Software as a Service Agreement for EfficientEther Ltd

1. Definitions

In this Agreement, the following terms shall have the respective meanings indicated:

1.1. "Agreement" means this Software as a Service Agreement and all materials referred or linked to herein.

1.2. "Billing Period" means the period for which you agree to prepay when setting up the subscription.

1.3. "Business Day" means a day other than a Saturday, Sunday or public holiday in the United Kingdom when banks in London are open for business.

1.4. "Confidential Information" means all information or data of a confidential or proprietary nature (in whatever form), including Customer Data (as defined in clause 1.15), and labelled or designated as "confidential" (or similar), or any data that a reasonable person would understand to be confidential based on its nature or the circumstances of disclosure.

1.5. "Data Protection Legislation" means all applicable data protection and privacy legislation in force from time to time.

1.6. "EfficientEther Software" refers to our proprietary software as a service offering as described in clause 3.

1.7. "EtherAssist" refers to the AI technical assistant provided by EfficientEther.

1.8. "Managed Service Provider" or "MSP" means an entity that registers and signs up customers for the Services, acting as an intermediary between EfficientEther and customers.

1.9. "Normal Business Hours" means 9:00 am to 5:00 pm UK time, each Business Day.

1.10. "Services" means the products and services that are ordered by you under a free trial or an Order Form and made available by us online via the customer login link at EfficientEther.co.uk, including associated offline components, as described in clause 3.

1.11. "User" means an individual who is authorised by you to use a Service, for whom you have ordered the Service, and to whom you (or we at your request) have supplied a user identification and password.

1.12. "User Subscription" means the subscription purchased by you pursuant to clause 11, which entitles Users to access and use the Services in accordance with this Agreement.

1.13. "we", "us" or "our" means EfficientEther Ltd.

1.14. "you" or "your" means the person entering into this Agreement with us or the company or other legal entity for which you are accepting this Agreement.

1.15. "Your Data" (or "Customer Data") means all data, information and content submitted by or for you to the Services or collected and processed by or for you using the Services, including Content, and excluding Non-EfficientEther Applications.

1.16. "EtherInsights" means our cost, usage and configuration insights and optimisation service for Connected Systems (including Microsoft 365 and Azure) that may, where enabled by you, perform Administrative Actions in accordance with this Agreement.

1.17. "EtherApps Forge" means EfficientEther’s downloadable software tool made available to customers for application packaging and deployment.

1.18. "Forge EULA" means the End User Licence Agreement applicable to EtherApps Forge, as updated from time to time. See the EULA.

1.19. "Personal Data" means any information relating to an identified or identifiable natural person that is processed by us on your behalf in connection with the Services.

1.20. "Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

1.21. "Sub-processor" means any third party appointed by us to process Personal Data on your behalf in connection with the provision of the Services.

1.22. "Content" has the same meaning as Your Data for the purposes of this Agreement.

1.23. "Non-EfficientEther Applications" means any applications, software, or tools that are not part of the Services and are not provided by EfficientEther Ltd.

1.24. "Ancillary Provider" means a third-party service used in connection with the Services that we have configured so that it does not process Personal Data on your behalf (for example, a web search provider where queries are sent without Personal Data).

1.25. "Restricted Transfer" means a transfer of Personal Data to a country outside the United Kingdom and/or European Economic Area (EEA) that requires additional safeguards under the Data Protection Legislation.

1.26. "Approved Transfer Mechanism" means a mechanism recognised under the Data Protection Legislation for legitimising a Restricted Transfer, including (as applicable) an adequacy decision, the EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA) or UK Addendum to the SCCs, Binding Corporate Rules, or participation in a recognised certification or framework.

1.27. "Effective Date" means the date you first accept this Agreement.

1.28. "Administrative Actions" means any configuration, licence, role, policy, device or resource change performed in your Connected Systems by the Services on your documented instructions (for example, reclaiming or downgrading Microsoft 365 licences, or updating configuration profiles).

1.29. "Connected Systems" means the third-party platforms and tenants you link to the Services (for example, Microsoft 365, Azure, Intune/Windows 365 or other platforms you authorise).

1.30. "Operational Logs" means audit and telemetry data generated by the Services about access, system events and Administrative Actions (including who requested/approved/executed an action, timestamps and before/after values).

2. Acceptance of Terms

2.1. This Agreement commences on the date you first accept it and continues until terminated in accordance with the terms of this Agreement.

2.2. By clicking "Accept," signing your contract for our Services, or using our Services, you acknowledge that you have read, understood, and agreed to be bound by this Agreement. If you are entering into this Agreement on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind such entity to these terms and conditions, in which case the terms "you" or "your" shall refer to such entity. If you do not have such authority, or if you do not agree with these terms and conditions, you must not accept this Agreement and may not use the Services.

2.3. The terms and conditions of this Agreement will apply over any other terms and conditions which you try to impose or incorporate, or which are implied by trade, custom, practice or otherwise.

2.4. You may not access the Services if you are our direct competitor, except with our prior written consent. In addition, you may not access the Services for purposes of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes.

2.5. We may update this Agreement from time to time. The most current version of this Agreement will be posted on our website. If any change to this Agreement is not acceptable to you, your only remedy is to stop accessing and using our Services. Your continued use of our Services after we have posted or otherwise provided notice of changes to this Agreement signifies your acceptance of such changes.

2.6. By using our Services, you consent to us collecting and using technical information about the devices you use the Services on and related software, hardware, and peripherals to improve our products and to provide any Services to you.

2.7. Use of EtherApps Forge is subject to the Forge EULA. The Forge EULA is separate from this Agreement and governs your installation and use of EtherApps Forge. Acceptance of this Agreement does not constitute acceptance of the Forge EULA. See the EULA.

3. Services

3.1. Subject to the terms and conditions of this Agreement, we will provide the Services as described below:

1. Cloud Cost Assessment: We will provide a comprehensive review of the User's cloud environment, focusing on identifying areas where cost savings can be achieved. This includes an evaluation of the User's current cloud structure, applications, data management, and other relevant factors.

2. Optimisation Recommendations: We will provide detailed recommendations on how to optimise the User's cloud environment to reduce costs. Recommendations may include, but are not limited to, resource allocation, right-sizing instances, deleting idle resources, consolidating redundant services, and managing data storage and transfer efficiently.

3. Implementation of Optimisation Techniques: If agreed by the User, we will assist in implementing the optimisation recommendations. This will include aligning cloud resources with business needs, ensuring resource efficiency, and reducing wastage.

4. Ongoing Monitoring and Optimisation: We offer an ongoing service to monitor and optimise the User's cloud environment, providing regular reports and further recommendations as needed.

5. EtherAssist AI Service: A cloud-based solution offering AI-driven support for technical queries to IT admins and departments. Utilising advanced AI for analysis and accurate problem-solving, it enhances decision-making in IT operations with an interactive interface.

6. Insights & Optimisation Service (branded as "EtherInsights"): Provides dashboards, reports, alerts and simulations over cost/usage/licensing/configuration data in your Connected Systems and-only where you grant the necessary permissions-can perform Administrative Actions (e.g., reclaiming/downgrading licences or updating configuration profiles). Where Administrative Actions are enabled, additional data-protection terms apply (see Sections 9.18-9.27).

   • Features: Dashboards, scheduled/on-demand reports, anomaly alerts, savings simulations, role-based access control, approval workflows and audit logs.

   • Permissions & safeguards: Least-privilege connections by default; elevated scopes only for specific actions you enable. All actions are logged; reversibility depends on Connected Systems' capabilities.

   • Service boundaries: The Service supports optimisation and administration; it does not replace your security monitoring, financial advice or change-management obligations. You remain responsible for reviewing and approving changes.

   • Billing: See Section 11.12.

7. EtherApps Forge: An application capture and packaging solution to help customers migrate from legacy and older operating systems to modern platforms (See the EULA). Where we make EtherApps Forge available alongside the Services, your use of Forge is governed by the Forge EULA. This Agreement governs the cloud Services; it does not grant any licence to Forge.

3.2. We provide the Services on an "as is" and "as available" basis, and we do not guarantee that the Services will be uninterrupted, timely, secure, or free from errors. However, we will use commercially reasonable efforts to make the online Services available 24 hours a day, seven days a week, except for planned downtime and any unavailability caused by circumstances beyond our reasonable control, including, for example, acts of God, acts of government, flood, fire, earthquakes, civil unrest, acts of terror, strikes or other labour problems, or Internet service provider failures or delays.

3.3. We reserve the right to modify the Services from time to time in our sole discretion, and will use reasonable efforts to notify you of any material modifications. We may also cease to provide certain services as part of the Services at any time, in our sole discretion and for any reason. Such modifications and terminations of services will not affect your obligations under this Agreement, and we shall not be liable to you or to any third party for any modification, suspension, or discontinuation of the Services, except as set out in clause 3.3A.

3.3A. If we discontinue a paid feature of a Service (excluding Previews) without providing substantially equivalent functionality, you may terminate the affected Service and receive a pro-rata refund of any prepaid fees for the unused portion of the terminated Service.

3.4. Pre-release features (Market Preview/Beta). We may offer optional preview, beta or experimental features (“Previews”). Previews are governed by Section 18 (Market Preview Terms (All Products)). Previews may be changed, suspended or withdrawn at any time and are excluded from service levels, credits and availability commitments.

3.5. Free Trials.

3.5.1. EtherAssist Trial. A free trial is available. The default trial length is fourteen (14) days and may be adjusted by an approved Partner/Distributor in the channel console. The trial begins on activation and ends at the earlier of (i) the configured trial end date, or (ii) the date you purchase a paid plan. No fees are charged during the trial. After the trial ends, continued access requires a paid subscription (see Sections 4, 6.5, 11 and 12).

3.5.2. EtherInsights Trial. A 5-day free trial is available. During the trial you may generate one (1) report only. The trial is provided solely for internal evaluation and must not be used for consultancy, chargeable services, or production decision-making. After the trial ends, continued access requires a paid subscription under Section 11.12.

3.5.3. Trial limits and abuse. Trials are for evaluation only and may not be chained, repeated or re-registered for the same tenant, organisation, billing account or substantially the same user population in order to avoid fees. We may suspend access or invoice for usage beyond the trial scope.

3.5.4. End of trial enforcement. When a trial ends, access is automatically suspended unless a paid subscription is activated (see Section 6.5). If access continues beyond the trial because a Partner/Distributor fails to disable or activate, we may invoice in accordance with Sections 6.5 and 11.14.

4.2. Availability & billing. EtherAssist is available either (a) on a monthly subscription (Personal (legacy) or Standard) or (b) on a token-based consumption plan. Subscription billing terms are in Section 11 and termination in Section 12; consumption terms are in Section 12.2.

4.3. EtherAssist Usage Restriction: Each user of EtherAssist is subject to a usage cap of a maximum of 75 questions within any rolling 4-hour period. If this threshold is surpassed, the user will be required to observe a cooldown period of 4 hours before regaining access to the service. Users on the Standard Plan (£12.00 per user per month + VAT / sales taxes, increasing to £16.00 / €20 / $20 + VAT / sales taxes from 1st April 2026) will have access to 10 Advanced model questions every 4 hours, 5 Reflective model questions every 4 hours, 10 Coding model questions every 4 hours, and 5 Web Search questions every 4 hours. If any of these thresholds are surpassed, the user will be required to observe a cooldown period of 4 hours before regaining access to the respective feature. Additionally, there is a monthly limit of 200 questions for Advanced model, 100 questions for Web Search and Coding model, and 50 questions for Reflective model. Note: The Web Search monthly limit was reduced from 200 to 100 questions effective 1st April 2026 to ensure sustainable service delivery. This measure is implemented to promote equitable access to our services. Notwithstanding this restriction, users who opt for the Consumption-based billing are exempt from this cap and may utilise the service without such limitations.

4.4. Token usage: Standard-model responses typically consume 1,000-15,000 tokens. Advanced and Reflective model responses may exceed this range (see Section 4.5) and can be substantially higher depending on complexity. In complex queries or when processing large datasets, token usage may be as high as 100,000 tokens. Token usage is automatically calculated based on the actual resources used.

4.5. EtherAssist Fair Usage Policy: Alongside the existing usage cap of 75 questions per 4-hour period, we enforce a monthly fair usage policy for users on subscription plans. Subscription users are limited to a maximum of 1,125 questions per month for the standard model, 200 questions per month for the advanced model, 100 questions per month for the coding model, and 100 questions per month for web search. Reflective questions, which are more resource-intensive, are subject to a separate limit of 50 questions per month for subscription users. Token consumption for reflective questions typically ranges from 17,000 to 60,000 tokens per question depending on complexity (and may exceed 60,000 in rare cases-see Section 4.4), with average usage typically between 17,000 and 21,000 tokens. Once a user reaches their allocated question limit, they will retain access to the platform, including previously provided responses and associated features, but will be unable to ask further questions until the start of the next billing cycle. For users operating under a consumption-based billing plan, usage is not limited by question counts but is instead governed by token consumption. Administrators can manage token limits via the token limiter available in the manage users page. These token limits are set per user rather than at an organisational level, meaning administrators must configure limits appropriately for all users to prevent overspending during a billing period. A token limit represents the maximum number of tokens a user can consume in a calendar month, after which the user will be unable to ask further questions. The customer acknowledges and accepts responsibility for managing their users' token limits and monitoring usage. In the event that the system fails to enforce a token or question limit and a user exceeds their quota, the customer remains responsible for any additional costs incurred. EtherAssist will take all reasonable steps to ensure the system operates as intended, including providing tools for customers to monitor and control their usage. This policy ensures fair and balanced access to EtherAssist for all subscribers while providing flexible controls for consumption-based users.

4.6. Data Protection Feature: When enabled, the Data Protection feature incurs no additional cost for Standard Plan users and is included within the plan. For consumption customers, it is priced at the Standard Model rate: £0.0061 per 1000 tokens.

4.7. Web and Video Search Responsibility: Whilst EfficientEther employs security measures and content filtering mechanisms in relation to web and video searches, Users acknowledge and agree that they shall remain wholly responsible and liable for any and all searches conducted through the Service. Users hereby undertake to:

1. Exercise due care and reasonable judgement when conducting web and video searches;

2. Accept full responsibility for the nature and content of all search queries submitted;

3. Indemnify and hold harmless EfficientEther against any claims, damages, or losses arising from inappropriate or unlawful search activities;

4. Acknowledge that whilst EfficientEther implements content filtering and security measures, these are provided on an "as is" basis without any warranty of completeness or absolute effectiveness;

5. Comply with all applicable laws and regulations regarding internet usage and content access.

4.8. Privacy and Web Search. The Web Search feature is optional and must not be used to submit Personal Data. We configure the feature to avoid transmitting Personal Data and to route requests from our server-side infrastructure. If you include Personal Data in a query, the relevant search provider will be deemed an authorised Sub-processor solely for that processing and Clause 9 applies.

5. User Responsibilities

5.1. Each User shall:

1. Use the Services in accordance with the terms and conditions of this Agreement, any documentation provided by us, and any laws, regulations, and government requests.

2. Comply with instructions and guidelines provided by us for the use of the Services, including any security guidelines and procedures.

3. Be responsible for the accuracy, quality, and legality of their data, the means by which they acquired their data, and their use of their data with our Service.

4. Promptly handle and resolve any notices and claims relating to their data, including any notices sent to them by any person claiming that any data violates any person's rights, such as take-down notices pursuant to the Digital Millennium Copyright Act or equivalent laws and any other notices.

5. Use the Services in a manner that does not infringe the intellectual property rights, privacy rights, or other legal rights of any third party.

6. Ensure that the User's network and systems comply with the relevant specifications provided by us from time to time.

7. Be solely responsible for procuring and maintaining their network connections and telecommunications links from their systems to our data centres, and for all problems, conditions, delays, delivery failures, and all other loss or damage arising from or relating to their network connections or telecommunications links or caused by the Internet.

8. Adhere to the Responsible AI guidelines set out in Section 17, ensuring that EtherAssist is used in an ethical and responsible manner, particularly in decision-making based on AI-generated outputs.

9. Report to us in a timely manner any issue with the Service or any suspected breach of security or unauthorised use of the Service.

10. Where you use EtherApps Forge, comply with the Forge EULA in addition to this Agreement. See the EULA.

5.2. Each User shall not:

1. Attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the EfficientEther Software (including EtherAssist) in any form or media or by any means.

2. Attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the EfficientEther Software (including EtherAssist).

3. Access all or any part of the Services or the EfficientEther Software (including EtherAssist) to build a product or service that competes with the Services.

4. Use the Services and/or the EfficientEther Software (including EtherAssist) to provide services to third parties by making the Services available to them, except as expressly permitted under Section 6 (Channel Program).

5. License, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit or make the Services (including EtherAssist) available to any third party, except as expressly provided for by the terms of this Agreement.

6. For clarity, you may share outputs or work product generated using the Services with third parties, provided those third parties do not access the Services and are not assigned licences or user accounts.

7. Abuse the service, participate in illegal activities, or cause harm to EfficientEther's services. Users found in violation may be held liable. Actions might include, but are not limited to, termination of service access and legal action.

5.3. Additional responsibilities for Administrative Actions.

1. You will designate authorised users, maintain appropriate role-based access controls and multi-party approvals for Administrative Actions, and review recommendations before execution.

2. You are responsible for change management (including testing and rollback) and for verifying that proposed changes are appropriate for your environment.

3. You will ensure that permissions granted to the Services in your Connected Systems remain current and limited to what is necessary; you may revoke permissions at any time.

5.4. Acceptable Use. You will not (and will ensure Users do not): (a) upload or transmit malicious code; (b) interfere with or disrupt the integrity or performance of the Services; (c) attempt unauthorised access to the Services or related systems; or (d) use the Services to send spam or unlawful, infringing or harmful content.

6. Channel Program

6.1. Automatic Enrolment

1. Upon approval and acceptance into the Channel Program as an MSP or Distributor, you automatically become bound by this Agreement and the additional terms specified in this Channel Program section.

2. We shall provide you with a copy of this Agreement, including the Channel Program section, and any updates or modifications to it. Continued participation in the Channel Program constitutes acceptance of the Agreement's terms.

3. By participating in our Channel Program, you acknowledge that you have read, understood, and agreed to be bound by the terms and conditions of this Agreement, including the specific terms outlined in this Channel Program section.

6.2. Managed Service Providers (MSPs)

1. If you are an MSP registering and signing up customers for the Services under our Channel Program, you acknowledge and agree to the additional terms outlined in this section.

2. As an approved MSP, you are granted the status of a Registered Partner and agree to participate in our Channel Program based on the criteria set forth in the separate Channel Program document. Depending on your performance and achievements, you may have the opportunity to advance to higher partner levels, including Bronze, Silver, or Gold Partner.

3. As part of the Channel Program, you are entitled to receive a margin on sales of the Services as specified in the Channel Program document. The margin structure, performance targets, and associated benefits are outlined in the Channel Program document.

4. You shall ensure that your customers who subscribe to the Services under your management comply with the terms and conditions of this Agreement, including any applicable usage restrictions, confidentiality obligations, and payment obligations.

5. Any disputes or claims arising from the use of the Services by your customers shall be handled solely between you and your customers. You agree to indemnify and hold us harmless from any such disputes or claims arising from the use of the Services by your customers.

6. As an MSP, you agree that you will be liable for all payments and fees by customers who subscribe to the Services under your management, irrespective of any payment terms or other obligations between you and your customers.

6.3. Distributors

1. If you are a Distributor registering and signing up partners for the Services under our Channel Program, you acknowledge and agree to the additional terms outlined in this section.

2. As an approved Distributor, you are granted the status of a Registered Distributor and agree to participate in our Channel Program based on the criteria set forth in the EfficientEther Channel Program document.

3. As part of the Channel Program, you are entitled to receive a margin on sales of the Services as specified in the Channel Program document. The margin structure and associated benefits are outlined in the Channel Program document.

4. You shall ensure that the partners you register and sign up under the Channel Program comply with the terms and conditions of this Agreement, including any applicable usage restrictions, confidentiality obligations, and payment obligations.

5. Any disputes or claims arising from the use of the Services by partners you register and sign up shall be handled solely between you and your partners. You agree to indemnify and hold us harmless from any such disputes or claims arising from the use of the Services by your partners.

6. As a Distributor, you agree that you will be liable for all payments and fees by partners who subscribe to the Services under your management, irrespective of any payment terms or other obligations between you and your customers.

6.4. Data Roles of Distributors, Partners and MSPs. Distributors, Partners and MSPs that you appoint to resell, manage or administer the Services for you act as your processors or independent controllers under your separate agreement with them. They are not our Sub-processors unless we engage them in writing to process Personal Data for us in delivering the Services.

6.5. EtherAssist - Channel-controlled trials, activation and billing liability.

1. Partner-set trial length. For EtherAssist provisioned via an approved Partner or Distributor (each a "Partner"), the Partner may configure the trial length in the channel console; if not configured, the default is fourteen (14) days (see 3.5.1).

2. Activation step. Upon or after trial expiry, the end-customer's access remains suspended unless the Partner expressly clicks "Activate Subscription" (or equivalent) in the console to enable licences and commence billing.

3. Click-through confirmations. By clicking "Activate Subscription", the Partner represents that (i) it has obtained the end-customer's order/consent to purchase EtherAssist, (ii) it is authorised to bind the end-customer to the applicable plan, and (iii) as between EfficientEther and the Partner, the Partner is liable for all fees accruing from activation until deactivation in accordance with this Agreement, irrespective of the Partner's collection from the end-customer.

4. Post-trial use. If, due to Partner action or inaction, the end-customer continues to use EtherAssist after the trial expires without a paid activation, EfficientEther may invoice the Partner from the day after the trial end date. Our Operational Logs record activation and usage events for this purpose.

5. Deactivation on customer cancellation. The Partner must promptly disable the subscription if the end-customer cancels. Charges continue to accrue until the effective deactivation date reflected in the console and Operational Logs.

6. No extension by re-trial. Partners must not extend evaluation access by creating successive trials for the same tenant, organisation or substantially the same users. EfficientEther may suspend or terminate access and/or invoice at the applicable plan rates where this occurs.

7. Confidentiality

7.1. Each party agrees that it may have access to certain confidential information of the other party concerning the other party's business, plans, technology, and products (including Customer Data), and that such confidential information is proprietary and confidential to the disclosing party.

7.2. Each party agrees to hold the other party's confidential information in confidence and to protect and preserve the confidential nature and secrecy of the confidential information with at least the same degree of care as it would protect its own confidential information, including Customer Data.

7.3. The obligations of confidentiality shall not apply to information that:

1. Is or becomes publicly known through no act or omission of the receiving party.

2. Was in the receiving party's lawful possession prior to the disclosure and had not been obtained by the receiving party either directly or indirectly from the disclosing party.

3. Is lawfully disclosed to the receiving party by a third party without restriction on disclosure.

4. Is independently developed by the receiving party without reference to the disclosing party's confidential information.

5. Is required to be disclosed by law, provided that, to the extent it is legally permitted to do so, the receiving party shall notify the disclosing party of such requirement and reasonably cooperate with the disclosing party in any legal action to contest or limit the scope of such required disclosure.

7.4. The obligations of confidentiality shall survive for three (3) years from termination or expiration of this Agreement; provided that obligations relating to trade secrets continue for so long as the information remains a trade secret.

8. Intellectual Property

8.1. We retain all right, title, and interest, including all intellectual property rights, in and to the EfficientEther Software (including EtherAssist) and the Services, including without limitation, all technology and processes, enhancements or modifications thereto, trademarks, service marks, site design, text, video, graphics, logos, images and icons, as well as the arrangement thereof. This Agreement does not grant you any ownership right, title, interest or licence to the EfficientEther Software (including EtherAssist) or the Services, except as expressly set forth herein. You agree that you will not copy, reproduce, modify, create derivative works from, or distribute any content from the EfficientEther Software (including EtherAssist) or the Services.

8.2. We shall own all right, title, and interest, including all intellectual property rights, in and to any modifications or improvements to the EfficientEther Software (including EtherAssist) or the Services made by or on behalf of EfficientEther during the term of this Agreement. Where you acquire, by operation of law, title to any such intellectual property rights, and this acquisition is inconsistent with the allocation of title set out in this clause 8, such intellectual property rights shall be assigned by you to EfficientEther on the request of EfficientEther, whenever that request is made.

8.3. You retain all right, title, and interest, including all intellectual property rights, in and to Your Data. You grant us a limited, non-exclusive, worldwide, royalty-free licence to host, store, copy, process, transmit, modify, display and otherwise use Your Data solely as necessary to provide, maintain, support and secure the Services, including to disclose Your Data to authorised Sub-processors in accordance with clause 9. You represent and warrant that you have all necessary rights, consents, and permissions to grant the foregoing licence to Your Data.

8.4. No licence to EtherApps Forge is granted under this Agreement. All rights in and to EtherApps Forge are licensed under the Forge EULA only. See the EULA at https://legal.efficientether.co.uk/eula.

9. Data Protection

9.1. Both parties will comply with all applicable requirements of the Data Protection Legislation. This clause 9 is in addition to, and does not relieve, remove, or replace, a party's obligations or rights under the Data Protection Legislation.

9.2. The parties acknowledge that for the purposes of the Data Protection Legislation, you are the data controller and EfficientEther is the data processor.

9.2A. Role split. Notwithstanding clause 9.2: (a) for Personal Data within your Connected Systems and any data you provide for processing by the Services ("Customer Data"), we act as your processor; (b) for Personal Data we process to run our business outside the Services-such as account owner/contact/billing/anti-fraud records, service analytics that do not identify data subjects in your tenant, and compliance with law ("Account Data")-we act as an independent controller. Our processing of Account Data is described in our privacy notice. We do not use Customer Data for our own purposes except as permitted in this Agreement.

9.3. Without prejudice to the generality of clause 9.1, you will ensure that you have all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to us and/or lawful collection of the Personal Data by us on your behalf for the duration and purposes of this Agreement.

9.4. Without prejudice to the generality of clause 9.1, we shall, in relation to any Personal Data processed in connection with the performance by us of our obligations under this Agreement:

1. Process that Personal Data only on your written instructions unless we are required by applicable law to otherwise process that Personal Data.

2. Ensure that we have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction, or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures.

3. Ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential.

4. Not make a Restricted Transfer unless we (i) rely on an applicable adequacy decision for the destination; or (ii) implement an Approved Transfer Mechanism (for example, SCCs, the UK IDTA/UK Addendum, or participation in a recognised certification or framework), and in all cases (iii) ensure data subjects have enforceable rights and effective legal remedies.

5. Assist you, at your cost, in responding to any request from a data subject and in ensuring compliance with your obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments, and consultations with supervisory authorities or regulators.

6. Promptly inform you if, in our opinion, an instruction infringes the Data Protection Legislation.

9.5. We may, at any time on not less than 30 days' notice, revise this clause 9 by replacing it with any applicable controller to processor standard clauses or similar terms forming part of an applicable certification scheme (which shall apply when replaced by attachment to this Agreement).

9.6. We may use Personal Data of users within your tenant for the following purposes:

1. To provide and maintain our Service, including monitoring the usage of our Service.

2. To infer security risks, incidents, and security-related configurations about your tenant.

3. The data collected includes Event Data, User and Mailbox Data, and Configuration Data.

9.7. We may share Personal Data of tenant users for the limited purpose of processing and inferring risk and security incidents, exclusively with third-party processors that have agreed to process such data solely to provide additional security information.

9.8. We may use personal data of the registered account owner for specific purposes:

1. To manage your account and registration as a user of the service.

2. To contact you regarding necessary updates or offers, and to manage your requests.

3. We may share your personal information with Service providers and Affiliates for the aforementioned purposes and in connection with business transfers.

9.8A. Payments & Commerce. For billing and commerce, we use providers such as Stripe and Microsoft Azure Commerce/Marketplace. They process our customer/account-holder data as our service providers or independent controllers for payment/anti-fraud/compliance; they are not Sub-processors of your Personal Data.

9.9. Service Providers. Third-party service providers engaged by us to process Personal Data on our behalf are bound by written terms requiring them to act only on our documented instructions, implement appropriate technical and organisational measures, and not use Personal Data for their own purposes.

9.10. Sub-processors. You authorise us to appoint Sub-processors to support the delivery of the Services. As at the Effective Date, our authorised Sub-processors include:

• Microsoft Corporation and its affiliates for the Microsoft Azure platform (including, for transparency, Azure OpenAI Service accessed via Azure AI Foundry, Azure Kubernetes Service (AKS), storage and networking services).
• Supabase (Supabase, Inc. and its affiliates) for authentication, database, storage and related backend services used by certain applications and features.

A current list of authorised Sub-processors is available on request at info@efficientether.co.uk and may also be published within the app (Legal > Sub-processors) or on our website.

9.10A. Ancillary Provider - Web Search. For EtherAssist's optional Web Search feature, we use Brave Search as an Ancillary Provider. The feature is configured so that we do not intentionally transmit Personal Data in queries and requests are made from our server-side infrastructure. Accordingly, Brave Search is not a Sub-processor. If Personal Data is included in a query (contrary to Section 4.8), Brave Search will be deemed an authorised Sub-processor solely for that processing and Clause 9 (including 9.11-9.12) will apply.

9.10B. Other Ancillary Providers. We may use Ancillary Providers for non-personal data utilities (e.g., currency rates, metadata lookups, time-zone libraries). These are configured so that Customer Data and Personal Data are not transmitted. If you instruct the Service to include Personal Data in such calls, that provider will be deemed an authorised Sub-processor solely for that processing and clause 9 (including 9.11-9.12) will apply.

9.11. Changes to Sub-processors; Notice and Objection. We will provide at least thirty (30) days' advance notice of any addition or replacement of a Sub-processor (save for urgent replacements required for security or continuity, in which case notice will be given as soon as reasonably practicable). You may object on reasonable data-protection grounds by notifying us within that notice period. If a resolution cannot be agreed within a reasonable time, you may terminate the affected portion of the Services only and receive a pro-rata refund of any pre-paid fees for the terminated, affected Services.

9.12. Flow-down Obligations. We will ensure each Sub-processor is bound by a written agreement imposing data-protection obligations that are no less protective than those set out in this Clause 9, including appropriate technical and organisational measures. We remain responsible for our Sub-processors’ acts and omissions while they process Personal Data for the Services.

9.13. Security Incidents. We will notify you without undue delay and, where feasible, within twenty-four (24) hours after becoming aware of a Personal Data Breach affecting your Personal Data. Our notice will describe the nature of the breach, the categories and approximate number of data subjects and records concerned (if known), likely consequences, and the measures taken or proposed to address the breach. We will promptly take reasonable steps to mitigate and will cooperate with your reasonable requests to support notifications to authorities or affected individuals, as required by the Data Protection Legislation.

9.14. Return and Deletion. Upon your written request at any time, and in any event upon termination or expiry of the Services, we will (at your choice) securely delete or return all Personal Data and delete existing copies within sixty (60) days, unless applicable law requires storage of the Personal Data. Where retention is required, we will isolate and protect the Personal Data from any further processing and delete it as soon as legally permitted. Backups are overwritten on their standard cycle.

9.15. Information and Audit. Upon reasonable written request, we will make available information necessary to demonstrate compliance with this Clause 9, which may include independent third-party reports or certifications made available by our cloud platform provider to the extent lawfully available to us. Where such information is insufficient, you may conduct (or appoint a third party to conduct) an audit no more than once in any twelve (12) month period on reasonable notice during Normal Business Hours, subject to confidentiality and our security and site rules. Remote audits and document reviews will be used in the first instance.

9.16. International Transfers. We may process Personal Data globally, including in the United States and other countries outside the UK/EEA. Where a transfer constitutes a Restricted Transfer, we will implement an Approved Transfer Mechanism and any supplementary measures required by the Data Protection Legislation, and will provide details upon request.

9.17. US State Privacy Laws. To the extent we process Personal Information subject to US state privacy laws (e.g., California), we act as your "processor"/"service provider," will process such information only to provide the Services and as permitted by your instructions, will not "sell" or "share" such information, and will not retain, use or disclose it outside the scope of this Agreement.

9.18. Administrative Actions - role and instructions. For any Service feature that performs Administrative Actions, we act as your processor and process Personal Data strictly on your documented instructions given via the Service (including UI/API settings, policies and approvals). We will use only the permissions you grant to connect to your Connected Systems and to perform the Administrative Actions you enable. You may revoke permissions at any time in your tenant(s); processing and actions will cease to the extent permissions are revoked.

9.19. Categories of Personal Data; data subjects. For features with Administrative Actions, Personal Data processed typically includes: (a) user and admin identifiers (name, display name, email/User Principal Name (UPN), tenant and directory object IDs, relevant role/group membership); (b) entitlement and configuration metadata (e.g., assigned SKUs/service plans, add-ons, status, effective dates, platform settings and profile parameters); (c) usage, activity and cost/consumption metrics exposed by Connected Systems; (d) device or service identifiers as surfaced by platform APIs; and (e) Operational Logs (who requested/approved/executed an action, timestamps, action details, and before/after values). Data subjects are your end users and administrators. The Services do not require or intentionally ingest message/file contents (e.g., email bodies or document contents).

9.20. Sources of Personal Data. Personal Data is obtained from your Connected Systems via their official APIs and from data you enter or upload to the Service. We also generate Operational Logs.

9.21. Purposes of processing. We process Personal Data to: (a) provide dashboards, reports, alerts and simulations; (b) identify optimisation and configuration opportunities; (c) perform Administrative Actions you enable; (d) operate, secure and support the Service (including troubleshooting, monitoring, rate-limiting and abuse prevention); and (e) maintain auditability and compliance through Operational Logs.

9.22. Permissions and least-privilege. Connections use least-privilege scopes by default, with elevated scopes required only for specific Administrative Actions you enable. We will not use granted permissions for any purpose other than delivering the Service on your instructions.

9.23. Special categories and children. The Services are not designed to process special categories of data or data about children. You agree not to intentionally include such data in inputs or free-text fields. If such data is nonetheless processed on your instructions, it will be treated as Personal Data under this Clause 9.

9.24. Security measures. Without limiting 9.4(b), we apply appropriate technical and organisational measures suitable for the risks presented by identity/licensing/configuration metadata, including encryption in transit and at rest, role-based access controls, least-privilege service identities, and audit logging of Administrative Actions.

9.25. Retention. We retain Personal Data only as necessary to provide the Service and maintain auditability. Operational Logs relating to Administrative Actions may be retained for up to twelve (12) months unless a different period is stated in the Service or agreed in writing. Aggregated or anonymised analytics that do not identify a natural person may be retained beyond those periods. Deletion/return on termination is governed by 9.14.

9.26. Data subject rights. We will reasonably assist you in responding to data-subject requests concerning Personal Data processed by the Services. Because much of the data is sourced from your Connected Systems (systems of record), some requests must be fulfilled in those systems; the Service will reflect changes on the next synchronisation or as otherwise supported.

9.27. Automated recommendations and customer controls. The Services may generate automated recommendations, scores or flags to support optimisation. Administrative changes occur only when initiated by your authorised users or by policies you configure. You remain responsible for reviewing recommendations, approving changes, configuring approval workflows/role-based access, testing changes, and maintaining appropriate change-management controls.

9.28. No model training on Customer Data. We do not use Customer Data to train, retrain or improve generalised foundation models. Any machine-learning performed is limited to providing and improving the Services for you (e.g., per-tenant heuristics, detection thresholds) and does not create outputs that identify your Customer Data to other customers.

10. Support and Maintenance

10.1. We shall provide support services during Normal UK Business Hours in accordance with our Support Services Policy in effect at the time that the Services are provided. We may amend the Support Services Policy in our sole and absolute discretion from time to time.

10.2. You may request additional support services outside of the Normal Business Hours, subject to payment of our then current fees for such services.

10.3. We may carry out maintenance from time to time to improve the performance and quality of our Services. You will be notified in advance of scheduled maintenance whenever possible. Unplanned or emergency maintenance may be carried out when necessary without notice or with as much notice as is reasonably practicable under the circumstances.

10.4. While we will use our best endeavours to ensure that the Services are provided continuously, we will not be liable for any loss or damage you may suffer as a result of the Services being unavailable at any time for any reason.

10.5. As part of our support and maintenance services, we will provide updates and upgrades to the Services when they become available. These updates and upgrades are designed to improve, enhance, and further develop the Services and may take the form of bug fixes, enhanced functions, new software modules, and completely new versions. You agree to receive such updates (and permit us to deliver these to you) as part of your use of the Services.

11. Billing and Payment

11.1. Billing for the EtherInsights service is calculated per month using the highest monthly count of active Microsoft 365 licensed Users in your tenant during the billing month (see Section 11.12, including 11.12.3, for rates and counting rules). This peak-month approach prevents short-term licence changes from artificially reducing monthly fees.

• Subscription-based billing: This is based on the number of active users licensed for EtherAssist under the Personal (legacy) or Standard plans, billed monthly per user.
• Consumption-based billing: This model is tied to the total consumption of tokens for EtherAssist services, billed based on actual token usage (as described in Section 4).

11.2. Subscription fees for EtherAssist will be collected either through Stripe or the Azure Marketplace, depending on your chosen billing platform.

11.3. The Services operate on a monthly subscription basis with no minimum commitment (this does not affect the EtherAssist notice requirement in Section 12.6). You agree to pay all fees as calculated and displayed within the app's built-in billing feature.

11.4. Invoices will be automatically generated within the app at the start of each billing period, and payment is due immediately via the payment method saved in the app unless otherwise agreed upon in writing.

11.5. Payment terms for channel distribution and partners are strictly 30 days on receipt of the invoice, unless agreed in writing.

11.6. If any invoiced amount is not received by us by the due date, then without limiting our rights or remedies, we may suspend your access to the Services until such amount is paid in full.

11.7. All fees are exclusive of all taxes, levies, or duties imposed by taxing authorities, and you shall be responsible for payment of all such taxes, levies, or duties, excluding only United Kingdom (UK) taxes based solely on our income.

11.8. We reserve the right to change the fees and to institute new charges at any time, upon thirty (30) days prior notice to you, which may be delivered within the app or by email.

11.9. In the event of a billing dispute, you must notify us within ten (10) days of the invoice generation date within the app. If you do not dispute the charges within ten (10) days, you waive any right to dispute those charges, either directly or indirectly.

11.10. No refunds or credits for partial months of the Services will be provided to you upon your cancellation or termination of the Services.

11.11. Early Termination Fees: There are no early termination fees for monthly subscriptions. Termination takes effect at the end of the then-current paid month. For EtherAssist, Section 12.6 applies. For EtherInsights re-subscriptions under Section 12.8, the minimum term applies and early termination fees set out in Section 12.8 apply.

11.12. EtherInsights Pricing

11.12.1. Billing for EtherInsights is per active Microsoft 365 licensed User, as determined by your tenant each month:

• United Kingdom: £0.79 per User per month
• United States: $1.00 per User per month
• Euro-zone: €1.00 per User per month

11.12.2. Campus License: Unlimited Users at a flat fee of £3,500 per month.

11.12.3. Counting rules. "Per active Microsoft 365 licensed User" means users in your Microsoft 365 tenant with one or more commercial Microsoft 365/Office 365 SKU assignments in an enabled state during the billing month. Unless agreed in writing, the count excludes: (a) unlicensed users; (b) disabled or blocked accounts for the entire month; (c) external/guest users without paid SKU assignments; and (d) dedicated application/service principals. If an account is licensed for any part of a month, it is counted for that month. Where Microsoft reports conflicting states, the higher of the two counts (assigned vs. active plan) will be used.

11.13. Currencies. Unless stated otherwise in an Order Form, fees are denominated and payable in GBP for UK billing addresses, USD for US billing addresses and EUR for Euro-zone billing addresses. Applicable VAT/sales taxes are additional.

11.14. Channel-sold EtherAssist - billing commencement and responsibility. Where EtherAssist is provisioned via a Partner/Distributor, invoices are issued to the Partner/Distributor. Billing starts on the activation date recorded in the channel console (Section 6.5(b)) or, if access continues beyond the configured trial without activation, on the day after the trial end date (Section 6.5(d)). Billing stops on the effective deactivation date recorded in the console. The Partner/Distributor is responsible for all fees incurred during the active period, regardless of its collection from the end-customer.

12. Term and Termination

12.1. Subscription Basis: Subscription plans renew month-to-month. You may terminate at the end of any billing month by giving notice in accordance with this Agreement. For EtherAssist, the notice requirement in Section 12.6 applies.

12.2. Subscription Basis and Termination Conditions for Token 'Pay As You Go' Consumption: The agreement provides for a token 'pay as you go' consumption plan for EtherAssist, which offers flexibility regarding termination. Users on this plan can cancel and stop using the product at any time, without any specific restrictions or requirements for formal notice. Charges are based on token consumption as described in Section 4.

12.3. Notwithstanding the terms outlined in clause 12.1 and 12.2, we reserve the right to immediately terminate this Agreement or suspend the Services without prior notice in the event of the following circumstances:

1. You breach any material provision of this Agreement and if remediable fail to remediate such breach within seven days of being given written notice to do so.

2. You become insolvent or bankrupt, go into receivership, make an arrangement with your creditors to pay off your debts or stop trading, or any similar event happens.

12.4. Upon termination of this Agreement, all User Subscriptions granted under this Agreement will terminate, and you shall immediately cease all use of the Services.

12.5. Termination of this Agreement shall not relieve either party of any obligations accrued prior to the effective date of termination or limit any liability that either party otherwise may have to the other party.

12.6. EtherAssist notice period. Notwithstanding clause 12.1, EtherAssist subscriptions require thirty-one (31) days’ notice to terminate. Termination takes effect on the later of (i) the expiry of that notice period, and (ii) the end of your then-current billing month.

12.7. Separate Effect. Termination or expiry of this Agreement does not, by itself, terminate the Forge EULA (and vice-versa). Uninstall, deletion or return obligations relating to EtherApps Forge are governed by the Forge EULA. See the EULA.

12.8. EtherInsights re-subscription minimum term. If you cancel your EtherInsights subscription and later re-subscribe (including where you attempt to circumvent billing or licence counts by temporarily removing licences, or by re-registering under a different billing account, reseller or tenant associated with the same organisation), you agree to a minimum term of twelve (12) months from the re-subscription date. During this minimum term, termination for convenience is not permitted. If you terminate early (other than for our material breach under 12.3 or where permitted under 3.3A), the fees for the remainder of the minimum term become immediately due and payable.

13. Indemnification

13.1. You shall indemnify, defend, and hold us and our officers, directors, employees, and agents harmless from and against any and all losses, damages, liabilities, costs, and expenses (including reasonable legal fees and expenses) resulting directly or indirectly from any claim, demand, suit, proceeding or investigation made or brought by a third party, that arises out of or relates to:

1. Any breach of this Agreement by you or your Users.

2. Your Data or the use of your Data in connection with the Services.

3. Any claim that your Data infringes or violates the intellectual property rights, privacy rights, or other legal rights of any third party.

13.2. We shall indemnify, defend, and hold you and your officers, directors, employees, and agents harmless from and against any and all losses, damages, liabilities, costs, and expenses (including reasonable legal fees and expenses) resulting directly or indirectly from any claim, demand, suit, proceeding or investigation made or brought by a third party, that arises out of or relates to an allegation that the EfficientEther Software (including EtherAssist) or the Services infringe or misappropriate any intellectual property rights of a third party.

13.3. Indemnification procedures. The indemnified party will promptly notify the indemnifying party of any claim and provide reasonable cooperation at the indemnifying party's expense. The indemnifying party has sole control of the defence and settlement, except that it may not settle any claim without the indemnified party's prior written consent if the settlement imposes any obligation on the indemnified party other than a release.

13.4. IP indemnity exclusions. We have no obligation under 13.2 to the extent a claim arises from (a) Your Data; (b) your use of the Services in breach of this Agreement; (c) modifications not made by us; or (d) combination of the Services with items not provided by us where the claim would not have arisen but for such combination.

13.5. Infringement remedies. If the Services are, or in our reasonable opinion are likely to be, the subject of a claim covered by 13.2, we may at our expense (i) procure the right for you to continue using the Services; (ii) modify the Services so they are non-infringing and substantially equivalent; or (iii) terminate the affected Services and provide a pro-rata refund of any prepaid fees for the terminated portion.

14. Limitation of Liability

14.0. Non-excludable liabilities. Nothing in this Agreement limits or excludes either party's liability for (a) death or personal injury caused by its negligence; (b) fraud or fraudulent misrepresentation; (c) wilful misconduct; or (d) any other liability that cannot be limited or excluded under the laws of England and Wales.

14.1. Except for each party's indemnification obligations under this Agreement and except in cases of intentional misconduct such as intellectual property theft and hacking, in no event shall either party's aggregate liability arising out of or related to this Agreement, whether in contract, tort, or under any other theory of liability, exceed the total amount paid or payable by you for the Services during the twelve (12) months immediately preceding the event giving rise to the liability.

14.2. In the event of intentional misconduct such as intellectual property theft, hacking, or other forms of misconduct by either party, the offending party will be liable for damages potentially exceeding the total amount of fees paid or payable for the Services during the twelve (12) months immediately preceding the event. The extent of such damages will be determined based on the nature and severity of the misconduct.

14.3. In no event shall we have any liability for any lost profits or revenues or for any indirect, special, incidental, consequential, cover, or punitive damages however caused, whether in contract, tort or under any other theory of liability, and whether or not we have been advised of the possibility of such damages. Your liability to us for any such damages is not limited by this clause.

14.4. EtherAssist, due to its AI nature, might occasionally produce inaccurate information concerning people, places, facts, etc. Users are responsible for cross-checking, testing, and verifying results. EfficientEther accepts no liability for inaccuracies, errors, or incorrect information produced by EtherAssist. Users must also comply with the Responsible AI guidelines outlined in Section 17 when using AI-generated outputs.

Neither any Distributor, Managed Service Provider nor Partner warrants the accuracy or reliability of AI-generated outputs, and they shall have no liability for loss or damage arising from reliance on such outputs by End-Users. However, where the Distributor or any Partner relies on AI-generated outputs for its own commercial decisions or representations to third parties, it does so at its own risk and remains fully responsible for the consequences of that reliance.

14.5. EfficientEther will not be held liable for technical glitches, downtime, or any service interruptions unrelated to the defined service restrictions.

14.6. Estimates, reversibility and third-party constraints. Savings estimates, simulations and recommendations generated by the Services are for guidance only and may differ from realised outcomes. Administrative Actions are executed against your Connected Systems and may be limited by their APIs, permissions and policies; reversibility is not guaranteed. You remain responsible for validating recommendations and for any changes you approve or automate, including testing and rollback plans.

15. General

15.1. Force Majeure: Neither party shall be in breach of this Agreement nor liable for delay in performing, or failure to perform, any of its obligations under this Agreement if such delay or failure result from events, circumstances or causes beyond its reasonable control. In such circumstances, the affected party shall be entitled to a reasonable extension of the time for performing such obligations.

15.2. Independent Contractors: The parties are independent contractors. This Agreement does not create a partnership, franchise, joint venture, agency, fiduciary or employment relationship between the parties.

15.3. Waiver: No failure or delay by a party to exercise any right or remedy provided under this Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.

15.4. Severability: If any provision or part-provision of this Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of this Agreement.

15.5. Entire Agreement: This Agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.

15.6. Variation: No variation of this Agreement shall be effective unless it is in writing and signed by the parties (or their authorised representatives).

15.7. Order of Precedence - Forge. If there is any conflict between this Agreement and the Forge EULA in relation to EtherApps Forge, the Forge EULA prevails for Forge; otherwise, this Agreement prevails. Neither document otherwise varies the other. See the EULA.

15.8. No professional advice. Insights, estimates and recommendations provided by the Services are for information only and do not constitute financial, legal, accounting or compliance advice. You are responsible for obtaining professional advice where appropriate.

15.9. Notices. All notices under this Agreement must be in writing and delivered by email or via an in-app legal notice. Our notice address is info@efficientether.co.uk. Your notice address is the billing or admin contact set in the app (as updated by you from time to time). Notices are deemed given when sent during Normal Business Hours, or on the next Business Day if sent outside those hours.

15.10. Third-party rights. A person who is not a party to this Agreement has no rights to enforce any term of this Agreement under the Contracts (Rights of Third Parties) Act 1999.

15.11. Export & sanctions. You and your Users will comply with applicable export control and sanctions laws (including those of the UK, EU, US and UN). You will not permit access to or use of the Services in any embargoed jurisdiction or by any prohibited party. We may suspend the Services immediately where reasonably necessary to comply with such laws.

15.12. Assignment. You may not assign, transfer or novate this Agreement without our prior written consent (not to be unreasonably withheld). We may assign, transfer or novate this Agreement to an affiliate or in connection with a merger, acquisition, corporate reorganisation or sale of assets.

15.13. Publicity. We may identify you as a customer (name and logo) in our marketing materials and on our website, subject to any reasonable brand-use guidelines you provide. You may withdraw this permission on written notice; we will use commercially reasonable efforts to remove new references thereafter.

15.14. Survival. Clauses 1, 5.2-5.4, 6.4, 7, 8, 9, 11 (for accrued fees), 12.5-12.7, 13, 14, 15, 16 and 17 survive termination or expiry.

16. Governing Law and Jurisdiction

16.1. This Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) are governed by, and shall be construed in accordance with the laws of England and Wales.

16.2. The parties irrevocably agree that the courts of England and Wales have exclusive jurisdiction to settle any dispute or claim that arises out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims).

16.3. Nothing in this clause shall limit our right to take proceedings against you or a User in any other court of competent jurisdiction, nor shall the taking of proceedings in any one or more jurisdictions preclude the taking of proceedings in any other jurisdictions, whether concurrently or not, to the extent permitted by the law of such other jurisdiction.

Email: info@efficientether.co.uk

17. Responsible AI

17.1 EfficientEther is committed to developing and maintaining AI solutions, including but not limited to EtherAssist and other EfficientEther products, that are transparent, fair, and aligned with ethical AI principles.

17.2 Our AI systems are designed to assist users by providing technical support and advice, but users must remain accountable for their decisions and actions. EfficientEther products are tools to augment human expertise, not to replace it.

17.3 We ensure that our AI models are trained using diverse datasets to reduce bias. However, we cannot guarantee that all potential biases will be eliminated. Users are responsible for reviewing and cross-referencing outputs generated by EfficientEther products, particularly in complex decision-making processes.

17.4 We are committed to maintaining transparency regarding how AI-driven recommendations are made and to ensuring that our AI systems respect user privacy and comply with applicable data protection regulations.

17.5 EfficientEther products are continually monitored and updated to enhance their accuracy and fairness. Feedback on the performance and impact of AI functionalities is welcome and encouraged to support this improvement process.

17.6 Users must not use any EfficientEther product to engage in unlawful, harmful, or discriminatory activities. EfficientEther reserves the right to restrict or suspend access if a product is misused or used in violation of these principles.

17.7 Users are reminded that their responsibilities under Section 5 (User Responsibilities) include adhering to the ethical use of EfficientEther products, as described in this section. Furthermore, any liability limitations relating to AI-generated outputs are addressed in Section 14 (Limitation of Liability). Users should also regularly review the Responsible AI guidelines, which align with Microsoft's Responsible AI principles. EfficientEther Ltd. adopts these principles to ensure fairness, transparency, and accountability in AI-driven functionalities. Users are encouraged to familiarise themselves with Microsoft's Responsible AI guidelines, which can be accessed at https://learn.microsoft.com/en-us/azure/machine-learning/concept-responsible-ai. It is the user's responsibility to ensure compliance with these standards when utilising EfficientEther products.

18. Market Preview Terms (All Products)

18.1. Definition. “Market Preview” or “Preview” means any optional pre-release, early-access, beta or experimental feature of the Services that we label “Preview”, “Beta”, “Experimental”, “Early Access” or similar.

18.2. Optional participation; precedence. Previews are optional. By enabling or using a Preview you agree that this Section 18 applies in addition to this Agreement. If there is a conflict between this Section 18 and any other term of this Agreement, this Section 18 prevails for the Preview. For EtherApps Forge, the Forge EULA governs; where the Forge EULA is silent, this Section 18 applies to the extent not inconsistent.

18.3. No warranties; “as is”. Previews are provided on an “as is” and “as available” basis and may contain defects, errors or inaccuracies. Functionality may be limited or incomplete; performance and security may differ from generally available Services; features may be changed, suspended or terminated at any time without notice.

18.4. No SLA or support. Previews are excluded from service levels, uptime or availability commitments, service credits and support obligations. We may perform maintenance, throttle or disable a Preview without liability.

18.5. Not for production or safety-critical use. You must not use a Preview for production workloads, life-, health-, safety- or mission-critical uses, or to process special categories of data or other regulated data unless we expressly state in writing that a particular Preview is suitable for that purpose.

18.6. Data handling and location. Unless expressly stated otherwise, you should not submit Personal Data to a Preview. If you nonetheless include Personal Data in a Preview, we will process it as your processor under Clause 9. Previews may use different infrastructure or Sub-processors (including processing outside your region). Where there is a material change in Sub-processors, Clause 9.11 applies.

18.7. Your safeguards. You are solely responsible for (a) backing up data and configurations before enabling a Preview; (b) testing and validating outputs; (c) implementing appropriate security, access and change-management controls; and (d) promptly disabling a Preview if it causes instability in your environment.

18.8. Feedback licence. You grant us a worldwide, perpetual, irrevocable, royalty-free licence to use feedback you provide about a Preview for any purpose, including to improve our products and services, without obligation to you.

18.9. Liability for Previews. To the fullest extent permitted by applicable law and without prejudice to Clause 14.0, we disclaim all warranties and conditions relating to Previews and exclude all liability arising from or relating to your use of a Preview. Notwithstanding Clause 14.1, our total aggregate liability for all claims relating to a Preview shall not exceed the greater of (i) £100, and (ii) the fees (if any) you paid specifically for that Preview in the twelve (12) months preceding the event giving rise to the claim.

18.10. Termination and data retention. We may suspend or terminate a Preview at any time. We are under no obligation to retain Preview data after termination or sunset of the Preview. For Personal Data, Clause 9.14 applies.

18.11. Charges. We may offer Previews free of charge or subject to separate pricing identified at the time of enrolment. Previews are excluded from refunds and service credits.

18.12. Survival. Clauses 18.7-18.9 and 18.12 survive termination or expiry of this Agreement or of any Preview.