This DwellFi Master Service Agreement (“Agreement”) is entered into by and by between DWELLFI INC. (“Company”), and the Customer listed above (“Customer”) as on the date first mentioned in the Verivest Pricing and Services Form. The Customer may opt to avail of DwellFi’s Fund Platform Services (as detailed in Appendix I hereto) or Tokenization Technology Services (as detailed in Appendix II hereto) or both as part of the Verivest Pricing and Services Form. The DwellFi Fund Platform Services and Tokenization Technology shall individually and collectively be known as “Services”.
TERMS AND CONDITIONS
1. SERVICES AND SUPPORT
1.1 Additional terms related to the Fund Platform Services are set out in Exhibit A.
1.2 Additional terms related to the Tokenization Services are set out in Exhibit B.
1.3 Subject to the terms of this Agreement, the Company will use commercially reasonable efforts to provide the Customer with the Services in accordance with the Service Level Terms attached hereto as Exhibit C.
1.4 Subject to the terms hereof, the Company will provide the Customer with reasonable technical support services in accordance with the terms set forth in Exhibit D.
2. CUSTOMER RESPONSIBILITY
2.1 In addition to the responsibilities related to the Platform Services and Tokenization Services set out in Exhibit A and B, respectively, as applicable, the Customer represents, covenants, and warrants that the Customer will use the Services only in compliance with the Company’s standard published policies then in effect (the “Policy”) and all applicable laws and regulations.
2.2 Although the Company has no obligation to monitor the Customer’s use of the Services, the Company may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the foregoing.
3. CONFIDENTIALITY; PROPRIETARY RIGHTS
3.1 Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose business, technical or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Proprietary Information” of the Disclosing Party). Proprietary Information of the Company includes non-public information regarding features, functionality, and performance of the Service. Proprietary Information of the Customer includes non-public data provided by the Customer to the Company to enable the provision of the Services (“Customer Data”). The Receiving Party agrees: (i) to take reasonable precautions to protect such Proprietary Information, and (ii) not to use (except in performance of the Services or as otherwise permitted herein) or divulge to any third person any such Proprietary Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information after five (5) years following the disclosure thereof or any information that the Receiving Party can document (a) is or becomes generally available to the public, or (b) was in its possession or known by it prior to receipt from the Disclosing Party, or (c) was rightfully disclosed to it without restriction by a third party, or (d) was independently developed without the use of any Proprietary Information of the Disclosing Party or (e) is required to be disclosed by law.
3.2 Specific terms governing the general protection of Customer and its removal in specific instances are set out in Exhibit E.
3.3 The Customer shall own all rights, titles, and interests in and to the Customer Data. The Company shall own and retain all rights, titles, and interests in and to (i) the Services and the DwellFi Fund Admin Platform (“Platform”), all improvements, enhancements or modifications thereto, (ii) any software, applications, inventions or other technology developed in connection with Services or support, and (iii) all intellectual property rights related to any of the foregoing.
3.4 Notwithstanding anything to the contrary, the Company shall have the right to collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services and related systems and technologies (including, without limitation, information concerning the Customer Data and data derived therefrom), and the Company will be free (during and after the term hereof) to (i) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (ii) disclose such data solely in aggregate or other de-identified form in connection with its business. No rights or licenses are granted except as expressly set forth herein.
4. PAYMENT OF FEES
4.1 The fees for the Services will be included in the Verivest Fund Admin Pricing and will be paid as per the terms of specified therein.
5. TERM AND TERMINATION
5.1 Subject to earlier termination as provided below, this Agreement is for the Initial Service Term as specified in the Order Form and shall not be terminated earlier nor shall it be automatically renewed for additional periods.
5.2 In addition to any other remedies a party may have, either party may terminate this Agreement upon thirty (30) days’ notice (or without notice in the case of nonpayment), if the other party materially breaches any of the terms or conditions of this Agreement.
5.3 The Customer will pay in full for the Services up to and including the last day on which the Services are provided. Upon any termination, the Company will make all the Customer Data available to the Customer for electronic retrieval for a period of thirty (30) days, but thereafter the Company may, but is not obligated to, delete stored the Customer Data. All sections of this Agreement which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.
6. KNOW YOUR CUSTOMER & ANTI-MONEY LAUNDERING REQUIREMENTS
6.1 Prior to the Customer’s use of the Services and on an ongoing basis, the Customer represents, warrants, and agrees that the Customer is not located in or is not a resident of any jurisdiction in which it is prohibited to use the Services, and therefore, the Customer is not permitted to make use of the Services.
6.2 The Company expressly prohibits and rejects the use of the Services for any form of illicit activity, including money laundering, terrorist financing or trade sanctions violations, consistent with various applicable laws, regulations and norms. To that end, the Services are not offered to individuals or entities on any Politically Exposed Persons (PEPs) lists, or subject to any United States, European Union or other global sanctions or watch lists. By using the Service, the Customer represents that they are not on any such lists.
6.3 THE CUSTOMER ACKNOWLEDGES AND DECLARES THAT THEIR FUNDS COME FROM LEGITIMATE SOURCES AND DO NOT ORIGINATE FROM ILLEGAL ACTIVITIES; THE CUSTOMER AGREES THAT THE COMPANY MAY REQUIRE THEM TO PROVIDE OR OTHERWISE COLLECT THE NECESSARY INFORMATION AND MATERIALS AS PER RELEVANT LAWS OR GOVERNMENT ORDERS TO VERIFY THE LEGALITY OF THE SOURCES AND USE OF THEIR FUNDS.
7. WARRANTY AND DISCLAIMER
7.1 The Company shall use reasonable efforts consistent with prevailing industry standards to maintain the Services in a manner which minimizes errors and interruptions in the Services and shall perform the Services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by the Company or by third-party providers, or because of other causes beyond the Company’s reasonable control, but the Company shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption.
7.2 HOWEVER, THE COMPANY DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR FREE; NOR DOES IT MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICES. EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES ARE PROVIDED “AS IS” AND COMPANY DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
8. INDEMNITY
8.1 The Company shall hold the Customer harmless from liability to third parties resulting from infringement by the Service of any United States patent or any copyright or misappropriation of any trade secret, provided the Company is promptly notified of any and all threats, claims and proceedings related thereto and given reasonable assistance and the opportunity to assume sole control over defense and settlement; the Company will not be responsible for any settlement it does not approve in writing. The foregoing obligations do not apply with respect to portions or components of the Service (i) not supplied by the Company, (ii) made in whole or in part in accordance with the Customer specifications, (iii) that are modified after delivery by the Company, (iv) combined with other products, processes or materials where the alleged infringement relates to such combination, (v) where the Customer continues allegedly infringing activity after being notified thereof or after being informed of modifications that would have avoided the alleged infringement, or (vi) where the Customer’s use of the Service is not strictly in accordance with this Agreement. If, due to a claim of infringement, the Services are held by a court of competent jurisdiction to be or are believed by the Company to be infringing, the Company may, at its option and expense (a) replace or modify the Service to be non-infringing provided that such modification or replacement contains substantially similar features and functionality, (b) obtain for the Customer a license to continue using the Service, or (c) if neither of the foregoing is commercially practicable, terminate this Agreement and the Customer’s rights hereunder and provide the Customer a refund of any prepaid, unused fees for the Service.
8.2 The Customer will indemnify, defend and hold the Company harmless against (i) any damages, losses, liabilities, settlements, and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from an alleged violation of the foregoing or otherwise from the Customer’s use of Services; (ii) any third-party claim, action, suit or proceeding arising out of or resulting from the Company’s use of any the Customer Data, as it was provided to the Company, in accordance with this Agreement; and (iii) any fines or penalties that may arise as a result of the Customer’s breach of restrictions set forth in Sections 6 to 8 of this Agreement.
9. LIMITATION OF LIABILITY
9.1 NOTWITHSTANDING ANYTHING TO THE CONTRARY, THE COMPANY AND ITS OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (I) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE GOODS, SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (II) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (III) FOR ANY MATTER BEYOND THE COMPANY’S REASONABLE CONTROL; OR (IV) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE FEES PAID BY THE CUSTOMER TO COMPANY FOR THE SERVICES UNDER THIS AGREEMENT IN THE 12 MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT THE COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
10. NO FINANCIAL OR LEGAL ADVICE
10.1 The Company is merely a technology platform and it is not the Customer’s broker, intermediary, agent, or legal advisor and has no fiduciary relationship or obligation to the Customer in connection with any decisions or activities effected by the Customer using or participating on the Platform. No communication or information provided to the Customer by the Company is intended as or will be considered or construed as, the solicitation of an offer to buy, investment advice, financial advice, legal advice, or any other sort of advice. All Services and transactions will be executed automatically based on the parameters of the Customer’s consideration. The Customer will be solely responsible for determining whether any services are suitable and match the Customer’s interests according to the Customer’s judgement, objectives, circumstances and risk tolerance. The Customer will be solely responsible for any losses or liabilities therefrom.
10.2 Before executing any transaction, the Customer should consult with their independent financial, legal, or tax professionals. The Company will not be liable for the decisions the Customer may make while availing the Services.
10.3 In relation to the Platform, the Company is not (i) obligated to introduce any Customer to any Investee Entity or Investor, (ii) responsible for undertaking any diligence on the Investee Entity, Investors, or other users the Customer may meet through the Platform or (iii) responsible for verifying any representations, materials or other information provided by Investee Entity, Investors, or other users to the Customer.
10.4 THE COMPANY IS NOT AN ATTORNEY, A LAW FIRM, OR A SUBSTITUTE FOR AN ATTORNEY OR A LAW FIRM AND DOES NOT ENGAGE IN THE PRACTICE OF LAW OR OFFER LEGAL ADVICE. IN OFFERING ITS SERVICES, THE COMPANY DOES NOT CREATE AN ATTORNEY-CLIENT RELATIONSHIP. THE COMPANY CANNOT AND DOES NOT THEREFORE PROVIDE ANY KIND OF LEGAL ADVICE, EXPLANATION, OPINION, OR RECOMMENDATION ABOUT POSSIBLE LEGAL RIGHTS, REMEDIES, DEFENSES, OPTIONS, SELECTION OF FORMS OR STRATEGIES.
10.5 THE COMPANY IS NOT RESPONSIBLE FOR VERIFYING THAT ANY INVESTOR ON OR USING THE PLATFORM IS ACCREDITED, IS A QUALIFIED PURCHASER (AS DEFINED UNDER SECTION 2(A)(51) OF THE INVESTMENT COMPANY ACT OF 1940), OR OTHERWISE AUTHORIZED OR APPROPRIATE TO INVEST IN THE CUSTOMER, OR FOR DETERMINING WHETHER ANY USE OF THE PLATFORM CONSTITUTES A GENERAL SOLICITATION OF SECURITIES UNDER THE SECURITIES LAWS OF THE UNITED STATES, OR THE LAWS OF ANY STATE OR OTHER JURISDICTION, INCLUDING FOREIGN JURISDICTIONS.
10.6 THE COMPANY DOES NOT RECOMMEND ANY CUSTOMER FOR INVESTMENT, ENDORSE THEIR FITNESS FOR INVESTMENT OR VERIFY OR CLAIM THE ACCURACY OF INFORMATION PROVIDED BY THE CUSTOMER ON THE PLATFORM OR IN THE COMPANY’S EMAILS. IN PARTICULAR, THE COMPANY DOES NOT ACT AS AN INVESTMENT ADVISER TO ANY INVESTOR(S) AND NO PART OF THE SERVICES IS INTENDED TO CONSTITUTE INVESTMENT ADVICE.
11. LEGAL DISPUTES
Any claim, dispute or matter arising under or in connection with this Agreement shall be governed and construed in all respects by the laws of California. The Customer agrees that any action at law or in equity arising out of or relating to these Terms not subject to mediation, will be filed only in San Francisco, California and the Customer hereby irrevocably and unconditionally consents and submits to the exclusive jurisdiction of such courts over any suit, action or proceeding arising out of these Terms.
12. MISCELLANEOUS
12.1 Severability. If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable.
12.2 Assignment. This Agreement is not assignable, transferable or sublicensable by the Customer except with the Company’s prior written consent. The Company may transfer and assign any of its rights and obligations under this Agreement without consent.
12.3 Entire Agreement. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement. All waivers and modifications must be in writing signed by both parties, except as otherwise provided herein.
12.4 Relationship between Parties. No agency, partnership, joint venture, or employment is created as a result of this Agreement and the Customer does not have any authority of any kind to bind the Company in any respect whatsoever.
12.5 Costs and Expenses. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover costs and attorneys’ fees.
12.6 Notices. All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested.
SPECIFIC TERMS FOR USE OF PLATFORM SERVICES
1. RESTRICTIONS AND RESPONSIBILITIES
1.1 The Customer will not, directly or indirectly: reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Platform; modify, translate, or create derivative works based on the Services or the Platform (except to the extent expressly permitted by the Company or authorized within the Services); use the Services or the Platform for timesharing or service bureau purposes or otherwise for the benefit of a third; or remove any proprietary notices or labels.
2. CUSTOMER RESPONSIBILITY
2.1 The Customer will (i) be responsible for its, its affiliates and personnel’s compliance with this Agreement, (ii) use commercially reasonable efforts to prevent unauthorized access to or use of the Platform and notify the Company immediately of any such unauthorized access and/or use of which the Customer becomes aware.
2.2 When using the Platform, the Customer is not allowed to:
(i) make the Platform available to any third party (except for any third parties acting on behalf of the Customer or at the Customer’s request, such as recruiting agencies);
(ii) sell, resell, rent or lease the Platform;
(iii) interfere with or disrupt the Platform or servers or networks connected to the Platform, or disobey any requirements, procedures, policies or regulations of networks connected to the Platform;
(iv) violate any applicable laws (i.e., local, state, national or international) or any regulations having the force of law, or which would involve proceeds of any unlawful activity;
(v) impersonate any person or entity, or falsely state or otherwise misrepresent the Customer’s affiliation with a person or entity;
(vi) solicit personal information from anyone under the age of 18;
(vii) harvest or collect email addresses or other contact information of other users from the Platform by electronic or other means for the purposes of sending unsolicited emails or other unsolicited communications;
(viii) advertise or offer to sell or buy any goods or services for any business purpose that is not specifically authorized;
(ix) further or promote any criminal activity or enterprise or provide instructional information about illegal activities, including for the purpose of concealing economic activity, laundering money, or financing terrorism;
(x) knowingly use the Platform to transmit malicious code;
(xi) obtain or attempt to access or otherwise obtain any materials or information through any means not intentionally made available or provided for through the Platform;
(xii) use any robot, spider, site search/retrieval application, or other device to retrieve or index any portion of the Platform or the content posted on the Platform, or to collect information about its users for any unauthorized purpose;
(xiii) knowingly use the Platform to store or transmit material that infringes the intellectual property rights or other proprietary rights of any third party or violates third-party privacy rights;
(xiv) access or use the Platform for the purpose of creating a product or service that is competitive with any of our products or Services; or
(xv) perform any other acts not mentioned above in violation of applicable local, state, national and international laws.
2.3 Any attempt to intentionally harm the Company by any person is a violation of criminal and civil laws. The Company reserves the right to seek damages from such persons to the fullest extent permitted by law.
2.4 Specific responsibility in relation to investments. Any Customer (i) who will be using the Platform to seek investment from potential Investors (“Investee Entity”) or (ii) making financial investments into companies, funds, syndicates, or any other form of investment vehicle or corporate body (“Investors”), as the case may be, shall ensure the following while using the Platform:
(a) only invest in a syndicate, fund or other product offered through the Platform after carefully reviewing and assessing the terms of the investment, including the related private placement memorandum, subscription agreement and organizational documents as well as any information provided through the Platform;
(b) use your own judgment before making any decision to invest or to accept an investment;
(c) be solely responsible for complying with applicable law regarding any transaction, including without limitation the determination of whether any Investor is an Accredited Investor (as defined below) and whether any investment complies with the terms of local law (whether the federal laws of the United States, any laws of a state of the United States, or of any foreign government with jurisdiction over you or any Investor);
(d) obtain such professional advice as is appropriate to protect your interests, including legal, tax, accounting and other advice;
(e) not expect the Company to recommend any investment;
(f) not treat any content, email, or other information you receive as a result of your access to the Platform and/or Services as a recommendation or representation of any kind by the Company (or any person associated with the Company) on which you should rely in relation to making or receiving any investment; and
(i) not use the Company to market services, particularly investment advisory services that might cause the Company or its affiliates to have to register as a broker-dealer or investment adviser with the Securities Exchange Commission (“SEC”), or to be treated as an underwriter.
Accredited Investor is defined by the SEC in Rule 501 of Regulation D under the Securities Act of 1933 as follows:
(i) a natural person with income exceeding USD 200,000 in each of the two most recent years or joint income with a spouse exceeding USD 300,000 for those years and a reasonable expectation of the same income level in the current year;
(ii) a natural person who has individual net worth, or joint net worth with the person’s spouse, that exceeds USD 1 million at the time of the purchase, excluding the person’s primary residence;
(iii) a director, executive officer or general partner of the company selling the securities;
(iv) a business in which all the equity owners are accredited investors;
(v) a charitable organization, corporation or partnership with assets exceeding USD 5 million;
(vi) a bank, insurance company, registered investment company, business development company or small business investment company;
(vii) an employee benefit plan, within the meaning of the Employee Retirement Income Security Act of 1974, if a bank, insurance company or registered investment adviser makes the investment decisions, or if the plan has total assets in excess of USD 5 million;
(viii) a trust with assets in excess of USD 5 million, not formed to acquire the securities offered, whose purchases a sophisticated person makes;
(ix) a natural person who holds in good standing a Series 7, 65 or 82 license;
(x) a natural person who is a “knowledgeable employee” (as defined under Rule 3c-5(a)4 of the Investment Company Act) of a 3(c)(1) or 3(c)(7) private fund; or
(xi) an SEC or state-registered investment adviser, or exempt reporting adviser.
Appendix I
SERVICES DESCRIPTION FOR PLATFORM SERVICES
STATEMENT OF WORK
The Company shall provide thefollowing services as part of the integration process:
Exhibit B
SPECIFIC TERMS FOR USE OF TOKENIZATION SERVICES
1. DEFINITIONS
1.1 The terms used hereunder with their initial letters capitalised have the meanings ascribed to them in this section or where they are elsewhere defined in this Agreement. Any term defined in the singular will have the corresponding definition in the plural (and vice versa). As used in this Agreement:
(i) “Digital Assets or DA” means any type of financial assets, whether natively digital or digitised, issued through the use of DLT such as utility tokens and asset/investment tokens (incl. tokenized shares, tokenized debt);
(ii) “Distributed Ledger or DL” means a database that is consensually shared and synchronized according to a protocol by nodes participating to a peer-to-peer decentralized network;
(iii) “Distributed Ledger Technology or DLT” means technology recording and sharing data across multiple data stores (or ledgers);
(iv) “Smart Contract” means a software code representing a digital token executed on a distributed peer-to-peer network;
(v) “Token” or “Digital Token” means Digital Asset which may have various features, depending on the DLT on which it was issued and the terms of the issuance; and
(vi) “Tokenization” means the parametrization and deployment of a Smart Contract representing Tokens on a Distributed Ledger.
2. SCOPE OF SERVICE
2.1 The Company will use its proprietary information technology solutions to provide the Service by deploying a Smart Contract representing Tokens on a Distributed Ledger on behalf of the Customer.
2.2 The Customer will not have any direct access to those solutions used by the Company. The technical issuance of the Smart Contract will be performed by the Company. Thereafter, the power to administer the Smart Contract will be transferred to the Customer or an agent of the Customer, as notified by the Customer to the Company.
2.3 For the avoidance of doubt, the Customer understands and acknowledges that this Service is a non-custodial technology service. The Company shall perform only those duties and obligations that are specifically set forth in this Agreement, and any Order Form appended hereto. No implied duties and obligations shall be read into this Agreement against the Company.'
3. RESTRICTIONS AND RESPONSIBILITIES
3.1 The Customer hereby explicitly accepts and agrees that:
(i) it is the sole responsibility of the Customer to determine if the Customer can legally exchange the Tokens in their jurisdiction and whether the Customer can then exchange the Tokens to another exchanger in any given jurisdiction;
(ii) the Tokens are not securities, are not registered with any government entity as the security, shall not be considered as such, are not intended to be a digital currency, commodity or any other kind of financial instrument, do not represent any share, stake or security or equivalent rights including, but not limited to, any right to receive future revenue;
(iii) though the Tokens may be exchangeable, they are not an investment, currency, security, commodity, and not derivative with value based on a currency, security, commodity or any other kind of financial instrument. The Tokens are not intended to be marketed, offered for sale, exchanged, sold, or traded in any jurisdiction where they are prohibited by applicable laws or require further registration with any applicable governmental authorities;
(iv) the Tokens may be exchangeable on cryptographic token exchanges. However, the Company does not give any warranties or representations that the Tokens will be exchangeable on such exchanges; and
(v) this Agreement does not constitute a prospectus of any sort, is not a solicitation for investment and does not pertain in any way to an initial public offering or a share/equity offering and does not pertain in any way to an offering of securities in any jurisdiction.
4. SPECIFIC LIMITATION OF LIABILITY FOR SMART CONTRACTS.
THE COMPANY SHALL NOT BE HELD LIABLE FOR ANY AND ALL DAMAGES CAUSED BY BLOCKCHAINS/DISTRIBUTED LEDGER PROTOCOLS, SMART CONTRACTS AND FOR ANY CAUSE INCLUDING, BUT NOT LIMITED TO HACKS, FORKS, NETWORK CONGESTIONS, BUGS, ACTIONS WHATSOEVER OF ANY KINDS IN ANY JURISDICTIONS, ACTIONS FOR BREACH OF CONTRACT OR TORT, PROVIDED THAT THE COMPANY DID NOT ACT WITH INTENT OR GROSS NEGLIGENCE. IN PARTICULAR, THE COMPANY SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES, INCLUDING FOR LOSS OF PROFITS, GOODWILL OR DATA LOSS, ARISING OUT OF ALL BLOCKCHAIN PROTOCOLS UNDERLYING THE SERVICE.
SERVICES DESCRIPTION FOR TOKENIZATION SERVICES
The Company will provide the following tokenization technology services to the Customer:
EXHIBIT C
SERVICE LEVEL TERMS
The Services shall be available 99.9%, measured monthly, excluding holidays and weekends and scheduled maintenance. If the Customer requests maintenance during these hours, any uptime or downtime calculation will exclude periods affected by such maintenance. Further, any downtime resulting from outages of third-party connections or utilities or other reasons beyond the Company’s control will also be excluded from any such calculation. The Customer's sole and exclusive remedy, and the Company's entire liability, in connection with Service availability, shall be that for each period of downtime lasting longer than 1 day.
EXHIBIT D
SUPPORT TERMS
The Company will provide Technical Support to the Customer via both telephone and electronic mail on weekdays during the hours of 9:00 am through 5:00 pm Pacific time, with the exclusion of Federal Holidays (“Support Hours”).
The Customer may initiate a helpdesk ticket during Support Hours at any time by emailing support@dwell.fi.
The Company will use commercially reasonable efforts to respond to all Helpdesk tickets within one (1) business day.
EXHIBIT E
SPECIFIC TERMS RELATED TO CUSTOMER DATA
1. DATA PROTECTION
1.1 Encryption of Customer Data. All Customer Data will be encrypted using 256-bit (or better) encryption.
1.2 Certifications. The Platform is SOC-2, Type 2 certified
1.3 System & Network Security.
1.3.1 Access Controls. All the Company personnel access the Platform via a unique user ID, consistent with the principle of least privilege, which requires multi-factor authentication and passwords meeting or exceeding PCI-DSS length and complexity requirements. Company personnel will not access Customer Data except (i) as reasonably necessary to provide Services under the Agreement or (ii) to comply with the law or a binding order of a governmental body.
1.3.2 Firewalls / Security Groups. The company shall protect the Platform using industry standard firewall or security group technology with deny-all default policies to prevent egress and ingress network traffic protocols other than those that are business-required.
1.4 Monitoring & Logging.
1.4.1 Infrastructure Logs. Monitoring tools or services, such as host-based intrusion detection tools, are utilized to log certain activities and changes within the Platform. These logs are further monitored, analyzed for anomalies, and are securely stored to prevent tampering for at least one year.
1.4.2 User Logs. The company also captures logs of certain activities and changes within the Customer’s account on the Platform and may make those logs available to the Customer, at the Company’s sole discretion, for the Customer’s preservation and analysis.
2. CUSTOMER SECURITY RESPONSIBILITIES
In addition to the responsibilities set out in this Agreement, the Customer agrees:
2.1 The Company has no obligation to assess the content, accuracy or legality of the Customer Data, including to identify information subject to any specific legal, regulatory or other requirement and the Customer is responsible for making appropriate use of the Service to ensure a level of security appropriate to the particular content of Customer Data;
2.2 The Customer is responsible for managing and protecting its users’ roles and credentials, including but not limited to (i) ensuring that all users keep credentials confidential and not share such information with unauthorized parties, (ii) promptly reporting to the Company any suspicious activities related to Customer’s account (e.g., a user credential has been compromised) contacting support@dwell.fi, (iii) appropriately configuring user and role-based access controls, including scope and duration of user access, taking into account the nature of its Customer Data, (iv) implementing all customer configurable user access controls for all User interactive logins (e.g. individuals authenticating to the Service) including IP whitelisting and multi-factor authentication, and, (iv) maintaining appropriate password uniqueness, length, complexity, and expiration; and
2.3 To appropriately manage and protect any Customer-managed encryption keys to ensure the integrity, availability, and confidentiality of the key and Customer Data encrypted with such key.
3. SECURITY INCIDENT
3.1 Reporting. If the Company becomes aware of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Data (a “Security Incident”), the Company shall notify the Customer without undue delay, and in any case, where feasible, notify Customer within seventy-two (72) hours after becoming aware. To facilitate timely notification, the Customer must register and maintain an up-to-date email within the Service for this type of notification. Where no such email is registered, the Customer acknowledges that the means of notification shall be at the Company’s reasonable discretion and the Company’s ability to timely notify shall be negatively impacted.
3.2 Investigation. The Company shall promptly take reasonable steps to contain, investigate, and mitigate any Security Incident. Any logs determined to be relevant to a Security Incident shall be preserved for at least one (1) year.
3.3 Communication and Cooperation. The Company shall provide the Customer timely information about the Security Incident to the extent known to the Company, including, but not limited to, the nature and consequences of the Security Incident, the measures taken and/or proposed by the Company to mitigate or contain the Security Incident, the status of the Company’s investigation, a contact point from which additional information may be obtained, and the categories and approximate number of data records concerned. Notwithstanding the foregoing, Customer acknowledges that because the Company personnel may not have visibility to the content of Customer Data, it may be unlikely that the Company can provide information as to the particular nature of the Customer Data, or where applicable, the identities, number, or categories of affected data subjects. Communications by or on behalf of the Company with Customer in connection with a Security Incident shall not be construed as an acknowledgement by the Company of any fault or liability with respect to the Security Incident.
4. DELETION OF CUSTOMER DATA
4.1 By the Customer. The Customer, may at any time, by making a formal written request to support@dwell.fi seek deletion of any or all Customer Data during the Term of the Agreement.
4.2 By the Company. Subject to applicable provisions of the Agreement, after a period of sixty (60) days from the expiration or termination of the Agreement, the Company shall promptly delete any remaining Customer Data.
5. SPECIAL PROVISIONS RELATED TO PROOF-OF-CONCEPT PERIOD
5.1 POC Period Responsibilities. The Company may provide access to the Customer to use the Platform or any of the Company’s Services solely to evaluate the documented features of the service as under this Agreement (“POC Period”) During the POC Period, the Customer has the sole responsibility to ensure that the Customer Data provided to the Company has or will have the effect of disabling, harming or otherwise impeding in any manner the Services, Platform or the Company’s systems (e.g., via a virus, Trojan horse, worm, backdoor, etc.) (collectively the “Destructive Elements”).
5.2 Risk Management. If at any given point during the POC Period, the Company finds or suspects that the Customer Data is compromised or is vulnerable to be compromised by any Destructive Elements, the Company and its personnel have the right to inspect and repair and/or remove, delete, purge part or whole of the Customer Data compromised by the Destructive Elements at its sole discretion, without prior notification to the Customer. Additionally, to protect its systems and the Platform from any compromised Customer Data, the Company may change or terminate the Customer’s access at any time without liability. The Company shall promptly notify the Customer (which in no event shall exceed forty-eight (48) hours of any actions taken to rectify or mitigate damages arising as a result of any compromised /vulnerable Customer Data.
5.3 Discontinuation of POC In case of discontinuation of a specific product offering or the proof-of-concept entirely, the Company shall provide an opportunity to the Customer to retrieve the Customer Data within a period of thirty (30) days from the date of notification of such discontinuation/ closure. Beyond such period, all Customer Data will be permanently deleted by the Company, unless the Customer provides a reasonable written notice to support@dwell.fi to extend the stated time.
