Terms & Conditions

Terms & Conditions of Sale

including Data Processing Agreement (DPA)
& Data Ownership and Portability Addendum

SHARE YOUR PASSION, INC. dba SYP AI
Delaware corporation · 151 East 83rd Street, Suite 3A, New York, NY 10028, USA
Version: July 2026 · One consolidated agreement · U.S. and EU data-protection compliant

Contents

Terms & Conditions of Sale 1. Definitions 2. The Services 3. Account Registration, Security & Authorized Use 4. Agencies & Brand Owners 5. Subscriptions, Credits & the Free Trial 6. Fees, Taxes & Payment 7. Client Data; License; Data-Protection Roles 8. Messaging Compliance & Indemnity 9. Meta Platform Compliance; SYP as a Third-Party Developer 10. Prohibited Uses 11. Representations, Warranties & Compliance 12. Third-Party Platforms, Links & Tools 13. Intellectual Property; Feedback 14. Confidentiality 15. Term, Termination & Suspension 16. Effect of Termination; Data Export & Deletion 17. Disclaimer of Warranties 18. Limitation of Liability 19. Indemnification by the Client 20. Dispute Resolution; Arbitration; Class-Action Waiver 21. Governing Law & Venue 22. Changes to the Agreement & the Services 23. General Provisions 24. Notices & Electronic Communications 25. Contact Us 26. Electronic Records & Signatures Part A — Data Processing Agreement (DPA) 1. Definitions 2. Roles and Scope 3. Processing on Documented Instructions 4. Confidentiality of Personnel 5. Security 6. Sub-Processors 7. Assistance with Data-Subject Rights 8. Assistance with Compliance 9. Personal Data Breach Notification 10. International Data Transfers 11. Records; Information; Audits 12. Return and Deletion 13. U.S. State Privacy Laws 14. Liability, Precedence, Term and Governing Law Annex I — Description of Processing Annex II — Technical and Organisational Measures Annex III — Sub-Processors Appendix 1 — Cross-Border Transfer Mechanisms Part B — Data Ownership & Portability Addendum 1. Ownership of Client Data 2. Access and Export During the Term 3. Data Portability (Data-Subject Rights) 4. Portability Formats and Documentation 5. Return and Deletion on Exit 6. Transition Assistance 7. General
Terms & Conditions of Sale Online Subscription Agreement — Executed by Electronic Signature (DocuSign) · Version: July 3, 2026

These Terms and Conditions of Sale (these "Terms") constitute a legally binding agreement between you (the "Client," "you" or "your") and Share Your Passion, Inc., a Delaware corporation doing business as SYP AI (together with its subsidiaries and affiliates, "SYP," "we," "our" or "us"), governing your access to and use of the SYP AI software-as-a-service platform — including the social-media loyalty, rewards and engagement tools, related APIs, mobile and web applications, the website at getsyp.com (the "Site"), and all related products, services, content and tools (collectively, the "Services").

Any personal data you submit to us or that we collect is governed by our Privacy Policy and our Data Processing Addendum (the "DPA"), each incorporated by reference into these Terms. If you access any features of the Services that use artificial intelligence or machine-learning technologies (the "AI Features"), your use is also subject to the AI Supplementary Terms incorporated by reference herein. These Terms, together with the Privacy Policy, the DPA, the AI Supplementary Terms and each executed Scope of Work or Order Form, constitute the "Agreement."

1

Definitions

"Account" — the account the Client registers and maintains to access and use the Services.

"Agency" — a service provider engaged by a Brand Owner to create and/or manage an Account and use the Services on the Brand Owner's behalf, as described in Section 4.

"Brand Owner" — any individual or entity that uses the Services to market, support, develop or otherwise commercialize its business, products or services.

"Client Data" — all data, content and information submitted to, processed through, or generated by the Services by or on behalf of the Client, including Account, configuration, campaign, usage and analytics data, and End-User Data.

"Credits" — the usage units allocated to the Client under the applicable Subscription Tier, consumed by Platform interactions as set out in the applicable Order Form.

"End User" — any individual who interacts with the Client's loyalty, rewards or engagement campaigns through the Services, including individuals who interact with the Client through a Meta Platform.

"Meta Platform" — Facebook, Instagram, Messenger, WhatsApp and any other platform, product, API or service made available by Meta Platforms, Inc. or its affiliates (collectively, "Meta").

"Meta Terms" — the Meta Platform Terms, Developer Policies, Developer Data Use Policy, Community Standards, Messenger and Instagram platform policies, and all other terms, policies and guidelines published by Meta governing access to and use of the Meta Platforms, each as amended.

"Order Form" / "Scope of Work" — an ordering document executed by the parties (including electronically) that references these Terms and specifies the Services, Subscription Tier, fees, term, territory and any additional terms.

"Platform Data" — any data the Client or SYP obtains from or through a Meta Platform, including User Data as defined under the Meta Terms.

"Subscription Tier" — the service level selected by the Client and identified in the applicable Order Form, which determines feature access, Credit allocation and fees.

2

The Services

2.1 Overview

SYP provides a cloud-based platform that enables Clients to design, deploy and manage social-media loyalty, rewards and engagement campaigns — including automated interactions delivered through Meta Platforms and other authorized messaging and social-media channels — together with related analytics and AI Features. If the Client has executed a separate Order Form or Scope of Work, that document will control in the event of a conflict with these Terms with respect to its specific commercial terms, provided that no Order Form may limit the Client's payment obligations or expand SYP's liability beyond Section 18. SYP may modify, enhance or discontinue features of the Services in accordance with Section 22.

2.2 Content Creation, Scheduling and Publishing

The Services allow the Client to create, schedule, publish and manage organic social-media content — including stories, reels, posts and similar formats — on Instagram, Facebook and other connected channels through Meta's and other platforms' APIs. The Client is solely responsible for all content it creates, schedules, publishes or distributes through the Services (the "Published Content"), including its accuracy, legality, ownership and compliance with applicable law and the Meta Terms.

SYP acts only as a technical conduit that transmits the Published Content to the relevant platform at the Client's direction. SYP does not create, review, approve, monitor or endorse the Published Content and expressly declines all responsibility and liability for it. SYP does not guarantee that any item of Published Content will be delivered, published or displayed at any particular time or at all.

2.3 AI Sentiment Analysis

The Services include AI-powered sentiment-analysis features that use artificial-intelligence and machine-learning models to analyze social-media content and engagement — including posts, comments, messages, mentions, and the Instagram profile biography ("bio") and public information of followers and other End Users — and to generate sentiment scores, classifications, summaries and related insights (the "Sentiment Outputs"). The Sentiment Outputs are automated, probabilistic estimates; they may be inaccurate, incomplete or out of date, do not constitute advice, and must be independently reviewed before the Client relies on or acts upon them.

SYP does not control, and is not responsible or liable for, the views, opinions, comments or sentiment — including any negative, critical or harmful sentiment — expressed by any Instagram, Facebook, WhatsApp or other follower or End User, or for any consequence of such sentiment to the Client or its brand.
3

Account Registration, Security & Authorized Use

To use the Services, the Client must register for an Account and provide true, accurate, current and complete information, including the information required to connect the Client's Meta Platform assets, and must keep it updated. The person who registers is the contracting party and authorized administrator of the Account; if that person registers on behalf of an entity, that entity is the Client and Account holder.

The Client is responsible for maintaining the confidentiality of its login credentials and is solely and fully responsible for all activities that occur under its Account, whether or not authorized. The Account is not transferable except as expressly permitted under Section 4 or Section 23. The Client will notify SYP immediately of any suspected unauthorized use of, or other breach of security relating to, its Account.

By providing contact information and using the Services, the Client consents to receive operational and transactional communications from SYP (including by email and in-app notification) relating to registration, security, service changes, outages and support. The Client may manage certain communication preferences in the Account settings but may not opt out of communications essential to the provision of the Services.

4

Agencies & Brand Owners

An Agency is not required for a Brand Owner to use the Services. If the Client is an Agency using the Services on behalf of a Brand Owner, the Client: (i) represents and warrants that it is duly authorized to access and use the Services and the Account on the Brand Owner's behalf; (ii) will correctly identify the Brand Owner as an administrator on the Account and on the connected Meta Platform assets; and (iii) remains jointly and severally liable with the Brand Owner for compliance with the Agreement.

The Brand Owner is the sole and exclusive account representative of any Account created on its behalf, provided that the Agency retains its rights in the designs, templates, flows and other work product it creates for the Brand Owner (the "Agency Content"). Upon termination of the Agency–Brand Owner relationship, the Client will promptly notify SYP, and following transfer of the Account, the Brand Owner will be solely responsible for payment of all fees due with respect to the Account.

5

Subscriptions, Credits & the Free Trial

5.1 Subscriptions

The Services are offered on a subscription basis under the Subscription Tier identified in the applicable Order Form. Subscriptions renew automatically for successive periods equal to the then-current subscription period unless either party gives written notice of non-renewal:

  • Monthly subscriptions: at least thirty (30) days before the renewal date.
  • Annual subscriptions: at least sixty (60) days before the renewal date.

5.2 Credits

Credits are allocated at the start of each billing period in accordance with the Subscription Tier, are non-transferable, and expire at the end of the billing period in which they are allocated with no rollover unless otherwise stated in the Order Form. The Credit consumption rates applicable to Platform interactions and AI Features are set out in the Order Form and may be updated by SYP on at least thirty (30) days' prior written notice.

Credit Bundle Notifications and Upgrades. SYP will notify the Client (by email and/or in-app notification) as the Client approaches, and when the Client reaches, the Credit limit. Upon exhaustion of the bundled Credits, the Client may choose to: (i) stop, in which case Credit-consuming features pause for the remainder of the billing period, or (ii) upgrade to a higher Credit bundle plan to continue without interruption. SYP will not charge the Client for additional Credits or for a higher-tier plan without the Client's express prior consent.

5.3 Free Trial

SYP may offer a no-cost or reduced-rate trial of the Services for a limited period (a "Free Trial"). The Client may cancel at any time before the end of the Free Trial period through the Account settings or by written notice.

Unless the Client cancels before the end of the Free Trial period, the Account will automatically convert to the selected paid Subscription Tier and the payment method on file will be charged the then-current applicable price. SYP may determine eligibility for, and may modify, suspend or withdraw, any Free Trial at any time to the extent permitted by law.
6

Fees, Taxes & Payment

The Client will pay all fees and charges for the Services in accordance with the Order Form and the billing terms in effect when a fee is due. Unless an invoice arrangement is separately agreed, payments are processed through a third-party payment processor, and the Client authorizes recurring charges to its designated payment method. The Client will keep its payment information current and valid.

Except as expressly provided in these Terms or required by applicable law, all fees are non-refundable and payment obligations are non-cancelable. Fees are exclusive of all sales, use, value-added (VAT), goods-and-services, withholding and similar taxes, which are the Client's responsibility, other than taxes based on SYP's net income.

SYP may revise its prices, Subscription Tiers and Credit consumption rates upon at least thirty (30) days' prior written notice (email sufficient), effective as of the first billing period beginning after the notice period. If the Client does not accept a revision, the Client may terminate the affected Subscription by written notice before the effective date, without penalty; absent such notice, continued use after the effective date constitutes acceptance. Price revisions do not apply retroactively. Overdue amounts may accrue interest at the lesser of 1.5% per month or the maximum rate permitted by law.

7

Client Data; License to SYP; Data-Protection Roles

As between the parties, the Client owns all right, title and interest in and to the Client Data. The Client grants SYP a non-exclusive, worldwide, royalty-free license to host, copy, process, transmit, display and otherwise use the Client Data solely to provide, maintain, secure, improve and develop the Services, to comply with applicable law, and as otherwise permitted by the Agreement. The Client is solely responsible for the accuracy, quality, legality and right to use the Client Data and for obtaining all consents necessary for SYP to process it.

Data-Protection Roles. With respect to personal data of End Users processed in connection with the Services, the Client acts as the data controller (or business) and SYP acts as the data processor (or service provider) within the meaning of applicable data-protection laws, including the EU GDPR and applicable U.S. state privacy laws; such processing is governed by the DPA. With respect to the Client's own Account, billing and usage data, SYP acts as a controller as described in the Privacy Policy. The Client will not instruct SYP to process special categories of personal data, represents that it has a valid legal basis for the processing, and has provided End Users with all legally required notices.

8

Messaging Compliance & Indemnity

The Client acknowledges that the Services enable the automated sending of messages — including Instagram and Messenger Direct Messages, WhatsApp messages, SMS and email — to End Users on the Client's behalf. The Client will use the Services in full compliance with all applicable laws governing electronic communications and marketing, including without limitation the U.S. Telephone Consumer Protection Act (TCPA) and CAN-SPAM Act, Canada's Anti-Spam Legislation (CASL) and PIPEDA, the GDPR and ePrivacy rules, and all applicable Meta Terms (collectively, the "Messaging Laws").

The Client is solely responsible for: (i) obtaining and documenting any legally required consent or opt-in from End Users before messages are sent; (ii) promptly honoring all opt-out, "STOP" and unsubscribe requests; (iii) the content of all messages, rewards and promotions sent through the Services; and (iv) providing End Users with all legally required identifying information and notices.

SYP acts solely as a service provider that enables the sending of the Client's messages; the Client exercises control over message content and destination. SYP does not verify the Client's compliance and assumes no responsibility for it, and may suspend the Services without notice in the event of suspected non-compliance.

The Client will indemnify, defend and hold harmless SYP and its officers, directors, employees, agents, suppliers and affiliates from and against any and all claims, fines, losses, costs and expenses (including reasonable attorneys' fees) arising out of the Client's breach of this Section, in accordance with Section 19.

9

Meta Platform Compliance; SYP as a Third-Party Developer

SYP integrates with the Meta Platforms as an independent third-party developer under the Meta Terms. The Services are not endorsed, sponsored, certified or operated by Meta, and Meta is not a party to the Agreement. In the event of a conflict between the Agreement and the Meta Terms as they apply to data or activity on a Meta Platform, the Meta Terms control with respect to that data or activity.

9.1 Client Obligations on Meta Platforms

As a condition of using the portions of the Services that connect to a Meta Platform, the Client represents, warrants and covenants that it is authorized to grant SYP permission to access the Client's connected Meta Platform assets to provide the Services, and that it will at all times comply with the Meta Terms, including by maintaining a lawful basis and any required consents for all Platform Data the Client causes SYP to access or process.

9.2 Prohibited Activities on Meta Platforms

The Client will not, and will not authorize, enable or encourage any third party (including any Agency or End User) to, use the Services in any manner that would violate the Meta Terms or cause SYP to violate the Meta Terms. Prohibited activities include, without limitation:

  • Violating any Meta Platform Term, Developer Policy, Community Standard, or Instagram, Messenger or WhatsApp platform policy;
  • Selling, licensing, renting, transferring, disclosing or otherwise monetizing Platform Data, or transferring it to any data broker, ad network or other party, except as expressly permitted by the Meta Terms;
  • Using Platform Data to make or facilitate decisions relating to eligibility for, or to deny, employment, housing, credit, insurance, education or any other benefit, or for surveillance, law-enforcement or intelligence purposes;
  • Requesting, accessing or using any permission, scope or Platform Data beyond what is necessary to provide the Services;
  • Sending unsolicited, deceptive or non-consented messages or spam;
  • Scraping, crawling, harvesting or otherwise collecting data from a Meta Platform by automated means except through the published, authorized APIs;
  • Caching or retaining Platform Data longer than permitted, or failing to delete Platform Data upon request;
  • Circumventing, disabling, probing or testing any rate limit, access restriction, security or authentication measure of a Meta Platform, or reverse-engineering any Meta API, SDK or system;
  • Misrepresenting the Client's, an Agency's, or SYP's identity, affiliation or relationship with Meta;
  • Impersonating any person or entity, infringing intellectual-property or privacy rights, or distributing unlawful, harmful, hateful, harassing or discriminatory content through a Meta Platform;
  • Using Platform Data or the Meta Platforms in connection with any unlawful, fraudulent or deceptive activity.

9.3 Data Use, Security & Deletion

The Client will use, store, secure and delete Platform Data in accordance with the Meta Terms and the DPA, will maintain administrative, technical and physical safeguards appropriate to the sensitivity of the Platform Data, and will promptly notify SYP of any actual or suspected unauthorized access to or use of Platform Data. The Client acknowledges that Meta may audit, restrict, suspend or revoke access to the Meta Platforms at any time, and that SYP may be required to suspend, modify or terminate the affected portions of the Services in response.

9.4 Enforcement & Cooperation

SYP may suspend or terminate the Client's access to the Meta-connected portions of the Services, in whole or in part and without liability, if SYP reasonably believes the Client has violated the Meta Terms, if Meta requires it, or as necessary to protect the Services, SYP, Meta or any End User. The Client will reasonably cooperate with SYP in connection with any Meta inquiry, data-use checkup, audit or enforcement action, and will indemnify SYP under Section 19 for claims, fines or penalties arising from the Client's violation of the Meta Terms.

9.5 Restricted Content and Industries

The Client will not use the Services or the Meta Platforms to promote, advertise, sell or facilitate transactions involving content, goods or services that are prohibited or restricted under the Meta Terms, including without limitation: gambling, betting, lotteries or games of chance; adult or sexually explicit content or services; alcohol; tobacco, e-cigarettes, vaping and related products; recreational or illegal drugs and drug paraphernalia; firearms, weapons, ammunition and explosives; pharmaceuticals, supplements and other regulated health products; deceptive or predatory financial products and services (including cryptocurrency offerings where restricted); multi-level marketing or "get-rich-quick" schemes; counterfeit, stolen or infringing goods; and any other content or industry that Meta prohibits or restricts, or that is unlawful in the jurisdictions where the campaign is delivered.

10

Prohibited Uses

In addition to the restrictions elsewhere in the Agreement, the Client will not, and will not permit any third party to, use the Services:

  • For any unlawful, fraudulent, deceptive or misleading purpose, or to solicit or facilitate any unlawful act;
  • To violate any applicable international, federal, state, provincial or local law, rule, regulation or ordinance;
  • To infringe or misappropriate the intellectual-property, privacy, publicity or other rights of SYP or any third party;
  • To harass, abuse, defame, threaten, stalk or discriminate against any person, or to upload unlawful, obscene, harmful or objectionable content;
  • To submit false or misleading information, impersonate any person or entity, or misrepresent an affiliation;
  • To upload or transmit viruses or other malicious code, or to probe, scan, breach, disable or circumvent any security or authentication measure of the Services;
  • To access or use the Services by automated means other than the published interfaces, or to scrape, copy, resell, sublicense, frame or mirror the Services or any part of them;
  • To reverse engineer, decompile or disassemble the Services or any underlying software, except to the extent such restriction is prohibited by law;
  • To interfere with or disrupt the integrity, security or performance of the Services, or to impose an unreasonable load on SYP's infrastructure;
  • To attempt to access another user's account or data, or to collect or track the personal information of others without authorization;
  • To abuse any Free Trial, rebate or promotional offering, including by creating multiple accounts; or
  • In any manner that violates the Meta Terms or the policies of any other platform with which SYP integrates.
11

Representations, Warranties & Compliance with Laws

The Client represents and warrants that: (i) it is at least eighteen (18) years of age and has the legal capacity and authority to enter into and perform the Agreement; (ii) where it acts on behalf of an entity, it is authorized to bind that entity; and (iii) it will use the Services in compliance with all applicable laws and in good faith. The Client is responsible for determining whether the Services are suitable for its use in light of any laws applicable to it, and SYP will not be liable if the Services do not meet requirements specific to the Client's industry (such as HIPAA) unless expressly agreed in writing.

If the Client is located in the European Economic Area, the United Kingdom, Switzerland or another jurisdiction with comprehensive data-protection laws, the Client further represents and warrants that it has a valid legal basis to transfer personal data to SYP and to have it processed, has informed its data subjects accordingly, will comply with its published privacy policy, has reviewed and accepted the DPA, and will not use the Services to process special categories of personal data or for automated decision-making producing legal or similarly significant effects on individuals.

12

Third-Party Platforms, Links & Tools

The Services may interoperate with, or contain links to, third-party platforms, websites and tools (including the Meta Platforms and payment processors) that SYP does not control. SYP provides access to such third-party services and tools on an "as-is" and "as-available" basis, without warranty, and is not responsible for their availability, accuracy, content or practices. The Client's use of any third-party service is governed solely by the Client's agreement with the relevant provider and is at the Client's own risk.

13

Intellectual Property; Feedback

As between the parties, SYP and its licensors own all right, title and interest in and to the Services and all related software, technology, content, trademarks, logos and other materials, and all intellectual-property rights therein (the "SYP Materials"). Subject to the Agreement, SYP grants the Client a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the Services during the term solely for the Client's internal business purposes. Except as expressly permitted, the Client will not sell, license, rent, modify, distribute, publicly display or create derivative works from any SYP Materials. All rights not expressly granted are reserved.

If the Client submits comments, ideas or feedback about the Services ("Feedback"), it agrees that the Feedback is provided gratuitously, unsolicited and without restriction, and grants SYP a perpetual, irrevocable, worldwide, royalty-free license to use, modify and incorporate the Feedback into the Services without obligation, attribution or compensation.

14

Confidentiality

"Confidential Information" means non-public information disclosed by one party (the "Disclosing Party") to the other (the "Receiving Party") that is designated as confidential or that reasonably should be understood to be confidential, including business, technical, financial, pricing, security and customer information. The Receiving Party will use Confidential Information solely to perform under the Agreement, will protect it with at least the same degree of care it uses for its own confidential information (and no less than reasonable care), and will limit access to those of its personnel, advisers and subcontractors who need to know it and are bound by confidentiality obligations at least as protective.

Confidential Information does not include information that is or becomes public without breach, was lawfully known before disclosure, is independently developed, or is rightfully received from a third party. The Receiving Party may disclose Confidential Information if required by law or legal process, provided that, where permitted, it gives the Disclosing Party prior notice and reasonable cooperation to seek protective treatment. These obligations survive for five (5) years after termination of the Agreement (or, for trade secrets, for so long as they remain trade secrets).

15

Term, Termination & Suspension

The Agreement begins on the Effective Date and continues for the term stated in the applicable Order Form, including any renewal terms, unless earlier terminated as provided herein. Either party may terminate the Agreement or an Order Form: (i) for convenience, effective at the end of the then-current subscription period, by giving the notice required under Section 5.1; or (ii) for cause, if the other party materially breaches the Agreement and fails to cure within thirty (30) days after written notice, or immediately upon written notice if the breach is incapable of cure.

SYP may suspend or limit the Client's access to the Services, in whole or in part and without liability, if (a) the Client fails to pay undisputed fees when due after reasonable notice, (b) SYP reasonably believes the Client has violated Section 8, 9 or 10, (c) suspension is required to comply with law or a Meta or other platform requirement, or (d) suspension is necessary to protect the security or integrity of the Services or any third party. Early termination does not relieve the Client of payment obligations accrued through the effective date of termination.

16

Effect of Termination; Data Export & Deletion

Upon termination or non-renewal for any reason, the Client's right to access and use the Services ceases. For a period of thirty (30) days following the effective date of termination, the Client may export its Client Data using the export functionality of the Services or, upon written request, with SYP's reasonable assistance. After that period, SYP will delete or anonymize the Client Data in the normal course of operations, except for data SYP is required to retain to comply with law or for legitimate accounting, audit, evidentiary or security purposes.

If there is no activity in the Account (including login, campaign or payment activity) for eighteen (18) consecutive months, SYP may notify the Client by email and offer to keep the Account open; if the Client does not respond within thirty (30) days, SYP may close the Account and delete the associated Client Data.

The following Sections survive termination: 6, 7, 8, 9.2–9.5, 10, 13, 14, 16 through 23, and 26.

17

Disclaimer of Warranties

THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE," WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. SYP DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE OR SECURE, OR THAT THEY WILL MEET THE CLIENT'S REQUIREMENTS. SYP MAKES NO WARRANTY REGARDING ANY THIRD-PARTY PLATFORM (INCLUDING THE META PLATFORMS), THE PUBLICATION, TIMING OR DELIVERY OF ANY PUBLISHED CONTENT, OR THE ACCURACY OR COMPLETENESS OF ANY SENTIMENT OUTPUTS, WHICH MAY CONTAIN ERRORS AND MUST BE INDEPENDENTLY REVIEWED BEFORE USE. SYP IS NOT RESPONSIBLE FOR ANY CONTENT PUBLISHED THROUGH THE SERVICES OR FOR THE VIEWS, OPINIONS OR SENTIMENT EXPRESSED BY ANY FOLLOWER OR END USER. SOME JURISDICTIONS DO NOT ALLOW CERTAIN EXCLUSIONS, SO SOME OF THE ABOVE MAY NOT APPLY.
18

Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY (AND, AS TO SYP, ITS AFFILIATES AND THEIR RESPECTIVE OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, SUPPLIERS AND LICENSORS) WILL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, DATA, GOODWILL OR BUSINESS, ARISING OUT OF OR RELATING TO THE AGREEMENT OR THE SERVICES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Except for (a) the Client's payment obligations, (b) the Client's indemnification obligations under Sections 8, 9 and 19, and (c) either party's liability for fraud, willful misconduct or gross negligence or for liability that cannot be limited under applicable law, each party's total aggregate liability arising out of or relating to the Agreement will not exceed the total fees paid or payable by the Client to SYP during the twelve (12) months preceding the event giving rise to the claim. The parties agree that these limitations are an essential basis of the bargain.

19

Indemnification by the Client

The Client will indemnify, defend and hold harmless SYP and its officers, directors, employees, agents, suppliers, licensors and affiliates (the "Indemnified Parties") from and against any and all third-party claims, demands, suits, fines, losses, costs, expenses and fees (including reasonable attorneys' fees) arising out of or relating to: (i) the Client's use of the Services in breach of the Agreement or applicable law, including Sections 8, 9 and 10; (ii) the Client Data, the Client's content, rewards, promotions and campaigns, and any dispute between the Client and an End User; (iii) any violation of the Meta Terms by the Client, an Agency or an End User; or (iv) the Client's breach of its representations and warranties.

SYP will promptly notify the Client of any claim, provide reasonable cooperation (at the Client's expense), and may participate in the defense with its own counsel. The Client will not settle any claim in a manner that imposes any obligation or liability on, or requires any admission by, an Indemnified Party without that party's prior written consent.

20

Dispute Resolution; Arbitration; Class-Action Waiver

Please read this section carefully. It affects your legal rights and governs how disputes between you and SYP are resolved.

Informal Resolution

Before initiating any arbitration, the parties will attempt in good faith to resolve any dispute, claim or controversy arising out of or relating to the Agreement or the Services (a "Dispute") by negotiation, beginning with written notice of the Dispute. If the Dispute is not resolved within thirty (30) days, either party may commence arbitration.

Binding Arbitration

Except as set out below, all Disputes will be finally resolved by binding arbitration administered by the American Arbitration Association ("AAA") under its Commercial Arbitration Rules then in effect. The arbitration will be seated in New York, New York, conducted in English, before a single arbitrator, and judgment on the award may be entered in any court of competent jurisdiction. Each party retains the right to seek injunctive or other equitable relief in a court of competent jurisdiction to protect its intellectual-property or confidential information.

Class-Action Waiver

THE PARTIES AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN AN INDIVIDUAL CAPACITY, AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, CONSOLIDATED OR REPRESENTATIVE PROCEEDING. THE ARBITRATOR MAY NOT CONSOLIDATE MORE THAN ONE PARTY'S CLAIMS OR PRESIDE OVER ANY CLASS PROCEEDING. THE PARTIES WAIVE ANY RIGHT TO A JURY TRIAL.

This Section is governed by the Federal Arbitration Act. If any portion of the class-action waiver is found unenforceable, the entirety of this Section will be null and void as to the affected claims, which will proceed in court. Nothing in this Section prevents either party from bringing an eligible individual claim in small-claims court.

21

Governing Law & Venue

The Agreement is governed by and construed under the laws of the State of New York, without regard to its conflict-of-laws principles, and excluding the U.N. Convention on Contracts for the International Sale of Goods. Subject to Section 20, the parties consent to the exclusive jurisdiction and venue of the state and federal courts located in New York County, New York for any matter not subject to arbitration. Nothing in this Section deprives a Client of the protection of mandatory provisions of the law of its country of habitual residence where such protection cannot be derogated from by agreement.

22

Changes to the Agreement & the Services

SYP may modify these Terms from time to time. SYP will notify the Client of material changes by email or through the Services at least thirty (30) days before they take effect. If a material change adversely affects the Client, the Client may terminate the affected Subscription by written notice before the effective date, without penalty. Continued use of the Services after the effective date constitutes acceptance of the modified Terms. Amendments do not apply retroactively. SYP may also improve, modify or discontinue features of the Services, and will use reasonable efforts to notify the Client of material discontinuations.

23

General Provisions

Entire Agreement. The Agreement constitutes the entire agreement between the parties regarding its subject matter and supersedes all prior or contemporaneous understandings.

Order of Precedence. In the event of a conflict, the following order of precedence applies: the applicable Order Form (as to its specific commercial terms), the DPA, the AI Supplementary Terms (as to AI Features), these Terms, then the Privacy Policy.

Assignment. The Client may not assign or transfer the Agreement without SYP's prior written consent; SYP may assign the Agreement to an affiliate or in connection with a merger, acquisition or sale of assets. Any prohibited assignment is void.

Survival; Severability; Waiver. Provisions that by their nature should survive will survive termination. If any provision is held unenforceable, it will be modified to the minimum extent necessary or severed, and the remaining provisions will remain in effect. No waiver is effective unless in writing, and no failure to enforce is a waiver.

No Agency. No agency, partnership, joint venture or employment relationship is created by the Agreement; SYP acts solely as a technology provider and intermediary.

Force Majeure. Neither party is liable for any delay or failure to perform (other than payment obligations) due to causes beyond its reasonable control.

No Third-Party Beneficiaries. The Agreement does not confer any rights on any person who is not a party to it.

24

Notices & Electronic Communications

The Client consents to receive notices and other communications electronically, including by email and through the Services, and agrees that electronic notices satisfy any legal requirement that communications be in writing. Notices to SYP must be sent to the address in Section 25 and are deemed given upon receipt if personally delivered or sent by recognized overnight courier or certified mail, or upon electronic confirmation if sent by email. The Client may request a paper copy of these Terms by writing to the address in Section 25.

25

Contact Us

Questions about these Terms or the Services may be directed to contact@getsyp.com or to our office below.

Share Your Passion, Inc. (Delaware C-Corp) dba SYP AI
151 East 83rd Street, Suite 3A, New York, NY 10028, USA
Email: contact@getsyp.com  |  Website: www.getsyp.com

26

Electronic Records & Signatures; Consent to Transact Electronically

The Client agrees to transact business with SYP electronically and consents to the use of electronic records and electronic signatures in connection with this Agreement and the Services. The Client agrees that its electronic signature applied through an electronic signature service (such as DocuSign), and any electronic acceptance during online sign-up, constitutes a valid signature and creates a binding and enforceable agreement, having the same legal effect as a handwritten signature on a paper document, under the U.S. Electronic Signatures in Global and National Commerce Act (E-SIGN), the Uniform Electronic Transactions Act (UETA), and, where applicable to the Client, Regulation (EU) No 910/2014 (eIDAS).

Hardware and software requirements. To access, sign and retain electronic records, the Client needs: a device with internet access; a current web browser; a valid email address; and the ability to view, download and print or save PDF documents.

Copies, withdrawal of consent, and updates. The Client may request a paper copy of this Agreement at no charge by writing to the address in Section 25, and may withdraw consent to transact electronically by the same means; however, because the Services are provided electronically, withdrawing consent or failing to maintain a valid email address may prevent the Client from registering for or continuing to use the Services. SYP may treat withdrawal of consent as a request to terminate.

Authority and signing record. The signatory represents that he or she is duly authorized to execute this Agreement on behalf of the Client. The electronic signature service's certificate of completion and audit trail (including signer identity, email, IP address, and timestamps) will constitute admissible evidence of execution and may be retained by SYP as a business record.

Part A — Data Processing Agreement (DPA) Incorporated by reference into the SYP AI Terms & Conditions of Sale

This Data Processing Agreement (this "DPA") forms part of, and is incorporated by reference into, the Agreement between Share Your Passion, Inc. dba SYP AI ("SYP") and the customer that has accepted the Agreement (the "Client"). It reflects the Parties' agreement on the Processing of Personal Data in connection with the Services and applies to the extent SYP Processes Personal Data on the Client's behalf as a Processor.

DPA 1

Definitions

"Data Protection Laws" means all laws and regulations applicable to the Processing of Personal Data under the Agreement, including, as applicable: the EU General Data Protection Regulation (Regulation (EU) 2016/679, "EU GDPR"); the EU GDPR as incorporated into United Kingdom law ("UK GDPR"); the Swiss Federal Act on Data Protection ("FADP"); the ePrivacy rules; and applicable U.S. state privacy laws (including the California Consumer Privacy Act as amended, "CCPA").

The terms "Controller," "Processor," "Data Subject," "Personal Data," "Processing," "Personal Data Breach," "Special Categories of Personal Data" and "Supervisory Authority" have the meanings given in the EU GDPR.

"Client Personal Data" means Personal Data contained within Client Data that SYP Processes on behalf of the Client as a Processor. "Sub-Processor" means any third party engaged by SYP to Process Client Personal Data. "Restricted Transfer" means a transfer of Client Personal Data to a country not benefiting from an adequacy decision. "SCCs" means the Standard Contractual Clauses annexed to Commission Implementing Decision (EU) 2021/914. "UK Addendum" means the International Data Transfer Addendum to the SCCs issued by the UK Information Commissioner.

DPA 2

Roles and Scope

As between the Parties and with respect to Client Personal Data, the Client is the Controller (or, where the Client acts on behalf of a third party, a Processor) and SYP is the Processor (and, under the CCPA, a service provider). With respect to SYP's own Account, billing, security and usage data, SYP is an independent Controller and Processes such data as described in the Privacy Policy. This DPA does not apply to SYP's Controller Processing.

The subject matter, duration, nature and purpose of the Processing, the types of Personal Data and categories of Data Subjects are set out in Annex I. The Processing will continue for the duration of the Agreement and thereafter as permitted or required under Section 12.

The Client is responsible for the accuracy, quality and lawfulness of Client Personal Data and for the means by which it acquired such data. The Client warrants that it has a valid legal basis for the Processing, has provided all required notices to, and obtained all required consents from, Data Subjects, and has the authority to appoint SYP as Processor. The Client will not provide SYP with Special Categories of Personal Data for Processing except as expressly agreed in an Order Form with appropriate additional safeguards.

DPA 3

Processing on Documented Instructions

SYP will Process Client Personal Data only on the Client's documented instructions, including with regard to international transfers, unless required to do otherwise by applicable law; in that case, SYP will (unless legally prohibited) inform the Client of that legal requirement before Processing. The Agreement, this DPA, the applicable Order Form, and the Client's configuration and use of the Services constitute the Client's complete and documented instructions.

SYP will inform the Client if, in its reasonable opinion, an instruction infringes Data Protection Laws, without obligation to conduct a legal review of the lawfulness of the Client's instructions.

DPA 4

Confidentiality of Personnel

SYP will ensure that persons authorized to Process Client Personal Data are subject to an appropriate duty of confidentiality (whether contractual or statutory), Process the data only as necessary to provide the Services, and receive appropriate data-protection and security training.

DPA 5

Security

Taking into account the state of the art, the costs of implementation, and the nature, scope, context and purposes of Processing as well as the risk to Data Subjects, SYP will implement and maintain the technical and organizational measures set out in Annex II to ensure a level of security appropriate to the risk, in accordance with Article 32 of the EU GDPR. SYP may update its security measures from time to time provided the updates do not materially reduce the overall level of protection of Client Personal Data during the term.

DPA 6

Sub-Processors

The Client grants SYP general written authorization to engage Sub-Processors to Process Client Personal Data. A current list of Sub-Processors is set out in Annex III and is available to the Client on request or through the Services.

SYP will inform the Client of any intended addition or replacement of a Sub-Processor at least ten (10) business days in advance, giving the Client the opportunity to object on reasonable data-protection grounds. If the Client objects and the issue cannot be resolved, the Client may, as its sole remedy, terminate the affected Services and receive a pro-rata refund of any prepaid, unused fees.

SYP will impose on each Sub-Processor, by written contract, data-protection obligations no less protective than those in this DPA. SYP remains fully liable to the Client for the performance of each Sub-Processor's obligations.

DPA 7

Assistance with Data-Subject Rights

Taking into account the nature of the Processing, SYP will assist the Client by appropriate technical and organizational measures, insofar as possible, to respond to requests from Data Subjects exercising their rights under Data Protection Laws (including access, rectification, erasure, restriction, portability and objection), including through the self-service and export functionality of the Services. If SYP receives a request from a Data Subject relating to Client Personal Data, SYP will, unless legally prohibited, promptly inform the Client and will not respond directly except on the Client's documented instructions or as required by law.

DPA 8

Assistance with Compliance

Taking into account the nature of the Processing and the information available to SYP, SYP will assist the Client in ensuring compliance with the Client's obligations under Articles 32 to 36 of the EU GDPR (and equivalents), namely security of Processing, notification of Personal Data Breaches, communication to Data Subjects, data protection impact assessments, and prior consultation with Supervisory Authorities. SYP may make available audit reports, security documentation and standard questionnaires to support the Client's assessments.

DPA 9

Personal Data Breach Notification

SYP will notify the Client without undue delay after becoming aware of a Personal Data Breach affecting Client Personal Data, and in any event in a manner that enables the Client to meet its own notification obligations under Data Protection Laws. The notification will describe, to the extent known and as it becomes available, the nature of the breach, the categories and approximate number of Data Subjects and records concerned, the likely consequences, and the measures taken or proposed to address it. SYP will cooperate with the Client and take reasonable steps to mitigate and remediate the breach. SYP's notification is not an acknowledgement of fault or liability.

DPA 10

International Data Transfers

The Client authorizes SYP to transfer Client Personal Data to the United States and to other countries in which SYP or its Sub-Processors operate, as necessary to provide the Services. To the extent any such transfer is a Restricted Transfer, the transfer mechanisms in Appendix 1 apply, which incorporate the SCCs (for EU/EEA transfers), the UK Addendum (for UK transfers), and the Swiss amendments (for transfers subject to the FADP). In the event of a conflict between this DPA and the SCCs, the SCCs prevail with respect to Restricted Transfers.

DPA 11

Records; Information; Audits

SYP will make available to the Client information reasonably necessary to demonstrate its compliance with this DPA and Article 28 of the EU GDPR, including a description of SYP's technical and organizational measures, summaries of its information security and data-protection policies, responses to the Client's reasonable security questionnaires, and any third-party audit reports, attestations or certifications that SYP holds from time to time.

Where the information made available is not sufficient to demonstrate compliance, SYP will cooperate with a documentation-based assessment on reasonable written request and at least thirty (30) days' notice. On-site audits are limited to once per twelve (12) month period, limited to SYP's Processing of the Client's Personal Data, and conducted so as not to unreasonably disrupt SYP's operations.

DPA 12

Return and Deletion

Upon termination or expiry of the Agreement, SYP will, at the Client's choice, delete or return Client Personal Data as described in Part B and the Terms, and delete existing copies unless applicable law requires storage. Client Personal Data that SYP is required to retain will remain subject to the confidentiality and security obligations of this DPA for so long as it is retained. SYP will use, retain and delete Platform Data (including User Data obtained from a Meta Platform) in accordance with the Meta Terms.

DPA 13

U.S. State Privacy Laws (Service-Provider Terms)

To the extent SYP Processes Personal Data subject to the CCPA or a similar U.S. state law as a service provider or processor, SYP will: (a) Process such Personal Data solely to provide the Services under the Agreement and not for any other purpose; (b) not sell or share such Personal Data, and not retain, use or disclose it outside the direct business relationship or for any purpose other than the Services; (c) not combine it with Personal Data received from other sources except as permitted by the CCPA; and (d) comply with applicable obligations and provide the Client with reasonable assistance in responding to verifiable consumer requests. SYP certifies that it understands and will comply with these restrictions.

DPA 14

Liability, Precedence, Term and Governing Law

Each Party's liability under or in connection with this DPA is subject to the exclusions and limitations of liability in the Terms. Nothing in this DPA limits any liability that cannot be limited under Data Protection Laws. In the event of a conflict between this DPA and the Terms regarding the Processing of Client Personal Data, this DPA prevails; the SCCs prevail over both as provided in Section 10. This DPA takes effect on the effective date of the Agreement and continues until SYP has ceased all Processing of Client Personal Data and completed return or deletion under Section 12. This DPA is governed by the law stated in the Terms.

Annex I

Description of Processing

A. List of Parties

Data Exporter / Controller: the Client identified in the Order Form. Role: Controller.

Data Importer / Processor: Share Your Passion, Inc. dba SYP AI, 151 East 83rd Street, Suite 3A, New York, NY 10028, USA. Contact: privacy@getsyp.com. Role: Processor.

B. Description of the Processing

ElementDetail
Categories of Data SubjectsThe Client's End Users and social-media audience (e.g., Instagram / Facebook / WhatsApp followers and contacts), programme participants, and the Client's personnel and authorized users of the Account.
Categories of Personal DataIdentifiers and social handles/IDs, profile and public information (including Instagram bio and public data), contact details where provided (e.g., phone, email), message and interaction content, engagement and campaign data, loyalty/points and reward data, device/technical and usage data, and Account administrator details.
Special CategoriesNone intended. The Client will not instruct the Processing of Special Categories of Personal Data except as expressly agreed in an Order Form with appropriate safeguards.
Nature & PurposeHosting, storage, organization, retrieval, analysis (including AI-based sentiment analysis), and automated messaging, in order to provide the Services and AI Features described in the Agreement.
FrequencyContinuous, for the duration of the Agreement.
DurationFor the term of the Agreement and the return/deletion period in Section 12 and Part B.

C. Competent Supervisory Authority

Where the SCCs apply, the competent Supervisory Authority is that of the EU/EEA member state in which the Client is established; for the UK, the Information Commissioner's Office (ICO); for Switzerland, the Federal Data Protection and Information Commissioner (FDPIC).

Annex II

Technical and Organisational Measures

SYP maintains a written information-security programme with measures appropriate to the risk, including:

  • Access control. Role-based access control and least-privilege principles; unique credentials; multi-factor authentication for administrative access; timely revocation of access on role change or departure.
  • Encryption. Encryption of Client Personal Data in transit (TLS) and at rest using industry-standard algorithms; secure key management.
  • Pseudonymization & minimization. Use of aggregated or de-identified data where feasible; data-minimization and purpose-limitation controls.
  • Network & application security. Firewalls, segmentation, hardened configurations, secure software-development practices, code review, and periodic vulnerability scanning and penetration testing.
  • Confidentiality, integrity, availability. Controls to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems, including redundancy and monitoring.
  • Backup & resilience. Regular backups, tested restore procedures, and business-continuity and disaster-recovery planning.
  • Logging & monitoring. Security logging, monitoring and alerting; retention of audit logs; anomaly and intrusion detection.
  • Vendor management. Security assessment of Sub-Processors and contractual flow-down of protective obligations.
  • Incident response. Documented incident-response and breach-notification procedures, with defined roles and escalation.
  • Personnel & governance. Confidentiality obligations, security-awareness training, and governance/oversight of the security programme; annual review.
Annex III

Sub-Processors

The Client authorizes the categories of Sub-Processors below. The current, itemized list (with names, locations and functions) is made available to the Client on request or through the Services, and is updated in accordance with Section 6.

CategoryFunctionIllustrative Location
Cloud hosting / infrastructureHosting, storage and compute for the PlatformUSA / EU
AI / machine-learning providersSentiment analysis and AI FeaturesUSA / EU
Messaging & communicationsDelivery of email, SMS and platform messagesUSA / EU
Payment processingBilling and payment (limited Account data)USA / EU
Analytics & error monitoringProduct analytics, logging and diagnosticsUSA / EU
Customer support toolingSupport ticketing and communicationsUSA / EU
App. 1

Cross-Border Transfer Mechanisms

1. EU/EEA Transfers — Standard Contractual Clauses

For Restricted Transfers subject to the EU GDPR, the SCCs (Commission Implementing Decision (EU) 2021/914) are incorporated into this DPA by reference and completed as follows: Module Two (Controller-to-Processor) where the Client is a Controller; Module Three (Processor-to-Processor) where the Client acts as a Processor. Clause 9 (general written authorization) applies, with a minimum notice period of ten (10) business days. The SCCs are governed by the law of Ireland.

2. UK Transfers — International Data Transfer Addendum

For Restricted Transfers subject to the UK GDPR, the UK Addendum (version B1.0) is incorporated by reference and completed with Annexes I to III of this DPA. The UK Addendum is governed by the laws of England and Wales.

3. Swiss Transfers — FADP Amendments

For Restricted Transfers subject to the FADP, the SCCs apply with the following amendments: references to the EU GDPR are to be understood as references to the FADP; the competent Supervisory Authority is the FDPIC; the term "member state" must not be interpreted to exclude Data Subjects in Switzerland.

4. Supplementary Measures

In addition to the transfer mechanisms above, SYP applies the technical, organizational and contractual supplementary measures described in Annex II — including encryption in transit and at rest, access controls, and a policy of challenging or notifying the Client of unlawful or overbroad government access requests to the extent legally permitted — to protect Client Personal Data during and after transfer.

Part B — Data Ownership & Portability Addendum Incorporated by reference into the Agreement · Governs ownership, access, export, portability and deletion of Client Data
B.1

Ownership of Client Data

As between the Parties, the Client (or its licensors or, where applicable, the relevant End Users) owns and retains all right, title and interest in and to Client Data, including all Personal Data contained within it. No ownership of Client Data transfers to SYP under the Agreement.

The Client grants SYP a limited, non-exclusive, worldwide, royalty-free license to host, store, process, transmit, display and otherwise use Client Data solely to provide, secure, support, maintain and improve the Services and AI Features, to comply with law, and as otherwise instructed by the Client. This license terminates on deletion of the Client Data in accordance with Section 5, except for retained copies permitted under the DPA or required by law.

SYP may create and use aggregated and de-identified data derived from use of the Services for any lawful business purpose (including analytics, benchmarking, and improving the Services), provided such data does not identify, and cannot reasonably be used to identify, the Client, any End User or any other individual, and is not re-identified.

For clarity, this Addendum does not grant the Client any rights in the SYP Materials, the Platform, or SYP's underlying models and technology. AI outputs generated for the Client (such as Sentiment Outputs) are made available for the Client's use as described in the Terms.

B.2

Access and Export During the Term

During the term, the Client may access and export its Client Data at any time using the export and reporting functionality of the Services, in structured, commonly used and machine-readable formats (such as CSV or JSON), and, where made available, via API.

Where the self-service functionality does not cover a reasonable export need, SYP will, on the Client's written request, provide reasonable assistance to export the Client Data in a structured, commonly used, machine-readable format. SYP may charge its reasonable, documented costs for non-standard or unusually burdensome export assistance, notified to the Client in advance.

Anti-lock-in guarantee: SYP will not apply any technical or contractual measure for the purpose of locking in Client Data or impeding the Client's lawful export or portability of its Client Data. SYP will not condition the return or export of Client Data on payment of amounts other than fees properly due and owing under the Agreement (and will not withhold Personal Data required to be returned under Data Protection Laws).
B.3

Data Portability (Data-Subject Rights)

To support the Client's obligations under Article 20 of the EU GDPR (and equivalents), SYP will make available functionality and, where necessary, reasonable assistance to enable the Client to provide Data Subjects with their Personal Data in a structured, commonly used and machine-readable format, and, where technically feasible, to transmit it to another controller.

B.4

Portability Formats and Documentation

Export formats will be structured, commonly used and machine-readable (such as CSV or JSON). On request, SYP will provide reasonable documentation of the export schema (field descriptions) to enable the Client to interpret and re-use the exported data.

B.5

Return and Deletion on Exit

For a period of at least thirty (30) days following the effective date of termination or expiry of the Agreement, the Client may export its Client Data using the functionality of the Services or, on written request, with SYP's reasonable assistance, consistent with Section 16 of the Terms.

After the export window, SYP will delete or anonymize Client Data (including Client Personal Data) in the ordinary course, except for data SYP is required or permitted to retain to comply with law or for legitimate accounting, audit, evidentiary, security or backup purposes, which will be retained only for the period required and remain protected under the DPA and the Terms. Back-up copies are deleted in accordance with SYP's documented retention cycle.

On the Client's written request following deletion, SYP will confirm in writing that the Client Data has been deleted or anonymized in accordance with this Section, save for permitted retained copies.

Platform Data (including User Data from a Meta Platform) is used, retained and deleted in accordance with the Meta Terms and the DPA.

B.6

Transition Assistance

On the Client's request made before the end of the export window, SYP will provide reasonable transition assistance to support an orderly migration of Client Data to the Client or a successor provider, at SYP's then-current professional-services rates for any assistance beyond standard export functionality, subject to a separate statement of work where the effort is material.

B.7

General

Precedence. This Addendum forms part of the Agreement. In the event of a conflict regarding ownership, export, portability, return or deletion of Client Data, this Addendum prevails over the Terms; the DPA governs the Processing of Client Personal Data; and, for Restricted Transfers, the SCCs prevail as provided in the DPA.

Governing Law. This Addendum is governed by the law of the State of New York.

Scroll to Top