Service Description for the Webhosting / HomepageTool Tool

Service Description for the Webhosting / HomepageTool Tool 1 Area of application The «Webhosting/Homepagetool Service Description» («Service Description») of Swisscom (Switzerland) AG («Swisscom») applies in the area of webhosting, in addition to the Terms and Conditions of Business for Swisscom services («AGB»). In the event of inconsistencies, this Service Description takes precedence over the terms and conditions of business. The subject of this Service Description is Swisscom s webhosting and homepagetool services ( «Services»). Additional components of this Service Description are the following documents: Web Hosting Code of Conduct Web Hosting Spam Policy Code of Conduct Hosting ("CCH") of the Swiss Internet Industry Association ("simsa") Service description for the registration and management of domain names by Swisscom (for customers who have a domain name registered by Swisscom). These documents are published on http://www.swisscom.ch/hosting-en www.swisscom.ch/homepagetool-en and shall be deemed to have been accepted by the customer upon registration for a service or the continued use of a service. In cases where Swisscom makes available software of third parties, the customer shall be deemed to have accepted the license agreement terms of the corresponding right holders to this software by using the software. The services may only by used by customers who are resident or have their registered office in Switzerland. 2 Swisscom services 2.1 Web hosting The web hosting service provides for the hosting of a customer's website on the Swisscom web server for a fixed monthly fee. The individual web hosting packages and further information can be found at www.swisscom.ch/hostingen HomepageTool The HomepageTool service allows customers to create, design and update their website for a fixed monthly fee. The individual HomepageTool packages and further information can be found at www.swisscom.ch/homepagetool-en. A HomepageTool package cannot be procured separately and can only be subscribed to in conjunction with a web hosting package. 1/8

2.3 Upgrade/downgrade It is possible to upgrade a service to a higher quality package and downgrade a service to a smaller package at any time without incurring any costs. 2.4 Technical adjustments Swisscom aims to maintain its infrastructure to the latest industry standard. New technical developments, security requirements and/or changes to the service range of Swisscom s contractual partners or to the software used by Swisscom may result in the extension or restriction of the service range. This shall not give customers the right to terminate the contract as long as the aforementioned changes do not greatly disadvantage the customer and are not subject to a charge. 2.5 Technical support 2.5.1 Fault acceptance The Swisscom Help Desk is available to customers round the clock (7x24h) for technical support in the case of faults, and can be contacted in German, English, French and Italian on free phone number 0800 888 500 and also at webosting.admin@swisscom.com 2.5.2 Maintenance windows Where possible, Swisscom will inform customers in good time about business interruptions which are necessary for the purpose of faults rectification, periodic maintenance work, the introduction of new technologies, etc. Swisscom aims to keep interruptions to a minimum and to schedule them at times of low traffic. 2.5.3 Restoration of data Swisscom services do not include the restoration of data in cases where data is lost. The customer shall be solely responsible for backing up all of his or her data (incl. emails). If data still exists at Swisscom, the customer shall have the opportunity to request the restoration of data by Swisscom against payment for the effective time and effort involved. This shall not include HomepageTool data. Homepagetool data cannot be restored. 3 Customer contribution 3.1 Duty to cooperate Infrastructure The customer shall create and maintain the necessary infrastructure, in particular an internet connection, the required software and hardware and a domain name, in good time and at his or her own expense. If the customer does 2/8

not possess the latter, this can be obtained from Swisscom. Furthermore, the customer is obliged to keep the software that he or she uses technically up to date, maintain the software on a regular basis, perform regular updates and follow any instructions from Swisscom with regards to the maintenance, updating or deletion of software. Passwords The customer shall undertake to choose suitable passwords, store them with care and protect them from access by third parties. The customer shall be personally responsible for access to his or her account. If the customer identifies misuse of his or her account, he or she must inform Swisscom immediately. Data backup The customer shall ensure the additional separate backup of his or her data. Faults The customer must immediately report faults to the Swisscom Helpdesk on the free phone number 0800 888 500. Should the customer suffer any losses due to the failure to immediately report a fault, the customer shall be deemed responsible; Swisscom shall assume no liability for any resulting losses. Responsibility for content and accounts Swisscom shall not be obliged to check the hosted content. The customer shall be responsible for content of any form which he or she publishes on websites hosted by Swisscom. Illegal, offensive or prohibited content as well as content which results in the disturbance or personal harassment of third parties shall not be allowed. In particular, content which constitutes a crime (namely in the areas of pornography, racism or defamation) and breaches the rights of third parties, in particular intellectual property rights in a broader sense (e.g. copyrights or trademarks) or personal rights, shall not be permitted. Swisscom has undertaken to comply with the rules of the simsa CCH. If there is evidence of prohibited content, the CCH stipulates a so-called notice and takedown procedure. The customer is obliged to obtain the required knowledge of this procedure. The customer accepts that Swisscom shall view the hosted content if: - it receives notification that content hosted by Swisscom is prohibited (notification pursuant to the CCH) - Swisscom is asked to do so by a court or authority - Swisscom could make itself legally responsible or liable 3/8

- Swisscom wishes to perform a spot check. The inspection following the receipt of notification takes place pursuant to the notice and takedown procedure defined in the CCH. The detailed Code of Conduct is published in the Web Hosting Code of Conduct at http://www.swisscom.ch/de/business/kmu/ithosting/webhosting.html. The customer shall also ensure that his or her web hosting account is not misused by unauthorised third parties for prohibited attacks and manipulations (spam, phishing, DDoS attacks, malware, etc.). Normal use for business customers and private customers The web hosting service is intended to be used for purposes which fall within the scope of normal usage for business customers and private customers, respectively. This normal usage for business customers and private customers does not include the use of the web hosting service for the purpose of saving data. Should there be any indication that the customer is using the service for the purpose of saving extensive volumes of data, Swisscom shall reserve the right to suspend or restrict the service provision at any time, terminate the contract or initiate other suitable measures. The customer is also not authorised to make available to third parties (free of charge or for a fee) any service which it has procured. 3.2 Imprint obligation for electronic e-commerce Customers who present offers (goods, works, services) on their website which are publicly accessible are obliged to incorporate the following information in their websites: - Customer s first name and surname; in the case of companies the name of the company; - Address of place of residence or company s registered office; - Telephone and fax number(s), email address(es) and any other available contact addresses which enable direct and efficient communication. Post Box addresses or the possibility of email communication solely via a contact form will not suffice. 3.3 Lacking identity of domain holders webhosting customers If a customer purchases the web hosting service on the basis of a domain name which belongs to a third party, the customer shall be deemed to have provided a guarantee upon purchasing the web hosting service and/or accepting this 4/8

service description that he or she has been authorised by the domain holder to procure the web hosting service for the corresponding domain name in his or her own name. If a person proves that the domain name used by a customer together with the web hosting service does not belong to the customer, but rather to the person in question, Swisscom shall terminate the existing web hosting contract with the customer (see section 7.3) at the request of the domain name holder and reactivate the domain name for the holder. It is not possible to transfer the existing web hosting agreement or the content from the customer to the domain name holder. The contract with the existing web hosting service customer shall be terminated. The existing customer shall be personally responsible for backing up the content. The domain name holder shall have no entitlement to the content and data of the original web hosting account with his or her domain. The data can neither be backed up by Swisscom nor can the content and configuration of the original website be migrated to the web hosting account operated by the domain name holder. 3.4 No rights of economic beneficiaries vis-à-vis Swisscom Customers of the webhosting service can only be a natural or legal person; several persons together who do not represent a legal entity cannot be a customer collectively. If a customer purchases the webhosting service in his or her own name, the legal relationship only exists between this person and Swisscom even if this person operates the website on behalf of an association or legal person. The association or beneficial owners have no right to the corresponding web hosting account or to notification of the relevant access data. In order to avoid internal disputes as regards authorisation for the account, associations in particular are advised to purchase the domain name and the web hosting service in the name of the association and not in the name of the association member responsible for the operation of the website. 4 Billing/Payment default 4.1 Billing The payment obligation shall begin upon activation of the relevant service by Swisscom. Any delay caused by the customer shall not release him or her from the payment obligation. Swisscom shall invoice the customer the monthly amount with the next invoice. If the customer pays by credit card, he or she will be charged the monthly amount immediately. The fee will subsequently be debited on a monthly basis. 5/8

4.2 Payment default If the customer has not paid the invoice by the due date or within the specified payment period, Swisscom may interrupt service delivery after an unsuccessful reminder, i.e. temporarily block the customer s webhosting account, take other measures to prevent damage and/or terminate the agreement without notice and compensation. In this case all domain names will be released for deletion provided they are registered and billed via Swisscom. In the event of temporary blocking of the customer s webhosting account, Swisscom shall demand a fee of CHF 10.00 to reactivate the account. Monthly fees are still owed during the temporary blocking period. 5 Data protection In addition to the data protection provisions in the GTC, the customer accepts that, in the event of a seizure by an authority or serious grounds for suspicion on the part of Swisscom, the non-public areas of the customer's web hosting account may be accessed. 6 Warranty/Liability In addition to the warranty and liability provisions in the GTC (sections 11-12), the following provisions shall also apply. In the event of inconsistencies, these provisions shall take precedence over those in the GTC. The liability of Swisscom and third parties working on behalf of Swisscom for losses suffered in the event of slight or moderate negligence is excluded. Swisscom shall also accept no liability to the extent permitted by law for consequential losses, loss of production, lost earnings or loss of data. Should the customer fail to perform a separate data backup (section 3.1) and data is lost, Swisscom shall accept no liability to the extent permitted by law for the lost data and the resulting losses. Swisscom does not bear any responsibility for the faults and freedom from defects of the software used by the customer and cannot guarantee that the services will work flawlessly on all the customer s end devices. If changes are made to name server information (DNS), Swisscom shall not be liable for delays caused by the customer (e.g. delayed response to confirmation emails). Swisscom shall accept no costs for work carried out by the customer or third parties working on behalf of the customer in connection with the limitation and/or rectification of any faults relating to a service. Costs for work carried out by Swisscom in connection with the limitation and/or repair of any faults relating to one of its services shall also be borne by the customer if the customer has demanded the inspection and the cause of the fault is attributable to the 6/8

behaviour of the customer or the equipment it uses. The customer shall be liable for all costs incurred by Swisscom as a result of third parties asserting claims against Swisscom in connection with content on the hosted customer website. This shall also include, in particular, court costs imposed on Swisscom. Swisscom may take recourse against the customer at any time and charge any costs to him or her. The costs incurred by the customer as a result of claims asserted by third parties shall be borne in full and exclusively by the customer. 7 Measures in the event of misuse Swisscom reserves the right to take measures and sanctions that it deems appropriate: - if there is concrete evidence or justified suspicion of illegal or criminal conduct (e.g. via spot checks) - if the Code of Conduct is breached - in the event of any other misuse of the websites - if the requirements of the CCH are met - if a corresponding court or official order is received. Swisscom has the right, either with or without advance warning depending on the circumstances, to: - prompt the customer to ensure that the website is legally compliant and to act in a lawful manner - implement the notice and takedown procedure in accordance with the CCH - fully or partially block access to the customer website and stop the hosting services - suspend the services and block access to the customer website - terminate the contract without notice and without providing compensation - disclose the identity of the customer to the courts and authorities or third parties at the request of the former - inform the criminal authorities and/or the Cybercrime Coordination Unit Switzerland (CYCO) of the actions and identity of the customer in the event of criminal conduct by the customer or third parties acting under his or her supervision - demand compensation - take other measures. Swisscom shall be authorised to charge the customer for any costs arising in connection with the handling of a notice. For any other losses incurred by Swisscom on the basis of asserting claims, the customer shall be liable to pay Swisscom compensation. Swisscom may demand collateral from the customer 7/8

as a precautionary measure in order to cover such losses. If this collateral is not paid, Swisscom may discontinue the service. 8 Termination 8.1 Termination of services by notice The services may be terminated by each party prior to the expiry of the monthly subscription, but no earlier than at the end of the minimum contractual term of 12 months. The customer may terminate the service via his or her account at www.businessapps.swisscom.ch. The termination of the web hosting service automatically results in the termination of the HomepageTool service. In the case of a domain name registered by Swisscom for the customer, the relevant domain name shall be cancelled on the next possible cancellation date in accordance with the contractual provisions of the relevant register operator. If the customer wishes to continue using the domain, he or she may transfer it to a new provider (in his or her control panel). The customer shall assume sole responsibility for seeking a (new) provider for his or her domain names or concluding a corresponding agreement directly with the register operator and ensuring the timely domain transfer (i.e. before the expiry of the registration term with Swisscom). 8.2 Termination at the request of the domain name holder If the domain name holder, who is not identical to the customer of the web hosting service, asserts his or her rights to his or her domain name (section 3.3), Swisscom shall be entitled at all times to extraordinarily cancel the web hosting service (possibly together with the HomepageTool) by giving 15 days' notice. Swisscom, April 2014 8/8

Service Description for the Registration and Administration of Domain Names by Swisscom 1. Area of application This Service Description govern the conditions for the registration, administration, and use of domain names under the domains.ch,.li,.com,.net,.org,.biz,.info and.mobi, as well as the legal relationship between Swisscom (Switzerland) Ltd (in the following, Swisscom ) and the customer (in the following, also the Holder ) that avails itself of domain registration and domain parking services (in the following, the Services ). The information provided on the website about the Services is non-binding and subject to change. The customer selects the Service to be provided by Swisscom from the portfolio of services available at the time of use and sends its legally binding order to Swisscom. By submitting a request for registration of a domain name or for transfer of same to Swisscom, the customer accepts the terms and conditions of this Service Description. 2. Integral parts of the contract The integral parts of the domain name registration contract are: a) this Service Description b) the current Swisscom price overview for domain names (http://www.swisscom.ch/hosting). c) includes the currently applicable procedural regulations for the dispute resolution service that are stipulated by Switch and ICANN. In addition, all basic regulatory conditions are applicable to the claimed domain name under the domains.ch/.li/.com/.net/.org/.biz /.info. /.mobi. The customer is responsible for obtaining information about these. 3. Registration and administration of domain names by Swisscom 3.1 General At the customer s request, Swisscom will undertake the registration of At the request of the customer, Swisscom shall initiate the registration of.ch /.li /.com /.net /.org /.biz /.mobi and.info domain names with OpenSRS (registrar). The customer must comply with the relevant registry s requirements pertaining to the spelling of and the number of characters in the domain, as well as implement corresponding instructions. 1/11

Registration of a domain name for which several valid requests have been submitted will be based on the chronological order in which they are received (first come, first served). A domain name may be held by a natural person or legal entity resident in Switzerland. Each registration will be made on behalf of and for the account of Swisscom. The costs will be charged to the customer. 3.2 Domain parking The domain parking service allows the customer to maintain all domains registered by Swisscom despite the termination of the web hosting contract (see web hosting service description) up until the domains' expiry date (no longer than one year). An extension is excluded. If the customer wishes to keep the domains, he or she must transfer these to a different registrar prior to the expiry date. (see Web Hosting Service Description). 3.3 Refusal of registration Registration will be refused if the applied-for domain name is identical to a domain name that has already been registered, to a domain name in a registration request submitted earlier and still being processed, or to one in the transition period. It will also be refused if the domain name is reserved for a governmental authority. Moreover, Swisscom may refuse registration if: - important technical reasons or compliance with international standards require it; - the ability to pay is in doubt, in particular, if the future holder designated in the request is insolvent, is in default of bill payments for domain names already assigned, or does not pay the advance that Swisscom may request for the assignment of domain names for amounts in excess of CHF 500.00; - there is an evident risk that Swisscom could make itself legally liable due to the registration of the domain name; - the applicant cannot be contacted for queries or does not reply within 10 days. Notification of refusal of a registration of a domain name will generally be given within 10 working days from receipt of the request. With the refusal of registration, the request in question lapses and the relevant domain name becomes available. 2/11

3.4 Revocation of registration Swisscom can revoke the registration of domain names if: - the Holder breaches the applicable law; - the Holder breaches the contractual relationship with Swisscom and does not cure the breach by a deadline set by Swisscom; - fees are not paid in accordance with the contract; - the Holder breaches its duty to keep its personal data up-to-date; - there is an evident risk that Swisscom could make itself legally liable due to the registration and/or use of the domain name; - the Holder has died or has been deleted from the commercial register as a result of bankruptcy or liquidation; - other important reasons require it. With revocation, the domain name is deleted from the respective databases. With deletion, the domain name becomes available for re-registration after a transition period. 3.5 Transfer and assignment Upon the successful completion of the registration, the customer shall be deemed to be the holder of the domain name and assume sole responsibility for its use. The customer shall have the right at all times to request a transfer to a different registrar or a transfer directly to the register operator and may also request a change in domain ownership, provided the amounts due have been paid in full. In addition, Swisscom will transfer a domain name from the Holder to a third party if it is presented with a decision of a court or arbitral tribunal enforceable in Switzerland, a decision of a Swiss criminal prosecution, administrative, or regulatory authority enforceable in Switzerland, an expert's decision of a mandatory dispute resolution service, a settlement concluded in or out of court by both parties, or a writing, according to which Swisscom, without being a party to the corresponding proceedings, is directly instructed to transfer the domain name to the third party or in which the consent to the transfer to be given by the Holder is contained or by which such consent is replaced. Deletion through revocation will occur in place of transfer if such instruction takes the place of transfer in one of the aforementioned documents. In all cases, the third party must submit a certificate of the enforceability of the decision. 3/11

3.6 Lawfulness Swisscom shall deem an application to register a domain name as a binding guarantee from the customer submitting the application that he or she is authorised to resister the domain name in question. The customer shall guarantee that the registration is legal, i.e. that the chosen domain name does not breach any rights or legislation (e.g. trademark law, competition law) and that it also does not infringe moral standards. Swisscom shall be under no obligation to check the authorisation of the customer to register a domain name. The customer is fully liable to Swisscom for any third-party claims related to unlawful registration or transfer of domain names. If there is a specific indication or justified suspicion that the customer is not entitled to register or transfer a domain name, Swisscom reserves the right to refuse to provide the corresponding Service from the outset. 3.6 Blocking and other measures In the event it receives one of the documents mentioned in Section 3.5, Swisscom is likewise entitled to block the transfer of a domain name temporarily, i.e. to block the transfer of a domain name to a new holder at least until further notice, without Swisscom being a party to the corresponding proceedings. In addition to or instead of blocking, the aforementioned authorities may also order that the name server assignments for the domain names concerned be deleted. Other measures ordered by all authorities remain reserved. If Swisscom determines that the customer has misused its Services or used data and information in an unauthorised manner, then Swisscom is entitled, including without prior notice, to suspend its services until such time as the lawful condition has been restored or to delete the name server assignment to a domain name and block it for a certain period of time. 4 Customer s obligation to cooperate 4.1 Duty to provide truthful information Duty to maintain data When ordering and using the Services, the customer is obligated to provide truthful information to Swisscom. A valid request for registration of a domain name must contain up-to-date, complete, and correct information about the Holder, the indicated contacts, and the name servers. Only the Holder is entitled to delete the name server or to change the IP address. In addition, the customer is responsible for ensuring that all customer data recorded pursuant to the order (in particular, main representative and other 4/11

contacts) are kept up-to-date, complete, and correct for the entire term of the registration. For Swisscom, only the respective data registered in the database are authoritative. Swisscom is not obliged to take note of data communicated other than via the order or to itself conduct research into the accuracy of these data. If the data prove to be incomplete, inaccurate, or not up-to-date and the customer fails to correct same within 10 calendar days of having been required by Swisscom to do so, or if the identity of the customer cannot be determined, or if messages from Swisscom are undeliverable, Swisscom is entitled to revoke this customer s domain name and to terminate the contract. The Holder is responsible for ensuring that with regard to personal data listed in the request for registration or in connection with the administration of the domain name, the persons concerned have given their consent to disclosure to and processing by Swisscom and its partners. 4.2 Duty of verification The customer undertakes to verify the correctness of Swisscom messages and processed requests within 14 days. If the customer fails to so verify, it forfeits any possible liability and other claims against Swisscom in connection with any possible errors in the respective messages. 4.3 Passwords The passwords provided by Swisscom to the customer or to the main representative designated by the customer, as well as other identification parameters, are intended for personal use by the customer and are to be kept confidential. The customer itself is fully liable for the use of passwords and identification parameters. 4.4 Dispute resolution proceedings Neither the registries used by Swisscom nor Swisscom itself will judge who may have a better right to use the domain name, whether at the time of registration or thereafter. Likewise, neither will review content placed on websites. Neither the register operator nor Swisscom itself shall judge upon registration or at a later time who possesses greater right to the use of a domain name. If the parties are unable to agree on the entitlement to a domain name or the legality of its use, the register operator in question shall make available a mandatory dispute resolution service which is subject to a fee. Any decisions made by the relevant dispute resolution service are binding on the customer 5/11

(the Holder) even if it does not proceed to the merits in the dispute resolution proceedings. The dispute resolution proceedings are subject to the relevant rules of procedure in the version currently in effect. In any case, litigation in court is reserved for both the Holder and third parties. 5 Billing All costs arising in connection with registrations, domain parking and transfers shall be charged to the customer for the selected contract duration in advance in accordance with the currently applicable price list. The bill must be paid on or before the due date set forth in the billing statement. The setting off of reciprocal claims of the contracting partners is precluded. If the customer has not paid the bill by the due date, it will thereupon deemed to be in default, and Swisscom may, to the extent permitted by law, suspend its service provision for all Services, take additional measures to prevent further damage, and/or terminate the contract without notice and without paying any compensation. The customer bears all costs incurred by Swisscom as a result of payment default. In particular, the customer will owe Swisscom default interest of 5%, as well as a fee of CHF 20.00 for each payment reminder notice. In the event of debt collection by third parties, the customer will owe additional fees for their collection efforts. 6 Guarantee Swisscom guarantees that the Service will be provided in a technically correct manner and with due care. Swisscom will make every effort to have incoming requests registered as soon as possible. Beyond that, Swisscom does not give any guarantee as to the availability and error-free nature of the Services and systems of Swisscom and of third parties collaborating with Swisscom (in particular, registries). 7 Liability 7.1 Liability of Swisscom In the case of breaches of contract, Swisscom shall assume liability for any proven losses, provided it cannot demonstrate that such losses are not attributable to any fault or negligence on its part. Liability for losses in the event of slight or moderate negligence is excluded. Swisscom shall accept no liability for: damages and disruptions in service caused by failure by the Holder or a contact person to comply with a contractual provision; 6/11

damages and disruptions in service caused as a result of use outages, interruptions of operation, power failures, various attacks, and the like in connection with telecommunications networks and/or the Internet and/or in connection with software employed by the Holder or third parties for using the Internet; indirect, direct or consequential losses such as lost earnings, unrealised savings, third-party claims and loss of data (to the extent permitted by law), costs and damages incurred by the customer in connection with compliance with an expert's decision in the dispute resolution proceedings; damages from misspellings by the customer or transmission errors, as well as incorrect registrations or transfers resulting from same; untimely registrations or transfers; unlawful registration or transfer of the domain name by the customer (e.g. in the case of a domain name that is in breach of trademark); execution of unauthorised changes or requests by Swisscom, insofar as unauthorised third parties became aware of the password due to its being safeguarded and handled or made accessible without the requisite due care. The customer shall have no contractual relationship with the respective register operator, meaning that the register operator in question shall have no liability with respect to the client. 7.2 Liability of the customer The customer undertakes to indemnify Swisscom against all third-party claims lodged against Swisscom under or in connection with unlawful registration and/or use of a domain name (e.g. infringement of trademark rights, violation of the Act on Unfair Competition [Unlauterer-Wettbewerbs-Gesetz, UWG]). The damages to be indemnified also cover the costs for expert legal representation of Swisscom. The customer undertakes to provide Swisscom and third parties engaged by it with assistance in any proceedings. The Holder of the domain name is responsible for the actions and/or omissions of third parties engaged by it to the same extent as for its own conduct, and it is liable to Swisscom for same. 8. Data protection 8.1 General Swisscom will comply with applicable regulations when handling data, in particular, the 7/11

Telecommunications Act and the Data Protection Act. Swisscom will only collect, store and process the personal data of contact persons as may be required for the provision of Services, the finalisation and maintenance of the customer relationship, namely the guaranteeing of a high level of Service quality, for the security of operations and infrastructure, as well as for billing. The customer agrees that Swisscom > may obtain information regarding the customer in connection with the conclusion and finalisation of the contract and disclose data relating to the customer's payment behaviour. > may disclose the customer s data to third parties for debt collection purposes > may process the customer s data for marketing purposes, namely for the organisation and development of its Services as needed and for customised offers, and that the customer s data may be processed for the same purposes within the Swisscom Group. The customer may restrict or prohibit the use of its data for marketing purposes. > may disclose the personal data of contact persons to foreign and domestic authorities in connection with civil, administrative, and criminal proceedings. Swisscom hereby notifies the customer that for legal reasons, the following data must be publicised on the Internet and made accessible to third parties: - designation of the registered domain name; - full name of the Holder of the domain name; - complete address of the Holder (including email address); - if the Holder of the domain name is a legal person or a general or limited partnership, the names of the natural persons entrusted with representing same; - complete address of the technical contact (including e-mail address); - controlling language for the contract for registration of a domain name; - the date of registration of the relevant domain name and the date of the most recent change to such registration; - IP address of the activated DNS server, and - information as to whether a domain name is secured with DNSSEC. 8/11

8.2 Service provision jointly with third parties If a Service is provided by Swisscom together with a third party, Swisscom may disclose data about the customer to third parties to the extent this is required for the provision of such Services. 8.3 Right of information All contact persons have the right to information about data concerning them that is stored in the data bases and to have same corrected. The customer consents that Swisscom may, upon request, disclose correspondence, receipts, documents, and log files to the registry for a period of 10 years following the ending of the contractual relationship. 9. Termination / Deletion 9.1 General The registration contract between Swisscom and the customer shall be valid for the subscription duration indicated by the customer in the order. The contract can be terminated in writing by either party by giving 30 days' notice to the end of the agreed subscription duration. If the contract is not terminated on time, it shall be extended automatically by the agreed subscription period. 9.2 Termination of web hosting In the case of a domain registered for the customer by Swisscom (.ch/.li/.com/.net/.org/.biz/.info/.mobi), the customer, upon terminating the web hosting contract with Swisscom, shall be able to transfer the domain to a different registrar up to the respective expiry date; in this case, the domain shall not be renewed / registered for a further year. If the domain is not transferred, Swisscom shall be authorised to cancel the domain in question on the next possible cancellation date in accordance with the contractual provisions of the relevant register operator. The customer shall be solely responsible for seeking a new register operator for his or her domain or concluding a corresponding contract directly with the existing register operator in good time, i.e. prior to the expiry of the registration. 9.3 Deletion during the subscription period If the Holder requests deletion of the domain name prior to expiry of the subscription period then in effect, the customer has no claim to pro-rata reimbursement of fees. With the waiver, the domain name is deleted from the relevant data bases. With deletion, the domain name becomes available for re- registration after a transition period. 9/11

9.4 Extraordinary Termination by Swisscom Swisscom is entitled to terminate the contract without notice if the customer breaches contractual provisions or misuses the Services for unlawful purposes. In such cases, the customer owes Swisscom the fees due through regular expiry of the contract, as well as compensation for all additional costs incurred in connection with termination of the contract without notice. Moreover, Swisscom can terminate the contract with the customer if bankruptcy or insolvency proceedings are initiated against the customer or if it otherwise becomes apparent that the customer is no longer able to meet its payment obligations and does not advance costs or provide corresponding security for the next contract term prior to expiry of the contract term. 9.5 Release of domain Transition period If all Services have been paid, the customer may transfer the domain name to a different registry. The customer (the Holder) is solely responsible for transferring the domain name to a different registry. Once termination of the registration Service becomes effective, the domain name is released for re- registration. After a domain name has been deleted, it becomes subject to a transition period in accordance with the rules of the relevant registry, during which period a third party cannot register this domain name. Under certain circumstances, the original Holder can have this domain name registered again, but the Holder has no claim to same. 10. Changes 10.1 Changes to contract conditions Swisscom will make every effort to maintain its infrastructure at the current standard. The customer acknowledges that new technical developments, security requirements, and/or changes in the portfolio of services of Swisscom contract partners, in particular registries, or to open-source software used by Swisscom can result in an expansion or limitation of the portfolio of services, as well as have an impact on prices. Swisscom reserves the right to adjust its prices and Services at any time. Swisscom will inform the customer of any changes in a suitable manner. However, no pro-rata fee adjustment will be made during the subscription period then in effect. Price adjustments as a result of a change in the tax rates (e.g. if VAT is increased) as well as any price increases by third-party providers (in particular, registration entities) are not deemed to be price increases and do not permit termination. Should Swisscom significantly change a Service purchased by the customer to the customer s detriment, the latter may terminate the 10/11

affected Service prematurely without any financial consequences until such time as the change takes effect. Should the customer fail to do so, the changes are deemed accepted. 10.2 Changes to the Service Description Swiss likewise reserve the right to adjust this Service Description at any time. Swisscom will inform customers in a suitable manner in advance of any significant changes. Should the changes be to the customer's detriment, it may terminate the contract with Swisscom prematurely without any financial consequences until such time as the change takes effect. Should the customer fail to do so, the changes are deemed accepted. 11. Transfer Swisscom is entitled to transfer the contract with the customer, together with the rights and obligations thereunder, without the latter s consent to BAKOM or a third party, which then assumes the tasks and obligations under this contract. 12. Place of jurisdiction and applicable law For all.ch und.li domain names, this contract is subject to Swiss law. The place of jurisdiction is Berne. Other courts may have jurisdiction under mandatory law. For the customary domain names (.com /.net /.org /.biz /.info /.mobi), the contract shall be governed by Swiss law, provided the provisions of the registrar OpenSRS do not necessitate the application of other legislation. The place of jurisdiction shall be Bern except where specific jurisdictions are prescribed by law. Swisscom, April 2014 11/11

Webhosting Rules of Conduct These Rules of Conduct relate to all the services of Swisscom (Switzerland) AG (Swisscom) in the field of webhosting. 1. Definitions "Hosted domain name": DNS domain name which is listed on one or several Swisscom webhosting name servers. "Hosted content": All information which is saved on Swisscom webhosting systems or is retrievable via a domain name hosted by Swisscom webhosting. The hosted content also includes information accessible indirectly via links as well as contents of blackboards, guest books, mailing lists and the like. It is irrelevant whether the information is accessible to an unlimited or only a limited group of users (so-called members area). 2. Code of Conduct General The web hosting service may only be used in accordance with the applicable legislation in Switzerland and abroad, the contracts concluded with Swisscom as regards web hosting and domain name registration and this Code of Conduct. The customer is obliged to ensure that he or she is aware of which hosted content is permitted and to fulfil the stated requirements. Swisscom is not obliged to provide its customers with legal information on the content or domains allowed within the scope of the webhosting and registration services. The customer is personally responsible for compliance with all the legal and/or contractual requirements and should seek legal advice, if necessary at its own expense. Illegal hosted content and illegal actions Illegal or offensive contents as well as content which leads to the annoyance or personal harassment of third parties may not be published on the websites hosted by Swisscom. 1/4

The following rules are examples of what is not allowed in Swisscom webhosting: Committal of a criminal offence (fraud, illegal gambling, etc.) with the assistance of the web hosting service by the customer or by a third party acting under the supervision of the customer. The offer, dissemination or making accessible of content that is unlawful under criminal or private law (depictions of violence against human beings and animals as well as pornography pursuant to Art. 197 of the German Penal Code, propaganda campaigns promoting racial discrimination, defamation, slander, dissemination of racist ideologies and contents and/or racist propaganda; The offering or making accessible of other pornographic content not prohibited under criminal law (also so-called soft pornography) without effective age checks of the consumer group; Unauthorised procurement, saving, distribution or making available of content that is legally protected (content protected by copyrights of all kinds and content that is subject to trademark, data protection, design and patent legislation). The transmission of mass advertising contravening the Swisscom Webhosting Spam Policy; The use of Swisscom webhosting infrastructure to obtain e-mail addresses without the address holder s consent; Any network abuse, such as the attempt to penetrate a protected computer system and the execution of other processes such as the installation of peer-to-peer software, the execution of brute force programmes, scripts or applications as well as terminal emulations and the like; Any form of network misuse (e.g. attempt to infiltrate a secured computer system) and the performance of other processes (e.g. the installation of peer-to-peer software, the running of brute force programs, scripts or applications, terminal emulations, etc.) as well as the resale or transfer of access to the installed CGI script functions. 2/4

3. Normal use for business customers and private customers (Fair Use Policy) The web hosting service is intended to be used for purposes which fall within the scope of normal usage for business customers and private customers, respectively. This normal usage for business customers and private customers does not include the use of the web hosting service for the purpose of saving data. Should there be any indication that the customer is using the service for the purpose of saving extensive volumes of data or that the customer is using programs which consume unusually high levels of processor power (e.g. in connection with live applications, content management systems for websites, email forwarding functions not exclusively intended for the customer's own service), Swisscom shall reserve the right to suspend or restrict the service provision at any time, terminate the contract or initiate other suitable measures. The customer is also not authorised to make available to third parties (free of charge or for a fee) any service which it has procured. 4. Multiple domain names Multiple domain names (domain pointers) serve to allow users to find the same website under various names and not to divide an account into several sites. A domain pointer may not point to a sub-directory of an already existing site hosted by Swisscom or another service provider. It is not permitted to use domain pointers as a substitute for individual web server accounts. 5. Security guidelines Passwords Passwords or other identification parameters provided to the customer are intended for personal use by the customer and are to be treated confidentially. In general, Swisscom shall assume that individuals using a parameter are authorised to do so. 3/4

Breach of system and network security Breaches of system and network security represent a breach of contract and can, if certain conditions are fulfilled, also lead to criminal liability for the customer. Swisscom reserves the right to notify the law enforcement authorities of the offence. In particular, the following is forbidden: - Checking for vulnerabilities in the system or network without prior consultation with Swisscom (scanning). - Attempting to breach security or authorisation measures without obtaining prior written consent from those affected. This list is not exhaustive. 6. Measures The customer is obliged to take appropriate measures to prevent the illegal use of the service and to immediately inform Swisscom of all suitable precautions for avoiding the misuse of this service. Should the customer suspect the misuse of the service, he or she can contact webhosting.admin@swisscom.com. In the case of breaches of the law, the contract, moral standards or this Code of Conduct, Swisscom shall reserve the right to take measures as laid down in the contract or this Code of Conduct. This shall include, in particular, the deactivation, blocking or termination (including without notice) of the website in question. Furthermore, the customer shall indemnify Swisscom for all claims that are raised against Swisscom in connection with the use of the service by the customer and those individuals acting under the customer's supervision. Swisscom, April 2014 4/4

SPAM POLICY of Swisscom (Switzerland) AG ( Swisscom ) This document regulates the terms for e-mail transmission via Swisscom s web hosting mail server and defines the conditions for the simultaneous transmission of e-mails to several recipients (newsletters, advertising). Why are spam e-mails negative? All pending e-mails for transmission on the mail server end up in queue. If someone places illegal mass advertising e-mails in the queue, normal e-mails will be pushed to the back of the queue and will thus be sent with a considerable delay. In addition, many recipient mailboxes also still have a size restriction. Often, for example, when people are away on holiday, too many spam e-mails are received and their mailbox is this filled up, causing normal e-mails to be rejected. On the other hand, spam e-mails make work for the recipients because they have to separate unsolicited e-mail from allowed ones. What constitutes a so-called spam? Art. 3 o of the German Unfair Competition Act (UWG) provides that unfair competition is committed by anyone who sends mass advertisement without a direct connection to requested content by means of telecommunication or instigates such transmissions and does not obtain the prior consent of the customer, state the correct sender or point out an unproblematic and cost-free way to refuse. When is a mass transmission admissible and not a spam? Anyone who, when selling goods, works or services, obtains customers contact information and points out a way to refuse is not acting unfairly if he sends this customer mass advertising without the latter s consent for his own similar goods, works or services. Without such a customer relationship between the web hosting customer and the e-mail recipient, the transmission of mass advertising is only allowed if the contact data used (e.g. e-mail addresses) was collected in the so-called double opt-in process. What does opt-in and what does "double opt-in" mean? "Opt-in" stands for the option of allowing yourself to be voluntarily registered on a list of recipients (e.g. for a newsletter). That is, anyone wishing to receive advertising from a specific company or organisation registers with it and receives advertising from this company in the future. This means that only consumers who expressly wish to do so receive advertising. Subsequent deregistration must also be possible at all times without any difficulty. In the case of opt-in address lists care must be taken to ensure that the list is not abused and that only people are included that have personally requested it. However, in the normal opt-in process the latter cannot be guaranteed. Unfortunately, in the case of the simple opt-in process there is a danger of misuse, as third parties can enter any e-mail address they want even if the stated e- mail address does not belong to them. For this reason, Swisscom demands the collection of e-mail addresses for mass advertising in the double opt-in process from its customers. The first step corresponds to a simple opt-in. In a further step, the registered e-mail address is assigned to an e-mail prior to the transmission of mass advertising. In this e-mail the recipient is requested to confirm his or her membership and wish to receive the corresponding mass advertising. This may, for example, be by clicking on a link or replying to the e-mail concerned. If the interest in receipt is not confirmed within a specific time period, the address may not be included in the database nor may further e-mails be sent to this address. It must be ensured that the system cannot be bypassed or abused. Furthermore, it is important that the confirmations of recipients are archived. Only by doing so can it be proven at all times that the addresses are effectively confirmed ones. Ausgabe: 22.02.2012 1/3

What does opt-out mean and why should it also be applied? Opt-out gives customers the opportunity, when receiving an advertising e-mail or a newsletter, to immediately unsubscribe to any further deliveries, as a rule with a link contained therein that leads to a deregistration form on the corresponding website. Alternatively, it is also conceivable that the recipient can cancel their name from the list of recipients by means of a reply with a special subject line (e.g. "unsubscribe"). The information explaining how to delete your name from the list of recipients must be visible in each e-mail. What is the correct procedure for transmitting mass advertising e-mails? Mass advertising e-mails and newsletters may only be sent to persons or e-mail addresses which have explicitly requested them. Therefore, it is recommended to correct the current master address database by, for example, sending an advertising-free e-mail to all e-mail addresses disclosed by the customer. Recipients must be informed that they should reply to this e-mail within a specified time period if they wish to continue receiving the sender s advertising e-mails or newsletters. If interest in receipt is not confirmed within this period, the address must be removed from the master address database and no more e-mails may be sent to this address. Furthermore, it is important that the confirmations from recipients of mass advertising are archived. Only by doing so can it be proven at all times that the addresses are effectively confirmed ones. If customers have to specify their e-mail address in connection with the purchase of goods, works or services, they must be informed that they can refuse receipt of subsequent mass advertising for similar goods, works or services. If interested parties can specify their e-mail address on a website, it must be explained on the website what happens to this address. Should the address be used for advertising purposes at a later date, the interested parties must explicitly agree to it. To ensure that the interested parties have really subscribed themselves, Swisscom demands the double opt-in process (see definition above). E-mail addresses may not be sold. The purchase and subsequent use of e-mail addresses conflicts with the legally required opt-in principle. What requirements must newsletters or advertising e-mails satisfy? Recipients must have given their consent in the double opt-in process that they may be contacted in this way. The correct sender must be stated (no old, falsified or invalid address see also imprint obligation pursuant to sub-section 3.2 Service Description). The "To:" line should not contain several recipients. The recipients may not see who receives the newsletter. The addresses must consequently be entered in the "BBC:" field. Recipients must be able to unsubscribe from receiving further mass advertising simply and at no cost. An e-mail may only be sent to a limited number of recipients. Otherwise, the Swisscom mail server will state that the number is too high and will refuse to send all the e-mails. Ausgabe: 22.02.2012 2/3

If there is concrete evidence of a breach of these provisions, Swisscom reserves the right to take measures based on the General Terms and Conditions of Business for Swisscom s services, the Web Hosting/Homepage Tool Service Description and the web hosting rules of conduct. Ausgabe: 22.02.2012 3/3

HOSTING CODE OF CONDUCT (HCC) Notice and take down PREAMBLE simsa (the Swiss Internet Industry Association) has adopted the present Hosting Code of Conduct ("HCC") in order to lay down technologically relevant principles of conduct for Swiss hosting providers in relation to illegal content, to establish these principles as an industry standard, to strengthen legal security and to make it easier for people affected by illegal content to instigate legal proceedings against those responsible. The notice and take down procedure laid down by simsa in the HCC contains principles of conduct that are already incorporated in self-regulatory instruments adopted by European and international associations of Internet Service Providers (ISPs) and hosting providers. When drawing up the HCC, simsa also took note of regulatory requirements, particularly in the USA and the European Union and its member states, applicable to so-called notice and take down procedures and related limitations of liability for hosting providers; it also took into account the fact that the regulatory framework in the European Union is different from that in Switzerland. By adopting this HCC, simsa also recognises the efforts of the Council of Europe and its Committee of Experts on New Media to encourage the inclusion of ISPs in regulatory planning in order to meet national regulatory objectives on the Internet and thereby acknowledge and promote ISPs ability to organise and regulate themselves. In this connection, it also consulted the Human Rights Guidelines for Internet Service Providers drawn up by the Council of Europe in cooperation with the European Internet Service Providers Association (EuroISPA) and welcomes their recognition of the importance of Internet self-regulation. Hosting providers play an important role as intermediaries on the Internet. Without them, Internet communication would be impossible. In order to support the economic, social and cultural potential of their services, they agree to uphold the following principles of conduct. 1. OBJECT AND LEGAL NATURE The HCC is a set of guidelines on how to deal with reports of possible illegal content. It is a document of voluntary self-regulation. 2. ADDRESSEES AND AREA OF VALIDITY The HCC is aimed at companies and individuals that operate hosting services and are subject to Swiss law. Hosting services are services that enable operators of websites and applications to store and process content and make it publicly available to third parties. Any services offered by hosting providers that are not purely hosting services are excluded from the scope of the HCC. In particular, Internet access services and services for storing and processing content and making it available to third parties in an area that is not publicly accessible (e.g. cloud services) are not included. 123876\version februar 2013\130128_simsa_CCH_public.doc

2 3. SIMSA "SWISS QUALITY HOSTING" STAMP OF QUALITY The HCC is designed to help all hosting providers, whether they are simsa members or not, to conduct themselves in accordance with the law. Providers who carry the simsa "Swiss Quality Hosting" stamp of quality must respect the HCC in accordance with the stamp of quality regulations. For other hosting providers, the HCC is a tool that can be used voluntarily. 4. DEFINITIONS 4.1 Illegal content: content that infringes the rights of third parties, particularly intellectual property rights in the broad sense (e.g. copyright or trademark rights), or personality rights, or that constitutes a criminal offence (particularly in the areas of pornography, the portrayal of violence, racism and libel). 4.2 Customer: customer of the hosting provider, who has signed a contract concerning hosting services. 4.3 Notice: communication from a person affected by allegedly illegal content made publicly available by the customer. The sender must be affected by the alleged infringement to a greater extent than a third party or the general public: for personality right infringements and offences that must be reported, this must be the injured party (or their representative), while for intellectual property right infringements it must be the holder of ownership or licensing rights for the content concerned (or their representative). For offences for which proceedings are brought directly by the public prosecutor s office, the sender does not need to be particularly affected. A notice must at least meet the following formal and content-related requirements: (a) name and address of the sender; (b) explanation of why the sender is particularly affected (except offences for which proceedings are brought directly by the public prosecutor s office); (c) URL of the offending web page or sub-page; (d) precise description of the allegedly illegal content; (e) reason why the content is illegal. 5. NO MONITORING OBLIGATION Hosting providers, as intermediaries on the Internet, provide an infrastructure that enables operators of websites and applications to store and process content and make it publicly available to third parties. Hosting providers have no knowledge of the content stored, processed and made available by their customers. Neither are they obliged to actively monitor that content. The customer alone is responsible for content that it stores, processes or makes accessible to third parties using the hosting services. The hosting provider s obligations defined in the HCC are designed to make it easier for people affected by illegal content to instigate legal proceedings against those responsible. 6. NOTICE AND NOTICE 6.1 The hosting provider checks that any notices received meet the formal and content-related requirements laid down in paragraph 4.3. When assessing these requirements, the hosting provider applies the benchmark of a legal layman.

3 6.2 If a received notice does not meet, or only partly meets, the formal and/or content-related requirements of paragraph 4.3, the hosting provider asks the sender of the notice to provide the missing information within two working days of receiving such request. If the sender fails to respond before the deadline or if the additional information supplied also does not meet, or only partly meets, the formal and/or content-related requirements of paragraph 4.3, the hosting provider pays no further attention to the notice. 6.3 If a received notice fully meets the formal and content-related requirements of paragraph 4.3, the hosting provider writes to the customer and to the sender of the notice, generally within two working days of receiving the notice. a) In the letter to the customer, the provider informs the customer that the notice has been received and forwards a copy of the said notice. The provider reminds the customer that the latter bears sole responsibility for content that it stores, processes or makes accessible to third parties using the hosting services. It asks the customer to remove the offending content or to explain why the content is lawful in a letter to the sender of the notice. The hosting provider also informs the customer that it is liable to compensate the hosting provider for expenditure relating to the defence of third-party claims and for any other damage suffered. The hosting provider can demand a surety from the customer as a precautionary payment to cover such damage. In clear cases, the hosting provider can also take direct action in accordance with paragraph 7. b) In the letter to the sender of the notice, the hosting provider confirms receipt of the notice and informs it that it has written to the customer. It informs the sender of the notice that the customer bears sole responsibility for content that it stores, processes or makes accessible to third parties using the hosting services. The hosting provider also tells the sender that the hosting provider is not allowed to disclose customer data. Instead, it informs the sender of possible ways in which it can find the identity of the owner of an Internet domain (e.g. via Whois databases available on the Internet) and which state authorities it can contact in order to assert its claims. In clear cases, the hosting provider can also take direct action in accordance with paragraph 7. 7. NOTICE AND TAKE DOWN 7.1 If a received notice fully meets the formal and content-related requirements of para-graph 4.3 and if it appears very likely that it concerns illegal content, or if the hosting provider itself could be criminally responsible or liable under civil law, the hosting provider can partially or completely block access to the website at its own discretion until the matter has been resolved between the parties concerned or by a court or other authority. 7.2 Immediately before or after blocking a website, the hosting provider informs the customer that a notice has been received, forwards the notice to it and informs it of the reason for the block. At the same time, the hosting provider informs the sender of the notice about the block and the letter to the customer. The hosting provider decides, at its own discretion, whether to report any criminal offence to the KOBIK (national body coordinating the fight against cybercrime) or to the criminal prosecution authorities.

4 7.3 When assessing whether the notice is complete, whether a website should be blocked and whether legal proceedings should be instigated, the hosting provider applies the benchmark of a legal layman. 8. CONTRACTUAL SAFEGUARDS VIS-À-VIS THE CUSTOMER 8.1 The hosting provider ensures that its agreements with the customer contain at least the following regulations and information: a) The customer may only use the hosting services legally. The customer bears sole responsibility for content that it stores, processes or makes accessible to third parties using the hosting services. b) The hosting provider is not obliged to monitor the hosted content. However, it will examine content after receiving a notice, as required by the notice and take down procedure, or if ordered to do so by a court or other authority. The hosting provider reserves the right to carry out spot checks, even if a notice has not been received. c) The hosting provider is entitled to partially or completely block access to the customer s website and withdraw hosting services i) if the relevant requirements of the notice and take down procedure described in its general terms and conditions or in the HCC, if referred to in its general terms and conditions, are met, or ii) if the hosting provider is ordered to do so by a court or other authority or could in some other way be legally responsible or held liable itself, or iii) if a spot test uncovers content that is very probably illegal in the sense of paragraph 4.1. d) The hosting provider describes the notice and take down procedure in its general terms and conditions or refers to the HCC in its general terms and conditions and provides easy access to the HCC on its website. The customer is responsible for finding out about the notice and take down procedure. It notes and acknowledges that the hosting provider can cancel the contract with the customer with immediate effect if the customer fails to follow its instructions according to the notice and take down procedure described in the general terms and conditions and/or the HCC. e) If ordered to do so by a court or other authority, the hosting provider is entitled and obliged to reveal the customer s identity to them or to other third parties. f) The hosting provider is entitled to bill the customer for any expenditure incurred in relation to a notice. The customer must compensate the hosting provider for any other damage suffered as a result of asserted claims. The hosting provider can demand a surety from the customer as a precautionary payment to cover such damage. If this surety is not paid, the hosting provider can withdraw the service. 9. INTERNAL ORGANISATIONAL MEASURES The hosting provider takes internal organisational measures in order to respond to notices quickly. It appoints someone as its head of illegal content and makes clear on its website how and to whom notices should be sent as part of the notice and take down procedure, such as via an online form.

5 10. SAMPLE LETTERS simsa provides its members with samples of the letters mentioned in the HCC that they must send to customers and to senders of notices. 11. NO LIABILITY FOR SIMSA The HCC is a document of voluntary self-regulation. In view of the current legal uncertainty surrounding provider liability, simsa cannot guarantee that hosting providers will be exempt from criminal prosecution or civil liability if they comply with the HCC. 12. ENTRY INTO FORCE This Hosting Code of Conduct enters into force on 1 February 2013. simsa, 1 February 2013, public version (without samples) 1.0