TERMS OF SERVICE FOR TOKEN ISSUERS

Applicable as of 30 June 2022

We are Programmable Equity OÜ, an Estonian company with registry code 16320994 and registered address Kristjani road 4, 74015, Harju county, Estonia, hereinafter “we”, “us”, “our” or “KOOS”. 

We are operating the website https://koos.io/, its subdomains (the “Website”) and the KOOS solution, including the software, databases, interfaces, associated media, documentation, updates, new releases and other components or materials incorporated therein or integrated therewith (hereinafter collectively the “Platform”). Through the Platform, we provide software and solutions to help companies and other organizations (the “Token Issuer”, “you”, “your”) to motivate, thank or otherwise remember certain persons (the “Token Recipients”) by issuing them tokens (the “Tokens”). The Tokens may be attached with certain rights or benefits. Such rights and benefits will be recorded in agreements with Token Recipients (the “Token Rights Agreements”).

Any service made available by KOOS via Platform to the Token Issuers is hereinafter referred to as the “Issuer Service” or the “Issuer Services”. The specific content, scope and description of the Issuer Services may vary from time to time. 

By accepting these Terms, you confirm that you have carefully read and understood these Terms of Service for Token Issuers (the “Terms”) and agree to be bound by them. These Terms and the documents referenced herein form together a legally binding agreement between you and us (the “Agreement”) that shall govern the provision of respective Issuer Services.

  1. OUR ISSUER SERVICES
    1. These Terms govern the provision of all Issuer Services which are made available by us to you through the Platform, including any issuer services which are not defined in these Terms, but which are explicitly listed and described in the issuer service description on the Website or elsewhere (if made available) (the “Issuer Service Description").
    2. The Issuer Services include, above all, access to the Platform to help you to issue Tokens, generate Token Rights Agreements based on our templates and keep record of Tokens, Token Recipients and Token Rights Agreements. 
    3. As our service offering expands, we may provide you additional issuer services such as help in conducting know-your-customer (KYC) and anti-money laundering (AML) procedures on Token Recipients and distributing payments or other assets to Token Recipients. Once we are ready to provide such services, we will include the description and scope of such issuer services in the Issuer Service Description.
  2. USE OF THE ISSUER SERVICES
    1. Subject to the Terms, we hereby grant to you a limited non-exclusive, non-sublicensable and non-transferable right/license to use the Issuer Services. 
    2. The Issuer Services are provided to you on an “as is” and “as available” basis without any warranties of any kind either express or implied. We may update, improve, or change the Platform and/or the Issuer Services, including add and remove features at any time. 
    3. To access the Platform and/or the Issuer Services, you must have an account and/or digital wallet. To create such account and/or digital wallet, you may need to complete certain procedures. If you generate a username and/or password or if we generate a private key to you in such process, you should keep them confidential and securely. You should change any password regularly. You should inform us immediately if you get information about any breach of security or unauthorized use of your account or the wallet.
  3. FEES AND PAYMENT
    1. The Issuer Services are subject to fee(s) (the “Fee” or “Fees”).
    2. The amounts of Fees are set out in the price list(s) (the “Price List(s)”) which will be made available to you on the Website, by e-mail (for example, through a link in the e-mail) or in any other manner accepted by you in the course of use of the Issuer Services. 
    3. You acknowledge and agree that we may change the Fees at any time and from time to time when there is an objective justification for that. Above all, we may change the Fees in case (i) there is any change in our costs, expenses, risks and/or liabilities relating to the provision of the Issuer Services, including, without limitation, due to changes in laws and regulations and/or in the interpretation and application of the laws and regulations or (ii) there are other objective reasons of whatsoever nature. We shall notify you of changes in Fees by providing an updated Price List by e-mail, on the Website or in any other manner accepted by you at least 14 days in advance. If you do not agree with such amendments, you may terminate the Agreement by notice in writing to us.
    4. The amounts of Fees are exclusive of value added tax (VAT) which will be added in accordance with applicable laws.  
    5. You shall pay the Fees in accordance with our invoices by a bank transfer to our bank account specified in the invoice.
    6. The Fees are non-cancellable and non-refundable.
  4. LEGAL, FINANCIAL, TAX AND SIMILAR MATTERS
    1. As KOOS is a software company, we are not professional advisers in legal, tax, financial or accounting matters. However, we would like to draw your attention to certain legal, regulatory, tax and similar matters that may be relevant in connection with Tokens. For example:
      1. your offering and issuance of Tokens to Token Recipients and signing of Token Rights Agreements and other actions that you may take in connection with Tokens and (all collectively “Token Actions”) may be regulated by different laws and regulations, including tax laws, advertising laws, consumer protection laws, data protection laws (including GDPR), anti-money laundering and terrorist financing laws and securities, investment and financial services laws; you should ensure that you comply with all such laws and regulations and, if necessary, consult with professional lawyers and other competent advisors;
      2. the Token Actions may also require certain approvals, shareholders’ resolutions, board resolutions or other similar actions under your articles of association and other corporate governance rules as well as agreements you have signed (for example, shareholders’ agreements and financing agreements); you should ensure that you comply with all such requirements; 
      3. although we may have provided you some general guidance on some general tax aspects that may be relevant to the Token Actions based on currently effective laws and currently prevailing practices , you should consult with professional tax advisors to fully understand the tax consequences of any Token Actions and make sure that all taxes are duly paid or withheld;
      4. you should make sure that the templates for Token Rights Agreements suit your needs and resources, as you will be the one responsible for the fulfilment of obligations arising from Tokens and Token Rights Agreements;
      5. you should also ensure that all your communications with Token Recipients in relation to Tokens are not ambiguous, deceptive, misleading, or otherwise objectionable. 
    2. We are providing our Issuer Services on the assumption and condition that you select all Token Recipients yourself and you will have a direct legal relationship with Token Recipients. We act as an operator of the Platform that helps you to record Token Recipients and Token Rights Agreements. We are not the issuers of any Tokens or broker, agent or other intermediary between you and any Token Recipient. 
    3. It is mandatory to use the template of the Token Rights Agreement that we have provided to you. You may supplement the template with your promise to the Token Recipients but the final version of the promise must be approved by us. Any other changes in the template may be made only with good reason. All changes in the Token Rights Agreements, including in the promise, must be submitted for our approval. Upon the implementation of any changes without our approval, we may suspend our Issuer Services or terminate the Agreement.  
    4. You must ensure that the Tokens do not qualify as virtual currencies (Est. virtuaalvääring) as actions relating to virtual currencies are highly regulated.
  5. ADDITIONAL OBLIGATIONS
    1. You and us both must ensure that all information that we provide each other in connection with the Issuer Services, including information that you provide on your client account, is current, complete and accurate. 
    2. You and us both must provide each other with all necessary cooperation in relation to this Agreement and all information and documents that may be required for the performance this Agreement. You and us both must comply with requests and orders of public authorities and regulatory bodies relating to the use of the Issuer Services.   
    3. You must ensure that all devices, software and hardware used in connection with your use of the Issuer Services are fit for using the Issuer Services.
    4. You must use all reasonable endeavours to prevent any unauthorised access to, or use of, the Issuer Services.
    5. We also request your compliance with the following restrictions and obligations that we consider customary for any software services agreement: You should not use the Issuer Services or the Platform in a way that (a) is unlawful, unethical, deceptive, misleading or in conflict with industry practices (b) is harmful, threatening, defamatory, infringing, harassing or discriminatory (c) may infringe the intellectual property rights or other rights of any third party; You should not (a) use the Issuer Services or the Platform in any manner that could negatively affect other users from fully enjoying the Issuer Services or the Platform (b) attempt to circumvent any content filtering techniques or security measures that we employ for the Issuer Services or the Platform, or attempt to access any service or area of the Issuer Services or the Platform that you are not authorized to access; (c) use any robot, spider, crawler, scraper, or other automated means or interface not provided by us, to access the Issuer Services or the Platform or to extract data; (d) use or attempt to use another client’s account or Token Recipients’ account without authorization; (e) introduce any malware, virus or other harmful material into the Issuer Services or the Platform; (f) use the Issuer Services or the Platform from a jurisdiction that we have determined to be a jurisdiction where the use of the Issuer Services or the Platform is prohibited; (g) access any part of the Issuer Services or the Platform to build a product or service which competes with the Issuer Services or the Platform.
    6. As a precondition to provide (or continue to provide) the Issuer Services, we may require that Token Recipients provide us certain information or documents or take other actions (e.g. to comply with anti-money laundering and terrorist financing prevention laws and regulations) from time to time. We ask you to cooperate with us to procure that such information and/or documents are provided and other actions taken in a timely manner. 
  6. INTELLECTUAL PROPERTY RIGHTS
    1. You acknowledge and agree that we and/or our licensors own all intellectual property rights in the Platform and the Issuer Services. Except as expressly stated herein, this Agreement does not grant you intellectual property rights or other rights in respect of the Platform and the Issuer Services.
    2. Except as may be allowed by mandatory provisions of applicable law, you shall not (i) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit or distribute all or any portion of the Platform by any means or (ii) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Platform.
    3. We confirm that we have all the rights in relation to the Issuer Services that are necessary to grant all the rights we purport to grant under this Agreement. 
  7. DATA PROTECTION
    1. In order to provide you the Issuer Services, we act as the data processor and process certain personal data about Token Recipients. Therefore, you must ensure that there exists a legal ground for processing the personal data of Token Recipients listed in Appendix 1 of the Appendix A. 
    2. You and us both must comply with all data protection legislation, including GDPR that applies to the data processed under this Agreement.
    3. Your and our roles and responsibilities regarding data processing in the context of this Agreement are set out in Appendix A.
    4. You must ensure that the Token Recipients have granted consent that gives us the right to contact them in connection with the Issuer Services and Token Actions and any changes in them as well as for the purposes of marketing our products and services.
  8. LIMITATION OF LIABILITY
    1. You are not liable to us and we are not liable to you, under the Agreement or otherwise, for any damages other than direct proprietary damages. This limitation does not apply in case the damage is caused intentionally. 
    2. We are liable for breach of this Agreement if we have committed such breach intentionally or as a result of gross negligence. The liability for other breaches is excluded. 
    3. Our aggregate liability under this Agreement shall be limited to the total amount of Fees that you have paid during six months preceding the date on which the claim arose. This limitation does not apply in case the damage is caused intentionally.
  9. TERMINATION OF AGREEMENT; SUSPENSION OF SERVICES
    1. The Agreement shall be valid until it is terminated by our mutual agreement in writing.
    2. You may terminate this Agreement unilaterally extraordinarily by notice in writing in case we commit a material breach of our obligations under this Agreement.
    3. We may terminate this Agreement unilaterally extraordinarily by notice in writing in case you commit a material breach of your obligations under this Agreement.
    4. We may suspend the provision of the Issuer Services and/or restrict your access to your account without prior notice if (a) you materially breach the Agreement or have not remedied any breach within a reasonable cure-period granted (b) we have a reasonable suspicion of your fraud or your inappropriate activity and/or (c) this is necessary to ensure the security of the Platform and/or other users of our services. 
    5. We may terminate this Agreement unilaterally extraordinarily also in case any actions or omissions of any third party or other circumstances depending on any third party (including change in laws or regulations or actions by any public authority) materially impair our ability to provide the Issuer Services to you and such situation is not of temporary nature.
    6. Upon the termination of this Agreement for any reason, we may erase your data held with us, except in case we receive, within ten days after the effective date of termination, your written request to deliver the most recent back-up of such data to you. In such case, we use reasonable efforts to deliver the back-up to you in a mutually agreed form within 30 days of the receipt of such request, provided you take actions on your part to receive such data.
  10. LINKED SITES AND THIRD-PARTY CONTENT
    1. The Platform and the Issuer Services may include links to other websites or services or to third party content. 
    2. We do not endorse any such linked sites or third-party content or the information, material, products, or services contained on or accessible through linked sites. Access and use of linked sites, including the information, material, products, and services on linked sites or available through linked sites is solely at your own risk.
  11. AMENDMENTS TO THE TERMS
    1. We may unilaterally amend these Terms in case (i) we improve, change, adapt or adjust any of the Issuer Services and/or the Platform, including add or remove any features or elements of the Issuer Services and/or the Platform (ii) there is any change in our costs, expenses, risks and/or liabilities relating to the provision of the Issuer Services, including, without limitation, due to changes in laws and regulations and/or in the interpretation and application of the  laws and regulations and/or (iii) there are other objective reasons of whatsoever nature. If we make any such amendments, we shall notify you by providing an updated Terms by e-mail, through the Platform or in any other manner accepted by you in the course of the use of the Issuer Services. 
    2. We may also unilaterally amend these Terms on grounds not specified in Section 11.1. If we make any such amendments, we shall notify you in the same manner as provided in Section 11.1 at least 14 days in advance. If you do not agree with such amendments, you may terminate the Agreement by notice in writing to us. 
  12. CONFIDENTIALITY
    1. The information about a party that the other party obtains in the course of preparation or performance of this Agreement which such party had not obtained without the entry into this Agreement shall be considered as confidential information. The party shall not disclose the other party’s confidential Information to any third party nor use such information for any purpose other than the performance of this Agreement, except (i) upon the prior consent of the other party or (ii) if the disclosure is required under applicable laws and regulations or (ii) the confidential Information is disclosed to the party’s banks, auditors or professional consultants and advisers who are bound by an obligation to hold such information confidential.
    2. However, a party may disclose the fact of entry into this Agreement and the name, trademark and logo of the other party in its press materials, website and other sales and marketing materials for the purposes of the promotion of its services. 
    3. The obligations set forth in Section 12 of this Agreement shall survive the termination of the Agreement and shall apply, in respect of each item of Confidential Information, for a period of three years after the disclosure of the respective item of Confidential Information. 
  13. FINAL PROVISIONS
    1. If any provision of this Agreement is invalid or unenforceable you and us shall make best efforts to replace such provision to achieve the effect closest to the original provision.
    2. This Agreement constitutes the entire agreement between you and us with respect to the subject matter hereof and supersedes all other prior declarations of intent, agreements and other communication between you and us with respect to the subject matter hereof (merger clause).
    3. This Agreement shall be governed by Estonian laws. Any dispute or claim arising out of this Agreement shall be subject to jurisdiction of Harju County Court (Harju Maakohus) in Estonia as the court of first instance.
    4. Any notice or other communication to you under these Terms is deemed duly delivered if it is sent to your e-mail address registered with us. If you would like to change such e-mail address, please notify us in accordance with Section 13.5.
    5. Unless otherwise specified in the Terms any notice or other communication under these Terms must be in a form reproduceable in writing and, in case of notice to us, it must be sent to the e-mail address specified below:
      Name:Programmable Equity OÜ
      AddressHarju maakond, Viimsi vald, Miiduranna küla, Kristjani tee 4, 74015
      E-mailinfo@koos.io

APPENDIX – A

DATA PROCESSING AGREEMENT

This Data Processing Agreement (“DPA“) between you and us (the “Parties”) forms an integral part of the Terms/ the Agreement.

WHEREAS:

  1. You act as the Controller.
  2. You wish to purchase from us certain Services, which imply the processing of personal data.
  3. The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

IT IS AGREED AS FOLLOWS:

  1. DEFINITIONS AND INTERPRETATION
    1. Unless otherwise defined herein, capitalized terms and expressions used in this DPA shall have the following meaning:
      1. “DPA” means this Data Processing Agreement and all Schedules;
      2. “Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
      3. “Data Transfer” means:
        1. a transfer of Issuer Personal Data from you to us; or
        2. an onward transfer of Issuer Personal Data from us to a Subprocessor, or between two establishments of us;
      4. “EEA” means the European Economic Area;
      5. “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
      6. “GDPR” means EU General Data Protection Regulation 2016/679;
      7. “Issuer Personal Data” means any Personal Data Processed by us on behalf of you pursuant to or in connection with the Agreement;
      8. “Services” means the Issuer Services provided by us to you;
      9. “Subprocessor” means any person appointed by or on behalf of us to process Issuer Personal Data on behalf of you in connection with the DPA.
    2. The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processor”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.
  2. PROCESSING OF ISSUER PERSONAL DATA
    1. We shall:
      1. comply with all applicable Data Protection Laws in the Processing of Issuer Personal Data; and
      2. not Process Issuer Personal Data other than to perform the obligations and exercise rights arising under the Agreement or pursuant to your relevant documented instructions.
    2. You hereby instruct us to process Issuer Personal Data.
    3. You shall ensure that you have a valid legal ground for processing personal data listed in Appendix 1 of this DPA by us according to Article 6(1) of the GDPR and that you have full legal capacity to grant the right to process the personal data listed in Appendix 1 of this DPA to us. 
  3. OUR PERSONNEL
    We shall take reasonable steps to ensure the reliability of any employee, agent or contractor of us who may have access to the Issuer Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Issuer Personal Data, as strictly necessary for the purposes of the Agreement, and to comply with Applicable Laws in the context of that individual’s duties to us, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
  4. SECURITY
    1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we shall in relation to the Issuer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
    2. In assessing the appropriate level of security, we shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.
  5. SUBPROCESSING
    You hereby give us a general authorisation for the engagement of Subprocessors. We shall inform you of any intended changes to Subprocessors used giving you sufficient time to be able to object to such changes prior to the engagement of the Subprocessor(s).
  6. DATA SUBJECT RIGHTS
    1. Taking into account the nature of the Processing, we shall assist you by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of your obligations, as reasonably understood by you, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
    2. We shall:
      1. notify you if we receive a request from a Data Subject under any Data Protection Law in respect of Issuer Personal Data; and
      2. ensure that we do not respond to that request except pursuant to your documented instructions or as required by Applicable Laws to which we are subject, in which case we shall to the extent permitted by Applicable Laws inform you of that legal requirement before we respond to the request.
  7. PERSONAL DATA BREACH
    1. We shall notify you without undue delay if we become aware of a Personal Data Breach affecting Issuer Personal Data, providing you with sufficient information to allow you to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
    2. We shall co-operate with you and take reasonable commercial steps as are directed by you to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
  8. DATA PROTECTION IMPACT ASSESSMENT AND PRIOR CONSULTATION
    We shall provide reasonable assistance to you with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which you reasonably consider to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Issuer Personal Data by, and taking into account the nature of the Processing and information available to us.
  9. DELETION OR RETURN OF ISSUER PERSONAL DATA
    We shall, no later than within 10 business days of the date of cessation of any Services involving the Processing of Issuer Data, delete and procure the deletion of all copies of those Issuer Personal Data.
  10. AUDIT RIGHTS
    1. Subject to this Section 10, we shall make available to you on request all information necessary to demonstrate compliance with this DPA, and shall allow for and contribute to audits, including inspections, by you or an auditor mandated by you in relation to the Processing of the Issuer Personal Data by us.
    2. Your information and audit rights only arise under Section 10.1 to the extent that the DPA does not otherwise give you information and audit rights meeting the relevant requirements of Data Protection Law.
  11. DATA TRANSFER
    We may not execute Data Transfer or authorize the Data Transfer to countries outside the EU and/or the European Economic Area (EEA) without your prior consent. If personal data processed under this DPA is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.
  12. GOVERNING LAW AND JURISDICTION
    1. This DPA is governed by Estonian laws. 
    2. Any dispute arising in connection with this DPA, which the Parties will not be able to resolve amicably, will be submitted to the exclusive jurisdiction of the courts of Harju County Court (Harju Maakohus) in Estonia.

Appendix 1 to DPA

Categories of Data Subjects and Types of Personal Data

Categories of Data SubjectsTypes of Personal Data
Token Recipients defined by youE-mail address, phone number or customer reference number