GETMENTIONED TERMS OF SERVICES

Effective Date: September 7th, 2025

These Terms of Service (“Terms”) govern access to and use of the GetMentioned software-as-a-service Platform and related services (the “Service”), provided by GetMentioned sp. z o.o., with its registered office in Warsaw, address: Twarda 18, 00-105 Warsaw, Poland, entered into the Register of Entrepreneurs of the National Court Register (KRS) maintained by the District Court for the Capital City of Warsaw, under KRS number 0001190331, holding tax identification number (NIP) 5253058446 and statistical number (REGON) 542537890, with a share capital of PLN 6,000 (“GetMentioned”, “Provider”, “we” or “us”)..

By accessing, registering for, or using Our platform you (“Customer” or “you”) acknowledge and agree that you have read, understood, and accept these Terms. Your access to or use of the Services constitutes your agreement to be legally bound by this Terms.

If you are entering into this Terms on behalf of a company, organization, or other legal entity, you represent and warrant that you have the authority to bind that entity, and “Customer” will refer to such entity. If you do not agree to these Terms, you must not access or use the Services.

The agreement between us  is effective as of the earlier of: (a) the date you first accept these Terms (including by clicking “I Agree” or similar electronic acceptance mechanism), or (b) the date you first access or use the Services. From that date, a binding legal contract is formed between GetMentioned and Customer

1. DEFINITIONS

2. "Affiliate" means any entity which directly or indirectly Controls, is Controlled by, or is under common Control with the subject entity. "Control," and “Controlled” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

3. "Confidential Information" means all confidential or proprietary information disclosed by a party ("Disclosing Party") to the other party ("Receiving Party"), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information includes the terms and conditions of this agreement, as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by either party. However, Confidential Information shall not include any information that: (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.

4. Content" means information displayed by the Platform, and includes information uploaded by any person, including Your Content and Our Content.

5. "Data" means all data including electronic data and information related in any way to the Services

6. “Initial Term” means the depends on chosen option (i) initial term of 30 days or (ii) one-year  from acceptance of these Terms

7. "Malicious Code" means any computer viruses, worms, time bombs, Trojan horses and other code, files, scripts, agents or programs that are harmful, malicious, destructive or disabling or which assists in or enables the theft, alteration, denial of service, unauthorised access, disclosure, destruction or corruption of or to data.

8. “Our Content” means Our logos, content, trademarks, graphics, imagery, and any other works of authorship created or supplied by Us, but excluding any of Our Confidential Information, User Data, or Your Content. For the avoidance of doubt, Our Content includes any and all content templates and content library materials that may be supplied by Us.

9. “Platform” means the cloud based SaaS offered by Us.

10. “Renewal Term” means, depending if You have chosen monthly or annual subscription: (i) in case of monthly subscription  each subsequent one-month period following the Initial Term during which the subscription continues on a month-to-month basis unless either party cancels before the end of the then-current term, or (ii) in case of annual subscription each subsequent one-year period following the Initial Term  during which the subscription continues on a year-to-year basis unless either party cancels before the end of the then-current term

11. “Service Levels” or “SLA” means the service levels set out in Schedule A.

1. ELIGIBILITY AND SCOPE

   1. Business Use Only. The Service is provided solely to businesses, not to consumers. By accepting these Terms, you confirm that you are acting as a business entity and have authority to bind your organization.

   2. Conflicting Terms. These Terms override any conflicting terms supplied by the Customer. No Customer terms apply unless expressly agreed in a signed written agreement.

   3. Provision of Services. We shall make the Services available to You pursuant to this Terms  during the Initial term and any Renewal Term.  You agree (a) that Your purchases hereunder are neither contingent on the delivery of any future functionality or features nor dependent on any oral or written public comments made by Us regarding future functionality or features, (b) that We are only providing the Services which do not relate to any generally accessible public internet site.

   4. Provision of services to Your Affiliates.  You are entering into this agreement for Yourself and on behalf of all Your Affiliates which may receive/purchase Services pursuant to this Terms.  You and all such Affiliates shall, by receiving/ purchasing such Services, have the benefit of the rights, and become subject to the obligations that You have under this Terms.  You will remain responsible for any breach of such obligations by such Affiliates as if such breach was committed by You. 

3.  DESCRIPTION OF SERVICES

   1.  Core Functionality. GetMentioned provides a SaaS platform that monitors and analyzes brand visibility within responses generated by Large Language Models (“LLMs”) such as OpenAI’s ChatGPT, Perplexity, Gemini or other as may be change or added from time to time. The Service includes: (a) defining monitored prompts and competitors, (b) automatic, recurring queries to supported LLMs, (c) data ingestion and enrichment, (d) visualization through dashboards, reports, and rankings.

   2. Third-Party Dependencies. The Service relies on third parties subprocessors and infrastructure providers.

   3. Service Changes. We may modify or discontinue Service features to improve performance, enhance security, or comply with law. Material changes will be communicated in advance.

   4. Limitations. Monitoring results depend on third-party LLM outputs, which are beyond GetMentioned’s control. Service interruptions may occur due to outages at subprocessors or LLM providers.

   5. Our responsibilities: We shall: (i) use commercially reasonable endeavours to make the Platform available 24 hours a day, 7 days a week, except for: (a) planned downtime (of which We shall give at least 8 hours’ notice via the Platform) or (b) any unavailability caused by circumstances beyond Our reasonable control, including without limitation, acts of God, acts of government, flood, fire, earthquakes, pandemic, civil unrest, acts of terror, strikes or other labour problems (other than those involving Our employees), or internet service provider failures or delays, (ii) provide the Services only in accordance with applicable laws and government regulations, (iii) provide the Purchased Services

   6. Acknowledgment of Third-Party Processing. Customer acknowledges and agrees that certain LLM providers integrated with the Service, including but not limited to OpenAI, Google, and Perplexity (collectively, “LLM Providers”), may process data submitted to the Service for purposes defined by such LLM Providers, including model training, analytics, and service improvement.

   7. Limited Control. GetMentioned does not control the internal use, training, or retention practices of LLM Providers. Customer is solely responsible for ensuring that any data submitted to the Service does not violate applicable laws, confidentiality obligations, or third-party rights.

   8. Data Minimization and Instructions. To the extent legally permissible, Customer may avoid submitting sensitive personal data or proprietary information to the Service to mitigate use by LLM Providers for model training.

   9. Transparency. GetMentioned will, where feasible, inform Customer of the LLM Providers used by the Service and any material changes to such providers’ terms regarding data usage.

4. CUSTOMER RESPONSIBILITIES

   1. Your responsibilities: You shall: (i) use reasonable endeavours to prevent unauthorised access to or use of Platform and notify Us promptly of any such unauthorised access or use that You become aware of, (ii) use the Services only in accordance with applicable laws and government regulations and (iii) maintain, and ensure that Your Affiliates and users maintain and operate current and comprehensive anti-Malicious Code protection software in accordance with prudent industry practice.  You shall not: (a) promote or make the Services available to anyone other than users, (b) use the Services to store or transmit infringing, libellous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights, (c) use the Services to store or transmit Malicious Code, (d) interfere with or disrupt the integrity or performance of the Services, Platform or Content, or (e) attempt to gain unauthorised access to Our systems or networks.

   2. Usage Limitations. Purchased Services may be subject to other limitations. Any such limitations are specified in the applicable Platform’s user guide(s).

   3. Account Security. Customers must safeguard login credentials and notify GetMentioned of any unauthorized use.

   4. Lawful Use. Customers may not upload illegal, infringing, or unauthorized content. Use of the Service must comply with applicable laws (including data protection, intellectual property, and export control).

   5. Prohibited Uses. Customer shall not: (a) reverse engineer or copy the Service, (b) interfere with Service security, (c) use the Service for benchmarking or competitive purposes

5. FEES AND PAYMENT

   1. Fees. Subscription fees are set forth in the applicable pricing plan. All fees are exclusive of applicable VAT, sales taxes, or duties

   2. Invoicing and Payment Terms. Depending if You have chosen monthly or annual subscription: Fees for the Services shall be invoiced: (i) in case of monthly subscription - monthly in advance in respect of the provision of the Services for the following 1 month period of the Initial Term and any applicable Renewal Term(s) or (ii) in case of annual subscription - annually  in advance in respect of the provision of the Services for the following 1 year period of the Initial Term and any applicable Renewal Term(s). Payment terms are strictly 30 days from the date that You receive a valid invoice from Us. You must pay us the amount set out in an invoice on or before the expiration of the payment terms except where You dispute in good faith any such amount and are cooperating diligently with Us to resolve the dispute.  Interest may be charged on overdue amounts at a rate equal to 10% per annum (but not higher than maximum interest rates allowed by the applicable laws), compounding monthly.

   3. Payment Methods. Unless agreed otherwise by Parties, Customer shall make payments and other charges due under this agreement using one of the following methods, as agreed in the Purchase Order or as selected by Customer from the payment options made available by Provider:

      1. Bank transfer to designated bank account as specified on the invoice; or

      2. Automatic recurring payment via a valid payment card, where Customer has provided the necessary authorization and payment card details in accordance with then-current procedures and terms for such payment method. Customer is responsible for ensuring sufficient funds are available and for maintaining valid, up-to-date payment information for the chosen payment method. We reserve the right to introduce or discontinue specific payment methods, providing reasonable notice to the Customer where such change might affect an active subscription

   4. Credit Card Payments. If the Customer selects payment by credit card, it is required to use a corporate (business) credit card corresponding to its legal status and the commercial nature of the Terms. In the event that a consumer credit card is used instead, the Customer shall:

      1. reimburse the Us for any fees, charges, or loss of revenue resulting from the use of a consumer payment method, including but not limited to increased transaction or interchange fees;

      2. waive any claims for reimbursement, damages, or reduction of payment arising from such charges, including those based on statutory limits applicable to consumer transactions; and

      3. expressly authorize Us to charge the relevant amounts to the credit card used.

5. Recurring payments and SCA Requirements. The following provisions apply solely to automatic recurring payments, and only where payment by payment card has been selected as the method for such recurring (including variable) payments:

   1. According to the relevant payment providers’ policies some of the transactions may demand Strong Customer Authentication (SCA), which means that electronic payment is performed with multi-factor authentication to increase the security of such a payment. The type of used multi-factor authentication as well as demanding SCA in any case depends on the policy of the relevant payment provider that is used by the Customer to make a payment.

   2. The implementation of SCA requirements may result in payment providers processing a greater amount of the Customer’s Personal Data, and in the Provider transferring more of such data to those providers. Therefore, it is recommended to review the privacy policies available on the websites of the respective payment providers

   3. By accepting the Terms, the Customer enters into an agreement with Us under which the Customer authorizes Us to charge variable recurring amounts from the Customer’s card each month as payment of remuneration, without any further action required from the Customer (merchant-initiated transactions). In this case, only the first transaction will generally require strong customer authentication (SCA).

   4. The variable recurring amount is charged to the Customer’s card based on the remuneration specified in the pricing plan.

6. Suspension of Service. If any amount owing by You under this Terms is 30 or more days overdue, and we have provided You with written notice of such overdue amounts, We may, without limiting Our other rights and remedies, suspend the provision of Purchased Services to You until such amounts are paid in full. We shall not exercise Our rights under this clause if the applicable charges are under reasonable and good-faith dispute and You are cooperating diligently with Us to resolve the dispute.

7. Taxes. Unless otherwise stated, Our fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including but not limited to value-added, sales, use or withholding taxes, assessable by any local, state, provincial, federal or foreign jurisdiction (collectively, "Taxes"). You are responsible for paying all Taxes associated with Your purchases hereunder. If We have the legal obligation to pay or collect Taxes for which You are responsible under this paragraph, the appropriate amount shall be invoiced to and paid by You, unless You provide Us with a valid tax exemption certificate authorised by the appropriate taxing authority. For clarity, We are solely responsible for taxes assessable against or based on Our income, property and employees

8. Fee Increases. The fees shall be subject to an annual increase. Without limiting the foregoing, We also reserve the right, after the Initial Term and upon giving notice to You (and no later than 14 days prior to the expiry of Your right to issue notice of non-renewal ahead of the next Renewal Term), to adjust the Recurring Fees for any subsequent Renewal Term. 
   
   

9. INTELLECTUAL PROPERTY

   1. Material Owned by Us. We own and reserve all intellectual property rights, title and interest in and to the Services, Our Content, Data, and the Platform, all methodologies used and developed and all data (excluding User Data) contained in and collected as a result of providing the Services and the Platform. You acknowledge that as we own Data we may use it for reasonable commercial purposes. We will comply with relevant privacy and confidentiality obligations applicable to Us when making any disclosure of Data. 

   2. Restrictions. You shall not: (i) create derivative works based on the Services or copy any features, functions or graphics of the Platform or the Services, (ii) copy, frame (i.e., re-create a picture of the Platform which may include a hyperlink to the Platform) or mirror any part or content of the Services, other than framing on Your own intranet or describing/framing the Platform or Services in your marketing material, (iii) reverse engineer the Services, or (iv) access the Services in order to (a) build a competitive product or service, or (b) copy any features, functions or graphics of the Services. 

   3. Material Owned by You.  You own all of Your Content, and You grant to Us a royalty-free, worldwide, transferable and sublicensable license for the Initial Term specified in the Order Form and for any Renewal Term to use Your Content in order to provide the Services to You. We shall have a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use or incorporate into the Services and Platform any suggestions, enhancement requests, recommendations, variations or other feedback provided by You, relating to the operation of the Services and the Platform only (“Feedback”). Feedback may be suggested by You at any time. We may, but are not obligated to, implement any Feedback at our sole and absolute discretion. We may negotiate a fee variation with You for use of the Services as varied by the Feedback.

   4. Usage Metrics. We may monitor, collect, perpetually retain and use Data relating to Your usage (including usage by users) of the Services, provided that such usage metrics will only be disclosed in anonymous and aggregated form in a way in which no individual User can be identified with such usage metrics. Such analysis that may be conducted and related uses include: (a) optimising Our resources and support; (b) product research and development, including automated processes that enable continuous improvements, performance optimisation and development of new products and services; (c) verification of security and Data integrity; (d) internal demand planning; (e) creating and commercialising Data products such as industry trends and developments, and anonymous benchmarking; and (f) other reasonable commercial use of aggregated anonymised Data.

   5. Reference Rights. GetMentioned may publicly refer to the Customer as a client for marketing and promotional purposes. In particular, GetMentioned is entitled to use the Customer’s name, logo, and general branding in reference lists, on its website, in presentations, and in other marketing materials (both online and offline), provided this is done in a fact-based and appropriate manner. This right shall survive the termination of the contract, unless the Customer objects to such use in writing for legitimate reasons. GetMentioned will not disclose any confidential information of the Customer in this context.

7. CONFIDENTIALITY 

   1. Protection of Confidential Information. Except as otherwise permitted in writing by the Disclosing Party: (i) the Receiving Party shall use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but in no event less than reasonable care) not to disclose or use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Terms, and (ii) the Receiving Party shall limit access to Confidential Information of the Disclosing Party to those of its employees, contractors and agents who need such access for purposes consistent with this Terms and who have signed confidentiality agreements with the Receiving Party containing protections no less stringent than those herein.

   2. The Receiving Party may disclose Confidential Information of the Disclosing Party if it is compelled by applicable law or in response to a valid order by a court or other governmental body to do so, provided the Receiving Party gives the Disclosing Party prior notice of such compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party's cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to such Confidential Information.

8. WARRANTIES 

   1. Our Warranties. We warrant that: (i) the Services shall perform materially as described in the Terms; and (ii) the functionality of the Services will not be materially decreased during the Initial Term or any Renewal Term. For any breach of either warranty, Your exclusive remedy shall be the re-supply of the Purchased Services, or a refund of a reasonable amount of fees to compensate for the decreased functionality, at Our option.

   2. Mutual Warranties. You represent and warrant to Us that: (i) You have the legal power to enter into agreement created by these Terms, and (ii) You will not transmit to Us any Malicious Code. We represent and warrant to You that: (i) We have the legal power to enter into agreement created by these Terms, and (ii) We will not transmit to You any Malicious Code.

   3. Disclaimer. The warranties, terms and conditions stated in this Terms are in lieu of all other conditions, warranties, terms or representations concerning the subject matter of this Terms which might but for this clause 8.3 have effect between You and Us or would otherwise be implied or incorporated into this Terms or any collateral contract whether by statute, common law or otherwise, all of which are hereby excluded to the maximum extent permitted by law (including, without limitation, the implied conditions, warranties or terms as to satisfactory quality, fitness for purpose or as to the use of reasonable skill and care).

9. INDEMNIFICATION 

   1. Indemnification by Us.  We shall defend You against any claim, demand, suit, or proceeding ("Claim") made or brought against You by a third party alleging that the use of the Services as permitted hereunder infringes or misappropriates the intellectual property rights of a third party (“IP Claim”) and shall indemnify You for any damages finally awarded against, and for reasonable legal fees incurred by You in connection with any such Claim provided, that You: (a) promptly give Us written notice of the Claim; (b) give Us sole control of the defence and settlement of the Claim (provided that We may not settle any Claim unless the settlement unconditionally releases You of all liability, or We have obtained Your prior written consent); and (c) provide to Us all reasonable assistance, at Our expense. 

   2. Indemnification by You. You shall defend Us against any Claim made or brought against Us by a third party alleging that any material supplied by You, or Your use of the Services in violation of this Terms, infringes or misappropriates the intellectual property rights of a third party or violates applicable law, and shall indemnify Us on demand for any damages finally awarded against, and for reasonable legal fees incurred by, Us in connection with any such Claim; provided, that We: (a) promptly give You written notice of the Claim; (b) give You sole control of the defence and settlement of the Claim (provided that You may not settle any Claim unless the settlement unconditionally release Us of all liability); and (c) provide to You all reasonable assistance, at Your expense.

   3. Exclusive Remedy. This clause 9 (Mutual Indemnification) states the indemnifying party’s sole liability to, and the indemnified party’s exclusive remedy against, the other party for any type of Claim described in this clause.

10. LIMITATION OF LIABILITY

    1. No Exclusion of Liability for Fraud, Death or Personal injury, etc. NOTHING IN THIS TERMS SHALL EXCLUDE OR LIMIT EITHER PARTY'S LIABILITY FOR (I) FRAUD; (II) DEATH OR PERSONAL INJURY CAUSED BY ITS NEGLIGENCE; OR (III) ANY LIABILITY WHICH CANNOT BE LIMITED OR EXCLUDED BY LAW.

    2. Exclusion of Categories of Damages. IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY FOR ANY OF THE FOLLOWING LOSSES OR DAMAGE (WHETHER SUCH LOSSES OR DAMAGE ARE DIRECT OR INDIRECT): (I) LOSS OF REVENUE; (II) LOSS OF ACTUAL OR ANTICIPATED PROFITS (INCLUDING LOSS OF PROFITS ON CONTRACTS); (III) INTERRUPTION OF BUSINESS; (IV) LOSS OF ACTUAL OR ANTICIPATED SAVINGS; (V) LOSS OF BUSINESS; (VI) LOSS OF BUSINESS OPPORTUNITY; (VII) LOSS OF GOODWILL; (VIII) LOSS OF REPUTATION; (IX) LOSS OF DATA; OR (X) ANY OTHER CONSEQUENTIAL, SPECIAL, INCIDENTAL, OR PUNITIVE DAMAGES, WHETHER ARISING IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING SHALL NOT LIMIT YOUR PAYMENT OBLIGATIONS.

    3. Exclusion of Indirect and Consequential Losses. IN NO EVENT SHALL EITHER PARTY HAVE ANY LIABILITY TO THE OTHER PARTY FOR ANY INDIRECT OR CONSEQUENTIAL LOSS OR DAMAGE HOWSOEVER CAUSED. THE FOREGOING SHALL NOT LIMIT YOUR PAYMENT OBLIGATIONS UNDER CLAUSE 7 (FEES AND PAYMENT FOR PURCHASED SERVICES).

    4. Limitation of Liability. IN NO EVENT SHALL EITHER PARTY'S LIABILITY ARISING OUT OF OR RELATED TO THIS TERMS, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), BREACH OF STATUTORY DUTY OR OTHERWISE ARISING OUT OF, OR IN RELATION TO, THIS TERMS, EXCEED:

       1. IN AGGREGATE, THE TOTAL AMOUNT PAID OR PAYABLE BY YOU HEREUNDER; AND,

       2. WITH RESPECT TO ANY SINGLE INCIDENT, THE AMOUNT PAID BY YOU HEREUNDER IN THE 12 MONTHS PRECEDING THE INCIDENT. 

THE FOREGOING SHALL NOT LIMIT YOUR PAYMENT OBLIGATIONS UNDER CLAUSE 7 (FEES AND PAYMENT FOR PURCHASED SERVICES).

11. TERM AND TERMINATION

    1. Term. The agreement between us  is effective as of the earlier of: (a) the date you first accept these Terms (including by clicking “I Agree” or similar electronic acceptance mechanism), or (b) the date you first access or use the Services. From that date, a binding legal contract is formed between GetMentioned and Customer and continues until the latest date of expiry or non-renewal of the term.

    2. Term of Purchased Services. Access to the Purchased Services commences on the day You accept these Terms and Conditions and continues for the Initial Term specified therein. Platform access shall automatically renew for additional periods equal to the expiring term, unless either party gives the other notice of non-renewal at least 1 month before the end of the relevant term (or such different notice of each subsequent Renewal Term).   

    3. Termination for Cause. If a party has breached a material term of this Termst (“Defaulting Party”), the other party (“Non-defaulting Party”) may issue a notice requiring the Defaulting Party to cure the breach within 30 days. If the breach remains uncured after that 30 day period,, the Non-Defaulting Party may terminate this Terms by notice to the Defaulting Party with immediate effect.

    4. Surviving Provisions. Clauses 5 (Fees and Payment for Purchased Services), 6 (Intellectual Property Rights), 7(Confidentiality), 9 (Mutual Indemnification), 10 (Limitation of Liability),shall survive any termination or expiration of this Terms.

       
       

12. GOVERNING LAW AND JURISDICTION AND NOTICES

    1. General. The construction, validity and performance of this agreement and all non-contractual obligations arising from or connected with this agreement shall be governed by laws of Republic of Poland.

    2. Manner of Giving Notice. Except as otherwise specified in this Terms, all notices, permissions and approvals hereunder shall be in writing and shall be deemed to have been given upon: (i) personal delivery (with a copy by email), (ii) the second business day after mailing (with a copy by email), or (iii) the first business day after sending by email during normal business hours (provided email alone shall not be sufficient for notices of termination or an indemnifiable claim). Notices shall be addressed to the contact(s) designated by each party during creating the account in Platform..

    3. Dispute Resolution. Any dispute under this Terms, prior to being filed in court, must be subjected to either (i) good faith attempt by the parties to resolve the dispute internally, for a period of at least 30 days, with each party appointing an executive representative who shall be authorised to settle the dispute on its behalf, or (ii) a court recognised mediation process for a period of at least 30 days.

13. GENERAL PROVISIONS

    1. Relationship of the Parties. The parties are independent contractors. This Terms does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.

    2. Change of the Terms. We may update or amend these Terms from time to time. Material changes will be notified to you at least [30] days before taking effect, either by email or via the Platform. If you do not agree with the revised Terms, you may terminate this Terms by giving us written notice before the effective date of the change. Continued use of the Service after the effective date shall constitute your acceptance of the revised Terms.

    3. Waiver of Rights. No failure or delay by either party in exercising any right under this Terms shall constitute a waiver of that right. 

    4. Severability. If any provision of this Terms held by a court of competent jurisdiction to be unenforceable, the provision shall be deemed omitted from this Terms and the remaining provisions of this Terms shall remain in effect.

    5. Entire agreement. This Terms, named attachments and the Schedules attached hereto contain all the terms agreed between the parties regarding the subject matter and supersede and replace any prior agreement, understanding or arrangement between the parties, whether oral or in writing. No representation, undertaking or promise shall be taken to have been given or be implied from anything said or written in negotiations between the parties prior to this Terms except as expressly stated in this Terms. Neither party shall have any remedy in respect of any untrue statement made by the other upon which that party relied in entering into this Terms (unless such untrue statement was made fraudulently). Without prejudice to the foregoing, the only remedy available to a party in respect of a breach of any representation which is incorporated into this Terms shall be for breach of contract. No modification, amendment, or waiver of any provision of this aTerms shall be effective unless in writing and either signed or accepted electronically by the party against whom the modification, amendment or waiver is to be asserted. 

    6. Language. This Terms has been drafted and published in the English language. If you are using a translation tool (such as, but not limited to, in-browser translation) to view this document in another language, please note that such translations are provided for convenience only. In the event of any conflict or inconsistency between the translated version and the original English version, the English version shall prevail, and the Termst will be interpreted in accordance with its original English text.

14. PRIVACY AND DATA PROTECTION

The Data Processing Addendum (“DPA”) at Schedule A sets out how we will process personal data on your behalf and on your instructions for the purposes of performing our obligations under this Terms. The terms of the DPA are hereby incorporated by reference and will apply to the extent any Data includes personal data.  

Schedule A – Data Processing Agreement 

1. Definitions. In this clause:

   1. "Data Protection Laws" means all laws and regulations applicable to Our processing of personal data (as defined below) under the agreement, including the following, and as amended or replaced from time to time the General Data Protection Regulation EU 2016/679 (“GDPR”) and the UK General Data Protection Regulation, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003

   2. “controller” means i) the natural or legal person, entity, agent, or body which, (whether alone or jointly with others), determines the purposes and means of the processing of personal data, or ii) as otherwise defined under Applicable Data Protection Law, where defined therein.

   3. “data subject” means i) an identified or identifiable natural person, or ii) as otherwise defined under Applicable Data Protection Law, where defined therein. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

   4. “process” or “processing” i) refers to any operation or set of operations performed on personal data. Processing includes storing, collecting, retrieving, using, combining, erasing and destroying personal data, and can involve automated or manual operations, or ii) as otherwise defined under Applicable Data Protection Law, where defined therein.

   5. “processor” means i) the entity which processes personal data on behalf of the controller, or ii) as otherwise defined under Applicable Data Protection Law, where defined therein.

   6. “personal data” means i) any data or other information relating to a data subject, or ii) as otherwise defined under Applicable Data Protection Law, where defined therein.

2. GetMentioned as a processor of User personal data. Subject to clause 3 below of this DPA, to the extent that we process personal data on your behalf and on your instructions for the purposes of performing our obligations under this agreement, you act as a data controller and we act as a data processor and the following provisions shall apply in respect of such personal data.

Scope. We will process the personal data only in accordance with this agreement and your other written instructions. You shall be solely responsible for determining the purposes for which and the manner in which personal data are, or are to be, processed.

Purpose and Instructions. The details of the processing services provided by Us to You (e.g. the subject matter of the processing, nature and purpose of the processing, type of personal data and categories of data subjects) are specified in Annex 1 to Schedule A.

Our personnel. We will restrict access to personal data to Our personnel who need to access the personal data to provide the Services to You. We will ensure that any of Our personnel who process personal data are bound by appropriate contractual confidentiality, data protection, and data security obligations, which are at least as restrictive as set out in this DPA. 

Security. We will implement and maintain appropriate technical and organisational measures to protect personal data at all times against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure, access, or processing, as further set out in Annex 2 to Schedule A.

Disclosure. We will not disclose personal data to any government, authority or other third party except as necessary for the performance of the Services, to comply with applicable law or with Your prior written consent.

Assistance. We will provide reasonable assistance to You in connection with steps that You are required to take to comply with the Data Protection Laws insofar as they relate to the Services. This includes assisting You with: (i) responding to requests from individuals or authorities, (ii) notifying data breaches to affected individuals or authorities; (iii) carrying out data protection impact assessments and (iv) prior consultations with the authorities.

Information and Audit. We will provide reasonable assistance to You to enable You to verify Our compliance with this DPA from time to time. Such assistance may include helping You to carry out risk assessments of Our data processing operations, in particular providing information about, and permitting You to inspect, those operations on no more than one occasion in any given twelve-(12) month period (provided that a plan for conducting such inspection is agreed with Us in advance, any such inspection is carried out during normal business hours, and You give Us a reasonable period of notice before carrying out the inspection).

Deletion/Return. Except as provided otherwise by law, upon termination of the Terms or otherwise on Your written instructions, We will (at Your option) immediately delete or return all personal data processed by Us on your behalf in connection with the Termst.

Transfers. Personal data processed by Us pursuant to this agreement may be transferred outside the country where the Site is located, including to the EU, EEA, UK, Australia, the Philippines, and the USA.  Such transfers will take place only where We put in place measures (such as EU standard contractual clauses) to ensure appropriate safeguards for the protection of the personal data are in place, or where permitted by Data Protection Laws.

Data Breaches. We will notify You of any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed by Us or one of Our Sub-Processors or New Sub-Processors (a "Data Breach") without undue delay upon becoming aware of it. 

Sub-Processors. We may engage third parties to process personal data on Your behalf ("Sub-Processors"). The current list of Sub-Processors is set out in Annex 3 to this Schedule A. If We engage a new Sub-Processor ("New Sub-Processor"), We shall inform You of the engagement and You may object to the engagement of such New Sub-Processor by notifying Us within fourteen days of Our notification to You, provided that such objection must be on reasonable, substantial grounds, directly related to such New Sub-Processor's ability to comply with substantially similar obligations to those set out in this clause. If You do not so object, the engagement of the New Sub-Processor shall be deemed accepted by You. If You object to the engagement of the New Sub-Processor, We will take such steps as are reasonably necessary to address any of Your concerns. We will ensure that any such Sub-Processor or New Sub-Processor is bound by data protection obligations substantially equivalent to those set out in this clause.  We shall remain responsible and liable for the acts and omissions of any Sub-Processor or New Sub-Processor We engage in connection with Our provision of the Services to You.

Infringing Instructions: We will notify You if, in Our opinion, any instruction or direction from You infringes the Data Protection Laws .  Following this notification, We shall continue processing according to such direction or instruction except to the extent You withdraw or amend such direction or instruction in writing.  In the absence of  such a written withdrawal or amendment of the direction or instruction, You agree to indemnify Us against all losses that We may suffer as a consequence of continuing such processing, including without limitation losses arising from regulatory action or from claims made by data subjects.

2. GetMentioned as a Controller of Your Business Account Data.   In this clause 3, “Your Business Account Data” means personal data that relates to Your business relationship with Us, including the names or contact information and other individuals authorised by You (for example, Your nominated employees or agents) to access Your business account and billing information, solely of those individuals that You have associated with Your account with Us, but explicitly excludes all User personal data.

3. The parties acknowledge that, with regard to the processing of Your Business Account Data, You and We are independent controllers, not a joint controller with You, within the meaning of relevant Data Protection Laws. We may process Your Business Account Data as a controller for the purposes of (a) managing the business relationship with You; (b) carrying out Our administrative business operations, such as accounting and taxation; (c) detection, prevention, or investigation of security incidents, fraud, and other abuse or misuse of the Services; (d) performing identity verification (such as for any KYC requirements); (e) complying with legal obligations to which we are subject; and (f) as otherwise permitted under the applicable Data Protection Laws and in accordance with this agreement, the schedules thereto, and Our privacy notices.

Annex 1 to Schedule A - Data Processing Details

1. Categories of data subjects

The personal data processed relates to the following categories of data subjects: Customers and irs representatives 

2. Subject-matter of the processing

To operate a cloud based digital tenant engagement platform including community management, content, retail offers, events and facilitation of services.

3. Nature and purpose of the processing

We process the personal data of the data subjects on behalf of You in order to operate a cloud based digital tenant engagement platform including community management, content, retail offers, events and facilitation of services as further described in the agreement.

4. Type of personal data

We may process the following categories of personal data on Your behalf in order to provide the Services to you:

• Name;

• Email address;

• Company name;

• Role / tile;

• Mobile phone number;

• Telephone number;

• IP address;

• Activity on the digital platform (such as polls, content read, purchases made etc);

• Geolocation; and

• any other categories of personal data for which You set up a configurable field to capture via the Platform.

5. Special categories of data (if relevant)

The processing of special categories of data is not anticipated.

Annex 2 to Schedule A

1. Our security program (“Security Program”) shall be designed to: protect the confidentiality, integrity, and availability of the personal data in Our possession or control or to which We have access;  protect against any anticipated threats or hazards to the confidentiality, integrity, and availability of the personal data;  protect against unauthorized or unlawful access, use, disclosure, alteration, or destruction of the personal data;  protect against accidental loss or destruction of, or damage to, personal data; and  safeguard personal data in accordance with applicable Data Protection Laws.

2. Without limiting the foregoing, Our Security Program will include at minimum:

3. Security Awareness and Training. A security awareness and training program.

   1. Access Controls. Policies, procedures, and logical controls: (i) to limit access to its information systems and the facility or facilities in which they are housed to properly authorised persons with a genuine need-to-know; (ii) to prevent those workforce members and others who should not have access from obtaining access; and (iii) to remove access in a timely basis in the event of a change in job responsibilities or job status. 

   2. Physical Security. Controls that provide reasonable assurance that physical access to facilities where personal data is stored, including physical servers, is limited to properly authorized individuals.

   3. Contingency Planning. Policies and procedures for responding to an emergency or other occurrence that could damage or otherwise harm personal data or production systems that contain personal data. Such procedures must include: (i) a policy for performing periodic backups of production file systems and databases containing accessing personal data; and (ii) a disaster recovery plan for personal data.

   4. Storage and Transmission Security. Security measures to guard against unauthorized access to accessing personal data that is being transmitted over a public electronic communications network or stored electronically.

      1. Segmentation. Measures ensuring the segmentation of personal data related to You in provision of the Services from data of Our other customers.

      2. Monitoring. Network and systems monitoring, including error logs on servers, disks and security events for any potential problems. Such monitoring includes: (i) reviewing changes affecting systems handling authentication, authorisation, and auditing; (ii) reviewing privileged access to Our production systems; and (iii) engaging third parties to perform network vulnerability assessments and penetration testing on a regular basis.

   5. Specific Security Requirements. We will include the following actions as part of Our Security Program:

      1. databases containing personal data backed up at minimum every four hours;

      2. implement and maintain transport layer security (TLS) encryption security to protect all data transmissions of personal data;

      3. encrypt all data at rest where User Data is accessible from an externally facing (Internet) application;

      4. conduct vulnerability scans and penetration tests at least annually.

You acknowledge and agree that the Security Program may evolve over time due to technical progress and development. We may update or modify the Security Program at our discretion, provided that such updates or modifications do not result in a material reduction in the overall security of the Platform or Our data processing activities under this agreement during its term. All changes shall remain compliant with applicable data protection laws, and We will continue to implement administrative, technical, and physical safeguards that are no less protective than those in place as of the Commencement Date. For the avoidance of doubt, the evolution of the Security Program in accordance with this clause shall not be deemed a breach of this agreement.

Annex 3 to Schedule C - Data Processing Details

Approved Sub-Processors

Third-party sub-processors