It's not your "job" to check contracts, but it is damn well your right and responsibility to read and understand the terms before you sign them.

It's a contract. If you agree to it you're bound by its terms. If the terms are vague, you're going to need to ask for clarification -- not 'as your job', but for yourself.

Your boss' comment comes dangerously close to saying "Don't worry about the terms, just sign the contract"; I'm not sure I'd call it a red flag just yet but it's certainly a crimson-ish color flapping suggestively.

I'd recommend you -- politely, but firmly -- insist on clarification before you sign the terms... And if at all possible, start quietly looking for job openings in a different company, because the level of not-having-their-contractual-shit-together that you're describing is a red flag all on its own.

EDIT

The more I re-read your post the more alarm bells started ringing, so I forwarded it to my spouse, who is a recovering US lawyer with a tech background and litigation training. After she stopped screaming, she was kind enough to type up the following response:

UR&AM as an acronym in the business world generally stands for "User Review & Access Management." A cursory internet search showed a complete lack of any such named business/workflow management tool, which leads me to believe this is a homebrew app built by OP's employer to be used as spyware of some sort (among other possible reasons). While I am a lawyer, I am a recovering US-based lawyer, not licensed in any EU/EEA jurisdiction, and I am certainly not OP's lawyer and will not dispense legal advice.

THAT SAID.

As a lawyer, I'm smart enough to never agree to TOS or contracts with this many unknowns and holes, especially for a piece of software which purpose and provenance is unknown to me, especially when the person pushing it signs my timesheets, paychecks, and personnel evaluations.

"Don't ask questions, just sign here" is how people end up in court battles and cults.

I've omitted one sentence here because I suspect the amount of profanity in it would not be appreciated, although the sentiment is very much that you should take the first opportunity to get as far away from there as possible.

... One last addendum:

If OP is aware of a tech oversight body in his jurisdiction (I am unfamiliar with German regulatory schemes), I would recommend bringing this to them. They may have some quiet advice for him.

I think that's sound advice. Best of luck.

the website does not have an imprint. IMHO, according to the German Digitale Dienste Gesetz §5, the website should have an imprint, so that I can find out who is responsible.

Assuming it is indeed internal, there's no need to. It's not a "Dienstleister" if it's company-internal.

This being the case similarly waives most of your DSGVO rights mentioned here because your company has a valid use-case and that page is not a distinct entity whom you can request deletion from, that is your company.

depending on the legal structure of your company (the Japan courts thing hints at a more complex setup) this may not be the case despite them clearly believing it to be the case (or they're wildly incompetent).

not directly waives but the app does not exist as a DSGVO-relevant entity but all your claims, rights and actions would be against your employer, so in comparison to an external offering you de-facto loose/waive most rights regarding the tool specifically.

This approach is really counterproductive. Unless you're an attorney with responsibility for reviewing such documents, AND the company has assigned these tools for you to use, then the thing to do is to check the boxes and move on. I can't imagine a situation where the company signs up for some new online service for lots and lots of employees, and a majority of the employees turns around and displays behavior like this; the outcome is a lot of wasted time.

It's your management's responsibility to have vetted these things, and if there are consequences, then management owns those consequences. Do your job.

Good grief!

This really depends on whether the contract in question binds you, or the company you work for:

If the company choses to process data in a way that may violate the company's legal duty to comply with the GDPR, and consequences from breaching it will fall on the company, not you personally, it is the company, not you, that gets to decide whether this contract should be signed, and your manager may direct you to sign it as part of your job duties.

If however you are asked to do something that infringes on your personal rights, such as the right to have your personal data handled in accordance with the GDPR, or something might give rise to criminal liability, you get to decide whether to sign that contract, and should personally vet that contract, possibly with the help of your own lawyer.

Since you haven't told us the nature of the data handled by this application, we can't tell whether its cavalier attitude towards the GDPR is a serious matter that might affect you personally. For instance, if that application were to handle medical data, and you are a medical professional bound by "ärztliche Schweigepflicht" (doctor-patient confidentiality), use of this application might violate your own legal duties. However, if its just about how many office supplies your company wants to order from the Japan main office, it's really your company's prerogative to decide how that gets done.

As you are in Germany, and the company is obviously significantly large, you probably have a Betriebsrat. This is an ideal topic for them. They can help you with how to behave yourself (in your best interest), i.e. whether and what to sign - or if you do not sign, to "weather the storm". Also they can take up the discussion with the provider of the application (since you are not the only person benefiting from a well-designed internal application).

I have studied law with a focus in economics, especially terms and conditions in Switzerland, which is comparable to the situation in Germany.

I try hard to understand what your question is. I do think it is: „Am I damaging my employer by using this software?“

I am assuming you are using a software that is pre-installed on a computer that is owned by a company that you have a work contract with. And you are ordered or implied to use this computer to perform your work.

The question comes down in what capacity and under what legal body you are using this computer.

As an employee of the company you are not acting as a private individual, but as part of the legal body of the company. If you are using software on this computer you are not using it as Mr. or Ms. XYZ, but as Company Inc. ABC. More notably other parts of the company have ordered you to do so.

If any damage arises by the use of that software it is not you damaging the company, but the company damaging itself. Notably you have pointed out the risk and have been ordered to continue.

That said, if you have no power of attorney to act in the name of the company. Which I assume you do not have. You can not enter legal agreements in the name of the company. Even if terms and conditions or statements state otherwise.

Be careful however to always make clear that you are acting as an employee of that company and not as an individual. This can be done via email signatures or email addresses. Or explicitely stating so.