NEAR AI Cloud Terms of Service

Welcome to NEAR AI. These Terms of Service (the “Terms”) are a legally binding agreement between Jasnah, Inc. d/b/a NEAR AI (“NEAR AI”, “we”, or “us”) and the person or entity agreeing to the Terms (“Customer” or “you”).  If you are agreeing to these Terms on behalf of an organization, “Customer” shall also mean that organization. These Terms govern your access to and use of the NEAR AI Cloud, including the NEAR API, and related developer services we make available (such products and services, the “Services”) on or through our website currently located at https://near.ai/  (our “Website”).  

Please read these Terms carefully as they affect your legal rights. These Terms are effective on the earlier of when you click to accept the Terms and your first use of the Services (the “Effective Date”).  By accepting these Terms, using the Services, or creating an Account, you agree to be bound by these Terms.  If you do not agree to these Terms, do not use our Services. The date on which the Terms first becomes effective is the “Effective Date.”

1. Definitions.

• “Account” means Customer’s account with NEAR AI associated with Customer’s use of the Services.
• “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a Party.
• “Acceptable Use Policy” (or “AUP”) means the then-current acceptable use policy applicable to the Cloud Service located at: Acceptable Use Policy.
• “Authorized Account Users” means the employees, contractors, or vendors authorized by Customer to use the Services under the Customer’s Account. 
• “Authorized User” means Authorized Account Users and End Users.
• “Business Contact Information” means the business contact information of a Party (including, without limitation, business addresses, phone numbers, and email addresses, including a Party’s contact persons’ names used solely to facilitate the Parties’ communications for administration of these Terms).
• “Customer Application” means Customer’s applications, products or services in which Customer may integrate the Services, or host within the NEAR AI Cloud, as permitted by these Terms. 
• “Customer Data” means data provided to the Services by Customer and its Authorized Users, including Inputs; and data that Customer or Authorized Users derive or generate from that data through their use of the Services, including Outputs. 
• “Documentation” means the user guides, technical specifications, API documentation, manuals, help files, and other written or electronic materials provided by NEAR AI that describe the features, functionality, operation, and use of the Services.
• “End Users” means the entities or individuals who are customers of Customer who have a written agreement with Customer and have access to the Services through a Customer Application and who have entered into an End User Agreement  
• “End User Agreement” means the legally binding terms and conditions between Customer and each End User governing the End User’s access to and use of the Customer Application, which include the obligations, restrictions, and limitations (including those in the AUP) applicable to End Users under these Terms.
• “Input” means any and all instructions, queries, visual or textual cues given by Customer or End Users to the Generative AI Services in order to generate an Output.
• “Intellectual Property Rights” means current and future worldwide rights under patent, copyright, trade secret, trademark, and moral rights laws, and other similar rights.
  
• “NEAR AI Cloud” means a hosted confidential compute platform that provides cloud-based AI services and infrastructure, including but not limited to inference APIs, running inside Trusted Execution Environments (TEEs).
• “NEAR API” means the application programming interface(s) provided by NEAR AI as part of the Services.
• “Order Form” a transactional ordering document or confirmation information upon purchase of Usage Credits for Customer’s purchase of Services, including an online registration page.
• “Order Term” means the duration for access to the Services specified in the Order Form, unless terminated earlier in accordance with these Terms.
• “Output” means any and all content generated by the Third-Party Generative AI Services in response to Customer’s or End User’s Input.
• “Personal Data” has the meaning given such term in the Data Processing Addendum.
• “Protected Health Information” (or “PHI”) means individually identifiable health information that is protected under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations.
• “Third-Party Generative AI Services” means the generative AI models obtained from third-party providers and made available to Customer through the Services.
  
• “Usage Credits” means  the prepaid units for metered use of the Services that Customer may purchase on the Website
• “Usage Data” means operational and meta data collected by NEAR AI while providing the Services to Customer, such as usage details (e.g., information about usage including token count per Input and Output), operational status, authentication details, quality and performance metrics, and other technical details necessary for NEAR AI to operate and maintain the Services. For clarity, Usage Data excludes Customer Data.

2. Eligibility.

You may use the Services only if you can form a binding contract with NEAR AI, and only in compliance with these Terms and all applicable local, state, national, and international laws, rules and regulations. Any use or access to the Services by anyone under 18 is strictly prohibited and in violation of these Terms. The Services are not available to Customers previously removed from the Services by NEAR AI. By registering for an Account, you represent and warrant that (i) you are at least 18 years of age, (ii) you will use the Services in accordance with these Terms and all applicable local, state, national and international laws, rules and regulations, (iii) if registering on behalf of a company, organization or other entity, you are an authorized representative of the entity and have the authority to bind such entity to these Terms, (iv) you are not located in, under the control of, or a national/resident of any country or region subject to comprehensive U.S. embargoes or sanctions (including Cuba, Iran, North Korea, Syria, or the Crimea, Donetsk, or Luhansk regions of Ukraine), (v) are not identified on, and are not owned or controlled by any person or entity identified on, any U.S. government restricted party lists (including the Specially Designated Nationals List, Denied Persons List, or Entity List), and (vi) are otherwise eligible to receive the Services under applicable laws and regulations, including U.S. export-control laws and international trade restrictions. We may require identity or compliance information (including “know your customer” checks) to verify eligibility.

3. Scope of the Services.

These Terms, which incorporate by reference NEAR AI’s Acceptable Use Policy, governs your use of the Services. For the avoidance of doubt, the Services do not include the Third-Party Generative AI Services that NEAR AI makes available through the NEAR API.

4. Use of the Services.

4.1 Use of Services. During the Term, NEAR AI will make the Services available to Customer in accordance with these Terms, the Documentation, and any applicable Order Form(s). Subject to the terms and conditions herein, Customer may use the Services to (i) generate Outputs based on its Inputs through Third-Party Generative AI Models made available within the NEAR AI Cloud, and (ii) make the Services available to its End Users as integrated into or through the Customer Application.

4.2 Use Restrictions. Customer will only use the Services for its legitimate purposes in accordance with these Terms, including the AUP.   Customer’s use of the Services will at all times comply with all applicable laws. Customer will not: (i) use, copy, modify or otherwise prepare derivative works of the Services, or any portion thereof, unless expressly authorized in these Terms; (ii) use the Services to develop any product or artificial intelligence model that competes with the Services or any Third-Party Generative AI Services; (iii) reverse engineer, disassemble, alter or decompile the Services, or otherwise attempt to derive or modify the source code of, or any processes, techniques, methods, specifications, protocols, algorithms, interfaces, data structures, or other information embodied or used in the Services; (iv) interfere with or disrupt the Services, bypass or disable rate limits, security, or attestation/verification mechanisms, or falsify or tamper with attestation/verification data (v) automatically or programmatically extract data and/or outputs (e.g., via scraping or automated crawling of output interfaces), except via our published NEAR APIs under applicable rate limits; (vi) misrepresent AI‑generated content as human‑created; (vii) use Outputs to develop or train competing AI models, unless expressly permitted in a separate written agreement; (viii) run cryptocurrency mining, proof‑of‑work/stake computations, or similar high‑risk workloads without our prior written authorization; (ix) use free‑tier resources as a proxy/VPN or for workloads earning third‑party financial rewards; (x) sell, resell, sublicense, transfer, or distribute any or all of the Services; (xi) use the Services to create, collect, transmit, store, use, or process any data that violates any applicable laws, or infringes, violates or otherwise misappropriates the intellectual property or other rights of any third party (including any moral right, privacy right or right of publicity); (xii) use the Services, or allow the transfer, transmission, export, or re-export of the Services or portion thereof, in violation of any export control laws or regulations administered by the U.S. Commerce Department or any other government agency; (xiii) remove any copyright, trademark, proprietary rights, disclaimer, or warning notice included on or embedded in any part of the Services or any other materials provided by NEAR AI; (xiv) use the Services or any Output in violation of the AUP; or (xv) to transmit, store, or process Protected Health Information except as permitted by an executed Business Associate Agreement (or “BAA”). 

4.3 API Usage. Customer shall not exceed the API usage limits, quotas, or thresholds set forth in the applicable Order Form, Documentation, or otherwise communicated by NEAR AI. Any use beyond such limits may result in account throttling, suspension, or additional fees, at NEAR AI’s discretion.

4.4 Updates to the Services. NEAR AI may make changes to the Services from time to time, including by adding or removing features, increasing or decreasing capacity limits, offering new services or discontinuing certain services. Except to the extent that Customer has prepaid for certain Services, NEAR AI will not be liable for any change to or any suspension or discontinuation of the Services or Customer’s access to them. 

4.5 Beta Services. From time to time, NEAR AI may make available to Customer services or functionality that are not generally made available to NEAR AI’s customers and/or are designated as alpha, beta, pilot, preview, or similar designation (“Beta Services”). The purpose of Beta Services is to test and evaluate the functionality, performance, and usability of the features and capabilities within the Beta Services. Beta Services are not considered “Services” under these Terms. By accessing or using the Beta Services, Customer understands, acknowledges and agrees that the Beta Services (a) are not a final product and may contain defects, bugs, and other issues; and (b) are being provided solely on an “AS IS” and “AS AVAILABLE” basis without any warranty of any kind, and may be modified or discontinued in our sole discretion. YOU ASSUME ALL RISKS AND COSTS ASSOCIATED WITH YOUR USE OF THE BETA SERVICES. Additionally, NEAR AI is not obligated to provide any maintenance, technical or other support for the Beta Services.

4.6 Usage Data. Customer acknowledges that NEAR AI uses Usage Data (excluding Customer Content or Personal Data) for legitimate business purposes related to the ongoing operation, development, security and improvement of the Services. NEAR AI will not disclose Usage Data externally except in de-identified and/or aggregated form (including across customers)that it does not reasonably identify Customer, its Authorized Users or any other person,.

5. Accounts; Authorized Users

5.1 Accounts. Customer must create an Account to use the Services and is responsible for the information it provides to create the Account, the security of its passwords for the Account (including any keys for the NEAR API), and for any use of its Account. Customer agrees that it will only make its Account available to Authorized Account Users. Customer is responsible for all activity that occurs under its Account, and shall immediately notify NEAR AI upon becoming aware of any unauthorized access to, or security breach involving, its login credentials or Account.

5.2 Authorized Users. Only Customer’s Authorized Users may access and use the Services, provided, that (i) End Users may only access the Services through the Customer Application,  and (ii) only Authorized Account Users may access the Services through the Customer’s Account. Customer is responsible for the compliance with the terms of these Terms by its Authorized Account Users and for compliance of the End User Agreement by the End Users. Any act or omission that if committed by Customer that would constitute a breach of these Terms will be deemed to constitute a breach of these Terms if committed by Customer’s Authorized Users.

6. Customer Obligations.

6.1 Compliance. Customer will (a) ensure that Customer’s, and its Authorized Users’, use of the Services complies with these Terms, (b) ensure End Users enter into an End User Agreement and terminate access to the Services for any End User that violates the terms of such End User Agreement if it adversely affects NEAR AI, (c) use commercially reasonable efforts to prevent and terminate any unauthorized use of, or access to, the Services, and (d) immediately notify NEAR AI of any unauthorized use of, or access to, the Services, Account, or Customer’s password of which Customer becomes aware. 

6.2 Input. Customer is responsible for all Input it and its End Users submit to the Services. By submitting Input to the Services (on its own or its End Users’ behalf), Customer represents and warrants that it has all rights, licenses, and permissions that are necessary for NEAR AI to process the Input under these Terms. Customer also represents and warrants that any Input submitted to the Services under Customer’s Account will not violate these Terms, NEAR AI’s Acceptable Use Policy, or any laws or regulations applicable to the Input. 

6.3 Output. Customer is responsible for all Output it creates. Subject to your compliance with these Terms, we assign you all of our right, title and interest, if any, in and to Outputs. Where required by law or regulation, you must disclose that Output was AI-generated and comply with applicable transparency obligations (e.g., EU AI Act, FTC guidance).

7. Generative AI Services.

Customer acknowledges and agrees that its use of and access to the Third-Party Generative AI Services made available to Customer with the Services are subject to terms and conditions specified by the owner of such services, and that it will abide by such terms and conditions at all times. 

8. Suspension of Access to Services.

8.1 Violations of Use Restrictions and AUP. If NEAR AI becomes aware that Customer’s or Customer’s End Users use of the Services violates Section 4.2 (Use Restrictions) or the Acceptable Use Policy, then NEAR AI may suspend all or part of Customer’s use of the Services until the violation is corrected. 

8.2 Other Suspensions. In addition to its other rights of suspension, NEAR AI may also suspend all or part of Customer’s use of the Services without prior notice if (a) NEAR AI reasonably believes suspension is needed to protect the Services, NEAR AI’s infrastructure supporting the Services, or any other customer of the Services (or its authorized users); (b) there is suspected unauthorized third-party access to the Services; (c) NEAR AI reasonably believes that immediate suspension is required to comply with any applicable law; or (d) Customer, or its Authorized Users, are in breach of Section 5.3 (Restrictions). NEAR AI will reinstate Customer’s access to the Services when the circumstances giving rise to the suspension have been resolved. At Customer’s request, NEAR AI will, unless prohibited by applicable law, notify Customer of the basis for the suspension as soon as is reasonably possible.

9. Third-Party Services.

The Services may contain links to or integrations with third-party websites, platforms, applications, or services (collectively, “Third-Party Services”) that are subject to different terms and privacy practices. Customer’s use of and interactions with Third-Party Services are governed by the third party’s terms and not by these Terms. NEAR AI does not own or control Third-Party Services and is not responsible or liable for any aspect of such Third-Party Services, including but not limited to any harm or damages related to any interactions or transactions Customer may have with Third-Party Services (such as any information, content, or materials provided by Third-Party Services).

10. Intellectual Property.

10.1 Services. The Services, and all materials contained therein, and all Intellectual Property Rights related thereto are the exclusive property of NEAR AI and its licensors. NEAR AI reserves all rights not expressly granted herein in the Services.

10.2 Customer Data. As between Customer and NEAR AI, Customer (and its licensors or End Users, as applicable) retains all right, title, and interest in and to Customer Data, including Inputs that Customer submits to the Services. Customer grants NEAR AI a limited license in Customer Data solely for the purpose of providing the Services to Customer and its End Users, as applicable. NEAR AI will not use Customer Data to train any generative AI models. NEAR AI also maintains written agreements with the providers of the Third-Party Generative AI Services prohibiting third parties from using Customer Data to train their AI models. 

10.3 Feedback. At its option, Customer may provide feedback or suggestions about the Services to NEAR AI (“Feedback”). If Customer provides Feedback, then NEAR AI may use such Feedback without restriction and without obligation to Customer.

11. Subscriptions & Payment

11.1 Subscription Plans. We may offer one or more subscription plans, each with different available features, functionalities or length of subscription (each, a “Plan”). The fees for each Plan are as set forth on our Website. We reserve the right to change our available Plans, or the fees for a Plan, at any time provided that such changes will only apply on a go-forward basis to any renewal of your subscription. We will charge your credit card as of the date you enroll in the Plan for the monthly amount associated with the Plan. Any use of the Services in excess of the usage limits set forth in a Plan will be billed in arrears.

11.2 Recurring Billing. By enrolling in one of our automatically renewing Plans, you authorize us and/or our third-party payment processor to charge your credit card at the beginning of your subscription term, and on a recurring basis, for the applicable charge and any and all taxes or possible transaction fees, and any other charges incurred in connection with your subscription. Your credit card will automatically be charged the applicable charge on the applicable renewal processing date unless you cancel before that date. Your Plan will continue for the period of time of the subscription period that you selected and will automatically renew until terminated. You must cancel your Plan before it renews in order to avoid billing of the subscription fees for the next billing cycle. We may receive updated credit card information (new credit card number or updated expiration date) from your credit card issuer. We may use these new details to help prevent any interruption to your subscription. If you would like to use a different payment method or if there is a change in payment method, please visit the settings area of your account to update your billing information. If any subscription fee is not paid in a timely manner, or your transaction cannot be processed, we reserve the right to suspend, disable, cancel or terminate your access to the Services or cancel your subscription. You will be responsible for paying all past due amounts. Some credit card issuers may charge you certain fees, such as foreign transaction fees or other fees relating to the processing of your credit card. Check with your credit card provider for details. If your credit card cannot be processed for some reason, we may contact you via auto-generated email, text, or phone if you are opted-in to receive such forms of communication.

11.3 Cancellation. When you cancel a subscription, you cancel only future charges associated with your subscription. You may initiate your cancellation at any time, but the cancellation will become effective at the end of your then-current subscription period. In order to avoid future charges, you must cancel your subscription at least 24 hours prior to the end of your current subscription period. To cancel, please use the cancelation functions in your Customer Account or contact us at [email protected]. If you cancel, your right to use the Services under your Plan will continue until the end of your then-current subscription period (unless we provide you with a refund or otherwise allow you to use the unused portion towards another service or subscription) and will then terminate without further charges).

11.4 No Refunds.  ALL PAYMENTS (INCLUDING SUBSCRIPTION FEES, OVERAGE CHARGES, AND AMOUNTS PAID FOR USAGE CREDITS) ARE NONREFUNDABLE AND NOT REDEEMABLE FOR CASH, IN WHOLE OR IN PART. FOR CLARITY, USAGE CREDITS ARE NONREFUNDABLE.. If you cancel your subscription, you will not receive any refund and you will continue to have access to your Plan through the end of the subscription period. We reserve the right to issue refunds, credits, or discounts at our sole discretion. If we issue a refund, credit, or discount, we are under no obligation to issue the same or similar refund in the future and we may terminate your Plan and access to the Services. 

11.5 Usage Credits. Customer may access the Services by purchasing prepaid units for metered use of the Services (“Usage Credits“). Usage is applied against Usage Credits. If Customer exhausts available Usage Credits, access to the Services will be suspended until additional Usage Credits are purchased. Usage Credits are non-transferable and non-refundable and may expire as stated at purchase.

11.6 Free Trials & Promotions. We may offer promotional trial subscriptions for free or at special discounted prices. If you sign up for a trial subscription, your rights to use the applicable portion of the Service are limited by the terms of such trial and will terminate or renew according to the terms of your trial arrangement and/or any applicable additional terms.  You may cancel your subscription during your promotional period to avoid being charged the full applicable subscription fee using the procedures described in the “Cancellation” section above.

12. Confidential Information.

12.1 Definition. “Confidential Information” means information that one Party (or an Affiliate) discloses to the other Party under or in connection with these Terms, and which is marked as confidential or, under the circumstances surrounding the disclosure, would reasonably be considered confidential. Confidential Information does not include information that is independently developed by the Recipient, is rightfully given to the Recipient by a third party without confidentiality obligations or becomes public through no fault of the Recipient. Subject to the preceding sentence, Customer Data is considered Customer’s Confidential Information.

12.2 Obligations. The Parties acknowledge that in connection with these Terms, each may receive (as the “Recipient”) and disclose (as the “Discloser”) certain Confidential Information. The Recipient will only use the Discloser’s Confidential Information to exercise the Recipient’s rights and fulfill its obligations under these Terms and will use reasonable care to protect against the disclosure of the Discloser’s Confidential Information. The Recipient may disclose Confidential Information only to its and its Affiliates’ employees, agents, subcontractors, or professional advisors (“Representatives“) who need to know it and who have agreed in writing (or in the case of professional advisors are otherwise bound) to keep it confidential. The Recipient will ensure that its Representatives use the received Confidential Information only to exercise rights and fulfill obligations under these Terms.

12.3 Required Disclosure. In the event that Recipient or any of its Representatives is required to disclose Confidential Information to the extent necessary to comply with the requirements of law, legal process (including deposition, interrogatory, request for documents, subpoena, civil investigative demand or similar process) or valid order of a court of competent jurisdiction, the recipient shall (a) notify the Discloser prior to making such disclosure in order to permit Discloser to seek confidential treatment of such Confidential Information, and (b) in any event disclose only that portion of Discloser’s Confidential Information that is legally required to be disclosed.

13. Data Privacy & Security.

13.1 Data Privacy. NEAR AI will process any Personal Data contained in Business Contact Information in accordance with NEAR AI’s Privacy Policy; and to the extent NEAR processes any Personal Data contained in the Customer Data, it will do so in accordance with the Data Processing Agreement attached hereto as Exhibit A. 

13.2 Security. NEAR has implemented and will maintain technical, organizational, and physical measures consistent with recognized industry standards and practices designed to ensure the confidentiality, integrity and availability of Customer Data.

14. Representations & Warranties.

14.1 Mutual Representations & Warranties. Each Party represents and warrants that (a) it has full power and authority to enter into these Terms, and (b) it will comply with all laws applicable to its obligations under these Terms.

14.2 Customer Representations & Warranties. In addition to the warranties set forth in Section 14.1 above, Customer represents and warrants that (a) it has obtained, and will maintain, all necessary rights, licenses and consents to use, host and deploy any Customer Application; (b) it has obtained, and will maintain, all rights, licenses, consents, and authorizations required by applicable law, and has provided all notices required by applicable law, to allow Customer to upload, use, transmit and grant NEAR AI the rights to access, use and process Customer Data, including any Personal Data contained therein, in connection with the Services; (c) its use of the Services,  will comply with all applicable laws, regulations and NEAR AI’s Acceptable Use Policy; (d) it will not, and will not permit any Authorized User to, use the Services, or any Customer Application in connection with the Services, in connection with content or activities that are unlawful, obscene, deceptive, defamatory, harassing, discriminatory or otherwise violate applicable law; and (e) it is solely responsible for reviewing, evaluating, and determining the appropriateness of any Outputs, whether generated through Third-Party Generative AI Services, and for any reliance by Customer and its Authorized Users on such Outputs.

14.3 Limited NEAR AI Warranty. NEAR AI warrants that the Services will substantially comply with any applicable Documentation. In the event of a breach of the foregoing warranty, Customer’s exclusive remedy, and NEAR AI’s sole obligation, will be to use commercially reasonable efforts to provide an error-correction or work-around that corrects the non-conformity within a reasonable time after such nonconformity is identified and reported by Customer to NEAR AI in writing. This warranty will not apply if errors are caused by events outside of NEAR AI’s control or if the Services are not used in accordance with these Terms or the Documentation.

15. Disclaimers.

EXCEPT AS EXPRESSLY PROVIDED FOR IN THESE TERMS, NEAR AI MAKES NO WARRANTY AND EXPRESSLY DISCLAIMS, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR USE, TITLE, NONINFRINGEMENT, OR UNINTERRUPTED OR ERROR-FREE OPERATION OF THE SERVICES. 

IN ADDITION, TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEAR AI DISCLAIMS ALL LIABILITY ARISING FROM OR RELATED TO CUSTOMER APPLICATIONS, THIRD-PARTY GENERATIVE AI SERVICES, AND ANY OUTPUTS GENERATED BY THIRD-PARTY GENERATIVE AI SERVICES, INCLUDING ANY USE OF OR RELIANCE ON SUCH OUTPUTS BY CUSTOMER OR ITS AUTHORIZED USERS. CUSTOMER ACKNOWLEDGES THAT (A) OUTPUTS MAY BE INACCURATE, INCOMPLETE, MISLEADING, OFFENSIVE, OR OTHERWISE UNSUITABLE FOR ANY PARTICULAR PURPOSE; (B) NEAR DOES NOT WARRANT THE ACCURACY, RELIABILITY, QUALITY, OR SUITABILITY OF ANY OUTPUTS; AND (C) CUSTOMER USES THE SERVICES, CUSTOMER APPLICATIONS, THIRD-PARTY GENERATIVE AI SERVICES AND OUTPUTS AT ITS OWN RISK.

16. Indemnification.

16.1 By NEAR AI. NEAR AI will defend, indemnify and hold harmless Customer, its Affiliates, and its employees, officers and directors (each, a “Customer Indemnitee”) from and against any and all damages, liabilities, costs, and expenses (including reasonable attorney’s fees) (jointly, “Losses”)  incurred by a Customer Indemnitee arising out of or relating to any claim, action, demand, inquiry, audit, proceeding, or investigation of any nature, civil, criminal, administrative, regulatory, or other, whether at law, in equity or otherwise by a third party other than Affiliate of a Customer Indemnitee (collectively, a “Claim”) alleging that the Services or any part thereof infringes upon such third party’s Intellectual Property Rights.

16.2 By Customer. Customer will defend, indemnify and hold harmless NEAR AI, its Affiliates, and its employees, officers and directors (each, a “NEAR AI Indemnitee”) from and against any and all Losses incurred by a NEAR AI Indemnitee arising out of or relating to a Claim to the extent arising from (a) any Customer Application or Customer Data; (b) Customer’s or an Authorized User’s use of the Services in breach of these Terms, including the Acceptable Use Policy; (c) Customer’s or an Authorized User’s violation of applicable law, including data privacy laws, in connection with its use of the Services (including submission of Inputs); and (d) any dispute between Customer and its End Users.

16.3 Exclusions. Notwithstanding any of the foregoing, NEAR AI will have no obligations under this Section 16 with respect to any Claim to the extent that the Claim relates to or arises from: (i) Customer’s continuation of an activity after being notified of such activity’s alleged or actual infringement, misappropriation, or other violation of a third party’s rights; (ii) the combination or use of the Services with hardware, software, data or other materials not provided, or approved, by NEAR AI; or (iii) use of the Services other than in accordance with these Terms. 

16.4 Indemnification Procedure. Each Party will promptly notify the other Party in writing of any Claim for which such Party believes it is entitled to be indemnified pursuant to this Section 16. The party seeking indemnification (the “Indemnitee”) will cooperate with the other Party (the “Indemnitor”) at the Indemnitor’s sole cost and expense. The Indemnitor will promptly take control of the defense and investigation of such Claim and will employ counsel of its choice to handle and defend the same, at the Indemnitor’s sole cost and expense. The Indemnitee’s failure to perform any obligations under this Section 16.4 will not relieve the Indemnitor of its indemnity obligations under this Section 16, except to the extent that the Indemnitor can demonstrate that it has been materially prejudiced as a result of such failure. The Indemnitee may participate in and observe the proceedings at its own cost and expense with counsel of its own choosing. Neither Party shall have authority to settle and shall not settle any Claim that results in the Indemnitee’s obligation, liability, and/or admission of liability without the Indemnitee’s prior written consent.

16.5 Remedies. If NEAR AI reasonably believes the Services might infringe a third party’s Intellectual Property Rights, then NEAR AI may, at its sole option and expense (i) procure the right for Customer to continue using the Services; (ii) modify the Services to make them non-infringing without materially reducing their functionality; or (iii) replace the Services with a non-infringing alternative that has materially equivalent functionality. If NEAR AI does not believe the remedies in (i)-(iii) are commercially reasonable, then NEAR AI may suspend or terminate Customer’s use of the impacted Services.

16.6 Sole Rights & Obligations. Without affecting either Party’s termination rights and to the extent permitted by applicable law, this Section 15 states the Parties’ sole and exclusive remedy under these Terms for any third-party allegations of Intellectual Property Rights infringement covered by this Section 14.

17. Limitation of Liability.

17.1 IN NO EVENT WILL EITHER PARTY BE LIABLE FOR LOST PROFITS OR SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATED TO THIS AGREEMENT (WHETHER FROM BREACH OF CONTRACT, BREACH OF WARRANTY, OR FROM NEGLIGENCE, STRICT LIABILITY, OR ANY OTHER FORM OF ACTION), EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILITY SHALL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY HEREIN.

17.2 IN NO EVENT WILL EITHER PARTY’S AGGREGATE, CUMULATIVE LIABILITY EXCEED THE AMOUNT PAID OR PAYABLE TO NEAR AI BY CUSTOMER DURING THE TWELVE (12) MONTH PERIOD PRECEDING THE RELEVANT CLAIM.

17.3 NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THIS SECTION 17, NOTHING IN THESE TERMS EXCLUDES OR LIMITS (A) EITHER PARTY’S LIABILITY FOR: (I) ITS FRAUD, GROSS NEGLIGENCE OR WILLFUL MISCONDCUT, (II) ITS INDEMNIFICATION AND DEFENSE OBLIGATIONS UNDER SECTION 16 (INDEMNIFICATION), (III) ITS INFRINGEMENT OF THE OTHER PARTY’S INTELLECTUAL PROPERTY RIGHTS; (B) CUSTOMER’S (I) PAYMENT OBLIGATIONS UNDER THESE TERMS, AND (II) EXPRESS REPRESENTATIONS AND WARRANTIES UNDER THIS AGREEMENT; OR (C) MATTERS FOR WHICH LIABILITY CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

18. Term & Termination.

18.1 Term. These term of these Terms will commence on the Effective Date and continue until the earlier of such time as (i) Customer closes its Account, and (ii) a party terminates these Terms as set forth herein.

18.2 Termination for Breach or Insolvency. In addition to any other remedy available under these Terms or otherwise, either party will be entitled to terminate these Terms (i) in the event the other party commits a material breach of these Terms and fails to cure such breach within thirty (30) days of written notification thereof from the non-breaching party and (ii) upon written notice to the other party if the other party should enter into liquidation or become insolvent, or enter into receivership or bankruptcy.

18.3 Termination by NEAR AI. NEAR AI reserves the right to terminate these Terms and close your Account upon notice to you in the event that we determine we are required to do so by law, in which case we will refund to you any prepaid fees covering the remainder of your payment period as of the effective date of such termination.

18.4 Effect of Termination. Upon any expiration or termination of these Terms, except as otherwise permitted herein, (a) Customer’s rights and access to the Services will terminate unless otherwise described in these Terms, and (b) all fees will become due and owing. For clarity, unless these Terms are terminated by Customer for NEAR AI’s breach, Customer will remain liable to pay all fees outstanding on the effective date of termination of these Terms, including any unpaid fees covering the remainder of the term of these Terms had it not been terminated.

18.5 Survival. Upon any expiration or termination of these Terms, the rights and obligations of the parties will terminate, except for sections that by their nature and context are intended to survive completion of performance, expiration, termination, or cancellation of these Terms, including: Section 10 (Intellectual Property), Section 11 (Subscriptions & Payment) Section 12 (Confidential Information), Section 13 (Data Privacy & Security), Section 14 (Representations and Warranties), Section 15 (Disclaimers), Section 16 (Indemnification), Section 17 (Limitation of Liability), Section 18.4 (Effect of Termination), Section 20 (Dispute Resolution; Governing Law), and Section 21 (Miscellaneous). Customer’s liability and obligation to pay any fees or other amounts that have accrued prior to such expiration or termination will also survive such expiration or termination.

19. Updates to these Terms.

NEAR AI reserves the right to change or update these Terms from time to time at our sole discretion. We reserve the right, at our discretion, to change, modify, add, or remove portions of the Terms any time by posting the amended Terms here with an updated “Last Updated” date above. Please review the Terms frequently for any changes. If the changes include material changes that affect your rights or obligations, we will notify you of the changes by reasonable means, which could include notification through the Services or via email. Customer’s continued use of the Services following the effective date of any changes to these Terms constitutes acceptance of those changes.

20. Dispute Resolution; Governing Law.

20.1 Governing Law. All claims arising out of or relating to Terms or the App (including any Dispute regarding the interpretation or performance of these Terms) will be governed by the laws of the State of Delaware, USA, excluding Delaware’s conflicts of laws rules. 

20.2 Informal Resolution. Before commencing any action, the parties will attempt in good faith to resolve any dispute, controversy, or claim arising out of or relating to these Terms (a “Dispute”) through discussions between persons with decision-making authority. If a Dispute is not resolved within sixty (60) days after written notice of the Dispute, either party may bring an action in accordance with Section 20.3.

20.3 Jurisdiction and Venue. The parties agree that any action arising out of or relating to these Terms or the Services shall be brought exclusively in the state or federal courts located in the State of Delaware, and each party irrevocably submits to the personal jurisdiction and venue of such courts.

20.4 Jury Trial Waiver. EACH PARTY IRREVOCABLY WAIVES ANY RIGHT TO A JURY TRIAL IN ANY ACTION ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICES.

21. Miscellaneous. 

21.1 Notices. Under these Terms, notices to Customer must be sent to the email address associated with Customer’s Account and notices to NEAR AI must be sent to [email protected]. Notice will be treated as received when the email is sent. Customer is responsible for keeping its email address current throughout the Term.

21.2 Assignment. Neither Party may assign any part of these Terms without the written consent of the other, except to an Affiliate where (a) the assignee has agreed in writing to be bound by the terms of these Terms, and (b) the assigning Party has notified the other Party of the assignment. Any other attempt to assign is void. 

21.3 Force Majeure. Neither Party will be liable for failure or delay in performance to the extent caused by circumstances beyond its reasonable control, including acts of God, natural disasters, terrorism, riots, or war.

21.4 No Agency. This Agreement does not create any agency, partnership, or joint venture between the Parties.

21.5 No Waiver. Neither Party will be treated as having waived any rights by not exercising (or delaying the exercise of) any rights under these Terms.

21.6 Severability. If any part of these Terms is invalid, illegal, or unenforceable, the rest of these Terms will remain in effect.

21.7 No Third-Party Beneficiaries. This Agreement does not confer any benefits on any third party unless it expressly states that it does.

21.8 Equitable Relief. Each Party acknowledges that a material breach of these Terms adversely affecting a Party’s Intellectual Property Rights or the Confidential Information of either Party may cause irreparable harm to such Party for which monetary damages would be inadequate. In such event, the non-breaching Party will be entitled to seek equitable or injunctive relief, in addition to any other remedies available at law or in equity. 

21.9 Entire Agreement. This Agreement sets out all terms agreed between the Parties and supersedes all other agreements between the Parties relating to its subject matter. In entering into these Terms, neither Party has relied on, and neither Party will have any right or remedy based on, any statement, representation, or warranty (whether made negligently or innocently), except those expressly stated in these Terms. 

21.10 Headers. Headings and captions used in these Terms are for reference purposes only and will not have any effect on the interpretation of these Terms.

Exhibit A

NEAR AI DATA PROCESSING AGREEMENT FOR CUSTOMERS

This Data Processing Agreement (“DPA”) is incorporated into and forms part of (and if applicable, amends the current version of) the Terms of Service between Customer and/or its affiliates (“Customer”) and NEAR AI (“NEAR AI”), each a “Party” and collectively the “Parties”. This DPA applies to and takes precedence over the agreement between the Parties and any associated contractual document between the Parties, such as an order form, statement of work, or data processing agreement thereunder (collectively, the “Agreement”), to the extent of any conflict. Capitalized terms not defined herein are defined as in applicable Data Protection Laws. 

Customer and NEAR AI agree as follows:

1. Definitions. For purposes of this DPA:
   
   1. “Data Protection Laws” means all applicable laws, regulations, and other legal or self-regulatory requirements in any jurisdiction relating to privacy, data protection, data security, breach notification, or the Processing of personal data, including without limitation, to the extent applicable, the General Data Protection Regulation, Regulation (EU) 2016/679 (“GDPR”); the United Kingdom Data Protection Act of 2018; the Swiss Federal Act on Data Protection (“FADP”); and the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq., including its regulations and the amendments made by the California Privacy Rights Act of 2020 (“CCPA”), the Virginia Consumer Data Protection Act (“VCDPA”), the Colorado Privacy Act and related regulations (“CPA”), and any other similar state law governing the Processing of Personal Data (collectively, “U.S. State Privacy Laws”). For the avoidance of doubt, if the Parties’ Processing activities involving Personal Data are not within the scope of a given Data Protection Law, such law is not applicable for purposes of this DPA.
   2. “Data Subject,” “Processor,” “Service Provider,” “Controller,” and “Business” shall be defined as provided in applicable Data Protection Laws.
   3. “EU SCCs” means the Standard Contractual Clauses issued pursuant to Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council, located http://data.europa.eu/eli/dec_impl/2021/914/oj, and completed as set forth in Section 7 below.
   4. “Personal Data” refers to any information relating to an identified or identifiable natural person that NEAR AI Processes on behalf of Customer under these Terms. For purposes of this DPA, the term “Personal Data” includes “personal information,” “personally identifiable information,” and similar terms defined under Data Protection Laws, but does not include Business Contact Information or Usage Data, as such terms are defined in these Terms.
   5. “Process” and “Processing” mean any operation or set of operations performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, creating, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
   6. “Security Breach” means any accidental or unlawful acquisition, destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data occurring on NEAR AI’s systems or otherwise under NEAR AI’s control.
   7. “UK SCCs” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (available as of the Effective Date at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf).
2. Scope and Purposes of Processing. 
   
   1. The scope, nature, purposes, and duration of the processing, the types of Personal Data Processed, and the Data Subjects concerned are set forth in this DPA, including its Schedule A. The details provided in Schedule A are deemed to satisfy any requirement to provide such details under any Data Protection Law.
   2. NEAR AI will Process Personal Data solely: (1) to fulfill its obligations to Customer under these Terms, including this DPA; (2) on Customer’s behalf; and (3) in compliance with Data Protection Laws.  NEAR AI will not “sell” Personal Data (as such term in quotation marks is defined in applicable Data Protection Laws), “share” or Process Personal Data for purposes of “cross-context behavioral advertising” or “targeted advertising” (as such terms in quotation marks are defined in applicable Data Protection Laws), or otherwise Process Personal Data for any purpose other than for the specific purposes set forth herein or outside of the direct business relationship with Customer. For the avoidance of doubt, NEAR AI will Process Personal Data solely to provide the cloud processing services to Customer as set forth in these Terms, or as otherwise permitted by Data Protection Laws (for example, to comply with NEAR AI’s legal obligations). 
   3. NEAR AI will comply with any applicable restrictions under Data Protection Laws on combining the Personal Data with personal data that NEAR AI receives from, or on behalf of, another person or persons, or that NEAR AI collects from any interaction between it and any Data Subject;
   4. NEAR AI will provide the same level of protection for the Personal Data as is required under Data Protection Laws applicable to Customer.
   5. Customer retains the right, upon notice, to take reasonable steps to stop and remediate unauthorized use of Personal Data, including any use of Personal Data not expressly authorized in this DPA.
3. Personal Data Processing Requirements. NEAR AI will: 
   
   1. Ensure that the persons it authorizes to Process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. 
   2. Assist Customer in the fulfilment of Customer’s obligations to respond to verifiable requests by Data Subjects (or their lawful representatives) for exercising their rights under Data Protection Laws with respect to their Personal Data.
   3. Provide reasonable assistance to and cooperation with Customer for Customer’s consultation with regulatory authorities in relation to the Processing or proposed Processing of Personal Data, and notify Customer of (i) any third-party complaints regarding the Processing of Personal Data; or (ii) any government requests for access to or information about NEAR AI’s Processing of Personal Data on Customer’s behalf, unless prohibited by Data Protection Laws. NEAR AI will provide Customer with reasonable cooperation and assistance in relation to any such request. If NEAR AI is prohibited by applicable Data Protection Laws from disclosing the details of a government request to Customer, NEAR AI shall inform Customer that it can no longer comply with Customer’s instructions under this DPA without providing more details.
   4. Provide reasonable assistance to and cooperation with Customer for Customer’s performance of a data protection impact assessment of Processing or proposed Processing of Personal Data, when required by applicable Data Protection Laws, and at Customer’s reasonable expense.
   5. Notify Customer if it determines that (i) it can no longer meet its obligations under this DPA or applicable Data Protection Laws; or (ii) in its opinion, an instruction from Customer infringes applicable Data Protection Laws.
   6. NEAR AI certifies it understands its obligations under this DPA (including without limitation the restrictions under Sections 2 and 3) and that it will comply with them. 
4. Data Security. NEAR AI will implement appropriate administrative, technical, physical, and organizational measures to protect Personal Data, as set forth in Schedule A, Annex II.  
5. Security Breach. NEAR AI will notify Customer without undue delay of any known Security Breach resulting from NEAR AI’s Processing of Personal Data on behalf of Customer. NEAR AI will comply with the Security Breach-related obligations directly applicable to it under Data Protection Laws and will provide reasonable assistance to Customer in Customer’s compliance with its Security Breach-related obligations, including without limitation by:
   
   1. Taking commercially reasonable steps to mitigate the effects of the Security Breach and reduce the risk to Data Subjects whose Personal Data was involved; and
   2. Providing Customer with the following information, to the extent known: 
      
      1. The nature of the Security Breach, including, where possible, how the Security Breach occurred, the categories and approximate number of Data Subjects concerned, and the categories and approximate number of Personal Data records concerned.
      2. The likely consequences of the Security Breach; and
      3. Measures taken or proposed to be taken by NEAR AI to address the Security Breach, including, where appropriate, measures to mitigate its possible adverse effects.
6. Subprocessors. 
   
   1. Customer acknowledges and agrees that NEAR AI may use NEAR AI affiliates and other Subprocessors to Process Personal Data in accordance with the provisions within this DPA and Data Protection Laws. Where NEAR AI sub-contracts any of its rights or obligations concerning Personal Data, including to any affiliate, NEAR AI will take steps to select and retain Subprocessors that are capable of maintaining appropriate privacy and security measures to protect Personal Data consistent with applicable Data Protection Laws and require that each Subprocessor complies with obligations that are no less restrictive than those imposed on NEAR AI under this DPA.
   2. To the extent required by applicable Data Protection Laws, NEAR AI’s current list of Subprocessors are provided in Schedule B hereto, and Customer hereby consents to NEAR AI’s use of such Subprocessors. NEAR AI will maintain an up-to-date list of its Subprocessors, and it will provide Customer with reasonable prior notice of any new Subprocessor added to the list. In the event Customer has a commercially reasonable objection to a new Subprocessor, NEAR AI will use reasonable efforts to make available to Customer a change in the services or recommend a commercially reasonable change to Customer’s use of the services to avoid Processing of Personal Data by the objected-to Subprocessor. Customer may, in its sole discretion, terminate these Terms at any time and by providing written notice to NEAR AI in the event that it objects to a Subprocessor and NEAR AI is unable to offer reasonable changes the services to satisfy Customer.
7. Data Transfers.
   
   1. NEAR AI will not engage in any cross-border Processing of Personal Data, or transmit, directly or indirectly, any Personal Data to any country outside of the country from which such Personal Data was collected, without complying with applicable Data Protection Laws. Where NEAR AI engages in an onward transfer of Personal Data, NEAR AI shall ensure that a lawful data transfer mechanism is in place prior to transferring Personal Data from one country to another. 
   2. To the extent legally required, by signing this DPA, Customer and NEAR AI are deemed to have signed the EU SCCs, which form part of this DPA and (except as described in Section 7(c) and (d) below) will be deemed completed as follows:  
      
      1. Module 2 of the EU SCCs applies to transfers of Personal Data from Customer (as a controller) to NEAR AI (as a processor);
      2. Clause 7 (the optional docking clause) is included;
      3. Under Clause 9 (Use of subprocessors), the Parties select Option 2 (General written authorization). The initial list of subprocessors is set forth in Schedule B of this DPA and NEAR AI shall update that list and provide a notice to Customer in advance of any intended additions or replacements of subprocessors as provided in Section 6.
      4. Under Clause 11 (Redress), the optional language requiring that Data Subjects be permitted to lodge a complaint with an independent dispute resolution body shall not be deemed to be included;
      5. Under Clause 17 (Governing law), the Parties choose Option 1 (the law of an EU Member State that allows for third-Party beneficiary rights).  The Parties select the laws of Ireland;
      6. Under Clause 18 (Choice of forum and jurisdiction), the Parties select the courts of Ireland; 
      7. Annex I(A) and I(B) (List of Parties) is completed as set forth in Schedule A of this DPA; 
      8. Under Annex I(C) (Competent supervisory authority), the Parties shall follow the rules for identifying such authority under Clause 13 and, to the extent legally permissible, select the Irish Data Protection Commission.
      9. Annex II (Technical and organizational measures) is completed with Schedule A of this DPA; and
      10. Annex III (List of subprocessors) is not applicable as the Parties have chosen General Authorization under Clause 9. However, a list of NEAR AI’s subprocessors is available in Schedule B.
   3. With respect to Personal Data transferred from the United Kingdom for which United Kingdom law (and not the law in any European Economic Area jurisdiction or Switzerland) governs the international nature of the transfer, the UK SCCs form part of this DPA and takes precedence over the rest of this DPA as set forth in the UK SCCs. Undefined capitalized terms used in this provision shall mean the definitions in the UK SCCs. For purposes of the UK SCCs, they shall be deemed completed as follows:  (i) the Parties’ details shall be the Parties and their affiliates to the extent any of them is involved in such transfer; (ii) the Key Contacts shall be the contacts set forth in Schedule A; (iii) the Approved EU SCCs referenced in Table 2 shall be the EU SCCs as executed by the Parties; (iv) Annex 1A, 1B, II, and III shall be set forth in Schedules A and B below; (v) either Party may end this DPA as set out in Section 19 of the UK SCCs; and (vi) by entering into this DPA, the Parties are deemed to be signing the UK SCCs.
   4. For transfers of Personal Data that are subject to the FADP, the EU SCCs form part of this DPA as set forth in Section 7(b) of this DPA, but with the following differences to the extent required by the FADP: (i) references to the GDPR in the EU SCCs are to be understood as references to the FADP insofar as the data transfers are subject exclusively to the FADP and not to the GDPR; (ii) references to personal data in the EU SCCs also refer to data about identifiable legal entities until the entry into force of revisions to the FADP that eliminate this broader scope; (iii) the term “member state” in EU SCCs shall not be interpreted in such a way as to exclude Data Subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence (Switzerland) in accordance with Clause 18(c) of the EU SCCs; and (iv) the relevant supervisory authority is the Swiss Federal Data Protection and Information Commissioner (for transfers subject to the FADP and not the GDPR), or both such Commissioner and the supervisory authority identified in the EU SCCs (where the FADP and GDPR apply, respectively).

8. Audits. To the extent required by applicable Data Protection Law, NEAR AI shall make available all information necessary for Customer to confirm NEAR AI’s compliance with this DPA.  If Customer has a reasonable basis to conclude that such information provided by NEAR AI is not satisfactory to confirm such compliance, Customer may, at Customer’s sole expense, upon reasonable prior notice, conduct an audit during normal business hours and in a manner that does not disrupt NEAR AI’s business of those NEAR AI systems and records relevant to NEAR AI’s Processing of Personal Data on Customer’s behalf. Customer shall limit its exercise of audit rights to not more than once in any twelve (12) calendar month period, unless (i) required by instruction of a Supervisory Authority; or (ii) following a Security Breach.

9. Return or Destruction of Personal Data. Except to the extent required otherwise by Data Protection Laws, upon termination or expiry of these Terms, NEAR AI will (at Customer’s election and written request) delete or return all Personal Data in its possession or control as soon as reasonably practicable. Except to the extent prohibited by Data Protection Laws, NEAR AI will inform Customer if it is not able to return or delete the Personal Data.

10. General Terms.

1. The provisions of this DPA survive the termination or expiration of these Terms for so long as NEAR AI or its Subprocessors Process the Personal Data.
2. If there is a conflict between these Terms and this DPA, the terms of this DPA will prevail. In the event of a conflict between this DPA and the EU SCCs or UK SCCs, the terms of the EU SCCs or UK SCCs, as relevant, will control.
3. Any claims brought under this DPA shall be subject to the terms and conditions, including but not limited to, the exclusions and limitations, set forth in these Terms.

Schedule A

ANNEX I 

A. LIST OF PARTIES

Data exporter(s):   The exporter (Controller) is Customer and Customer’s contact details and signature are as provided in these Terms and the DPA.

Data importer(s):   The importer (Processor) is NEAR AI and NEAR AI’s contact details and signature are as provided in these Terms and the DPA. 

B. DESCRIPTION OF TRANSFER

Categories of data subjects whose personal data is transferred:  The Personal Data transferred concerns data subjects whose information Customer makes available through its use of the services under these Terms. 

Categories of personal data transferred: Any personal data provided by Customer to NEAR AI AI for NEAR AI AI to perform services under these Terms.

Sensitive data transferred (if applicable): N/A

The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis):  On a continuous basis as needed to provide the services to Customer.

Nature of the processing:  The nature of the Processing is set out in these Terms between the Parties.

Purpose(s) of the data transfer and further processing:  The purposes of the data transfer is to provide the services chosen by Customer in connection with these Terms.

The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period:  The data will be retained for the time period needed to accomplish the purposes of Processing, unless otherwise required by applicable law.

For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing:  Same as above to the extent that Personal Data is provided to Subprocessors for purposes of providing the services under these Terms to Customer.

C. COMPETENT SUPERVISORY AUTHORITY

Identify the competent supervisory authority/ies in accordance with Clause 13:  The data exporter’s competent supervisory authority will be determined in accordance with the GDPR, and where possible, will be the Irish Data Protection Commissioner.

ANNEX II – TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA

NEAR AI will implement and maintain the following administrative, technical, physical, and organizational security measures for the Processing of Personal Data:

Provider must maintain an effective Information Security Program (in line with industry standards such as ISO 27001, etc.) and security measures requirements while handling Personal Data and confidential information of the Disclosing Controller including but not limited to the below requirements. 

Security policies and procedures: Provider shall maintain a management approved documented Information Security Policy and an established security risk management process to continually assess and evaluate new security risk and manage them through adequate security controls or safeguards.

Confidentiality, Integrity and Availability: Provider shall maintain confidentiality, integrity and availability of the Personal Data disclosed to it by the Disclosing Controller by identifying assets that store, process or transmit such data and deploying adequate technical and organization measures such as, but not limited to, data encryption, physical and logical access control, strong password control, malware and content protection, security vulnerability assessment and patching, secure hardening, network/data segregation controls.

Vulnerability management: Wherever applicable, Provider must ensure that any software component (such as code or API) provided to Provider is free for any security vulnerability or issues and ensure security of data processed using such component. 

Incident Handling: In the event of a confirmed personal data breach (as defined by Applicable Data Protection Law), Provider must inform the Disclosing Controller about any impact to its Personal Data promptly and designate a security point of contact (POC) to interact and notify the Disclosing Controller on security matters.

Notification obligation: Any operational change that impacts the security of the Disclosing Controller’s Personal Data and confidential information or systems that handles such data must be notified to the Disclosing Controller without undue delay. 

Secure destruction of data: At the end of the Existing Agreement or as otherwise in accordance with Annex A – Description of Processing, on Disclosing Controller’s request, the Provider must destroy all Personal Data disclosed or authorized to be collected by the Disclosing Controller in a secure manner making the Personal Data un-readable and un-recoverable. If the Personal Data cannot be deleted, the Personal Data must be archived and protected from unauthorized access, modification, and disclosure until securely deleted. The Disclosing Controller at its discretion may request for a data destruction certification that includes method of data destruction used. 

Security risk management program relating to Third Parties: The Provider will ensure a similar level of security controls wherever the Personal Data disclosed or authorized to be collected by the Disclosing Controller is exchanged with a third party.

Encryption: To the extent the Personal Data disclosed by the Disclosing Controller includes sensitive data (as defined by Applicable Data Protection Laws), Provider will ensure that such Personal Data is encrypted at rest and in transit. 

Schedule B

NEAR AI SUBPROCESSORS

The Parties agree that the following list of Subprocessors are approved: