This translation is provided for informational purposes only. In the event of discrepancies, the German source text shall apply.
General terms and conditions
1.1 innoXchain GmbH, headquartered in Munich, Germany, hereinafter referred to as “innoXchain”, provides the customer with the ordered services with all included service components as well as any and all additional services ordered at a later date, exclusively in accordance with the following General Terms and Conditions. These terms and conditions can be accessed at any time on the innoXchain website and are accepted by the customer when placing an order, placing a repeat order or any online configuration.
1.2 The client affirms that he has full legal capacity according to the legal provisions applicable to him, that he may obtain the services according to the legal provisions applicable to him (also with regard to any existing guardianship), and that there are no other legal, economic or financial reasons preventing the conclusion of the contract.
Conclusion of contract
2.1 The offers made by innoXchain are subject to confirmation and non-binding. We reserve the right to make technical and other changes within reason.
2.2 With the order, the customer declares his binding contractual offer. We shall confirm receipt of the Customer’s order without undue delay. The confirmation of receipt does not constitute a binding acceptance of the order. The confirmation of receipt may be combined with the declaration of acceptance.
2.3 innoXchain is entitled to accept the contractual offer contained in the order within a period of 5 working days after receipt by innoXchain. However, we are also entitled to reject the acceptance of the order, for example after checking the creditworthiness of the customer.
2.4 The customer is obliged to provide his correct name and a valid e-mail address for free cloud access. So-called one-time e-mail addresses are not permitted. In the case of paid cloud access, a correct postal address must also be provided. In case of non-compliance, innoXchain is entitled to revoke access without prior notice.
Scope of services
3.1 The scope of services results from the offer information valid at the time of the order, the order form as well as the monthly special offers valid in each case.
3.2 If no separate contractual agreement has been made, the performance characteristics described on the homepage at the time of conclusion of the contract shall apply to products. This includes all products described under https://www.innoxchain.com, https://www.office-host.com or https://www.wolkesicher.de as well as products and service descriptions described on sub-pages of https://www.innoxchain.com, https://www.office-host.com or https://www.wolkesicher.de.
3.3 Updates of the cloud software are carried out at the free discretion and control cycle of innoXchain GmbH, unless an explicit deviation from this regulation has been agreed in an SLA (Service Level Agreement).
4.1 Technical support services are not included in the offers unless they are expressly part of the offer. If these are requested and used, they will be charged separately. The valid prices are available on request.
4.2 In general, no response time or guarantee for the response or execution of incoming inquiries or orders is agreed, unless this has been explicitly agreed in an SLA (Service Level Agreement).
4.3 The entire communication and thus the contents of the support, both by e-mail, fax or telephone, are protected by copyright, unauthorised disclosure or publication is prohibited.
5.1 As far as data is transmitted to innoXchain, the customer shall make backup copies. In the event of a loss of data that nevertheless occurs, the client is obligated to transmit the relevant data again to innoXchain free of charge.
5.2 The client is obliged to carry out a complete data backup before each own or ordered change.
5.3 The Customer shall receive a user ID and a password to use its services. He is obliged to treat this as confidential and is liable for any misuse resulting from unauthorised use of the password. If the client becomes aware that unauthorised third parties know the password, he must inform innoXchain immediately. Should third parties use services of innoXchain through misuse of the passwords due to the fault of the client, the client is liable to innoXchain for usage fees and damages. In case of suspicion, the client therefore has the possibility to set a new password or to ask the innoXchain to block access.
The data protection declaration published separately on the website of innoXchain in its respective version applies.
7.1 The customer undertakes not to publish any content that infringes the rights of third parties or otherwise violates applicable law. The deposit of extremist or immoral content is not permitted. We are entitled to block the customer’s access in the event that this has been violated. The same applies in the event that the customer publishes content that is likely to offend the honour of third parties, insult or disparage persons or groups of persons. This also applies in the event that an actual legal claim should not exist. We are not obliged to check the contents of our customers.
7.2 The sending of spam mails is prohibited. This includes in particular the sending of inadmissible, unsolicited advertising to third parties. When sending e-mails, it is also prohibited to provide false sender data or to disguise the identity of the sender in any other way. In case of non-observance, we are entitled to block access and to claim a payment of €1,000.00 per violation.
8.1 We assume no liability for direct damage, consequential damage or loss of profit due to technical problems and disturbances within the Internet which are not within the sphere of influence of innoXchain.
8.2 We are not liable to entrepreneurs for slightly negligent violation of insignificant contractual obligations. This does not apply in all cases of personal injury and in accordance with the Product Liability Act.
8.3 For indirect damages and consequential damages as well as for loss of profit, we shall only be liable to entrepreneurs in cases of intent and gross negligence. In this case the liability of innoXchain is limited to the contract-typically foreseeable damage, max. to 100 % of the annual product rent.
8.4 If the client violates the obligations mentioned in clause 6, in particular legal prohibitions or morality, with the content of his Internet pages, he is liable to innoXchain for compensation of all direct and indirect damages resulting therefrom, including financial losses. In addition, the client undertakes to indemnify innoXchain from any claims of third parties of any kind resulting from the illegality of content placed on the Internet. The indemnification obligation also includes the obligation to completely indemnify innoXchain from legal defense costs (e.g. court and attorney fees).
8.5 We assume no liability for direct damages, consequential damages or lost profits due to technical errors of open source software.
Terms of Payment
9.1 The current prices, which can be viewed at any time at https://www.innoxchain.com, https://www.office-host.com or https://www.wolkesicher.de/, apply.
9.2 Depending on the contractual agreement, a monthly, quarterly, half-yearly, annual or biennial invoice is issued. Unless otherwise agreed, billing shall be effected by invoicing. All fees are then due for payment immediately upon receipt of the invoice.
9.3 If any payment periods granted in the invoice are exceeded, we shall be entitled to charge default interest even without a reminder. If the customer is a consumer, the amount of default interest shall be 5 percentage points above the base interest rate. If the customer is an entrepreneur, the amount of the default interest is 8 percentage points above the base rate.
9.4 Furthermore, in the event of default, we shall be entitled to block the customer’s online storage and to retain all other services.
9.5 Invoices are sent by e-mail as attachments or can be downloaded as PDF files in the customer area. If delivery is requested by letter, we shall be entitled to charge a reasonable processing fee. In case of retroactive invoice changes, which are not caused by innoXchain, we are entitled to charge a reasonable processing fee.
9.6 When paying by SEPA direct debit, the collection takes place with a shortened period of one working day after sending the order confirmation by e-mail.
9.7 For commercial/business customers we charge a reminder fee of 40.00 EUR for late payment in accordance with §288 BGB paragraph 5. The delay of payment occurs automatically with non-payment of an invoice.
Duration of contract/termination/place of performance
10.1 Unless otherwise agreed in the contract, the contracts are concluded for an indefinite period.
10.2 Unless otherwise agreed in the contract, the contract may be terminated by either party with 14 days’ notice to the end of the month, without giving reasons, but at the earliest at the end of the contractually agreed minimum term. A cancellation can only be made in writing by e-mail, letter, fax or via a direct cancellation in the customer area, as far as this possibility is available.
10.3 In addition, we are entitled to terminate the contractual relationship for good cause without notice. Such good cause shall be deemed to exist if, among other things, the customer is in default of payment for a not inconsiderable part of the remuneration for two consecutive months. Such an important reason can also lie, among other things, in the fact that the customer violates the obligations arising from section 6 substantially or in spite of a warning. A further important reason which may lead to blocking or termination without notice is if the customer uses content which could impair the normal operating behaviour or the security of our servers.
10.4 The place of performance for all services arising from this contract is Munich. The place of jurisdiction for all disputes arising from this contract shall be the court locally responsible for Munich, provided that the customer is a merchant, a legal entity under public law, or a special fund under public law. The same shall apply if the customer does not have a general place of jurisdiction in Germany or if his place of residence or habitual abode is unknown at the time the action is filed. In addition, we are entitled to sue at the customer’s place of business.
If the customer intends to transfer his contractual rights to another person, he requires the consent of innoXchain. A transfer of the contractual rights can only be made in writing by letter, fax or via the secured online administration area, as far as this possibility is available. In the case of a transfer by letter or fax, the previous and new contractual partners must sign personally.
Mention of the customer
If a customer does not object in writing, innoXchain is entitled, without prior verbal or written permission, to list the customer or end customers of the customer with a special designation as reference customers (name and logo) on its websites https://www.innoxchain.com/ or https://www.wolkesicher.de/.
12.1 Right of revocation
You can revoke your contractual statement within 2 weeks without giving reasons in writing (eg by letter, fax, e-mail). The period begins upon receipt of this instruction in text form, but not before conclusion of the contract and also not before fulfilment of the information duties of innoXchain pursuant to § 312 c para. 2 BGB in conjunction with § 1 para. 1, 2 and 4 BGB-InfoV, as well as duties of innoXchain pursuant to § 312 para. 1 sentence 1 BGB in conjunction with § 3 BGB-InfoV. The timely dispatch of the revocation is sufficient to comply with the revocation period. The revocation must be sent to: innoXchain GmbH, Wilhelm-Wagenfeld-Straße 16, 80807 Munich, Germany.
12.2 Consequences of revocation
In the event of an effective revocation, the services received by both parties shall be returned. Your right of revocation expires prematurely if the contract is completely fulfilled by both parties at your express request before you have exercised your right of revocation. Obligations to refund payments must be fulfilled within 30 days. The period begins for you with the dispatch of your declaration of revocation, for innoXchain with its receipt.
Questions and complaints
Questions and complaints should be addressed to innoXchain GmbH, Wilhelm-Wagenfeld-Straße 16, 80807 Munich, Germany.
Order processing according to Art. 28 DS-GVO
If the innoXchain is also the contractor of an order processing, the parties shall at the same time conclude the GCU enclosed as an annex.
innoXchain is entitled to commission third companies and vicarious agents with the provision of parts or the entire range of services. innoXchain is free to use newer or different technologies, systems, processes or standards than initially offered for the provision of services in the course of technical progress and/or to change companies and vicarious agents commissioned for the provision of services at any time without notice or notification, provided that no permanent disadvantages or disadvantages superior to the advantages arise for the client from this. A temporary loss caused by this does not mean a defect, the client is not entitled to compensation and no right to reduction of the fees, the client remains fully liable to innoXchain. Possible expenses incurred by the customer due to the aforementioned regulations and agreements shall be borne by the customer himself. A sale of individual business areas of innoXchain as well as the naming of one or more legal successors does not constitute a special termination right of the client. In case of termination of business all contracts end at the time of termination of business, the customer is entitled to a pro rata reimbursement of prepaid fees. Discounts granted to the customer on the basis of contracts with a term of at least 12 months shall remain valid.
Should individual provisions of this contract be invalid or unenforceable or become invalid or unenforceable after conclusion of the contract, this shall not affect the validity of the remainder of the contract. The invalid or unenforceable provision shall be replaced by a valid and enforceable provision whose effects come as close as possible to the economic objective pursued by the parties to the contract with the invalid or unenforceable provision. The above provisions shall apply accordingly in the event that the contract proves to be incomplete.
Munich, July 2018
Data processing according to Art. 28 DS-GVO
Subject matter and duration of the contract
(1) Subject matter
The object of the order for data processing results from the product Wolkesicher/Office-Host booked in each case and the GTC or IXC Cloud with associated Service Level Agreement, to which reference is made here (hereinafter referred to as Service Level Agreement).
The duration of this contract (term) corresponds to the term of the service agreement.
Concretisation of the contract content
(1) Nature and purpose of the proposed processing of data
Type and purpose of the processing of personal data by the contractor for the client are specifically described in the GTC for the product Wolkesicher or the Service Level Agreement for an IXC Cloud.
The provision of the contractually agreed data processing takes place exclusively in a member state of the European Union or in another contracting state of the Agreement on the European Economic Area. Any relocation to a third country requires the prior consent of the customer and may only take place if the special requirements of Art. 44 ff. of the German Data Protection Act are met. DS-GVO are fulfilled.
(2) Type of data
The nature of the data processed is determined by the Client through the choice of product, configuration, use of services and transmission of data.
(3) Categories of data subjects
The categories of parties concerned are determined by the client through product selection, configuration, use of services and transmission of data.
(1) The Contractor shall document the implementation of the technical and organisational measures outlined and required prior to the award of the contract prior to commencement of processing, in particular with regard to the concrete execution of the contract, and shall hand them over to the Customer for inspection. If accepted by the client, the documented measures become the basis of the order. If the customer’s inspection/audit reveals a need for adjustment, this shall be implemented by mutual agreement.
(2) The Contractor shall provide security in accordance with Art. 28 para. 3 lit. c, 32 DS-GVO, in particular in conjunction with Art. 5 para. 1, para. 2 DS-GVO. Overall, the measures to be taken are data security measures and measures to ensure a level of protection appropriate to the risk with regard to the confidentiality, integrity, availability and resilience of the systems. In doing so, the state of the art, the implementation costs and the type, scope and purpose of the processing as well as the different probability of occurrence and severity of the risk for the rights and freedoms of natural persons within the meaning of Art. 32 para. 1 DS-GVO shall be taken into account [details in Annex 1].
(3) The technical and organisational measures are subject to technical progress and further development. In this respect, the contractor is permitted to implement alternative adequate measures. The safety level of the specified measures may not be undercut. Material changes shall be documented.
Correction, restriction and deletion of data
(1) The contractor may not rectify, delete or restrict the processing of the data processed on behalf of the client without authorisation but only in accordance with documented instructions from the client. If a person concerned directly contacts the Contractor in this respect, the Contractor shall forward this request to the Customer without delay.
(2) Insofar as the scope of services includes the deletion concept, the right to be forgotten, correction, data portability and information in accordance with the documented instructions of the Customer shall be ensured directly by the Contractor.
Quality Assurance and Other Duties of the Contractor
In addition to compliance with the provisions of this contract, the Contractor shall have statutory obligations pursuant to Art. 28 to 33 DS-GVO; to this extent, the Contractor shall in particular ensure compliance with the following requirements:
a) Written appointment of a data protection officer who performs his duties in accordance with Art. 38 and 39 DS-GVO.
ePrivacy GmbH, Große Bleichen 21, 20354 Hamburg, Germany, telephone: +49 40 609451 810, email@example.com, has been appointed by the contractor as data protection officer. The client must be informed immediately of any change in the data protection officer.
b) The protection of confidentiality according to Artt. 28 Para. 3 S. 2 lit. b, 29, 32 Para. 4 DS-GVO. When carrying out the work, the contractor shall only employ employees who are obliged to maintain confidentiality and who have been familiarised beforehand with the relevant data protection provisions. The contractor and any person subordinate to the contractor who has access to personal data may only process these data in accordance with the instructions of the client, including the powers granted in this contract, unless they are legally obliged to do so.
c) The implementation and compliance with all technical and organisational measures required for this order pursuant to Art. 28 para. 3 sentence 2 lit. c, 32 DS-GVO – details in Annex.
d) Upon request, the contracting authority and the contractor shall cooperate with the supervisory authority in the fulfilment of their tasks.
e) Immediate information of the contracting authority on control actions and measures of the supervisory authority, insofar as they relate to this contract. This shall also apply if a competent authority investigates the processing of personal data by the Contractor within the framework of administrative offence or criminal proceedings.
f) Insofar as the Customer is subject to inspection by the supervisory authority, administrative offence or criminal proceedings, the liability claim of a person concerned or a third party or any other claim in connection with the processing of the order by the Contractor, the Contractor shall support the Customer to the best of its ability.
(g) The contractor shall regularly monitor internal processes and technical and organisational measures to ensure that processing within its sphere of responsibility is carried out in accordance with the requirements of applicable data protection law and that the rights of the data subject are protected.
h) Verifiability of the technical and organisational measures taken vis-à-vis the client within the scope of his control powers according to Clause 7 of this contract.
(1) For the purposes of this regulation, subcontracting shall mean services which relate directly to the provision of the principal service. This does not include ancillary services which the Contractor uses e.g. as telecommunications services, postal/transport services, maintenance and user services or the disposal of data carriers as well as other measures to ensure the confidentiality, availability, integrity and resilience of the hardware and software of data processing systems. However, the Contractor shall be obliged to take appropriate and legally compliant contractual agreements and control measures to guarantee the data protection and data security of the Customer’s data even in the case of outsourced ancillary services.
(2) The contractor may only commission subcontractors (further contract processors) with the prior express written or documented consent of the client.
a) The client agrees to the assignment of the following subcontractors under the condition of a contractual agreement in accordance with Art. 28 para. 2-4 DS-GVO:
The list of subcontractors can be found under the following link
(b) Outsourcing to subcontractors or changing the existing subcontractor shall be permitted to the extent that:
– the contractor notifies the contracting authority of such outsourcing to subcontractors in writing or in text form a reasonable time in advance, and
– the customer does not object to the planned outsourcing in writing or in text form to the contractor up to the time the data is transferred, and
– a contractual agreement in accordance with Art. 28 para. 2-4 DS-GVO is applied.
(3) The passing on of personal data of the client to the subcontractor and his first action are only permitted when all requirements for subcontracting have been met.
(4) If the subcontractor performs the agreed service outside the EU/EEA, the Contractor shall ensure the admissibility under data protection law by appropriate measures. The same shall apply if service providers within the meaning of para. 1 sentence 2 are to be employed.
(5) Any further outsourcing by the subcontractor requires the express consent of the main contractor (at least in text form). All contractual provisions in the contract chain shall also be imposed on the further subcontractor.
Control rights of the client
(1) The Customer shall have the right to carry out inspections in consultation with the Contractor or to have them carried out by inspectors to be appointed in individual cases. He has the right to convince himself of the observance of this agreement by the contractor in his business operations by means of spot checks, which as a rule must be notified in good time.
(2) The Contractor shall ensure that the Customer can satisfy himself that the obligations of the Contractor under Art. 28 DS-GVO have been complied with. The Contractor undertakes to provide the Customer with the necessary information upon request and, in particular, to provide evidence of the implementation of the technical and organisational measures.
(3) Evidence of such measures, which do not only concern the specific order, can be provided by compliance with approved rules of conduct pursuant to Art. 40 DS-GVO;
(4) The contractor may assert a claim for remuneration in order to enable the client to carry out inspections.
Notification of infringements by the contractor
(1) The Contractor shall assist the Client in complying with the obligations set out in Articles 32 to 36 of the DS-GVO regarding the security of personal data, reporting obligations in the event of data breakdowns, data protection impact assessments and prior consultations. These include, but are not limited to
a) ensuring an adequate level of protection through technical and organisational measures which take into account the circumstances and purposes of the processing as well as the predicted probability and severity of a possible breach of rights due to security gaps and enable an immediate detection of relevant breach events
(b) the obligation to report infringements of personal data to the contracting authority without delay
(c) the obligation to assist the contracting authority in its duty to inform the data subject and, in this context, to make all relevant information available to the data subject without delay
(d) assisting the contracting authority with its data protection impact assessment
(e) assisting the contracting authority in prior consultations with the supervisory authority
(2) The contractor may claim remuneration for support services which are not included in the service description or which are not attributable to a misconduct on the part of the contractor.
Authority of the Customer to issue instructions
(1) Oral instructions shall be confirmed by the client without delay (at least in text form).
(2) The contractor shall inform the customer immediately if he is of the opinion that an instruction violates data protection regulations. The Contractor shall be entitled to suspend the execution of the corresponding instruction until it has been confirmed or amended by the Customer.
Deletion and return of personal data
(1) Copies or duplicates of the data shall not be made without the knowledge of the Customer. Excluded from this are backup copies insofar as they are necessary to guarantee proper data processing, as well as data which are necessary with regard to compliance with statutory storage obligations.
(2) Upon completion of the contractually agreed work or earlier upon request by the Customer – at the latest upon termination of the performance agreement – the Contractor shall hand over to the Customer all documents, processing and usage results as well as data stocks which have come into his possession and which are connected with the contractual relationship, or, after prior consent, destroy them in accordance with data protection regulations. The same applies to test and scrap material. The deletion protocol must be submitted upon request.
(3) Documentations which serve as proof of the orderly and proper data processing shall be kept by the contractor beyond the end of the contract in accordance with the respective retention periods. He may hand them over to the Customer at the end of the contract for his relief.
Annex – Technical-organisational measures
The contractor works exclusively with computer centres that are ISO 27001 certified and located within the EU or EEA, preferably in Germany. Our long-term hosting partners are Host Europe GmbH and Strato AG. When selecting our partners, we attach particular importance to the fact that data protection and data security enjoy a high priority and that the ISO 27001 certification is TÜV-tested.
For the Wolkesicher and IXC Cloud products, the security of the data centers of the hosting partners is decisive. The data loaded into the Wolkesicher/IXC Cloud online storage is not transferred outside the data centres of our hosting partners. Only those customer data are stored and processed on the working devices of innoXchain GmbH which are necessary for the provision of our service. innoXchain GmbH does not operate any servers outside the computer centers of the aforementioned hosting partners.
Confidentiality (Art. 32 para. 1 lit. b DS-GVO)
Our hosting partners secure your data centres with security locks, barred windows and roller blinds. Access via designated access routes is only possible for authorized persons with magnetic cards and keys. In addition, access routes are secured by security guards, video and alarm systems. Employees with access authorization are defined organizationally; magnetic cards and keys are only issued in accordance with the organizational instructions. Attendance lists are kept via the access, regulations for external personnel and guidelines for accompanying guests are available.
Access control at our hosting partners is regulated as follows: Access to systems is granted with authentication by individual user ID and password. Authorizations are assigned according to an access authorization concept, the passwords must meet the security requirements of ISO-27001. The systems are protected against unauthorized access, e.g. by firewalls.
Root servers, as used by innoXchain GmbH, are secured by it according to the same requirements. This includes, for example, firewalls and personal certificates issued to employees for access to servers (password-based access is not possible) as well as logging of accesses.
Our hosting partner ensures access control with the following measures: Permissions are defined in the IT systems. Authorization authorization (organizational) and authorization assignment (technical) are separate. Access according to authorizations is also maintained in procedures for restoring data from backups. Test and production environments are separate. Remote maintenance is always performed and logged with a unique user ID. Furthermore, employees of our hosting partners have no access to the root servers used by innoXchain GmbH.
Access to the root servers of innoXchain GmbH by employees is only possible via personally assigned certificates, a password-based access to the servers does not exist. All logins of employees on the servers are logged.
The separation control takes place physically with our hosting partners or logically with virtual servers.
With cloud security/IXC cloud, each customer cloud is implemented logically separately. This is done through independent instances of cloud applications, logically separated databases per cloud, and separate data directories per cloud. For clouds with service level agreement and dedicated infrastructure, data is physically separated from other clouds.
Integrity (Art. 32 para. 1 lit. b DS-GVO)
The employees of our hosting partners are bound by data secrecy. Where necessary, the data is protected against access at the network level, data is encrypted and interfaces are protected against unauthorised data export.
The employees of innoXchain GmbH are also bound to data secrecy. Data transfers between working devices of innoXchain GmbH and the servers of our hosting partners are always encrypted. The tools also have personal user accounts and encrypted storage media. The export of customer-related data to unencrypted storage media is prohibited.
The data is entered by the client himself. Our employees may not access customer data or enter, change or delete data (an exception is the documented and explicit request of the customer). Our hosting partner has no access to the root servers operated by innoXchain GmbH. We only block servers for legal or technical reasons as well as in case of delayed payment. The protocol data are stored and contain the employee identification, provided that a manual intervention is present. The deletion of data after the end of the contract is automated and documented.
Availability and resilience (Art. 32 para. 1 lit. b DS-GVO)
Backups of internal company data and customer data are stored in two data centers and are thus protected against natural disasters, for example.
The following are used to ensure availability
Redundant system design
quality of service
Resilience against failures of individual servers
Design of the overall architecture for horizontal scalability
Our hosting partners implement various measures to ensure availability and resilience:
Redundancy of primary technology
Redundancy of the power supply
Redundancy of communication connections
Resource planning and provisioning
Defense against system-criming abuse
Data backup concepts and implementation
Regular inspection of emergency facilities
Rapid recoverability (Art. 32 para. 1 lit. c DS-GVO) is ensured by an emergency plan and corresponding data backup concepts and their implementation.
Procedure for regular review, assessment and evaluation (Art. 32 para. 1 lit. d DS-GVO; Art. 25 para. 1 DS-GVO)
Security related issues are regularly audited (firewall, status of personally assigned accesses, logs of firewalls and access systems). In the event of security-relevant events, these are documented and tracked, including derived measures.
Our hosting partners have
Information security management according to ISO 27001
Security incident management processes
Processes for carrying out audits of organizational and technical measures
innoXchain AGB, Version 1.0 from 01.07.2018
Alternative Dispute Resolution in accordance with Art. 14 (1) ODR-VO and § 36 VSBG:
The european commission provides a platform for online dispute resolution (OS) which is accessible at https://ec.europa.eu/consumers/odr. We are not obliged nor willing to participate in dispute settlement proceedings before a consumer arbitration board.