Applicable as of 15 March 2023

We are Programmable Equity OÜ, an Estonian company with registry code 16320994 and registered address Kristjani road 4, 74015, Harju county, Estonia, hereinafter “we”, “us”, “our” or “KOOS”.

We are operating the website https://koos.io/, its subdomains (the “Website”) and the KOOS solution, including the software, databases, interfaces, associated media, documentation, updates, new releases and other components or materials incorporated therein or integrated therewith (hereinafter collectively the “Platform”). Through the Platform, we provide software and solutions to help companies and other organisations (the “Token Issuer”, “you”, “your”) to motivate, thank or otherwise remember certain persons (the “Contributors”) by issuing them tokens (the “Tokens”). The Tokens may be attached with certain rights or benefits. Such rights and benefits will be recorded in the terms of Tokens (the “Token Terms”) The Contributors that have accepted the Tokens will be registered in the register of Tokens as Token holders (the “Token Holders").

Any service made available by KOOS via the Platform to the Token Issuers is hereinafter referred to as the “Issuer Service” or the “Issuer Services”. The specific content, scope and description of the Issuer Services may vary from time to time.

By accepting these Terms, you confirm that you have carefully read and understood these Terms of Service for Token Issuers (the “Terms”) and agree to be bound by them. We may add separate appendices to these Terms which form integral part of these Terms. These Terms, its appendices, and the documents referenced herein form together a legally binding agreement between you and us (the “Agreement”) that shall govern the provision of respective Issuer Services.

    1. These Terms govern the provision of all Issuer Services which are made available by us to you through the Platform, including any issuer services which are not defined in these Terms, but which are explicitly listed and described in the issuer service description on the Website or elsewhere (if made available) (the “Issuer Service Description").
    2. The Issuer Services include, above all, access to the Platform to help you to issue Tokens, generate Token Terms based on our templates and keep record of Tokens, Token Recipients and Token Terms.
    1. Subject to the Terms, we hereby grant to you a limited non-exclusive, non-sublicensable and non-transferable right/license to use the Issuer Services.
    2. The Issuer Services are provided to you on an “as is” and “as available” basis without any warranties of any kind either express or implied. We may update, improve, or change the Platform and/or the Issuer Services, including add and remove features at any time.
    3. To access the Platform and/or the Issuer Services, you must have an account and/or digital wallet. To create such account and/or digital wallet, you may need to complete certain procedures. If you generate a username and/or password or if we generate a private key to you in such process, you should keep them confidential and securely. You should change any password regularly. You should inform us immediately if you get information about any breach of security or unauthorized use of your account or the wallet.
    1. The Issuer Services are subject to fee(s) (the “Fee” or “Fees”).
    2. The amounts of Fees are set out in the price list(s) (the “Price List(s)”) which will be made available to you on the Website, by e-mail (for example, through a link in the e-mail) or in any other manner accepted by you in the course of use of the Issuer Services.
    3. You acknowledge and agree that we may change the Fees at any time and from time to time when there is an objective justification for that. Above all, we may change the Fees in case (i) there is any change in our costs, expenses, risks and/or liabilities relating to the provision of the Issuer Services, including, without limitation, due to changes in laws and regulations and/or in the interpretation and application of the laws and regulations or (ii) there are other objective reasons of whatsoever nature. We shall notify you of changes in Fees by providing an updated Price List by e-mail, on the Website or in any other manner accepted by you at least 14 days in advance. If you do not agree with such amendments, you may terminate the Agreement by notice in writing to us.
    4. The amounts of Fees are exclusive of value added tax (VAT) which will be added in accordance with applicable laws.
    5. You shall pay the Fees in accordance with our invoices by a bank transfer to our bank account specified in the invoice or through a card payment.
    6. The Fees are non-cancellable and non-refundable.
    1. As KOOS is a software company, we are not professional advisers in legal, tax, financial or accounting matters. However, we would like to draw your attention to certain legal, regulatory, tax and similar matters that may be relevant in connection with Tokens. For example:
      1. your offering and issuance of Tokens to Contributors and other actions that you may take in connection with Tokens and (all collectively “Token Actions”) may be regulated by different laws and regulations, including tax laws, advertising laws, consumer protection laws, data protection laws (including GDPR), anti-money laundering and terrorist financing laws and securities, investment and financial services laws; you should ensure that you comply with all such laws and regulations and, if necessary, consult with professional lawyers and other competent advisors;
      2. the Token Actions may also require certain approvals, shareholders’ resolutions, board resolutions or other similar actions under your articles of association and other corporate governance rules as well as agreements you have signed (for example, shareholders’ agreements and financing agreements); you should ensure that you comply with all such requirements;
      3. although we may have provided you some general guidance on some general tax aspects that may be relevant to the Token Actions based on currently effective laws and currently prevailing practices, you should consult with professional tax advisors to fully understand the tax consequences of any Token Actions and make sure that all taxes are duly paid or withheld;
      4. you should make sure that the templates for Token Terms suit your needs and resources, as you will be the one responsible for the fulfilment of obligations arising from Tokens and Token Terms;
      5. you should also ensure that all your communication with Contributors/Token Holders in relation to Tokens is not ambiguous, deceptive, misleading, or otherwise objectionable.
    2. We are providing our Issuer Services on the assumption and condition that you select all Contributors/Token Holders yourself and you will have a direct legal relationship with Contributors/Token Holders. We act as an operator of the Platform that helps you to record Token Holders and Token Terms. We are not the issuers of any Tokens and neither do we act as a broker, agent or other intermediary in bringing the Contributors to your attention or in making any decisions regarding the reservation or recall of Tokens.
    3. You mandate us, through certain Platform functionalities, to collect information from the Contributors and Token Holders, to check and determine compliance with certain eligibility criteria under the Token Terms, to provide acceptance to the Token Terms by the Contributors / Token Holders and, if applicable, to facilitate payment processing in connection with the exercise of rights arising from Tokens. If the Token Terms allow Token transfers, the Platform may enable Token Holders to make such amendments to the register of Token Holders as is necessary for registering the transfers. All these functionalities of the Platform are operated, and the related Issuer Services are carried out, on your behalf.
    4. You acknowledge and agree that we are able to provide the Issuer Services only with respect to such Token Holders that identify themselves with us as set out in Token Terms and agree to the Token Terms.
    5. It is mandatory to use the template of the Token Terms that we have provided to you. You may adjust those provisions of the template that describe your Token program and specific rights represented by Tokens but the final version of the Token Terms must be approved by us. Any other changes in the template may be made only with good reason. All changes in the Token Terms must be submitted for our approval. Upon the implementation of any changes without our approval, we may suspend our Issuer Services or terminate the Agreement.
    6. You must ensure that the rights and obligations represented by Tokens do not qualify as financial instruments, e-money, virtual currencies (Est. virtuaalvääring) or any other type of asset within the scope of financial sector regulations.
    1. You and us both must ensure that all information that we provide each other in connection with the Issuer Services, including information that you provide on your client account, is current, complete and accurate.
    2. You and us both must provide each other with all necessary cooperation in relation to this Agreement and all information and documents that may be required for the performance this Agreement. You and us both must comply with requests and orders of public authorities and regulatory bodies relating to the use of the Issuer Services.
    3. You must ensure that all devices, software and hardware used in connection with your use of the Issuer Services are fit for using the Issuer Services.
    4. You must use all reasonable endeavours to prevent any unauthorised access to, or use of, the Issuer Services.
    5. We also request your compliance with the following restrictions and obligations that we consider customary for any software services agreement: you should not use the Issuer Services or the Platform in a way that (a) is unlawful, unethical, deceptive, misleading or in conflict with industry practices, or (b) is harmful, threatening, defamatory, infringing, harassing or discriminatory, or (c) may infringe the intellectual property rights or other rights of any third party; you should also not (i) use the Issuer Services or the Platform in any manner that could negatively affect other users from fully enjoying the Issuer Services or the Platform; (ii) attempt to circumvent any content filtering techniques or security measures that we employ for the Issuer Services or the Platform, or attempt to access any service or area of the Issuer Services or the Platform that you are not authorized to access; (iii) use any robot, spider, crawler, scraper, or other automated means or interface not provided by us, to access the Issuer Services or the Platform or to extract data; (iv) use or attempt to use another client’s account or Token Holders’ account without authorization; (v) introduce any malware, virus or other harmful material into the Issuer Services or the Platform; (vi) use the Issuer Services or the Platform from a jurisdiction that we have determined to be a jurisdiction where the use of the Issuer Services or the Platform is prohibited; (vii) access any part of the Issuer Services or the Platform to build a product or service which competes with the Issuer Services or the Platform.
    6. As a precondition to provide (or continue to provide) the Issuer Services, we may require that Contributors/Token Holders provide us certain information or documents or take other actions (e.g., to comply with anti-money laundering, terrorist financing prevention laws and regulations, and applicable financial sanctions) from time to time. We ask you to cooperate with us to procure that such information and/or documents are provided and other actions taken in a timely manner.
    1. You acknowledge and agree that we and/or our licensors own all intellectual property rights in the Platform and the Issuer Services. Except as expressly stated herein, this Agreement does not grant you intellectual property rights or other rights in respect of the Platform and the Issuer Services.
    2. Except as may be allowed by mandatory provisions of applicable law, you shall not (i) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit or distribute all or any portion of the Platform by any means or (ii) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Platform.
    3. We confirm that we have all the rights in relation to the Issuer Services that are necessary to grant all the rights we purport to grant under this Agreement.
    4. You hereby warrant that the Token image you upload while using Issuer Services does not infringe any rights of any third party, including the intellectual property rights of any third party. You hereby agree to fully indemnify and hold the us harmless from and against all damage, liabilities to third parties and all losses incurred in connection with claims by third parties resulting from breach of third-party rights related to Token image, including intellectual property rights.
    5. We acknowledge and agree that the Token image uploaded to the Platform is your intellectual property. You hereby grant us the non-exclusive, non-transferable (expect to the extent necessary to perform the Issuer Services to you pursuant to Agreement), free of charge and worldwide right to display the Token image on the Platform and to otherwise use the Token image for the provision of the Issuer Services to you during the term of the Agreement.
    1. In order to provide you the Issuer Services, we act as the data processor and process certain personal data about Contributors/Token Holders. Therefore, you must ensure that there exists a legal ground for processing the personal data of Contributors/Token Holders listed in Appendix 1 of the Appendix A.
    2. You and us both must comply with all data protection legislation, including GDPR that applies to the data processed under this Agreement.
    3. Your and our roles and responsibilities regarding data processing in the context of this Agreement are set out in Appendix A.
    4. You must ensure that the Contributors/Token Holders have granted consent that gives us the right, or that a contract exists or will exist with them for the performance of which we are entitled, to contact them in connection with the Issuer Services and Token Actions and any changes in them as well as for the purposes of marketing our products and services.
    1. We are not liable to you, under the Agreement or otherwise, for any damages other than direct proprietary damages. This limitation does not apply in case the damage is caused intentionally.
    2. You are not liable to us under the Agreement for any damages other than direct proprietary damages, unless set out otherwise in the Agreement. This limitation does not apply in case the damage is caused intentionally.
    3. You agree to compensate us, our employees and directors, contractors and entities belonging to the same group with us, all damages, including fees and costs related to the settlement of claims, protecting our rights or participating in proceedings of every kind and nature whatsoever, that are caused by you or by any of your employees, directors, contractors or entities belonging to the same group with you and that arise out of, or are related to, the alleged or actual breach of the Token Terms or otherwise related to your Token program.
    4. We are liable for breach of this Agreement if we have committed such breach intentionally or as a result of gross negligence. The liability for other breaches is excluded.
    5. We are not liable for, and you may not rely on, any breach, event or circumstance that has been caused by or is attributable to any action or omission of, or other circumstance depending on any third person, including, without limitation any vulnerability, failure, unavailability, inaccessibility, delay, no-response, abnormal behaviour, change of terms, of software or any other features of the Platform that are provided or are dependent on any third person.
    6. Our aggregate liability under this Agreement shall be limited to the total amount of initiation fee and monthly subscription fee that you have paid during six months preceding the date on which the claim arose. This limitation does not apply in case the damage is caused intentionally.
    1. The Agreement shall be valid until it is terminated by our mutual agreement in writing.
    2. You may terminate this Agreement unilaterally extraordinarily by notice in writing in case we commit a material breach of our obligations under this Agreement.
    3. We may terminate this Agreement unilaterally extraordinarily by notice in writing in case you commit a material breach of your obligations under this Agreement.
    4. We may suspend the provision of the Issuer Services and/or restrict your access to your account without prior notice if (a) you materially breach the Agreement or have not remedied any breach within a reasonable cure-period granted (b) we have a reasonable suspicion of your fraud or your inappropriate activity and/or (c) this is necessary to ensure the security of the Platform and/or other users of our services.
    5. We may terminate this Agreement unilaterally extraordinarily also in case any actions or omissions of any third party or other circumstances depending on any third party (including change in laws or regulations or actions by any public authority) materially impair our ability to provide the Issuer Services to you and such situation is not of temporary nature.
    6. Upon the termination of this Agreement for any reason, we may erase your data held with us, except in case we receive, within ten days after the effective date of termination, your written request to deliver the most recent back-up of such data to you. In such case, we use reasonable efforts to deliver the back-up to you in a mutually agreed form within 30 days of the receipt of such request, provided you take actions on your part to receive such data.
    1. The Platform and the Issuer Services may include links to other websites or services or to third party content.
    2. We do not endorse any such linked sites or third-party content or the information, material, products, or services contained on or accessible through linked sites. Access and use of linked sites, including the information, material, products, and services on linked sites or available through linked sites is solely at your own risk.
    1. We may unilaterally amend these Terms in case (i) we improve, change, adapt or adjust any of the Issuer Services and/or the Platform, including add or remove any features or elements of the Issuer Services and/or the Platform (ii) there is any change in our costs, expenses, risks and/or liabilities relating to the provision of the Issuer Services, including, without limitation, due to changes in laws and regulations and/or in the interpretation and application of the laws and regulations and/or (iii) there are other objective reasons of whatsoever nature. If we make any such amendments, we shall notify you by providing an updated Terms by e-mail, through the Platform or in any other manner accepted by you in the course of the use of the Issuer Services.
    2. We may also unilaterally amend these Terms on grounds not specified in Section 11.1. If we make any such amendments, we shall notify you in the same manner as provided in Section 11.1 at least 14 days in advance. If you do not agree with such amendments, you may terminate the Agreement by notice in writing to us.
    1. The information about a party that the other party obtains in the course of preparation or performance of this Agreement which such party had not obtained without the entry into this Agreement shall be considered as confidential information. The party shall not disclose the other party’s confidential Information to any third party nor use such information for any purpose other than the performance of this Agreement, except (i) upon the prior consent of the other party or (ii) if the disclosure is required under applicable laws and regulations or (ii) the confidential Information is disclosed to the party’s banks, auditors or professional consultants and advisers who are bound by an obligation to hold such information confidential.
    2. However, a party may disclose the fact of entry into this Agreement and the name, trademark and logo of the other party in its press materials, website and other sales and marketing materials for the purposes of the promotion of its services.
    3. The obligations set forth in Section 12 of this Agreement shall survive the termination of the Agreement and shall apply, in respect of each item of Confidential Information, for a period of three years after the disclosure of the respective item of Confidential Information.
    1. If any provision of this Agreement is invalid or unenforceable you and us shall make best efforts to replace such provision to achieve the effect closest to the original provision.
    2. This Agreement constitutes the entire agreement between you and us with respect to the subject matter hereof and supersedes all other prior declarations of intent, agreements and other communication between you and us with respect to the subject matter hereof (merger clause).
    3. This Agreement shall be governed by Estonian laws. Any dispute or claim arising out of this Agreement shall be subject to jurisdiction of Harju County Court (Harju Maakohus) in Estonia as the court of first instance.
    4. Any notice or other communication to you under these Terms is deemed duly delivered if it is sent to your e-mail address registered with us. If you would like to change such e-mail address, please notify us in accordance with Section 13.5.
    5. Unless otherwise specified in the Terms any notice or other communication under these Terms must be in a form reproduceable in writing and, in case of notice to us, it must be sent to the e-mail address specified below:
      Name:Programmable Equity OÜ
      AddressKristjani road 4, 74015 Viimsi vald, Estonia



This Data Processing Agreement (“DPA“) between you and us (the “Parties”) forms an integral part of the Terms/ the Agreement.


  1. You act as the Controller.
  2. You have entered an agreement with us to purchase from us certain Services. In the course of provision of the Issuer Services, we need to process personal data for you.
  3. By this DPA, the Parties enter into a data processing agreement that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).


    1. Unless otherwise defined herein, capitalized terms and expressions used in this DPA shall have the following meaning:
      1. “DPA” means this Data Processing Agreement and all Schedules;
      2. “Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
      3. “Data Transfer” means:
        1. a transfer of Issuer Personal Data from you to us; or
        2. an onward transfer of Issuer Personal Data from us to a Subprocessor, or between two establishments of us;
      4. “EEA” means the European Economic Area;
      5. “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
      6. “GDPR” means EU General Data Protection Regulation 2016/679;
      7. “Issuer Personal Data” means any Personal Data Processed by us on behalf of you pursuant to or in connection with the Agreement;
      8. “Services” means the Issuer Services provided by us to you;
      9. “Subprocessor” means any person appointed by or on behalf of us to process Issuer Personal Data on behalf of you in connection with the DPA.
    2. The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processor”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.
    1. We shall:
      1. comply with all applicable Data Protection Laws in the Processing of Issuer Personal Data; and
      2. not Process Issuer Personal Data other than to perform the obligations and exercise rights arising under the Agreement or pursuant to your relevant documented instructions.
    2. If the applicable law prohibits us from performing certain data processing operations requested by you, we shall act under the applicable law and notify you about the reason of the non-performance.
    3. You hereby instruct us to process Issuer Personal Data. You instruct us to perform following Processing operations with Issuer Personal Data:
      1. Receive and process Contributor/Token Holder e-mail, phone number and name.
      2. Collect and process Contributor/Token Holder personal identity data.
      3. Collect and process your company details and representative details.
      4. Receive and process data about the Tokens reserved and registered in the name of the Contributors/Token Holders and making any statistics thereof.
      5. Collect and process data for making payouts to Token Holders.

      You may provide us additional instructions during the term of this DPA. Instructions shall be provided at least in a form that enables written reproduction (via email, for example).
    4. You shall ensure that you have a valid legal ground for making the Issuer Personal Data under the Agreement and this DPA available to us for Processing. Where appropriate and required under the applicable law, you shall obtain valid consents from the involved data subjects or have other valid legal basis under the GDPR.
      You shall also ensure and be responsible that you comply with all requirements applicable to the data controller under the GDPR and other applicable laws. This includes, but is not limited to, the requirement to provide data subjects transparent information concerning the Processing of their personal data, etc.
    5. You shall inform us immediately of withdrawal of the consent for data Processing by any Contributor/Token Holder or termination of any other legal ground for Processing the Issuer Personal Data.
    We shall take reasonable steps to ensure the reliability of any employee, agent or contractor of us who may have access to the Issuer Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Issuer Personal Data, as strictly necessary for the purposes of the Agreement, and to comply with Applicable Laws in the context of that individual’s duties to us, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
    1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we shall in relation to the Issuer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
    2. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of Processing of the Personal Data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use SSL technology to encrypt data during transmission through public internet, and we also employ application-layer security features to further anonymize Personal Data. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
    3. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.
    4. We shall review the applicable security measures from time to time and you have a right to give us recommendations concerning the applicable security measures.
    1. You hereby give us a general authorisation to engage Subprocessors. We shall ensure that the same data protection obligations as set out in this DPA and in the applicable law are imposed on each Subprocessor engaged by us by way of a contract concluded between us and the relevant Subprocessor. We shall remain fully liable to you for the performance of data processing related obligations by the Subprocessor.
    2. Please note that we may change or add Subprocessors from time to time. We do not have an obligation to notify you in advance if we want to change or add Subprocessors. You have the right to ask from us the list of current Subprocessors at any time and we shall provide you this information without undue delay, but in no longer than 30 days.
    1. Taking into account the nature of the Processing and information available to us, we shall assist you in ensuring the compliance with the obligations pursuant to GDPR Articles 32 to 36.
    2. Considering clause 6.1., inter alia, we shall assist you by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of your obligations, as reasonably understood by you, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
    3. We shall:
      1. notify you if we receive a request from a Data Subject under any Data Protection Law in respect of Issuer Personal Data; and
      2. ensure that we do not respond to that request except pursuant to your documented instructions or as required by applicable laws to which we are subject, in which case we shall to the extent permitted by applicable laws inform you of that legal requirement before we respond to the request.
    1. We shall notify you without undue delay if we become aware of a Personal Data Breach affecting Issuer Personal Data, providing you with sufficient information to allow you to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
    2. We shall co-operate with you and take reasonable commercial steps as are directed by you to assist in the investigation, mitigation, and remediation of each such Personal Data Breach.
    We shall provide reasonable assistance to you with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which you reasonably consider to be required by articles 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Issuer Personal Data by, and taking into account the nature of the Processing and information available to us.
    We shall, no later than within 30 calendar days of the date of cessation of any Services involving the Processing of Issuer Personal Data, delete and procure the deletion of all copies of those Issuer Personal Data unless we have a valid legal basis for retaining data for a longer period (such as our legitimate interest or legal obligation, for example).
    1. Subject to this Section 10, we shall make available to you on request all information necessary to demonstrate compliance with this DPA, and shall allow for and contribute to audits, including inspections, by you or an auditor mandated by you in relation to the Processing of the Issuer Personal Data by us.
    2. Your information and audit rights only arise under Section 10.1 to the extent that the DPA does not otherwise give you information and audit rights meeting the relevant requirements of Data Protection Law. You shall notify us of the wish to perform the audit reasonably and not less than 30 days in advance. You or an auditor appointed by you shall carry out the audit during regular working hours and so that the audit interferes with our regular business activities as little as possible. All costs related to the audit shall be payable by you.
    We may not execute Data Transfer or authorize the Data Transfer to countries outside the EU and/or the European Economic Area (EEA) without your prior approval unless this is permitted under this clause. You allow us to transfer Issuer Personal Data outside the EEA, including involving Subprocessors located outside the EEA, if the transfer is made on the basis of the adequacy decision by the European Commission or we have adopted other appropriate safeguards as required by Chapter V of the GDPR (e.g., standard contractual clauses adopted by the European Commission). If we transfer Issuer Personal Data outside EEA, you may request from us information about the countries to which such data is transferred, and about the adopted safeguards. In the event that any of the implemented measures prove to be insufficient to meet the requirements arising from this applicable law (Chapter V of the GDPR in particular) for the transfer of Issuer Personal Data outside the EEA to be lawful, we will make reasonable efforts to implement a data transfer mechanism that meets the requirements of the applicable law (Chapter V of the GDPR in particular) or shall terminate such Data Transfer.
    1. This DPA is governed by Estonian laws.
    2. Any dispute arising in connection with this DPA, which the Parties will not be able to resolve amicably, will be submitted to the exclusive jurisdiction of the courts of Harju County Court (Harju Maakohus) in Estonia.

Appendix 1 to DPA

Categories of Data Subjects and Types of Personal Data

Categories of Data SubjectsTypes of Personal Data
Contributors / Token Holders defined by youContact details: e-mail address; phone number, first and last name and number of reserved or issued tokens and reason for issuing
Contributors / Token Holders defined by youIdentity data: full name; date of birth or personal identification code, address details (country of residence; city or county, municipality; street, house and apartment number and postal code); customer reference number; identity document number and other document details; and other personal information required for identification or verification purposes.

If the Contributor / Token Holder is a legal person, we may request information about the representatives of the legal person - first and last name, title of the representative, the date of birth or personal identification code, and identity document number and other document details
Contributors / Token Holders defined by youService data: data on reserved or registered tokens, number of tokens, transfers of tokens, value of tokens, information about the issuer of the tokens and other relevant information and statistics
Token Holders defined by youPayment data: payment account details and payment amount (in the event of payment to data subject)
Refer us a customer