DPO -
Data Protection Officer

Contract for the creation of a client database and SaaS license and associated services

PREAMBLE

The following has been previously stated: :

The Client is a company that provides a service or sells a product to all professionals, regardless of their size.

Magileads provider of a platform , available in SaaS mode (applications hosted on its servers in France and accessible remotely via the Internet by its clients), including tools to build a global database of professionals through the client's social media accounts.

The Provider acknowledges having received from the Client all the information necessary to assess the Client's needs and constraints and its environment before confirming its ability to provide a solution and associated services meeting said needs and constraints.

Both Parties expressly agree to collaborate and exchange all information necessary for the performance of the Contract. Furthermore, in its capacity as a marketing professional and within the framework of its advisory obligation, the Service Provider will provide the Client with all recommendations necessary to optimize its choices and to address any new needs that may arise from the Client in relation to the subject matter of this Agreement.

It is in this spirit, and after a phase of negotiation, that the Parties have agreed on the terms and conditions of this contract.

HAVING SET FORTH THESE POINTS, IT HAS BEEN AGREED AS FOLLOWS:

1.  DEFINITIONS

 Terms beginning with a capital letter in the Contract, whether used in the singular or plural, shall have the meaning given to them below.

Client refers to the legal entity signing this Agreement and using the Solution under this Agreement.

MAGILEADS tools enable acquisition prospecting from databases containing personal information of B2B professional contacts, collected via the client's accounts on platforms such as LinkedIn or Google Maps.

Documentation refers to the user and operational documentation for the Solution, including updates throughout the term of the Contract. Documentation is provided in paper and electronic format, in French and/or English. The Client may freely copy the Documentation for its internal needs and disclose it to any third party using the Solution on behalf of the Client, provided they are bound by a confidentiality agreement.

Personal data refers to any data which allows, in any form whatsoever, directly or indirectly, the identification of the natural persons to whom it applies, whether the processing is carried out by a natural or legal person.

Operating Environment refers to the equipment and operating systems as prerequisites necessary to enable Users to access, and use, the Solution.

Identifiers refer to both the User's own identifier (“login”) and their login password (“password”), allowing them to access the Solution.

Incident means any design or conformity defect of the Solution and/or malfunction of any of the Services provided under the Contract, such as bug, error, failure, inadequacy or regression of performance, manifested in particular by difficulties in the operation of the Solution and/or access to the Solution, and/or errors in processing.

Service Levels refer to the minimum expected performance of the Solution and Services such as response time, availability, etc., as well as the response and correction times for Incidents.

Services/Deliverables refers to all services provided in SaaS mode by the Provider under this Agreement.

The Solution refers to the lead generation and acquisition platform, available in SaaS mode (applications hosted on its servers and accessible remotely via the internet by its clients), including the provision of database creation tools via the client's social media accounts. The Solution includes all updates and new versions of the Solution and any updates to the database created by the client.

Specifications refers to the functional and technical specifications of the Solution as described, in descending order of priority, in (i) the Solution presentation and (ii) the Documentation.

Information System refers to an organized set of resources composed in particular of all facilities, physical assets, computers and their peripherals, software, data storage devices, network equipment and backup facilities, which allows among other things the collection, grouping, clarification, backup, processing and dissemination of information, including telephony and videoconferencing services:

• whether or not it is the property of that Party,
• whether or not it is managed by a third-party service provider and which is used to provide the concerned Party with hosted IT services, facilities and applications or to ensure the processing, maintenance, hosting or storage of the concerned Party's IT data, under a contract concluded with the latter for the provision of these services.

And more generally, any system (internal or external) necessary for the proper functioning of the information systems of the Party concerned (such as air conditioning, power supply,).

User means any person (agent, permanent or temporary employee, consultant, external service provider, etc.) authorized by the Client to access and use the Solution and Services on behalf of the Client under the terms of the Contract.

2. OBJECT

 The purpose of the Contract is to define the terms and conditions under which the Provider makes the Solution available to the Client and, in this respect, grants Users a right to use the Solution and provides the associated Services.

3. CONTRACTUAL DOCUMENTS

 The Contract consists of the following contractual documents, presented in descending hierarchical order of legal value: (i) this document (including its preamble).

In the event of any conflict between one or more provisions in any of these documents, the higher-ranking document shall prevail, unless expressly stated otherwise. This Agreement supersedes the previously issued General Terms and Conditions. The Agreement may only be modified by a written amendment signed by the representatives of the Parties.

4. PERFORMANCE OF SERVICES

4.1 Nature of the Provider's Obligation

The Provider undertakes, under a results commitment, to perform the Services described on its SaaS platform of sales prospecting tools on https://application.magileads.io/ .

In this capacity, the Provider will allocate to the Services the material and human resources enabling it to provide the Services in compliance with its commitments under the Contract and the price of the Services.

The Provider also undertakes to always act loyally towards the Client and to provide him, throughout the duration of the Contract, in his capacity as a professional SaaS provider, with all the advice and warnings necessary for the proper operation and optimization of this type of solution, including on the limits of the Solution (for example, in terms of functionalities or volume).

4.2 Content of the Services

The Provider agrees to perform the following Services: Provision of a SaaS digital prospecting platform including a B2B database, an email sending server, a LinkedIn connection automation service, an email + LinkedIn action automation module, comprehensive statistics of interactions with prospects, and access to a PMR (Personally Responsible Mobility) system

• unlimited access to our B2B contact list building tools, contact function, email, LinkedIn automation, SMS, VMS, and Display automation and statistical analysis, PRM (with the possibility of connecting via API to your CRM)
• Automatic recognition of AIRCALL, RINGOVER… via the contact's phone number in the Magileads PRM
• Access to tools for creating global B2B data lists, including information from platforms such as LinkedIn or Google Maps, retrieved via the client's social media accounts.
• Integration of your SMTP client accounts + your LinkedIn accounts + Google
• Daily capacity of 200 LinkedIn interactions: 1 interaction = 1 invitation or a message sent or a visit to the prospect's profile depending on the limitations of your LinkedIn or Sales Navigator account.
• Access to our global email routing infrastructure
• Unlimited Campaign Management
• Assistance from a Magileads project manager for setting up the Magileads account
• Centralized multi-user administration
• Magileads solution available as a white-label solution customized with your branding

4.3 Quality of Services

• Compliance with Service Levels

 The Provider undertakes to respect, within the framework of the provision of the Services, the Service Levels as defined between the Parties on the price page https://r.mlurl.fr/HS6392 , in order to ensure in particular the quality and continuity of the Services and the availability of the Solution and the client's Database.

This specification is expressed in terms of defined and quantified results in the form of service indicators. Each indicator is associated with an objective and measurable value, agreed upon by the Parties, which represents the level of performance expected by the Client. Discrepancies between the target values ​​and actual results are measured. When these measurements reveal a failure by the Provider to meet the required Service Levels, the Provider will be penalized.

In order to enable the Client to control the Service Level measurements carried out, as well as the relevance of the indicators used, the Provider undertakes to make available to the Client, according to the terms agreed between the Parties, the necessary measurement and monitoring tools such as dashboards and activity reports.

4.3.2 Evolution of Service Levels and Update of Indicators

Based on the Service Level measurements performed, the Provider shall propose and implement corrective action plans necessary to meet and continuously improve the Service Levels. The Service Levels may also be revised within the governance framework if, during the provision of the Services, they prove inadequate or irrelevant to the Client's needs.

Following an evolution of Service Levels or in the event that an indicator proves to be irrelevant, the Parties agree to update the list of different indicators within the framework of governance, in order to clarify and refine the calculation methods, enrich the reporting system and adapt the indicators to the evolutions of the Solution and to the needs and constraints of the Client.

5. GUARANTEES

 5.1 Guarantees by the Provider

The Provider guarantees, for the entire duration of the Contract:

• the conformity of the Solution and the client's database to the laws and regulations in force applicable to the functional area of ​​the Solution, as well as their evolution;

• the availability of access to the Solution and the tools for building the client's databases via the client's social media accounts;

• the physical and logical security of the Solution and the client's database and the preservation of the integrity and confidentiality of the personal data comprising the client's database;

• the provision of Services in compliance with Service Level commitments;

• to remedy, as soon as possible and at no extra cost, any malfunction or anomaly affecting the Solution.

5.2 Guarantees by the Customer

The Client guarantees, for the entire duration of the Contract:

• Use the Solution in accordance with the Documentation provided by the Provider
• Communicate the information requested or necessary for the performance of the Services;
• Do not use the Solution to distribute content that would be contrary to public order and morality or any illegal, threatening, abusive, defamatory, obscene, pornographic, blasphemous or otherwise objectionable information, including, but not limited to, any transmission constituting or encouraging what would constitute a criminal offense, involve civil liability, or otherwise violate any French law.

6. INTELLECTUAL PROPERTY

 6.1 Solution Usage License

The Provider is and remains the owner of the intellectual property rights relating to the Solution made available to the Client and its Users, on which it grants the Client and its Users a license to use under the terms defined below.

The Provider grants the Client and Users, on a non-exclusive basis, worldwide and for the duration of this Agreement, the right to access and use the Solution for its internal needs, via the User Credentials provided to the Users, in consideration of the price of the Services, without any limitation whatsoever, whether in terms of the number of Users or simultaneous connections, unless such limitations are expressly stipulated as a metric for calculating the price of the Services. Any other limitation not expressly provided for in this Agreement shall not be enforceable against the Client in connection with its use of the Solution.

The right of use means the right to represent and display the Solution and to remotely execute all or part of the functionalities of the Solution in accordance with its purpose, in SaaS mode via a connection to an electronic communications network.

The Client may authorize any third party to access and use the Solution as a User, provided that this third party has been entrusted by the Client with the performance of tasks, on behalf of the Client and requiring access to and/or use of the Solution, subject to the fact that this third party is bound by a confidentiality agreement and complies with the terms of this license.

Generally, Users are designated by the Client, without any right of oversight on the part of the Provider or any particular obligation on the part of the Client to notify the Provider of the Users authorized by the Client to access and/or use the Solution, provided that the use of the Solution is carried out in accordance with the license granted under the Contract.

No rights other than those expressly provided for in this article are granted to the Client and its Users. In particular, the Client is prohibited from selling, renting, lending, or sharing the Solution or from acting as a service bureau or commercial SaaS provider.

6.2 Know-how

The Parties retain ownership of their respective know-how, techniques, concepts, methodologies and experience acquired during the execution of the Contract or otherwise.

6.3 Warranty against eviction

The Provider guarantees the Client peaceful enjoyment of the Solution and declares that the Solution does not infringe in whole or in part any rights that may be claimed by third parties (including, but not limited to, copyright, patents, trademarks and trade secrets).

In this capacity, the Provider undertakes to defend the Client against any real or alleged claim by third parties, both in France and abroad, relating to the Solution and to indemnify the Client against all consequences resulting from such action (including, but not limited to, procedural costs, lawyers' fees, court costs and damages to which it may be ordered to pay).

Notwithstanding the foregoing provisions, if the Provider is compelled, due to a third-party claim against it or the Client, to modify and/or remove all or part of the Solution, the Provider shall offer and provide the Client, at its own expense, equivalent and substitute elements to the Solution, in compliance with the Specifications, Service Levels, and security and confidentiality levels defined in Appendix 1 of this Agreement (see below). Failing this, the Client may terminate the Agreement without any compensation whatsoever to the Provider, and the Provider shall reimburse the Client for any sums paid in advance, prorated to the unused portion of the Agreement term.

7. DATA

 7.1 Ownership of Customer Data

Magileads does not create or maintain any databases. The Client is the sole owner of the data they collect from their social media accounts and organize using the tools provided by Magileads. This data comes directly from the Client's social media accounts or from other external sources of their choosing. The Client may also import their contact lists, provided they ensure these lists comply with applicable legislation.

7.2 Customer Data Security

In accordance with its commitments, Magileads undertakes to provide secure tools enabling the Client to manage their Data safely. Magileads implements appropriate technical and organizational measures to protect Personal Data processed through its tools against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, or access. However, the Client remains responsible for the management and protection of Data stored and administered through Magileads' tools. All data is hosted in France.

7.3 Personal Data

The Parties acknowledge having full and complete knowledge of the obligations arising from Regulation (EU) 206/79 of the European Parliament and of the Council of 27 April 2016 which entered into force on 25 May 2018 (hereinafter the “European Regulation”) and transposed into French law by Law No. 2018-493 of 20 June 2018 relating to the protection of Personal Data and any other applicable regulations in this area which apply to them in their respective capacity as data controllers for the operations which they carry out, in complete independence, each in the course of their own activity.

MAGILEADS is responsible for processing the activities carried out in the context of the management, development, maintenance and hosting of the Solution (management of objections, information of referenced persons, functionality allowing the Client to cross-reference its repellent list with the databases created or imported by the client, etc.).

The Client is responsible for processing commercial prospecting activities carried out from the solution with the persons referenced in the client's database.

7.3.1. Obligations of the Parties

Each Party shall take, within its respective area of ​​responsibility, all measures necessary to ensure compliance with the European Regulation and any other applicable regulations, and undertakes in particular to:

• To process personal data in accordance with the principles and obligations of the European Regulation and any other applicable regulations;

• Include in the processing register the activities carried out under his/her responsibility;

• Without prejudice to any other obligation arising from this Contract, comply with Article 28 of the European Regulation relating to the use of subcontractors. Each Party remains responsible for the processing activities carried out by a subcontractor;

• Complete the required formalities with the competent national data protection authority, in particular consult the authority when the privacy impact assessment carried out reveals that the envisaged processing is likely to result in a high risk to the rights and freedoms of the persons concerned;

• To determine the necessary retention period(s) for the personal data processed, according to their purpose, and to determine the methods of archiving or erasure at the expiry of these periods;

• Ensure that information notices intended for data subjects are made easily accessible and understandable to them and that these notices include the categories required by the European Regulation and any other applicable regulations in this area;

• Responding to complaints from data subjects exercising their rights of access, rectification, erasure, restriction, objection or, where applicable, portability and withdrawal of consent, in accordance with the applicable law;

• Establish an internal procedure to identify and manage cases of personal data breaches and, where required by applicable law, to notify the competent national data protection authority and/or the persons concerned in the manner and within the time limits prescribed by applicable law;

• Take all necessary technical and organizational precautions, having regard in particular to the personal nature of the Personal Data which each of the Parties processes respectively and the risks presented by the processing, in order to preserve maximum security and confidentiality of this Data and, in particular, to prevent it from being distorted, damaged and, above all, from being accessed by unauthorized third parties in any way whatsoever.

7.3.2. MAGILEADS Bonds

MAGILEADS further undertakes, for the duration of the Contract, to:

• Ensure that each communication includes an unsubscribe link, allowing recipients to exercise their right to object to being included in the client's database, without prejudice to any specific settings established by the Client;
• Inform the individuals listed in the client's database about the use of their personal data, in accordance with the requirements of Article 14 of the European Regulation;
• Ensure that the consent of the persons appearing in the client's database is obtained within the time limits and conditions required by the regulations in force, including the requirements, recommendations and guidelines of the competent supervisory authorities regarding the compliance of services;
• Notify the Client without delay in case of risk of non-compliance of all or part of the services provided by MAGILEADS under this Contract;
• Maintain the necessary documentation to demonstrate compliance of services, including with respect to the consent of individuals to be included in the client's database and to receive commercial communications from MAGILEADS clients, including the Client;
• Inform the Client of any direct request received from a person objecting to the use of their personal data for commercial purposes by the MAGILEADS solution;
• To submit to an audit (including an on-site audit) at the Client's request, allowing the latter to verify MAGILEADS' compliance with its obligations regarding the protection of personal data, in accordance with the "Audit" article of this Contract;
• Guarantee and indemnify the Client against any damage resulting from a breach by MAGILEADS of its obligations under this Article, without prejudice to any other remedies available under law or the provisions of the Contract, including partial or total termination of the Contract.

7.3.3. Contacts and notification

Any questions or notifications referred to in clause 7.3 must be sent by email to:

• For Client XXX: Business contact (email) + DPO (dpo@XXX)
• For MAGILEADS: DPO (KOLLI François, moc.sdaeligam@opd )

8. CONFIDENTIALITY

Any information and/or data, regardless of its purpose (technical, financial, commercial, etc.), nature (know-how, methods, processes, etc.), medium (written or printed documents, CD-ROMs, samples, drawings, etc.), or method of transmission (written, oral, electronic), is considered "Confidential Information." The content of this Agreement constitutes Confidential Information.

Each Party shall keep confidential and refrain from using (except as provided in the Contract) any Confidential Information disclosed to it by the other Party or which it comes to know concerning the other Party.

The Parties undertake, from the date of receipt, to (a) apply to the Confidential Information they receive from the other Party the same safeguards they would apply, if applicable, to their own confidential information; (b) use the Confidential Information only for the performance of the Services; (c) transmit the Confidential Information received only to those members of their staff who strictly need it for the performance of the Contract; (d) not disclose, directly or indirectly, all or part of the Confidential Information without the express prior consent of the other Party; (e) inform the disclosing Party as soon as possible of any loss of Confidential Information; (f) at the first request of the Disclosing Party and, at the latest, within eight (8) days following the termination of the Contract for any reason whatsoever, return all Confidential Information and destroy all notes relating to the Confidential Information and, more generally, to the performance of the Services. The Provider undertakes to ensure that this confidentiality obligation is respected by all of its personnel and any subcontractors.

The Parties may disclose information, without breach of this agreement, in the following cases: (i) if the disclosed information was independently developed by the receiving Party (i.e., not developed from Confidential Information transmitted by the other Party); (ii) if the information was already in the public domain at the time of its disclosure by the disclosing Party and the disclosing Party was not responsible for putting the information into the public domain; and (iii) if the information was received from a third party by that Party, provided that the third party was not also bound by an obligation of confidentiality.

This commitment will bind the Parties for the entire duration of the Contract and five (5) years after its termination.

9. SECURITY

 The Provider is required to ensure information security and to comply with the Client's security requirements.

To this end, the Provider undertakes to implement technical and organizational measures in accordance with best practices and, where applicable, local regulations to protect the Client's data and Information System.

The Provider guarantees compliance with these provisions by its staff and any subcontractors.

Consequently, the Provider is presumed responsible for any Incident and must, in order to be exonerated from its liability, report to the Client that proof of the fulfillment of its security obligation was prevented by a case of force majeure, an act of the Client or by an act of a third party having a similar effect provided that this third party is not a subcontractor or a third party under the responsibility of the Provider.

9.1 Confidentiality and Integrity

The Provider undertakes to ensure the security of its Information System, the Solution, and the information processed. In this context, the Provider will, in particular, adopt all necessary measures to guarantee data integrity by protecting it against accidental or unlawful destruction, accidental loss, or alteration; data confidentiality by preventing its disclosure or any access by unauthorized third parties; and control over the communication of data, restricting it to only those individuals who need to know it.

In the event that the Provider uses or performs, within the framework of the Services, means or operations of encryption, it undertakes to do so in accordance with the legislation in force on the date of implementation of these means or Services and to communicate to the Client, as soon as possible, all the necessary supporting documents where applicable.

Furthermore, the Provider undertakes to ensure that the data is accessible and usable by persons duly authorized by the Client upon first request.

9.2 Obligation to report and correct security incidents

The Service Provider undertakes to inform the Client immediately and by all means in the event that it becomes aware of an Incident

The Client must be notified in writing within a maximum of 48 hours of the discovery of the Incident.

Furthermore, the Provider undertakes to correct any security incident as soon as possible and to inform the Client of the corrective measures envisaged and the effective implementation of said measures.

The Provider and the Client agree to collaborate in order to determine the origin of any Incident (including Malicious Programs) by mutual agreement and to eradicate its consequences.

In the event that the Incident is attributable solely to the Client, the Client will bear the costs of diagnosis and repair.

In the event that the Incident is attributable to the Provider, the latter will bear the costs of diagnosis and repair.

9.3 Update, security patches

The Provider applies the fixes recommended by the hardware or software solution providers (system or application software, embedded software) on all the hardware under its care.

9.4 Backups and Restore

The Service Provider undertakes to back up the information processed in its Information System at a frequency necessary for the proper execution of the Services covered by the Contract

In particular, the Provider must take all necessary measures in terms of backup and restoration to comply with the required level of service and undertakes in particular to regularly test the reliability and completeness of its backups by carrying out restoration tests.

The Provider must take measures to ensure the confidentiality of the Client's backed-up data: confidentiality of data flows during backup operations; secure storage of backups.

9.5 Business Continuity

The Provider must take all necessary measures to ensure the availability of the Information System, in accordance with the requirements defined in the clause relating to the required level of service.

9.6 Security monitoring

The Provider undertakes to monitor, throughout the duration of the Services, any risks incurred or software vulnerabilities, weaknesses, or design flaws that may affect the Solution and the Services. In this respect, the Provider is required to follow the publications of authoritative organizations in the field of information systems security.

10. FINANCIAL CONDITIONS

The price of the Services and the associated payment terms are defined in the quote in Appendix 2 (see below). The prices quoted include all expenses that the Provider may incur in the performance of the Contract. Invoices are payable within forty-five (45) days from the end of the month of the invoice date.

All invoices covered by this Contract are understood to be on a tax-exclusive basis.

11. PENALTIES

Penalties that may be owed by the Provider in the event of delay and/or failure to meet the Service Levels under the Contract.

Since these penalties are not of a discharging nature, the Provider therefore remains fully liable and responsible for the Service and/or Level of Service and cannot consider itself released from its obligation by the payment of said penalty.

The penalties are independent of each other and, consequently, cumulative. The application of penalties shall not, moreover, preclude the Client's other rights, and in particular the right to obtain legal redress for the damage suffered, in the form of damages, and to terminate the Contract, in whole or in part, in accordance with Article 13.2.

The fact that the Client does not assert its right to apply penalties immediately upon the Provider's breach does not mean that it waives this right.

The Client may immediately deduct the penalty amount from the invoices sent to them by the Service Provider. The Client is not presumed to waive a penalty if they do not deduct it from an invoice.

12. AUDIT

The Parties agree that the Client may, after having informed the Service Provider, giving fifteen (15) working days' notice (except in the event of an emergency, in which case the Client must give seventy-two (72) hours' notice) , have an audit carried out by persons of its choice, duly and specially mandated for this purpose.

The purpose of the audit will be to enable the Client to ensure that the Provider complies with its obligations under the Contract (including a security audit of the Solution).

During these visits, the Service Provider cooperates fully and free of charge with the Auditor and undertakes to:

• To provide him, as soon as possible, with the requested information that is in his possession or under his control;
• To obtain the necessary information that might be under the control of a third party;
• To grant access to the premises concerned by the Services referred to herein;
• To allow the examination, for justified reasons, of all equipment used within the framework of the Services.

During the visits, the Auditor will be able to consult, in particular, all the reports prepared by the Provider's suppliers and subcontractors involved in the Services.

In the event that a visit reveals a breach by the Provider of the provisions of the Contract, the Provider undertakes to undertake, at its sole expense, the necessary corrective measures as soon as possible following notification from the Client.

The audit report will be communicated to the Provider and will be reviewed during a meeting of a monitoring committee, with a view to examining the possible implementation of corrective actions.

It is understood between the Parties that any serious and/or repeated breach by the Provider of its obligations under Article 7 is grounds for termination of the Contract by the Client.

13. DURATION – TERMINATION

 13.1 Contract Duration

The Contract shall enter into force on the date of its signature by the Parties and shall remain in force for a period of three (3) months.

At the end of this commitment, the Contract will be automatically renewed for successive periods of 3 months unless one of the parties sends a notice of termination by registered letter with acknowledgment of receipt to its co-contractor no later than one month before the new term of the Contract.

Each Party therefore has up to 30 days before each new period of (3) months to object to the renewal of the Contract.

13.2 Termination

Termination for breach – In the event of a breach by one of the Parties of its contractual obligations, which is not remedied in whole or in part within thirty (30) days from receipt of a formal notice sent for this purpose by registered letter with acknowledgment of receipt, the other Party may terminate the Contract, in whole or in part, automatically and without judicial formalities, without prejudice to any damages to which the injured Party may be entitled as a result of the harm suffered in this respect and without prejudice to the Client's right to request the implementation of reversibility.

Termination for failure to achieve Service Levels – The Client shall have the right to terminate the Contract, in whole or in part, in the event of failure to achieve the Service Levels.

Partial Termination – The Client may terminate, for convenience, certain Services provided by the Provider during the term of this Agreement, by registered letter with acknowledgment of receipt and subject to a three (3) month notice period, without any compensation being due to the Provider. Furthermore, if the price of the Services is based on the number of Users and/or a certain volume, it is expressly agreed between the Parties that the Client may, at any time during the term of this Agreement, subject to a one (1) month notice period, reduce the number of Users and/or the volume. This Agreement does not contain any exclusivity agreement on the part of the Client and its Affiliates to use the Solution, nor any minimum volume requirement. The price of the Services will be adjusted to reflect this partial termination, without affecting the unit price of the Services.

Change of Control – The Provider undertakes to inform the Client of any significant change in its financial situation, as well as any change in majority ownership, contributions to a company, mergers, and generally any transaction likely to result in a change of control within the meaning of Article L. 233-3 of the French Commercial Code. The Client shall have the option of notifying the Provider within ninety (90) days of receiving this information

the automatic termination of the Contract, by registered letter with acknowledgment of receipt, without prejudice to the right to request the implementation of the reversibility services.

Termination of the Contract, for any reason whatsoever, is without prejudice to any penalties paid or owed to the Client under the Contract.

13.3 Consequences of the termination of the Contract

In the event of termination of the Contract, for any reason whatsoever, the Provider undertakes to continue providing the Solution and the Services under the same conditions of quality, security, and confidentiality, and the Client undertakes to pay the Provider all sums due under the Contract and not disputed by the Client, up to the effective date of termination of the Contract (including any potential reversibility period). In the event of termination of the Contract due to a fault on the part of the Provider, the Provider undertakes to reimburse the Client for all sums paid by the Client corresponding to an unused period as a result of this early termination, on a pro rata basis.

The Provider must also, upon the Client's first request, return all of the Client's Confidential Information in its possession or under its control, and retain no copies thereof, whether or not the Client requests the implementation of the data reversibility services. The Confidential Information will be provided in the format and on the medium agreed upon with the Client and, in any event, in a standard, easily readable format.

On the effective date of the termination of the Contract (including any possible reversibility period), the Client's Users will cease to use their login credentials for the Solution.

14. REVERSIBILITY

In the event of termination of the Contract, for any reason whatsoever, the Provider undertakes to return to the Client, or to any third party designated by the Client, according to the schedule agreed upon by the Parties, the data generated by the Client during the use of the Solution and all other Confidential Information, as well as all elements in its possession or under its control and entrusted to it by the Client during the term of the Contract, and to provide all necessary advice and knowledge transfer to enable the Client or the designated third party to regain control of the Services. At the Client's request, the Provider also undertakes to provide the Client or the designated third party with the necessary support services.

The operational details of the reversibility process, the specific items to be provided to the Client or the designated third party within the framework of this reversibility, and the financial conditions applicable to the reversibility will be defined between the Parties in a reversibility plan, a first draft of which must be prepared by the Service Provider and presented to the Client no later than six

(6) months following the effective date of the Contract.

The reversibility period will run throughout the notice period and may continue beyond this notice period for an additional duration not exceeding six (6) months. During the reversibility period, the Provider undertakes to maintain continuous access to the Solution and Services, without any degradation of Service Levels or the security and confidentiality conditions defined in this agreement.

At the end of the reversibility period, the Parties will sign a record of completion of reversibility confirming its successful completion.

The Parties agree to the following financial arrangements with regard to the reversibility assistance services provided by the Provider:

• If the reversibility results from an early termination of the Contract due to fault on the part of the Provider (including failure to comply with Service Levels), the reversibility assistance services will not be billed to the Client and the Provider will bear all costs related to the reversibility;
• If the reversibility results from an early termination of the Contract due to force majeure or a change of control of the Provider, the cost of the reversibility will be borne equally by the Provider and the Client;
• If the reversibility results from any other cause of interruption of the Contract, the reversibility assistance services will be billed to the Client.

15. RESPONSIBILITY

 The Provider is liable to the Client for any direct damage caused to the latter in the event of an act attributable to the Provider, its permanent and non-permanent staff or its possible subcontractors, within the framework of the execution of the Contract.

Under no circumstances will the Provider or the Client be held liable for indirect damages within the meaning of Article 1231-4 of the Civil Code and the jurisprudence of the French courts.

In the event that the Client is found liable, it is expressly agreed that the Client shall only be liable for direct and immediate damages, up to a total and cumulative amount of damages not exceeding 50% (fifty percent) of the amount paid under this Contract.

16. INSURANCE

 The Provider certifies that it has taken out insurance with a reputable and solvent company, covering its professional risks in particular for the benefit of the Client.

17. GENERAL PROVISIONS

 17.1 Use of the Client's trademarks and logos by the Service Provider

Any use by the Provider of the Client's trademarks and/or logos for commercial prospecting of the Provider's services, products and offers is subject to the Client's prior written authorization.

17.2 Notification

Unless otherwise expressly agreed, all notices under the Contract must be in writing and be either delivered by hand, sent by registered letter with acknowledgment of receipt, or made by extrajudicial act to the address indicated at the beginning of this document or to any other address that one of the Parties may mention to the other in writing in the manner specified in this article.

17.3 Interpretation

If any provision of the Contract is held to be invalid, illegal or unenforceable, the remaining provisions shall continue to bind the Parties as if the invalid, illegal or unenforceable provisions had never existed from the outset.

17.4 Intuitu Personae

The Provider is not authorized to assign or transfer, in any way whatsoever, to third parties, all or part of its rights or obligations under this agreement.

17.5 Independence of the Parties

It is expressly agreed between the Parties that the Service Provider acts in its own name and on its own behalf, as an independent contractor, in the performance of the Contract, and that the Service Provider's personnel remain under the direction, authority, and control of the Service Provider and shall in no way be considered employees of the Client. Likewise, the Contract shall in no way be interpreted as creating a partnership, an agency relationship, or a mandate relationship between the Parties. By express agreement, the Service Provider may in no way act in the name of or on behalf of the Client.

17.6 Force majeure

Neither Party shall be liable to the other for any failure to perform its obligations under this Agreement resulting from a force majeure event. By express agreement, force majeure shall be defined as any unforeseeable, irresistible, and external event rendering the performance of this Agreement, in whole or in part, impossible, as commonly recognized by the jurisprudence of French courts, and primarily by the jurisprudence of the Court of Cassation. Initially, the force majeure event shall suspend the performance of this Agreement. If the force majeure event continues for more than thirty (30) days, this Agreement may be terminated automatically, without legal formalities, by either Party by written notice to the other Party.

17.7 Subcontracting

The Provider may subcontract a portion of its services under this Contract, in accordance with the provisions of Law No. 75-1334 of December 31, 1975, concerning subcontracting. The Provider undertakes to select any subcontractors and define their obligations in such a way as to ensure strict compliance with its own obligations in the performance of this Contract. The Provider is responsible for ensuring that any subcontractor complies with the security and confidentiality obligations defined in this Contract. Under no circumstances shall the use of subcontracting reduce the Provider's obligations and guarantees under this Contract; the Provider remains solely responsible for the services performed by its subcontractor.

17.8 Non-waiver

No act of tolerance by either Party, even if repeated, shall constitute a waiver by that Party of its right to invoke any of the provisions of the Contract.

17.9 Contract Language

This Agreement is written in French. In the event of a translation of this Agreement into a foreign language, only the French version shall prevail.

17.10 Applicable Law and Jurisdiction

The Contract is governed by French law. In the event of a dispute concerning its formation, validity, interpretation, performance or termination, the Parties agree to submit this dispute to the competent courts of Paris, including for interim proceedings and in the event of summary proceedings, applications, third-party claims or multiple defendants.

• : ANTI-CORRUPTION REGULATIONS

The Provider undertakes to execute this Contract in strict compliance with the standards and regulations applicable to its sector, and in particular Law No. 2016-1691 of 9 December 2016 relating to transparency, the fight against corruption and the modernization of economic life, known as the Sapin 2 Law.

The Provider therefore undertakes that it and all of its affiliated companies, directors, employees, representatives, subcontractors and agents (hereinafter the "Representatives") comply with the applicable regulations regarding the prevention of corruption.

The Provider and its Representatives are prohibited in particular from promising, offering or granting to any person, directly or indirectly, any undue advantage so that this person, in violation of their duties, performs or refrains from performing an act.

In the event of non-compliance by the Provider or its Representatives with the provisions of this Article, the Client shall be entitled to terminate this Contract automatically and without notice by registered letter with acknowledgment of receipt, without payment of compensation and without prejudice to any damages or remedies provided for by law.

Appendix 1: Confidentiality Agreement – ​​NDA

 Subject: Confidentiality Agreement

 Sir,

We have requested your support in the context of the commercial development of the digital prospecting solution (the “ Product ”) used by the company [Company Name] .

As this Product is strictly confidential, including internally, the purpose of this agreement (the “ Agreement ”) is to define the terms and conditions for preserving its complete confidentiality.

1. For the purposes of this Agreement, the following are considered " Confidential Information ":

1. Any information, of any kind whatsoever, relating directly or indirectly to the Product, communicated by the Company, or its advisors, in writing, orally, or by any other means, prior to or subsequent to the signing of this Agreement;

2. All reports, analyses, notes, compilations, studies, projections, interpretations and all other documents prepared by you (in whole or in part) that contain, reflect or are based on information described in paragraph 1(i) above; and the very existence of the Product and this Agreement.

Notwithstanding the foregoing, information that (a) is already publicly available at the time of its communication or dissemination, (b) becomes publicly available after the date of its communication or dissemination other than through a breach of the obligations stipulated herein, or (c) is transmitted to you on a non-confidential basis by any person other than the Company, provided that such person was not bound by any obligation of confidentiality to the Company, does not constitute Confidential Information.

2. In light of the foregoing and the communication that has been or will be made to you regarding Confidential Information, you agree, by signing this Agreement, without any conditions, limitations, or restrictions whatsoever, to:

1. Keep the Confidential Information strictly confidential and use it yourself only for the purposes of your mission in relation to the Product and with all due discretion;

1. Not to communicate or disclose any Confidential Information, nor the fact that Confidential Information has been transmitted, to any employee, manager, agent or collaborator of the Group or to any third party, with the exception of those employees, managers, agents, collaborators or advisors of the Company who are also informed of the Product and who have themselves entered into a confidentiality agreement in connection with the Product or who are subject to a professional duty of confidentiality and who are listed in Appendix 1 (the " Informed Persons ") , and solely for the purpose of evaluating the interest and/or feasibility of the Product and its possible implementation methods;

• Take all necessary precautions to prevent and stop any disclosure of or access to Confidential Information.

If you are legally or regulatory required to disclose Confidential Information, you will inform us immediately and in advance so that we can obtain any provisional or protective measures, or take any action available to us to avoid such disclosure or to limit its content to the strict minimum necessary to satisfy this obligation.

3. You acknowledge that you will be responsible for any breach of the provisions of this Agreement and that you may be held liable for any failure to fulfill your obligations hereunder

4. In the event that you find that the terms of this agreement have not been respected, you undertake to immediately inform the Company and to provide it with all assistance in order to minimize the effects of such a breach, without prejudice to your liability for the violation of this agreement.

5. This Agreement is concluded for a period of one (1) year from its date of signature, it being specified, as needed, that your commitment to keep the Confidential Information confidential is without prejudice to the possible interruption of the steps towards the realization of the Product.

6. This Agreement may only be modified in whole or in part by means of an amendment signed by both parties hereto.

7. This Agreement shall be governed by and construed in accordance with French law. Any dispute relating to its interpretation or performance shall be subject to the exclusive jurisdiction of the courts within the jurisdiction of the Court of Appeal of Paris.

We would be grateful if you would confirm your agreement to the terms of this Agreement by returning one of the two enclosed copies, dated, initialed and signed.

Francois KOLLI
ue.sdaeligam@opd
KA-Groupe – MAGILEADS
40 Rue de Plaisance, 75014 Paris

RC/SIRET number: 848746632
APE code: 7022Z