Terms of Service

Last updated: May 3, 2026

Deutsche Fassung

These legal texts are available in German and English. The German version is the authoritative version. In case of discrepancies, the German version prevails, unless mandatory consumer protection or data protection law requires otherwise.

1. Scope

These Terms of Service apply to the use of “Brisko” (the “Service”), operated by Noah Sioly UG (haftungsbeschränkt), Hoheluftchaussee 139, 20253 Hamburg, Germany (“we”, “us”).

By creating an account or using the Service, you agree to these Terms.

2. Description of the Service

Brisko is an assistive tool that helps you automatically collect, name and organize invoices, receipts, billing documents, payment documents and related metadata from various external sources.

The Service may connect to third-party portals, email accounts, cloud storage providers and other connected sources on your behalf to retrieve, download, name and organize documents, and to process them locally, server-side or via integrated third-party services for the features you activate.

Brisko does not guarantee the completeness, accuracy, tax usability, legal usability or GoBD compliance of retrieved documents.

3. Free Service and Future Paid Features

Brisko is currently offered free of charge. Paid features, subscriptions or paid tiers may be introduced later.

You will only incur charges if you expressly accept a paid offer. Paid features may be subject to additional terms, prices, subscription periods and cancellation rules.

4. Your Account

  • You must provide accurate information when creating an account.
  • You must be at least 18 years old to use the Service.
  • You are responsible for keeping your Brisko login credentials secure.
  • You are responsible for all activity under your account to the extent you are responsible for that activity.
  • You must inform us without undue delay if you suspect unauthorized access.

5. Acceptable Use

You agree not to use the Service:

  • for unlawful purposes or in violation of applicable law;
  • to access accounts, data or systems of other persons without authorization;
  • to disrupt, overload or impair the Service, connected third-party portals or their infrastructure;
  • by automated means beyond the intended functionality of the Service;
  • to reverse engineer, decompile or disassemble any part of the Service, unless mandatory law allows this.

6. Connection to External Sources and Third-Party Portals

Brisko connects to external sources and third-party portals on your behalf, including online portals, email accounts, cloud storage providers and payment or billing services.

You instruct Brisko as a technical service provider to retrieve information and documents in your name from the external sources you connect, where applicable using credentials, tokens, session cookies or OAuth access provided by you.

You are responsible for checking and complying with the terms you have with each third-party provider before connecting a third-party portal and before using automated retrieval.

Third-party providers may prohibit, technically block, restrict or challenge automated access, require captchas or other security checks, or suspend user accounts due to automated access.

Brisko uses credentials, tokens or session data provided by you only to provide the features you activate, including retrieval, processing, naming and organization of documents.

Without prejudice to sections 12.1 and 12.2, we are not liable for:

  • changes, outages or disruptions of third-party portals;
  • account suspensions or access restrictions by third-party providers due to automated access;
  • loss or modification of data at third-party portals;
  • content, accuracy or completeness of documents provided by third-party portals;
  • permanent inability to retrieve documents, even if a disruption is later resolved.

7. Credentials, Tokens and Session Cookies

For certain connections, Brisko may store and process login data, OAuth tokens, API tokens or session cookies.

These data are stored encrypted where they are stored server-side. The encryption key is managed server-side. This protects the data against unauthorized access; technical access by our systems cannot be absolutely excluded.

Credentials may be processed temporarily in memory during a retrieval run by serverless functions, browser automation, cloud browsers or local browser processes, because the retrieval would otherwise not be technically possible.

You can delete stored credentials for connected sources or disconnect a source in the settings.

8. Browser Extension and Cloud Browser

For certain connections, Brisko may use a browser extension or cloud browser technology.

The browser extension may read session cookies for the domain you connect, read service-specific browser storage values for individual connected services, read page content from the connected domain for technical processing and download files with your existing third-party session if you actively start the relevant process.

Cloud browsers may process page content, session data, cookies, screenshots, technical logs or other technical session data during individual connection or retrieval features to the extent required for the connection or retrieval process.

We use such technologies only to provide the features you activate. You should nevertheless assume that a connected cloud browser can technically access the content visible during the session in the connected third-party account.

Browser- or cookie-based connections are not technically read-only permissions limited by the provider. Brisko is designed to use them only for the retrieval and connection features you activate.

9. Email and Cloud Sources

If you connect email or cloud sources, Brisko may process email metadata, search results, subject lines, senders, received dates, attachment metadata, PDF attachments, file metadata and selected files, depending on the provider.

For Gmail, Outlook and Google Drive, we use read-only OAuth permissions where possible. For IMAP, you may need to provide an email password or app password. We recommend using an app password or application-specific password for IMAP connections instead of your main password.

Brisko is not intended to send, delete or modify emails where the relevant integration is intended only to find and download documents.

10. AI-Assisted Features

Automated naming, categorization, validation and sorting of documents may be AI-assisted.

AI results are technical assistance and may be incomplete, incorrect or unsuitable. You must review results before use, especially before using documents for accounting, tax, legal evidence or archiving.

No guarantee is given for accuracy, completeness, tax usability or legal usability.

11. Availability, Security and Suspension

We aim to provide high availability of the Service, but we do not guarantee uninterrupted, error-free or permanent availability.

We may temporarily restrict, suspend or disable individual connectors, automated retrievals or the Service as a whole if required for security reasons, abuse prevention, legal risk, third-party requirements, third-party disruptions or technical issues.

We take appropriate technical and organizational measures to protect your data, but absolute security cannot be guaranteed.

12. Liability

12.1 Unlimited Liability

We are liable without limitation for:

  • intent and gross negligence;
  • injury to life, body or health;
  • claims under the German Product Liability Act;
  • mandatory statutory liability.

12.2 Limited Liability for Slight Negligence

In cases of slight negligence, we are liable only for breaches of material contractual obligations. Material contractual obligations are obligations whose fulfillment is necessary for the proper performance of the contract and on whose compliance you may regularly rely.

In such cases, liability is limited to the foreseeable damage typical for this type of contract.

12.3 Data Loss

Without prejudice to sections 12.1 and 12.2, we are not liable for data loss to the extent that:

  • the damage could have been avoided by reasonable backups by you;
  • the loss was caused by changes, outages or suspensions at third-party portals;
  • the loss was caused by incorrect, expired, revoked or incomplete credentials;
  • the loss was caused by settings, filters, scan ranges or schedule configurations chosen by you.

12.4 Third-Party Portals

Without prejudice to sections 12.1 and 12.2, we are not liable for disruptions, outages, changes, access restrictions or account suspensions at third-party portals you connect.

This includes cases where third-party providers change interfaces, restrict automated access, invalidate session cookies, require security checks or suspend user accounts due to automated access.

12.5 AI-Assisted Features

Automated naming, categorization, validation and sorting of documents is provided without any guarantee of accuracy or completeness. Our liability under sections 12.1 and 12.2 remains unaffected.

12.6 Automated Collection Runs

Without prejudice to sections 12.1 and 12.2, we are not liable for damages from automated collection runs to the extent they are caused by incorrect configuration, unsuitable credentials, missing user review or settings chosen by you.

12.7 Liability Cap

Where our liability is not unlimited under section 12.1 and to the extent permitted by law, our total liability to a user is limited to the amount paid by that user in the 12 months preceding the damaging event.

For free use, liability is limited to EUR 100 to the extent permitted by law. Mandatory statutory liability remains unaffected.

13. No Tax Advice, Legal Advice or GoBD Archiving

Brisko does not provide tax advice, legal advice, bookkeeping, accounting classification or GoBD-compliant archiving.

Brisko does not replace your own backups or review by you, your tax advisor, your accounting team or other qualified persons.

You remain responsible for completeness, accuracy, retention, tax use, legal use and timely processing of your documents.

14. Termination and Deletion

You can delete your account at any time in the settings.

We may suspend or terminate accounts in case of breach of these Terms, misuse, security risks or legal risks.

Upon termination or account deletion, we delete or anonymize server-side personal data without undue delay, unless statutory retention obligations, security or abuse evidence, or technical backup periods prevent deletion.

Local data in your browser, including localStorage and IndexedDB, remains on your device until you remove it or use the intended deletion functions.

15. Changes to These Terms

We may update these Terms where objective reasons exist, including legal changes, new or changed features, technical developments, security requirements or changed third-party provider requirements.

We will inform you about material changes in advance by email or by a prominent notice within the Service.

If a change materially affects your contractual rights or obligations, we will obtain your consent or grant you a special termination right.

Editorial or legally required changes may be made without separate consent if they do not unreasonably disadvantage the user.

16. Governing Law and Jurisdiction

The laws of the Federal Republic of Germany apply.

The place of jurisdiction is Hamburg to the extent legally permitted.

For consumers, mandatory consumer protection provisions of the country where the consumer has their habitual residence apply if they are more favorable.

17. Contact

Questions about these Terms can be sent to support@brisko.net