Cytely Essentials Terms of Service

1. SCOPE AND PURPOSE

1.1 Cytely AB (Cytely) is the provider of the Cytely Essentials smart microscopy solution for researchers (Service). These terms of service govern the use of the Service and constitute a binding agreement (Agreement) between Cytely and you or the company you represent (Customer). Cytely and Customer together are referred to as Parties and separately as a Party.

1.2 By accepting this Agreement, you as the Customer or on behalf of the Customer agree to enter into this Agreement and to be bound by its terms. You represent and warrant that you have the full legal authority to enter into this Agreement on behalf of the Customer. If you do not agree to the terms of this Agreement, or if you are not eligible or authorised to enter into this Agreement on behalf of the Customer, you may not access or use the Service.

2. GRANT OF RIGHTS

2.1 Subject to due payment of all applicable fees as well as compliance with the terms of this Agreement, Cytely grants the Customer a limited, non-exclusive, non-transferable and non-sublicensable right to use the Service for in the form offered by Cytely from time to time for the Customer's internal use and for the term of this Agreement.

2.2 The Customer grants Cytely a limited, non-exclusive, non-transferable, non-sublicensable and worldwide right to use the content it may create, upload and otherwise process in the Service (Customer Content) for the purpose of providing the Service.

3. OBLIGATIONS OF THE CUSTOMER

3.1 The Customer is responsible for all equipment, connections, and software necessary to use the Service, as well as for all sources of Customer Content and the use of any integrations or interfaces offered by Cytely to import or process Customer Content in the Service.

3.2 The Customer is responsible for all activities of its users in the Service, and for the legality, reliability, integrity, accuracy, and quality of Customer Content.

3.3 The Customer shall use reasonable efforts to prevent any unauthorised access to, or use of, the Service. All user credentials are personal and shall be kept confidential. In the event of any suspected or discovered unauthorised access or use of the Service or the unauthorised disclosure of any user credentials, the Customer shall promptly notify Cytely.

3.4 The Customer is responsible for its own compliance with any applicable laws that may relate to the use of the Service, including related to Customer Content.

4. RESTRICTIONS OF USE

4.1 The Customer may only use the Service in accordance with this Agreement. Unless separately explicitly agreed to with Cytely, the Customer shall not:

4.2 The Customer acknowledges that the Service is not intended for the processing of personal data, including any patient data. Cytely processes personal data of the Customer's users, and such processing is covered by Appendix I to this Agreement.

5. PROVISION OF THE SERVICE

5.1 Cytely shall make reasonable efforts to keep the Service operational at all times and provides the Service on an 'as is' basis and with the functionalities available from time to time without any warranty of any kind, either expressed or implied, including but not limited to the warranties of availability, non-infringement, or fitness for a particular purpose. Cytely shall not be responsible for any errors, interruptions, or disturbances of the Service.

5.2 Cytely shall have the right to develop, modify, or suspend the Service. Cytely shall inform the Customer in advance of any modification or suspension that materially impacts the Customer's use of the service, if reasonably possible.

5.3 Cytely shall have the right to temporarily interrupt or suspend or permanently discontinue the service in case of a suspected or discovered emergency, failure, security breach, or similar event. Cytely undertakes to notify the Customer without undue delay in such an event.

5.4 Cytely shall have the right to deny access by the Customer or any of its users to the Service without prior notice if Cytely reasonably suspects or discovers that the Customer has breached this Agreement or uses the Service in a manner which jeopardizes the Service.

5.5 Cytely shall have the right to analyze the use of the Service and Customer Content and use the results to improve the Service and for diagnostic and corrective purposes and for marketing, subject to the Confidentiality obligations of this Agreement or provided that the Customer or its users are identified.

6. FEES

6.1 Cytely charges fees for the use of the Service in accordance with its price list as updated from time to time.

6.2 Cytely shall notify the Customer at least thirty (30) calendar days before any changes to the fees. If the Customer does not accept the change, the Customer shall have the right to terminate this Agreement on the effective date of the change. The change shall not affect the fees for invoicing periods that have commenced before the effective date of the change.

6.3 The fees are exclusive of any value added tax and any other applicable government charges, which shall be added to the fees.

6.4 All fees and payments made to Cytely under this Agreement are non-refundable.

6.5 Unless otherwise specified in the invoice, the term of payment is twenty-one (21) calendar days net from the invoice date. If a payment is delayed, the Customer shall pay interest for late payment in accordance with the Swedish Interest Act.

7. INTELLECTUAL PROPERTY RIGHTS

7.1 All right, title, and any intellectual property rights to and relating to the Service, as well as any related documentation and any copies, modifications, translations, and amendments, and derivatives thereof belong to Cytely or its licensors.

7.2 Intellectual property rights shall be understood in the broadest sense, including but not limited to any copyright, patent, trademark, design right, database protection right, and any other form of statutory protection of any kind (whether registered or unregistered) and applications for any of the foregoing as well as any know-how, inventions, and trade secrets in or related to the Service.

7.3 Except as expressly stated in this Agreement, the Customer is not granted any intellectual property rights or licenses, and all rights not expressly granted are reserved by Cytely.

7.4 Cytely shall defend and hold the Customer harmless against any claim that the Service infringes the intellectual property rights of a third party, provided that Cytely is notified promptly in writing of the claim and given sole control of the defence and all related settlement negotiations in relation to the claim as well reasonable assistance and necessary authorisations from the Customer to defend or settle the claims on behalf of the Customer.

7.5 If Cytely reasonably determines that any part of the Service infringes the intellectual property rights of a third party, Cytely has the right at its own choice and expense to (i) modify/replace the Service to eliminate the infringement, or (ii) procure to the Customer a right to use the Service. If none of these alternatives are reasonably possible, Cytely shall have the right to terminate this Agreement.

7.6 Cytely shall not be liable for any infringement or claim thereof in the event the claim (i) is made by any affiliates of the Customer; (ii) has resulted from the Customer's use or modification of, or addition to the Service; or (iii) is in any way related to Customer Content.

7.7 This Section 7 contains Cytely's entire liability and the Customer's sole remedy in case of any intellectual property rights infringements.

8. CONFIDENTIALITY

8.1 Both Parties agree not to disclose any information received by one Party from the other marked as confidential or which is to be understood as confidential, including but not limited to information regarding the Service, business activities, products, technologies, know-how, objectives or plans of the Parties (Confidential Information) and agree to use Confidential Information only in accordance with the terms of this Agreement.

8.2 The obligation of confidentiality does not apply to information which verifiably:

8.3 The Parties shall apply appropriate security measures to protect Confidential Information and treat Confidential Information at least with the same level of care as their own Confidential Information.

8.4 The rights and obligations defined in this Section 8 shall survive termination of this Agreement and remain in force for a period of five (5) years from the termination of this Agreement.

9. TERM AND TERMINATION

9.1 This Agreement shall enter into force when accepted by the Customer and remain in force for a period of one (1) year, after which the Agreement shall renew for subsequent one-year terms unless terminated by either Party at least thirty (30) calendar days before the end of each term.

9.2 Each Party may terminate this Agreement with immediate effect by written notice if the other Party: (i) is dissolved or liquidated, is declared bankrupt or otherwise becomes the subject to other insolvency proceedings; or (ii) materially breaches this Agreement and (if such breach is curable) fails to cure such breach within fourteen (14) calendar days of being notified in writing to do so. Cytely shall also have the right to terminate the agreement with immediate effect in case of permanent discontinuation of the Service subject to Clause 5.5 of this Agreement.

10. LIMITATION OF LIABILITY

10.1 Neither Party shall be liable for any indirect or consequential damages, including but not limited to loss of data, loss of business, or loss of goodwill.

10.2 The total aggregate liability of a Party in connection with this Agreement or the use of the Service shall be limited to the payments made by the Customer to Cytely during a period of twelve (12) months immediately preceding the claim for damages.

10.3 The exclusions and limitations of liability agreed to in this Section 11 shall not apply to any damages resulting from gross negligence or willful misconduct, or in the case of breach of Section 4 (Restrictions of Use) or Section 9 (Confidentiality) of this Agreement.

11. APPLICABLE LAW AND DISPUTE RESOLUTION

11.1 This Agreement shall be governed by and interpreted in accordance with the laws of Sweden, excluding any provisions on choice of law.

11.2 In case of any disputes regarding these Terms or the Service, Cytely and the Customer seek to resolve such disputes in amicable negotiations. If the negotiations do not lead to settlement within one (1) month of the date the dispute first arose, any dispute, controversy, or claim arising out of or in connection with these Terms, or the breach, termination or invalidity thereof, shall be finally settled by arbitration in accordance with the Arbitration Rules of the SCC Arbitration Institute. The seat of arbitration shall be Stockholm, Sweden. The language to be used in the arbitral proceedings shall be English.

12. OTHER PROVISIONS

12.1 Subcontractors

12.1.1 Cytely shall have the right to use subcontractors for the provision of the Service. Cytely shall be liable for the subcontractors' work as for its own.

12.2 Force Majeure

12.2.1 Neither Party is responsible for delays or damage caused by an impediment beyond the Party's control or influence, which the Party could not have reasonably taken into account at the time of conclusion of this Agreement and whose consequences the Party could not reasonably have avoided or overcome. Strike, lock-out, boycott and other industrial action will constitute a force majeure event also when the Party concerned is involved in or is the target of such event. Such an event affecting a subcontractor shall also constitute a force majeure event.

12.2.2 Each Party shall notify the other Party in writing immediately of a force majeure event as well as the termination of such event.

12.3 Amendments

12.3.1 Cytely shall have the right to amend its terms of service and this Agreement by notifying the Customer of any such changes at least thirty (30) calendar days in advance. If the Customer does not accept the change, the Customer shall have the right to terminate this Agreement on the effective date of the change.

APPENDIX 1: DATA PROCESSING AGREEMENT

This Data Processing Agreement (DPA) is a part of the Agreement between Cytely and the Customer and applies to the processing of personal data carried out by Cytely when providing the Service. Where applicable and when this DPA does not explicitly state otherwise, the terms of the Agreement, such as governing law and dispute resolution, shall apply to this DPA. If the Agreement contains provisions that are in conflict with this DPA, the terms of this DPA shall prevail.

The subject-matter, categories, and types of data as well as other details of the processing are specified in Schedule 1 of this DPA (Description of the Processing).

1. PROCESSING OF PERSONAL DATA

1.2 Cytely shall only process personal data in accordance with this DPA and documented instructions from the Customer, unless required to do so by applicable law. In such a case, Cytely shall inform the Customer of such requirement unless prevented to do so by law.

1.3 In case Cytely deems instructions given by the Customer to contravene with applicable law, Cytely shall inform the Customer and not be obliged to comply with such instructions.

1.4 Cytely shall at the end of the provision of the Service delete all personal data processed under this DPA, unless required to store such data by applicable law.

2. SECURITY OF THE PROCESSING

2.1 Cytely shall implement and maintain appropriate technical and organisational security measures to protect personal data against unauthorized or unlawful processing or access and against accidental loss, destruction of personal data, taking into account the costs of implementation as well as the nature, scope, context and purposes of processing of personal data carried out by Cytely hereunder as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.

2.2 The measures shall include, where appropriate and relevant for each processing action: (i) the pseudonymization and encryption of personal data; (ii) the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services; (iii) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; (iv) a process for regularly testing, assessing, and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

2.3 Cytely shall ensure that the persons taking part in the processing of personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

3. ASSISTANCE OBLIGATIONS

3.1 Taking into account the nature of the processing, Cytely shall assist the Customer in fulfilling its obligations regarding the exercise of data subjects' rights under Chapter III of the GDPR with appropriate technical and organisational measures, as well as assist the Customer in fulfilling its obligations under Articles 32 to 36 of the GDPR (including data protection impact assessments and data breach notifications).

3.2 Cytely shall have the right to charge an hourly fee from the Customer for any Customer-specific work when handling such assistance requests, subject to the Customer's prior approval.

4. INTERNATIONAL TRANSFERS

4.1 Cytely operates within the European Economic Area (EEA), but some of our service providers operate globally and may process personal data outside the EEA. In such cases, Cytely shall ensure the transfers comply with Chapter V of the GDPR by using a valid transfer mechanism, such as the standard contractual clauses adopted by the European Commission and, if necessary, implementing additional safeguards.

5. AUDITS

5.1 Cytely shall make available to the Customer all information necessary to demonstrate compliance with Article 28 of the GDPR. The Customer or an auditor appointed by the Customer shall have the right to audit the processing activities of Cytely under this DPA in order to assess the compliance of Cytely with its contractual obligations under this DPA and applicable data protection laws with thirty (30) calendar days prior written notice.

5.2 If employees or other representatives of Cytely participate in audits at the request of the Customer, the Customer shall compensate Cytely for any expenses caused by such participation. Otherwise, each Party shall bear its own costs for any audit. Where an audit may lead to the disclosure of business or trade secrets of Cytely or threaten the intellectual property rights of Cytely, the Customer shall employ an independent auditor to carry out the audit, and the auditor shall agree to be bound by confidentiality to the benefit of Cytely.

6. SUBPROCESSORS

6.1 The Customer gives Cytely its general authorisation to engage subcontractors as subprocessors to process personal data in connection with the provision of the Service. Cytely shall be responsible that the subprocessor is bound to at least substantively similar data protection obligations as set out in this DPA.

6.2 Cytely shall inform the Customer of any changes to the subprocessors and allow the Customer to object to such change for purposes related to data protection or security. If Cytely chooses to engage the subprocessor regardless of the Customer's objection, the Customer shall have the right to terminate the Agreement effective on the date of the change.

SCHEDULE 1 DESCRIPTION OF THE PROCESSING

1. SUBJECT-MATTER, NATURE AND PURPOSE OF THE PROCESSING

Personal data is processed for the purposes of user management and access control related to the Service, as well as ensuring the security and functionality of the Service.

2. CATEGORIES AND TYPES OF PERSONAL DATA

3. DURATION OF THE PROCESSING

Personal data is processed for as long as the data subject has a valid user account to the Service and for a maximum period of one year afterwards.

4. SUBPROCESSORS