Platform Terms of Service

Last updated: February 10, 2026

H33.ai Quantum Authentication Platform Operated by H33.ai, Inc.

Effective Date: February 10, 2026

1. Parties; Acceptance; Scope

1.1 Agreement

These Platform Terms of Service (the "Terms") are a binding agreement between H33.ai, Inc., a Florida corporation ("H33," "we," "us," or "our"), and the business or government entity accepting these Terms ("Customer," "you," or "your").

1.2 Acceptance

Customer accepts these Terms by clicking "I Agree," executing an Order Form referencing these Terms, or accessing/using the Services.

1.3 Authority

The individual accepting these Terms represents they have authority to bind Customer. No personal guarantee is created by acceptance. The individual remains responsible for their own fraud or intentional misconduct.

1.4 Business Use Only; No End User Privity

Customer is using the Services solely for business/government purposes. End Users are not parties to these Terms.

2. Contract Documents; Incorporation; Precedence

2.1 Contract Stack

These Terms, together with any Order Form (if any), incorporate by reference the following, as applicable (collectively, "Incorporated Terms"):

• Acceptable Use Policy ("AUP")
• Billing & Credits Policy
• Support Policy
• Privacy Policy
• Security Exhibit
• U.S. State Privacy Addendum (Default Processor Addendum) (applies when U.S. State Privacy Laws require controller/processor or business/service provider terms)
• Blockchain Addendum and KYC/AML Addendum (only if applicable and activated)
• Token/Tokenized Identity Addendum (only if applicable and Token Features are activated)
• On-Prem / Enterprise Addendum (only if applicable)
• Business Associate Agreement ("BAA") (only if executed under Section 11)

Incorporated Terms apply only to the extent (i) referenced in these Terms and (ii) activated for Customer's account or otherwise expressly agreed as applicable (e.g., via Order Form, self-serve enablement, or execution where required). These Terms, any Order Form, and the Incorporated Terms are collectively, the "Contract Documents." For purposes of these Terms, "Policies" means the AUP, Billing & Credits Policy, Support Policy, and Privacy Policy, and "Documentation" means H33's then-current technical documentation made available for the Services.

2.2 Order of Precedence

If there is a conflict among the Contract Documents, the following order of precedence will apply (from highest to lowest):

• (i) the applicable Order Form (including any electronic purchase/enablement flow that references these Terms);
• (ii) any executed Business Associate Agreement (if any);
• (iii) any executed Data Processing Addendum/Data Processing Agreement (if any);
• (iv) any applicable addenda (including the On-Prem / Enterprise Addendum, Security Exhibit, U.S. State Privacy Addendum, Token/Tokenized Identity Addendum, Blockchain Addendum, and KYC/AML Addendum, if applicable);
• (v) these Terms;
• (vi) Policies; and
• (vii) Documentation.

For clarity, any DPA does not expand H33's liability or Customer remedies beyond these Terms unless an Order Form expressly states otherwise.

2.3 Documentation

"Documentation" means technical documentation and developer materials we make available. Documentation is descriptive and does not create warranties or SLAs unless an Order Form expressly states otherwise.

3. Definitions

3.1 "Affiliate"

means an entity that controls, is controlled by, or is under common control with a party.

3.2 "Authorized Users"

means Customer's employees, contractors, and agents authorized to access the Services under Customer's account.

3.3 "End Users"

means individuals authenticated through Customer's application or systems using the Services.

3.4 "Services"

means the H33 cloud API platform and related services, including dashboards, APIs, SDKs, Documentation, and enabled modules, as made available to Customer under these Terms and any Order Form.

3.5 "API"

means the application programming interfaces made available by H33.

3.6 "SDK"

means H33 software development kits made available for integration.

3.7 "Customer Application"

means Customer's products/services/apps/sites/systems that integrate with or use the Services.

3.8 "Customer Data"

means data submitted by or on behalf of Customer to the Services, including inputs, identifiers, templates (if any), configuration data, and outputs generated for Customer through the Services.

3.9 "Personal Data"

means Customer Data that constitutes "personal data," "personal information," or similar terms under applicable data protection law.

3.10 "Biometric Data"

means Customer Data that constitutes biometric identifiers, biometric information, biometric samples, or biometric-derived templates (including face, voice, fingerprint, and behavioral biometrics) as defined by applicable law.

3.11 "Credits"

means prepaid units Customer purchases (or is issued for trial) to access and use the Services.

3.12 "Order Form"

means an ordering document, online order, or other purchase/enablement flow (including electronic acceptance) that references these Terms and identifies the Services/modules, tier, and applicable fees.

3.13 "Beta Services"

means preview, alpha, beta, experimental, or pre-release features.

3.14 "Confidential Information"

means non-public information disclosed by a party that is designated as confidential or that reasonably should be understood to be confidential, including non-public security information and architecture details.

3.15 "Security Incident"

means a confirmed unauthorized access to, acquisition of, or disclosure of Customer Data processed or stored in H33-controlled systems, as further described in the Security Exhibit and any DPA (if applicable). Security Incident does not include incidents affecting Customer's systems, Customer Wallets/keys, Smart Contracts, or Blockchain Networks not controlled by H33; third-party services not controlled by H33; or unsuccessful attempts or activity that does not compromise the security of Customer Data (e.g., pings, port scans, denial-of-service attempts).

3.16 "EEA"

means the European Economic Area.

3.17 "Data Subject"

means an identified or identifiable individual to whom Personal Data relates.

3.18 "Restricted Regions"

means the EEA, the United Kingdom (the "UK"), and Switzerland. "UK" means the United Kingdom of Great Britain and Northern Ireland.

3.19 "Restricted Regions Data"

means Personal Data of a Data Subject who is located in the Restricted Regions at the time the Personal Data is collected, accessed, or submitted for Processing in connection with the Services.

3.20 "U.S. State Privacy Laws"

means applicable U.S. comprehensive consumer privacy laws (including, where applicable, the CCPA/CPRA and similar state privacy laws) that require contractual terms between a controller/business and a processor/service provider.

3.21 "Data Protection Laws"

means the data protection and privacy laws and regulations of the Restricted Regions that require processor/service provider contractual terms (including, as applicable, the GDPR, UK GDPR, and Swiss FADP), and any implementing regulations. Data Protection Laws do not include U.S. State Privacy Laws, which are addressed exclusively by the U.S. State Privacy Addendum.

3.22 "U.S. State Privacy Addendum"

means the U.S. State Privacy Processor Terms Addendum incorporated into these Terms.

3.23 "Identity Credential"

means a non-transferable, on-chain identity credential (sometimes referred to as a 'soulbound credential') that may be used as an on-chain anchor for decentralized identity binding, credentialing, permissioning, attestations, and related Token Features. An Identity Credential is intended as a cryptographic identity primitive and is not a medium of exchange, investment product, or security.

3.24 "Token Features"

means optional tokenized identity, DID binding, credential issuance, document permissioning/access control, smart contract functionality, and related features governed by the Token Addendum.

3.25 "Token Addendum"

means the Tokenized Identity & Smart Contract Addendum.

3.26 "Smart Contracts"

means software logic deployed to a Blockchain Network that executes or enforces on-chain state changes, permissioning, attestations, or other Token Features.

3.27 "DID"

means a decentralized identifier consistent with W3C decentralized identity standards or similar frameworks, as implemented through Token Features.

3.28 "Wallet"

means any digital wallet, custody solution, private keys, signing devices, recovery phrases, and access controls used in connection with Token Features.

3.29 "Documentation"

means H33's then-current technical documentation, developer guides, API references, and other materials made available by H33 describing the Services and their use.

3.30 "Policies"

means H33's then-current policies incorporated into these Terms, including the Acceptable Use Policy, Billing & Credits Policy, Security Exhibit, and any addenda designated as policies.

3.31 "Customer Environment"

means Customer's systems, networks, cloud accounts, facilities, endpoints, identity systems, monitoring tools, and security controls that Customer provides, configures, operates, or controls, including any third-party infrastructure Customer uses that is not controlled by H33.

3.32 "Enterprise Deployment"

means any deployment of the Services that is not standard multi-tenant cloud access via H33's hosted endpoints, including (as applicable) a Dedicated Tenant, private cloud/VPC deployment, On-Prem Deployment, Customer-hosted authority nodes, or other enterprise deployment options described in an Order Form.

3.33 "On-Prem Deployment"

means an Enterprise Deployment in which software components of the Services are deployed into Customer's Customer Environment and operated by Customer (or its designated operator), rather than being hosted and operated by H33.

3.34 "Authority Nodes"

means one or more independent or logically separated service components (which may be operated by H33, Customer, Customer's designee(s), and/or third parties, depending on the deployment) that participate in threshold, collective-authority, key-share, or similar cryptographic workflows for Token Features and/or authentication features, as described in Documentation or an Order Form.

3.35 "Dedicated Tenant"

means an Enterprise Deployment in which H33 makes available a logically isolated instance or environment of the Services for Customer (which may include separate compute, storage, and/or networking boundaries), as described in an Order Form, but which may still rely on shared underlying infrastructure or third-party cloud services. Dedicated Tenant does not imply physical isolation unless expressly stated in an Order Form.

3.36 "Cross-Border Transfer Mechanism"

means a lawful data transfer mechanism recognized under applicable Data Protection Laws for transfers of Personal Data from the Restricted Regions to a recipient in another jurisdiction (for example, standard contractual clauses, an international data transfer agreement, or another approved mechanism), as applicable.

4. The Services; Modules; Availability; Changes

4.1 Modules and Enablement

Customer's access is limited to the Services and modules enabled for Customer's account and tier. Modules may be enabled only as set forth in an Order Form (if any) and/or through affirmative self-serve enablement within the Services (where available). Documentation and marketing descriptions do not constitute an obligation to provide any module unless enabled for Customer.

4.1(a) Optional Modules

Optional Modules may include Blockchain Features, KYC Services, Token Features, and Enterprise Deployment / On-Prem Deployment (each as defined in these Terms and/or the applicable addenda).

4.1(b) Blockchain Features; KYC Services

If Customer activates or uses Blockchain Features or KYC Services, such use is governed by the Blockchain Addendum and/or KYC/AML Addendum, as applicable. If not activated, the corresponding addendum does not apply.

4.1(c) Token Features (Optional Module)

Token Features are optional and are not included unless activated pursuant to Section 4.1 (Order Form enablement or affirmative self-serve enablement). If Customer activates or uses Token Features, Customer's use is governed by the Token Addendum (and, where applicable, the Blockchain Addendum and the KYC/AML Addendum). If Token Features are not activated, the Token Addendum does not apply.

4.1(d) Token/On-Chain Risks; No Custody; No Deletion Guarantee

Token Features may involve Smart Contracts, third-party blockchain networks, and Customer Wallets/keys. Customer is solely responsible for Wallet selection, private key custody, and access controls. On-chain actions may be irreversible, and deletion, rectification, or modification of on-chain records or Smart Contract state may not be feasible. Additional terms and risk allocations are set forth in the Token Addendum and Blockchain Addendum.

4.1(e) Enterprise Deployment / On-Prem Deployment (Optional Module)

Enterprise Deployment and On-Prem Deployment are optional and are not included unless activated pursuant to Section 4.1 (Order Form enablement or affirmative self-serve enablement where available). If Customer activates or uses an Enterprise Deployment or On-Prem Deployment, Customer's use is governed by the On-Prem / Enterprise Addendum (and, where applicable, the Security Exhibit, U.S. State Privacy Addendum, any executed DPA and/or BAA, and any other applicable addenda). If not activated, the On-Prem / Enterprise Addendum does not apply.

4.1(f) Shared Responsibility; Customer Environment

For any Enterprise Deployment or On-Prem Deployment, availability, performance, and security depend on the Customer Environment and Customer's operation and configuration of deployed components. H33 is not responsible for outages, degradation, or incidents attributable to the Customer Environment or third-party services not controlled by H33, except to the extent caused by H33's breach of its obligations under the Terms and applicable addenda.

4.2 No Professional Advice; Not a System of Record

The Services and any outputs do not constitute legal, compliance, medical, financial, or other professional advice and are not intended to be relied upon as Customer's system of record for legal, regulatory, audit, or compliance obligations. Customer is solely responsible for its decisions, operations, and compliance programs.

4.3 No SLA Unless in Order Form

We do not guarantee uptime, response times, throughput, or performance metrics unless expressly stated in an Order Form.

4.4 Maintenance

We may perform maintenance with notice where practicable and may perform emergency maintenance without notice as reasonably necessary to protect the security or integrity of the Services.

4.5 Changes; Deprecation; Compatibility

We may update, modify, deprecate, suspend, or discontinue any aspect of the Services or any module. Where practicable, we will provide advance notice of materially adverse changes to core functionality. Customer is responsible for maintaining compatibility with updates and for ensuring its integration continues to function as the Services evolve.

4.6 Service Protection Controls

We may impose reasonable technical and operational controls (including rate limits, throttling, suspension, or disabling of modules) to protect the Services, manage cost exposure, address security risk, comply with law, or prevent abuse.

4.7 Future Transferable Token

Any transferable digital asset or tokenomics feature (if ever offered) will be governed by a separate addendum or Order Form and is not part of the Services unless expressly activated.

5. Eligibility; Export Controls; Sanctions

Customer will comply with applicable laws, including export control and sanctions laws. Customer represents it is not a restricted party and will not permit access from prohibited jurisdictions or restricted parties. We may suspend access to comply with law or risk assessments.

6. Accounts; Credentials; Security of Access

6.1 Registration

Customer will provide accurate registration/billing information and keep it current.

6.2 Credentials

Customer is responsible for safeguarding credentials and implementing appropriate access controls.

6.3 Responsibility

Customer is responsible for all activity under its account and through its integration.

7. Customer Responsibilities; Compliance Allocation

7.1 Customer Application and Representations

Customer is responsible for the Customer Application and any representations made to End Users about authentication, privacy, compliance, or security.

7.2 End User Notices/Consents

Customer is solely responsible for providing legally required notices and obtaining legally required consents, including biometric consents (and written consents where required).

7.3 Compliance Decisions

Customer is responsible for assessing whether the Services are appropriate for Customer's use case and compliance obligations.

7.4 High-Risk and Prohibited Uses

Customer will not, and will not permit any third party to, use the Services in any manner that:

• (a) enables unlawful surveillance, covert monitoring, or tracking of individuals, including any form of "silent" biometric collection or identification without legally required notice/consent;
• (b) supports mass identification, face recognition watchlists, or biometric databases used for generalized monitoring, profiling, or law enforcement purposes without H33's prior written approval and Customer's demonstrated legal authority;
• (c) is used to make or support automated decisions producing legal or similarly significant effects on an individual (including employment, housing, credit, insurance, education, healthcare access, immigration, or benefits determinations) without meaningful human review and legally required notices;
• (d) violates applicable biometric, privacy, consumer protection, anti-discrimination, or employment laws, including requirements relating to written releases, retention schedules, and disclosure limitations;
• (e) attempts to circumvent security controls, rate limits, access controls, or usage restrictions, or to reverse engineer, decompile, or derive source code or underlying models/parameters;
• (f) uses the Services to train, build, improve, or benchmark any competing product or to develop datasets for biometric identification, except as expressly permitted in writing by H33;
• (g) processes data in a way that is likely to cause harm, including use in weapons systems, unlawful discrimination, harassment, doxxing, or violence; or
• (h) otherwise poses a material risk to individuals' rights, safety, or privacy, or to the security or integrity of the Services.

7.5 Enforcement

H33 may immediately suspend or terminate access for any violation of this Section, the AUP, or applicable law, or where H33 reasonably believes Customer's use presents a material risk of misuse or harm.

8. Acceptable Use; Monitoring; Enforcement

8.1 AUP Incorporated

Customer will comply with the AUP.

8.2 Monitoring

We may monitor usage patterns and use automated methods to detect abuse, fraud, anomalous activity, or security threats.

8.3 Rate Limits; Throttling

We may impose rate limits and throttle requests.

8.4 Suspension

We may immediately suspend or limit access if we reasonably believe there is breach, abuse, a security risk, chargeback/payment risk, legal requirement, or risk of harm to the Services or others.

9. Data Processing; Privacy; Security

9.1 Baseline Roles

As between the parties, Customer determines the purposes and means of processing Customer Data in Customer's Application. H33 processes Customer Data to provide the Services consistent with these Terms, Documentation, and the DPA (if applicable). H33 acts as a processor/service provider (or equivalent) with respect to Personal Data processed on Customer's behalf through the Services.

9.2 Data Processing Addendum (Enterprise Only)

If Customer's use of the Services involves Restricted Regions Data or otherwise requires a data processing addendum under applicable Data Protection Laws, Customer must enter into H33's then-current data processing addendum ("DPA"). The DPA is made available only to Customers on an Enterprise (or other H33-designated eligible) tier under an executed Order Form or other H33-designated enterprise purchase/enablement flow that references these Terms, and becomes effective only when executed (or otherwise accepted via the method specified by H33). H33 is not required to execute customer-provided privacy, security, or data protection addenda except as expressly agreed in an Order Form. H33 may limit availability of the DPA by tier, use case, jurisdiction, or availability stage (including pre-launch) and may decline to Process in-scope Personal Data unless an Order Form is in place.

9.2(a) Restricted Regions Data

Unless Customer has an effective DPA in place (and any required Cross-Border Transfer Mechanism, if applicable), Customer will not submit to, or otherwise Process through, the Services any Restricted Regions Data. Customer represents and warrants that it has controls reasonably designed to prevent submission of Restricted Regions Data unless and until the DPA is effective (including, where appropriate, geo-restrictions or other routing/configuration controls). Customer is solely responsible for determining whether data constitutes Restricted Regions Data, and H33 may rely on Customer's representations and configurations. H33 has no obligation to monitor Customer's geographic usage or to detect Data Subject location. If Customer cannot comply, Customer must not use the Services in a manner that Processes Restricted Regions Data.

9.2(b) Enforcement; Remedies

H33 may immediately suspend or terminate the Services if H33 reasonably believes Customer is Processing Restricted Regions Data without an effective DPA. Customer will defend, indemnify, and hold harmless H33 from and against claims, penalties, and regulatory actions arising from Customer's breach of Section 9.2(a) or Customer's failure to establish a lawful basis, provide required notices, or obtain required consents for Customer's Processing.

9.2(c) U.S. State Privacy Addendum

To the extent U.S. State Privacy Laws apply to Customer's use of the Services, the U.S. State Privacy Addendum applies automatically and forms part of these Terms. The U.S. State Privacy Addendum is intended to satisfy required processor/service provider contractual terms under U.S. State Privacy Laws without requiring execution of a separate DPA. Customer is solely responsible for determining whether U.S. State Privacy Laws apply to Customer's use case and for configuring the Services accordingly.

9.3 Security Exhibit; Shared Responsibility

H33 maintains technical and organizational measures described in the Security Exhibit. Customer acknowledges security is a shared responsibility and will implement appropriate controls in its environment.

9.4 Security Incident Notice

If H33 becomes aware of a Security Incident, H33 will notify Customer within a commercially reasonable time after confirmation. If a DPA applies, notice timing and content will be handled consistent with the DPA. H33 will provide information reasonably necessary for Customer to meet its obligations under applicable law, consistent with law and security needs.

9.5 Cooperation and Cost Allocation

H33 will provide reasonable cooperation regarding a Security Incident, including reasonably requested information about the incident's scope and remediation steps. Unless otherwise required by the DPA or agreed in an Order Form:

• Each party bears its own internal costs of investigating and remediating its systems.
• Customer is responsible for costs associated with Customer's obligations to notify End Users, regulators, and other third parties (including call centers, credit monitoring, or similar mitigation), subject to any mandatory allocation required by law.
• If Customer requests assistance beyond H33's standard incident cooperation (e.g., custom reporting, attestations, questionnaires, on-site support, extended logs), H33 may provide it at Customer's expense at then-current professional services rates (if available), unless prohibited by law.
• Any assistance beyond H33's standard incident cooperation may be subject to fees and scheduling, unless prohibited by law or expressly allocated otherwise in an Order Form or the DPA.

9.6 Subcontractors; Audits and Security Information Requests

(a) Subcontractors

H33 may use subcontractors and service providers to deliver the Services (including cloud providers). H33 will use commercially reasonable efforts to select and manage subcontractors consistent with these Terms. H33 is not responsible for third-party services not controlled by H33, except to the extent required by applicable law. To the extent H33 Processes Personal Data subject to U.S. State Privacy Laws, H33's use of Subprocessors is governed by the U.S. State Privacy Addendum.

(b) Audits and Security Information Requests

Any audit or inspection rights are limited to those expressly set forth in the DPA (if applicable). Unless otherwise agreed in an Order Form, Customer's audit rights are satisfied by H33's provision of then-current third-party security reports (e.g., SOC 2) or a written security summary, no more than once per 12-month period (except following a confirmed Security Incident), and Customer may not conduct on-site audits. Customer requests for additional security documentation, questionnaires, attestations, or extended cooperation beyond standard support may be provided at Customer's expense. Any security reports, questionnaires, attestations, and responses provided by H33 are H33 Confidential Information and may not be shared externally without H33's prior written consent. Any permitted verification must be non-disruptive, scoped to information reasonably necessary to verify compliance, and may not require H33 to disclose sensitive security details, trade secrets, or other customers' information.

9.7 Data Location

Customer Data may be processed and stored in the United States and other jurisdictions where H33 or its service providers operate, subject to the DPA (if applicable). Restricted Regions Data may be subject to additional terms and may be supported only under an Enterprise arrangement (including, where applicable, an executed DPA).

9.8 Usage Data

H33 may collect service telemetry, diagnostics, and usage metrics to operate, secure, support, and improve the Services, including to prevent fraud/abuse and enforce rate limits ("Usage Data"). Usage Data does not include Customer Data in identifiable form except as necessary to provide and secure the Services. H33 may generate aggregated and/or de-identified Usage Data and use it for analytics, benchmarking, and service improvement. If Usage Data includes Personal Data, H33 will handle it in accordance with the Privacy Policy and any applicable data protection terms (including the U.S. State Privacy Addendum and/or DPA, if applicable).

10. Biometric Requirements (Customer Obligations)

10.1 Customer Must Ensure Compliance

Customer will ensure its collection/use of Biometric Data complies with applicable biometric and privacy laws (notice, consent, retention, deletion, disclosure, security). As between the parties, Customer is the business/controller and H33 acts as a service provider/processor with respect to Biometric Data processed through the Services. Customer is responsible for providing all required notices to End Users and maintaining records of consents/releases, and will, upon request, provide reasonable written confirmation of such notices/consents/releases (and, if required for a specific investigation or legal request, supporting records) to the extent Customer is legally permitted to do so.

10.2 Written Consent

Where law requires written consent or a written release, Customer will obtain it before capturing or processing Biometric Data through the Services.

10.3 Retention and Deletion

Customer is responsible for implementing a legally compliant retention schedule. Subject to the Terms, H33 will provide commercially reasonable support for Customer deletion requests to the extent Customer Data is stored in H33-controlled systems and such deletion is technically feasible and not prohibited by law, legal hold, security requirements, or recordkeeping obligations. H33 is not required to delete data from third-party networks or systems not controlled by H33, and Customer acknowledges that on-chain records and Smart Contract state may be persistent and not practically deletable. Deletion support does not include custom development or professional services and may not apply to backup copies or security logs retained for legitimate purposes, except where required by law.

11. HIPAA / PHI Gating; BAAs

11.1 No PHI by Default

THE SERVICES ARE NOT OFFERED OR WARRANTED FOR PROCESSING "PROTECTED HEALTH INFORMATION" ("PHI") UNDER HIPAA UNLESS CUSTOMER AND H33 EXECUTE A SEPARATE, WRITTEN BAA. Customer will not submit, store, transmit, or otherwise process PHI through the Services without an executed BAA.

11.2 PHI Without a BAA is a Material Breach

If Customer submits PHI without an executed BAA: (a) Customer materially breaches these Terms, (b) H33 may suspend Services immediately, and (c) Customer will be responsible for resulting claims, penalties, costs, and expenses, subject to Section 19 (Customer indemnity).

11.3 BAA Availability (Option B)

A BAA may be available only by separate written agreement, for eligible paid tiers/use cases, and on H33's then-current BAA form unless otherwise stated in an Order Form. H33 may decline BAAs in its discretion, including during pre-launch or limited availability stages.

11.4 No Other HIPAA Commitments

Except as expressly stated in an executed BAA, H33 makes no HIPAA-specific commitments.

12. Fees; Credits; Taxes; Billing Disputes

12.1 Credits; Consumption

Credits are consumed by use of the Services as described in the Billing & Credits Policy and/or Order Form.

12.2 No Cash Value; Non-Transferable

Credits have no cash value and are non-transferable.

12.3 Non-Refundable

All fees and credit purchases are non-refundable except where required by law or expressly stated in an Order Form.

12.4 Trials

Trials may be revoked at any time and are subject to caps and anti-abuse controls.

12.5 Overages/Throttling

If usage exceeds available Credits, H33 may apply authorized overage charges or throttle/suspend to prevent overage, in H33's discretion.

12.6 Taxes

Fees exclude taxes. Customer is responsible for applicable taxes excluding taxes on H33's net income.

12.7 Billing Disputes/Chargebacks

Billing disputes must be raised within the period stated in the Billing & Credits Policy. Chargebacks are a material breach; H33 may suspend immediately and recover chargeback fees and related costs.

13. Intellectual Property; License; Reservation of Rights

13.1 H33 Technology and H33 IP

As between the parties, H33 and its licensors own and retain all right, title, and interest in and to: (a) the Services (including all APIs, SDKs, software, algorithms, models, cryptographic methods, architectures, workflows, user interfaces, Documentation, and any updates or improvements thereto); (b) any related inventions, discoveries, trade secrets, know-how, and intellectual property rights; and (c) any derivatives of, or improvements to, any of the foregoing (collectively, "H33 Technology"). H33 Technology is protected by intellectual property laws and may be the subject of issued patents and/or pending patent applications.

13.2 Limited License to Customer

Subject to Customer's compliance with the Terms and any Order Form, H33 grants Customer a limited, non-exclusive, non-transferable, non-sublicensable, revocable license during the Term to: (a) access and use the Services solely for Customer's internal business purposes and for End User authentication workflows through the Customer Application; and (b) use the Documentation and SDKs solely as necessary to integrate and operate the Services as permitted under these Terms. All rights not expressly granted are reserved by H33.

13.3 License Restrictions

Customer will not, and will not permit any third party to, directly or indirectly:

• (a) copy, modify, translate, create derivative works of, or otherwise reproduce any portion of the Services, SDKs, or Documentation (except as expressly permitted by H33 in writing);
• (b) reverse engineer, decompile, disassemble, or otherwise attempt to derive source code, underlying ideas, methods, algorithms, models, security parameters, or protocols used by the Services, except to the extent such restriction is prohibited by applicable law;
• (c) access or use the Services to build, benchmark, train, test, or improve any competing product or service, or to develop datasets for biometric identification, except as expressly permitted in writing by H33;
• (d) remove, obscure, or alter any proprietary notices, labels, or trademarks on the Services, SDKs, or Documentation;
• (e) publish, disclose, or make available to any third party any performance benchmarks, penetration test results, security evaluations, or comparative analyses of the Services without H33's prior written consent;
• (f) resell, sublicense, distribute, time-share, or provide the Services to any third party as a service bureau, managed service, or otherwise, except as expressly permitted in an Order Form;
• (g) use the Services in a manner that would cause H33 to grant any license or rights to Customer or a third party by implication, estoppel, or otherwise;
• (h) file or assist any third party in filing any patent or other intellectual property claim that is based on or derived from H33 Confidential Information or H33 Technology.

13.4 Customer Data and Outputs

Customer retains all right, title, and interest in and to Customer Data. Subject to the Terms and (if applicable) the DPA, Customer grants H33 a limited, non-exclusive license to host, process, transmit, and display Customer Data solely to provide, secure, maintain, and improve the Services and to comply with law.

As between the parties, Customer may use any results, attestations, match decisions, logs, or other outputs the Services provide to Customer ("Outputs") for Customer's internal business purposes. H33 retains all rights in and to the Services and H33 Technology used to generate Outputs, and no rights are granted to Customer except as expressly stated in these Terms.

13.5 Service Data; De-Identified and Aggregated Data

H33 may collect and use Usage Data, telemetry, diagnostic data, and operational metrics generated by or from use of the Services ("Service Data") to operate, secure, maintain, and improve the Services, including for fraud prevention, abuse detection, capacity planning, reliability, and product development. To the extent Service Data includes Personal Data, it will be handled in accordance with the DPA/Privacy Policy as applicable. H33 may also create and use de-identified and/or aggregated data derived from Customer's use of the Services, provided such data does not identify Customer or any End User.

13.6 Feedback

If Customer provides suggestions, ideas, enhancement requests, or other feedback regarding the Services ("Feedback"), Customer grants H33 a perpetual, irrevocable, worldwide, royalty-free, fully paid-up, transferable, sublicensable license to use, reproduce, modify, create derivative works from, distribute, and otherwise exploit such Feedback for any purpose, without restriction or obligation.

13.7 Trademarks and Brand Use

"H33," "H33.ai," "H33.ai, Inc.," and related marks are trademarks of H33 or its licensors. Except as expressly permitted in writing, no license is granted to use H33 trademarks. Customer may use H33's name solely to truthfully state that Customer's application integrates with the Services, provided Customer complies with any brand guidelines we publish and does not imply endorsement.

13.8 No Implied License; No Patent Exhaustion

Except for the limited licenses expressly granted in these Terms, no license or other rights are granted, whether by implication, estoppel, exhaustion, or otherwise, under any intellectual property rights of H33 or its licensors (including patent rights). Customer acknowledges that the Services are offered as a hosted service and that Customer does not acquire any ownership interest in H33 Technology.

13.9 IP Enforcement; Equitable Relief

Customer acknowledges that unauthorized use, disclosure, or misuse of H33 Technology may cause irreparable harm for which monetary damages may be inadequate. H33 may seek injunctive or other equitable relief for any breach or threatened breach of this Section, in addition to any other available remedies.

13.10 Open Source Components

The Services and/or SDKs may include open source components subject to their applicable licenses. If there is a conflict between an open source license and these Terms, the open source license controls solely with respect to that component.

14. Confidentiality

14.1 Definition

"Confidential Information" means any non-public information disclosed by one party ("Disclosing Party") to the other party ("Receiving Party"), whether in oral, written, visual, electronic, or other form, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure.

Without limiting the foregoing, H33 Confidential Information includes:

• (a) non-public details of the Services and H33 Technology (including APIs, SDKs, Documentation, underlying architectures, designs, workflows, and methods);
• (b) non-public cryptographic methods, security parameters, configurations, key management approaches, and performance/security characteristics;
• (c) non-public product plans, roadmaps, pricing not publicly posted, and technical documentation;
• (d) vulnerability information, penetration test results, security assessments, SOC reports (if any), security questionnaires and responses, and any non-public security or incident-related communications; and
• (e) any non-public benchmarks or evaluations of the Services (whether performed by Customer or a third party).

Customer Confidential Information includes:

• (i) Customer Data (to the extent it is not publicly available),
• (ii) non-public information about Customer's systems, security controls, and architecture shared with H33, and
• (iii) non-public business, technical, or operational information disclosed by Customer.

14.2 Protection and Use Restrictions

The Receiving Party will: (a) protect the Disclosing Party's Confidential Information using at least reasonable care (and no less than the care it uses to protect its own Confidential Information of similar sensitivity); (b) use the Confidential Information solely to perform its obligations and exercise its rights under the Terms; and (c) not disclose the Confidential Information to any third party except as expressly permitted under Section 14.3.

14.3 Permitted Disclosures

The Receiving Party may disclose Confidential Information to its employees, contractors, Affiliates, professional advisors, and subcontractors who have a need to know for purposes of the Terms, provided that such recipients are bound by confidentiality obligations at least as protective as those in this Section. The Receiving Party is responsible for any breach of this Section by its recipients.

14.4 Exclusions

Confidential Information does not include information that the Receiving Party can demonstrate:

• (a) is or becomes publicly available through no breach of the Terms;
• (b) was lawfully known to the Receiving Party without restriction before receipt from the Disclosing Party;
• (c) is rightfully received from a third party without a duty of confidentiality; or
• (d) is independently developed by the Receiving Party without use of or reference to the Disclosing Party's Confidential Information.

14.5 Compelled Disclosure

If the Receiving Party is required by law, regulation, or valid legal process to disclose Confidential Information, it may do so provided that (to the extent legally permitted) it gives the Disclosing Party prompt notice and reasonably cooperates (at the Disclosing Party's expense) with efforts to seek confidential treatment or limit the scope of disclosure.

14.6 Return or Destruction

Upon written request by the Disclosing Party, the Receiving Party will promptly return or destroy the Disclosing Party's Confidential Information, except that the Receiving Party may retain copies: (a) as required by law, regulation, or bona fide internal compliance requirements; and/or (b) as maintained in routine archival backups, provided such retained information remains subject to this Section and is not accessed except as required for legal compliance.

14.7 Duration

Confidentiality obligations under this Section will continue during the Term and for five (5) years thereafter; provided that trade secrets will be protected for so long as they remain trade secrets under applicable law.

14.8 Equitable Relief

The parties acknowledge that unauthorized use or disclosure of Confidential Information may cause irreparable harm for which monetary damages may be inadequate. The Disclosing Party may seek injunctive or other equitable relief for any breach or threatened breach of this Section, in addition to any other remedies available.

15. Term; Termination; Data Export

15.1 Term

These Terms begin upon acceptance and continue until terminated.

15.2 Termination/Suspension

Either party may terminate as provided in an Order Form. H33 may suspend or terminate for breach, risk, non-payment, chargebacks, legal compliance, or discontinuation. Trials/Beta Services may be terminated at will.

15.3 Effect

Upon termination, licenses end; Customer must cease use; unused Credits are forfeited unless required by law or an Order Form states otherwise.

15.4 Data Export

If Customer requests within 30 days after termination, H33 will make available an export of Customer Data in a standard format, subject to reasonable fees and legal/technical limits.

15.5 Survival

Upon termination or expiration, all rights and obligations that by their nature should survive will survive, including accrued payment obligations, confidentiality, intellectual property/ownership and feedback rights, restrictions and prohibited uses (including "no customer paper"), disclaimers, limitations of liability, indemnification, dispute resolution, governing law, and any data return/deletion or recordkeeping obligations that expressly survive termination.

16. Disclaimers

16.1 As-Is; As-Available

EXCEPT AS EXPRESSLY STATED IN AN ORDER FORM SIGNED BY H33, THE SERVICES (INCLUDING ANY MODULES, BETA SERVICES, DOCUMENTATION, AND OUTPUTS) ARE PROVIDED "AS IS" AND "AS AVAILABLE." H33 DOES NOT GUARANTEE UNINTERRUPTED OR ERROR-FREE OPERATION, OR THAT THE SERVICES WILL MEET CUSTOMER'S REQUIREMENTS.

16.2 Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY LAW, H33 DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, QUIET ENJOYMENT, AND NON-INFRINGEMENT, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING OR USAGE OF TRADE.

16.3 Outputs; Biometric and Identity Limitations; No Compliance Warranty

H33 DOES NOT WARRANT THAT ANY OUTPUTS, RESULTS, OR ATTESTATIONS WILL BE ACCURATE, COMPLETE, OR SUITABLE FOR CUSTOMER'S PURPOSES. BIOMETRIC AND IDENTITY-RELATED METHODS ARE PROBABILISTIC AND MAY PRODUCE FALSE ACCEPTS, FALSE REJECTS, OR OTHER ERRORS. AS STATED IN SECTION 4.2 (NO PROFESSIONAL ADVICE; NOT A SYSTEM OF RECORD), CUSTOMER IS SOLELY RESPONSIBLE FOR (A) CONFIGURING THRESHOLDS, POLICIES, AND REVIEW WORKFLOWS, (B) DETERMINING WHETHER AND HOW TO RELY ON OUTPUTS IN ANY CUSTOMER APPLICATION OR DECISION PROCESS, AND (C) ITS DECISIONS, OPERATIONS, AND COMPLIANCE PROGRAMS. H33 DOES NOT WARRANT THAT USE OF THE SERVICES WILL ACHIEVE COMPLIANCE WITH, OR SATISFY REQUIREMENTS UNDER, HIPAA, GDPR, U.S. STATE PRIVACY LAWS, PCI DSS, SOX, FEDRAMP, OR ANY OTHER LAW, REGULATION, OR FRAMEWORK.

16.4 Cryptography and Security Disclaimer

NO CRYPTOGRAPHIC OR SECURITY SYSTEM IS GUARANTEED TO BE SECURE AGAINST ALL PRESENT OR FUTURE ATTACKS OR ADVANCES (INCLUDING ADVANCES IN CRYPTANALYSIS, IMPLEMENTATION ATTACKS, OR QUANTUM COMPUTING). H33 DOES NOT WARRANT THAT THE SERVICES WILL PREVENT ALL UNAUTHORIZED ACCESS OR COMPROMISE.

16.5 Third-Party Systems; Blockchain; Smart Contracts; Wallets

CERTAIN FEATURES MAY DEPEND ON OR INTERACT WITH THIRD-PARTY SYSTEMS OR NETWORKS (INCLUDING CLOUD PROVIDERS, BLOCKCHAIN NETWORKS, AND THIRD-PARTY IDENTITY/VERIFICATION SERVICES). H33 DOES NOT CONTROL SUCH THIRD-PARTY SYSTEMS AND DISCLAIMS ALL WARRANTIES REGARDING THEIR AVAILABILITY, SECURITY, PERFORMANCE, OR CONTINUED OPERATION. IF CUSTOMER ENABLES TOKEN FEATURES OR BLOCKCHAIN FEATURES, CUSTOMER ACKNOWLEDGES THAT ON-CHAIN ACTIONS MAY BE IRREVERSIBLE AND THAT DELETION, RECTIFICATION, OR MODIFICATION OF ON-CHAIN RECORDS OR SMART CONTRACT STATE MAY NOT BE FEASIBLE. CUSTOMER IS SOLELY RESPONSIBLE FOR WALLET SELECTION, PRIVATE KEY CUSTODY, AND ACCESS CONTROLS, AND H33 DISCLAIMS ALL LIABILITY FOR LOSS OF KEYS, WALLET COMPROMISE, OR TRANSACTIONS OR STATE CHANGES INITIATED USING CUSTOMER CREDENTIALS.

16.6 Jurisdictional Limitations

SOME JURISDICTIONS DO NOT ALLOW CERTAIN DISCLAIMERS; IN THAT CASE, THESE DISCLAIMERS APPLY TO THE MAXIMUM EXTENT PERMITTED BY LAW.

17. Limitation of Liability

17.1 Exclusion

To the maximum extent permitted by law, neither party will be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for any loss of profits or revenue, loss of goodwill, loss of business opportunity, or business interruption, arising out of or relating to these Terms, regardless of the legal theory and whether or not the party was advised of the possibility of such damages. For clarity, damages relating to loss, corruption, compromise, or unavailability of data (including Customer Data) and costs of substitute services are deemed consequential damages under this Section 17.1.

17.2 Cap

To the maximum extent permitted by law, H33's aggregate liability arising out of or relating to these Terms will not exceed the greater of: (a) fees paid or payable by Customer to H33 for the Services in the three (3) months immediately preceding the event giving rise to the claim, or (b) $100 (unless an Order Form states otherwise). This cap applies to all claims in the aggregate, whether in contract, tort (including negligence), strict liability, statute, or otherwise.

17.3 Beta/Trial

For Beta Services and trials, H33's aggregate liability is capped at $100 (or $0 if allowed and stated in the applicable policy).

17.4 Exclusions from Cap

Notwithstanding Section 17.2, nothing limits Customer's obligations to pay fees and charges due under the Terms. Customer's indemnification obligations (if any) are not subject to the limitation in Section 17.2.

17.5 Basis of the Bargain

The parties acknowledge that this Section 17 reflects an agreed allocation of risk and is an essential basis of the bargain.

18. Indemnification

18.1 Customer Indemnity

Customer will defend, indemnify, and hold harmless H33, its Affiliates, and each of their officers, directors, employees, contractors, agents, licensors, and suppliers (collectively, "H33 Indemnitees") from and against any and all third-party claims, demands, actions, investigations, proceedings, and fines or penalties (to the extent permitted by law), and all related losses, liabilities, damages, judgments, settlements, and expenses (including reasonable attorneys' fees and costs) (each, a "Covered Claim") arising out of or relating to:

• (a) Customer's or its Authorized Users' access to or use of the Services;
• (b) the Customer Application, Customer's End User practices, and Customer's relationship with End Users (including notices, consents, disclosures, and dispute handling);
• (c) Customer Data, including any allegation that Customer failed to provide adequate notice, obtain required consent/release, or comply with retention/deletion obligations for Biometric Data;
• (d) Customer's violation of law, rule, or regulation (including privacy, biometric, consumer protection, anti-discrimination, and employment laws, as applicable);
• (e) export control or sanctions violations, including use by prohibited persons or in prohibited jurisdictions; and
• (f) Customer's submission, processing, or transmission of PHI through the Services without an executed BAA, or Customer's failure to comply with an executed BAA to the extent the Covered Claim results from Customer's acts or omissions.

18.2 Indemnification Procedure

H33 will provide Customer prompt written notice of any Covered Claim for which H33 seeks indemnification; however, failure to provide prompt notice will not relieve Customer of its obligations except to the extent Customer is materially prejudiced by the delay. Customer will have control of the defense and settlement of the Covered Claim using counsel reasonably acceptable to H33; provided that (i) H33 may participate with counsel of its choosing at its own expense, and (ii) Customer may not settle any Covered Claim in a manner that admits fault by, imposes any obligation on, or restricts any rights of any H33 Indemnitee without H33's prior written consent (not to be unreasonably withheld). Customer will provide reasonable cooperation in the defense, including providing relevant information and assistance. If Customer fails to timely assume the defense, or if a conflict of interest exists that would make joint representation inappropriate (as reasonably determined by H33), H33 may assume control of the defense with counsel of its choosing, and Customer will remain responsible for all Covered Claim costs and expenses (including reasonable attorneys' fees).

18.3 Clarifications; Allocation

A Covered Claim includes claims brought by End Users, customers, counterparties, and government or regulatory authorities. Customer's obligations apply to the extent a Covered Claim arises from the matters in Section 18.1, even if a Covered Claim also alleges negligence or other fault by an H33 Indemnitee, except to the extent a court of competent jurisdiction finally determines that the Covered Claim was caused by H33's gross negligence or willful misconduct.

19. U.S. Government Customers

The Services and Documentation are commercial and provided as "Commercial Computer Software" and "Commercial Computer Software Documentation." Any use, reproduction, release, performance, display, or disclosure by the U.S. Government is governed solely by these Terms and the applicable Order Form, and, as applicable, by FAR 12.212 and DFARS 227.7202 (and their successors). If a Government agency requires additional rights, such rights must be expressly granted in a written Order Form signed by H33.

20. Dispute Resolution; Arbitration; Class Action Waiver

20.1 Informal Resolution

Before filing a claim, a party will provide written notice and allow a 60-day period to attempt resolution.

20.2 Arbitration (AAA Commercial)

Except for Excluded Claims, disputes will be resolved by binding arbitration administered by the AAA under its Commercial Arbitration Rules, seated in Hillsborough County, Florida (or remote if agreed).

20.3 Class Action Waiver

Each party waives any right to bring or participate in a class, collective, or representative action.

20.4 Excluded Claims

Either party may seek injunctive or equitable relief in court for IP infringement, breach of confidentiality, misuse of credentials, or security threats.

21. Governing Law; Venue

Florida law governs. For claims permitted in court, exclusive venue is state/federal courts in Hillsborough County, Florida.

22. No Additional Customer Terms; Procurement Terms Rejected

H33 does not accept Customer supplier terms, security addenda, DPAs/BAAs, purchase order terms, or portal terms ("Customer Terms") unless H33 expressly signs a written agreement referencing them. Purchase orders are administrative only; PO terms are rejected and void. Customer Terms have no effect unless incorporated under Section 2.

23. Notices

23.1 To Customer

H33 may provide notices to Customer by email to the address associated with Customer's account, through the Services (including dashboard notifications), or by posting on H33's website. Notices are deemed received when sent (for email), when displayed (for in-product notices), or when posted (for website notices).

23.2 To H33

Customer must send notices to H33 at the address or email listed in the Contact Information section of the Terms (or as otherwise specified by H33 in writing). Notices are deemed received upon actual receipt by H33.

24. General

24.1 Entire Agreement

These Terms, together with the Order Form (if any), the Security Exhibit, the U.S. State Privacy Addendum, and any other addenda or exhibits expressly incorporated by reference (and, if applicable, an executed BAA and/or executed DPA), constitute the entire agreement between the parties regarding the Services and supersede all prior and contemporaneous understandings, agreements, negotiations, representations, and warranties, whether written or oral, regarding the Services.

24.2 No Additional Terms; No Customer Paper; Silence Not Acceptance

Except as expressly agreed in an Order Form signed by H33, H33 will not be bound by, and expressly rejects, any Customer-provided terms, policies, standards, addenda, flow-downs, purchase order terms, online portal terms, vendor management terms, security questionnaires, or similar documents, whether presented as mandatory or incorporated by reference ("Customer Paper"). H33's provision of the Services, acceptance of payment, or failure to object does not constitute acceptance of Customer Paper. Customer Paper is void and of no effect, and any conflicting or additional terms are rejected. Notwithstanding the foregoing, H33 will comply with mandatory legal requirements and any expressly executed BAA or DPA to the extent applicable. The only data protection and security terms applicable to the Services are those set forth in the Terms, the Security Exhibit, the U.S. State Privacy Addendum, and (if applicable) any executed BAA and/or executed DPA, and any applicable module addenda (including the On-Prem / Enterprise Addendum, Token Addendum, Blockchain Addendum, and KYC/AML Addendum) solely to the extent the corresponding Optional Module is activated.

24.3 Order of Precedence

The order of precedence in Section 2.2 governs any conflict among the Contract Documents.

24.4 Severability

If any provision of these Terms is held to be invalid, illegal, or unenforceable, the remaining provisions will remain in full force and effect. The invalid, illegal, or unenforceable provision will be modified to the minimum extent necessary to make it valid, legal, and enforceable while preserving the parties' original intent as closely as possible.

24.5 Waiver

No failure or delay by either party in exercising any right, power, or remedy under these Terms will operate as a waiver of that right, power, or remedy. Any waiver must be in writing and signed by the waiving party. A waiver of any breach is not a waiver of any other breach.

24.6 Assignment

Customer may not assign or transfer these Terms, in whole or in part, without H33's prior written consent. Any attempted assignment in violation of this Section is null and void. H33 may assign these Terms without restriction, including to an Affiliate or in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Subject to the foregoing, these Terms bind and inure to the benefit of the parties and their respective successors and permitted assigns.

24.7 Force Majeure

Neither party will be liable for any failure or delay in performance (other than payment obligations) to the extent caused by events beyond that party's reasonable control, including acts of God, natural disasters, pandemics, war, terrorism, civil unrest, labor disputes, internet/service provider failures, power failures, or governmental actions. The affected party will use commercially reasonable efforts to mitigate the impact and resume performance.

24.8 Relationship of the Parties

The parties are independent contractors. Nothing in these Terms creates any partnership, joint venture, agency, fiduciary, or employment relationship between the parties. Neither party has authority to bind the other except as expressly provided in these Terms.

24.9 Third-Party Beneficiaries

H33's Affiliates, and H33's and its Affiliates' officers, directors, employees, agents, licensors, and suppliers are intended third-party beneficiaries of the limitation of liability, damages disclaimer, indemnification, confidentiality, and no additional terms provisions, and may enforce those provisions directly.

24.10 Electronic Communications; Electronic Signatures

Customer consents to receiving communications electronically and agrees that such communications satisfy any legal requirement that communications be in writing. Customer also agrees that these Terms and any associated documents may be executed electronically, and that electronic signatures have the same legal effect as original signatures.

24.11 Compliance With Laws; Anti-Corruption

Customer will comply with all applicable laws and regulations in connection with its use of the Services, including privacy, biometric, export control, sanctions, and anti-corruption laws. Customer represents that it has not received and will not offer, promise, give, or authorize any bribe or improper payment in connection with these Terms.

24.12 Performance Through Affiliates; Subcontractors

H33 may perform its obligations under these Terms through its Affiliates and subcontractors. H33 remains responsible for performance of its obligations subject to the Terms, including the limitations of liability.

24.13 No Reliance

Each party acknowledges that it is entering into these Terms based on the terms and conditions set forth herein and not in reliance on any statement, representation, warranty, or promise not expressly stated in these Terms.

24.14 Headings; Interpretation

Section headings are for convenience only and will not affect interpretation. The words "including," "include," and "includes" are deemed to be followed by "without limitation." These Terms will not be construed against a party as the drafter.

24.15 Survival

Any provisions that by their nature should survive termination will survive, including (as applicable) Intellectual Property, Confidentiality, Disclaimers, Limitations of Liability, Indemnification, Dispute Resolution, Payment obligations, and Sections 24.2 (No Additional Terms) and 24.9 (Third-Party Beneficiaries).

24.16 Accessibility Notice; No Warranty

H33 may publish an Accessibility Notice describing accessibility practices for the Sites and Services. The Accessibility Notice is informational only and does not create any warranty, representation, or service level commitment. H33 does not guarantee that the Sites or Services will be accessible or usable for every user, in every environment, or with every assistive technology. To the extent required by applicable law, H33 will make commercially reasonable efforts to provide access and address reported accessibility issues within a reasonable time.