Skip to main content

Hippo Token & Hippo Chat

Terms & Conditions

9 April 2026

§ 1 General Provisions and Subject Matter

(1) Open Hippo GmbH (hereinafter "Provider") supports the Customer in operating certain applications that use an AI system via a web interface or an application programming interface (API). The AI system is a generative system capable of producing responses to customer queries in various forms, in particular as text, but also as graphics or videos. Given the Customer's acknowledged limited experience with generative AI, it is the Customer's particular responsibility to appropriately review AI output before use.

(2) The subject matter of this Agreement is the Provider's grant of temporary access to a generative AI system (hereinafter "System") for use by the Customer via remote data connection and API, subject to future technical specifications, in exchange for remuneration.

§ 2 Definitions

The following terms are used throughout this Agreement with the meanings set out below:

  • Prompt means an instruction submitted to the System to cause it to perform a specific task or generate a specific response. The prompt is transmitted to the System via the designated input interface.

  • AI Model means a mathematical structure, represented in particular by algorithms and weighted parameters, trained by machine learning from data. It is designed to perform specific tasks such as image recognition, language processing, decision-making or predictive analysis. Its operation requires an infrastructure of hardware and software, including a user interface and other components.

  • AI System means a machine-based system whose foundation is an AI model and which is designed for operation with varying degrees of autonomy, may be adaptable after deployment, and derives from inputs received — for explicit or implicit objectives — how to generate outputs such as predictions, content, recommendations or decisions that may influence physical or virtual environments.

  • Output means the result of the System's processing of a prompt.

  • User means any individual authorised by the Customer to use the System.

  • Bias means a deviation from the desired output of an AI model, characterised by certain results being over- or under-represented relative to a reference model of reality, when assessed from a normative perspective.

  • AI Competence encompasses the skills, knowledge and understanding required — taking into account the respective rights and obligations — to use the System competently within the scope of use agreed with the Provider, and to become aware of the opportunities and risks of AI systems and the potential harm they may cause.

§ 3 Use of the System

(1) System availability and further performance parameters are set out in the Service Level Annex.

(2) Further technical details relevant to this Agreement, including a description of the System, may be specified separately.

(3) The System is made available by the Provider at the handover point (the interface between the Provider's data network and other networks). The System remains on the Provider's servers. The Provider is not responsible for establishing or maintaining the data connection between the Customer's IT systems, in particular end devices, and the Provider's handover point.

(4) Access to the System grants the Customer support only for the agreed applications. The scope of support is also described in the Annex. The Provider does not guarantee any particular result.

(5) The Provider may modify the System at any time and will inform the Customer of any changes. The Customer has no right to require the use of a particular system.

(6) The Customer may only access the System using the agreed applications and only for legitimate operational purposes. The maximum number of end devices that may be used simultaneously by the Customer is also set out in the Annex.

(7) Any use of the System that deviates from the provisions of this Agreement is prohibited. In particular, the Customer is not entitled to manipulate the System so that it performs tasks other than those provided for under this Agreement or so that the Customer obtains information not required for the intended use of the System. Prohibited actions include in particular:

  • Prompt injection — crafting prompts so as to cause the System to generate undesired or harmful output;
  • Evasion attacks — attacks on AI systems that attempt to deceive or manipulate the System, for example by identifying patterns in training data that lead the System to make incorrect decisions;
  • Reverse engineering of the model, for example by conducting extensive queries in order to gather information enabling the Customer to create its own model that imitates the System's behaviour;
  • Abliteration — analysing the structure and operation of the System to identify vulnerabilities, in order to use input patterns or word combinations to cause the System to disclose confidential information or generate false responses;
  • Membership inference attacks aimed at reconstructing data points used during training.

(8) The Provider reserves the right to review prompts and generated output using abuse prevention or content filtering methods, and to block processing where there is reasonable suspicion of misuse.

(9) The Customer is liable to the Provider for damage attributable to unauthorised use of the System. The Customer shall ensure that all Users comply with the requirements of this Agreement regarding System use.

(10) The Provider may be required by law to label output as having been generated by an AI system. The Customer may not alter or remove such labelling.

§ 4 AI Competence, Data Storage, Bias

(1) The Customer shall take the measures required under Article 4 of the EU AI Act to ensure, to the best of its ability, that Users possess a sufficient level of AI competence, taking into account their technical knowledge, experience, education and training, and the context in which the System is to be used.

(2) The Customer shall ensure that all Users understand how the AI system works: it learns from a large quantity of data (training data), identifying the patterns, relationships and statistical properties underlying that data. It then generates new information. This new information resembles the learned data but is not identical to it. The System does not store training data; instead it creates statistical models that capture the probability of words or phrases in particular contexts. When the System generates new information, it uses these models to make plausible statements based on the learned patterns.

(3) Note that data transmitted by the Customer during use of the System is not stored separately and retained. However, information transmitted to the System may enter and modify the system in the manner characteristic of AI systems, as described in paragraph 2.

(4) When using the System, the Customer shall further note that the technical nature of AI systems does not permit data — whether individual or aggregated — to be selectively removed from the System.

(5) Note also that the System was trained on a large dataset intended to be representative of the desired use cases. However, depending on the training data used, the method of training, and the configuration of the underlying AI model, bias in the output may occur. For AI systems such as the one used under this Agreement, bias cannot be completely avoided for technical and normative reasons.

(6) In exceptional cases an AI system may respond inadequately to a query ("hallucinate"), for example because of incorrect probabilities or weightings in the AI model.

(7) It is therefore in the Customer's and Users' own interest to verify the plausibility of information generated by AI systems. This is particularly important in order to avoid harm arising from injury to life, limb or health. The Customer shall observe this and shall inform Users accordingly.

§ 5 Training Materials / Documentation

(1) The Provider shall make training materials available to the Customer to introduce Users to the System. Details may be agreed separately.

(2) In addition to the training materials, a written reference guide will also be available to the Customer.

(3) The Provider shall make further consultancy services available to the Customer, at standard rates and upon request, to ensure the competence referred to in § 4.

§ 6 Intellectual Property Rights / Trade Secrets

(1) The Customer shall ensure that it is authorised to use for this purpose the content — whether prompts, other text, drawings, photographs or similar — that it transmits to the System. The System does not verify whether the Customer is entitled to use the data it transmits.

(2) The Provider does not guarantee that intellectual property rights can be established in the Output. In general, Output does not enjoy legal protection, and in particular no copyright protection. The Output is not intended to be shared with third parties not authorised to use the System.

(3) The Provider informs the Customer that the specific result of a query to the AI cannot be predicted with sufficient certainty. An unintentional interference of the Output with the rights of third parties cannot therefore be reliably prevented. The Customer notes that liability for the removal or future cessation of an infringement may arise without fault.

§ 6a Use of Provider's Trademarks and Logos

(1) Subject to the Customer's full and timely payment of all fees due under this Agreement and for the duration of the Agreement, the Provider grants the Customer a non-exclusive, non-transferable, revocable, royalty-free licence to use the Provider's trademarks, logos and brand assets (hereinafter "Brand Assets") solely for the purpose of identifying the Customer's use of the Provider's services in connection with the services agreed under this Agreement.

(2) Permitted uses of the Brand Assets include in particular:

  • indicating within the Customer's own products, services or communications that they are operated with or powered by the Provider's system (e.g. "Powered by Hippo Token" or similar designations);
  • referencing the Customer's status as a contractual user of the Provider's services in the Customer's marketing materials and on the Customer's website.

(3) The Customer shall use the Brand Assets strictly in accordance with the Provider's then-current brand guidelines, which are made available on the Provider's website or upon request. The Customer shall not alter, distort, combine with other marks, or otherwise modify the Brand Assets.

(4) The licence granted under paragraph (1) does not extend to:

  • use of the Brand Assets in a manner that could imply a partnership, joint venture, endorsement or sponsorship beyond the Customer's contractual use of the services;
  • use of the Brand Assets in connection with products, services or content that violate applicable law, these Terms, or standards of good commercial practice;
  • sublicensing or transfer of the licence to third parties.

(5) The Customer shall cease all use of the Brand Assets forthwith upon termination or expiry of this Agreement for any reason, upon suspension of access pursuant to § 11(4), or upon the Provider's written request in the event of non-compliance with this paragraph.

(6) The Provider reserves all rights in and to the Brand Assets not expressly granted herein. Use of the Brand Assets does not confer on the Customer any ownership interest or further rights in the Brand Assets or other intellectual property of the Provider.

(7) The Customer shall notify the Provider without undue delay of any suspected misuse or infringement of the Brand Assets by third parties of which it becomes aware.

§ 7 Personal Data

(1) The System may be used even where personal data is entered. The Provider makes the AI system available to the Customer in such a way that third parties cannot access personal data and personal data does not permanently remain in the Provider's systems.

(2) As a result of the manner in which the Provider's AI systems process data, the Provider acts as a data processor for the Customer. The Provider makes the necessary data processing agreement available as supplementary terms. These shall be deemed agreed upon conclusion of the contract.

§ 8 Access Authorisations

The Customer is granted access to the Systems via single sign-on (SSO). Users must authenticate with their personal SSO credentials provided by the Provider. SSO credentials may only be made available to authorised Users and must be kept confidential. Access authorisations are reviewed and adjusted on a regular basis to ensure that only authorised Users have access. The Customer shall require Users to access the System only in accordance with this Agreement.

§ 9 Customer's Obligations to Co-operate

(1) The Customer undertakes to establish a data connection between the end devices it intends to use and the data handover point defined by the Provider. The Provider is entitled to redefine the data handover point if necessary to enable the Customer to use the services without disruption.

(2) The proper use of the Provider's services requires that the hardware and software used by the Customer — including workstations, routers, data communication equipment, etc. — meets the minimum technical requirements for use of the System currently offered, and that Users authorised by the Customer are familiar with operating the System. Configuring the Customer's IT systems, and in particular end devices, is the Customer's responsibility.

(3) The Customer shall carefully select, instruct and supervise all Users with regard to use of the System in accordance with this Agreement. If the Customer has doubts that a User is capable of using the System in accordance with the Agreement, the Customer must deny that User access. In particular, the Customer shall inform Users of the terms of use and require them to comply.

(4) The Customer shall report to the Provider all notable behaviour of the System. Notable behaviour includes in particular biased output as well as other false, misleading or inappropriate statements by the System.

§ 10 Remuneration

(1) The Customer shall pay the fees set out in the Provider's price list in force at the time the contract is concluded.

(2) The Provider is entitled to adjust the fees payable under this Agreement at its reasonable discretion to reflect changes in the costs relevant to pricing.

§ 11 Contract Term / Suspension

(1) The Agreement may be terminated at any time at month-end. Notice of termination must be given no later than one day before the end of the current billing month. If notice is given after the end of the month, the subscription ends at the end of the following month.

(2) The right to terminate for good cause remains unaffected.

(3) All terminations require text form.

(4) If the Customer or a User violates the terms of use set out in or otherwise agreed under this Agreement, the Provider may suspend access to the System in whole or in part to the extent necessary until compliant use can again be expected.

§ 12 Liability for Defects

(1) The Provider applies all reasonable care and expertise in providing the data and complies with all applicable laws in this regard. Notwithstanding the foregoing, the data is provided by the Provider without any further express or implied warranty of any kind, including but not limited to any warranty of fitness for a particular purpose (such as the contractual purpose).

(2) The Provider shall inform the Customer without undue delay of any defects in the data of which it becomes aware, and shall without undue delay take appropriate measures to ensure that the data made available to the Customer complies with the provisions of this Agreement. The Provider shall in particular inform the Customer as soon as it becomes aware that the data made available to the Customer deviates from the description in Annex A. In such case, the Customer may (a) reject the data in whole or in part, and/or (b) restrict the Provider's access to and use of the application for as long as necessary to ensure the lawfulness of the Customer's data processing.

§ 13 Liability

(1) The Provider is liable for wilful misconduct and gross negligence.

(2) For minor negligence, the Provider is only liable for damage arising from injury to life, limb or health. The Provider is in such cases only liable for foreseeable damage of a type that typically occurs.

(3) Subject to liability under the Product Liability Act, any strict liability of the Provider arising from use of the System by the Customer or third parties introduced by the Customer is excluded.

(4) The Customer is responsible for measures to ensure operational safety, and in particular workplace safety, vis-à-vis third parties including employees. The System is not capable of assessing the conditions under which it is used or of addressing safety-related aspects, including workplace safety.

(5) If the Provider is held liable by Users for damages arising from output of the System, the Customer shall indemnify the Provider against such liability to the extent it arises from the Customer's non-compliant use of the System or from the Customer's inadequate selection, instruction or supervision of Users.

§ 14 Amendments to the Terms

The Provider is entitled to amend or supplement these terms as follows. The Provider will give the Customer notice of any amendments or supplements at least six weeks before they take effect, in text form. If the Customer does not agree to the amendments or supplements, it may object within one week of the intended effective date, in text form. If no objection is raised, the amendments or supplements are deemed approved by the Customer. The Provider will specifically draw the Customer's attention, when notifying it of any amendments or supplements, to the significance of its conduct.

§ 15 Final Provisions

(1) Any general terms and conditions of the parties beyond those set out herein do not apply to this Agreement, even where they are not expressly objected to.

(2) The assignment of claims is only permitted with the prior written consent of the other party. Such consent may not be unreasonably withheld. Section 354a of the German Commercial Code (HGB) remains unaffected.

(3) The parties may only offset claims that have been acknowledged or are the subject of a final and unappealable judgment.

(4) All amendments, supplements and terminations of contractual agreements must be made in writing, as must the waiver of the written form requirement, except where this Agreement provides for text form.

(5) The parties undertake to maintain confidentiality regarding the content of this Agreement and its implementation.

(6) If individual provisions of the parties' agreements are or become wholly or partially invalid, this shall not affect the validity of the remaining provisions. The parties undertake in such case to replace the invalid provision with a valid provision that most closely achieves the economic purpose of the invalid provision. The same applies to any gaps in the agreements.

(7) The law of the Federal Republic of Germany applies. The place of jurisdiction is Augsburg.