Terms of Use


Last Updated: March 3, 2026

MASTER SOFTWARE SUBSCRIPTION AGREEMENT

This Master Software Subscription Agreement (the "Agreement"), made and entered into as of the date of the final signature below (the "Effective Date"), by and between 1mind AI, Inc., a Delaware corporation ("1mind" or "Company") and the company set forth below ("Customer").

1. DEFINITIONS

  1. "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. "Control" means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

  2. "Customer Content" means content, data and information either (i) submitted to the Services by Customer or (ii) collected by Customer from a third party, including Customer's customers and prospective customers and visitors to Customer's website(s) or (iii) the output of the services in regards to any transcription of interactions between an End User of Customer and the 1mind Services. Customer, in its sole discretion, determines and controls the Customer Content, including, without limitation, the type of data collected, how the data is solicited, and how Customer collects such Customer Content using the Platform.

  3. "Documentation" means 1mind's then-current generally available documentation, specifications, user manuals, etc. for the Services, as well as, any documentation included in or attached to any Order Form or other such Services related documents provided to Customer.

  4. "End User" means a (i) Customer website visitor; (ii) a customer or prospect of the Customer; or (iii) a third-party video call participant; or (iv) any third party that Customer permits to interact with the Services.

  5. "Order Form" means an Order for Services, executed by the Parties and governed by this Agreement.

  6. "Platform" means 1mind's proprietary, enterprise-level AI Superhuman platform.

  7. "Services" means 1mind's products and/or services provided to Customer, including use of the platform, support services, professional services, and any applicable on-boarding services.

  8. "Technology" means all ideas, concepts, inventions, systems, platforms, software, interfaces, tools, utilities, templates, forms, documentation, content, training materials, techniques, methods, processes, algorithms, know-how, trade secrets and other technologies, implementations and information, in any form.

  9. "User" means an individual employee, consultant, contractor, or agent of Customer who has been authorized by Customer to use the Platform on behalf of Customer and its Affiliates.

2. USE OF THE PLATFORM

  1. Platform Access. Subject to the terms and conditions of the Agreement, 1mind shall make the Platform and the applicable components thereof available to Customer.

  2. Authorized Users. Subject to the limitations set forth in the applicable Order Form and the terms and conditions set forth herein, Customer and its Users shall have the right to access and use the Platform, which includes the right to use the Platform to interact with Customer's customers and potential customers. Customer is responsible for maintaining the security of its account, passwords and shall be responsible for acts, omissions or breaches hereunder by any of Customer's Users or any other individuals using Customer's account or credentials for the Platform.

  3. Customer Obligations. Customer shall: (i) only use Services in accordance with all applicable laws, rules and regulations and this Agreement and the Documentation; (ii) ensure that all Customer Content provided hereunder has been collected and provided by or on behalf of Customer in accordance with all applicable laws, rules and regulations; (iii) ensure that it owns the rights, title and interest in and to the Customer Content or has otherwise secured the necessary rights to permit Customer's access, use and distribution of Customer Content as contemplated by this Agreement; and (iv) not provide 1mind with any Customer Content that is personally identifying information that is classified as sensitive information or otherwise subject to specialized security regimes, including without limitation the Health Insurance Portability and Accountability Act ("HIPAA"), the Children's Online Privacy Protection Act ("COPPA"), and the standards promulgated by the PCI Security Standards Council ("PCI"). For the avoidance of doubt, specialized security regimes as set forth in this section 5(b)(iv) does not mean federal, state, or local data protection statutes applicable to personally identifiable information in general, such as the General Data Protection Regulation ("GDPR") and California Consumer Privacy Act ("CCPA"). Customer acknowledges that it controls and determines in its discretion its and its Users' use of the Platform, configuration of the Platform and the collection of Customer Content from site visitors, prospects and others via the Platform. 1mind shall not be liable for 1mind's noncompliance with a law or regulation where such noncompliance is attributable to Customer's use or provision of Highly Sensitive Information in connection with the Services. Highly Sensitive Information includes but is not limited to (a) numbers used for identification, such as social security numbers, passport numbers, or driver's license numbers; (b) personal health or medical information; (c) banking or payment card information; (d) sensitive government or military information; or (e) information collected from or regarding minors or children.

  4. Usage Restrictions. Customer will not directly or indirectly (i) make the Platform available to, or use the Platform for the benefit of, anyone other than Customer or the Users; (ii) sell, resell, license, sublicense, distribute, rent, lease the Platform, or include the Platform or any component thereof in a service bureau or outsourcing offering; (iii) use the Platform to collect, store or transmit infringing, libelous, or otherwise unlawful, or tortious content, material or data; (iv) collect, store or transmit material or data on or through the Platform in violation of third-party rights, including without limitation privacy rights or any contract to which Customer is a party; (v) use the Platform to collect store or transmit malicious or disruptive code; (vi) interfere with or disrupt the integrity or performance of the Platform or third-party data contained therein; (vii) attempt to gain unauthorized access to the Platform or its related systems or networks; (viii) permit direct or indirect access to or use of the Platform in a way that circumvents a contractual usage limit; (ix) copy the Platform or any part, feature, function or user interface thereof; (x) frame or mirror any part of any Platform, other than framing on Customer's own internal intranets; (xi) access or use the Platform for benchmarking or similar competitive analysis purposes or in order to build a competitive product or service; (xii) modify, translate, or create derivative works based on the Platform or any underlying software; (xiii) decompile, disassemble, decipher or reverse engineer the Platform, or otherwise attempt to derive any source code or underlying ideas or algorithms of any part of the Platform, (except to the extent such restriction is expressly prohibited by applicable statutory law) or (xiv) breach 1mind's Acceptable Use Policy, available at https://www.1mind.com/acceptable-usage-guidelines and incorporated herein by reference.

  5. Affiliates. An Affiliate may access the Platform under this Agreement provided that Customer will be responsible for its Affiliates' compliance with this Agreement.

  6. License to Customer Content. Customer grants 1mind a non-exclusive, worldwide, royalty-free, fully paid-up right and license to transmit, use, copy, access, process, reproduce, display, and adapt the Customer Content to the extent necessary to provide the Platform to the Customer. Customer agrees that (i) the quality of Customer's results from use of the Platform depend on Customer's engagement with the Platform and Customer's collection, uploading or other provisioning of the Customer Content into the Platform and (ii) 1mind does not assume any responsibility for, or undertake to verify, the accuracy or completeness of Customer Content entered by Customer.

  7. Limitations. 1mind will not be responsible or liable for any failure in the Platform to the extent resulting from or attributable to (i) Customer Content or Customer's failures to deliver Customer Content to 1mind; (ii) failures in any third-party telecommunications network or other service or equipment not controlled by 1mind; or (iii) Customer's or any third party's products, services, negligence, willful misconduct, breach of this Agreement or other unauthorized access or use not caused by 1mind.

  8. Support. 1mind shall provide and Customer shall receive support as indicated in Exhibit A of this Agreement. Unless otherwise specified and agreed in an Order Form, 1mind shall use commercially reasonable efforts to (i) correct errors in the Services; (ii) respond to and resolve support requests; (iii) provide access to the Documentation, technical support bulletins and other user support information to the extent 1mind makes such resources generally available; and (iv) provide all updates, bug fixes, enhancements, new releases, new versions, and other improvements to the Platform as made generally available from time to time and provided therein at no additional costs to its customers.

  9. Sub-contracting. 1mind reserves the right to subcontract certain portions of the services but shall not subcontract primary operation of the Platform and Services without advanced written notice to Customer.

  10. Third Party Applications. Customer may choose to obtain Third Party Applications to use with features within the Services. To use such features, Customer may be required to obtain access to Third Party Applications from their providers. Any acquisition by Customer of Third Party Applications, any exchange of data between Customer and any provider of a Third Party Application, and any governing terms are solely between Customer and the applicable provider. 1mind assumes no responsibility for, and specifically disclaims any liability, warranty, and obligation with respect to Third Party Applications, whether or not they are recommended or approved by 1mind.

3. FEES AND EXPENSES

  1. Payment. Customer shall be responsible for and shall pay to 1mind the fees set forth in the applicable Order Form in accordance with the terms and conditions contained therein. Unless otherwise specified in an Order Form, Customer shall pay all undisputed invoices within thirty (30) days of the date of invoice. Customer will notify 1mind of any disputes in writing (including a description of the basis for the dispute) within such thirty (30) day period. Payment obligations are non-cancelable and non-refundable and, except as expressly set forth in this Agreement, fees will not be refunded or pro-rated for any reason, including if Customer's actual usage of the Services falls below the purchased amount indicated in an applicable Order Form. Subscription quantities cannot be decreased during the relevant subscription term. If Customer's actual usage exceeds the subscribed-for amount indicated in an Order Form, Customer shall be notified of the additional cost in the Platform, and Customer shall be responsible for paying the increased service capacity charges based on the rates set forth in the applicable Order Form. If applicable, Customer shall pay all reasonable travel and out-of-pocket expenses incurred by 1mind in connection with any Services rendered, provided Customer has pre-approved such expenses in advance. Unpaid and undisputed invoices are subject to a finance charge of 1.0% per month on any outstanding balance, or the maximum permitted by law, whichever is lower, plus all expenses of collection. 1mind reserves the right to suspend access to the Platform with reasonable prior notice to Customer during any period of overdue payments until the unpaid amount is paid.

  2. Taxes. All amounts and fees stated or referred to in this Agreement are exclusive of taxes, duties, levies, tariffs, and other governmental charges (including, without limitation, VAT) (collectively, "Taxes"). Customer shall be responsible for paying all Taxes associated with the Platform (without any offset or deduction to the fees paid to 1mind) other than U.S. taxes based on 1mind's net income.

4. TERM AND TERMINATION

  1. Term. This Agreement commences on the Effective Date and continues in effect through the duration of all Order Forms hereunder, unless terminated earlier in accordance with the terms of Section 4(b) (Termination).

  2. Termination. Either party may terminate this Agreement or any Order Form immediately (i) in the event of a material breach of this Agreement that is not cured within thirty (30) days of receipt of written notice from the other party, or (ii) immediately if the other party ceases doing business or is the subject of a voluntary or involuntary bankruptcy, insolvency or similar proceeding that is not dismissed within sixty (60) days of filing.

  3. Refund or Payment upon Termination. In the event of 1mind's termination for Customer's material breach in accordance with Section 4(b) (Termination), Customer shall pay 1mind all outstanding fees due under any terminated Order Form(s) for the entire subscription period set forth therein. In the event of termination for 1mind's material breach in accordance with Section 4(b), 1mind will refund to Customer the prepaid unused fees for the Platform not provided under the applicable Order Form(s) as of the termination effective date. For clarity, termination of this Agreement will terminate all outstanding Order Forms.

  4. Data Portability and Deletion. At any point during the term, 1mind will, upon written request by Customer, delete specified Customer Content or make the Customer Content available to Customer for export or download. This right will survive for thirty (30) days post-termination in accordance with Section 10 below. After the expiration of such thirty (30) day period, 1mind will have no obligation to maintain or provide Customer Content, and will thereafter delete or destroy all copies of Customer Content in 1mind's systems or otherwise in 1mind's possession or control, unless legally prohibited.

  5. Survival. The sections and subsections titled "Fees and Expenses" (to the extent any payment obligations remain outstanding), "Refund or Payment upon Termination," "Data Portability and Deletion," "Disclaimers," "Confidential Information," "Proprietary Rights," "Mutual Indemnification," "Limitation of Liability," and "General Provisions" will survive any termination or expiration of this Agreement.

5. REPRESENTATIONS AND WARRANTIES

  1. Mutual Representations and Warranties. Each party represents and warrants that: (i) it is a corporation duly organized and validly existing under the laws of the jurisdiction in which it is incorporated; (ii) it has full corporate power and authority, and has obtained all corporate approvals, permissions and consents necessary, to enter into this Agreement and to perform its obligations hereunder; (iii) this Agreement is legally binding upon it and enforceable in accordance with its terms; and (iv) the execution, delivery and performance of this Agreement does not and will not conflict with any agreement, instrument, judgment or understanding, oral or written, to which it is a party or by which it may be bound.

  2. Customer Warranties. Customer represents, warrants and covenants that (i) it will comply with the Acceptable Use Policy in its use of the Platform; and (ii) it will comply with all applicable laws and regulations in its performance of its obligations under this Agreement.

  3. 1mind Warranties. 1mind represents, warrants, and covenants that: (i) it will comply with all applicable laws and regulations in its performance of its obligations under this Agreement; (ii) the Platform will perform substantially in accordance with the functions described in the Documentation; provided, however, such representation, warranty and covenant does not include (A) Customer's use of the Platform not strictly in accordance with this Agreement or in an environment or on a platform or with devices for which it was not designed nor contemplated in the Documentation; (B) that the Platform or any of the related Services will be provided strictly in accordance with Customer specifications, instructions, or directions; (C) any modification, alteration, or enhancement to the Platform by a party other than 1mind; or (D) the combination of the Platform with other products, services, processes, content or materials not supplied by 1mind; and (ii) if applicable, 1mind will provide the Services in a professional and workmanlike manner.

  4. Disclaimers. EXCEPT AS EXPRESSLY PROVIDED HEREIN, THE PLATFORM IS PROVIDED "AS IS". FURTHER, EXCEPT AS PROVIDED HEREIN, NEITHER PARTY MAKES ANY WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, AND EACH PARTY SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING, COURSE OF PERFORMANCE OR USAGE IN TRADE. 1MIND MAKES NO REPRESENTATIONS OR WARRANTIES (A) REGARDING THE SUITABILITY OR COMPLETENESS OF THE PLATFORM, (B) THE RESULTS CUSTOMER MAY OBTAIN BY USING THE PLATFORM, OR (C) THAT THE PLATFORM WILL MEET CUSTOMER'S REQUIREMENTS. 1MIND DOES NOT WARRANT THAT USE OF THE PLATFORM WILL ENSURE A PARTICULAR OUTCOME FOR CUSTOMER'S BUSINESS. 1MIND DOES NOT WARRANT THAT THE PLATFORM WILL PERFORM ERROR-FREE WITHOUT INTERRUPTION.

6. CONFIDENTIAL INFORMATION

  1. Confidential Information. "Confidential Information" means all information disclosed by a party ("Disclosing Party") to the other ("Receiving Party"), whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Customer's Confidential Information includes business plans, strategy and any other information provided by Customer in connection with setting up the Platform. Customer Confidential Information does not include Customer Content. The terms governing the privacy and security of Customer Content are set forth in Section 8. 1mind's Confidential Information includes the Technology and Documentation provided by 1mind in connection with the Platform, and Confidential Information of each party includes the terms and conditions of this Agreement and all Order Forms (including pricing), as well as business and marketing plans, technology and technical information, product plans and designs, and business processes disclosed by such party. Confidential Information of a Disclosing Party does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party; (ii) was rightfully known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party; (iii) is rightfully received from a third party without breach of any obligation owed to the Disclosing Party; (iv) was independently developed by the Receiving Party without use of or reference to the Confidential Information of the Disclosing Party; or (v) was already known by Receiving Party at the time of Disclosing Party's disclosure of such information.

  2. Protection of Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the Confidential Information of the Disclosing Party as it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care). The Receiving Party will (i) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement, and (ii) except as otherwise authorized by the Disclosing Party in writing, only disclose Confidential Information of the Disclosing Party to those of its and its Affiliates' employees and contractors who (A) need that access for purposes consistent with this Agreement and (B) have confidentiality obligations with respect to the Disclosing Party's Confidential Information consistent with those contained herein. Neither party will disclose the terms of this Agreement or any Order Form to any third party other than (1) its Affiliates, legal counsel and accountants or (2) in connection with a bona fide due diligence inquiry for a financing, acquisition or similar transaction, in each case subject to confidentiality obligations consistent with this Agreement, without the other party's prior written consent. A Receiving Party shall be responsible for any breaches of confidentiality obligations hereunder by any third party to whom it discloses the Disclosing Party's Confidential Information. Notwithstanding anything to the contrary set forth herein, 1mind may collect and use data regarding the use and performance of the Platform in anonymized and aggregated form, to analyze and improve the Platform and for Platform support, and general benchmarking data and industry reports, provided that any user data is aggregated and anonymized such that no personally identifying information of any individual is revealed.

  3. Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law, provided the Receiving Party gives the Disclosing Party prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party's cost, if the Disclosing Party wishes to contest the disclosure.

7. PROPRIETARY RIGHTS

  1. Customer Content. As between the parties, except for the licenses set forth herein, all right, title and interest in and to the Customer Content shall be and remain the sole and exclusive property of Customer.

  2. 1mind. As between the parties, all right, title and interest in and to the Platform and Services and all copies, modifications and derivative works thereof shall be and remain the sole and exclusive property of 1mind.

  3. Feedback. The Customer may provide suggestions, comments or other feedback to 1mind specifically with respect to the Platform or Services ("Feedback"). 1mind agrees that all Feedback is provided "AS IS" and without warranty of any kind. Customer grants 1mind a non-exclusive, worldwide, perpetual, irrevocable, transferable, sublicensable, royalty-free, fully paid-up license to use the Feedback to improve the Services.

  4. No License. Except as expressly set forth herein, no license or other right, title or interest is granted by either party to the other with respect to the Confidential Information, Platform, Services, Documentation or Customer Content.

8. INFORMATION SECURITY

  1. 1mind has established and maintains a commercially reasonable information security program as outlined in Exhibit B - Information Security Addendum. Customer shall use commercially reasonable security and anti-virus measures when uploading Customer Content to, accessing and using the Platform and efforts to prevent unauthorized access to, or use of, the Platform, and shall notify 1mind promptly of any such unauthorized access or use of which it becomes reasonably aware.

9. INDEMNIFICATION

  1. Indemnification by 1mind. 1mind will defend Customer against any claim, demand, suit or proceeding made or brought against Customer by a third party ("Claim") alleging that Customer's use of the Platform in accordance with this Agreement infringes or misappropriates such third party's intellectual property rights and will indemnify and hold harmless Customer from any damages, attorney fees and costs finally awarded to such third parties as a result of, or for any amounts paid under a settlement of, such Claim. The foregoing obligations do not apply with respect to any Claim based on or arising from (i) the Customer Content; (ii) the Platform or portions or components thereof (A) used not strictly in accordance with this Agreement or in a manner for which it was not designed or contemplated in the Acceptable Use Policy; (B) made in whole or in part in accordance with Customer specifications; (C) modified, altered, or enhanced by a party other than 1mind; or combined with other products, services, processes, content or materials not supplied by 1mind. The foregoing obligations also do not apply to (D) use of the Platform or a specified portion thereof or Services after 1mind notifies Customer to discontinue use due to an infringement claim; or (E) any Claims based on or arising out of Customer's breach of this Agreement or an applicable Order Form ((A) through (E) collectively, the "Excluded Claims").

  2. Infringement. If (i) a final injunction is obtained against Customer's use of the Platform arising from infringement or misappropriation of a third party's intellectual property rights, or (ii) in 1mind's opinion the Platform is likely to become the subject of a successful claim of such infringement (in both cases not arising out of an Excluded Claim), 1mind may in its discretion and at no cost to Customer (i) modify the Platform so that they no longer infringe or misappropriate; or (ii) obtain a license for Customer's continued use of the Platform in accordance with this Agreement. If (i) and (ii) are not commercially feasible, 1mind may terminate Customer's subscription to the Platform and refund Customer a pro-rated amount of any prepaid fees covering the remainder of the term of the terminated subscriptions. Sections 9(a) and 9(b) state 1mind's sole liability, and the Customer's exclusive remedy, for any matters addressed by such Sections.

  3. Indemnification by Customer. Customer will defend 1mind against any Claim made or brought against 1mind alleging that (i) Customer Content violates, infringes or misappropriates a third-party's intellectual property or privacy rights or violates applicable law, order, rule or regulation; or (ii) Customer's use of the Platform or Services violates applicable law, order, rule or regulation; or (iii) the claim arises from an Excluded Claim. Customer will indemnify and hold harmless 1mind from any damages, attorney fees and costs finally awarded to such third parties as a result of, or for any amounts paid under a settlement of, such Claim.

  4. Indemnification Procedure. Any claim for indemnification hereunder requires that the indemnified party (i) promptly give the indemnifying party written notice of the Claim; (ii) give the indemnifying party sole control of the defense and settlement of the Claim, provided that the indemnifying party may participate in the defense of the Claim with counsel of its choosing at its own expense; and (iii) give the indemnifying party all reasonable assistance, at indemnifying party's expense. The indemnifying party shall not settle a Claim without written approval by the indemnified party (approval not to be unreasonably withheld) if the settlement contains an admission of any liability or wrongdoing on the part of the indemnified party.

10. CONSEQUENTIAL DAMAGE WAIVER.

  1. IN NO EVENT SHALL EITHER PARTY BE LIABLE CONCERNING THE SUBJECT MATTER OF THIS AGREEMENT, FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, RELIANCE, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING, BUT NOT LIMITED TO, LOSS OF BUSINESS, REVENUES, PROFITS, GOODWILL, INTERRUPTION OF USE, LOSS OR INACCURACY OF THE SERVICES, OR COST OF PROCURING SUBSTITUTE TECHNOLOGY, GOODS OR SERVICES, EVEN IF IT HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

11. LIMITATION OF LIABILITY.

  1. EXCEPT FOR EITHER PARTY'S INDEMNIFICATION OBLIGATIONS UNDER SECTION 9, OR EITHER PARTY'S BREACH OF CONFIDENTIALITY UNDER SECTION 6, IN NO EVENT SHALL EITHER PARTY BE LIABLE CONCERNING THE SUBJECT MATTER OF THIS AGREEMENT, REGARDLESS OF THE FORM OF ANY CLAIM OR ACTION (WHETHER IN CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE), FOR ANY DAMAGES, IN THE AGGREGATE, IN EXCESS OF THE AMOUNTS PAID BY CUSTOMER HEREUNDER TO 1MIND DURING THE TWELVE (12) MONTHS PERIOD ENDING ON THE DATE A CLAIM OR DEMAND IS FIRST ASSERTED.

    EITHER PARTY'S TOTAL LIABILITY UNDER THIS AGREEMENT FOR A PARTY'S INDEMNIFICATION OBLIGATIONS UNDER SECTION 9, OR EITHER PARTY'S BREACH OF CONFIDENTIALITY UNDER SECTION 6 WILL NOT EXCEED THE GREATER OF FIVE TIMES (5X) THE FEES PAID OR PAYABLE TO 1MIND HEREUNDER IN THE TWELVE (12) MONTH PERIOD ENDING ON THE DATE A CLAIM OR DEMAND IS FIRST ASSERTED OR FIVE HUNDRED THOUSAND U.S. DOLLARS ($500,000).

    THESE LIMITATIONS ARE INDEPENDENT FROM ALL OTHER PROVISIONS OF THIS AGREEMENT AND SHALL APPLY NOTWITHSTANDING THE FAILURE OF ANY REMEDY PROVIDED HEREIN.

12. PROHIBITION ON CORRUPT PRACTICES.

  1. 1mind represents, warrants, and undertakes that it shall not engage in corrupt, unfair or fraudulent practices in connection with the provision of the Services hereunder, including, but not limited to, 1mind or its Personnel, directly or indirectly, accepting bribes or making offers, payments, or promise to pay money, gifts, or anything of value to any person, including, but not limited to, an executive, official, employee or agent of: (i) a governmental department, agency or instrumentality, (ii) a wholly or partially government-owned or controlled or privately owned company or business, (iii) a political party (collectively, (i), (ii) and (iii), "Public Officials"), or (iv) any person where 1mind knows or has reason to know that all or a portion of such money, gift, or thing of value will be offered, paid, or given, directly or indirectly, to a Public Official, for the purpose of influencing any act, decision or failure to act by such persons or Public Officials or securing an improper advantage in order to obtain, retain or direct business. 1mind must notify Customer within five (5) business days of learning of an offer, promise, or payment that 1mind reasonably believes may violate this Section. 1mind must record any and all payments to a governmental entity for permits, licenses, expediting charges, or any similar fees, and retain an original receipt from the governmental entity and, where available, a scheduled rate card for such fee.

  2. In addition to the foregoing, 1mind represents and warrants that: (i) the information provided to Customer for the purpose of fulfilling its anti-bribery and corruption obligations is complete and accurate and not misleading; (ii) it is not subject to sanctions; and (iii) it is not the subject of any allegations of bribery or corruption. 1mind hereby agrees to notify Customer immediately on learning 1mind or its Personnel, directly or indirectly, are subject to regulatory enforcement or scrutiny, judicial or law enforcement investigation or litigation of any kind relating to corrupt (including bribery), unfair or fraudulent practices, including, but not limited to, in connection with the provision of Services hereunder.

13. MAINTAINING ADEQUATE PROCEDURES.

  1. 1mind shall maintain policies and procedures for the prevention of corrupt, unfair or fraudulent practices in connection with the provision of the Services hereunder.

14. PROHIBITION ON HUMAN TRAFFICKING AND MODERN SLAVERY.

  1. To the extent applicable, 1mind represents, warrants and undertakes that:

  2. neither 1mind nor any of its officers, employees, agents or subcontractors has: (A) committed an offence under the Modern Slavery Act 2015 and/or any other laws, rules or regulations prohibiting human trafficking and/or slavery (an "Offence"); or (B) been notified that it is subject to an investigation relating to an alleged Offence or prosecution under the Modern Slavery Act 2015 and/or any other laws, rules or regulations prohibiting human trafficking and/or slavery; or (C) is aware of any circumstances within its supply chain that could give rise to an investigation relating to an alleged Offence or prosecution under the Modern Slavery Act 2015 and/or any other laws, rules or regulations prohibiting human trafficking and/or slavery;

  3. it shall comply with the Modern Slavery Act 2015 and any other laws, rules or regulations prohibiting human trafficking and/or slavery; and

  4. it shall notify Customer immediately in writing if it becomes aware or has reason to believe that it, or any of its officers, employees, agents or subcontractors have, breached or potentially breached any of 1mind's obligations under this Section. Such notice to set out full details of the circumstances concerning the breach or potential breach of 1mind's obligations.

GENERAL PROVISIONS

  1. Relationship of the Parties. The relationship between the parties is that of independent contractors. No agency, partnership, joint venture, or employment is created as a result of this Agreement, and Customer does not have any authority of any kind to bind or attempt to bind 1mind in any respect whatsoever.

  2. Governing Law. This Agreement shall be governed by and construed in accordance with the laws of the State of California. The parties consent to the exclusive jurisdiction of the state or federal courts of the San Francisco County, California.

  3. Force Majeure. Neither party shall be liable for delays or any failure to perform under this Agreement, or make the Platform available, due to causes beyond its reasonable control. Such delays include, but are not limited to, fire, explosion, flood or other natural catastrophe, governmental legislation, acts, orders, or regulation, strikes or labor difficulties, telecommunications failures, network intrusions or denial of service attacks to the extent not occasioned by the fault or negligence of the delayed party. Any such excuse for delay shall last only as long as the event remains beyond the reasonable control of the delayed party. However, the delayed party shall use commercially reasonable efforts to minimize the delays caused by any such event. This provision shall not excuse the payment of fees due under this Agreement, provided that 1mind continues to provide the Platform as set forth herein.

  4. No Waiver. The failure of either party at any time to require performance by the other party of any provision of this Agreement shall in no way affect that party's right to enforce such provisions, nor shall the waiver by either party of any breach of any provision of this Agreement be taken or held to be a waiver of any further breach of the same provision.

  5. Notices. Any notice given pursuant to this Agreement shall be in writing and delivered to the parties at their respective addresses stated on an applicable Order Form or at such other address designated by written notice hereunder. Notices will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if sent by email or facsimile; the day after being sent, if sent for next day delivery by recognized overnight delivery service; or upon receipt, if sent by certified or registered mail, return receipt requested. All notices to 1mind shall also be sent by email to legal@1mind.com.

  6. Publicity. Customer consents to inclusion of its name and logo in client lists that may be published as part of 1mind's marketing and promotional efforts.

  7. Assignment. This Agreement is not assignable or transferrable by either Party without the prior written consent of the other Party, except to a successor-in-interest through a merger, acquisition, or sale of all or substantially all its assets. Subject to the foregoing, this Agreement shall bind and inure to the benefit of permitted successors and assigns.

  8. Counterparts; Execution. This Agreement may be executed electronically and in one or more counterparts, each of which shall be deemed an original, but all of which together shall constitute one and the same Agreement. The parties agree that an electronic or facsimile signature may substitute for and have the same legal effect as the original signature.

  9. Entire Agreement. This Agreement (including any Order Forms and applicable Exhibits) is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous and contemporaneous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement, and shall control over any different or additional terms of any purchase order, acknowledgement or other non-1mind ordering document, and no terms included in any such purchase order, acknowledgement or other non-1mind ordering document shall apply to the Platform or any applicable Services. This Agreement may only be amended by an instrument in writing signed by the parties.

  10. Severability. If any provision of this Agreement is held by a court of competent jurisdiction to be contrary to law, the provision will be deemed null and void, and the remaining provisions of this Agreement will remain in effect.

EXHIBIT A

Support Guide and Uptime SLA

This Support Guide sets forth the terms, conditions, and procedures under which maintenance and support ("Support") is offered for the Services during the term of the Customer's subscription for such Services as set forth in the applicable Order. Capitalized terms not otherwise defined herein shall have the meaning ascribed to them in the Agreement.

1. GENERAL

Scope. Support will consist of: (i) email or ticket submission; (ii) correction of errors to keep the Services in conformance with the user Documentation included in the Services; and (iii) updated versions of the Services provided by 1mind to its general customer base of subscribers at no additional charge. Support will not include: (i) set-up, installation, or configuration of hardware and Services required for the Customer to access the Services; or (ii) consultation, error correction, or research with respect to Customer-created documents and information.

Representative. The Representative(s) designated in the Order will be 1mind's contact for communicating with 1mind concerning Support, or making any other request or providing any notice. The Customer may change the Representative(s) upon written notice to 1mind.

2. CUSTOMER SUPPORT

Technical Support. Customer will have access to 1mind's technical support personnel ("Technical Support") as follows:

  • Hours: Monday – Friday, 8:00 am to 8:00 pm EST (excluding US holidays).
  • Email: support@1mind.com
  • If Customer notifies 1mind personnel in any other manner (Slack, phone, direct email), then Customer must also send the issue to the support@1mind.com email address (or cc).

3. SEVERITY LEVELS

Technical Support shall prioritize problems/requests according to the severity levels set forth below. Initial Severity Levels may be set by Customer but 1mind shall have the sole reasonable responsibility of assigning a final Severity level after review of each reported issue. 1mind will use commercially reasonable efforts to respond according to the Response Specifications set forth below with respect to the Severity Level assigned to the problem:

Severity 1 – Critical
The Services suffers an error or issue in a production down situation which cannot be reasonably circumvented and which so substantially impairs the performance of the Services or any components of the Services, which are critical to the Customer's business, as to effectively render them unusable. 1mind will acknowledge any such reported error or issue within one (1) business day, and 1mind will work continually to identify the error and provide an applicable workaround or fix.

Severity 2 – Serious
The Services suffers an error or issue, which cannot be reasonably circumvented, and which substantially impairs the use of one or more portions or features of the Services required by Customer to perform necessary business functions but does not effectively render the Services unusable as a whole. 1mind will acknowledge any such reported error or issue within one (1) business day and, if Customer is using the Services in production, will work continually within normal business hours to identify the error and provide an applicable workaround or fix.

Severity 3 – Moderate
The Services suffers a low impact error or issue (which is not of Severity 1 or Severity 2) which impairs the use of the features of the Services, but the reported error or issue can be reasonably circumvented. 1mind will acknowledge any such reported error or issue within two (2) business days and will work within normal business hours to identify the error and provide an applicable workaround or fix.

Severity 4 – Minor
The Services does not incur an error and allows Customer to function normal business operations; however, Customer inquiries about existing Documentation, training, or standard use of the Services. 1mind will acknowledge any such inquiry within five (5) business days and will work within normal business hours to address and resolve Customer's inquiry.

Response times are measured from the time Customer has spoken with or left a voicemail for a 1mind Customer support contact specifying the nature of the Customer's problem.

4. RESPONSE

The severity level of the problems reported by Customer shall be reasonably determined by 1mind. 1mind will resolve each reported error or issue with the Services by using commercially reasonable efforts to provide: (i) a patch or fix as necessary; or (ii) a reasonable workaround for the error or issue; or, if either (i) or (ii) are not reasonably practicable, a specific action plan regarding how 1mind intends to address the reported error or issue and an estimate on how long it may take to correct or workaround the error or issue. Customer agrees to use commercially reasonable efforts to assist and provide information to 1mind as required to resolve errors or issues with the Services reported by Customer. In the event 1mind fails to meet its obligations under this Section, 1mind will provide a root cause analysis including definition, corrections and process improvement plan. If a permanent repair cannot be made, a temporary resolution (bypass and recovery) will be implemented to the extent possible.

5. 1MIND ISSUES

Support covers any issue or problem that is the result of a verifiable, replicable error (1mind will use all reasonable means to verify and replicate) in the Services ("Verifiable 1mind Issue"). An error will be a Verifiable 1mind Issue if it constitutes a material failure by the Services to function in accordance with the Documentation included in the Services. If Technical Support reasonably determines that Customer's problem is not caused by 1mind or its systems, equipment, or Services, 1mind is not obligated to provide support under this Agreement. Nevertheless, 1mind will, if possible, offer suggestions as to how Customer can remedy the problem. If 1mind determines that the issue was not the result of a Verifiable 1mind Issue, 1mind may offer to provide for out of scope professional services at 1mind's then current rates upon its standard terms to address the issue.

6. ADDITIONAL SUPPORT

Technical Support may also determine that Customer's request is a request for "Additional Support." Additional Support is any assistance not covered above. Examples of Additional Support include substantive questions regarding data or results, requests for Services customization, specialized training regarding use of the Services, custom documentation, and consulting. If 1mind believes that it can appropriately and effectively provide the requested services, it will offer to do so at its then-current rates upon its standard terms and rates.

7. CUSTOMER'S RESPONSIBILITIES

Customer's designated representative shall initiate all requests for Support. The representative must be trained, qualified and authorized to communicate all necessary information, perform diagnostic testing under the direction of the 1mind service representative and be available during the performance of any Support if required.

8. SUBMITTING A REQUEST / GETTING AN ANSWER

At the time of Customer's initial call or email, please prepare to provide:

  1. Representative's name, company name and Services Customer is using;
  2. The type of browser (with release version) and hardware Customer is using;
  3. Telephone number and alternate method of contact (i.e. email address);
  4. A concise description of Customer's problem or question;
  5. The time the error or problem occurred;
  6. The circumstances under which the problem does or does not occur; and
  7. Specific error messages and error numbers.

For new cases, a 1mind Customer Support Specialist will use the following process to assist Customer with a new case (problem):

  1. Document the supplied information;
  2. Document Customer's questions or issues (symptom and function in which it occurs);
  3. Answer the Customer's questions or have Customer run tests to further identify and isolate the problem; and
  4. Research the problem and provide resolution according to the aforementioned guidelines.

9. UPTIME SERVICE LEVEL AGREEMENT ("SLA")

Service Availability – 1mind will use commercially reasonable efforts to ensure that the platform will maintain a 99.5% uptime each calendar month, excluding scheduled maintenance and circumstances beyond the provider's reasonable control, such as force majeure events.

Calculation of Uptime: Uptime is calculated using the following formula:

  • Uptime Percentage = (Total Minutes in Month − Downtime) / Total Minutes in Month × 100.
  • Where Downtime is any period the service is unavailable due to issues attributable to 1mind.

Exclusions – Downtime shall not include:

  • Scheduled maintenance with at least 48 hours advance notice.
  • Customer-caused downtime or connectivity issues.
  • Downtime due to third-party services, networks, or applications not under the provider's direct control.
  • Events categorized as force majeure (natural disasters, acts of war, etc.).

Remedies for Downtime: If the Uptime percentage falls below 99.5% in any month, the Customer is eligible to request a service credit equal to 15% of the monthly subscription fee for such month. If the Uptime percentage falls below 99.5% in any three (3) months during the Customer's annual term, then Customer shall have the right to terminate this Agreement and any open Order Form within 10 business days of such termination right event and receive a pro-rated refund for any Services to be delivered beyond the effective termination date. Such refund will be issued within thirty (30) days from the termination effective date.

EXHIBIT B

1MIND INFORMATION SECURITY ADDENDUM

1. Incident Management. Company maintains a security incident management program. Upon detection of a security incident, including but not limited to a data breach incident, Company undertakes an internal investigation and where appropriate, remediation process, up to and including notification to impacted individuals, all in accordance with applicable law. Company shall promptly notify Customer after it has determined that unauthorized access to Customer Data has occurred, unless otherwise prohibited by Applicable Law. In such an event, and unless prohibited by Applicable Law or confidentiality restrictions, Company shall provide information, to the extent available to Company, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and shall provide reasonable cooperation to Customer:

  1. In the investigation of any such unauthorized access;
  2. In Customer's efforts to comply with statutory notice or other Applicable Laws applicable to Customer or its Customers; and
  3. In litigation and investigations brought by Customer against third parties, including injunctive or other equitable relief reasonably necessary to protect Customer's proprietary rights.

2. Operational Security. Company maintains a set of physical security policies, processes and procedures based on generally accepted industry practices that govern physical security and environmental controls used to both guard Company's systems and scoped data, and to govern visitors to Company's physical locations and facilities. Company maintains a change management process to monitor changes to information systems, network devices, system components, physical and environment changes, and Services development.

3. Asset Management. Company's data and information system assets include corporate and customer assets. These asset types are managed under Company's security policies and procedures. Company authorized personnel who access and handle these assets are required to comply with the procedures and guidelines defined by Company's security policies. Anti-virus tools are configured to run scans, virus detection, real-time file write activity and signature file updates. Laptop and remote users are covered under virus protection. Role based access controls are implemented for access to information systems. Processes and procedures are in place to address employees who are voluntarily or involuntarily terminated. Access controls to sensitive data in Company's databases, systems, and environments are set on a need-to-know / least privilege necessary basis. Access control lists define the behavior of any user within Company's information systems, and security policies limit them to authorized behaviors. Assets at end-of-life are accounted for and securely decommissioned.

4. Risk Assessment Management. Company maintains a corporate risk assessment program and policy that defines risk levels for discovered issues with employee(s) assigned to manage and regularly review the program and policy. Company's risk management program includes guidance on the potential threat identification, and mitigation strategies for those risks. Company performs risk assessments on an annual basis.

5. Information Security. Company has documented security policies and procedures that define information security rules and requirements for its Services and services environment that are reviewed at least annually and updated as necessary. Company uses the most current generally accepted industry standard encryption for at-rest encryption of Customer Data.

6. Vendor Management. Company maintains a vendor management program that establishes the rules and requirements for any vendor that will access, store and/or process Company's information assets and includes conducting the relevant security assessment for such vendor.

7. Personnel Security. Company employees are required to sign confidentiality agreements and acknowledge Company's Code of Conduct. The Code of Conduct outlines Company's expectation that every employee will conduct business ethically, lawfully and with integrity and respect for each other as well as Company customers, partners, vendors, competitors and other third parties. All employees are provided with security training as part of onboarding and all employees are required to complete an annual training course on code of conduct policies. Additionally, Company currently conducts employment background checks on all Company employees and certain consultants and contractors upon hire, unless expressly, and then solely to the extent, prohibited by law: (1) to verify the accuracy of employment chronology and educational credentials; and (2) to verify such employee, consultant or contractor (as applicable) has no civil, criminal or credit history that would preclude successful fulfillment of the role with Company including, but not limited to, meeting confidentiality obligations. There are processes in place to address both the onboarding and offboarding of Company employees, consultants and contractors.

8. Vulnerability Management. Company conducts security assessments to identify vulnerabilities in both Company's corporate IT infrastructure and Platform/Services, and to determine the effectiveness of the Company patch management program.

9. Penetration Testing. An authorized third party on Company's behalf, conducts annual penetration testing of its Platform/Services to assess current threats and vulnerabilities. Each security concern is reviewed to determine if it is applicable, ranked based on risk, and assigned to the appropriate team for remediation.

10. Data Protection and Personal Data Processing. In connection with providing products and services to Company's customers, Company uses appropriate physical, technical and organizational security measures.

11. Operations Management.

  • Data Protection During Transmission – Company shall encrypt, using an industry recognized encryption algorithm, personally identifiable Customer Data when in transit across public networks.
  • Data Loss Prevention – Company shall implement a data leakage program that is designed to identify, detect, monitor and document Customer Data leaving Company's control without authorization in place.
  • Malicious Code – Company shall implement controls that are designed to detect the introduction or intrusion of malicious code on information systems handling or holding Customer Data and implement a process for removing said malicious code from information systems handling or holding Customer Data.

12. Access Controls.

  • Authorized Access – Company shall have controls that are designed to maintain the logical separation such that access to systems hosting Customer Data and/or being used to provide services to Customer will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to Customer Data.
  • User Access – Company shall have a process to promptly disable access to Customer Data by any Company personnel who no longer requires such access. Company will also promptly remove access of Customer personnel upon receipt of notification from Customer.
  • Authentication Credential Management – Company shall communicate authentication credentials to users in a secure manner, with a proof of identity check of the intended users.
  • Multi-Factor Authentication for Remote Access – Company shall use multi-factor authentication and a secure tunnel, or another strong authentication mechanism, when remotely accessing Company's internal network.

EXHIBIT C

DATA PROCESSING ADDENDUM

This Data Processing Addendum ("Addendum") is incorporated into the applicable services agreement, between 1mind and Customer governing Customer's use of 1mind's Platform and Services (the "Agreement") and relates to 1mind's processing of Personal Data on behalf of Customer.

This Addendum regulates only the Processing of Personal Data subject to Data Protection Law for the Purposes (as defined in Annex 1) by the Parties in the context of the Services. Except as modified below, the Agreement remains in full force and effect. Annexes 1, 2, and 3 form an integral part of this Addendum.

The Parties agree that the terms and conditions set out below are added as an Addendum to the Agreement.

  1. Definitions. The following terms have the meanings set out below for this Addendum:

    1. 1.1"CCPA" means the California Consumer Privacy Act of 2018, as amended, (enrolled at California Civil Code, Title 1.81.5 §§ 1798.100–1798.199), including associated regulations (to be published at California Code of Regulations, Title 11, Division 1, Chapter 20, §§ 999.300–999.341), and inclusive of any public findings and associated guidance issued by California regulators.

    2. 1.2"Controller" means the entity which alone or jointly with others determines the purposes and the means of the Processing of Personal Data.

    3. 1.3"Data Subject" means a natural person whose Personal Data are processed in the context of this Addendum.

    4. 1.4"Data Protection Law" means all laws and regulations, including EU/UK Data Protection Law, the United States of America ("US") and of the several States (including California), and any other sovereign nation or administrative subdivision thereof, whose laws or regulations may be applicable to the processing of Personal Data under this Agreement, and all national legislation reflecting, implementing, or supplementing the foregoing, as updated, amended, or replaced from time to time.

    5. 1.5"EEA" means the European Economic Area.

    6. 1.6"EU/UK Data Protection Law" means: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (the "EU GDPR"); (ii) the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom's European Union (Withdrawal) Act 2018 (the "UK GDPR"); (iii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iv) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i), (ii) or (iii); in each case as may be amended or superseded from time to time.

    7. 1.7"Personal Data" means any information relating to an identified or identifiable natural person.

    8. 1.8"Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed.

    9. 1.9"Processor" means the entity that processes Personal Data on behalf of a Controller.

    10. 1.10"Processing of Personal Data" (or "Processing/Process") means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    11. 1.11"Restricted Transfer" means: (i) where the EU GDPR applies, a transfer of personal data from the European Economic Area to a country outside of the European Economic Area which is not subject to an adequacy determination by the European Commission; and (ii) where the UK GDPR applies, a transfer of personal data from the United Kingdom to any other country which is not based on adequacy regulations pursuant to Section 17A of the United Kingdom Data Protection Act 2018.

    12. 1.12"Services" has the meaning in the Agreement.

    13. 1.13"Standard Contractual Clauses" means: (i) where the EU GDPR applies, the contractual clauses annexed to the European Commission's Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council ("EU SCCs"); and (ii) where the UK GDPR applies, standard data protection clauses adopted pursuant to or permitted under Article 46 of the UK GDPR ("UK SCCs").

    14. 1.14"Sub-Processor" means the entity engaged by the Processor or any further sub-contractor to Process Personal Data on behalf of and under the instructions of the Controller.

    15. 1.15"Supervisory Authority" means an independent public authority that has been established by a state for which EU/UK Data Protection Law is the applicable law regarding the protection of Personal Data.

  2. Roles of the Parties. For the purposes of this Addendum, Customer, as Controller, appoints 1mind as Processor for the Processing of Personal Data for the Purposes (as defined in Annex 1) in the context of the Service.

  3. Obligations of 1mind. When Processing Personal Data for the Purposes in connection with the Services, 1mind:

    1. 3.1Will only process Personal Data on behalf of Customer in accordance with the Customer's lawful written instructions and not for any other purposes than those specified in Annex 1 or as otherwise agreed by both Parties in writing.

    2. 3.2Will promptly inform Customer if, in its opinion, Customer's instructions infringe EU/UK Data Protection Law, or if 1mind is unable to comply with Customer's instructions, but without obligation to actively monitor Customer's compliance with EU/UK Data Protection Law.

    3. 3.3Will, taking into account the nature of the Processing and the information available to 1mind, provide reasonable assistance to Customer in ensuring compliance with Customer's obligations under EU/UK Data Protection Law, including data security, data breach notifications, data protection impact assessments, and prior consultations with supervisory authorities.

    4. 3.4Will, taking into account the nature of the Processing, take appropriate technical and organizational measures to assist Customer in fulfilling Customer's obligation to respond to Data Subjects' requests to exercise their rights as provided under EU/UK Data Protection Law. If 1mind receives a request directly from a Data Subject, law enforcement agency or regulator, 1mind shall, unless prohibited from doing so by applicable law (including binding terms of the request itself), notify Customer about such request and only take further action as instructed by Customer. To the extent legally permitted, Customer shall be responsible for all reasonable costs arising from 1mind's provision of such assistance or compliance with such requests.

    5. 3.5Will notify Customer when local laws prevent 1mind from complying with the instructions received from Customer via this Addendum or is required to process Personal Data by law to which 1mind is subject, except if such disclosure is prohibited by applicable law.

    6. 3.6Will, at the choice and direction of the Customer after the end of the provision of the Services, delete or return all Personal Data processed under this Addendum to the Customer after the end of the provision of the Services, and delete existing copies unless EU or member state or UK law requires storage of some or all of the Personal Data.

    7. 3.7Will implement (and regularly test and review) internal Personal Data Breach identification, response and notification procedures in accordance with good industry practice. In the event of a Personal Data Breach relating to or affecting the Personal Data:

      1. 3.7.11mind shall, at its own expense, notify such Personal Data Breach to Customer without undue delay after 1mind becoming aware of such Personal Data Breach; and

      2. 3.7.21mind shall, at its own expense: (i) co-operate with Customer's reasonable requests; and (ii) provide all information reasonably requested by Customer, in each case, as required to enable Customer to comply with EU/UK Data Protection Law and co-operate with the directions or guidance of any Supervisory Authority.

  1. Restricted Transfers. The parties agree that when the transfer of Personal Data from Customer to 1mind is a Restricted Transfer it shall be subject to the appropriate Standard Contractual Clauses as follows:

    1. 4.1In relation to Personal Data that is protected by the EU GDPR, the EU SCCs will apply completed as follows:

      1. 4.1.1Module Two will apply;

      2. 4.1.2in Clause 7, the optional docking clause will apply;

      3. 4.1.3in Clause 9, Option 2 will apply, and the time period for prior notice of subprocessor changes shall be as set out in Section 6.3 of this DPA;

      4. 4.1.4in Clause 11, the optional language will not apply;

      5. 4.1.5in Clause 17, Option 1 will apply, and the EU SCCs will be governed by Irish law;

      6. 4.1.6in Clause 18(b), disputes shall be resolved before the courts of Ireland;

      7. 4.1.7Annex I of the EU SCCs shall be deemed completed with the information set out in Annex 1 to this DPA;

      8. 4.1.8Annex II of the EU SCCs shall be deemed completed with the information set out in Annex 2 to this DPA; and

      9. 4.1.9Annex III of the EU SCCs shall be deemed completed with the information set out in Annex 3 to this DPA.

    2. 4.2In relation to Personal Data that is protected by the UK GDPR, the UK SCCs will apply completed as follows:

      1. 4.2.1For so long as it is lawfully permitted to rely on standard contractual clauses for the transfer of personal data to processors set out in the European Commission's Decision 2010/87/EU of 5 February 2010 ("Prior C2P SCCs") for transfers of personal data from the United Kingdom, the Prior C2P SCCs shall apply between the Customer and 1mind on the following basis:

        1. 4.2.1.1Appendix 1 shall be completed with the relevant information set out in Annex 1 to this DPA;

        2. 4.2.1.2Appendix 2 shall be completed with the relevant information set out in Annex 2 to this DPA; and

        3. 4.2.1.3the optional illustrative indemnification Clause will not apply.

      2. 4.2.2Where sub-section 4.2.1 above does not apply, but the Customer and 1mind are lawfully permitted to rely on the EU SCCs for transfers of personal data from the United Kingdom subject to completion of a "UK Addendum to the EU Standard Contractual Clauses" ("UK Addendum") issued by the Information Commissioner's Office under s.119A(1) of the Data Protection Act 2018, then:

        1. 4.2.2.1The EU SCCs, completed as set out above in this DPA shall also apply to transfers of such Personal Data, subject to sub-section 4.2.2.2 below; and

        2. 4.2.2.2The UK Addendum shall be deemed executed between the Customer and 1mind, and the EU SCCs shall be deemed amended as specified by the UK Addendum in respect of the transfer of such Personal Data.

      3. 4.2.3If neither sub-section 4.2.1 nor sub-section 4.2.2 applies, then the Customer and 1mind shall cooperate in good faith to implement appropriate safeguards for transfers of such Personal Data as required or permitted by the UK GDPR without undue delay.

    3. 4.3In the event that any provision of this Agreement contradicts, directly or indirectly, the Standard Contractual Clauses, the Standard Contractual Clauses shall prevail.

  2. Onward Transfers. 1mind shall not participate in (nor permit any subprocessor to participate in) any other Restricted Transfers of Personal Data (whether as an exporter or an importer of the Personal Data) unless the Restricted Transfer is made in full compliance with EU/UK Data Protection Law and pursuant to Standard Contractual Clauses implemented between the relevant exporter and importer of the Personal Data.

  3. Sub-Processing.

    1. 6.1Customer acknowledges and agrees that 1mind may engage third-party Sub-Processors in connection with the performance of the Services. The Sub-Processors approved by Customer as at the date of the Agreement or this Addendum are listed in Annex 3 hereto. 1mind has entered into a written agreement with each Sub-Processor containing data protection obligations not less protective than those in this Addendum with respect to the protection of Personal Data to the extent applicable to the nature of the Services provided by such Sub-Processor.

    2. 6.2Customer shall, within ten days of the effective date of this Addendum, sign up via https://www.1mind.com/sub-processors in order to receive notifications of new Sub-Processors ("Sub-Processor Notification Process"). 1mind shall provide notification via the Sub-Processor Notification Process, of a new Sub-Processor before authorizing any new Sub-Processor(s) to Process Personal Data in connection with the provision of the applicable Services.

    3. 6.3Customer may reasonably object on grounds relating to the protection of the Personal Data to 1mind's use of a new Sub-Processor by notifying 1mind promptly in writing to legal@1mind.com within ten (10) business days after receipt of 1mind's notice in accordance with the Sub-Processor Notification Process. In the event Customer objects to a new Sub-Processor, as permitted in the preceding sentence, 1mind will use reasonable efforts to make available to Customer a change in the Services or recommend a commercially reasonable change to Customer's configuration or use of the Services to avoid Processing of Personal Data by the objected-to new Sub-Processor without unreasonably burdening the Customer. If 1mind is unable to make available such change within a reasonable period of time, which shall not exceed thirty (30) days, Customer may terminate the applicable Order Form(s) with respect only to the Services that cannot be provided by 1mind without the use of the objected-to new Sub-Processor by providing written notice to 1mind. 1mind will refund Customer any prepaid fees covering the remainder of the term of such Order Form(s) following the effective date of termination with respect to such terminated Service, without imposing a penalty for such termination on Customer.

    4. 6.4Where a Sub-Processor fails to fulfill its data protection obligations, 1mind shall remain fully liable to Customer for the performance of the Sub-Processor's obligations.

  4. Security of the Processing; Confidentiality.

    1. 7.11mind will, taking into account the nature of the processing, implement and maintain a comprehensive written information security program with appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the security measures listed in Annex 2 and as appropriate: (a) the pseudonymization and encryption of Personal Data; (b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (c) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and (d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

    2. 7.21mind must take steps to ensure that any person acting under its authority who has access to Personal Data is subject to a duly enforceable contractual or statutory confidentiality obligation and will not process the Personal Data except on instructions from Customer.

  5. Business Purpose Only; No Sale. The Personal Data disclosed to 1mind by the Customer is provided to 1mind solely for a Business Purpose, consistent with California Civil Code §1798.140(d). Any activity, processing, or onward transfer by 1mind to any sub-processor shall be solely in furtherance of that Business Purpose, and any use or transfer for any purpose that may reasonably be considered a Sale of Personal Data is strictly prohibited.

  6. Data Protection Audit.

    1. 9.1Customer, acting by itself or through its appointed representative (acting pursuant to an NDA approved by 1mind), shall have the right during the term of the Agreement and for as long thereafter as 1mind processes Personal Data regarding which Customer is a Controller, to assess compliance by 1mind with the applicable requirements of the EU Data Protection Law and/or this Addendum, and to review the technical and organizational measures taken by 1mind against the unauthorized or unlawful processing of Personal Data and against the unauthorized access to, accidental loss or destruction of, or damage to, Personal Data, on at least thirty (30) days' advance notice to 1mind. Before the commencement of any audit, Customer and 1mind shall mutually agree upon the scope, timing, and duration of the audit, and Customer shall take all reasonable measures to limit any adverse impact thereof on 1mind.

    2. 9.2To the extent permitted by applicable law, Customer shall bear the costs and expenses incurred in respect of the parties' compliance with their obligations under this clause, unless the audit identifies that 1mind is not in compliance with the applicable requirements of the EU/UK Data Protection Law and/or this Addendum, in which case 1mind shall reimburse Customer for all reasonable costs and expenses incurred by Customer and 1mind in connection with the audit.

  7. Limitation of Liability. IN NO EVENT SHALL EITHER PARTY BE LIABLE CONCERNING THE SUBJECT MATTER OF THIS ADDENDUM, REGARDLESS OF THE FORM OF ANY CLAIM OR ACTION (WHETHER IN CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE), FOR DAMAGES, IN THE AGGREGATE, IN EXCESS OF THE LIABILITY CAP SET FORTH IN THE AGREEMENT. ALL OTHER TERMS IN THE AGREEMENT RELATING TO THE RECOVERY OF LOSSES SHALL APPLY MUTATIS MUTANDIS TO THE RECOVERY OF LOSSES UNDER THIS ADDENDUM.

  8. Modification of this Addendum. This Addendum may only be modified by a written amendment signed by each of the Parties.

  9. Termination. The Parties agree that this Addendum expires upon the termination or expiry of the Service.

  10. Governing Law. This Addendum is governed by, and shall be construed in accordance with, the laws governing the Agreement.

  11. Invalidity and Severability; Conflict. If any provision of this Addendum is found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, the invalidity or unenforceability of such provision shall not affect any other provision of this Addendum and all provisions not affected by such invalidity or unenforceability will remain in full force and effect. In the event of any inconsistency between this Addendum and Standard Contractual Clauses entered into by the parties, if any, the Standard Contractual Clauses shall prevail.

ANNEX 1 – Data Processing Description

A. LIST OF PARTIES

Controller(s) / Data exporter(s):

Field Details
Name Each of the Customer entities identified in the Agreement.
Address [Please insert Customer address]
Contact person's name, position and contact details Data protection enquiries can be addressed to:
[Please insert Customer details].
Activities relevant to the data transferred under these Clauses Customer receives the Services described in the Agreement.
Signature and date This Annex 1 shall be deemed executed upon execution of the DPA.
Role (controller/processor) Controller

Processor(s) / Data importer(s):

Field Details
Name 1mind AI, Inc.
Address 2261 Market Street STE 85659, San Francisco, CA 94114
Contact person's name, position and contact details Data protection enquiries can be addressed to privacy@1mind.com
Activities relevant to the data transferred under these Clauses Performance of the Services described in the Agreement.
Signature and date This Annex 1 shall be deemed executed upon execution of the DPA.
Role (controller/processor) Processor

B. DESCRIPTION OF TRANSFER

Field Details
Categories of data subjects whose personal data is transferred Customer's end-user customers, prospects, and partners, including employees, contractors, collaborators, and advisors of such end-user customers, prospects, and partners (who are natural persons).
Categories of personal data transferred
  • First and last name
  • Title, work department, and manager/supervisor name
  • Position
  • Employer
  • Contact information (company, email, phone, physical business address)
  • IP Address
  • Localization data (i.e. browser settings, language preferences)
Sensitive data transferred (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures None
The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis) Continuous for the duration of the Agreement.
Nature of the processing Performance of the Services described in the Agreement.
Purpose(s) of the data transfer and further processing Processing Personal Data on behalf of and in accordance with Customer's documented instructions for the following purposes: (i) Processing in accordance with the Agreement and applicable Order Form(s); (ii) Processing initiated by Data Subjects as required under EU/UK Data Protection Law; and (iii) Processing to comply with other documented, reasonable instructions provided by Customer where such instructions are consistent with the terms of the Agreement.
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period 1mind will process Personal Data for the duration of the Agreement. Upon termination of the Agreement, it will be deleted in accordance with this DPA.
For transfers to (sub-) processors: subject matter, nature and duration of the processing See Annex 3 of this DPA. The duration will be until the termination of the Agreement.

C. COMPETENT SUPERVISORY AUTHORITY

Field Details
Identify the competent supervisory authority/ies in accordance (e.g. in accordance with Clause 13 SCCs)

Where the EU GDPR applies, the competent supervisory authority shall be the Irish Data Protection Commissioner.

Where the UK GDPR applies, the competent supervisory authority shall be the UK Information Commissioner's Office.

ANNEX 2

1MIND INFORMATION SECURITY ADDENDUM

Please reference Exhibit B, 1mind Information Security Addendum ("ISA") of the Master Software Subscription Agreement for 1mind's minimum Data Security Measures.

ANNEX 3 – Approved Subprocessors

As of the Effective Date, Processor uses the Sub-Processors listed at https://www.1mind.com/sub-processors to Process Personal Data.

Changes to this listing can be tracked by Customer subscribing to our Subprocessor page located at https://www.1mind.com/sub-processors.

The Smartest Person in the Room

PrivacyTrust CenterTermsContact UsCareers

1mind uses AI in our product & cookies to improve the user experience. Read more here.

Allow AllReject

Customize

Cookie Settings

By clicking "Accept All Cookies," you agree to the storing of cookies on your device to enhance your site experience.

Required for basic site functionality.

Allows the site to remember your choices (eg. name) and provide enhanced features.

Helps the site understand performance, visitor interactions, and technical issues.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Confirm ChoicesReject All Cookies
cookie icon