Safeheron User & Privacy Agreement

SAFEHERON USER AGREEMENT

LAST UPDATED: Mar 16, 2023

Changelog

1. Acceptance of Terms

1.1 In these terms and conditions which may be amended from time to time (“Terms”), references to “SAFEHERON”, “we”, or “us” refer to SAFEHERON Pte. Ltd., a company duly incorporated under the laws of Singapore, and the term “our” shall be construed accordingly.

1.2 “You” refers to any person accessing and/or using the Services pursuant to the Account Subscription (as defined herein), and includes a person, company, corporation, or any other organization that has an Account Subscription (collectively with SAFEHERON, the “Parties”, and each, a “Party”).

1.3 We may revise these Terms from time to time in our sole and absolute discretion, with any changes published and made available on our website or mobile application. We will also notify you of such changes via push notifications through the App and/or email. These changes shall take effect from the date of publication of the new terms or such other date stated in the notice, and your continued access or use of our Services from such date shall be deemed to constitute acceptance of the new Terms in their entirety. It shall be your sole responsibility to check our website for such changes from time to time. Please review these Terms periodically to ensure that you understand all of the Terms.

1.4 Your access and use of our Services is subject to these Terms, any applicable laws and other notices, policies or conditions uploaded by SAFEHERON to https://blog.safeheron.com/blog/product-and-solution/help/safeheron-user-and-privacy-agreement. By accessing and using any part of the Services, or clicking the checkbox acknowledging acceptance of these Terms, you irrevocably and unconditionally agree to be bound by the latest version of the Terms without variation or modification. If you do not agree to these Terms, please exit the website and cease usage of the Services immediately.

2. Definitions

“Account” refers to the account created in accordance with the process described in Clause 3.1 which will be controlled and secured by you, and used to access the Services.

“Account Subscriptions” has the meaning given in Clause 4.1.

“Actual Monthly Uptime Percentage” means the percentage of minutes during the month in which SAFEHERON actually made available to you the Services, in the manner calculated in Clause 7.1.

“App” means the SAFEHERON mobile application, API Co-signer, browser extension or web console application provided by us.

“API” means application programming interface which enables applications to interact with each other.

“Authorised Users” has the meaning given in Clause 3.1.

“Business Day” means a day other than a Saturday, Sunday, or public holiday in Singapore, when banks in Singapore are open for business.

“Claim” has the meaning given in Clause 13.1.

“Committed Monthly Uptime Percentage” means the percentage of minutes during the month in which SAFEHERON shall make available to you the Services, set out in Clause 7.1.

“Confidential Information” has the meaning given in Clause 15.1.

“Discloser” has the meaning given in Clause 15.1.

“Documentation” refers to the documents made available to you by SAFEHERON online via https://blog.safeheron.com/blog/ or such other web address notified by SAFEHERON to you from time to time which sets out a description of the Services and the user instructions for the Services.

“Duration” has the meaning given in Clause 16.1.

“Force Majeure Event” means any event beyond SAFEHERON’s reasonable control (and which does not relate to or arise by reason of SAFEHERON’s default or negligence) which renders impossible or hinders SAFEHERON’s performance of these Terms, including without limitation:

(a) war, riot, civil unrest or revolution, sabotage, terrorism, insurrection, acts of civil or military authority, imposition of sanctions, embargo, breaking off of diplomatic relations or similar actions;

(b) terrorist attacks, civil war, civil commotions or riots;

(c) acts of God, epidemic, pandemic, flood, earthquake, typhoon or other natural disasters or adverse weather or environmental condition;

(d) any act of state or other exercise of sovereign, judicial or executive prerogative by any government or public authority, including expropriation, nationalization, imposition of an export or import restriction, quota or prohibition, or compulsory acquisition or acts claimed to be justified by executive necessity;

(e) fire, explosion or accidental damage;

(f) collapse of building structures or failure of plant machinery, computers or vehicles;

(g) interruption in telecommunications or Internet services or network provider services, or failure of equipment or software;

(h) hacks, mining attacks (including but not limited to double-spend attacks, majority mining power attacks and “selfish-mining” attacks), smurfing, phishing, sybil attacks, distributed denial of service, a “fork” of the blockchain which may result in more than one version of the Supported Digital Asset, cyber-attacks, and any fraudulent activity on the part of a third party;

(i) interruption or failure of utility service, including but not limited to electric power, gas or water; or

(j) any labour disputes, including but not limited to strikes, industrial action or lockout.

“Indemnified Parties” has the meaning given in Clause 13.1.

“Initial Duration” has the meaning given in Clause 16.1.

“Key Shards” means a group of random numbers generated by our MPC algorithm.

“Privacy Policy” refers to our privacy policy which we may amend from time to time, accessible at https://blog.safeheron.com/blog/product-and-solution/help/safeheron-user-and-privacy-agreement#safeheron-privacy-policy.

“Quarter” means a period of three (3) calendar months

“Recipient” has the meaning given in Clause 15.1.

“Renewal Duration” has the meaning given in Clause 16.1.

“Service Credit” is a dollar credit, calculated in the manner set forth in Clause 7.2 that we may credit to your Account.

“Services” means the service(s) provided by SAFEHERON to you via https://www.safeheron.com/console or the App or any other website notified to you from time to time, as more particularly described in Clause 6.

“Software” means any software or application developed and released by SAFEHERON as part of the Services, which includes, for the avoidance of doubt, the Apps.

“Subscription Fee” means the aggregate subscription fees payable by you to SAFEHERON for Account Subscriptions, as set out in a separate quotation we will provide to you, and which may be amended and modified from time to time.

“Supported Digital Assets” means any digital asset which is a digital representation of value based on (or built on top of) a cryptographic protocol of a computer network which has been approved by and/or supported by SAFEHERON for use in connection with the Services from time to time. Please refer to https://blog.safeheron.com/blog/product-and-solution/integration-currencies for the list of Supported Digital Assets.

“User Data” means the data inputted by you, the Authorised Users, or SAFEHERON on your behalf for the purpose of using the Services, or facilitating your use of the Services, other than personal data.

“User Key Shard” has the meaning given in Clause 6.2.2.

“Virus” means any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.

“Vulnerability” means a weakness in the computational logic (for example, code) found in software and hardware components that when exploited, results in a negative impact to the confidentiality, integrity, or availability of the Services, and the term “Vulnerabilities” shall be interpreted accordingly.

3. Account Creation, Closure and Suspension

3.1 Account Creation: To use the Services, you must create an Account by providing SAFEHERON with the requested information necessary for us to comply with applicable laws (including anti-money laundering and countering the financing of terrorism laws) in connection with the provision of Services to you. During your application, you must notify us of the number of users which are authorised to use your Account, the Services, Software and the Documentation (“Authorised Users”). The number of Authorised Users per Account shall not exceed thirty (30). We may, in our sole discretion, refuse to allow you to establish an Account, limit the number of Authorised Users per Account, or limit the number of Account Subscriptions. If there is any change to the number of Authorised Users or Account Subscriptions at any point in time, you must notify SAFEHERON immediately and the applicable Subscription Fee shall apply. Such Subscription Fee shall be pro-rated from the date of activation or deactivation of the Account Subscriptions.

3.2 The Account will track the information regarding balances associated with the public blockchain addresses registered in the Account and any other transactions you effect through the use of the Services, such as transaction history, pending and posted transfers. The Account will also reflect the Supported Digital Assets balance associated with the respective blockchain addresses linked to your Account.

3.3 Save for such persons notified to SAFEHERON as Authorised Users of the Account, you shall not grant permission to any third party or non-permissioned user access or connection to your Account, whether through the third party’s product or service or through our website. You acknowledge that granting permission to such third party or non-permissioned user to take specific actions on your behalf does not relieve you of any of your responsibilities under these Terms and will instead violate the Terms, including but not limited to Clause 4.2. You are fully responsible for all acts or omissions of any third party or non-permissioned user with access to your Account. You further acknowledge and agree that you will not hold SAFEHERON responsible for, and will indemnify SAFEHERON from, any liability arising out of or related to any act or omission of any third party or non-permissioned user with access to your Account. You shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services, Software and/or Documentation. In the event of such unauthorised access or use, you undertake that you will promptly notify the SAFEHERON support team.

3.4 Suspension of Services: SAFEHERON reserves the right to suspend your access to your Account without any refund and you agree and acknowledge that we shall have no liability in respect thereof if:

3.4.1 you have breached any of any of your undertakings or obligations in these Terms, including for the avoidance of doubt, Clauses 3.3, 4.2 and 8.3;

3.4.2 any of your representations or warranties in these Terms turn out to be false, misleading, inaccurate or incomplete, including for the avoidance of doubt, Clauses 8.3 and 9.2.1;

3.4.3 you have failed to pay any amount due under these Terms on the due date for payment and remain in default not less than thirty (30) days after being notified in writing to make such payment;

3.4.4 we are required to do so under any applicable law(s) or pursuant to any request by any governmental or regulatory body, and we may reinstate your access once the issue has been resolved to our satisfaction.

3.5 You may also request that SAFEHERON suspend the access to your Account for any reason, and such request will be effected within three (3) Business Days from the time we receive your request to suspend the Account. For such purposes, only Authorised Users with the required privileges may initiate such suspension requests and SAFEHERON shall be entitled to deem that such Authorised Users have the requisite authority to suspend access to the Account. You may request that access to your Account be restored by contacting our support team via the instant messaging application on our website or App, or by emailing us at support@safeheron.com.

3.6 Upon suspension of your Account for any reason, you will have seven (7) calendar days (unless otherwise agreed with us in writing) to export all information and records previously stored in your Account. Thereafter, the Key Shards stored with us will be destroyed and your (as well as your Authorised Users’) access to the Account will be terminated. We may keep records and copies of the data stored in such Account for record-keeping purposes and compliance with applicable laws.

3.7 Upon closure of your Account for any reason, the Key Shards stored with us will be immediately destroyed and your (as well as your Authorised Users’) access to the Account will be terminated. We may keep records and copies of the data stored in such Account for record-keeping purposes and compliance with applicable laws.

4. Account Subscriptions

4.1 Subject to you purchasing the account subscription(s) pursuant to the payment terms set out in Clause 5 each of which entitles you to register up to thirty (30) Authorised Users to access and use the Services, Software and the Documentation in accordance with these Terms (“Account Subscriptions”), SAFEHERON hereby grants you a limited, revocable, non-exclusive, non-transferable right and licence, without the right to grant sublicences, to use the Services, Software and Documentation for your own personal or internal business operations. Neither you, nor your Authorised Users, employees, directors, contractors or affiliates shall use the Services, Software and Documentation for any purpose other than the aforementioned purpose.

4.2 You hereby undertake the following:

4.2.1 you will not allow or suffer any Account Subscription to be used by more than thirty (30) individual Authorised Users (for the avoidance of doubt, nothing in this Clause shall prevent you from reassigning in its entirety, user privileges and access to the Account held by an existing Authorised User to a new user);

4.2.2 the maximum number of Authorised Users that you authorise to access and use the Account, the Services, Software and the Documentation shall not exceed thirty (30) Authorised Users per Account Subscription you have purchased from time to time;

4.2.3 each Authorised User will keep secure their password(s) for their use of your Account, the Services, Software and Documentation, and that each Authorised User shall keep their password confidential;

4.2.4 you shall maintain a written, up to date list of current Authorised Users and provide such list to SAFEHERON within five (5) calendar days of SAFEHERON’s written request at any time or times;

4.2.5 during the course of your use of the Account, Services, Software and/or Documentation, you shall not access, store, distribute or transmit any Viruses or any material that:

4.2.5.1 is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;

4.2.5.2 facilitates illegal activity;

4.2.5.3 depicts sexually explicit images;

4.2.5.4 promotes unlawful violence;

4.2.5.5 is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability; or

4.2.5.6 is otherwise illegal or causes damage or injury to any person or property;

4.2.6 you shall not attempt to obtain, or assist third parties in obtaining, access to your Account, the Services, Software and/or Documentation in a manner circumventing these Terms; or

4.2.7 introduce or permit the introduction of, any Virus or Vulnerability into SAFEHERON’s or its subcontractors’ network, servers and information systems,

and we reserve the right, without liability or prejudice to our other rights against you, to disable your access to the Account and terminate your Account Subscription without any refund of the Subscription Fee upon your breach of any of the above undertakings.

5. Payment Terms

5.1 You shall pay the Subscription Fee to SAFEHERON for the Account Subscription(s) you wish to purchase in accordance with this Clause 5. Please refer to the price list set out in the quotation sent to you for the applicable Subscription Fee payable.

5.2 The Subscription Fee and billing cycle may be revised by us in our sole and absolute discretion from time to time, save that we shall provide you with at least seven (7) calendar days prior notice before the revised Subscription Fee and billing cycle takes effect. If you do not agree to the revised Subscription Fee and/or revised billing cycle, your sole and only recourse shall be to terminate your Account Subscription(s) in accordance with Clause 16.2.2.3 and cease all usage of the Account, Services, Software and/or Documentation. Any copies of the Documentation or materials and information obtained from the use of the Services or Software must be destroyed.

5.3 As at the date of these Terms, the billing cycle is on a quarterly basis. We will issue you an invoice by the seventh (7th) day of each Quarter by sending an electronic invoice to the email address you have registered with us. Each invoice must be paid within thirty (30) calendar days.

5.4 Payment may be made by wire transfer or other such payment methods as designated by SAFEHERON pursuant to the billing instructions to be provided to you by SAFEHERON.

5.5 If we have not received payment by the due date stated in Clause 5.3, without prejudice to any other rights and remedies available to us in these Terms:

5.5.1 we may, without liability to you, disable your Account and access to all or part of the Services, Software and/or Documentation and we shall be under no obligation to provide any or all of the Services, Software and/or Documentation while the invoice(s) concerned remain unpaid (and during such time, Clause 3.6 may be applied by us);

5.5.2 interest shall accrue on a daily basis on such due amounts at a monthly rate of 1.5%, commencing on the due date and continuing until fully paid, whether before or after judgment; and

5.5.3 we expressly reserve the right to determine whether to permit you to renew your Account Subscription(s) following full payment and settlement of the overdue invoice.

5.6 All amounts and fees stated or referred to in these Terms:

5.6.1 shall be payable in US dollars;

5.6.2 are non-cancellable and non-refundable (save as provided in Clause 16.2.3); and

5.6.3 are exclusive of goods and services tax which shall be added to our invoice at the appropriate prevailing rate.

5.7 All fees payable under these Terms shall not be subject to any set-off or deduction.

6. Services Provided

6.1 SAFEHERON shall, during the Duration provide the Services described in Clauses 6.2 and 6.3 to you if our onboarding processes have been completed and your application for an Account has been approved.

6.2 Private Key Self-Management Services:

6.2.1 Private key sharding service: Our in-house developed algorithm enables you to generate three (3) Key Shards from your private key. When transactions need to be signed, the signature of the original private key will be computed from all of the Key Shards which make up the private key by running it through our multi-party computation protocol. You may recover your original private key through our offline recovery tool, further described below.

6.2.2 Private Key Shard storage service: SAFEHERON will only have access to and control over two (2) of the Key Shards generated from your original private key, which Key Shards will be stored online on our cloud server, secured by encryption and other security management measures. You will have sole access to and control over the remaining Key Shard (“User Key Shard”). Each Key Shard (including the User Key Shard) will be secured by secret mnemonic phrases, which phrases can be backed up and stored offline on separate devices controlled by the relevant Authorised Users via the App. You are solely responsible for the safekeeping of the User Key Shard (and relevant secret mnemonic phrase), which will not be stored or accessible by us at any point in time. We will not be able to recover your private key even if you have lost or lost access to your User Key Shard or secret mnemonic phrase securing your User Key Shard.

6.2.3 Private Key Shard backup service: All three (3) Key Shards may be secured and backed up through the use of separate mnemonic phrases via our App. You may generate a unique set of mnemonic phrases for each Key Shard and will be solely responsible for the safekeeping of such mnemonic phrases. While we will be able to recover your access to the mnemonic phrases securing the two (2) Key Shards stored by us, we will not be able to do so for the User Key Shard as we do not have access to it. In the event that you lose the mnemonic phrases associated with the two (2) Key Shards held by us, we can recover it if you contact our support team via the instant messaging application on our website or App, or by emailing us at support@safeheron.com.

6.2.4 Private key recovery tool: After you complete a local backup of user key shard’s mnemonic phrase, SAFEHERON will automatically and regularly email the private key recovery toolkit download link and backup recovery file to your registered email address. Using the private key recovery toolkit, you may recover your original private key offline with the three (3) mnemonic phrases associated with all three (3) Key Shards. For the avoidance of doubt, SAFEHERON does not, and will never, hold your original private keys and/or the Key Shards in a complete, singular form at any point of time.

6.3 Wallet Management Services:

6.3.1 We will provide you with a user interface accessible through your Account to enable you to manage your digital wallet. You may only carry out transactions from the Account once the Key Shards have been generated and you have completed your User Key Shard’s mnemonic phrase backup. Through the user interface, you may interact with the relevant supported blockchain and enjoy the following functions:

6.3.1.1 Receiving assets: You may use the App to generate a QR code as well as a blockchain address to receive Supported Digital Assets. Given the risk that the address may be tampered with or replaced during transmission, SAFEHERON recommends that you confirm the receiving blockchain address with the sender after the sender has received it.

6.3.1.2 Address whitelist: You may save recipient blockchain addresses on the App through the “whitelist” function. If there is more than one person operating the Account, we recommend that at least two Authorised Users with the “administrator” role check and verify that the whitelist address is accurate.

6.3.1.3 Sending assets: You may transfer Supported Digital Assets out of your linked digital asset wallet through the user interface to external recipients. You may set up and choose your preferred 2-factor authentication method for added security and where the Account is managed by multiple persons, the App may prompt Authorised Users with the relevant permissions for approval on the App. You should ensure that you have sufficient funds for the transfer, taking into account any transaction or network fees which may be incurred. These transaction fees are set by the third party blockchains and networks and SAFEHERON does not have any control or influence over such fees. We do not charge any fees for such transfers.

6.3.1.4 Transaction record: The App will also provide you with a record of the status of your transactions or your recent transaction history which may be downloaded or exported as a excel sheet for your own records.

6.3.1.5 Policy engine: Our policy engine enables you to customize and set your approval policies for transactions which may be carried out through the Account. You may configure triggering conditions based on up to five (5) dimensions (initiator, asset source, destination, asset type and amount). Specific member roles may be assigned and set by you. Once set, Authorised Users with the requisite permissions may modify the policies with the approval of Authorised Users with the “administrator” role. For the avoidance of doubt, SAFEHERON will not be able to make any changes to your approval policies. Please refer to Clauses 5.1 and 5.2 for further details on the Subscription Fee.

6.3.1.6 Web3 interaction: SAFEHERON provides a full suite of Web3 interaction solutions, including the App, browser extension and APIs. You may interact with Web3 applications through these Web3 interaction solutions while benefiting from the multi-party security processes and approval policies set in your Account.

6.3.1.7 API: You can configure your Account and thus the associated digital wallet using the APIs provided by SAFEHERON. As an example, you may automate transaction submissions or signature approvals. These APIs may be utilized either directly or, if applicable, indirectly within an independently developed application. However, all API-based services are subject to usage limits, which limits may be adjusted from time to time in our sole and absolute discretion. If you exceed such usage limits, or are unwilling to abide by such usage limits, we will include the fees payable for such excess use in the next billing cycle.

6.3.1.8 Audit log: The App will also keep an audit log which records all the in-application activities of Authorised Users managing the Account, including records of all interactions with the SAFEHERON support team. You may access and retrieve these records at any time.

6.4 Software and App Updates

6.4.1 SAFEHERON may from time to time provide updates and upgrades to Software. Such updates and upgrades (if any), and their frequency, will be determined and implemented at SAFEHERON’s sole discretion. You are responsible for ensuring that the latest version of the Software is installed on your device(s). Any use of outdated versions of the Software or incompatible devices will be at your sole risk and without prejudice to the generality of Clause 14.

6.4.2 If the blockchain of a Supported Digital Asset forks, we may temporarily suspend the use of our Services in relation to such affected digital asset. We reserve the sole and absolute discretion to determine whether or not to support the forked protocol. In any event, you may opt to transfer the affected digital asset out of your digital wallet.

7. Service Level

7.1 Service Commitment: SAFEHERON will use commercially reasonable efforts to make the Services available for a Committed Monthly Uptime Percentage of at least 99.90%, save that SAFEHERON shall have the sole and absolute discretion to revise such Committed Monthly Uptime Percentage. You shall be provided at least thirty (30) calendar days’ advance notice of such revision to the Committed Monthly Uptime Percentage. In the event of non-agreement, your sole and only recourse shall be to terminate your Account Subscription(s) in accordance with Clause 16.2.2.4 and cease all usage of the Account, Services, Software and/or Documentation. The Actual Monthly Uptime Percentage is calculated by expressing the Actual Monthly Total Minutes of Operation (defined below) as a percentage of the Committed Monthly Total Minutes of Operation.

Where:

7.1.1 “Actual Monthly Total Minutes of Operation” means the total number of minutes per calendar month during which the relevant Services are made available to you.

7.1.2 “Committed Monthly Total Minutes of Operation” means 1,440 minutes multiplied by the number of calendar days in the month of assessment (save that such number will be calculated on a pro-rated basis for partial billable months), less the minutes during which the Services are unavailable due to any of the following events:

7.1.2.1 planned service outage announced at least one (1) calendar day in advance (including for upgrading, maintenance, troubleshooting works and upgrading or recovery of blockchain nodes);

7.1.2.2 planned service outages initiated by SAFEHERON at your request or direction for maintenance, activation of configurations, backups or other purposes that require the service to be temporarily taken offline;

7.1.2.3 unscheduled maintenance provided that SAFEHERON has used reasonable endeavours to provide you with at least one (1) hour’s –notice in advance;

7.1.2.4 service disruptions due to any force majeure events, such as regional network failures, denial of service attacks, shutdown events triggered by third parties unauthorized by SAFEHERON, accidents, negligence, abnormal physical or electrical stress, abnormal environmental conditions, abuse or misuse of our Services, use of our Services other than in accordance with our Documentation or in violation of these Terms, any attack on SAFEHERON’s servers or networks or any other blockchain networks, any malfunctioning of your devices, equipment or other technology;

7.1.2.5 repair, maintenance or modification of the Software or App by persons other than SAFEHERON’s authorised third parties;

7.1.2.6 service disruptions attributable to, or in connection with use of your equipment, software or other technology or third party equipment, software or other technology (other than third party equipment within our sole and direct control), or from combining or merging our API with any hardware or software not supplied by us (unless identified by us in writing as compatible with our API), or from modifications in any version of our API not made or authorized by us in writing, or from your actions or inactions other than normal use of our API, Software or App; and/or

7.1.2.7 actions or inactions that constitute your breach of these Terms, or that result from a suspension or termination permitted under these Terms.

7.2 Subject to Clauses 7.3 and 7.4, in the event that the Actual Monthly Uptime Percentage does not meet the Committed Monthly Uptime Percentage, you may be entitled to receive Service Credits that may be offset against the quarterly fee payable in the next billing cycle in accordance with the tiers set out below:

7.3 To apply to receive the Service Credits described above, you must:

7.3.1 notify SAFEHERON’s support team at support@safeheron.com within thirty (30) days of the end of the Quarter in which the incident affecting the Actual Monthly Uptime Percentage occurred; and

7.3.2 submit all information necessary for us to validate your claim, including but not limited to:

7.3.2.1 a detailed description of the event(s);

7.3.2.2 information regarding the time, date and duration of such event(s); and

7.3.2.3 the affected Account and your request logs that document the errors and corroborate your claimed outage (any confidential or sensitive information in these logs should be removed or replaced with asterisks).

7.4 The SAFEHERON team will assess your claim for the Service Credits within thirty (30) calendar days from receipt of such request from you or such longer time as may be necessary for SAFEHERON. If the Actual Monthly Uptime Percentage of such request is confirmed by us and is less than the Committed Monthly Uptime Percentage, we will issue such number of Service Credits as we may determine in our sole and absolute discretion to you within the next billing cycle following the month in which your claim is confirmed by us. Your failure to comply with these Terms (including Clause 7.3 above) will disqualify you from receiving a Service Credit.

8. Warranties

8.1 SAFEHERON’s Warranties:

8.1.1 SAFEHERON undertakes that the Services will be performed substantially in accordance with the Documentation and with reasonable care. This undertaking shall not apply to the extent of any non-conformance which is caused by use of the Services contrary to our instructions, or modification or alteration of the APIs or Software by any party other than SAFEHERON or our duly authorised contractors or agents. If the Services do not conform with the foregoing undertaking, we will, at our own expense, use commercially reasonable endeavours to correct any such non-conformance promptly, or provide you with an alternative means of accomplishing the desired performance. Such correction or substitution constitutes your sole and exclusive remedy for any breach of the undertaking set out in this Clause 8.1.1.

8.1.2 SAFEHERON represents and warrants that we, or our contractors and agents shall use commercially reasonable efforts to provide the Services without introducing errors.

8.1.3 Save as expressly set out in this Clause 8, SAFEHERON makes no other warranties in respect of the Services, Software and/or the Documentation.

8.2 SAFEHERON’s Warranty Disclaimer:

8.2.1 To the maximum extent permitted under applicable laws, and except as expressly provided in these Terms, SAFEHERON makes no warranties of any kind, express or implied, regarding the Services and the Software. We disclaim to the full extent permitted by law all warranties of merchantability, fitness for a particular purpose, and any warranties arising out of the course of dealing between the Parties.

8.2.2 You agree that the Services and the Software are provided on an “as is” and “as available” basis without warranty of any kind.

8.2.3 We make no warranties or representations regarding the use of the Software and the App with third party products or services, including, for the avoidance of doubt, Web3 applications.

8.2.4 We do not warrant that:

8.2.4.1 your use of the Services will be uninterrupted or error-free;

8.2.4.2 the Services, Documentation and/or the information obtained by you through the Services will meet your requirements; or

8.2.4.3 the Software or the Services will be free from Vulnerabilities or Viruses.

8.3 Your Warranties and Responsibilities:

8.3.1 You have the full and sufficient legal capacity and authority to enter into and be bound by these Terms and the person executing or otherwise accepting these Terms on your behalf has full legal capacity and authorization to do so.

8.3.2 (If you are a corporate entity,) you are duly organized, validly existing and in good standing under the laws of the jurisdiction in which you are organized.

8.3.3 No petition has been presented, no proceeding has been commenced, no order has been made, and no resolution has been passed for your bankruptcy (if you are an individual), or for the appointment of an, administrator, trustee or similar officer of it or of all or a substantial part of its business or assets (if you are an entity).

8.3.4 You and each of your Authorised Users are not included in any list of sanctions issued by European Union, any country in the European Union, the United Nations, United States of America, Singapore, the Financial Action Task Force, or any other country or international organization.

8.3.5 The digital asset wallet linked with the Account is owned, held and fully controlled by you and you hold and have full control of the private key and all other credentials in respect of the digital asset wallet.

8.3.6 If you are a corporate entity, you will ensure that your directors, employees, representatives, agents, affiliates and/or contractors (including for the avoidance of doubt, Authorised Users) do comply with these Terms.

8.3.7 All information provided by you to us in the course of onboarding you as our client and user of the Services is complete, true, and accurate in all material respects, including, where you are a corporate entity, no material information about the ownership and control over you and your operations has been excluded; and no other person or entity has an ownership interest in you except for those disclosed in connection with such onboarding.

8.3.8 You represent and warrant to SAFEHERON that activities that you carry out through your Account comply with all applicable laws and regulations, including but not limited to anti-bribery, anti-corruption, anti-fraud, anti-money laundering or anti-terrorism laws and regulations.

8.3.9 You further represent and warrant to SAFEHERON that we will be immediately notified of any Vulnerabilities found in our Services, Accounts, Apps or Software. You shall, and shall procure that your representatives, agents and subcontractors cooperate with SAFEHERON in good faith during SAFEHERON’s investigations of any illegal operations and any Vulnerabilities.

8.3.10 You shall maintain adequate security and control over any and all your private keys, your mnemonic phrases, registered email account(s), passwords, API keys, 2-factor authentication devices or backups, or any other codes that you use to access the Services. Any loss or compromise of the foregoing information and/or your personal information may result in unauthorized access to your Account by third parties and the loss or theft of digital assets from your digital wallet. You are responsible for keeping your registered email address(es) up to date in your Account profile in order to receive any notices or alerts that we may send to you. You are responsible for ensuring that that the generated mnemonic phrases are stored securely offline by each Authorised User who is permitted access and/or control over them.

8.3.11 You shall ensure that the destination blockchain address is accurate before effecting any transfers from your Account.

8.3.12 You shall only receive or transfer Supported Digital Assets to the Account. The Supported Digital Assets are listed and displayed in the App. You must not attempt to receive or transfer any digital assets unsupported by SAFEHERON through our Services.

8.3.13 You shall not receive or send any digital asset types which do not support SAFEHERON’s signature algorithm before receiving our written approval.

8.3.14 You shall ensure that upon the activation of a new Account and setting of permissions and privileges for each Authorised User, you shall conduct a sanity test by using the App to receive and send a Supported Digital Asset.

9. Intellectual Property Rights

9.1 Intellectual Property:

9.1.1 You acknowledge and agree that we and/or our licensors own all right, title, and interest in and to the Services, Software, Documentation, and all related technology and intellectual property rights. No other entity is entitled to grant or procure the grant of the limited licence set out in Clause 4.1. Except as expressly provided in Clause 4.1, you obtain no other rights under these Terms in respect of the Services and Documentation including any related intellectual property rights.

9.1.2 You agree not to, and shall procure that your Authorised Users, employees, directors, contractors or any other affiliate do not reverse engineer, decompile, disassemble, modify, update, create derivative works of, or otherwise tamper with Software or enable, assist or cause any third party to do so. You agree to and shall procure that your Authorised Users, employees, directors, contractors and any other affiliate keep the intellectual property in the Software confidential and not transfer, broadcast, publish, rent, license, lend, sell or otherwise distribute any Software or related licences in whole or in part.

9.1.3 For the avoidance of doubt, nothing in these Terms shall be interpreted to grant any implied licences under these Terms.

9.2 User Data:

9.2.1 You represent and warrant that you and your Authorised Users own all right, title and interest in your User Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of all such User Data. By using our Services, Software and/or Documentation, you grant us a worldwide, non-exclusive licence to use, process, display, copy and store your User Data (including, for the avoidance of doubt, your Key Shards) for the purposes of providing our Services, enabling your use of the Software and/or Documentation, enabling us to improve on our Services, Software and Documentation, and to collect and analyse anonymous information.

9.2.2 You may back up your User Data (including mnemonic phrases), transaction information and audit logs from your Account. Please refer to our Privacy Policy for further details on how we may collect, use and treat User Data and your personal data.

10. Privacy and Personal Data

10.1 Privacy Policy: You acknowledge that you have read, and agree to our Privacy Policy.

11. Risk Warning

PLEASE READ THIS SECTION CAREFULLY AS IT COVERS THE RISKS ASSOCIATED WITH THE USE OF OUR SERVICES AND SOFTWARE

11.1 Blockchain technology and other associated and related technologies are new. As with such developing technology, they come with various risks including those set out in this Clause 11. Prior to entering into these Terms with us, you acknowledge that you have been warned of the risks associated with the use of the Services, Software and/or Documentation and agree that subject always to Clause 14, SAFEHERON is not responsible, and assumes no liability for the following risks:

11.1.1 Price Fluctuation: There is a risk that you may suffer losses due to changes in macroeconomic policies, laws and regulations in any jurisdiction which result in changes in the value of the digital assets held by you.

11.1.2 Unconfirmed Digital Assets Transfer: There are risks that the blockchain network of the digital asset you wish to transfer may be suffering from any delays or malfunction which result in the failure to confirm any transfer of such digital assets.

11.1.3 Risk of Transfer to Wrong Blockchain Address: There is a risk of erroneously inputting the wrong destination blockchain address which result in the irreversible loss of digital assets.

11.1.4 Risk of Loss or Theft of Offline Mnemonic Phrase: There is a risk that the mnemonic phrase associated with the User Key Shard may be lost or stolen by nefarious hackers which may result in you losing access to the digital assets stored at such associated blockchain addresses.

11.1.5 Risk of Security Weaknesses in the Blockchain Network and Protocol: There is a risk that the software or infrastructure underlying the blockchain network, digital assets or protocol may unintentionally include weaknesses or bugs in the source code interfering with the use of or causing the loss of digital assets. As SAFEHERON cannot influence the overall security of any network or blockchain protocols which you interact with, we do not assume any responsibility for any risks associated with such blockchain networks and protocols, and cannot guarantee its function, security and availability.

11.1.6 Non-App Transfers: As transfers of digital assets can be made without the use of our Services through your original private key, if you do transfer digital assets from your digital wallet, such transfers will not be protected by our multi-party security processes and there is a higher risk that the digital assets being transferred may be stolen or transferred to the wrong wallet address.

11.1.7 Risk of Service Disruptions: There is a risk that disruptions to the use of the Services, may prevent you from, inter alia, successfully utilising or interacting with time restricted functions which Web3 protocols and decentralized finance applications may have. SAFEHERON does not assume any responsibility for any risks associated with disruptions to our Services and your sole and only recourse for such disruptions to Services are set out in Clause 7 above.

11.2 You also acknowledge that the use of digital assets and blockchain based solutions, networks and blockchain protocols may involve serious risks. Any reminders we give to you of the above risks shall not be taken as an admission or assumption of responsibility to issue further reminders of similar nature or of any other risks.

12. Third Party Providers

12.1 You acknowledge that the Services may enable or assist you to access the website content of, interact with the protocols, applications or platforms, and purchase or use services provided by third parties via third party websites, protocols or applications and that you do so solely at your own risk.

12.2 We make no representation, warranty or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or interaction with, any such third party website, protocol (including for the avoidance of doubt, decentralized finance and Web3.0 protocols), platform or application or any transactions completed, and any contract entered into by you, with any such third party.

12.3 Use of such third party services through the Services may be subject to additional terms and conditions imposed by such third party service provider(s), which terms SAFEHERON is not party to and has no control or influence over. We recommend that you read the terms and conditions and privacy policy of such third party service providers before using their services, purchase their products or interact with their protocols and platforms and comply with them. SAFEHERON does not endorse or approve any third party website, protocol, platform or application, nor the content of any of the third party website, platform or application made available via the Services.

13. Indemnification

13.1 You shall indemnify and hold harmless SAFEHERON, its affiliates, vendors and service providers, and each of its or their respective officers, directors, agents, employees, and representatives (collectively the “Indemnified Parties”), from and against any liabilities, damages, losses, costs and expenses, including but not limited to reasonable legal fees and costs and any fines, fees or penalties imposed by any regulatory authority, arising out of or incurred in connection with any third party claim, demand, action or proceeding (a “Claim”) arising out of or related to:

(a) your access or use of the Services and/or Documentation;

(b) your breach of these Terms;

(c) any material breach or inaccuracy of any of your representations, warranties or covenants in these Terms;

(d) your failure to provide true and accurate information in connection with the onboarding process or any failure to promptly update such information; or

(e) your violation of any applicable laws, or the rights of any third party,

except where such Claim arises from the gross negligence, fraud or willful misconduct of SAFEHERON and/or its affiliates, and provided always that you are given reasonable notice of such Claim. Any liabilities, damages, losses, costs and expenses, fines, fees or penalties shall be paid to the Indemnified Parties on demand.

14. Limitation of Liability

PLEASE READ THIS SECTION CAREFULLY AS IT COVERS THE LIMITATIONS OF OUR LIABILITY.

14.1 To the fullest extent permitted by applicable law and subject always to Clause 14.4:

14.1.1 in no event shall SAFEHERON, and/or any of its affiliates be liable for any indirect, special, incidental, consequential or exemplary damages of any kind (including, but not limited to, where related to loss of revenue, income or profits, loss of use or data, or damages for business interruption) arising out of or in any way related to the provision or use of the Services, or otherwise related to these Terms, regardless of the form of action, whether based in contract, tort (including, but not limited to, simple negligence, whether active, passive or imputed), or any other legal or equitable theory (even if SAFEHERON has been advised of the possibility of such damages and regardless of whether such damages were foreseeable); and

14.1.2 in no event will SAFEHERON’s liability and that of our affiliates, suppliers and contractors, in aggregate, arising from or relating to the Services and these Terms exceed the greater of: (a) the amount you paid for the Services during the twelve-month period immediately preceding the incident giving rise to that liability; and (b) five hundred United States dollars (US$500.00).

14.2 Without prejudice to the generality of Clause 14.1 above, you agree that:

14.2.1 we shall not bear any liability, whatsoever, for any damage, losses or interruptions caused by any Viruses, spyware, scareware, Trojan horses, worms or other malware that may affect your devices or other equipment, or any phishing, spoofing or other attack, unless such damage or interruption directly resulted from our gross negligence, fraud, or willful misconduct;

14.2.2 we shall not be liable for any loss that you may sustain due to compromise of login credentials, loss of mnemonic phrases, and/or failure to follow or act on any notices or alerts that we may send to you;

14.2.3 we shall not be liable for any losses or liabilities arising from the input of wrong destination or recipient blockchain addresses; and

14.2.4 we shall not be liable for any losses or liabilities arising from or relating to a breach of your own obligations set out in these Terms.

14.3 The limitations set forth in this Clause 14 will not limit or exclude liability for the gross negligence, fraud or intentional or wilful misconduct of SAFEHERON or its affiliates.

15. Confidentiality

15.1 As used in these Terms, “Confidential Information” means any information and data of any kind that a disclosing Party (“Discloser”) designates as being confidential or which, under the circumstances surrounding disclosure, ought to be treated as confidential whether disclosed before, on or after the date of the latest version of these Terms by the Discloser or any of its representatives, to the receiving Party (“Recipient”) or any of its representatives, and includes without limitation, technology, information and/or personal data provided by the Discloser, its related corporations, affiliates, representatives, employees, agents, representatives, independent contractors, advisors or consultants, whether disclosed or communicated verbally, in writing, or in any other tangible form, and whether relating to the Discloser’s business, operations, processes, plans, strategies, requirements, inventions, product or service information, pricing, know-how, design rights, trade secrets, software, systems, negotiations, discussions, and contracts with other companies, customers, the existence, nature, status and content of discussions or negotiations between the parties, including any termination of those discussions or negotiations, any copy, report, forecast, valuation, analysis, compilation, study, memorandum, note or other document or material prepared by or for the Recipient or any of its representatives that contains or reflects or is otherwise based upon (whether in whole or in part) any of the information described herein. including, without limitation information relating to the Discloser’s business operations or business relationships, financial information, transaction records, fee arrangements, transactions, accounts, personal data, pricing information, business plans, customer lists, data, records, reports, trade secrets, software, formulas, inventions, techniques, strategies and any data or information designated as confidential by the Discloser or which would be understood by a reasonable person as being of a confidential nature.

15.2 A Recipient will not disclose any Confidential Information to any third party without the prior written consent of the Discloser, except as provided to such third party’s officers, directors, agents, employees, consultants, contractors and professional advisors who need to know the Confidential Information for the purposes of performance of these Terms and who are informed of, and who agree to be or are otherwise bound by obligations of confidentiality no less restrictive than, the obligations set forth herein. The Recipient will protect such Confidential Information from any unauthorized access, use and disclosure and shall exercise in relation to such Confidential Information no lesser security and control measures and degree of care than those which the Recipient applies to its own Confidential Information. The Recipient shall not use the Discloser’s Confidential Information for any purpose other than to perform its obligations or exercise its rights under these Terms. The obligations herein shall not apply to:

15.2.1 any information that is or becomes generally publicly available through no fault of the Recipient;

15.2.2 any information that the Recipient obtains from a third party (other than in connection with these Terms) that, to the Recipient's best knowledge, is not bound by a confidentiality agreement prohibiting such disclosure; and

15.2.3 any information that is independently developed or acquired by the Recipient without the use of or reference to Confidential Information of Discloser.

15.3 Confidential Information includes all documents and other tangible objects containing or representing Confidential Information and all copies or extracts thereof or notes derived therefrom that are in the possession or control of the Recipient and all of the foregoing shall be and remain the property of the Discloser. At the Discloser’s request, the Recipient shall return or destroy all Confidential Information; provided, however, the Recipient may retain one copy of Confidential Information:

15.3.1 if required by applicable laws; or

15.3.2 pursuant to a bona fide and consistently applied document retention policy; provided, further, that in either case, any Confidential Information so retained by the Recipient shall remain subject to the confidentiality obligations of these Terms.

15.4 If the Confidential Information disclosed under these Terms or any other agreement that we may enter into with you includes the personal data of the Discloser and/or personal data of any individual:

15.4.1 the Discloser hereby consents to the collection, processing, use and disclosure of its personal data by the Recipient in accordance with these Terms and our Privacy Policy; and

15.4.2 the Discloser hereby undertakes, represents and warrants to the Recipient that the Discloser has notified such individual of the purposes for which the Recipient may use his/her personal data and has obtained such individual’s consent for the collection, processing, use and disclosure of his/her personal data by the Recipient in accordance with these Terms and our Privacy Policy.

15.5 The Discloser acknowledges and agrees that any consent given pursuant to these Terms in relation to personal data shall survive death, incapacity, bankruptcy or insolvency of any such individual and the termination or expiration of these Terms.

16. Term and Termination

16.1 Validity: These Terms shall apply on the date that you subscribe for and/or use our Services and will continue for such period notified to you in the quotation containing the Subscription Fee, unless earlier terminated in accordance with these Terms (the “Initial Duration”). After the Initial Duration, the Terms will automatically renew for successive one-year periods (each a “Renewal Duration”), unless either Party notifies the other of its intention not to renew at least 30 days prior to the expiration of the then-current Duration. “Duration” means the Initial Duration and any Renewal Duration.

16.2 Termination:

16.2.1 SAFEHERON may terminate this agreement and your Account Subscription(s) with immediate effect by notice in writing if:

16.2.1.1 you have breached any of any of your undertakings or obligations in these Terms, including for the avoidance of doubt, Clauses 3.3, 4.2 and 8.3;

16.2.1.2 any of your representations or warranties in these Terms turn out to be false, misleading, inaccurate or incomplete, including for the avoidance of doubt, Clauses 8.3 and 9.2.1;

16.2.1.3 you have failed to pay any amount due under these Terms on the due date for payment and remains in default not less than thirty (30) days after being notified in writing to make such payment;

16.2.1.4 you have breached Clause 6.3.1;

16.2.1.5 you have committed a material breach of any of these Terms and (if such breach is remediable) fail to remedy that breach within a period of seven (7) calendar days after being notified in writing to do so; or

16.2.1.6 we are required to do so under any applicable law(s) or pursuant to any request by any governmental or regulatory body.

16.2.2 You may terminate this agreement and your Account Subscription(s) with immediate effect by notice in writing if:

16.2.2.1 SAFEHERON discontinues support for any of the digital assets which you hold in the digital wallet linked to your Account;

16.2.2.2 SAFEHERON discontinues support for the signature algorithm you intend to rely on for any Supported Digital Assets;

16.2.2.3 SAFEHERON revises the Subscription Fee and/or billing cycle and you indicate that you do not wish to continue such Account Subscription(s) within fourteen (14) calendar days of such notice; or

16.2.2.4 SAFEHERON revises the Committed Monthly Percentage.

16.2.3 In the event of termination pursuant to any of the events listed in Clause 16.2.2, we may, in our absolute discretion, refund you the pro-rated amount of the Subscription Fee paid for the relevant calendar month.

16.2.4 On termination of these Terms for any reason:

16.2.4.1 all licences granted under this agreement shall immediately terminate and you shall immediately cease all use of the Services, Software and/or the Documentation;

16.2.4.2 each Party shall return and make no further use of any Confidential Information, Documentation and other items (and all copies of them) belonging to the other Party;

16.2.4.3 we may destroy or otherwise dispose of any of the User Data in our possession unless we receive, no later than ten days after the effective date of the termination of these Terms, a written request for the delivery to you of the then most recent back-up of your User Data. We shall use commercially reasonable endeavours to deliver the electronic back-up to you within 30 days of our receipt of such a written request, provided that you have, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). You shall pay all reasonable expenses incurred by us in returning or disposing of your User Data; and

16.2.4.4 any rights, remedies, obligations or liabilities of the Parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of these Terms which existed at or before the date of termination shall not be affected or prejudiced.

16.2.5 Clauses 10, 11, 12, 13, 14, 15, 16.2.3, 16.2.4, 16.2.5 and 18 shall survive any termination or expiry of these Terms.

17. Force Majeure

17.1 We shall not be liable for any delays, failure in performance or interruption of the Services which result directly or indirectly from any Force Majeure Event.

17.2 The Party not affected by the Force Majeure Event may terminate these Terms with immediate effect by providing written notice to the other Party if the other Party remains unable to perform due to the Force Majeure Event for a period of more than fifteen (15) days following the date of the Force Majeure Event.

17.3 For the avoidance of doubt, neither occurrence of a Force Majeure Event or the termination of these Terms in connection therewith shall relieve either Party from any accrued obligations then subsisting prior to the occurrence of the Force Majeure Event or termination of these Terms in connection therewith (including any payment obligations for outstanding sums).

18. Miscellaneous

18.1 Notices:

1.1.1 Any notices, demands or other communications hereunder shall be in writing and may be served, in the case of SAFEHERON only, by way of publication on our website accessible at www.safeheron.com, in-application notification, text messages, instant messaging and/or other electronic means or sent or distributed via email:

If to SAFEHERON, to:

Name: SAFEHERON Pte. Ltd.

Email: support@safeheron.com

If to you, to:

Name: Name of person subscribing for the Account Subscription

Email: Your email address as notified to SAFEHERON during the account opening and onboarding process and updated from time to time

Mobile: Your mobile phone number as notified to SAFEHERON during the account opening and onboarding process and updated from time to time

18.1.2 Any such communication shall be deemed duly given:

18.1.2.1 in the case of publication on our website (applicable only to SAFEHERON), to you by close of business on the date of publication of such notice, demand or communication on our website, provided that if such day is not a Business Day or such time not a normal business hour then delivery shall be deemed to have occurred on the following Business Day;

18.1.2.2 in the case of communication via in-application notification, text messaging, instant messaging and/or other electronic means, on the day such notification, text message, instant message and/or other electronic medium was sent;

18.1.2.3 in the case of communication via email, when sent to SAFEHERON’s or your email address, by close of business of the date of transmission by the email server used by us or you and/or our or your service provider subject to confirmation of successful transmission, provided that if such day is not a Business Day or such time not a normal business hour then delivery shall be deemed to have occurred on the following Business Day.

18.1.3 SAFEHERON shall not be liable for any failures or delays in the delivery of such notice to you due to reasons not attributable to SAFEHERON (including but not limited to the provision of inaccurate or invalid contact details, and network failures by third party service providers).

18.2 Entire Agreement: These Terms constitutes the entire agreement between the Parties with respect to the subject matter hereof and supersedes all prior oral and written discussions, memoranda, understandings and undertakings between them.

18.3 Remedies: No remedy conferred by any of the provisions of these Terms is intended to be exclusive of any other remedy which is otherwise available at law, in equity, by statute or otherwise, and each and every other remedy shall be cumulative and shall be in addition to every other remedy given hereunder or now or hereafter existing at law, in equity, by statute or otherwise, provided always that the Parties shall not be entitled to rescind these Terms on grounds of misrepresentation. The election of any one or more of such remedies by any of the Parties shall not constitute a waiver by such Party of the right to pursue any other available remedies.

18.4 Waiver: The rights and remedies of each Party shall not be affected by any failure to exercise or delay in exercising any right or remedy or by the giving of any indulgence or by anything whatsoever except a specific waiver or release in writing and any such waiver or release shall not prejudice or affect any other rights or remedies of such Party. No single or partial exercise of any right or remedy shall prevent any further or other exercise thereof or the exercise of any other right or remedy.

18.5 Time of Essence: Any time or period mentioned in any provision of these Terms may be extended by mutual agreement between the Parties but as regards any time, date or period originally fixed or any time, date or period so extended as aforesaid time shall be of the essence.

18.6 Successors and Assigns: No Party shall have the right to assign all or any part of its interest in these Terms without the prior written consent of the other Party. These Terms shall be binding upon and shall inure to the benefit of the Parties and their successors and permitted assigns.

18.7 Severability: If any provision or any portion of any provision of these Terms or the application of any such provision or any portion thereof to any person or circumstance, shall be held invalid or unenforceable, the remaining portion of such provision and the remaining provisions of these Terms, and the application of such provision of portion of such provision as is held invalid or unenforceable to persons or circumstances other than those as to which it is held invalid or unenforceable, shall not be affected thereby.

18.8 Third Party Rights: A person who is not a party to these Terms has no right under the Contracts (Rights of Third Parties) Act 2001, to enforce any Terms, but our assignees, affiliates, third party vendors and contract service providers shall be deemed beneficiaries of these Terms as if they are parties thereto and shall have the rights to enforce the provisions of these Terms.

18.9 Governing Law: These Terms shall be governed by and construed in accordance with the laws of Singapore.

18.10 Dispute Resolution:

18.10.1 Parties shall first attempt to resolve any dispute, controversy or claim arising under, out of, in connection with or in relation to these Terms, including any dispute as to its existence, validity, interpretation, performance, breach or termination and any dispute relating to any non-contractual obligations arising out of or in connection with it (“Dispute”) shall, so far as possible, amicably by mutual consultation between Parties. The amicable resolution should be commenced as soon as possible after a disputing Party delivers a notice of dispute to another disputing Party (“Dispute Notice”).

18.10.2 Failing an amicable settlement within 30 calendar days from the date of the Dispute Notice, the disputing Parties agree that the Dispute shall be referred to and finally resolved by arbitration administered by the Singapore International Arbitration Centre in accordance with the Arbitration Rules of the Singapore International Arbitration Centre for the time being in force, which rules are deemed to be incorporated by reference in this Clause 18.10. The seat of the arbitration shall be Singapore. The arbitration tribunal shall consist of one (1) arbitrator appointed by the President of the Court of Arbitration for the time being of the Singapore International Arbitration Centre. The language of the arbitration shall be English.

Safeheron PTE. LTD.

© 2023 Safeheron PTE. LTD. All rights reserved.

Safeheron Privacy Policy

LAST UPDATED: Nov 16, 2022

Changelog

Introduction

Thank you for using our application and/or visiting our website. We take our data protection responsibilities very seriously and have designed our website in a way that users can browse without having to provide any personal data.

The Privacy Policy (this "Privacy Policy") describes how SAFEHERON PTE.LTD. and how our affiliates ("Safeheron" or “We”) will collect, use, maintain, share and store information collected in connection with the use of our website https://www.safeheron.com/, any other related domain or subdomain thereof ("Site"), the use of our platform's mobile wallet application and any other software applications we license ("Platform"). This is in connection with our role as controller of your personal information (In applicable of data protection laws), and in instances where data is collected and processed. Additional details are provided in this Privacy Policy.

For the purposes of this Privacy Policy, "personal information" refers to information relating to an identified or identifiable individual. For the purposes of this Privacy Policy, personal information does not include de-identified or aggregated information and, to the extent permitted by law, does not include information that is lawfully available to the public or lawfully available in government records.

Our services are not available to users in mainland China.

I. Information Collected

In the course of using Safeheron services, we may collect information that is voluntarily provided while using our services or as a result of using our services in the following manner:

1.1. Institutional Data: Employer identification number (or other similar government-issued number) and/or personal identification information for all significant beneficial owners and/or a list of current directors of the institution, size of the institution's personnel, and type of business conducted.

1.2. Contact Information: Telephone number and/or e-mail.

1.3. Geographic Location Data: IP address, country code, postal code, working address of the institutional customer.

1.4. Account Information: Account name, customer ID, password and/or user name.

1.5. Transaction Data: Information about transactions made on our Platform, such as details of trade orders, amounts and/or timestamps of virtual assets held in your account.

1.6. Usage Data: Authentication data, clickstream data, cookies, pixel tags and other similar tools that uniquely identify your browser, as well as your consent to collect any of the data mentioned thereof.

1.7. Technical Information: Device type, classification and model number, unique device identification number (e.g. OAID, AndroidID, IDFV, IDFA, GAID, IMEI), source of submission (Web or App), telecommunication carrier information, browser type and version, browser plug-in type and version, application version and SDK version, operating system and platform, language settings, privacy preferences, time zone settings, diagnostic data, such as crash logs and any other data we collect to obtain your consent when required and other information stored or available to measure technical diagnostics on the devices that allow us access when you visit the Site or use service/application, the full URL clickstream to, through and from the service, cookie identifiers and your activity.

1.8. Marketing and Communications Data: Marketing communications preferences, survey responses, information provided to our support, business, sales team and/or user research team.

1.9. Risk Management Data: Personal credit information, including payment history, credit information and debt information, etc. legal data, litigation-related, case-involved information, compliance assessment, risk assessment, risk level, KYC certification results and reasons for KYC failure.

1.10. Financial Data: Bank account information (e.g. account number, sort code), remittance account, bank account type (SWIFT/ABA), SWIFT code, ABA number, legal tender deposit certificate information, currency, deposit amount, withdrawal amount, payment card master account number (PAN), cryptocurrency deposit address.

II. Use of Personal Information Collected

Information collected may be used for the following purposes:

III. Sharing and Transfer of Personal Data

3.1. Sharing

We will not share your user information with other organizations and individuals, except for the following:

3.1.1. Sharing with explicit consent: We may share your information with other parties after your explicit consent.

3.1.2. Sharing under legal circumstances: We may share your information with the public in accordance with the provisions of laws and regulations, the need for litigation or arbitration settlement, or as requested by administrative or judicial authorities in accordance with the law.

3.2. Transfer

We will not transfer your information to any company, organization or individual, except for the following:

3.2.1. Transferring with express consent: We may transfer your information to other parties after obtaining your express consent.

3.2.2. In the event of a merger, acquisition or liquidation of Safeheron with another legal entity, or other merger, acquisition or liquidation involving the transfer of user information, we will require the new company or organization holding your data to continue to be bound by this Policy, or we will require that company, organization or individual to seek your authorized consent again.

3.3. Exceptions for sharing and transferring user information with prior authorized consent

Your prior authorized consent is not required to share or transfer your user information in the following cases:

3.3.1. Related to national security and national defense security.

3.3.2. Related to public safety, public health, and significant public interest.

3.4.3. Related to crime investigation, prosecution, trial and sentence enforcement, etc.

3.4.4. For the purpose of safeguarding yours or another individual's significant legal rights and interests, such as life or property, including circumstances where it is difficult to obtain your consent.

3.4.5. Personal information that you disclose to the public on your own.

IV. Protecting Your Personal Information

We strive to safeguard the security of our users' information against loss, misuse, alteration, and unauthorized access or disclosure.

4.1. We will use a variety of security protections to safeguard information within a reasonable level of security. For example, we will use encryption technology (e.g., SSL), MPC, de-identification, anonymization processing, etc. to protect your personal information.

4.2. We’ve established special management systems, operating procedures and organizations to safeguard information. For example, we strictly limit the scope of people who can access your information, as we require them to comply with confidentiality obligations and conduct routine audits.

4.3. In the unlikely event of a personal information leak, we will promptly notify you by email, push notification, and other forms of communication in a timely manner, and we will bear the corresponding legal responsibility. At the same time, we will also take the initiative to report the disposition of the incident in accordance with the requirements of the regulatory authorities.

4.4. We have met the requirements of ISO27001 certification standard in terms of information security and have obtained the corresponding certification.

4.5. We will take all reasonable steps to ensure that no unrelated personal information is collected. We will only retain your personal information for as long as is necessary to achieve the purposes described in this policy, unless an extended retention period is required or permitted by law.

V. Your Rights

You are entitled to certain rights in relation to your personal information.

5.1. You’re allowed two requests per calendar year for the following:

a) Specific personal information we collect about you

b) Categories of personal information we collect about you

c) Categories of sources from which we collect your personal information

d) Business purposes for which we collect your personal information

5.2. If you believe that the personal information we have collected is inaccurate, you can request a correction on the personal information collected.

5.3. To receive the personal information you provide to us in a structured, common and machine-readable format and transfer it to other data controllers (data migration).

5.4. To restrict or object to the processing of your personal information for compelling and legitimate reasons related to your particular situation, unless such processing is expressly provided for by law.

5.5. To file a complaint with the regulatory authority where you live or where the issue of the subject of the complaint arose. We will not discriminate against you for exercising any of these rights. If you wish to make a request for additional information, please contact us using the information provided in the "Contact Us" section below.

5.6. You may make a request to us to delete personal information in the following cases:

1) If our handling of personal information violates laws and regulations.

2) If we collect and use your personal information without your consent.

3) If our processing of personal information is in breach of our agreement with you.

4) If you no longer use our products or services, or if you wish to terminate your account.

5) If we no longer provide products or services to you.

5.7. For security purposes, you may need to provide a written request or otherwise to prove your identity. We may ask you to verify your identity before we process your request. We will respond within thirty days, and if you are not satisfied, you may also reach out by submitting an email to feedback@safeheron.com to make a complaint. In principle, we do not charge a fee for reasonable requests, but we may charge a fee for repeated requests that exceed reasonable limits, as we deem appropriate. We may deny requests that are unwarrantedly repetitive, require excessive technical configuration (Ex: Requiring the development of new systems or fundamental changes to current practices), pose a risk to the legal rights of others, or are highly impractical (Ex: Involving the backup of information to be stored on tapes).

5.8. We will not be able to respond to your request in the following cases:

1) Obligations of a controller of personal information under laws and regulations.

2) Directly related to national security and/or national defense security.

3) Directly related to public safety, public health, and significant public interest.

4) Directly related to criminal investigation, prosecution, trial and enforcement of sentences.

5) Where the controller of personal information has sufficient evidence of subjective malice or abuse of rights by the subject of personal information.

6) For the purpose of safeguarding the life, property, and other significant legitimate rights and interests of the subject of personal information or other individuals, but where it is difficult to obtain the consent of the individual.

7) When responding to the request of the subject’s personal information will result in serious damage to the legitimate rights and interests of the subject’s personal information or other individuals or organizations; involving commercial interest.

VI. Collection of Information on Minors

6.1. Our products, websites, and services are primarily intended for adults. Minors should not create their own personal information accounts without the consent of their parents or legal guardians.

6.2. In the case of personal information collected from minors with parental consent, we will only use or publicly disclose this information as permitted by law, with the express consent of the parent or legal guardian, or as necessary to protect the minor.

6.3. Although local laws and customs define minors differently, we consider any person under the age of 14 to be a minor.

6.4. If we find that we have collected personal information from a minor without prior verifiable parental consent, we will seek to delete the relevant data as soon as possible.

VII. How We Use Cookies

We collect certain information through tracking technologies used on the Site, such as cookies (data files placed on devices used to access the Site), mobile analytics software, and pixel tags (transparent graphic images, sometimes called web beacons or tracking beacons, placed on web pages or emails that indicate that a page or email has been viewed and may tell your browser to fetch content). We do this to analyze trends, track users' movement around the Site, gather demographic information, and generally collect information that we believe to be insightful or useful. For security purposes, we or our third-party service providers may place cookies or similar files on your device to facilitate site navigation. We may use social media platform cookies to improve our user experience.

Most browsers allow you to control cookies, including whether to accept them and how to delete them. You can set most browsers to notify you when you receive a cookie, or you can choose to block cookies using your browser; however, please note that some features of the Site may not function properly or may be slowed down if you reject cookies. If you block or delete a cookie, not all of the tracking we described in this Privacy Policy will stop.

We use cookies provided by Google Analytics to collect statistical information about the use of the Site. We use Google Analytics to learn more about the types of users who visit the Site, their activities on the Site, and to help improve the Site. In order to provide this service, Google Analytics may collect certain information about you from your computer, including but not limited to: information about your visit (such as the pages you visit and the length of your visit), information about your device (such as your IP address), how you access the Site, and other information about you. You can visit www.google.com/policies/privacy/partners/ to learn more about Google Analytics and how it collects and processes data, including how it controls the information sent to Google. You can opt out of Google Analytics here tools.google.com/dlpage/gaoptout (this requires you to install a browser plug-in).

Some web browsers may provide an option whereby you can request that your browser notify the website you are visiting that you do not want your activity to be tracked by a cookie or other persistent identifier (often referred to as a ‘do not track’). The Site does not currently respond to ‘Do Not Track’ signals.

Different types of cookies can be used for specific purposes, e.g.

VIII. How Long We Retain Your Personal Data

We will retain your personal information for as long as required or permitted by law or in accordance with the retention policies that we may establish from time to time. We consider the following factors for determining the duration of such retention; the time required to retain personal information for business purposes; the maintenance of corresponding business records; improving the performance and quality of the Site and Platform; the processing of your inquiries; whether we reasonably believe that the data is needed to process any litigation; and whether legal and contractual obligations impose any requirements for data retention.

Please refer to the ‘Use of Personal Information Collected’ section above for the relevant retention periods for each Purpose of Collection.

IX. Cross-Border Data Transmission

Given that we are an international company, our use of your personal information necessarily involves cross-border data transfers. Safeheron processes and stores data on servers in Hong Kong, China. When we transfer data across borders, we do so in accordance with applicable data protection laws. For example, we may use standard contractual clauses when we transfer data from the European Economic Area to jurisdictions that are not considered to have an adequate level of data protection. In the absence of an adequate decision or standard contractual terms or any other right to transfer your data, we may rely on your consent as the basis for such transfers.

X. Cancellation of E-mail Services

You can unsubscribe from receiving marketing and promotional messages from us at any time by:

10.1. Selecting the unsubscribe link in the message we send you, or

10.2. Using the information provided in the ‘Contact Us’ section below to contact us. Please note that even if you choose not to receive the above emails, we will still send you a reply when you contact us for other reasons related to your use of our Site or Platform.

XI. Update of Privacy Policy

Rights will not be reduced under the personal information protection policy without your express consent. We will post any changes made to this policy on our website or app. When changes are made to the Privacy Policy, we will promptly notify you of the changes to the Privacy Policy by email, push notification, and change the ‘last updated’ date on our blog. If you do not agree with the revised policy, we advise you to stop using our Platform and services. We will also keep an older version of this policy on file for you to review.

XII. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at privacy@safeheron.com. Generally, we will respond within thirty days. If you are not satisfied with our response, especially if you believe our personal information processing practices have infringed on your legal rights, you may also seek a resolution through government, courts, or other relevant agencies.