TERMS AND CONDITIONS FOR THE USE OF THE EASYLIENCE® SOFTWARE SUITE AND PLATFORM

1 – GENERAL PROVISIONS

These general terms of use apply in their entirety to any use of all or part of the easylience® Software Suite and its Platform.

They constitute essential and determining conditions and prevail over any general terms and any other documents emanating from a user or any third party, regardless of their terms. Therefore, any use of the easylience® Software Suite implies unreserved acceptance of these general terms of use.

The fact that NANOCODE does not invoke, at any given time, a prerogative recognized by these general terms shall not be interpreted as a waiver by it to subsequently invoke the corresponding prerogative.

Each provision of these general terms shall apply to the fullest extent permitted by law, and the invalidity of all or part of any clause shall not affect the remainder of that clause and all of the general terms.

2 – DEFINITIONS

Whenever they are used in the body of these general terms, the terms below shall have the following definition:

2.1. Subscriber(s)

Any client(s) who has/have subscribed to a subscription agreement with NANOCODE, for the purpose of using a Module of the easylience® Software Suite and its Platform by a determined number of Users.

2.2. Administrator(s)

Any user(s) of an easylience® Software Module, authorized by NANOCODE to create User Accounts for the benefit of Users under a subscription agreement signed by a Subscriber.

2.3. Client(s)

Any client(s) of NANOCODE.

2.4. Administrator Account(s)

Any account for accessing and using one or more Modules of the easylience® Software Suite and its Platform, activated for an Administrator.

2.5. User Account(s)

Any account for accessing and using one or more Modules of the easylience® Software Suite and its Platform, activated for a User.

2.6. Module / easylience® Module

Any current and/or future version of a module of the easylience® Software Suite published by NANOCODE.

2.7. Platform / easylience® Platform

The SaaS-based web platform at the address https://<Platform name>.easylience.com/, set up and made available by NANOCODE for Subscribers, their Administrators, and their Users, to enable them to use one or more Modules of the easylience® Software Suite and associated services from a computer or a mobile application.

2.8. easylience® Software Suite

Any current and/or future version of the crisis management software suite, published by NANOCODE under the name “easylience® Software Suite.”

2.9. User(s)

Any user(s) of an easylience® Software Module, authorized to connect to the relevant easylience® Platform by an Administrator under a subscription agreement signed by a Subscriber.

3 – APPLICABLE LAW – JURISDICTION

3.1. Any question relating to these General Terms shall be governed by French law.

3.2. In the event of a dispute, any disagreement relating to these general terms, as well as to the conditions for using the easylience® Software Suite and its Platform, shall be under the exclusive jurisdiction of the Commercial Court (Tribunal de Commerce) in the district of NANOCODE’s registered office, even in the event of expedited proceedings, third-party claims, incidental claims, or multiple defendants.

4 – CHARACTERISTICS OF THE PLATFORM

Any User may, prior to subscribing to an Administrator Account or a User Account, review on the website at https://<Platform name>.easylience.com the essential characteristics of the easylience® Software Suite and its Platform that he/she wishes to use.

The photographs, graphics, and descriptions of the easylience® Software Suite and its Platform are for informational purposes only and do not in any way bind NANOCODE.

5 – USER ACCOUNT

Any use of the easylience® Software Suite requires the prior activation of a User Account or Administrator Account, authorized under a Subscription Agreement.

Each User Account or Administrator Account is personal and non-transferable.

6 – DURATION OF USE

The duration of use of the easylience® Software Suite and its Platform is limited to the opening and validity period of the corresponding Administrator Account or User Account, within the limits of the term of the corresponding Subscription Agreement.

7 – TERMS FOR MAKING THE PLATFORM AVAILABLE

The NANOCODE Platform is made available to Subscribers as well as to their Administrators and Users, from the website at https://<Platform name>.easylience.com, by means of access and usage codes.

7.1. Prerequisites

To use the NANOCODE Platform, every User must, at their own expense, have an Internet access subscription and ensure that their computer hardware configuration is adequate and compatible.

7.2. Scope of services

For every User Account opened, NANOCODE’s services include, under the conditions described in these general terms: rights to use the Platform as well as Platform updates, hosting, daily backups, confidentiality of User data, and the various tools provided by NANOCODE to use the service.

7.3. Access and usage codes

Once the subscription agreement is validated, NANOCODE provides the Subscriber with a login ID intended for the designated Administrator (with an email address and a phone number) who alone generates the passwords according to the number of declared Users, so they can access and use the licensed Modules of the relevant Platform.

Users are responsible for the use of the login IDs and passwords that are assigned or generated for them, as well as for any actions performed under the corresponding User Accounts.

Each User undertakes to ensure compliance with the provisions of this article. The User shall immediately inform the Subscriber of any fraudulent use of an account of which he/she becomes aware, so that the Subscriber can in turn immediately inform NANOCODE.

7.4. Platform access

The easylience® Platform and its services are reserved solely for Subscribers and the corresponding authorized Administrators and Users.

The Platform and its services are accessible 24 hours a day, 7 days a week, subject to suspensions due in particular to failures, malfunctions, or paralysis of the network, the system and/or the means of communication, as well as maintenance and corrections required for updating and the proper functioning of the Site.

Each Subscriber, each Administrator, and each User is solely responsible for implementing the computer and telecommunications means allowing access to the website at https://<Platform name>.easylience.com/.

The Subscriber, its Administrators, and its Users bear the telecommunication costs for Internet access and use of the Platform.

7.5. Hosting

NANOCODE undertakes to perform or have performed the hosting of its Platform and the usage space allocated to the Subscriber.

NANOCODE undertakes to implement effective controls to verify, with reasonable assurance:

– that the Subscriber, its Administrators, and its Users can access and use the Platform under normal conditions identical to those set out in these general terms;

– the proper handling of the data entrusted to it without any risk of omission, alteration, distortion, or any other form of anomaly that could compromise the integrity of results generated by the applications.

NANOCODE also undertakes to implement effective controls to prevent, with assurance consistent with industry standards, any physical or electronic unauthorized access to the operating system and its applications, as well as to the confidential information of Subscribers, their Administrators, and their Users.

In this regard, NANOCODE undertakes to ensure that the Platform offers all security conditions and measures, in accordance with industry standards. The personal data of the Subscriber, Administrators, and Users will be stored on secure equipment, in compliance with technical standards that meet industry best practices.

However, the Subscriber acknowledges that the current Internet transmission protocols do not allow for the guaranteed continuous proper receipt of messages, nor the integrity of transmitted documents or the identity of the sender. Consequently, NANOCODE shall not be held liable in the event of improper transmission due to a failure or malfunction of these transmission networks.

Furthermore, NANOCODE shall not be held liable in the event of interruptions or operational difficulties beyond the control of NANOCODE or its subcontractors, particularly in the event of electricity or telecommunications service interruptions, technical failures caused by malicious acts (hacker attacks, etc.).

Each User is prohibited from any intrusion or attempted intrusion activity originating from the server.

7.6. Reversibility

NANOCODE undertakes to ensure the reversibility of data uploaded to the Platform by the Subscriber, its Administrators, and its Users, in an exploitable format. Any specific request from the Client will be subject to additional charges.

8 – SCOPE OF THE GRANTED USAGE RIGHTS

8.1. For each subscription agreement, NANOCODE grants the Subscriber the non-exclusive, non-transferable, and personal right to use the Platform:

– solely for the personal and internal needs of the Subscriber;

– only for the declared Administrators and/or Users;

– and for the period specified by the relevant subscription agreement.

8.2. Generally, and unless otherwise agreed in writing by NANOCODE, the Subscriber, its Administrators, and Users shall use the Platform in accordance with the general terms of use as published by NANOCODE.

8.3. Unless otherwise agreed in writing by NANOCODE, the Subscriber, its Administrators, and its Users shall refrain from any type of use not expressly authorized by these General Terms.

8.4. In particular, Subscribers, Administrators, and Users shall refrain from:

– displaying, sending, uploading, and/or transmitting by email or any other means any content:

o contrary to public order, morality, or of an abusive, defamatory, racist, xenophobic, revisionist nature, or harming the honor or reputation of others;

o inciting hatred or discrimination against a person or a group of persons because of their gender, origin, or their membership or non-membership of a particular ethnic group, nation, race, or religion;

o threatening an individual or a group of persons;

o that is inappropriate given its recipients;

o of a pornographic, pedophile, or zoophile nature;

o inciting the commission of an offense, violent acts, a crime, or an act of terrorism, or praising war crimes or crimes against humanity, or inciting suicide;

o violating the private nature of correspondence;

o that is misleading or does not conform to reality;

o containing computer viruses or any other code, file, or program designed to interrupt, destroy, or limit the functionality of any software, computer, or telecommunications tool, without this list being exhaustive;

o enabling third parties to directly or indirectly obtain pirated software, software serial numbers, software enabling hacking or intrusion into computer and telecommunications systems, viruses, and, more generally, any software or other tools enabling infringement of the rights of others or jeopardizing the security of persons and property;

o or, generally, that is contrary to the laws in force in France;

– disturbing the normal flow of conversation, speeding up the scrolling speed of the screen in such a way that Subscribers, Administrators, or Users cannot follow and type their conversation, or performing any other disruptive action having a similar effect impeding the ability of Subscribers, Administrators, or Users to communicate in real time;

– hindering or disrupting the Platform’s services, servers, or networks connected to the Services, or refusing to comply with the requirements, procedures, general rules, or regulatory provisions applicable to networks connected to the Services;

– using the Platform in any way that could, in any manner whatsoever:

o infringe on the rights and interests of third parties;

o render unusable, overload, or damage the Platform and/or its services;

o harm and prevent normal use and enjoyment of the Platform by other Subscribers, Administrators, or Users;

– attempting to mislead NANOCODE by impersonating the name or business name of other persons;

– forging headers or manipulating identifiers in any other manner to conceal the origin of the content transmitted via the Platform;

– reproducing, copying, reselling, or exploiting for any commercial purpose, in whole or in part, any of the Services, any use of the Services, or any right of access to the Services;

– violating, intentionally or not, any national or international law or regulation in force.

8.5. It is recalled that the easylience® Software Suite and its Platform are not intended to be used as a messaging tool outside the context of crisis management; the Subscriber, its Administrators, and its Users undertake to use the messaging tools of the easylience® Software Suite and Platform solely for the purposes of such crisis management.

8.6. Subscribers, Administrators, and Users are solely and fully responsible for the content they display, send, upload and/or transmit, by email or otherwise, on the Platform. NANOCODE shall not be held liable in this regard.

8.7. The Subscriber undertakes to ensure compliance with the provisions of this article by all its Administrators and Users.

8.8. The Subscriber agrees to allow representatives or any other agent of NANOCODE to verify that the Platform is being used in accordance with the clauses and terms of these General Terms and any special conditions.

8.9. Generally, in the event of non-compliance by a Subscriber with any of the obligations incumbent upon it under these General Terms or any other specific contractual stipulation applicable to it, the corresponding rights of use may be immediately and automatically suspended and/or terminated, upon simple notice.

9 – INTELLECTUAL PROPERTY – OWNERSHIP OF DATA

These General Terms and the licenses they govern do not grant the Subscriber, its Administrators, or its Users any title or ownership right to NANOCODE’s easylience® Software Modules or the corresponding Platform, which remain the exclusive property of NANOCODE regardless of the form, language, medium of the programs, or language used.

Consequently, Subscribers, Administrators, and Users shall refrain from any act likely to infringe this ownership right.

The Subscriber, its Administrators, and its Users expressly undertake not to assign, exchange, lend, or otherwise grant to a third party, even free of charge, any usage right conferred by NANOCODE.

The Subscriber, its Administrators, and its Users further agree to take all necessary measures, including security measures, with respect to their personnel and any third party on their premises, to ensure compliance with NANOCODE’s ownership right in its Software.

10 – COOPERATION – INFORMATION

Each User agrees to cooperate with NANOCODE and/or its subcontractors and to provide them with the information and/or documents necessary for the performance of the services.

11 – TIMEFRAME FOR PERFORMANCE AND DELIVERY

NANOCODE shall perform its services or make deliveries within the timeframe specified in the relevant special conditions. However, these timeframes are provided for information purposes only and any failure to meet them shall not under any circumstances give rise to cancellation of the order or the payment of damages. In any event, the Subscriber cannot complain about any delay in performance if it is not current in fulfilling its obligations to NANOCODE, particularly with regard to payment, or if NANOCODE has not received in due time the information necessary for the execution of the corresponding services.

It is specified that no contract can start to be performed until the Subscriber has paid any agreed-upon deposit.

12 – WARRANTIES

12.1. The easylience® Software Suite and its Platform made available by NANOCODE comply with the French legislation in force.

Therefore, in the event of using the NANOCODE Platform outside French territory, it is the responsibility of the Subscriber and the User to ensure beforehand that the easylience® Software Suite does not contravene local standards.

13 – LIABILITY

13.1. NANOCODE undertakes to fulfill the obligations incumbent upon it with all due care in its profession and to comply with the applicable industry standards. Nonetheless, it is expressly specified that NANOCODE is only bound by a best-efforts (obligation de moyens) commitment, not by an obligation of result.

13.2. In any event, Subscribers, their Administrators, and their Users shall use NANOCODE’s easylience® Software Modules under their sole direction, control, and responsibility.

13.3. NANOCODE may not be held liable for damages resulting from:

– the Subscriber’s and/or its Administrators’ and/or its Users’ failure to perform or improper performance of the obligations incumbent upon them under these General Terms and the special conditions;

– improper use of all or part of the NANOCODE Solution by the Subscriber and/or its Administrators and/or its Users;

– any malfunction of all or part of the NANOCODE Solution that:

o would be caused by modifications made to any of the components of the NANOCODE Solution and/or hardware functioning with said NANOCODE Solution, by the Subscriber or any third party not authorized by NANOCODE;

o is not attributable to the NANOCODE Solution.

13.4. Furthermore, NANOCODE shall not be liable for the suitability of the NANOCODE Solution to the needs of the Subscriber, its Administrators, and its Users (which falls under the Subscriber’s own responsibility).

13.5. It is the Subscriber’s responsibility to carry out, under its own responsibility, all regular and customary backups of all data processed directly or indirectly for the NANOCODE Solution.

13.6. NANOCODE shall not be liable for unforeseeable damages, nor for indirect and/or immaterial damages such as, in particular, lost profits, financial losses, business losses, loss of clientele, or loss of orders, resulting from the use of the NANOCODE Solution.

13.7. Under no circumstances may NANOCODE be held liable for making a Beta Test version of the NANOCODE Solution available free of charge.

14 – FORCE MAJEURE

Events of force majeure with regard to NANOCODE’s obligations include those cases defined by Article 1218 of the French Civil Code, and more generally cases of war, explosion, vandalism, riots, civil unrest, acts of terrorism, machine breakage, fire, storm, water damage, total or partial strikes, acts of government, legislative or regulatory provisions, blockages and failures in electricity or telecommunications services, blockages and failures of IT networks (including switched networks of telecommunications operators), failures of the public electricity distribution network, Internet connectivity losses, likely to delay or prevent NANOCODE’s fulfillment of its commitments.

15 – DATA PROCESSING AND LIBERTIES

15.1 – Processing of personal data by NANOCODE in the context of its commercial relationship with its Clients

NANOCODE implements personal data processing.

The legal bases for the personal data processing carried out are:

– The legitimate interest pursued by NANOCODE when it pursues the following purposes:

· prospecting and communication;

· managing the relationship with its clients and prospects;

· organizing, registering, and inviting individuals to NANOCODE events;

– The execution of pre-contractual measures or of Subscription Agreements or contracts, when it implements processing for the purpose of:

· producing, managing, and monitoring client files;

· collection of payments;

· functions of the easylience® Software Suite and assistance obligations to Users;

– Compliance with legal and regulatory obligations, when it implements processing for the purpose of:

· invoicing;

· accounting.

NANOCODE only retains the data for the duration necessary for the operations for which it was collected, in compliance with the regulations in force.

In this regard, clients’ data are kept for the duration of the contractual relationship plus 3 years for promotional and prospecting purposes, without prejudice to any retention obligations or limitation periods.

For accounting purposes, data are kept for 10 years from the end of the relevant accounting period.

Prospects’ data are normally kept for a maximum period of 3 years if they do not participate in or register for NANOCODE events.

The data processed are intended for the personnel authorized by NANOCODE, as well as its IT service providers.

In accordance with the French Data Protection Act (Informatique et Libertés) and the European General Data Protection Regulation, individuals have the right to access the data concerning them, request rectification, raise inquiries, request restriction or portability, and request erasure of these data.

Individuals whose data are processed also have the right to object at any time, for reasons relating to their particular situation, to the processing of their personal data where the legal basis is NANOCODE’s legitimate interest, and they have the right to object to commercial prospecting.

They also have the right to define general or specific instructions regarding how the rights mentioned above shall be exercised after their death, either by email to contact@easylience.com or by postal mail to the following address, accompanied by a copy of a signed ID document: NANOCODE, Digital Square, 1137 A avenue des Champs Blancs – 35510 CESSON-SEVIGNE (France).

Individuals have the right to lodge a complaint with the CNIL (French data protection authority).

15.2 – Processing of personal data by NANOCODE in connection with and in the course of its Services OR BY MEANS OF THE EASYLIENCE® SOFTWARE SUITE

15.2.1. General Provisions

As part of performing its services, NANOCODE may be required to import and process, for a short period, personal data on behalf of the Client to characterize the data necessary for the operation of the NANOCODE Solution in the context of the Client’s corresponding Subscription.

In this case:

– the Client alone shall have the status of “Data Controller” (Responsable) within the meaning of Article 3-I of the French Data Protection Act of January 6, 1978, regarding the personal data collected or used by NANOCODE;

– NANOCODE shall only act as a “Processor” (Sous-traitant) within the meaning of Article 35 of the French Data Protection Act of January 6, 1978, acting on behalf of the Client and under the Client’s instructions, and shall in particular take all necessary measures regarding the protection of data security and confidentiality in compliance with the regulations in force.

In this respect, NANOCODE and the Client mutually warrant that they will comply with (i) Law No. 78-17 of January 6, 1978 relating to data processing, files, and freedoms, (ii) Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR), as of its effective date on May 25, 2018, and (iii) any other national legislative or regulatory provision in force throughout the term of the Agreement.

NANOCODE and the Client shall also assist one another to demonstrate that they have effectively complied with these legal and/or regulatory provisions.

15.2.2. NANOCODE’s obligations as “Processor”

15.2.2.1. General Obligations

NANOCODE guarantees that it has the technical and organizational skills necessary to carry out the personal data processing entrusted to it by the Client, in compliance with the obligations set forth in this article and solely within the scope and under the conditions defined by the contract binding it to the Client.

In this regard, NANOCODE undertakes to:

– process the data solely for the purpose(s) specified by the Client, namely the characterization of the data necessary for the operation of the Solution within the framework of the Client’s corresponding Subscription;

– refrain from any processing or use of the data that does not comply with the Client’s written instructions and/or is unrelated to the performance of the contract binding it to the Client;

– not make any use, including commercial use, of the personal data transmitted or collected in the course of performing the contract binding it to the Client, on its own behalf or on behalf of third parties, except for statistical purposes;

NANOCODE also undertakes, under the conditions described below:

– to take into account, with regard to its tools, products, applications, or services, data protection principles by design and by default;

– to promptly inform the Client of any request made directly to it by the persons concerned by the personal data processed, and more generally of any event affecting the processing of personal data;

– to guarantee the confidentiality of the personal data processed in the course of its Services;

– to ensure that the individuals authorized to process the personal data for the performance of the contract binding it to the Client:

· commit to confidentiality or are subject to an appropriate legal confidentiality obligation;

· receive the necessary training regarding the protection of personal data.

15.2.2.2. Security and confidentiality of personal data

NANOCODE shall take all necessary measures to preserve the integrity, availability, and confidentiality of personal data that it processes on behalf of the Client in the context of its Services. To this end, NANOCODE undertakes to implement technical and organizational measures that, taking into account the state of industry best practices, ensure a level of security and confidentiality appropriate to the risks arising from the processing and the nature of the personal data processed.

In particular, NANOCODE undertakes to:

– store and process the personal data of the Client and/or those collected by the Client separately from its own data or data of other clients or providers;

– protect the personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, or unauthorized access;

– take the measures necessary to ensure the reliability of its employees who have access to the personal data.

15.2.2.3. Subcontracting

NANOCODE may engage any second-tier subcontractor to perform specific processing activities, which the Client hereby accepts. In such cases, NANOCODE will inform the Client in advance and in writing of any planned change regarding the addition or replacement of subcontractors. This information shall clearly indicate the processing activities being subcontracted, the identity and contact details of the subcontractors, and the dates of the subcontracting agreements.

Any NANOCODE subcontractor shall be required to respect the obligations set out in this article on behalf of and according to the instructions of the Client. It is NANOCODE’s responsibility to ensure that its subcontractors provide sufficient guarantees regarding the implementation of appropriate technical and organizational measures so that the processing meets the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016. If a subcontractor fails to meet its data protection obligations, NANOCODE shall remain fully liable to the Client for the performance by that subcontractor of its obligations.

15.2.2.4. Data disposition

Upon termination of the contract binding it to the Client, NANOCODE undertakes, according to the Client’s instructions and within the time periods indicated by the Client, to return or destroy all personal data processed on the Client’s behalf, whether electronically or manually, unless European Union law or French law requires the continued retention of the personal data. NANOCODE shall also return all data, records, or manual files in its possession to the Client.

Any return of data must be accompanied by the destruction of all existing copies in NANOCODE’s information systems, and NANOCODE must certify such destruction in writing.

More generally, in the event of data destruction, NANOCODE shall produce a destruction report.

15.2.2.5. Data Protection Officer

NANOCODE shall provide the Client with the name and contact information of its Data Protection Officer.

15.2.2.6. Record of categories of processing activities

NANOCODE shall be responsible for maintaining its own record of personal data processing activities, ensuring that it records all categories of processing performed on behalf of the Client.

Accordingly, this record shall include:

– the name and contact details of the Client on whose behalf it acts, of any subcontractors, and of its Data Protection Officer;

– the categories of processing performed on behalf of the Client;

– where applicable, any transfers of personal data to a third country or to an international organization, including identifying that third country or international organization, and, in the case of transfers referred to in Article 49(1), second subparagraph of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, the documentation demonstrating the existence of appropriate safeguards;

– where possible, a general description of the technical and organizational security measures, including, among others, as necessary:

· the encryption of personal data;

· methods to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;

· methods to restore the availability of and access to personal data in a timely manner in the event of a physical or technical incident;

· a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures to ensure the security of processing (following a security assurance plan).

NANOCODE shall permit the supervisory authority to examine this record upon simple request.

15.2.2.7. Documentation

NANOCODE shall make available to the Client the information and documentation necessary to demonstrate compliance with all its obligations and to enable the Client or another auditor appointed by it to conduct audits, including inspections, and shall contribute to such audits.

15.2.2.8. Audit

If the Client so wishes, it may carry out an audit, both during the performance of the Contract and after its completion, directly or through an independent external subcontractor (who is not a direct competitor of NANOCODE), to verify NANOCODE’s compliance with its obligations under this article, and also to respond to any request by the CNIL or a judicial or administrative authority.

The Client shall provide NANOCODE with at least two months’ written notice of any intended audit, specifying the audit date and the names and contact details of the persons in charge of the audit. NANOCODE may not refuse the persons designated to carry out the audit without legitimate grounds. In the event of refusal, the Parties shall meet to agree on the appointment of an auditor. Any dispute shall be brought before the competent courts.

NANOCODE shall cooperate in good faith with the auditor and shall provide all information, documents, or explanations necessary for conducting the audit, allowing access to all sites, IT installations, tools, and resources used by NANOCODE to provide the services.

If the audit reveals any breaches of NANOCODE’s obligations, NANOCODE expressly undertakes, at its own expense, to implement any necessary corrective measures within ninety (90) days following notification of such breaches and to provide written evidence to the Client.

15.2.3. Specific obligations of the User

Generally, the User shall be solely responsible for fulfilling all of its own obligations as a data controller of personal data.