Service Specification of SupplyOn Services for Supplying Companies (SLB 2.0)
Version 2.0 as at January 2019
This Service Specification defines the scope of services of SupplyOn Services for Supplying Companies (hereinafter referred to as “Contractual Partner”). In addition to this Service Specification also the Master Contract, the “SupplyOn AG General Terms and Conditions for SupplyOn Services” (in the currently valid version), hereinafter referred to as “GTC”, and their respective contractual components regulate the provision of SupplyOn Services and the contractual relationships between SupplyOn and the Contractual Partner. The definitions included in the GTC shall analogously apply to this Service Specification.
SupplyOn Services facilitate the processing of electronic business transactions – in particular in the areas of sourcing and engineering, supply chain management and quality management – by means of a browser interface or integration in internal systems of the Contractual Partner or the Buying Company. SupplyOn Services involve the processing, temporary storage, transmission and analysis of data.
In addition, SupplyOn performs for the Contractual Partner the single-sign-on by integration of the access data between SupplyOn and the relevant systems of the Buying Company, which means that the Contractual Partner can access internal systems of the Buying Company directly without further log-in.
The SupplyOn Services agreed in each case also include the provision of the respective Customer Support.
2 List of SupplyOn Services
The following basic service is the prerequisite for the use of further services:
- SupplyOn Master Data Administration supports the storage, update and exchange of company profile data. The data entered by the Contractual Partner can be viewed and also downloaded by the Buying Companies.
In addition to the basic service, the following SupplyOn Services may be used after invitation by a Buying Company and after application for and granting of access to the respective SupplyOn Service (cf. § 3 GTC):
- SupplyOn Auctions supports specific buying auctions to which the Contractual Partner can be invited as bidder.
- SupplyOn Sourcing is a solution for the online submission of offers (also includes SupplyOn Auctions).
- SupplyOn Document Management supports the provision and exchange of documents (drawings, standards, part submission warrant documents, etc.).
- SupplyOn Collaboration Folders is a joint virtual project room for storing and managing data centrally.
- SupplyOn SCM (WebEDI) handles logistics and finance processes using a browser interface or by means of a direct integration in the Contractual Partner’s internal systems via EDI.
- SupplyOn Vendor Managed Inventory allows visualization of consumption-based disposition processes to support disposition.
- SupplyOn Transport Management enables handling of transport orders with suppliers and transport service providers.
- SupplyOn Performance Monitor shows the supplier assessment data.
- SupplyOn Problem Solver supports the processing of complaints.
- SupplyOn Project Management supports project planning and project implementation.
- SupplyOn AirSupply handles logistics and finance processes using a browser interface or by means of a direct integration in the Contractual Partner’s internal systems via EDI (Machine-to-Machine, M2M).
- SupplyOn Customer Application Access includes the single sign-on in internal systems of the Buying Company. The systems of the Buying Companies themselves shall not be an integral part of the scope of services provided by SupplyOn.
Detailed descriptions of the SupplyOn Services can be obtained from your contact person at SupplyOn.
3 Technical Limitations
For the processing via EDI (M2M) following special limitations do apply for AirSupply:
Size Limitation (from Contractual Partner to SupplyOn)
Maximum size per transmission: 4MB
Splitting of files (from SupplyOn to Contractual Partner)
Big data volumes may be split into multiple files (e.g. instead of transmitting one 20MB file, five 4MB files could be transmitted).
Transmission Frequency (from SupplyOn to Contractual Partner)
Within the message scheduler the transmission frequency can be configured by the Contractual Partner. If the Contractual Partner wants to receive all messages (incl. history), the following limitations do apply:
4 Technical Availability
SupplyOn shall make 99% of the individual SupplyOn Services available on the productive system on a monthly basis (Monday-Sunday, 00:00 – 24:00 h). “Availability” refers to usability on the interface to the Internet. For the determination of availability, downtimes resulting from necessary and regular maintenance windows which apply to all SupplyOn Services shall not be taken into account. SupplyOn shall inform the Contractual Partner of the intended maintenance windows in advance.
For the determination of availability the following downtimes shall not be taken into account:
- all forms of force majeure
- downtimes as a result of computer crime caused by third parties
- business interruptions caused by employees of the Contractual Partner or the Buying Company
- non-compliance with or breach of cooperation duties pursuant to the GTC
- downtimes or interruptions of the Internet or the telecommunications network
- downtimes of the internal systems of the Contractual Partner or the Buying Company in the course of integration within the scope of SupplyOn Services.
5 Necessary System Requirements
To be able to use the SupplyOn Services via the browser interface the Contractual Partner has to fulfill the currently valid system requirements (e.g. released browsers as well as browser versions). These are described under www.SupplyOn.com/requirements.
6 Services for Integration in Internal Systems
Certain SupplyOn Services facilitate connection of the internal systems of the Contractual Partner directly with the system on which the relevant SupplyOn Service is based (“integration”). In such a case the automatic system-to-system communication in part or in whole replaces manual browser operation by the User.
The responsibility for the internal system as well as for the preparation of the internal system in respect of creating and handling electronic business processes on the basis of the SupplyOn data format shall lie exclusively with the Contractual Partner.
SupplyOn shall assist the Contractual Partner with the one-off integration of the internal system pursuant to the process description separately made available for the relevant SupplyOn Service.
7 Security Declaration
In order to protect the confidentiality and integrity of the data exchanged via SupplyOn and to ensure the promised availability of the SupplyOn Services within the scope of the concepts described, SupplyOn meets the requirements of the following international standards for providers of IT and cloud computing solutions:
- ISO / IEC 27001 – An international security standard that formally specifies an Information Security Management System
- ISO / IEC 27017 – A code of practice for implementing commonly accepted protection controls in cloud computing
- ISO / IEC 27018 – A code of practice on protection of personal data in cloud computing applications
The SupplyOn security and operating concept is regularly reviewed by external auditors based on the above standards. The basis for secure operation includes aspects such as:
- Redundant infrastructures
- Redundant Internet connections
- Emergency power supply
- Precautions to avoid damage by fire, smoke or water
- 24x7 system monitoring
- Vulnerability scans and penetration tests
- Intrusion detection mechanisms
- Encrypted communication connections
- User management for own employees by Administrators of the Contractual Partner
8 Obligations to co-operate
- The Contract Partner shall name one or more Administrators who create the Users of their own company for the SupplyOn Services on their own, assign rights for the individual SupplyOn Services and deactivate Users, for example when they leave the company.
- Certain SupplyOn Services inform the Users actively if their Customer registered with SupplyOn changes important information. Details are included in the relevant online documentation. The notification e-mails generated by the system do not release the Contractual Partner from having to check regularly whether new or changed data of the business partners are available in the systems. For this reason the Contractual Partner has to regularly log on to the SupplyOn Services (dependent on Customer requirements) in order to check whether there is any relevant information.
- As with the operation of own solutions (such as EDI Managers), problems and interruptions also cannot be ruled out in principle in the operation of online platforms such as SupplyOn. The Contractual Partner must therefore have its own contingency plans for such a case. The Contractual Partner is also aware that there is the fundamental risk that the Internet connection to certain countries may be slowed down or even completely blocked for a lengthy time, for example by governments. As a result, Users from such a country would no longer be able to access the SupplyOn Services. SupplyOn shall inform Customers as soon as such a blockade becomes known. In such a case, the Contractual Partner is responsible for carrying out the relevant contingency plans.
- The Contractual Partner is responsible for ensuring that all documents that have to be archived under statutory requirements and are exchanged via the SupplyOn Platform are archived in an audit-proof manner.
9 Customer Support
Customer Support shall assist the Contractual Partner with all SupplyOn Services.
Customer Support for internal systems of the Contractual Partner (cf. clause 5) as well as the systems of the Buying Company (cf. clause 2: SupplyOn Customer Application Access) shall, unless indicated otherwise, not be part of SupplyOn’s scope of services. SupplyOn’s customer support can be reached via the SupplyOn homepage.
For Customer Support the following service hours apply:
|German and English||Monday-Sunday: 00:00-24:00 h CET/CEST|
|Italian, French, Spanish and Portuguese||Monday-Friday: 06:00-20:00 h CET/CEST|
|Chinese||Monday-Friday: 08:00-17:00 h CNST|
|Japanese||Monday-Friday: 08:00-17:00 h JST|
|Korean||Monday-Friday: 08:00-17:00 h KST|