These Terms of Use govern the legal relationship between Friendly Captcha GmbH, Am Anger 3–5, 82237 Wörthsee/Germany, the operator of the IP Trust service (“Service Provider”), and its customer (“Customer”) in relation to the provision of the IP Trust service only. Service Provider provides this service in the paid service packages not for consumers, but exclusively for the purposes of the Customer acting in exercise of their trade, business or profession.
Provisions that deviate from or go beyond these provisions are invalid. This applies in particular to the Customer’s General Terms and Conditions, even if Service Provider accepts an order from the Customer in which the Customer refers to its General Terms and Conditions and/or the Customer’s General Terms and Conditions are appended to the order and Service Provider does not object to them.
The Agreement is deemed concluded when the Customer and Service Provider sign an order form.
If the Agreement is concluded online, the following shall apply: The Agreement is concluded when, after completion of the order process, the Customer receives an e-mail from Service Provider in which Service Provider accepts the Customer’s offer. Article 312i para. 1 nos. 1, 2 and 3 BGB [German Civil Code] and Article 312i para. 1 sentence 2 BGB, which lay down provisions concerning certain obligations of the trader with respect to contracts relating to electronic business transactions, are hereby waived; this also applies if the Agreement is concluded in writing and amendments are subsequently agreed in electronic form. Insofar as these Terms of Use refer to the order form, this means the input from the ordering process.
Service Provider provides the Customer with the IP Trust service, an IP intelligence service that supplies data and risk assessments related to IP addresses, including but not limited to geolocation data, proxy and VPN detection, and other threat intelligence indicators. The IP Trust service is available via API access and/or downloadable database, depending on the service package booked by the Customer. Service Provider provides IP Trust data on a best-effort basis. The Customer is solely responsible for determining how IP Trust data is applied within the Customer’s own systems, products, and decision-making processes.
Service Provider grants the Customer a non-exclusive right, limited to the term of this Agreement, to use the IP Trust service in connection with the Customer’s own websites, applications, and internal business operations. The right of use is limited to the Customer’s own use. The Customer shall not redistribute, resell, sublicense, or otherwise make IP Trust data available to third parties, whether in raw, aggregated, or modified form. In particular, the Customer shall not incorporate IP Trust data into any product or service offered to third parties in a manner that could constitute or be interpreted as resale or redistribution of the data.
Where the Customer’s service package includes access to downloadable databases, such databases are provided solely for the Customer’s internal use and are subject to the same restrictions on redistribution. The right of use is limited to the maximum number of API requests or database download entitlements included in the service package booked by the Customer per billing period, as specified in the order form.
Service Provider reserves the right to enforce fair use limits. If the Customer’s usage pattern is excessive or unreasonable (e.g., an unusually high volume of requests within a short time period), Service Provider reserves the right to throttle or temporarily suspend the Customer’s access to the service. Unless rights are expressly granted in this Agreement, all rights to IP Trust shall remain with Service Provider. The granted rights of use do not include any processing rights and no rights related to decompiling or reverse engineering, unless the Customer is entitled to these rights by law.
The Customer shall not use IP Trust in connection with or for the operation of critical infrastructure, such as power stations, military or defense facilities, medical equipment or other equipment, the failure or impairment of which would lead to unforeseeable economic or physical damage, including but not limited to critical infrastructure as defined in the European Council Directive 2008/114/EC.
Service Provider provides its server services at the point of connection of the data centers used by Service Provider (content delivery network) to the internet. Depending on the service package booked, the availability to be provided can be viewed in the Service Level Agreement at www.iptrust.co.
The Customer integrates and configures the IP Trust service within their own systems (e.g., API integration, database import) themselves. This Agreement does not provide for an obligation to make adaptations to IP Trust, in particular customization or reprogramming in line with the Customer’s wishes.
Service Provider does not provide any support for the use of IP Trust beyond the statutory claims for defects (e.g., no assistance or advice on integration), unless this is agreed and remunerated separately.
Unless otherwise agreed, Service Provider is only obliged to provide technical documentation in the form of online documentation or PDF in English at www.iptrust.co.
Insofar as Service Provider provides individual functions to the Customer free of charge as “beta” functions and denotes them as such, the following shall apply. The provided functions are still in the development and test phase and may contain errors. The availability and integrity of the customer data are not ensured with these functions. The services are provided to the Customer solely for the purpose of testing them for errors, giving Service Provider feedback on errors, and making suggestions for improvement. The Customer is not to use these functions for live use. Service Provider reserves the right to change the functions at any time or to terminate the provision.
The Customer is aware that IP Trust is a standard service that is centrally provided and that a large number of customers have access to a centrally managed system. The economies of scale resulting from a model such as this can only be exploited if it is a standardized service that can be developed further. The parties therefore agree that Service Provider may modify the Service (including the system requirements) for good reason. Such a reason is, in particular, when the modification is necessary due to (i) a necessary adaptation in line with a new legal basis or court decision, (ii) the changed technical framework (new API standards, data formats, or technical standards), or (iii) the safeguarding of system security and the integrity of IP intelligence data.
In addition, Service Provider may modify the Service appropriately as part of the further development of the Service (e.g., deactivation of old functions which have been largely replaced by new ones). Service Provider shall notify the Customer by e-mail of modifications that are more than just insignificantly detrimental to the Customer in good time, usually four weeks before they come into force. The Customer’s consent to a modification such as this shall be deemed to have been granted if the Customer does not object to the modification in writing or by e-mail by the date of the modification. When announcing the modification, Service Provider shall once again draw special attention to this legal consequence. If the modification would affect the contractual balance between the parties to the expense of the Customer to more than an insignificant extent, the modification shall not be made.
The Customer shall owe Service Provider the remuneration agreed in the order form for the use of the Service during the term of the Agreement. The remuneration may comprise a once-only set-up fee, a fixed monthly basic fee, and a monthly usage fee that is based on the units used (e.g., number of API requests per month or database download entitlements).
The basic fee and usage fee are due in full and in advance at the beginning of the Agreement for the basic period (see Point 10.2) and thereafter at the beginning of each renewal period (see Point 10.2) for the renewal period, unless otherwise agreed on the order form. An increase in the booked usage units or database download entitlements (or switching to a higher service package) is possible at any time; a reduction (or switching to a lower service package) is only possible with effect at the end of the basic period or a renewal period, or before this with the consent of Service Provider.
In the event of an increase in the booked usage units or database download entitlements within the basic period or renewal period, the additional fees will be invoiced proportionately. The prices as per the Service Provider price list valid when the additional usage units are ordered shall apply for the additional usage units.
Service Provider shall invoice the fees in advance at the start of the Agreement and, afterwards, at the beginning of each renewal period. The invoice amount must be paid within 30 days. Invoicing is performed online by providing the invoice as a downloadable and printable PDF file in a customer menu or by sending it by e-mail (“Online Invoice”).
Payment of the invoice amounts is made by bank transfer (for Professional Plans with an annual contractual period only) or by credit card.
Using the service – except in the context of a free trial phase – is only permitted and possible after Service Provider has received the invoice amount.
The applicable statutory VAT must be added to all the stated prices.
If the Customer defaults for two calendar months on payment of the remuneration or a not insignificant part of the remuneration, or, during a period of more than two months, defaults on payment of the remuneration to an amount that equals at least twice the monthly basic fee plus usage fee, Service Provider is entitled to block access to the Service or to terminate the Agreement extraordinarily after a corresponding warning by e-mail.
The Customer shall use the Service only within the framework of the contractual and legal provisions and shall not infringe any rights of third parties during this use. When using the Service, the Customer shall in particular comply with the regulations on data protection, competition law, and copyright law and shall not send any harmful or illegal data to the Service or misuse the Service in any other way. The Customer shall access the IP Trust service only via the API or database access methods provided and in line with the technical documentation provided by Service Provider. All trademarks and rights to names shall remain the sole property of Service Provider.
The Customer is responsible for maintaining the confidentiality and security of all account credentials, API keys, and other access tokens provided by Service Provider. The Customer shall ensure that access credentials are only used by authorised personnel and are not disclosed to unauthorised third parties. The Customer is solely responsible for all activity that occurs under the Customer’s account or using the Customer’s access credentials, whether or not such activity was authorised by the Customer.
The Customer shall notify Service Provider immediately in writing or by e-mail upon becoming aware of any unauthorised use of the Customer’s account, API keys, or other credentials, or any other breach of security. Service Provider shall not be liable for any loss or damage arising from the Customer’s failure to comply with these account security obligations.
Requirements for the integration of the IP Trust service are provided in the technical documentation at www.iptrust.co. The Customer shall familiarize themselves with the requirements in advance.
Service Provider is entitled to temporarily block the use of the Service by the Customer if Service Provider has a legitimate reason to assume that the use of the Service by the Customer impairs the system security of the Service (e.g., DDoS attacks, etc.) or infringes the contractual provisions. In the event of a block, Service Provider will notify the Customer of this by e-mail immediately and work with the Customer to promptly lift the block.
Service Provider will treat the data generated by using the Service (e.g., number and times of API requests or database downloads) confidentially and use it solely for the provision and improvement of the Service.
Insofar as the customer data is personal data as per Art. 4 (1) GDPR and the GDPR is valid, the following shall apply: Service Provider processes the customer data for the Customer as the processor (Art. 4 (8) GDPR), whereby the Customer is the controller in relation to Service Provider as per Art. 4 (7) GDPR. The parties shall govern the details in a data processing agreement as per Art. 28 GDPR.
It is the responsibility of the Customer to comply with all applicable data protection laws in connection with their use of the IP Trust service, including but not limited to informing data subjects where required. Service Provider makes available a separate IP Trust privacy policy describing the data processing activities of the Service. This privacy policy is provided for informational purposes and to describe the Service; it does not constitute legal advice. The Customer remains solely responsible for their own compliance with data protection obligations and must assess whether their use of IP Trust data requires additional notices, disclosures, or consents under applicable law, seeking independent legal counsel where necessary.
Service Provider is entitled to name the Customer as a reference using the Customer’s name, company, trademarks and logos (e.g., on the Service Provider website).
Service Provider does not represent or warrant that: (a) IP Trust data will be accurate, complete, reliable, current, or error-free; (b) the classification of any IP address (including but not limited to proxy, VPN, Tor, or hosting detection) will be correct at the time of the Customer’s query or at any other time; (c) geolocation data will correctly identify the physical location of any IP address or its user; or (d) the results obtained from the use of the service will meet the Customer’s requirements.
The Customer acknowledges that IP address data is inherently volatile and that the accuracy of any data point may be affected by factors outside Service Provider’s control, including but not limited to IP address reassignment, the use of virtual private networks, proxy services, carrier-grade NAT, and changes in internet routing. The Customer assumes all risk arising from their use of and reliance upon IP Trust data.
Service Provider shall provide the Service free of material defects and defects of title and shall maintain it in a condition suitable for use in line with the Agreement for the term of the Agreement.
Defects of the Service are to be reported to Service Provider by the Customer immediately and the Customer is to explain the exact circumstances of the occurrence. Service Provider shall rectify the defect within a reasonable period of time. Service Provider is entitled to temporarily show the Customer options for circumventing the error and to rectify the defect later by adapting the Service, insofar as this is reasonable for the Customer.
The liability for initial defects regardless of fault as per Article 536a paragraph 1 alternative 1 of the German Civil Code is ruled out.
The Customer’s right of termination for refusal to grant use as per Article 543 paragraph 2 sentence 1 (1) BGB is ruled out, unless the provision of the service is to be regarded as permanently failed.
Claims for defects become statute-barred within 12 months, unless the Customer is a consumer. This does not apply in the event of claims for damages related to claims for defects, insofar as Service Provider is legally liable (see Point 9.1, sentence 2).
Insofar as Service Provider provides services free of charge (e.g., during a trial period or beta phase), the provisions concerning the gratuitous lending shall prevail, i.e., in particular, Service Provider’s liability for defects is limited to fraudulent acts as per Article 600 BGB, Service Provider’s liability as per Article 599 BGB is limited to intent and gross negligence, and the shortened limitation period of six months as per Article 606 BGB applies.
The statutory provisions related to liability for defects shall apply in all other cases.
If third parties (including public authorities) make claims against Service Provider, including in relation to infringements of the law, that are based on the assertion that the Customer has breached their contractual obligations, in particular has used the Service in a manner that is contrary to data protection, copyright or competition law or in any other unlawful manner, the following shall apply: The Customer shall immediately release Service Provider from these claims, provide Service Provider with adequate support for the legal defense, and release Service Provider from the costs of the legal defense. The obligation to release does not apply if the Customer is a consumer.
The requirements for the obligation to release as per Point 8.1 is that Service Provider shall immediately inform the Customer in writing of asserted claims, shall not make any acknowledgements or equivalent declarations, and shall enable the Customer – as far as possible – to conduct all court hearings and out-of-court negotiations concerning the claims at the Customer’s expense.
Service Provider is liable for damages, insofar as these (a) were caused by Service Provider intentionally or due to gross negligence on the part of Service Provider, or (b) were caused due to slight negligence on the part of Service Provider and are due to material breaches of duty that jeopardize the achievement of the purpose of this Agreement or are due to the breach of duties whose fulfilment makes the proper execution of this Agreement possible at all and whose compliance the Customer should be able to rely on.
In all other cases, the liability of Service Provider is excluded irrespective of its legal basis, unless Service Provider is obligatorily legally liable, in particular for injury to life, limb or health of a person, for the assumption of an express guarantee, for the fraudulent concealment of a defect or as per the German Act on Liability for Defective Products [ProdHaftG]. Guarantees granted by Service Provider are only given in writing or in text form and, in the case of doubt, are only to be interpreted as such if they are named a “guarantee”.
In the case of Point 9.1, sentence 1 (b), Service Provider is only liable to a limited extent for the damages that are typically foreseeable for an agreement of this kind.
For the cases pertaining to Point 9.1, sentence 1 (b), the parties hereby determine that the “typically foreseeable damages” for all cases of damages occurring in a calendar year shall not exceed the net remuneration of Service Provider’s IP Trust service as provided or incurred for that calendar year (whichever amount is the higher) as per the Agreement.
Service Provider’s liability is limited to intent and gross negligence for damages caused during a free trial period.
The limitations of liability set out in Points 9.1 to 9.4 also apply in the event of claims against Service Provider employees and agents.
If the service package booked by the Customer provides for a free trial period, the following applies for the term of the Agreement: Firstly, the trial period begins with the conclusion of the Agreement. No set-up, basic or usage fees are incurred for the trial period. Once the trial period has expired, the basic period as per Point 10.2 automatically begins, unless the Customer terminates the Agreement as at the end of the trial period.
The Agreement is concluded for a specific term (“Basic Period”) in line with the Customer’s order and is then automatically renewed for the same period (“Renewal Period”) if the Agreement has not been terminated by one of the parties as at the end of the Basic Period or a Renewal Period with a period of notice of four (4) weeks (“Notice Period”). Unless otherwise agreed, the Basic Period and the Renewal Period shall each be twelve (12) months. The right to terminate for good cause is not affected. Point 3.2 applies to a reduction of the usage units or database download entitlements.
Termination must be made in writing or in text form.
Service Provider has the right to amend these General Terms and Conditions or to supplement them with provisions for the use of any newly introduced additional services or functions of IP Trust. The amendments and supplements to the General Terms and Conditions shall be announced to the Customer no later than six weeks before they are scheduled to become effective. The Customer’s consent to the amendment of the General Terms and Conditions shall be deemed to have been granted if the Customer does not object to the amendment in writing or in text form within a period of six weeks, beginning on the day following the announcement of the amendment. In the announcement of the amendment, Service Provider shall separately refer to the possibility of objection, the deadline for the objection, the requirement for the objection to be in text form, and the significance or consequences of failure to object.
Service Provider is entitled to send all declarations and notices relating to the contractual relationship to the e-mail address provided by the Customer at the time of registration. The Customer will check their mails regularly and notify Service Provider of any changes in good time.
The order form is a component part of this Agreement. In the event of inconsistencies between these General Terms and Conditions and the order form, the terms and conditions of the order form shall prevail.
The Customer may only offset against or assert a right of retention with respect to claims other than their contractual counter claims from the respective legal transaction concerned if this claim is undisputed by Service Provider or has been legally established.
The Customer may from time to time submit comments, suggestions, ideas, error reports, or other feedback regarding the IP Trust service (“Feedback”). By submitting Feedback, the Customer grants Service Provider a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, fully sublicensable right to use, reproduce, modify, create derivative works from, and otherwise exploit such Feedback for any purpose, without any obligation of compensation or attribution to the Customer. The Customer acknowledges that Service Provider is not obliged to act on any Feedback and that all Feedback shall be treated as non-confidential and non-proprietary. The Customer shall not submit any Feedback that the Customer considers to be confidential or proprietary.
Amendments to this Agreement must be made in writing or in text form. This also applies to the exclusion of the requirement for the written form.
This Agreement and all related disputes (both contractual and tortious) are governed solely by German law to the exclusion of the United Nations Convention on Contracts for the International Sale of Goods.
If the Customer is a merchant, a legal entity under public law or a public-law special fund, the sole place of jurisdiction is that of Service Provider. Service Provider is entitled to sue at the Customer’s registered office.
If any individual provisions in this Agreement are, or become, invalid, the validity of the rest of the provisions shall remain unaffected. The invalid provision shall be replaced by the provision that the parties would have agreed on in good faith, taking economic factors into consideration, in line with the original intended purpose. The same applies in the event of an omission in the Agreement.
This policy is effective as of 27 February 2026.