Reselling Agreement | Solidgate
Login

Reselling Agreement

Last updated:

Version 1.0

WHEREAS:

(A) the Partner wishes to engage the Company for the provision of Services as described herein.

(B) The Company has agreed to supply the said services on the terms and conditions set out in this Agreement. 

(C) it is the express objective and intention of the Parties to this Agreement to achieve a high degree of efficiency in their professional relationship, to their mutual benefit.

NOW, THEREFORE, the Parties hereto agree as follows:

1. DEFINITIONS

Applicable Law means English Law. Where context requires, the Applicable Law shall include Card Scheme Rules, Anti-Corruption Laws, Data Protection Laws, any transnational, domestic or foreign federal, state or local law (statutory, common or otherwise), including the law of states where the Customer is based, constitution, treaty, convention, ordinance, code, rule, regulation, order, injunction, judgment, decree, ruling or other similar requirement enacted, adopted, promulgated or applied by a respective governmental authority that is binding upon or applicable to Parties, as amended unless expressly specified otherwise.
Anti–Corruption Laws means the U.S. Foreign Corrupt Practices Act (“FCPA”) and any other applicable anti–bribery and anti–corruption laws and regulations, including, without limitation, any laws intended to implement the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, signed in Paris on December 17, 1997 (the “OECD Convention”).
Business Day means each day on which the banks are open for business in the United Arab Emirates.
Card Scheme Rules means the rules of Card Schemes (in particular MasterCard and/or Visa), which regulate the use of their trademarks, processing of the Transactions, the Refunds and Chargebacks requirements for the cards’ acceptance on the Internet, etc. Information on the rules of Card Schemes is available on their public websites.
Card Schemes means Visa, MasterCard, American Express, JCB, Diners, Discover and/or such other organisation governing the issuance and use of cards.
Chargeback means any Custmer charge, which is identified as being invalid or non-collectable after initial acceptance, on account of fraud, lost, cancelled, unissued, or invalid account identification, an unresolved Customer complaint, or other cause, resulted to full or partial reversal, initiated by Card Schemes.
Confidential Information means the information, including the intellectual propoerty information, about existence of this Agreement, its pecularities, and relations between the Parties and any information or material: Confidential Information means the information, including the intellectual propoerty information, about existence of this Agreement, its pecularities, and relations between the Parties and any information or material:

(a) concerning this Agreement, either Party’s internal business, employees, policies and/or actual or potential customers; or
(b) which derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable by proper means by other persons who can obtain economic value from its disclosure or use.

Provided, however, that the Confidential Information excludes any information or material:

(a) which is or subsequently becomes to the general public other than through a breach by the receiving Party;
(b) which is already known to the receiving Party before disclosure by the disclosing Party;
(c) which is independently developed by the receiving Party without use or reference to the Confidential Information of the other; or
(d) which the receiving Party rightfully receives from third parties without restriction as to use or disclosure.
Customer end customer, who purchase the Product from the Company or third- party provider(s) engaged by the Company acting as a reseller of the Partner.
Data Protection Laws means all applicable laws, statues, regulations, ordinances, codes, rules, guidance, orders or any other legal entitlement issued by any governmental body governing the collection, use, transfer, and disclosure of Personal Data, including, if applicable, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”).
Сommission means the margin payable to the Company for Services in respect of each resale of a Product made by the Company.
Effective Date means the date of the Agreement, stated on the first page of this Agreement or, if the Agreement is accepted by checking the box on the Company’s website, the date indicated on the Company’s website.
Parties means the Company and the Partner.
Partner’s Fee means the amount paid by the Company to the Partner as a consideration for the license for the Product, as defined in Section 3 of this Agreement.
Partner Information means all information reasonably requested by the Company and provided by the Partner necessary for providing Services.
Product Means the Partner’s product(s) (e.g., physical or online good(s), software product(s), digital content) that has been approved by the Company and agreed to be resold and distributed.
Price means the Partner’s recommended price for the Product.
PSP means a payment service provider, acquirer, bank or other third-party financial institution, which has a contractual relationship with the Company or with a third-party provider(s) engaged by the Company for the acceptance of Customers’ payments for the Product, to enable the Company to accept the Transactions and receive value in relation to such Transactions.
Representatives means the beneficial owners, principals, officers, authorized representatives, and employees.
Refund means a full or partial reversal of a particular payment where the funds are reimbursed to the Customer on the Company’s (or its third-party provider’s) initiative or request.
Sales Tax means any indirect tax chargeable on the Product globally, including but not limited to VAT, GST, Sales Tax and Sales & Use Tax.
Services means the reselling services, as further described in Section 2 of this Agreement, provided by the Company to the Partner.
Trademarks means the Partner’s trademarks, service marks, trade names and logotypes whether registered or otherwise.
Transaction means any payment or refund for payment of Product sold to Customers by the Company or its third-party provider(s).
Website means website(s), domain(s), sub-domain(s) and IT environments owned and operated by the Partner where the Product will be sold using the Services unless otherwise agreed upon by the Parties.

2. APPOINTMENT AND SERVICES

2.1. The Partner hereby appoints the Company as its non-exclusive reseller authorized via this Agreement to resell the Products (in each case if and to the extent applicable), including, where applicable, to manage relationships with Customer.

2.2. The Company is solely responsible to carry out any ancillary acts that are reasonably necessary for the Company to carry out this Agreement, including to:

(a) sell directly or by making the Product available for access, download or purchase, including through online marketplaces (if and to the extent previously agreed by the Parties) and such other distribution channels through which the Company may operate, or as may become available as mutually agreed by the Parties from time to time, or as otherwise set forth herein.

(b) invoice Customers for the Product and collect payment in full, by bank transfer or other agreed payment method.

(c) provide customer and order support, including but not limited to, Chargebacks and Refunds processing.

2.3. Company reserves the right to use third-party service provider(s), including in rendering any of the Services to the Partner. Company shall exercise reasonable care while choosing the provider.

3. PARTNER’S FEE 

3.1. For each Transaction, the Company shall pay the Partner the amount equal to the Price less:

(a) Chargebacks, Refunds, all fines, reserves, and charges, except for the standard processing commissions, withheld according to Card Scheme Rules, PSP agreement, or Applicable Law;

(b) any Sales Tax paid or due to be paid by the Company or third-party provider appointed by the Company (if applicable);

(c) the Commission;

(d) any other charges payable by the Partner pursuant to this Agreement.

3.2. The Company shall on a monthly basis not later than the 12th Business Day of each month provide the Partner with the data on any and all Transactions for the previous month, which includes without limitation data on invoicing, payment, and other financial records associated with each Transaction.

3.3. Notwithstanding the foresaid, the Company shall on a quarterly basis provide the Partner with the detailed summary on any and all indirect taxes chargeable on the sale of the Product to the Customers globally. The foresaid indirect taxes shall include, without limitation, sales tax, sales and use tax, VAT, and GST.

4. THE COMPANY’S COMMISSION

4.1. The Commission shall be calculated as defined in the Schedule A to the Agreement.

4.2. Chargebacks, Refunds, all fines, reserves, Sales Tax, and other charges (except for the standard processing commissions) shall not be included in the Commission and shall be withheld out of the processed Transactions. If it is impossible to deduct the amounts owed to the Company under this Agreement from the processed Transaction, such amounts shall be, at the Company’s option, (i) deducted from the reserve withheld under the Agreement, or (ii) paid by the Partner within five (5) Business Days after the receipt of the Company’s invoice.

4.3. As a reseller, the Company (or its third-party provider(s)) reserves the right to set the price or license fee at which the Product is offered for sale to Customer.

4.4. In case the Company or appointed third-party provider(s) is required to refund a Customer (including through Chargebacks and/or Refunds), the Company is entitled to receive from the Partner amount of the Refund or  Chargeback as well as any charges and fees incurred by the Company or third- party provider(s) as a result. The Company reserves the right to suspend all Services until the deficit is paid.

4.5. The Company shall have the right, upon a ten (10) day notice, to change any provision of the Agreement, including but not limited, with regards to Clause 4 of the Agreement, if:

(a) The changes are imposed upon the Company under the PSP Agreement and/or Applicable Law;

(b) The change is required on the basis of risk management considerations of the Company. related to Chargebacks, Refunds, fraud, or reserve. For this, the Company shall communicate the reason for and substantiation of such considerations.

4.6. If the Partner does not accept the changes prescribed in clause 4.5 of the Agreement, it has the right to terminate the Agreement before the new provisions enter into force. After the said term, the new changes are considered accepted and in force.

5. TAXES

5.1. Prior to the commencement of sales of the Products on the Website, the Partner should provide the Company with all necessary tax identification information, including tax ID, VAT ID, or any other relevant data that the Partner requests relevant to compliance with applicable tax laws and regulation. The Company or, if applicable, third-party provider(s) engaged by the Company will collect and remit in its own name Sales Tax as required by applicable law for all of its Customers sales.

6. SUPPORT AND MAINTENANCE OBLIGATIONS

6.1. The Company assumes first tier after-sales support to Customers. First tier after-sales support is limited to invoicing, handling requests for Refunds, Chargebacks, payments, reconciliation and initial order related support.

6.2. The Partner assumes providing any additional ongoing customer service and after-sales support in respect of the Product, including but not limited to technical and/or delivery level support.

6.3. The Partner shall be responsible for providing to the Company all necessary details for entering into the applicable license agreement, terms of use, terms of service or similar terms with Customers for use of the Products. 

6.4. The Partner shall be responsible for providing all warranty, support, maintenance or any other after-sales obligations to the Customer. If these obligations are imposed on the Company by law, the Partner hereby appoints the Company to handle such matters as the Partner’s authorized representative.

6.5. If necessary, the Partner shall provide the Company with all technical helpdesk information related to the Products requested by the Company and any other form of assistance the Company may require.

6.6. If a Product is a software-as-a-service, the Partner shall be solely responsible for hosting and provisioning the service to Customers.

6.7. In case Customer of the Products purchased from the Company requests a Chargeback or Refund of the fees paid by the Customer, the Company will submit a refund request to the Partner in writing (including by email or in other electronic forms as agreed by the Parties from time to time) for approval. In the event of a Refund or Chargeback, the Company has the right to retain the respective amount for the Refund or Chargeback or to recover the amount directly from Partner by direct reimbursement.

6.8. Notwithstanding the foregoing, the Company reserves the right to refund fees to the Customer in the following situations: (i) an order is fraudulent; (ii) the Customer has introduced a duplicate order or has placed a new and correct order for the desired Product and confirms that the previous order was incorrect and should be cancelled; (iii) the Customer has requested a Chargeback or Refund prior to confirmation and delivery of the Product; (iv) if the Partner does not reply to a Chargeback or Refund enquiry within the period envisaged by the Applicable Law and as requested by the Company; (v) if the request from the Customer is made in accordance with the Company’s refund policy and within the return period limit; (vi) the Chargeback/Refund is required by law; (vii) the Company determines a Refund is necessary to avoid liability or a higher cost than the actual refund or to be consistent with best business practices or to comply with the Card Scheme Rules or any rules or requirements of the Company’s payment processors; or (viii) the Partner fails to comply with its obligations under this Agreement.

7. COMPLIANCE

7.1. The Partner agrees and undertakes that the Product does not contain information or suggestions, that could be considered as infringement of this Agreement or Applicable Laws, the requirements of PSPs, rights of third parties.

7.2. The following shall be the condition precedent for the Company to start providing the Services and/or transferring Partner’s Fee to the Partner:

(a) The Partner successfully underwent the initial and ongoing verification and due diligence processes, by providing all the information requested by the Company, including the information about the Partner’s Product and Website(s), and Partner Information.

(b) The Partner has disclosed to and obtained a prior written approval from the Company for all Websites and Products.

7.3. It is prohibited to the Partner to:

(a) Use the Services in a way that infringes this Agreement, Applicable Laws, the requirements of PSPs, rights of third parties.

(b) Use the Services for the reselling of the Products that were not previously approved by the Company.

(c) Conduct activity or use the Services in a way that may result in complaints, disputes, charges, penalties and other burdens to the Company or the third parties.

(d) Take actions or omissions that may expose the Company to credit risk, risk of fraud, breach of duties related to anti-money laundering and terrorist financing or other statutory obligations or a sudden increase of risk (assessed under the procedures adopted by the Company based on the Partner Information and other information available).

(e) Engage in misleading or deceptive conduct nor to use Services itself or permit others to use the Services for any improper, immoral, or unlawful purposes.

(f) To fail to maintain the following information on its websites:

(i) terms and conditions and privacy policy (Customer’s personal data protection policy);

(ii) information on settlement currency, any fees, including those for delivery, packaging, and taxes where required by Applicable Law and/or PSPs;

(iii) in case the Customer is re-billed automatically – an express Customer’s consent and/or disclosure as required by Applicable Law and/or PSPs for ongoing subscription and recurring payments or the proper disclosure of subscription offer; 

(iv) after ordering by the Customer and successful Transaction – the Customer should be informed about it in written or electronic form in accordance with the information received from the Company; and

(v) any other information required by the Applicable Law, in particular regarding provision of services by electronic means, distance sale, and consumer law.

7.4. If the Partner becomes incompliant with this Section 7, the Company shall have the right to suspend providing Services until the Partner is compliant again and/or terminate the Agreement.

7.5. Until the Partner submitted, and the Company has reviewed and approved, all requested information, including the information about the Products, Website(s), and Partner Information, the Company may suspend the Services and/or terminate the Agreement at any time and for any reason. At any time during the term of this Agreement and use of the Services, the Company may require additional information, including the information about the Product and Website(s), and Partner Information. The failure to provide this information within five (5) Business Days upon the Company’s request may result in suspension of the Services and/or termination the Agreement.

7.6. The Partner represents and warrants unconditionally that all the Partner Information it provides to the Company is correct and up to date and undertakes to provide the Company with at least five (5) Business Days’ prior written notice of any material change to any of the Partner Information.

7.7. Without derogating from any other right available to the Company under this Agreement, Applicable Laws or otherwise, on the basis of risk management considerations or where required to comply with the Applicable Law, the Company, in its sole discretion, has the right to suspend the Services in any jurisdiction at any time and for any period of time.

7.8. If the value of fraudulent Transactions exceeds one per cent (1%) of the value of all Transactions in any period of three (3) consecutive months, the Company can immediately terminate the Agreement and/or impose an additional fee of a percentage of the gross sales volume calculated by deducting one per cent (1%) from the average fraud-to-sales ratio over a period of the previous three (3) months.

8. REPRESENTATIONS AND WARRANTIES

8.1. THE SERVICES ARE PROVIDED “AS IS”. EXCEPT AS EXPRESSLY SET FORTH HEREIN, THE COMPANY DOES NOT MAKE ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, SUITABILITY OR QUALITY, WITH RESPECT TO THE SERVICES PROVIDED HEREUNDER OR ANY GOODS PROVIDED INCIDENTAL TO THE SERVICES PROVIDED HEREUNDER, INCLUDING ANY SERVICES OR ANY GOODS PROVIDED BY A THIRD PARTY, INCLUDING ANY BANK, PROCESSOR OR CARD ORGANIZATION. THE COMPANY SHALL NOT BE LIABLE FOR DELAYS, INTERRUPTIONS, SERVICE FAILURES AND OTHER PROBLEMS INHERENT IN USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS OR OTHER SYSTEMS OUTSIDE THE REASONABLE CONTROL OF THE COMPANY, INCLUDING THE UPTIME OR AVAILABILITY OF PARTNER’S WEBSITE.

8.2. The Partner warrants to the Company that:

8.2.1. At the date of this Agreement, it has full power and lawful authority to execute and deliver this Agreement and to perform its obligations under this Agreement. 

8.2.2. It is duly organised and validly existing under the laws of its domicile and has the legal capacity and corporate authority to own its property and carry on its business as now conducted and is not in breach of its by-laws.

8.2.3. It is in all material respects in compliance with and has at all times been, and is not in material default or violation in any respect of any Applicable Law.

8.2.4. The Product and its sale is in compliance with all Payment Scheme Rules, including any limits imposed by Card Schemes, and Applicable Laws, including the laws of the state where the Customer is based.

8.2.5. Website(s) applied to the Company for providing Services are owned and operated by the Partner lawfully under proper legal basis, unless otherwise agreed upon by the Parties.

8.2.6. The Partner will not use the Services to resell the Products on Websites, others than approved by the Company.

8.2.7. The Product is free from defects and fit for any purpose agreed between the Partner and Customer or otherwise fit for any purpose for which such Product is generally used.

8.2.8. There is no action, suit or proceeding at law or in equity now pending or, to the best of its knowledge, threatened by or against or affecting the Partner which would impair its right to carry on its business as now conducted or affect its financial conditions or operations or its ability to perform the obligations required under this Agreement.

8.2.9. Any and all information and documentation provided by the Partner, including but not limited to Partner Information, is true, accurate, complete and updated and no information, document or statement provided or made available are untrue, false, incorrect, incomplete or misleading.

8.2.10. It complied, complies and will at all times comply with all Data Protection Laws.

8.2.11. It will not knowingly do anything or allow anything to be done which is likely to harm the Company’s reputation, or the reputation of Card Schemes.

8.3. The Company warrants to the Partner that:

8.3.1. At the date of this Agreement, it has full power and lawful authority to execute and deliver this Agreement and to perform its obligations under this Agreement except as expressly set forth in this Agreement.

8.3.2. It is duly organised and validly existing under the laws of its domicile and has the legal capacity and corporate authority to own its property and carry on its business as now conducted and is not in breach of its by-laws.

8.3.3. It is in all material respects in compliance with and has at all times been, and is not in material default or violation in any respect of any Applicable Law.

8.3.4. Any and all information and documentation provided by the Company is true, accurate, complete and updated and no information, document or statement provided or made available are untrue, false, incorrect, incomplete or misleading.

8.3.5. It complied, complies and will at all times comply with all Data Protection Laws.

8.3.6. The resale is in compliance with all Applicable Laws.

8.4. The Parties acknowledge and agree that receipt by the Company of Transactions from Customers for the sale of the Products through the Website shall satisfy the Customer’s obligation to the Partner for such Products.

8.5. Each Party warrants, represents, covenants and agrees that it has knowledge of all applicable Anti–Corruption Laws and that neither it nor any of its officers, directors, employees, agents, contractors, designees, ultimate beneficial owners or shareholders, nor any other party acting on its behalf, will directly or indirectly take any action that would constitute a violation of the Anti–Corruption Laws with respect to any activities related to any business for the Company or the Partner. Each party warrants, represents, covenants and agrees that neither it nor any of its direct or indirect Representatives has or will pay, offer, promise to pay or authorize the payment of, offer or promise to pay, directly or indirectly, any monies or anything else of value to any current or former official, political party or official of a political party, or any candidate for public office in connection with this Agreement. Each party acknowledges that, for purposes of this Agreement, an “official” is (i) any officer or employee of a government or any department, agency or instrumentality of a government, (ii) any officer or employee of a public international organization such as the United Nations or the World Bank, (iii) any individual acting in an official capacity for or on behalf of a government agency, department, instrumentality or of a public international organization, (iv) any officer or employee of a company owned or controlled by a government or (v) any member of a royal family who may lack formal authority but who may otherwise be influential, including by owning or managing state–owned or controlled companies. Each party represents and warrants that all representations, warranties and covenants set forth in this clause are truthful and accurate. Each party shall notify the other party in writing immediately upon the occurrence of any event which would render the representations, warranties or covenants contained herein incorrect. If, in good faith, the Company believes that any action under this Agreement will likely cause a violation of the Anti–Corruption Laws, nonperformance shall be excused and this Agreement may be terminated at the Company’s option.

8.6. Each Party warrants, represents, covenants, and agrees that to the extent the Partner signs this Agreement electronically, this Agreement is signed by authorized signatory, and the electronic signature is the legally binding equivalent to handwritten physical signature.

8.7. Each Party undertakes that it shall not for the term of the Agreement and for a period of 2 years thereafter on its own behalf, or on behalf of any person directly or indirectly, canvass, solicit or endeavour to entice away from the other Party any person who has at any time during the term of the Agreement been employed or engaged by that Party.

8.8. If any of those representations and warranties may be affected at any time from the date of this Agreement, immediately, but no later than in 5 Business Days, the Partner shall inform the Company on any changes, including regarding the Partner Information, in particular changes regarding its legal form, address, bank data, significant changes in the privacy policy or terms and conditions.

8.9. Except as expressly stated in this Agreement, no representation, inducement or warranty was, prior to the execution of this Agreement, given or made by one of the Parties hereto with the intent of inducing the other Party to enter into this Agreement, and any representations, inducements or warranties that may have been so given are hereby denied and negated.

9. LIABILITY

9.1. Neither Party (or either of its affiliates, directors, officers, employees, contractors or representatives) shall be liable for special, incidental or consequential damages or lost profits (however arising, including negligence) arising out of or in any way relating to this Agreement, even if there was prior notice of the possibility of such damage arising.

9.2. In no event shall the Company or its affiliates, directors, officers, employees, contractors, or representatives be liable for an amount exceeding any amounts of the Company’s Commission under this Agreement in the 6 (six) months preceding the occurrence of facts that first give rise to any liability hereunder. The existence of more than one claim or event from which liability arises will not enlarge this aggregate limitation. This aggregate limit is a single, global limit that applies to the Company.

9.3. Neither the Company, nor its affiliates, directors, officers, employees, contractors, or representatives shall bear contractual or non-contractual liability for any delay or failure to perform its obligations under this Agreement to the extent that the delay or failure is caused by any of the following:

9.3.1. failure, interruption, infiltration or corruption of any hardware, software or other telecommunications or data transmission system; or

9.3.2. the Company’s belief that the Product is related to fraudulent or illegal activities under any Applicable Law.

9.3.3. Product’s quality and/or compliance with Applicable Laws, as well as Chargebacks and Refunds thresholds.

9.4. Partner is and will remain solely responsible for the Product. In the event of any disputes, claims, violations of the rights of third parties arising in connection with the posted content, the Partner is the party to the dispute and bears full responsibility for its outcome, including with regard to damages and compensation.

9.5. Any compensation claim for faults or damages must be presented in writing by the Partner to the Company within one (1) year after the Partner knew or should have known of the occurrence of the alleged fault or damage. Otherwise the claim shall be considered invalid.

10. INDEMNIFICATION

10.1. The Partner agrees to defend, indemnify and hold the Company harmless from any claim or demand (including reasonable legal fees) made or incurred by any third party due to or arising out of: 

(a) Partner’s breach of this Agreement;

(b) Partner’s improper use of the Services;

(c) Product’s quality;

(d) any disputes in respect of the Product;

(e) Partner’s violation of Applicable Law, Card Scheme Rules (including but not limited to, exceeding any limits imposed by Card Schemes) or the rights of a third party;

(f) any fines, penalties, other material sanctions issued for non-compliance with the Applicable Law;

(g) Chargebacks and Refunds;

(h) Partner’s improper use of the Services;

(i) Partner’s fraud, gross negligence or willful misconduct.

(j) tax, penalty and interest resulting from the Partner’s failure to provide correct data to the Company pursuant to Clause 5.1.

(k) any claims of third parties arising out of or resulting from, or in connection with, the Products and Partner’s services, messages, programs, promotions, advertising, or infringement.

11. REMEDIES

11.1. Each Party agrees that breach of this Agreement will give rise to irreparable injury for which:

(a) money damages may not be a sufficient remedy for any breach of this Agreement by such Party;

(b) the other Party may be entitled to specific performance and injunction and other equitable relief with respect to any such breach; 

(c) such remedies will not be the exclusive remedies for any such breach, but will be in addition to all other remedies available at law or in equity; and 

(d) in the event of litigation relating to this Agreement, if a court of competent jurisdiction determines in a final non-appealable order that one Party, or any of its representatives, has breached this Agreement, such Party will be liable for reasonable legal fees and expenses incurred by the other Party in connection with such litigation, including, but not limited to, any appeals.

12. INTELLECTUAL PROPERTY

12.1. During the term and subject to the terms of this Agreement, when required for the provision of Services by the Company, the Partner hereby grants the Company a non-exclusive, non-transferable, and limited license to the Product solely to market, sell and sublicense the Product, which includes, but is not limited to the rights to: (a) sell directly or making the Product available for access, download or purchase, through online marketplaces (if and to the extent previously agreed by the Parties), the website of the Company, the website of the Partner, and/or such other distribution channels through which the Company may operate, or as may become available as mutually agreed by the Parties from time to time, or as otherwise set forth herein; (b)  authorise third parties (hereinafter referred to as “Sublicensees”) to act as sub-resellers of the Product to Customers; (c) provide the documentation to Customer; (d) access the Product to provide demonstrations to prospective Customers; and (e) sublicense the Product to Customer, online marketplaces (if and to the extent previously agreed by the Parties) on the limited basis contemplated herein. Notwithstanding the foregoing, The Company has no obligation to market, sublicense, sell, or distribute the Products to Customer. 

12.2. As a reseller, the Company (or its Sublicensees) may (a) accept orders for the Products from Customers (both electronically and via purchase orders), (b) invoice and collect payment from, and issue Chargebacks, Refunds to Customers, (c) electronically deliver applicable Products to Customers, (d) provide applicable activation keys to Customers.

12.3. Subject to the rights granted herein pursuant to the license, the Partner and its respective licensors (when applicable) retain ownership of all intellectual property rights, title and interest in and to the Product, and all copyrights, patents and other proprietary rights therein, including, without limitation, modifications, enhancements, derivative works, configurations, translations, upgrades, and interfaces thereto. By way of clarification, the license granted herein is solely for the exploitation of the Products to the extent necessary for the provision of Services by the Company and the Company shall acquire no rights therein except as expressly set forth in this Agreement.

12.4. The Company agrees not to:

(a) modify the Product or create derivative works thereof;

(b) merge the Product with other software or services; 

(c) reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code (if applicable) for the Product; 

(d) disclose to third parties the results of any benchmarking tests performed on the Product without the Partner’s prior written consent (if applicable); or 

(e) otherwise use or copy the Product except as expressly allowed hereunder.

12.5. The Partner hereby grants to the Company and its Sublicensees a non-transferable (except in connection with an assignment of this Agreement), non-exclusive right to use the Trademarks in order to provide the Services and undertake to indemnify the Company and its Sublicensees from and against any claim that our proper use of the Trademarks under such licence infringes any third party rights. The Company and its Sublicensees shall not attach any additional trademarks, service marks, or trade names to any Product and shall not use the Trademarks as part of its own trademarks, service marks or trade names or in any other manner that would tend to imply that the Company or/and its Sublicensees has an affiliation with Partner other than as set forth in this Agreement.

12.6. Except as expressly stated herein, this Agreement does not transfer any right, title or interest in the Product.

13. CONFIDENTIALITY

13.1. Each Party agrees to maintain all Confidential Information of the other Party in confidence to the same extent that it protects its similar confidential information and to use such Confidential Information only as permitted under the Agreement. Each Party agrees to take all reasonable precautions to prevent any unauthorised disclosure or use of the Confidential Information of the other Party including, without limitation, disclosing such Confidential Information only to its employees or contractors with a need to know and who are parties to appropriate agreements sufficient to comply with this section.

13.2. The obligation of confidentiality shall extend for a period of three years after the termination of this Agreement, but shall not apply with respect to information that lawfully becomes a part of the public domain, or of which the Parties gained knowledge or possession free of any confidentiality obligation.

14. DATA PROCESSING

14.1. Personal data processing in connection with this Agreement shall be governed by Schedule B, which forms an integral part of the Agreement.

15. GOVERNING LAW AND DISPUTE RESOLUTION

15.1. This Agreement shall be governed by the Applicable Law. Each Party to this Agreement irrevocably agrees that the courts of England shall have exclusive jurisdiction to hear, settle and/or determine any dispute, controversy or claim (including any non-contractual dispute, controversy or claim) arising out of or in connection with this Agreement, including any question regarding its existence, validity, formation or termination. For these purposes, each Party irrevocably submits to the jurisdiction of the English courts.

16. ENTIRE AGREEMENT

16.1. This Agreement represents the entire understanding of the Parties concerning the subject matter hereof and supersedes any other prior or contemporaneous agreements or understandings, whether written or oral. 

16.2. If any provision of the Agreement is found by a proper authority to be unenforceable or invalid, such unenforceability or invalidity shall not affect the other provisions of this Agreement, and this Agreement shall be construed as if such unenforceable or invalid provision had never been contained herein.

17. ASSIGNMENT

17.1. This Agreement will bind and inure to the benefit of each Party’s permitted successors and assigns. 

17.2. The Partner may not assign the rights and obligations under this Agreement without the written consent of the Company. 

17.3. The Company may not assign the rights and obligations under this Agreement without the written consent of the Company.

18. NOTICES

18.1. All communication, notices or reports permitted or required under this Agreement shall be in writing and in English. 

18.2. All notices shall be by personal delivery, nationally recognized overnight courier service or by certified or registered mail, return receipt requested or by email, stated herein, and shall be deemed given upon the earlier of actual receipt or 1 (one) day after deposit with the courier service, 5 (five) days after deposit in the mail, or receipt by sender of confirmation of electronic transmission or on the date when the email has been sent. Notices shall be sent to the addresses set forth herein or such other address as either Party may specify in writing.

19. EXECUTION

19.1. This Agreement may be executed in two or more counterparts in English (which both Parties understand properly), all of which when taken together shall be considered one and the same agreement and shall become effective when signed by each Party and delivered to each other Party, it being understood that the parties need not sign the same counterpart. In the event that any signature is delivered by facsimile transmission or by e-mail delivery of a “.pdf” format data file, such signature shall create a valid and binding obligation of the Party executing (or on whose behalf such signature is executed) with the same force and effect as if such facsimile or “.pdf” signature page were an original thereof.

19.2. The Agreement can be accepted and thus executed in electronic form and Partner’s acceptance will be deemed binding between the Parties. The Partner cannot contest the validity or enforceability of this Agreement, including under any applicable statute of frauds, because it was accepted or signed in electronic form. Electronically maintained records when produced in hard copy form shall constitute business records and shall have the same validity as any other generally recognized business records.

19.3. For the avoidance of doubt, should either party fail to sign these Agreement, and despite the lack of signature by authorized signatory of the Partner, the Services under this Agreement are still provided by the Company to the Partner, the performance of the Services  shall constitute the Partner’s acceptance of the terms and conditions of this Agreement. The further may inter alia confirm the Partner’s acceptance to this Agreement:

(a) completing compliance procedures, set out in Section 6, with the Company;

(b) starting reselling the Product by the Company;

(c) provision of any other Services to the Partner;

(d) payment of the Partner’s Fee to the Partner and/or Commission to the Company;

(e) other activities, conducted by the Partner and/or the Company, reflecting the performance of this Agreement.

20. TERM AND TERMINATION

20.1. The term of this Agreement shall commence on the Effective Date and shall continue until terminated by either Party upon 30 (thirty) days notice in writing to the other Party.

20.2. Without derogating from the aforesaid, the Company may terminate this Agreement immediately or suspend the Services at any time:

(a) if the Partner fails to perform any obligation required under this Agreement and does not remedy such breach within 5 (five) days from a written request to such effect made by the Company;

(b) if the Company reasonably suspects or believes that the Partner is using the Services in connection with any unauthorised, dishonest or criminal activities or upon notice from the Card Schemes that the Product or Website violates Card Scheme Rules;

(c) if the Company is required to do so by any Card Scheme Rules, Applicable Law and/or regulatory authority.

(d) if the Company receives material complaints regarding the Partner from any of its payment processors, Card Schemes or other partners (including for excessive Chargeback or Refund rates);

(e) If the Partner becomes insolvent, fails to pay its debts due to the Company, makes a general assignment for the benefit of creditors, commences procedures for voluntary winding up, suffers or permits the appointment of a receiver for its business assets, or is wound up or liquidated, voluntary or otherwise;

(f) if the Company reasonably determines suspension is necessary to avoid material harm to the Company or its business for any reason;

20.3. Throughout the period of suspension, the Company may withhold the entire Partner’s balance as a deposit to cover all margins, fees, penalties, refunds or other fees described in this Agreement for a period of twenty-six (26) weeks, provided, however, that the Partner will remain liable to the Company for all its liabilities occurring beyond such twenty-six (26) week period.

20.4. In case the Agreement is terminated by any Party, all Commission due to the Company under the Agreement shall become payable the day before such termination of the Agreement. 

20.5. In case the Agreement is terminated by any Party, the Partner’s Fee calculated in accordance with clause 3.1 shall become payable into the Partner’s bank account, which is notified by the Partner from time to time, after 14 days of Transaction amounts receipt by the Company, subject to Applicable Law and the remaining provisions of this Agreement.

20.6. Termination or expiration of this Agreement shall not release either party from the obligation to make payment of all amounts then or thereafter due and payable.

20.7. Upon termination or expiration of the Agreement, the Company will within thirty (30) days return to the Partner or destroy (i) all access details to the Product; (ii) all manuals, documentation, product literature, and other written materials provided by the Partner; or (iii) all Confidential Information and other property of the Partner, provided that such materials or information are in its possession or under its control.

20.8. The Company may terminate the agreement with any Customer in respect of any Product which has an active subscription in the event of termination of this Agreement, and shall refund the Customer the pro-rated purchase price. This Agreement shall continue in respect of any Product which a Customer has purchased prior to the date of termination or expiry and which the Company chooses not to terminate.

21. NO AGENCY 

21.1. It is agreed and understood that either Party is not the agent or representative of the other Party and has no authority or power to bind or contract in the name of or to create any liability against the other Party in any way or for any purpose. Nothing contained herein shall be construed to create a partnership or joint venture between the Parties.

22. NO WAIVER

22.1. No failure or delay by either Party in enforcing any provision of this Agreement will be deemed a waiver of such Party’s ability to enforce the same provision of this Agreement at a future date. 

23. FORCE MAJEURE

23.1. The Parties shall not be responsible for any failure to perform its obligations under this Agreement if such failure is caused by acts of God, war, terrorism, civil insurrection, acts of militia or military, strikes, revolutions, lack or failure of transportation or communications facilities, changes to the Applicable Law, or other causes that are beyond Parties’ reasonable control. In the event of such a failure, Parties’ obligations shall be suspended until such time as the cessation of all causes of such failure.

24. SURVIVAL 

24.1. The following sections shall survive termination of this Agreement: Intellectual Property, Confidentiality, Term and Termination, and Definitions, as well as any other terms which by their nature should survive termination of this Agreement. 

 SCHEDULE B – DATA PROCESSING

This Data Processing Agreement (the “DPA”), presented below is the part of the Agreement between the Partner and the Company that has the reference to this DPA and form an integral part of the Agreement.

1. DEFINITIONS

The following definitions shall apply in this DPA in addition to other defined in the Agreement; and, for the avoidance of doubt, in the event of any inconsistency or conflict, the applicable special definitions below shall supersede and/or amend the definitions in the Agreement.

Data Controller means the party that has authority over the processing of Personal Data, determining the purpose for its use and the manner that it is processed.
Data Exporter the party disclosing the Personal Data
Data Importer the party receiving the Personal Data.
Data Protection Authority means the official body that ensures compliance with the Data Protection Laws within its applicable jurisdiction.
Data Subject means the directly or indirectly identified or identifiable person to whom the Personal Data relates.
Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored, or otherwise processed.
Card Schemes means Visa, MasterCard, American Express, JCB, Diners, Discover and/or such other organisation governing the issuance and use of cards.
Data Protection Laws means all applicable laws, statues, regulations, ordinances, codes, rules, guidance, orders or any other legal entitlement issued by any governmental body governing the collection, use, transfer, and disclosure of Personal Data, including, if applicable, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
Сommission means the margin payable to the Company for Services in respect of each resale of a Product made by the Company.
Employees means employees, officers, consultants, suppliers, freelancers and individual subcontractors.
Personal Data means any information regulated by Data Protection Laws, including information concerning an identified or identifiable individual, such as, name, address, age, gender, email address, etc., that is processed in connection with the Agreement.
Processing, processes and process mean either any activity that involves the use of Personal Data or as the Data Protection Laws may otherwise define processing, processes or process. It includes any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. Processing also includes transferring Personal Data to third parties.
Representatives means the beneficial owners, principals, officers, authorized representatives, and employees.
Standard Contractual Clauses (“SCC”) means contractual clauses established by the European Commission concerning the international transfer of Personal Data, as set out in the Annex to Commission Implementing Decision (EU) 2021/914 of 04 June 2021.

2. GENERAL PROVISIONS

2.1. With regard to any Personal Data processed by either party in connection with this Agreement, the parties will respectively each be a Data Controller in respect of such Processing. 

2.2. This Schedule sets out the framework for the sharing of Personal Data when one Data Controller (the Data Exporter) discloses Personal Data to another Controller (the Data Importer). This Schedule defines the principles and procedures that the parties shall adhere to and the responsibilities the parties owe to each other in respect of the disclosure of the Personal Data in this context.

2.3. Each party agrees to comply with the requirements of the Data Protection Laws applicable to Data Controllers and otherwise in connection with this Agreement. For the avoidance of doubt, each party shall have their own, independently determined privacy policy, notices and procedures for the personal data they hold and shall bear responsibility for its own compliance obligations under applicable Data Protection Laws in relation to the processing of Personal Data. 

2.4. The parties shall provide one another with reasonable assistance, on request, for the purposes of achieving and demonstrating compliance with applicable Data Protection Laws in relation to such processing.

2.5. Each party shall ensure that it processes all Personal Data fairly and lawfully during the term of the Agreement. Each party shall ensure that it has legitimate grounds under the Data Protection Laws for the Processing of Personal Data.

2.6. The parties shall, in respect of Personal Data, ensure that, in advance of the disclosure of any Personal Data, the Data Subjects are provided with clear and sufficient information to the affected Data Subjects, in accordance with the requirements of applicable Data Protection Laws, of the purposes for which their Personal Data will be processed, the legal basis for such purposes, and such other information as is required by applicable Data Protection Laws.

2.7. The Partner undertakes to inform the Data Subjects, in accordance with the Data Protection Laws, of the purposes for which their Personal Data will be processed under this Agreement, the legal basis for such purposes and such other information as is required by applicable Data Protection Laws.

3. TECHNICAL AND ORGANISATIONAL MEASURES

3.1. Each party shall implement and maintain at all times all appropriate technical, security, and organizational measures in relation to the processing of Personal Data in order to:

3.1.1. Prevent unauthorised or unlawful processing of Personal Data, the accidental loss or destruction of, or damage to Personal Data.

3.1.2. Ensure a level of security appropriate to the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage, and the nature of the Personal Data.

3.2. In assessing the appropriate level of security, the parties shall take into account the risks that are presented by the Processing, in particular risks arising from a Data Breach.

3.3. The parties undertake to ensure the security of Personal Data entrusted for personal data processing in accordance with the Data Protection Laws and industry practices, in particular, to formulate and apply appropriate documentation and procedures for Personal Data processing, as well as technical, informational and legal security measures, as required by the Data Protection Laws.

3.4. Each party shall maintain records of all processing activities carried out under this Agreement. 

3.5. The parties shall not knowingly do anything or permit anything to be done which might lead to a Data Breach or to a breach by the other party of the Data Protection Laws.

4. EMPLOYEES 

4.1. The parties shall ensure that all Employees with access to the Personal Data, are legally bound by confidentiality obligations during and after the termination of the DPA, including after the termination of their employment and/or other contractual arrangements with the party.

4.2. The parties shall ensure that all Employees with access to the Personal Data, are legally bound by confidentiality obligations during and after the termination of the DPA, including after the termination of their employment and/or other contractual arrangements with the party.

4.3. The parties shall keep records of persons authorised for Personal Data processing.

4.4. The parties shall train its Employees involved in the processing of the Personal Data to comply with the Data Protection Laws and with the requirements established in this DPA.

5. DATA BREACHES

5.1. Each party shall comply with its obligation to report a Data Breach to the appropriate Data Protection Authority and (where applicable) Data Subjects under applicable Data Protection Laws and shall, to the extent permitted by applicable law, each inform the other party of any material Data Breach relevant to the Personal Data irrespective of whether there is a requirement to notify any Data Protection Authority or Data Subject(s).

5.2. Where a Data Breach is related to the Processing under this Agreement the affected party shall also notify the other party to this Agreement. The notification should inter alia include:

5.2.1. Description of the Data Breach, including, if possible, the categories of data and records concerned, the category and number of Data Subjects affected;

5.2.2. Likely consequences of the Data Breach;

5.2.3. Measures taken or proposed to address and/or mitigate the effects of the Data Breach.

5.3. Each party shall, without undue delay, take all urgent measures as are agreed by the parties or necessary under the Data Protection Laws, to investigate, mitigate and remedy the Data Breach and to protect the Personal Data.

5.4. Each party needs the prior approval of the other party to include and identify it in the breach notifications. The other party should not delay or withhold the approval without a reasonable cause.

6. COOPERATION

6.1. Upon request, the parties shall assist the each other to comply with its obligations under the Data Protection Laws when related to the processing of the Personal Data, including but not limited to:

6.1.1. Data Breaches;

6.1.2. data protection impact assessments (DPIA);

6.1.3. consultations with the Data Protection Authority; and

6.1.4. enquiries, complaints, audits, or claims from any court, government official, or Data Protection Authority.

6.2. Taking into account the nature of the processing, the parties shall assist each other by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of their obligation, including but not limited to, to respond to requests for exercising the Data Subject’s rights laid down in the Data Proctection Laws.

6.3. Each party shall promptly transfer each other any request received from the Data Subjects according to their responsibilities defined in the Agreement.

6.4. In the event of a dispute or claim brought by a Data Subject or a competent Data Protection Authority concerning the processing of Personal Data against either or both parties, the parties shall, to the extent permitted by applicable law: (i) inform each other about any such disputes or claims, and (ii) cooperate with a view to settling them amicably in a timely fashion.

7. CROSS-BORDER TRANSFER OF PERSONAL DATA

7.1. The parties may transfer or otherwise process Personal Data outside the European Economic Area (“EEA”).

7.2. The parties may only process, or permit the processing, of Personal Data outside the EEA under the following conditions:

7.2.1. the parties are processing Personal Data in a territory in relation to which the European Commission has made an adequacy decision; or

7.2.2. the parties have executed Standard Contractual Clauses.

7.3. If the transfer requires execution of the SCC, the unchanged version of the SCC shall be deemed incorporated by reference hereto and completed as follows: 

7.3.1. Module One will apply;

7.3.2. in Clause 7, the optional docking clause will apply;

7.3.3. in Clause 11, the optional language will not apply;

7.3.4. in Clause 17, Option 1 will apply, and the SCC will be governed by the law of Ireland;

7.3.5. in Clause 18(b), disputes shall be resolved before the courts of Ireland;

7.3.6. Annex I of the SCC shall be deemed completed with the information set out in Annex A to this DPA and in the Agreement;

7.3.7. Annex II of the SCC shall be deemed completed with the information set out in Annex B to this DPA and in the Agreement.

7.4. Each party agrees to be bound by and comply with its obligations in its role as exporter and importer respectively as set out in the SCC.

8. CALIFORNIA CONSUMERS PRIVACY RIGHTS

8.1. This Clause 8 is applicable to processing of Personal Information of Consumers. The terms “Personal Information” and “Consumer” shall have the meanings stipulated in the California Consumer Privacy Act of 2018, as amended from time to time (“CCPA”).

8.2. The parties should not retain, use, or disclose Personal Information for any purpose other than for the specific purpose of performing the services specified in the Agreement.

8.3. The parties should not retain, use, or disclose Personal Information for a commercial purpose other than providing the services specified in the Agreement.

8.4. The parties should not retain, use, or disclose Personal Information outside of the direct business relationship between each other.

8.5. The parties should refrain from selling Personal Information, as the term “sell” is defined in the CCPA.

8.6. The parties certify that they understand the restrictions in Clauses 8.2 – 8.5 hereof and will comply with them.

9. TERMINATION

9.1. Termination of this DPA shall not affect parties’ accrued rights and obligations before or at the date of termination.

9.2. The parties may retain Personal Data to the extent required by Applicable Law and only to the extent and for such period as required by Data Protection Laws and always provided that each party shall ensure the confidentiality of such Personal Data and shall ensure that such Personal Data is only processed as necessary for the purpose(s) specified in the Data Protection Laws requiring its storage and for no other purpose.

10. MISCELLANEOUS

10.1. In the case of conflict or ambiguity between:

10.1.1. any provision of the DPA and any other provision of the Agreement, the provisions of the DPA shall prevail;

10.1.2. any provision of this DPA and the SCC, the provisions of the SCC shall prevail.

ANNEX A

Details of Personal Data Processing

The nature the processing of Personal Data:
The scope of Personal Data processing shall include the following operations performed on the Personal Data: collecting, recording, storing, transferring, preparing, amending, making the data available, profiling with the use of personal data, deleting personal data both in paper form, as well as in the IT systems required for the provision of Services and for other purposes as may be required from time to time under the Agreement and Applicable Law.

The nature and purposes of the processing of Personal Data: 
The Personal Data shall be processed to the extent necessary for provision of the Services under the Agreement, namely, reselling of the Products, providing Data Subjects with services, necessary for the performance of the Agreement (invoicing, support, other ancillary services).

The frequency and duration of the processing of Personal Data:

The Personal Data shall be processed on a continuous basis until no further processing is required by the Agreement or Applicable Law.

The categories of Data Subjects and Personal Data: 

The types of Personal Data which will be shared between the parties under this Agreement may include:
1. Personal Data of Customers, including:
a. name;
b. date of birth;
c. phone number;
d. IP address;
e. email address;
f. postal address; and
g. data concerning transactions and payments, including, but not limited to, transaction data.
2. Personal Data of the Partner’s Representatives:
a. name;
b. phone number;
c. email address;
d. residence address;
e. id / passport details;
f. tax number;
g. bank details, personal income and source of wealth;
h. employment history and education;
i. ownership and directorship in the Partner company and/or other companies;
j. adverse media and law enforcement information;
k. presence in PEP, sanction, and watch lists;
l. geolocation.

The obligations and rights of the parties:

The obligations and rights of the parties are set out in the Agreement and this DPA.

List of parties:

1. For Personal Data of Customers:

The Data Exporter is the Company and the address, contact details and activities relevant to the Personal Data transferred under the SCC are as provided in the Agreement. 

The Data Importer is the Partner defined in the Agreement, and the address, contact details and activities relevant to the Personal Data transferred under the SCC are as provided in the Agreement.

2. For Personal Data of the Partner’s Representatives:

The Data Exporter is the Partner and the address, contact details and activities relevant to the Personal Data transferred under the SCC are as provided in the Agreement. 

The Data Importer is the Company, and the address, contact details and activities relevant to the Personal Data transferred under the SCC are as provided in the Agreement.

ANNEX B

Technical and organizational security measures


Pseudonymisation and encryption of Personal Data:
All Personal Data shall be stored in encrypted form.
Ongoing confidentiality, integrity, availability and resilience of processing systems and services: 
Data Importer ensures:
– regular vulnerability scanning,
– administrative access is allowed only through bastion sites,
– access to systems is differentiated by the roles,
– encryption keys are changed, and key and data access are reviewed on a regular basis. It is also possible to re-encrypt data in case of incidents. 

The ability to restore the availability and access to data in the event of a physical or technical incident:

Data Importer maintains a recovery plan and ensures its periodic review and verification.

Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures: 

Data Importer maintains a plan of periodic events: Daily, Weekly, Quarterly, Biannually, Annually, After Changes. All operations are audited annually.

User identification and authorisation:

Roles, personalized accounts and 2MFAs are used to access system management and administration. A policy on password complexity and frequency of password replacement is also applied. The duration of an inactive session is limited.

Personal Data protection during transmission:

Personal Data are transferred between systems using HTTPS TLS1.2 protocol.

Personal Data protection during storage:

Database storage and backups are encrypted with AES-256-GCM HSM keys.

Physical security of locations at which Personal Data are processed:

The Personal Data are stored on the AWS servers. The physical security of storage locations provided by AWS are compliant with standards: PCI DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171.

Events logging:

Operational events are recorded in persistence storage and monitored by monitoring systems 24/7. Infrastructure events are captured by AWS services.

Internal IT and IT security governance and management:

Internal security policies are maintained and regularly updated.

Limited data retention:

Storage systems and procedures are maintained to ensure timely deletion of Personal Data.