Terms and Conditions

These Terms govern the use of Overviu, a cloud-based CRM/ERP service provided by Overviu AS, Norway (“Overviu”, “we/us”). By using the Service, you (the business customer, “Customer”) agree to these Terms.

0) Agreement & Order of Precedence

The Agreement consists of: (i) the Order/Offer, (ii) these Terms, (iii) the Data Processing Agreement (DPA), (iv) the Service Level Agreement (SLA), and (v) the Security Schedule.

If documents conflict, they apply in that order. For personal data processing, the DPA prevails.

1) Service & Scope

Service. Cloud CRM/ERP with integrations to common business systems (e.g., accounting, productivity, identity), internal collaboration, optional AI features, and optional sensor/IoT data ingestion.
Access. Subscription-based; non-exclusive, non-transferable right for Customer’s internal business use.
Changes. We may improve or modify the Service; material deprecations are notified when reasonable.
Availability & Support. See SLA for uptime and response targets.

2) Accounts, Use & Customer Responsibilities

Users. Customer provisions users and permissions and is responsible for their actions.
Acceptable use. No unlawful content or activity; no security bypass, interference, malware, spam, scraping beyond intended use, or reverse engineering except as permitted by law.
Credentials. Keep credentials confidential; enable available security controls (e.g., MFA).
Customer Data. Customer controls the accuracy and lawfulness of data (including personal data) entered into the Service and ensures a valid legal basis for processing.

3) Third-Party Integrations

Customer may connect the Service only via Overviu-provided connectors or the Overviu public API as documented by Overviu. Custom or unsanctioned integrations require Overviu’s prior written approval.
Overviu may refuse, suspend, or revoke integrations that, in its reasonable judgment, affect security, performance, availability, or compliance.
Customer must comply with Overviu’s API terms, rate limits, and security requirements, and with the third-party provider’s terms.
Data flows. When data leaves Overviu via an integration, the third party’s terms and privacy measures apply.
Disclaimer. Integrations can change or be discontinued; Overviu is not liable for third-party availability, accuracy, or security.

4) Subscription, Fees & Non-Payment

Fees & billing. Prepaid monthly or annual per Order; prices exclude taxes; invoices Net 30. Usage/overages, if any, may be billed in arrears. Fees are non-refundable unless required by law.
Renewal. Auto-renews for the same term unless cancelled before renewal (annual: 30 days; monthly: before next period).
AI usage fees. Any usage-based costs from third-party AI/LLM providers triggered by Customer’s use of AI features (e.g., token/processing fees) may be passed through to Customer and invoiced in arrears at the then-current provider rates (plus applicable taxes). Provider rate changes take effect when imposed by the provider.
Price changes. Notified before renewal; indexation may apply.
Non-payment. We may suspend after reminder and reasonable grace period.

5) Data Protection (GDPR under Norwegian law)

Roles. Customer is Controller; Overviu is Processor and acts only on documented instructions. The DPA is incorporated and prevails for processing.
Location. Customer Data is stored exclusively in Norwegian data centres. Hosting remains in Norway regardless of where Customer’s users access the Service from.
Transfers. Overviu does not transfer Customer Data outside Norway/EEA unless Customer enables an integration that requires it and lawful transfer mechanisms are in place.
Measures. Appropriate technical and organisational measures, including encryption in transit/at rest, access controls, and logging, as further outlined in the Security Schedule.
Breach. We notify Customer without undue delay upon becoming aware of a personal-data breach and cooperate on mitigation/required notifications.
Export & deletion (active vs. backups). Upon termination, Customer may export data within 30 days; we then delete Customer Data from active systems.
Backups are immutable and retained for up to 10 years for disaster recovery; selective deletion in backups is not feasible. Backups are accessed only for DR; if a restore occurs, prior deletion instructions are re-applied in the restored environment.

6) AI & Sensor Features

AI. AI outputs are assistive, may be inaccurate or incomplete, and are not professional advice. Customer remains responsible for decisions made using AI outputs.
Customer Data is not used to train foundation models without explicit opt-in.

AI usage fees. Customer acknowledges that use of AI features may incur third-party AI/LLM charges (e.g., token or processing fees).
Overviu may pass through such charges to Customer and invoice them in arrears at the provider’s then-current rates (plus applicable taxes).
Overviu may disable AI features for accounts with overdue balances or if continued use would incur unpaid third-party costs.

Sensors/IoT. Overviu ingests/visualises the device data Customer connects; Overviu performs no autonomous actions. Customer is responsible for lawful deployment and use of sensor data.

7) Confidentiality & Intellectual Property

Confidentiality. Each party must protect the other’s non-public information with reasonable care and use it only to perform the Agreement.
IP & Ownership. Customer owns Customer Data. Overviu owns the Service and related IP. Operational metrics.
Overviu may produce internal operational metrics and service usage measures for running and improving the Service; these will not disclose Customer Confidential Information, and Overviu will not publish customer-identifying statistics without Customer’s prior consent.

8) Warranties, IP Claims & Disclaimers

Performance. Overviu will provide the Service with reasonable skill and care.
IP claims (no indemnity). If a third party alleges that the Service (as provided by Overviu) infringes their IP, Overviu may, at its discretion: (a) modify or remove the allegedly infringing element; (b) suspend or terminate the affected feature or module. If Overviu terminates an affected paid feature/module, Overviu may offer a pro-rata refund of any prepaid fees for the unused portion of that feature/module.
Overviu does not assume liability to pay third-party damages, settlements, or Customer’s legal fees.
Customer responsibility. Customer is responsible for Customer Data, configurations, and use contrary to law or these Terms.
Disclaimers. Except as stated, the Service and third-party content are provided “as is” and “as available.”
No warranty of uninterrupted operation, fitness for a particular purpose, or non-infringement. Outputs (including AI/analytics) are informational only.

9) Liability

No indirect damages. Neither party is liable for indirect or consequential loss (including lost profits, revenue, data, goodwill, or business interruption).
Cap. Each party’s total aggregate liability in any 12-month period is limited to the fees paid/payable by Customer for the Service in that period.
Mandatory carve-outs. Nothing limits liability that cannot be limited under Norwegian law (e.g., intent/gross negligence).
Service interruptions & data loss. Remedies are limited to reasonable restoration efforts, any applicable service credits, and the liability cap.

10) Suspension & Termination

For convenience. Customer may cancel per Section 4; access continues to the end of the current paid term.
For cause. Overviu may suspend/terminate for material breach (including non-payment, misuse, or security risk) with notice and, where feasible, a cure period; immediate action may be taken for severe violations or legal requirements.
Effect. Upon termination: data export/deletion per Section 5; clauses on payment, confidentiality, IP, data protection, disclaimers, liability limits, and governing law survive.

11) Miscellaneous

Assignments. Customer may not assign without consent (except to a non-competitor successor assuming these Terms). Overviu may assign to an affiliate or in corporate transactions.
Compliance. Each party complies with applicable law.
Open source. The Service may include OSS components; notices available upon request.
Force majeure. No liability for failures caused by events beyond reasonable control.
Amendments. We may update these Terms; material changes will be notified before taking effect. Continued use constitutes acceptance.
Entire agreement. The Agreement (Order, these Terms, DPA, SLA, Security Schedule) is the entire agreement.

12) Governing Law & Venue

Norwegian law governs. Exclusive venue: Sogn og Fjordane tingrett. Parties will first seek amicable resolution. Language. The English version controls if translations differ.

Service Level Agreement (SLA)

Support hours. Monday–Friday 08:00–16:00 CET, excluding Norwegian public holidays.
Response targets (measured within support hours).

• P1 Critical: response within 1 business hour
• P2 High: response within 4 business hours
• P3 Normal: response within 1 business day

Uptime target. 99.9% per calendar month.
Planned maintenance. Advance notice when reasonable; planned maintenance and force majeure are excluded from uptime calculation.
Remedy. Service credits are the sole and exclusive remedy for SLA shortfalls.

Security Schedule

Encryption. In transit (TLS) and at rest.
Access & logging. Role-based access and event logging appropriate to the Service.
Backups. Daily backups retained for up to 10 years, Norway only, immutable; used only for disaster recovery. No geographic redundancy outside Norway. Selective deletion in backups is not possible. If a restore occurs, prior deletion instructions are re-applied.

Data Processing Agreement (DPA)

Purpose & Term. Overviu processes personal data to deliver, secure, and support the Service during the subscription term and for a limited post-termination period to enable export and deletion from active systems.
Backups are immutable and retained for up to 10 years for disaster recovery only.
Sub-processors. Used where needed under equivalent obligations; list kept up to date (e.g., hosting/infrastructure, email, telephony/SMS).
International Access vs. Transfers. Customer’s users may access the Norway-hosted Service from outside Norway/EEA; this does not change hosting location nor constitute an Overviu-initiated transfer.
Transfers outside Norway/EEA occur only if Customer enables an integration that sends data out, and then only with valid transfer mechanisms.
Assistance, Breach, Audit. As per the standard form (reasonable assistance; breach notice without undue delay; reasonable audit on notice).
Return & Deletion. On termination, Customer may export data within 30 days; Overviu deletes from active systems thereafter.
Backups are retained up to 10 years; selective deletion is not feasible; prior deletions are re-applied upon any restore.