domain registration agent.

The Client agrees to comply with such requirements and to hold harmless both the top-level domain registrar and RojIT from any claims, disputes, or liabilities arising from domain names registered under such TLDs.

RojIT shall not be held liable for any transfer, suspension, cancellation, or other actions affecting domain services that result from the rules or requirements imposed by ICANN or any other accredited registrar.

[7.10 Delegation of Web Management]
The Client may choose to delegate web design, updates, or other website-related operations to a third party, whether an individual or legal entity.

However, such delegation does not limit or transfer the Client’s liability under this Agreement. The Client remains fully responsible for all activities, content, and compliance related to the Service.

[7.11 Acceptance of Data Processing Agreement]
The Client expressly accepts Appendix A as the applicable Data Processing Agreement (DPA) governing the handling of personal data for all Services provided by RojIT that involve data processing on behalf of the Client.

This DPA forms an integral part of the Agreement and is binding for the entire duration of the Client’s use of the Services.

[7.12 Responsibility for System Integrations]
The Client is solely responsible for the integration and use of any interfaces provided by RojIT for data management purposes, including but not limited to FTP access, email systems, databases, APIs (e.g., RojITAPI), or similar tools.

RojIT shall not be held liable for defects, malfunctions, service interruptions, or other issues related to the Client’s integrations, especially where such issues arise from maintenance, external dependencies, or misuse of the interfaces.

[8.1 Amendments to the Terms and Conditions]
RojIT reserves the right to amend or supplement these General Terms and Conditions. Unless otherwise stated, such changes shall take effect one (1) month after the Client has been notified.

If a proposed change is detrimental to the Client, the Client has the right to object in writing and terminate the Agreement, no later than three (3) months from the date of notification. Termination shall take effect from the date the amended terms would otherwise have entered into force.

RojIT may implement changes without prior approval if the changes:

• Are not to the Client’s disadvantage, or
• Involve a minor disadvantage that does not significantly affect the Client’s use of the Service.

• The change is beneficial to the Client,
• The change is of a purely administrative nature and has no negative consequences, or
• The change is required to ensure the Agreement complies with national or EU legislation.

[9.1 Governing Law and Dispute Resolution]
Any dispute concerning the interpretation, validity, or application of this Agreement shall be governed by Swedish law and shall be exclusively resolved by a Swedish court, with the Stockholm District Court as the first instance, unless otherwise required by mandatory consumer protection legislation.

[9.2 Domain Name Disputes]
Any dispute between the Client and a third party concerning a registered domain name shall be resolved in accordance with the dispute resolution policy in effect at the time, as established by the relevant domain registry.

RojIT adheres to ICANN’s Uniform Domain Name Dispute Resolution Policy (UDRP) and other applicable policies issued by accredited registries. These may change from time to time and are binding on the Client.

RojIT does not provide legal or administrative assistance in domain name disputes beyond what is explicitly required under the applicable registry and/or registrar agreements.

[9.3 Force Majeure]
If either party is prevented from fulfilling its obligations under this Agreement due to circumstances beyond its reasonable control, such as but not limited to lightning strikes, pandemics, labor disputes, shortages of transportation, goods or energy, fire, governmental actions, confiscation, or delays or failures by subcontractors caused by any such circumstance, this shall be considered a force majeure event.

In such cases, the affected party shall be entitled to a reasonable extension of time for performance, without incurring liability for delay.

If a force majeure event materially prevents performance of the Agreement for a continuous period of more than one (1) month, either party shall have the right to terminate the Agreement in writing, without any obligation to pay compensation to the other party.

[10.1 Notices and Communication]
All notices under this Agreement must be submitted in writing. RojIT may send notices to the Client via the Client Zone, registered email address, or postal mail. Notices from the Client must be sent using the contact information published on RojIT’s website.

[11.1 Amendments and Updates to the Agreement]
RojIT reserves the right to update these Terms from time to time. Continued use of the Service following such updates shall be considered acceptance of the revised Terms.

[12.1 Severability]
If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.

[13.1 Entire Agreement]
This Agreement and any appendices and the Service Agreement constitute the entire agreement between the Parties and supersedes any prior agreements or understandings.

[14.1 Indemnification]
The Client agrees to indemnify, defend, and hold harmless RojIT, its affiliates, officers, agents, and employees from and against any claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or related to the Client’s use of the Services, breach of this Agreement, violation of applicable law, or infringement of third-party rights.

The Client waives the right to initiate legal proceedings in matters clearly governed by this Agreement, except where mandatory consumer protections under Swedish law apply.

Data Processing Agreement (Appendix A)

A1. Introduction
A1.1
Both parties confirm that the undersigned representatives are duly authorized to enter into this Data Processing Agreement ("DPA"), which forms an integral part of the Service Agreement(s) entered into by the parties (referred to as the "General Terms and Conditions" or the "Service Agreement").

This DPA governs the processing of personal data carried out by the Data Processor (RojIT AB) on behalf of the Data Controller (the Client) in connection with the Services provided under the applicable Service Agreement at any given time.

A1.2
RojIT processes personal data in accordance with its Privacy Statement, which is available at:
https://www.rojit.com/about-rojit/data-protection

The Privacy Statement outlines how RojIT collects, uses, stores, and protects personal data following applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

A2. Definitions
A2.1
The terms Personal Data, Special Categories of Personal Data (also referred to as Sensitive Data), Processing, Data Subject, Data Controller, and Data Processor shall have the same meanings as set out in the applicable data protection legislation, including the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), which has applied throughout the EU since 25 May 2018, and any supplementary national legislation in force at any given time.

These laws are collectively called “Applicable Privacy Law” throughout this Data Processing Agreement.

A2.2
For the purposes of this Appendix:

The Data Controller is referred to as the “Client” or “Party”,

The Data Processor is referred to as “RojIT” or “Party”, and

Collectively, both are referred to as the “Parties.”

A3. Scope
A3.1
This Data Processing Agreement governs RojIT’s processing of Personal Data on behalf of the Client and sets out how RojIT shall ensure the security and confidentiality of such data through appropriate technical and organizational measures, in accordance with Applicable Privacy Law.

A3. Scope
A3.2
RojIT’s processing of Personal Data on behalf of the Customer is carried out solely for the purpose of fulfilling RojIT’s obligations under the applicable Service Agreement entered into between the Parties.

A3. Scope
A3.3
This Data Processing Agreement shall take precedence over any conflicting provisions related to the processing of Personal Data contained in the Service Agreement or any other agreement entered into between the Parties.

A4. RojIT’s Liabilities
A4.1
RojIT may only process Personal Data on behalf of the Client and in accordance with the Client’s documented instructions.

By entering into this DPA, the Client instructs RojIT to process Personal Data:

• i) In full compliance with applicable data protection laws,
• ii) To the extent necessary to fulfill RojIT’s obligations under the Service Agreement,
• iii) As required by the Client’s normal and intended use of RojIT’s services, and
• iv) As further specified in this Data Processing Agreement.

The above instructions also apply in the event of transfers of Personal Data to third countries, in accordance with Chapter V of the GDPR and other Applicable Privacy Law.

A4. RojIT’s Liabilities
A4.2
RojIT confirms that, to its knowledge, no legislation would prevent it from complying with the Client’s instructions as set out in this DPA.

If RojIT becomes aware that any instruction from the Client or the Processing activities themselves conflict with Applicable Privacy Law, RojIT shall promptly inform the Client of such concerns.

A4. RojIT’s Liabilities
A4.3
This Data Processing Agreement specifies the categories of Data Subjects and the types of Personal Data that are subject to Processing by RojIT on behalf of the Client, as outlined in the relevant sections of this Agreement and any associated documentation.

A4. RojIT’s Liabilities
A4.4
RojIT shall ensure the confidentiality, integrity, and availability of all Personal Data processed on behalf of the Client, following Applicable Privacy Law.

To achieve this, RojIT shall implement appropriate systematic, organizational, and technical security measures, taking into account:

• The state of the art,
• The cost of implementation,
• The nature, scope, context, and purpose of the processing, and
• The risk level to the rights and freedoms of Data Subjects, particularly the type and sensitivity of the Personal Data.

A4. RojIT’s Liabilities
A4.5
Taking into account the nature of the processing and the information available to it, RojIT shall assist the Client (as Data Controller) by implementing appropriate technical and organizational measures, to the extent possible, in fulfilling the Client’s obligations under Articles 32–36 of the GDPR.

This includes supporting the Client in:

• Responding to requests from Data Subjects (e.g., access, rectification, erasure, restriction), and
• Ensuring compliance with obligations related to data security, data breach notifications, Data Protection Impact Assessments (DPIAs), and prior consultations with supervisory authorities where required.

A4. RojIT’s Liabilities
A4.6
If the Client requests additional information regarding RojIT’s security measures, documentation, or other aspects of how RojIT processes Personal Data—beyond the standard information RojIT provides to fulfill its obligations under Applicable Privacy Law—and such requests require substantial additional effort or resources, RojIT reserves the right to charge the Client a reasonable fee for providing such services.

Any such charges shall be based on the scope and complexity of the request and communicated to the Client in advance.

A4. RojIT’s Liabilities
A4.7
RojIT and all personnel acting under its authority shall ensure the confidentiality of all Personal Data processed under this Data Processing Agreement. This duty of confidentiality shall remain in effect both during and after the termination or expiration of the DPA.

A4. RojIT’s Liabilities
A4.8
In the event of a Personal Data breach, RojIT shall promptly and without undue delay notify the Client. The notification shall be made in a manner that enables the Client to comply with its legal obligations to inform the relevant supervisory authority and, where applicable, the affected Data Subjects, in accordance with Articles 33 and 34 of the GDPR.

A4. RojIT’s Liabilities
A4.9
To the extent legally permitted and practically possible, RojIT shall promptly notify the Client in the event of:

i) Requests from a Data Subject regarding access to or the exercise of their rights concerning Personal Data, and
ii) Requests from public authorities, such as law enforcement (e.g., the Police Authority), seeking access to or disclosure of Personal Data processed on behalf of the Client.

RojIT will not disclose any Personal Data without prior notice to the Client, unless prohibited by law or an official order.

A4. RojIT’s Liabilities
A4.10
RojIT shall not respond directly to requests from Data Subjects without the Client's prior written consent, unless legally required to do so.

Furthermore, RojIT shall not disclose any content related to the General Terms and Conditions, including Personal Data, to authorities such as the Police Authority, except where required by statutory provisions, including court orders or other legally binding decisions.

A4. RojIT’s Liabilities
A4.11
RojIT does not control whether, or how, the Client chooses to use any third-party integration via RojIT’s API, direct database connections, or similar interfaces. The Client is solely responsible for the use and configuration of such integrations.

RojIT shall not be considered a Data Processor for any processing of Personal Data that occurs as part of, or results from, these third-party integrations. The Client is fully responsible for ensuring that such integrations comply with Applicable Privacy Law.

A5. Customer Obligations
A5.1
By entering into this Data Processing Agreement, the Client acknowledges and confirms the following:

• When using the services provided by RojIT under the Service Agreement, the Client processes Personal Data in compliance with applicable privacy law.
• The Client has valid legal grounds to process and disclose the relevant Personal Data to RojIT, including to any approved subprocessors used by RojIT.
• The Client is solely responsible for the accuracy, lawfulness, integrity, and relevance of the Personal Data transferred to RojIT.
• The Client has fulfilled all mandatory obligations to notify and/or obtain prior approval from the relevant supervisory authorities, where required.
• The Client has complied with its duty to inform Data Subjects about processing their Personal Data, as required by Applicable Privacy Law.
• The Client acknowledges that RojIT has implemented appropriate technical and organizational measures to protect the Personal Data and ensure the integrity and privacy of Data Subjects.
• The Client agrees not to transfer any Special Categories of Personal Data (e.g., sensitive data) or data relating to criminal convictions or offenses to RojIT. RojIT shall not be held liable for improper processing of such data if it is transferred.
• The Client is responsible for maintaining an up-to-date record of the types and categories of Personal Data processed under this Agreement.

A6. Use of Sub-processors and Transfer of Data
A6.1
In connection with providing Services under the Service Agreement and this Data Processing Agreement, RojIT may engage subcontractors who act as subprocessors. These subprocessors may include RojIT affiliates or external third-party providers located either within or outside the EU/EEA.

RojIT shall ensure that any sub-processor engaged to process Personal Data on behalf of the Client is bound by a written agreement that imposes data protection obligations equivalent to those set out in this DPA, following Article 28 of the GDPR.

A6. Use of Sub-processors and Transfer of Data
A6.2
The sub-processors currently engaged by RojIT who may have access to Personal Data are listed on RojIT’s Privacy page, available at:
https://www.rojit.com/about-rojit/data-protection

By entering into this DPA, the Client explicitly accepts using these listed sub-processors for the purposes described herein. RojIT will ensure that the list remains updated and accessible.

A6.3
The Client may, upon request, obtain a complete and up-to-date overview of all sub-processors involved in the delivery of Services regulated by the Service Agreement. RojIT shall also provide additional relevant details about these sub-processors, to the extent such information is necessary for the Client to fulfill its obligations under Applicable Privacy Law.

A6.4
The Client grants RojIT the authority to establish appropriate legal safeguards on the Client’s behalf, including but not limited to the execution of the European Commission’s Standard Contractual Clauses (SCCs) or other valid transfer mechanisms recognized under Applicable Privacy Law.

A6.5
The Client shall be notified of any changes to sub-processors who process Personal Data via RojIT’s Privacy page:
👉 https://www.rojit.com/legal

If a newly appointed sub-processor evidently fails to comply with Applicable Privacy Law, and such failure continues after RojIT has been given a reasonable opportunity to ensure compliance, the Client shall have the right to terminate this DPA.

Such termination may also entitle the Client to terminate the Service Agreement, in whole or part, following the termination provisions set out in that agreement. In evaluating such termination, due consideration shall be given to the extent to which the sub-processor's involvement is essential to delivering the Services under the Service Agreement.

For clarity, a change of sub-processor shall not constitute a breach of the Service Agreement.

A6.6
By entering into this Agreement, the Client expressly agrees to RojIT’s use of sub-contractors as sub-processors, as described in this Section and following Applicable Privacy Law.

A7. Security
A7.1
RojIT is committed to maintaining high security across its products and services. To this end, RojIT implements organizational, technical, and physical security measures following the requirements set out in Article 32 of the GDPR.

RojIT’s internal data protection framework is designed to safeguard the confidentiality, integrity, availability, and controlled access to Personal Data processed on behalf of the Client.

The following measures are of particular importance:

• Classification of Personal Data to ensure the application of appropriate security measures based on risk assessments.
• Regular evaluation of encryption and pseudonymization as tools to reduce data protection risks.
• Access limitation: Ensure that only authorized personnel have access to Personal Data where necessary to fulfill the obligations under this DPA or the Service Agreement.
• Use monitoring and incident response systems to detect, prevent, recover from, and report Personal Data breaches.
• Ongoing security assessments are needed to evaluate the effectiveness of technical and organizational safeguards, following the Applicable Privacy Law.

A8. Audit Rights
A8.1
The Client is entitled to conduct one (1) annual audit to verify RojIT’s compliance with this Data Processing Agreement. If required by law or a competent supervisory authority, additional audits may be requested.

Given that RojIT operates in a multi-tenant service environment, the Client agrees that, for security and confidentiality reasons, RojIT may require that any such audit be performed by a neutral and qualified third-party auditor, selected and appointed by RojIT. The auditor shall act independently and issue a summary report of the audit findings to the Client.

A8.2
If the requested audit area has already been covered by an independent audit report—such as an ISAE 3000/3402, ISO/IEC 27001, or a comparable standard—conducted by a qualified third-party auditor within the previous twelve (12) months, and RojIT confirms that there have been no material changes affecting the audited controls, the Client agrees to accept such a report instead of conducting a new audit for the same scope.

A8.3
If the Client does not accept the neutral third-party auditor proposed by RojIT, the Parties shall mutually agree on an alternative neutral and independent third-party auditor to perform the audit. The selection shall be made in good faith, ensuring that the auditor maintains appropriate qualifications, independence, and confidentiality.

A8.4
The Client shall bear all costs associated with any audits it initiates under this Agreement. If the audit requires assistance from RojIT or its subcontractors beyond the standard services RojIT provides to comply with Applicable Privacy Law, RojIT reserves the right to charge the Client reasonable fees for such additional support, based on the scope and complexity of the assistance required.

A9. Term and Termination
A9.1
This Data Processing Agreement shall remain in effect for as long as RojIT processes Personal Data on behalf of the Client under the applicable Service Agreement(s). It applies to all processing activities by RojIT during the term of such agreements.

A9.2
This Data Processing Agreement shall automatically terminate upon the expiration or termination of the applicable Service Agreement.

Upon termination, RojIT will either delete or return all Personal Data processed on behalf of the Client, following the relevant provisions of the Service Agreement and Applicable Privacy Law.

Unless otherwise agreed in writing, the cost of such data return or deletion shall be calculated based on:
i) RojIT’s applicable hourly rate for time spent, and
ii) The complexity of the process requested by the Client.

A9.3
RojIT may retain Personal Data after the termination or expiration of this DPA only to the extent required by applicable law (e.g., accounting, tax, or legal retention obligations). During such retention, RojIT shall continue to apply the same technical and organizational security measures as outlined in this DPA to ensure the retained data's confidentiality, integrity, and protection.

A10. Liability
A10.1
Liability for any breach of the terms of this DPA shall be governed by the liability provisions outlined in the applicable Service Agreement between the Parties. This includes liability for any acts or omissions of sub-processors engaged by RojIT in connection with processing Personal Data on behalf of the Client.

A10.2
All communications regarding this DPA shall be directed to the contact specified in Section 12 of the Privacy Policy or as otherwise notified in writing by either Party.

A11. Applicable Law and Jurisdiction
A11.1
This Data Processing Agreement shall be governed by and interpreted following the applicable law specified in the respective Service Agreement between the Parties.

A11.2
If any provision of this DPA is found invalid or unenforceable, the remaining provisions shall remain in full force and effect.

A11.3
This DPA, together with the Service Agreement and its appendices, constitutes the entire agreement between the Parties concerning the Processing of Personal Data and supersedes any prior written or oral agreements relating to its subject matter.

A12.2
The Client may not transfer Sensitive Data (Special Categories of Personal Data) to RojIT. If such data is transferred, RojIT shall not be held liable for any non-compliant processing under Applicable Privacy law.

According to Applicable Privacy Law (including Article 9 of the GDPR), Sensitive Data includes:

• Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs,
• Trade union membership,
• Genetic data and biometric data processed to uniquely identify a natural person,
• Data concerning health,
• Data concerning a person’s sex life or sexual orientation.

A12.3
The Client may not transfer Personal Data related to criminal convictions and offenses to RojIT. Such data is subject to special protection under Applicable Privacy Law. RojIT shall not be held liable for any non-compliant processing if such data is transferred in breach of this provision.

A13. Overview of Current Sub-Processors
A13.1
The sub-processors currently engaged by RojIT for the delivery of services and processing of Personal Data on behalf of the Client are listed at the following location:
👉 https://www.rojit.com/legal

RojIT maintains and updates this list as needed to reflect any changes in the use of subprocessors, in accordance with Section A6 of this Agreement.

[6.1 Eligibility]
Only individuals or businesses with an active account are eligible to join our Affiliate Program.

[6.2 Commissions]
Affiliates earn commissions based on successful referrals. Commissions will be paid out as specified in the Affiliate Agreement.

[6.3 Tracking and Attribution]
Affiliate sales are tracked using cookies and unique affiliate links. If a customer clears cookies, tracking may be lost, and commissions may not be attributed.

[6.4 Payouts]
Affiliate payments are issued monthly or quarterly, depending on the affiliate agreement. Minimum payout thresholds may apply.

[6.5 Prohibited Activities]
Affiliates must not engage in misleading advertising, spam, or deceptive practices to generate referrals.

[6.6 Account Termination]
We reserve the right to terminate affiliate accounts for violations of these terms or the Affiliate Agreement. Termination may result in the forfeiture of unpaid commissions.

[6.7 Affiliate Agreement Updates]
We may update the Affiliate Agreement occasionally, and affiliates will be notified of significant changes.