SSL Certificates
Service Order

Service Order Digicert SSL


This Service Order (hereinafter "SO") forms an integral and substantive part of the General Conditions of Service (hereinafter “GCS") published on Register's website( https://www.register.it/company/legal/ ).
The GCS and this SO establish the terms and conditions for the provision of the SSL Certificate of Digicert Inc. (hereinafter "Service") by Register to the Customer (hereinafter "Customer"). The capitalized terms used in this SO have the same meaning as defined in the GCS.
The offer published online on the website https://www.register.it forms an integral part of these conditions ("Offer").


1. Object of the Agreement

The Service allows the Customer to activate an SSL Certificate with the Certification Authority Sectigo, to the benefit of the Subscriber, in accordance with the conditions set out in the following articles and with the features and procedures established in this Agreement and its Annexes.
The SSL Certificate consists of a key pair and of verified identity information.
The Customer is informed that Register acts as a reseller of an external supplier, Digicert Inc., as identified below.


2. Definitions

For the purposes of this Agreement, the following definitions shall apply:
- "Register": Register S.p.A. with registered office in Viale della Giovine Italia 17, Florence (FI), VAT no. 04628270482 which, in agreement with Sectigo, sells the Sectigo SSL Certificate service to the Customer;
- “Digicert”: Digicert Inc. registered offices at Suite 500 Lehi, Utah 84043 USA;;
- "Customer": the person requesting the Service from Register. The Customer may be the same as the Subscriber, if the latter requests the Service for its own benefit, or may not be the same as the Subscriber, if the Customer requests the Service to be activated for the benefit of one or more Subscribers other than the Customer;
- “Subscriber”: any natural or legal person identified in a certificate issued by Digicert;
- “Agreement": Register's GCS, this Service Order ("SO"), the Offer and the documents attached thereto and the documents referred to therein ("Annexes") which, taken together, constitute the rules governing the relations between the parties;
- Annexes: the documents forming an integral part of this Agreement, including the "Certificate Subscriber Agreement" and other contractual documentation prepared by Sectigo Limited relating to the Service, available in the "Legal" section of the Digicert website at https://www.digicert.com/legal-repository/


3 - Conclusion of the Agreement and activation of the Service

3.1 Sending of the Order by the Customer to Register implies full acceptance of the Agreement and its Annexes by the Customer.


3.2 The Customer acknowledges and accepts, and declares to make the Subscriber aware of and to have the Subscriber accept and enforce the contractual documentation relating to the Service purchased, including the documentation prepared by Digicert Inc., available in the "Legal" section of the Sectigo website at https://www.digicert.com/legal-repository/Subscriber-Agreement.pdf , as an integral and substantive part of this Agreement.


3.3 The Certificate covered by this service is an SSL Certificate, used to support SSL/TLS sessions between a web browser and a web server using encryption. Upon receipt by Register of the necessary payment and completion of the activation procedures required for the selected Certificate, Register shall contact Digicert to process the Certificate Request containing the Certificate Signing Request (hereinafter "CSR") in the format specified by the CA. If the Certificate Request is approved by Digicert, Digicert shall issue a Certificate of Use to the Subscriber. After obtaining the Certificate, the Subscriber shall review the information contained therein and promptly notify Digicert of any errors. Upon receipt of such notification, Digicert may revoke the Certificate and issue the correct Certificate.


3.4 The Customer and the Subscriber declare that they have duly read and understood the features, functionalities and methods of use of the Service, in accordance with the provisions of this Agreement, of the further Annexes and of current legislation.


3.5 The Customer and the Subscriber are, in any case, responsible for the truthfulness, correctness, completeness and updating of the information communicated to Register and Digicert regarding the Service.


4. CSR (Certificate Signing Request) generation tool

4.1 If, optionally, the Customer decides to use the CSR (Certificate Signing Request) generation tool provided by Register, it undertakes, under its sole responsibility, to save the CSR (Certificate Signing Request) and the relating private key obtained through the tool on its own media and to safely store it. Any violation of the private key may not be attributable to Register.


4.2 Register informs the Customer that under no circumstances shall it save, even temporarily, the information generated by this tool on its systems. The Customer may therefore not contact Register to retrieve the CSR (Certificate Signing Request) and the relating private key.


4.3 The foregoing will also apply if the Customer subscribes exclusively to the CSR (Certificate Signing Request) generation tool provided by Register, offered by the latter as a stand-alone service. In the latter case, the other articles of this SO will apply in any case, except if objectively incompatible, and in particular Articles 3, 5, 6, 7 and 8 of this SO. The General Conditions of Service (hereinafter "CGS") published on the Register website (https://www.register.it/company/legal/) and the commercial offer relating only to the CSR generation service will also apply. Certificate Signing Request) provided by Register and published online on the website https://www.register.it will form an integral part of these conditions ("Commercial Offer").


5. Duration of service

This Agreement shall be effective until expiration of the Certificate, according to the term indicated in the public Offer, or its early revocation.



6. Consideration and renewal of the Service.

6.1 The Consideration for the provision of the Service requested is the amount indicated in the Offer. The provision of the Service is deemed to have been agreed from the time of payment of the Service consideration by means indicated in the Offer. The renewal price shall be the list price applied by Register at the time of the Customer's request and resulting from the control panel.


6.2 Renewal at expiration may be automatic or manual.


6.2.1 Expiration with automatic renewal:
In the case of expiration with automatic renewal and credit card payment, the consideration referred to in the following paragraph “Consideration and Payments" shall be charged, within the established time limits and under the conditions existing at the time of renewal, as indicated in the control panel, directly by Register on the Customer's credit card, upon communication by e-mail. If it is not possible for Register to make such a charge, the agreement may not be automatically renewed and shall be considered as having expired within the established time limit. In such a case, the Customer may renew the Service by following the manual renewal procedure.
In the case of expiration with automatic renewal and payment by a system other than credit card, 20 days before expiration, Register shall proceed, after notice by email, to renew and send the invoice to the Customer, which shall be paid within the time limit provided therein. The invoice and related payment instructions shall be sent by ordinary mail to the address stored in the files at the time of ordering. In the event that the Customer does not proceed with the payment within the established time limits, Register may interrupt the provision of the Service at any time, subject to the provisions of art. 6 of the GCS.


6.2.2 Expiration with manual renewal:
In the case of expiration with manual renewal, the Customer may ask Register, through the online procedure made available by Register, to renew the Service with this SO for further and subsequent periods within the time limits that will appear on the Customer's control panel and at the technical and economic conditions in force at the time of renewal of the Service and executing the renewal procedure. In the event of non-renewal, in the forms and within the time limits indicated above, upon expiration, the Service will cease to be provided and this SO will cease to produce its effects by law, without need for any communication by Register.



7. Protection of personal data and Confidentiality.


Once the service has been purchased or renewed, the Client is required to activate the certificate by accessing the control panel and filling in the appropriate form in order to proceed with the issuing of the requested certificate.

When renewing the certificate, the Client may decide to use the CSR obtained during the activation phase and stored by Register, or choose to continue with the generation of a new CSR and the relative private key.

In the first case, Register will continue to retain the CSR obtained by the Client during the activation phase until the next renewal unless the Client, at this stage, decides to provide a new CSR. Otherwise, Register will continue to store the CSR until the next renewal. In the second case, where the Client decides to issue a new CSR and a new private key for the renewal of the certificate, Register will delete the CSR previously obtained from the Client from its systems and will only keep the newly provided CSR.

The data processing is carried out by Register as data controller and is aimed at pursuing a legitimate interest of Register, pursuant to Article 6(1)(f) of EU Regulation 679/2016 (GDPR). In particular, Register has the legitimate interest to improve the quality of the activation and renewal service of the SSL Certificates of its clients, which, thanks to the retention of the CSR by Register, allows for a fast renewal process.

In any case, the provision of the Client's data through the generation or transmission of the CSR is optional, but if such data is not provided it will not be possible to proceed with the activation or renewal of the certificate. The data provided by the Client for the purpose of issuing the certificate will be disclosed to Digicert Inc., as autonomous data controller, in order to execute the contract between the Client and Register. The Client has the right to access his/her data in accordance with Art. 15 of the GDPR, to request the restriction of data processing in the cases provided for in Art. 18 of the GDPR, and to lodge a complaint with the competent supervisory authority pursuant to Art. 77 of the GDPR. Since the CSR is composed of codes generated automatically by the generation tool referred to in point 4.1), it should be noted that in practice it is not possible to request the correction or deletion of the CSR itself, except by generating a new CSR using the same tool. The Client may formulate a request to object to the processing of their data pursuant to Art. 21 of the GDPR in which the reasons for the objection to processing are provided. The Data Controller shall in any case reserve the right to assess the Client's request. Requests to Register must be made in writing to dpo@dada.eu.



8 Disclaimers and limitations of liability

8.1 Register undertakes to provide the Service in compliance with the provisions of this Agreement and the Annexes thereto, and accepts no liability other than that expressly set forth herein.


8.2 To the fullest extent permitted by law, Register offers no implied or express warranty, including without limitation, no warranty of merchantability, fitness for a particular purpose, of satisfaction of the Customer's or Subscriber's requests, of non-infringement of rights, non-interruption of supply, lack of errors or any other warranty that may arise from the performance of the Agreement, from commercial practices or from negotiations relating to the Service.


8.3 The Customer takes on all responsibility in relation to the Orders sent to Register and undertakes, to the fullest extent permitted by law, to indemnify and hold Register harmless from any claim, cost, penalty, towards third parties, including the competent judicial authorities, relating to or in any way connected with the performance of this Agreement and/or breach, by the former or the Subscriber, of the obligations, representations and warranties set forth in this Agreement.


8.4 Specific disclaimers and limitations of liability



8.4.1 DigiCert warrants the Certificates offered under this Agreement will comply in all material respects to the requirements in the CPS (DigiCert Certification Practices Statement, available on the Digicert website at the link https://www.digicert.com/legal-repository/) and the applicable law.

8.4.2 DISCLAIMERS. OTHER THAN AS PROVIDED IN SECTION 8.4.1, THE SERVICES, AND ANY RELATED SOFTWARE (INCLUDING THE PORTAL) ARE PROVIDED “AS IS” AND “AS AVAILABLE” AND TO THE MAXIMUM EXTENT PERMITTED BY LAW, DIGICERT AND REGISTER DISCLAIMS ALL EXPRESS AND IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. DIGICERT AND REGISTER DOES NOT WARRANT THAT ANY SERVICE OR PRODUCT WILL MEET SUBSCRIBER’S EXPECTATIONS OR THAT ACCESS TO THE SERVICES WILL BE TIMELY OR ERROR-FREE. DigiCert and Register do not guarantee the accessibility of any products or services and may modify or discontinue offering any product or service offering at any time. Subscriber’s sole remedy for a defect in the Services is for DigiCert to use commercially reasonable efforts, upon notice of such defect from Subscriber, to correct the defect, except that DigiCert and Register has no obligation to correct defects that arise from (i) misuse, damage, modification or damage of the Services or combination of the Services with other products and services by parties other than DigiCert, or (ii) Subscriber’s/Customer’s breach of any provision of this Agreement.


8.4.3. Limitation of Liability. This Agreement does not limit a party’s liability for: (i) death or personal injury resulting from the negligence of a party; (iii) gross negligence, willful misconduct or violations of applicable law, or (iii) fraud or fraudulent statements made by a party to the other party in connection with this Agreement. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY OR LIMITATION OF LIABILITY: (A) DIGICERT AND ITS AFFILIATES, SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, PARTNERS AND LICENSORS (THE “DIGICERT ENTITIES”) AND REGISTER WILL NOT BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES (INCLUDING ANY DAMAGES ARISING FROM LOSS OF USE, LOSS OF DATA, LOST PROFITS, BUSINESS INTERRUPTION, OR COSTS OF PROCURING SUBSTITUTE SOFTWARE OR SERVICES) ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SUBJECT MATTER HEREOF; AND (B) THE DIGICERT ENTITIES’ TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATING TO THIS AGREEMENT OR THE SUBJECT MATTER HEREOF WILL NOT EXCEED THE AMOUNTS PAID BY OR ON BEHALF OF SUBSCRIBER TO DIGICERT IN THE TWELVE MONTHS PRIOR TO THE EVENT GIVING RISE TO SUCH LIABILITY, REGARDLESS OF WHETHER SUCH LIABILITY ARISES FROM CONTRACT, INDEMNIFICATION, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, AND REGARDLESS OF WHETHER DIGICERT OR REGISTER HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. NO CLAIM, REGARDLESS OF FORM, WHICH IN ANY WAY ARISES OUT OF THIS AGREEMENT, MAY BE MADE OR BROUGHT BY SUBSCRIBER OR SUBSCRIBER’S/CUSTOMER’S REPRESENTATIVES MORE THAN ONE (1) YEAR AFTER THE BASIS FOR THE CLAIM BECOMES KNOWN TO SUBSCRIBER.


8.4.4. Indemnity. Subscriber will indemnify, defend and hold harmless DigiCert and DigiCert’s employees, officers, directors, shareholders, Affiliates, and assigns (each an “Indemnified Party”) as well as Register against all third party claims and all related liabilities, damages, and costs, including reasonable attorneys’ fees, arising from (i) Subscriber’s breach of this Agreement; (ii) Subscriber’s online properties for which DigiCert or Register provides Services hereunder, or the technology or content embodied therein or made available through such properties; (iii) DigiCert’s or Register’s access or use in compliance with this Agreement of any information, systems, data or materials provided by or on behalf of Subscriber or Cutomer to DigiCert hereunder, (iv) Subscriber’s failure to protect the authentication mechanisms used to secure the Portal or a Portal Account; (iv) Subscriber’s modification of a DigiCert or Register product or service or combination of a DigiCert or Register product or service with any product or service not provided by DigiCert or Register; (v) an allegation that personal injury or property damage was caused by the fault or negligence of Subscriber; (vi) Subscriber’s or Customer’s failure to disclose a material fact related to the use or issuance of the Services; or (vii) an allegation that the Subscriber, or an agent of Subscriber or Customer, used DigiCert’s Services to infringe on the rights of a third party.


8.4.5. Indemnity Obligations. An Indemnified Party seeking indemnification under this Agreement must notify Subscriber promptly of any event requiring indemnification. However, an Indemnified Party’s failure to notify will not relieve Subscriber from its indemnification obligations, except to the extent that the failure to notify materially prejudices Subscriber. Subscriber may assume the defense of any proceeding requiring indemnification unless assuming the defense would result in potential conflicting interests as determined by the Indemnified Party in good faith. An Indemnified Party may, at Subscriber’s expense, defend itself until Subscriber’s counsel has initiated a defense of the Indemnified Party. Even after Subscriber assumes the defense, the Indemnified Party may participate in any proceeding using counsel of its own choice and at its own expense. Subscriber may not settle any proceeding related to this Agreement unless the settlement also includes an unconditional release of liability for all Indemnified Parties. Subscriber’s indemnification obligations are not the sole remedy for Subscriber’s breach of this Agreement and are in addition to any other remedies available. Subscriber’s indemnification obligations hereunder are not an Indemnified Party’s sole remedy for events giving rise to indemnity by Subscriber hereunder, and are in addition to any other remedies an Indemnified Party may have against Subscriber under this Agreement.


8.4.6. Injunctive Relief. Subscriber and Customer acknowledges that their breach of this Agreement may result in irreparable harm to DigiCert and Register that cannot adequately be redressed by damages. Accordingly, in addition to any other legal remedies which may be available, DigiCert and Register may seek and obtain an injunctive order against a breach or threatened breach of this Agreement by Subscriber or Customer, and without a need to post a bond or similar action.


8.4.7. The limitations and obligations in this Section apply to the maximum extent permitted by law and apply regardless of: (i) the reason for or nature of the liability, including tort claims; (ii) the number of claims of liability; (iii) the extent or nature of the damages; or (iv) whether any other provisions of this Agreement were breached or proven ineffective.