ModbusCloud Terms and Conditions

These terms apply to all services and sales by Avanta Systems under the ModbusCloud brand.

1. Acceptance and applicability

1.1 These general terms and conditions (the "Terms") apply to all offers, agreements and deliveries between Avanta Systems, registered in the commercial register under Chamber of Commerce number 97761362, with its registered office at Ceintuurbaan 15, 8022 AW Zwolle ("ModbusCloud", "we"), and its business customers ("Customer", "you") with respect to the ModbusCloud platform, the associated hardware and related services.

1.2 The applicability of any general terms and conditions of the Customer is expressly rejected. Deviations from these Terms only apply if agreed upon in writing.

1.3 If any provision is null and void or voidable, the remaining provisions shall remain in force. The parties shall replace the affected provision with a provision that reflects as closely as possible the purpose and intent of the original provision.

1.4 The Service and Hardware are supplied exclusively to business customers. See also clause 12.2.

1.5 In the event of a conflict between these Terms, the DPA, any SLA, or an offer, the following order of precedence applies (from high to low): offer or written individual deviation, SLA, DPA, these Terms.

2. Definitions

2.1 Customer: the natural or legal person acting in the exercise of a profession or business who enters into an agreement with ModbusCloud.

2.2 End Customer: the customer of the Customer, for example a homeowner, SME or building owner, whose equipment is made accessible via the Gateway.

2.3 Gateway: the physical Modbus gateway (type MCG-1 or successor) that makes Modbus equipment accessible via the ModbusCloud platform.

2.4 Portal: the web portal at portal.modbuscloud.com, including APIs, dashboards and configuration interfaces.

2.5 Service: the totality of software functionalities that ModbusCloud makes available to the Customer via the Portal, including monitoring, alerting, data logging, automation and, if activated, write functions to Modbus registers.

2.6 Hardware: physical products (including the Gateway) that are sold via the webshop at modbuscloud.com.

2.7 Subscription: the monthly, annual or lifetime right of use of the Service.

2.8 Command or Write Action: writing a value to a Modbus write register via the Service, either directly by a user, via automations or via the API.

2.9 DPA: the data processing agreement in accordance with Article 28 GDPR which forms part of the agreement.

3. Account and account obligations

3.1 The Customer is responsible for the accuracy and currency of the data provided at registration and thereafter.

3.2 The Customer is responsible for keeping login credentials, API keys and tokens confidential. Any use via their account is considered use by the Customer itself and is at their own expense and risk.

3.3 ModbusCloud strongly recommends activating two-factor authentication and using role-based access for employees. The Customer is responsible for access within their own organisation and for that of their End Customers, insofar as they grant them access.

3.4 The Customer shall report suspicions of unauthorised access without delay via info@modbuscloud.com, and in any event within 24 hours of discovery.

4. Permitted use

4.1 The Customer shall use the Service exclusively for the benefit of their own customer portfolio and in accordance with these Terms.

4.2 Resale, white labelling, onward supply as a service to third parties, or offering under a different brand name is not permitted without ModbusCloud's prior written consent. Such consent may be subject to conditions, including a separate reseller agreement.

5. Prohibited use

5.1 The Customer is not permitted:

• to carry out security research or penetration testing on the Service without prior written consent,
• to reverse engineer, decompile or reconstruct the source code of the Service, except to the extent permitted by mandatory law,
• to scrape data on a large scale, circumvent rate limits or abuse the API,
• to introduce harmful code, spread malware or disrupt the availability of the Service for others,
• to deploy the Service for unlawful purposes, including in violation of sanctions legislation or export control rules,
• to deploy the Service for, or incorporate it into, safety-critical applications as referred to in clause 14.6.

5.2 In the event of serious or repeated breaches, ModbusCloud may suspend access in whole or in part or terminate the agreement, see clause 18. Suspension does not entitle the Customer to damages or a refund.

6. SaaS licence grant

6.1 ModbusCloud grants the Customer a non-exclusive, non-transferable and non-sublicensable right to use the Service for the duration of the Subscription, exclusively for the Customer's internal business purposes.

6.2 The right of use terminates automatically upon termination or non-payment of the Subscription.

6.3 ModbusCloud provides no warranty as to the suitability of the Service for a particular purpose, unless such purpose has been expressly confirmed as suitable by ModbusCloud in writing. The Customer is themselves responsible for assessing the suitability of the Service for their specific application, installation and equipment.

7. Availability and maintenance

7.1 ModbusCloud delivers the Service on a best-effort basis with a high obligation of effort regarding availability, but without a separate Service Level Agreement (SLA) provides no guaranteed uptime percentages, no guaranteed response times and no guaranteed resolution times.

7.2 Where possible, we announce planned maintenance at least 48 hours in advance via the Portal or by email. For urgent security patches or emergency maintenance this notice period cannot be met.

7.3 The Service depends on third parties, including (without limitation) Vercel, Supabase, Railway, EMQX Cloud, Stripe, Resend, Google (OAuth and Analytics), Microsoft (OAuth), Moneybird, PostHog, and public networks. Disruptions at these parties, in the internet connection, in the mobile network of the Customer or End Customer, or in the power supply fall outside ModbusCloud's sphere of influence. ModbusCloud is not liable for the consequences thereof, see also clauses 13 and 16.

7.4 A separate SLA can be agreed for an additional fee. As long as no separate SLA has been agreed, there is no right to credits, penalties or damages for downtime, delay or (temporary) unavailability.

7.5 ModbusCloud may temporarily suspend the Service or parts thereof for maintenance, security updates or emergency measures, without this giving rise to any right to damages.

8. Data and ownership

8.1 The Customer remains the rights holder of all device data, measurement data and End Customer data processed via the Service.

8.2 The Customer grants ModbusCloud a limited, worldwide, royalty-free right of use over this data insofar as necessary for providing, securing and improving the Service, as well as for performing legal obligations.

8.3 ModbusCloud may use anonymised, aggregated statistics for product improvement, benchmarking and reporting. Such statistics do not contain data traceable to natural persons or individual Customers.

8.4 Under the EU Data Act (Regulation (EU) 2023/2854), the Customer has the right to free export of the data generated by their equipment in a commonly used machine-readable format. From 12 January 2027, the provisions of that regulation concerning switching providers also apply, including the prohibition on exit fees. ModbusCloud implements these obligations in line with that regulation.

8.5 ModbusCloud provides no warranty as to the accuracy, completeness, currency, consistency or integrity of device data, register values or End Customer data. Modbus is an asynchronous fieldbus protocol without transactional guarantees. Register values may be delayed, incomplete or outdated as a result of network conditions, equipment behaviour or configuration choices of the Customer. The Customer may not rely solely on the data displayed by the Service for business-critical, financial or safety-relevant decisions.

9. Data retention and export

9.1 During the term of the Subscription, all active data is available within the Portal.

9.2 After termination of the Subscription, the Customer has 90 calendar days of access to an export function. Upon expiry of this period, personal data and device data are definitively deleted within 30 days. Backups roll out within 35 days thereafter.

9.3 Invoice and accounting data are retained for 7 years in accordance with Article 52 of the Dutch General Tax Act (AWR).

9.4 On request, we will provide, where necessary at a reasonable charge, additional export service or custom work, subject to any deviating provisions of mandatory law (see clause 8.4).

10. Role under the GDPR and DPA

10.1 For the Customer's account data, ModbusCloud is the data controller.

10.2 For device data and End Customer data, the Customer is the data controller and ModbusCloud acts as processor. Where the Customer is itself a processor, ModbusCloud acts as sub-processor.

10.3 A separate data processing agreement (DPA) applies to the processor and sub-processor relationship, which accompanies the Subscription and forms an integral part of the agreement.

10.4 See also the privacy statement at modbuscloud.com/privacy.

11. Prices, payment, renewal and cancellation

11.1 All prices are in euros and exclusive of VAT, unless stated otherwise. Shipping, installation or custom work costs are stated separately.

11.2 Subscription fees are invoiced in advance and collected by direct debit, iDEAL or credit card, unless otherwise agreed. For invoices on account, a payment term of 14 days applies.

11.3 Monthly Subscriptions renew automatically on a monthly basis. Annual Subscriptions renew automatically on an annual basis. A lifetime Subscription applies for the duration that the Service is offered, not unlimited in time, and ends in any event upon termination of the ModbusCloud platform as a commercial service.

11.4 The Customer may cancel a monthly Subscription with a notice period of one month. An annual Subscription may be cancelled as of the end of the current contract period. Cancellation takes place in writing or via the Portal.

11.5 Amounts already paid in advance are not refunded pro rata, subject to mandatory law.

11.6 In the event of late payment, the Customer is in default without notice of default, owes the statutory commercial interest (Art. 6:119a Dutch Civil Code (BW)) and extrajudicial collection costs (in accordance with the Dutch Extrajudicial Collection Costs Decree, with a minimum of EUR 40). ModbusCloud may suspend the Service until full payment.

11.7 ModbusCloud may change prices with a notice period of 60 days. In the event of an increase greater than the annual Dutch CBS consumer price index, the Customer may cancel the Subscription as of the effective date of the increase. Settlement then takes place pro rata for amounts paid in advance for the unused period.

12. Hardware sales via the webshop

12.1 Hardware is sold exclusively to business buyers acting in the exercise of a profession or business.

12.2 The webshop is not intended for consumers within the meaning of Article 6:230g paragraph 1 sub a Dutch Civil Code (BW). A purchase with a consumer does not come into being. Upon purchase, the buyer confirms that they are acting in the exercise of a profession or business, by providing a valid Chamber of Commerce number or (where applicable) a valid VAT number. The right of withdrawal (cooling-off period) under section 6.5.2B Dutch Civil Code (BW) is accordingly not applicable.

12.3 Delivery takes place within a reasonable period, as stated upon ordering. Delivery periods are indicative and are not strict deadlines within the meaning of Art. 6:83 Dutch Civil Code (BW).

12.4 The risk of loss or damage passes to the Customer at the moment of delivery at the address specified by the Customer.

12.5 ModbusCloud provides a warranty on Hardware of 24 months after delivery for manufacturing and material defects, excluding damage caused by improper use, incorrect installation, unauthorised modifications, external influences (lightning, overvoltage, water, moisture, vermin, extreme dust or condensation, chemical influences), normal wear and tear, and damage caused by use outside the specified environmental parameters. This warranty is without prejudice to the statutory rights under Article 7:17 Dutch Civil Code (BW).

12.6 The Customer shall examine the Hardware upon delivery for visible defects and shall report defects within a reasonable time, in any case no later than 14 calendar days after discovery and no later than 2 months after delivery (Art. 7:23 Dutch Civil Code (BW)). After these periods, the Customer's rights in respect of visible defects lapse.

12.7 Returns are only possible after receipt of an RMA number via our support department. Without an RMA number, returns will not be processed. The Customer bears the return shipping costs, unless there is a demonstrable manufacturing defect under warranty.

12.8 All Hardware supplied remains the property of ModbusCloud until full payment of the purchase price and any additional claims has been received (retention of title, Art. 3:92 Dutch Civil Code (BW)). As long as ownership has not passed, the Customer is not permitted to pledge, transfer or encumber the Hardware.

12.9 ModbusCloud declares that the Gateway, when placed on the market, complies with the applicable European product regulations. In line with the Cyber Resilience Act (Regulation (EU) 2024/2847), we operate a vulnerability handling process from 11 September 2026 and provide security updates throughout the expected period of use, in any event for 5 years after placing on the market. On request, we will provide a Software Bill of Materials (SBOM) for the firmware of the Gateway.

12.10 The Hardware supplied by ModbusCloud is intended for standard industrial and business applications under normal environmental conditions. The Hardware is not designed, certified or suitable for safety-critical, life-determining or mission-critical applications, nor for use in explosive atmospheres, medical equipment, nuclear installations, aviation, weapon systems or comparable environments. The Customer indemnifies ModbusCloud against all claims arising from such use in breach of this provision.

13. Liability

13.1 ModbusCloud's total liability on account of an attributable failure, wrongful act or on any other basis is limited to compensation of direct damage up to a maximum of the total amount paid by the Customer to ModbusCloud (excluding VAT) during the 12 months preceding the damage-causing event, with an absolute ceiling of EUR 25,000 per event and EUR 50,000 per calendar year. A connected series of events from the same cause counts as a single event.

13.2 Direct damage means exclusively:

• reasonable costs for determining the cause and extent of the damage,
• reasonable costs for making ModbusCloud's performance conform to the agreement,
• reasonable costs to prevent or limit damage, insofar as the Customer demonstrates that these costs led to a limitation of direct damage.

13.3 Any liability for indirect and consequential damage is excluded, which in any case includes:

• lost profit, missed savings, loss of turnover,
• loss of production, downtime damage, process loss, energy costs due to incorrect regulation,
• reputational damage, loss of goodwill, loss of customers or contracts,
• loss, corruption or inaccessibility of data (save for reasonable reconstruction costs up to the maximum under clause 13.1),
• damage due to business stagnation,
• damage caused by or in connection with third-party equipment, industrial installations, building-related installations, or End Customers,
• fines, penalties, or claims from End Customers or other third parties,
• non-material damage.

This exclusion applies regardless of the nature of the claim or the legal basis, including upon termination, rescission or annulment of the agreement.

13.4 ModbusCloud is not liable for damage resulting from:

• failure or shortcomings of the third parties mentioned in clause 7.3,
• failure of the internet, mobile networks or power supply,
• acts, decisions or omissions of the Customer, their users, or End Customers,
• use of the Service or Hardware in breach of these Terms, the documentation, the datasheet or generally accepted technical standards,
• defective, incorrect or incomplete data entered or configured by the Customer, their users, or End Customers,
• incorrectly executed installation or configuration of the Hardware or the Modbus bus,
• changes in equipment, firmware or software of third parties to which the Service is connected,
• hacking, social engineering, phishing or other malicious acts by third parties, save in the event of demonstrable failure by ModbusCloud to take security measures that could reasonably have been taken.

13.5 The limitations of liability in this clause do not apply in the event of intent or wilful recklessness of ModbusCloud's management, nor for liabilities that cannot be excluded or limited under mandatory law (such as, in certain circumstances, product liability under section 6.3.3 Dutch Civil Code (BW) and liability for death or personal injury).

13.6 Any claim for damages lapses by mere passage of 12 months after the moment the Customer became aware or could reasonably have been aware of the damage, without prejudice to Art. 6:89 Dutch Civil Code (BW). A complaint about the Service or Hardware must be reported to ModbusCloud in writing and with reasons within 14 days of discovery, on pain of forfeiture of rights.

13.7 The Customer is obliged to take damage-limiting measures, including maintaining proper backups insofar as they keep their own data outside the Service, taking redundancy or emergency provisions at equipment level, and reporting (imminent) damage in good time. Damage that could have been prevented or limited by reasonable damage-limiting measures is not eligible for compensation.

13.8 A condition for any right to damages to arise is always that the Customer gives ModbusCloud, as soon as possible after its occurrence and in any event within 30 days, written notice of default stating reasons, and allows ModbusCloud a reasonable period of at least 30 days to still perform correctly.

13.9 The limitations and exclusions in this clause also apply for the benefit of employees, directors, auxiliary persons and suppliers of ModbusCloud, who may invoke them directly (third-party stipulation).

14. Write commands to Modbus equipment

14.1 The Portal offers, if explicitly activated by the Customer, functionality to write values to Modbus write registers of connected equipment ("Commands"). Write commands can control physical devices, including valves, pumps, relays, setpoints, safety parameters, operating modes and other operational parameters.

14.2 Mandatory acceptance upon activation. Before write functionality is activated per gateway or per installation, the Customer expressly confirms in the Portal (via a recorded opt-in and logging):

1. that they have taken note of the risks associated with Commands and fully understand them,
2. that they are fully responsible for the selection, configuration and limiting of permitted values,
3. that they have implemented appropriate physical and local safety measures at equipment level, including hardware limits, thermal protections, pressure protections, emergency stops, interlocks, and manufacturer-prescribed failsafes,
4. that they have themselves performed a risk analysis and are authorised to change parameters in the relevant equipment,
5. that they do not use the Service for safety functions within the meaning of IEC 61508, IEC 62061, ISO 13849 or comparable safety integrity standards,
6. that they indemnify ModbusCloud against all consequences of Commands, subject to mandatory law.

14.3 Exclusion of liability for Commands. ModbusCloud is, without prejudice to clause 13 and to the maximum extent permitted under Dutch law, not liable for damage arising from or connected with Commands, including but not limited to:

• damage to equipment, installations, buildings or vehicles,
• loss of production, process loss or energy loss,
• the bypassing, lifting, delaying or overwriting of safety systems or safety limits,
• injury to persons or animal casualties,
• environmental damage,
• damage caused by incorrect, conflicting or too rapidly successive Commands,
• damage caused by automations, scripts, rules or API calls executed on behalf of the Customer,
• damage caused by acts of users to whom the Customer or their End Customer has granted access,
• consequential damage for End Customers and claims from End Customers against the Customer.

14.4 The Customer expressly acknowledges that:

• the Modbus protocol offers no transactional or safety-critical functionality,
• communication via public networks may experience delay, packet loss or interruptions,
• Commands are processed asynchronously and may fail to arrive, or not arrive on time, for various reasons,
• execution acknowledgements do not give absolute certainty about the physical state of the equipment.

The Customer shall ensure a sound setup on the equipment side that is robust against such situations.

14.5 The Customer is responsible for the management of authorisations within their organisation and for compliance with laws and regulations that apply specifically to the equipment they manage (such as regulations relating to heat pumps, gas installations, electrical engineering, pressure equipment, refrigerants, F-gases).

14.6 Prohibition on use in safety-critical applications. The Service and the Hardware may not be used for, or form part of:

• safety functions with a required SIL or PL classification,
• life-supporting medical equipment,
• primary emergency safety systems,
• aviation, space travel, railway signalling or maritime navigation,
• nuclear installations,
• weapon systems.

Use in breach of this provision is entirely at the Customer's expense and risk. The Customer indemnifies ModbusCloud against all damage and claims arising from such use.

15. Indemnification by the Customer

15.1 The Customer indemnifies ModbusCloud against all claims by third parties, including their End Customers, employees, visitors or local residents, that arise from or are connected with:

• the use of the Service or Hardware in breach of these Terms or applicable legislation,
• Commands, automations or scripts executed via the Customer's account,
• incorrect, incomplete or unlawfully processed data provided by the Customer,
• failing to inform or contract adequately, or at all, with End Customers about the processing of their data via the Service,
• use in breach of clause 12.10 or clause 14.6.

15.2 The indemnification includes all reasonable costs of legal assistance, settlements, fines and damages awarded to third parties.

15.3 ModbusCloud may, at its own discretion, conduct its own defence against third-party claims at the Customer's expense, with the Customer providing all necessary cooperation and information.

16. Force majeure

16.1 Force majeure within the meaning of Art. 6:75 Dutch Civil Code (BW) shall in any event include: disruptions and failures at hosting providers and platform services (including Vercel, Supabase, Railway, EMQX Cloud, Stripe, Resend, Google, Microsoft, Moneybird, PostHog), disruptions in public or private networks, disruptions at certificate authorities or DNS providers, DDoS or other cyber attacks, power outages, failure or defects of equipment of the Customer or End Customers, defects in firmware or software supplied by third parties, government measures, export restrictions, war, terrorism, sabotage, strikes, pandemics, natural disasters and other circumstances beyond ModbusCloud's reasonable sphere of influence.

16.2 During force majeure, ModbusCloud's obligations are suspended. If the force majeure situation lasts longer than 60 days, either party may rescind the agreement in whole or in part in writing, without any obligation to pay damages.

16.3 Insofar as ModbusCloud has at the time of the force majeure already partially fulfilled its obligations or can only partially fulfil its obligations, it is entitled to invoice this part separately and the Customer is obliged to pay this invoice.

17. Amendment of these Terms

17.1 ModbusCloud may amend these Terms. Material amendments will be announced by ModbusCloud at least 30 days before entry into force by email or via the Portal.

17.2 If an amendment is demonstrably disadvantageous to the Customer, the Customer may cancel the agreement as of the effective date of the amendment, without obligation to pay damages and with pro rata settlement of amounts paid in advance for the unused period.

17.3 Unchanged continuation of use after entry into force shall be deemed acceptance.

17.4 Amendments resulting from statutory obligations or from changes at (sub)processors may be implemented without a right of cancellation, save to the extent such amendments are demonstrably disadvantageous to the Customer.

18. Termination

18.1 Each party may terminate the agreement in accordance with clause 11.

18.2 ModbusCloud may terminate the agreement without notice of default with immediate effect and suspend the Service in the event of:

• payment arrears of more than 30 days after reminder,
• serious or repeated misuse of the Service (clause 5),
• an acute security risk caused by the Customer or their accounts,
• bankruptcy, suspension of payment, application of the WHOA (Dutch Scheme) or cessation of the Customer's business activities,
• the Customer acting in breach of sanctions legislation or export control,
• use in breach of clause 12.10 or clause 14.6.

18.3 After termination, the provisions on data retention and export apply, see clause 9. Provisions which by their nature are intended to continue after termination (including clauses 8, 13, 14, 15, 19, 20, 21, 22) shall remain in full force and effect after termination.

19. Intellectual property

19.1 All intellectual property rights in the Service, the Gateway firmware, APIs, documentation, templates, dashboards, trademarks and logos rest with ModbusCloud or its licensors.

19.2 Nothing in these Terms shall be construed as a transfer of intellectual property rights. The Customer obtains only a right of use as set out in clause 6.

19.3 The Customer retains all intellectual property rights in their own data and content. Clause 8 governs the limited right of use that the Customer grants to ModbusCloud.

19.4 Feedback, suggestions or improvement proposals that the Customer provides to ModbusCloud may be used freely by ModbusCloud without compensation, without any right of the Customer arising therefrom.

20. Confidentiality

20.1 The parties shall treat information marked confidential, or information whose nature reasonably implies confidentiality, as strictly confidential.

20.2 This obligation shall remain in force for the duration of the agreement and for 5 years after termination.

20.3 The obligation does not apply to information that is generally known, that has been lawfully obtained from a third party, or that must be disclosed on the basis of a statutory obligation.

21. Export control and sanctions

21.1 The Customer declares that they do not use the Service and Hardware in breach of applicable sanctions and export regulations of the EU, the Netherlands, the United Kingdom or the United States.

21.2 ModbusCloud may refuse or terminate accounts or deliveries if the Customer appears on a sanctions list, is established in a sanctioned country, or uses the Service at a sanctioned location.

22. Disputes and applicable law

22.1 These Terms and all agreements between ModbusCloud and the Customer are governed by Dutch law, to the exclusion of the UN Convention on Contracts for the International Sale of Goods (CISG).

22.2 The parties shall first attempt to resolve a dispute by mutual consultation. Only if consultation does not lead to a solution within 30 days after written notification may the dispute be submitted.

22.3 All disputes shall be submitted exclusively to the competent court of the District Court of Midden-Nederland, Utrecht location, without prejudice to the mandatory jurisdiction of other courts.

23. Privacy

23.1 Our privacy statement, available at modbuscloud.com/privacy, applies to the processing of personal data. In addition, we conclude a separate data processing agreement (DPA) with the Customer insofar as ModbusCloud acts as processor.

24. Contact and other provisions

24.1 Communications to ModbusCloud shall be addressed to info@modbuscloud.com or by post to Avanta Systems, Ceintuurbaan 15, 8022 AW Zwolle. Communications to the Customer shall be addressed to the email address registered in the Portal and shall be deemed received on the day of dispatch.

24.2 Rights and obligations arising from the agreement are not transferable without prior written consent. ModbusCloud may transfer its rights and obligations in the context of a reorganisation, merger or acquisition, with notice to the Customer.

24.3 If a translation of these Terms is made available, the Dutch version shall prevail in the event of any inconsistency.

24.4 ModbusCloud is entitled to have its obligations performed in whole or in part by third parties. Articles 7:404 Dutch Civil Code (BW), 7:407 paragraph 2 Dutch Civil Code (BW) and 7:409 Dutch Civil Code (BW) are expressly not applicable.

Avanta Systems, with its registered office at Ceintuurbaan 15, 8022 AW Zwolle, registered with the Chamber of Commerce under number 97761362, VAT number NL005287244B70, telephone +31 85 333 2576, email info@modbuscloud.com.