This Service Agreement (the "Agreement") is entered into between:

(1) Extrafon GmbH, a company incorporated under the laws of Switzerland, with registered office at Kluggasse 10, CH-8640 Rapperswil SG, Switzerland (the "Company" or "Extrafon"); and

(2) the person or entity that subscribes to, orders, pays for or uses the Service (the "Customer", also referred to as the "User").

The Company and the Customer are each a "Party" and together the "Parties". This Agreement takes effect on the date of the Company's acceptance of the Customer's Order Form, or the date the Customer first uses the Service, whichever is earlier (the "Effective Date").

1.1  In this Agreement, capitalised terms have the meaning given where first defined. In addition: "Service" means the IoT, M2M and/or Mobile Data connectivity services (prepaid and/or postpaid) and any related platform, portal, API, SIM cards and value-added features provided or resold by the Company; "SIM" means any physical SIM, removable or embedded SIM (including eSIM/eUICC) profile supplied to enable access to the Service, and also includes any eSIM and operator user profile (including the IMSI) as may be relevant; "Network" means any third-party mobile or roaming network over which the Service is carried; "Operator" means any underlying mobile network operator or upstream supplier whose capacity the Company resells; "Order Form" means any order, application, quotation, price list or specific terms accepted by the Parties; "Charges" means all fees payable for the Service; "End User" means any customer, user or third party to whom the Customer supplies, resells or sub-licenses the Service or any solution incorporating it; "Online Terms" means the version of this Agreement and related policies published by the Company online.

1.2  Headings are for convenience only. References to "including" mean "including without limitation". The Schedules and any Order Form form part of this Agreement. In case of conflict, an Order Form prevails over these terms only where it expressly states so; otherwise these terms prevail and any ambiguity is resolved in the manner most favourable to the Company.

2.1  The Company provides the Service on a non-exclusive basis, either for the Customer's own use or for resale to End Users as expressly permitted under this Agreement and any applicable Order Form. The Service is a telecommunications connectivity service only; it does not include the Customer's machines, devices, objects, applications or solutions, which remain the Customer's sole responsibility.

2.2  Prepaid by default. Unless otherwise agreed in an Order Form, the Service is provided on a prepaid basis, either payment in advance for a pre-defined service or per usage charging against pre-funded credit. The Service may also be offered on a postpaid basis, usage invoiced in arrears, where agreed. A deposit for postpaid-based services may be required. The Company may add, vary, re-price, or withdraw service options, bundles, tariffs, destinations and features at any time in accordance with Clause 3.

2.3  The Company relies on Networks and Operators it does not own or control. The Customer acknowledges that the Service is provided on a resold and best-available basis and that coverage, availability and performance depend on those third parties without any guarantee or warranty whatsoever.

2.4  Reseller status. The Service is provided by third-party Operators and Networks. Extrafon acts merely as a reseller and not as the underlying network operator, and provides the Service subject to the terms, conditions, policies and limitations of the actual service providers, which prevail in respect of the underlying connectivity. Extrafon's obligations and liability are those of a reseller only and can be no greater than the rights and remedies that Extrafon itself receives from the relevant Operator.

2.5  Relationship to the Platform Agreement. The Company's Assets Management Platform, eCommerce and APIs are provided under the separate Extrafon Platform Agreement and not under this Agreement. Where the Customer uses both, each agreement governs its own subject matter, the General Terms are common to both, and in case of conflict the agreement specific to the matter in question prevails for that matter. Like this Agreement, the Platform Agreement may be amended from time to time and its current binding version is the one published online; the Customer is responsible for reviewing it periodically and, by using the Platform, is bound by the then-current version (see Clause 3).

3.1  The binding terms governing the Service are those published by the Company online from time to time. The Company may change, withdraw, suspend, replace or introduce terms, policies, tariffs, price plans, fair-use rules and services at its sole discretion and at any time, and will make the current version available online.

3.2  Customer's duty to check. The Customer is responsible for informing itself, from time to time, of the then-current Online Terms. It is the Customer's obligation to review the Online Terms periodically. Publication of the revised terms online (or notice by email, invoice or the portal) constitutes valid notice of the change, including but not limited to service conditions, service coverage (including networks and operators) and pricing. The Company will use its best reasonable efforts to notify the Customer in advance of any such forthcoming change.

3.3  Acceptance by use. The Customer's continued use of, or continued payment for, the Service after any change constitutes acceptance of, and binds the Customer to, the then-current Online Terms. If the Customer does not accept a change, its sole remedy is to stop using the Service and terminate in accordance with Clause 23, subject to its accrued obligations.

3.4  The Company may treat any electronic confirmation, portal action, email, or continued use as the Customer's binding acceptance. Where required, the Company may also require signature of an Order Form; a scanned or electronic signature has the same effect as an original.

4.1  Indefinite term, no minimum. Unless otherwise agreed in writing, this Agreement takes effect on the Effective Date and continues for an indefinite term with no minimum contract duration. The Service is provided on a prepaid basis unless otherwise agreed in writing.

4.2  Termination at any time. Either Party may terminate this Agreement, or any Service, at any time and for any reason on written notice, without compensation, penalty or early-termination charge. Each Party's right to terminate immediately for good cause, and the Company's rights of suspension and termination elsewhere in this Agreement, are unaffected. On termination, any unused prepaid pay-as-you-go account credit is refunded in accordance with Clause 10, subject to any fixed prepaid commitments below.

4.3  Fixed prepaid period or usage. Where the Customer prepays for a Service for a pre-defined period (for example a time-limited bundle) or a pre-defined usage or data volume (for example a data package), that defined period or usage is a fixed prepaid commitment: the Service applies for, and is consumed over, that period or volume; the amount paid is non-refundable (see Clauses 5 and 10); and any termination by the Customer takes effect at the end of the prepaid period or on exhaustion of the prepaid usage. The right of either Party to terminate immediately for good cause or breach is unaffected.

4.4  Minimum term per Order Form. Where an Order Form specifies a minimum term, committed volume or early-termination charge for any SIMs (for example to match the Company's commitments to an underlying Operator), those terms apply to those SIMs and prevail over the at-will default in this Clause 4 for them. On early termination of such SIMs, the Customer pays the recurring Charges for the remainder of the applicable minimum term plus any charge the underlying Operator passes through to the Company.

5.1  SIMs and eSIMs are supplied only to enable access to the Service. All SIMs and eSIM profiles, and all associated identifiers and numbers (including the IMSI, MSISDN and ICCID) and credentials, remain at all times the exclusive property of the Company (or the relevant Operator); they never pass or transfer to the Customer and cannot be transferred to or by the Customer. The Customer obtains a limited, non-exclusive, non-transferable right to use them with the Service only, and must return or deactivate them on termination. IMSI & MSISDN cannot be ported or transferred to any other operator, network or service provider.

5.2  Right of use only; non-refundable. Any charge that the Customer may pay for a SIM or eSIM and/or for its activation is a charge for the right to use it within the Service only, and is not a sale or transfer of the SIM, eSIM, profile, number or identifier. Such charges are normally a one-time charge and are non-refundable in all circumstances, regardless of the reason, including any later suspension, disconnection, deactivation or termination of the Service.

5.3  The Company gives no warranty as to the lifespan, durability, fitness or continued availability of any SIM, eSIM or profile. Those may be re-provisioned, re-profiled, steered, suspended or deactivated as set out in this Agreement.

5.4  The Customer must not transfer, resell, clone, tamper with, reverse-engineer or modify any SIM or profile, nor use it in any device or manner not permitted under Clauses 7 and 8. The Customer is liable for all use of, and all Charges arising from, every SIM in its account, whether or not authorised by the Customer.

5.5  Device & Service compatibility. The Customer is solely responsible for ensuring that any device used with the Service (including for any eSIM/eUICC profile) is technically compatible, network-unlocked and correctly configured. Compatibility lists are indicative and not exhaustive. The Customer is solely responsible for ensuring that the Service ordered from the Company is compatible with the Customer's needs prior to ordering any services from the Company. The Company is not liable, and no refund or credit is due, where the Service cannot be used because of an incompatible, locked or misconfigured device, or because of incorrect information provided by the Customer.

5.6  Activation, validity and expiry. Where the Service, a SIM or a data package must be activated or installed within a stated period, it is the Customer's responsibility to do so and to follow the applicable activation guidelines. SIMs/eSIMs, profiles and data packages have validity and expiry periods and may be recycled. An unactivated, expired or already-installed/used profile or package may become unusable, is non-refundable and cannot be reactivated, in which case a new purchase is required.

5.7  Equipment and software. Unless agreed otherwise in writing, the Customer must obtain and maintain, at its own cost, any equipment, devices and software needed to use the Service, and is responsible for their correct, safe, certified and authorised use. The Company is not responsible for any loss or damage caused by or resulting from such equipment or software. Equipment sold by the Company carries the manufacturer's warranty only, which is the Customer's sole remedy; any equipment or software leased or otherwise provided by the Company remains the Company's property and must not be copied, modified or transferred without the Company's prior written consent.

6.1  No guarantee. The Service is provided on an "as is" and "as available" basis. The Company does not warrant or guarantee that the Service, Network or any transmission will be continuous, uninterrupted, error-free, secure, timely, accurate, virus-free or available in any particular location or at any particular speed or quality. No service level is guaranteed unless expressly agreed in a signed service-level schedule.

6.2  Mobile and data communications depend on radio signals and third-party Networks and may be affected by coverage limits, capacity, congestion, maintenance, upgrades, equipment failure, the Customer's devices, weather, terrain, buildings, regulatory action and other factors outside the Company's control. The Customer acknowledges that 100% availability can never be guaranteed.

6.3  No liability for outages/disconnection. The Company, its affiliates and the Operators shall have no liability whatsoever for any interruption, degradation, delay, failure, outage, suspension, disconnection, deactivation or loss of the Service, however caused, including where caused by the Company's own maintenance, network changes, steering, or commercial or technical decisions. The Customer's exclusive remedies are those expressly stated in this Agreement.

6.4  No critical use. The Customer must not rely on the Service for any critical, life-safety, emergency or mission-critical application, and assumes full responsibility and risk of loss from any such use. The Customer must maintain its own contingency, redundancy and backup arrangements. The Company is not liable for any consequence of the Customer's failure to do so.

6.5  If the Service fails, the Customer's decision to use an alternative provider is at its own cost and risk, and does not create any liability for the Company. Nothing limits the Customer's duty to mitigate.

6.6  Advance-paid service. Where the Customer has paid in advance for the Service for a defined period, the Company will use its commercially reasonable efforts to provide the full Service for that period. This is an obligation of means and not of result, and remains subject to the no-guarantee, force-majeure and limitation-of-liability provisions of this Agreement.

6.7  Reliance on suppliers (self-supply). As a reseller, the Company's performance obligations are subject to the correct and timely supply of the underlying services, capacity and products by its Operators and suppliers. Where the Company has placed a matching order with its supplier and any failure, delay, withdrawal or restriction of supply is not attributable to the Company's fault, the Company is released from the affected obligations for the duration of the disruption, is not liable for the resulting unavailability, and may suspend, vary or terminate the affected Service.

6.8  Supplier changes; waiver and proportional pass-through. If any Operator or upstream supplier changes, withdraws or imposes any fundamental term, condition, price, restriction or technical requirement affecting the underlying service, and as a result the Company must modify, restrict, suspend or terminate the Service (in whole or in part) to the Customer, the Company shall not be considered in any way in breach of any of its obligations under this Agreement, and the Customer waives in advance any right to any compensation, damages or refund whatsoever in respect of such modification, restriction, suspension or termination; amounts already accrued remain payable. If, however, the Company actually receives a refund or compensation from the Operator or supplier that is specifically attributable to such change, the Company will pass on to the Customer a proportionate share of the net amount actually received and fairly attributable to the Customer, as the Company reasonably determines, after deducting any amounts the Customer owes to the Company.

6.9  No emergency services. The Service does not support, and must not be relied on for, emergency calls or connections to any emergency or public-safety service. The Customer must clearly inform its End Users of this limitation.

7.1  The Company may apply, change or remove network steering and SIM profiles to optimise routing, cost or coverage. The Customer must not interfere with steering or profiles and must make any device-side adaptations needed for proper functioning. The Company is not responsible for quality impacts where the Customer fails to comply.

7.2  Permanent roaming. The Customer acknowledges that "permanent roaming" is restricted, regulated or prohibited in many countries and is not guaranteed; Operators may throttle, surcharge, deactivate or block SIMs that roam permanently or that breach country-specific rules. The Company may pass through any resulting restriction, charge or penalty to the Customer.

7.3  Operator pass-through. The Service is subject to the terms, acceptable-use rules, technical limits and restrictions of each underlying Operator and Network. The Customer (and its End Users) must comply with all such conditions. The Customer indemnifies the Company in full for any charge, fine, penalty, suspension or claim imposed by any Operator, Network or authority arising from the Customer's or any End User's use of the Service.

8.1  The Customer must use the Service lawfully and only for the purposes permitted in the Order Form. Unless otherwise agreed, the Service is for data communications between machines, devices or objects and servers (M2M/IoT) and permitted Mobile Data use, and must not be used in GSM gateway, SIM-box, SIM-bank or similar devices, nor for voice/SMS arbitrage, bulk unsolicited messaging, or traffic aggregation.

8.2  The Customer must not use the Service in any way that is fraudulent, abusive, illegal, defamatory, infringing, harmful, or that causes excessive, abnormal or disproportionate Network load or congestion. The Company's fair-use policy applies; the Company may throttle, restrict, suspend or re-rate usage that exceeds normal and reasonable use, in its sole discretion and without notice.

8.3  Breach of this Clause is a material breach entitling the Company to suspend or terminate immediately under Clause 23 and to charge the Customer for all resulting usage, costs and penalties.

8.4  Permitted use by SIM type. The permitted use of each SIM depends on its type and the underlying Operator, as identified in the Order Form. For SIMs designated for machine-to-machine / IoT use, the Customer and its End Users must use the Service solely for M2M/IoT and permitted data communications, and must not use it as a general or 'open' telecommunications service, including for voice, VoIP, fax, circuit-switched data over a voice channel, or messaging to arbitrary numbers. For SIMs designated for mobile-data use, general internet and data access is permitted. In all cases the prohibitions on GSM-gateway, SIM-box, SIM-bank, traffic aggregation and voice/SMS arbitrage apply.

8.5  SMS use. Where SMS is included in the Service, the Customer must not use, or allow any third party to use, the SMS service for unsolicited, unlawful, immoral or improper purposes, or in any manner that breaches applicable laws or codes. On detection, the Company may suspend the affected account or endpoint immediately. The Customer defends, indemnifies and holds the Company and the Operators harmless against any claim, damage or liability relating to the Customer's or its End Users' use of the SMS service.

9.1  The Customer is solely responsible and liable for all traffic and Charges generated on its SIMs, including traffic resulting from fraud, theft, hacking, malware, misconfiguration, artificially-inflated traffic (AIT), international revenue share fraud (IRSF), Wangiri or unauthorised use, whether or not the Customer knew of or consented to it.

9.2  The Company may, at any time and without notice or liability, bar destinations or ranges, impose usage or spend thresholds, block, suspend or deactivate any SIM, or take other protective measures where it suspects fraud, abuse or abnormal usage (including, for example, by reference to the prior three months' average). The Customer must implement reasonable fraud controls on its side and cooperate with any investigation.

10.1  The Customer must pay all Charges as set out in the Order Form or the Company's prevailing tariffs. Charges accrue from the Start Date and are payable in EUR unless stated otherwise. The Company's records are conclusive evidence of usage and Charges, absent manifest error.

10.2  Prepaid and Pre-Funded & Deposit Services. Prepaid Service must be fully paid in advance. Unless the prepaid amount (including any extension) is topped up, the Service will be blocked once the prepaid balance is fully used. Postpaid Service may be drawn against a pre-funded credit or deposit account. The Customer acknowledges that a pre-funded credit or deposit account is not a guaranteed hard spend-stop: because roaming and third-party usage records can be delivered to the Company with delay (potentially several months), usage may exceed the available credit. The Customer remains fully liable for all such usage and for any resulting negative balance, and must settle it on demand.

10.3  Refund of unused pre-funded credit or deposit. On termination, the Company will credit or refund to the Customer any deposit balance within five (5) working days, after deduction of any Charges that are due, accrued or reasonably anticipated (including usage not yet billed and late-posted roaming charges, for which the Customer remains liable). The Company may retain a reasonable amount to cover such pending usage and will release any remaining balance once final records are received.

10.4  Packages and refunds. Save for the refund of unused pre-funded credit and deposit account on termination described above, purchased data packages, bundles and top-ups are non-refundable. No refund or credit is due: once a package, SIM or eSIM has been activated, installed or used; for unused data remaining when a validity period expires; or for charges incurred via alternate devices, SIMs, providers or networks. The Company may refuse any refund where there is abuse, breach of this Agreement or suspected fraud. Any refund request is assessed case by case, may require the Customer to complete troubleshooting and cooperate with an investigation, may be subject to a processing fee, and shall never exceed the amount actually paid.

10.5  Postpaid / credit limit. For postpaid Service the Company may set, vary and enforce a credit limit and/or require a deposit or advance payment as security, and may suspend the Service on reaching the limit. The Customer may not require the deposit to be applied against Charges; the Company may apply it to any amounts due.

10.6  Invoices are payable by the due date stated, without set-off, deduction, counterclaim or withholding. The Customer bears all Taxes; if any withholding is required by law, the Customer must gross up so the Company receives the full amount. Disputed amounts must still be paid by the due date and disputes raised in writing within the periods stated in the Order Form (failing which, within 60 days for prepaid and 90 days for postpaid).

10.7  Late or non-payment entitles the Company, at its discretion, to charge administrative fees (not less than EUR 25 per invoice per month) and interest (not less than 1.5% per month above the central bank interest rates), to apply payments across accounts as it sees fit, to recover all collection, legal and administrative costs, and to suspend, restrict, disconnect or terminate the Service under Clauses 11 and 23, in each case without liability to the Customer.

10.8  Automatic renewal / top-up. Where the Customer opts in, the Company may operate automatic renewal or automatic top-up, charging the Customer's chosen payment method when the data balance falls below a threshold or at the start of a billing cycle, to provide uninterrupted Service. The Customer may cancel automatic renewal at any time, effective at the end of the then-current cycle; cancellation does not refund amounts already charged.

10.9  Prices and promotions. Prices and tariffs may change at any time without prior notice. Promotional prices apply only for the stated period and subject to their specific conditions, after which standard prices apply; the Company may modify, suspend or withdraw any price or promotion at its sole discretion. Published prices are exclusive of applicable taxes unless stated otherwise.

10.10  Administrative fees. In addition to usage Charges, the Company may levy administrative fees, including a reconnection/reactivation fee of not less than EUR 35 per SIM and a fee of not less than EUR 25 for each failed or reversed card payment or direct debit, together with all resulting bank, collection and administrative costs.

10.11  Billing and collection. The Company may authorise any affiliate or Operator to issue invoices and collect Charges and other amounts on its behalf directly from the Customer.

10.12  Netting. The Company may set off and net any amounts due to it under this Agreement against any amounts due to or from the Customer under this Agreement or any other agreement between the Parties.

10.13  Payment not contingent. The Customer's payment obligations are not contingent on the Customer collecting payment from its own End Users. No credit note or refund is due where the Customer is unable to collect from an End User, including on the End User's insolvency, fraud or unauthorised use.

10.14  Minimum average monthly usage. Where an Order Form specifies a minimum average monthly usage per SIM, the Customer commits to that minimum. If, in any month, the actual average usage per SIM is below the minimum, the Company may charge the Customer for the unconsumed (shortfall) data, calculated as the shortfall volume multiplied by that month's average rate of usage (the Customer's total data Charges for the month divided by the data consumed). Alternatively, the Customer may request, and the Company may agree, a new rate plan based on a different minimum average monthly usage, which will apply from the date confirmed by the Company.

11.1  The Company may suspend, restrict, disconnect or deactivate all or part of the Service, immediately and without compensation, where: (a) the Customer is late in payment or exceeds a credit limit; (b) it suspects fraud, abuse, security risk or breach of Clauses 7-10; (c) required by an Operator, Network, law, regulator or court; (d) for maintenance, technical or network reasons; (e) on force majeure; or (f) where a SIM is inactive for a period the Company reasonably determines.

11.2  Suspension or disconnection does not relieve the Customer of any payment or other obligation. The Company has no liability for any loss, damage, cost or expense arising from any suspension or disconnection, and the Customer indemnifies the Company against any third-party or End-User claim resulting from it.

12.1  The Customer must: provide accurate information and keep it updated; comply with all applicable laws and with all instructions, restrictions and requirements of the Company, Operators and authorities; secure its credentials, accounts, devices and systems; take all reasonable steps to prevent fraudulent, improper or illegal use; and make no representation, warranty or guarantee on the Company's or any Operator's behalf.

12.2  Resale / flow-down. Where the Customer resells or supplies the Service to End Users, the Customer does so in its own name and at its own risk, and must put in place a written agreement with each End User that contains terms at least as protective of the Company and the Operators as this Agreement, including the disclaimers, acceptable-use, fraud, suspension, liability and data provisions. The Customer names the Company and the Operators as intended third-party beneficiaries of those terms.

12.3  The Customer is fully responsible and liable for the acts, omissions and breaches of its End Users as if they were the Customer's own. The Company has no contractual relationship with, and no liability to, any End User. Any End-User contact with the Company must be made through the Customer.

12.4  The Customer must notify the Company immediately in writing of any claim, investigation or proceeding relating to the Service.

12.5  Account security. The Customer is solely responsible for the security and confidentiality of its login credentials, passwords, PINs, API keys and accounts, and for all activity occurring under them, whether or not authorised by the Customer. The Customer must keep them secret, not disclose them to any third party, notify the Company immediately of any actual or suspected compromise or unauthorised use, and change the affected credentials without delay. Credentials the Company considers insecure, and any use of the Customer's account, are at the Customer's risk and the Customer's responsibility.

12.6  Customer contact. The Customer shall designate a qualified contact responsible for centralising and filtering support matters and for distinguishing issues that are not the Company's responsibility, and shall keep that contact's details current.

12.7  Operator use restrictions; no carrier functions. Resale is permitted in accordance with this Clause 12. The Customer and any reseller in its chain must comply with the use restrictions and acceptable-use rules of each underlying Operator, including any operator-specific resale or bundling restrictions identified in the Order Form. The Company does not provide, and is not responsible for, telecommunications-carrier functions such as number portability, roaming-regulation compliance, cost-control measures or itemised billing; these remain the Customer's responsibility where applicable, and the Customer must not represent that the Company provides them.

13.1  The Customer is responsible for all regulatory requirements applicable to its use and resale of the Service in each territory, including SIM/end-user registration, "know your customer" (KYC) identity verification and record-keeping, type-approval and certification of devices, and any licensing or notification obligations.

13.2  The Customer must collect and retain End-User identity records as required by law, and must, to the extent legally required, cooperate with and enable lawful interception, data-retention and lawful requests by competent authorities. The Customer indemnifies the Company in full for any fine, penalty, claim or cost arising from the Customer's or any End User's non-compliance with this Clause.

13.3  Authorisations and subscriber identity. The Customer is responsible for holding the regulatory authorisations and making the notifications required to use and supply the Service in each territory, and keeps the Company harmless for any failure to do so. Where SIM/end-user registration or KYC is required in a market, the Company will contact the Customer and the Parties will work together in good faith to accommodate the requirement or otherwise resolve it. On a lawful request by a competent authority, the Customer will provide, without undue delay, the identification details of the End Users of the relevant SIMs and cooperate with lawful-interception and regulatory requests; and the Customer indemnifies the Company against any claim, fine or penalty arising from its or its End Users' non-compliance.

14.1  The Customer warrants that it and its End Users will comply with all applicable trade-sanctions, export-control, anti-money-laundering, anti-terrorism and anti-bribery/anti-corruption laws, and will not make the Service available to any sanctioned person, entity or territory, or for any prohibited end-use.

14.2  Breach of this Clause entitles the Company to suspend or terminate immediately without liability. The Customer indemnifies the Company in full against any claim, fine, penalty or loss arising from a breach of this Clause.

15.1  Each Party will comply with applicable data-protection law, including the GDPR where relevant. As between the Parties, the Customer is the controller of any personal data it or its End Users transmit or process using the Service; the Company does not inspect message content and does not act as controller of such content. Where the Company processes personal data on the Customer's behalf, the Parties will enter into the Company's data-processing agreement, which is incorporated by reference and available online.

15.2  The Customer is solely responsible for the lawful basis, security (including encryption) and compliance of any personal data it transmits or processes, and indemnifies the Company and the Operators in full against any claim, fine or penalty by any person or authority arising from the Customer's data processing or any incorrect assessment by the Customer.

15.3  The Customer acknowledges that international roaming inherently involves transmission and processing of data outside the EEA via foreign Networks, and accepts the associated limitations.

15.4  Traffic and location data. The Company (and the Operators) may collect and process traffic, usage, connection and, where applicable, location data (such as network, cell and IP information) for the purposes of providing, managing and securing the Service, preventing and investigating fraud and abuse, billing, and complying with legal obligations, in accordance with the Company's privacy policy available online.

15.5  Device location data. Any location data processed pertains to devices/SIMs only and is handled on an aggregated or anonymised basis where reasonably practicable. Where the Customer's use enables location or other data to be linked to identifiable individuals, the Customer is solely responsible for the related data-protection compliance, notices and consents.

15.6  Data backup and deletion. The Customer is solely responsible for backing up its own data, and the Company is not liable for any loss of data. Following termination the Company may delete the Customer's data (typically within 30 days), subject to legal retention obligations and after allowing the Customer a reasonable opportunity to retrieve it.

15.7  Data use, transfers and sub-processors. The Customer grants the Company a non-exclusive right to process and use traffic, usage and device data, including on an aggregated and anonymised basis, for operating, securing and improving the Service, for analytics and statistics, and for fraud prevention. The Company may transfer data outside the EEA using EU Standard Contractual Clauses or another lawful transfer mechanism, and may engage sub-processors on at least 30 days' notice; the Company is not responsible for the Customer's own downstream sharing of data with End Users or third parties.

16.1  To the fullest extent permitted by law, the Company disclaims all warranties, conditions and representations of any kind, whether express, implied or statutory, including any implied warranty of merchantability, satisfactory quality, fitness for a particular purpose, accuracy, security, non-infringement, and any warranty as to availability, coverage, throughput, latency or uninterrupted operation. No oral or written information from the Company creates any warranty.

17.1  Nothing in this Agreement excludes or limits liability that cannot lawfully be excluded or limited (such as liability for personal injury or death caused by negligence, or for fraud, gross negligence or wilful misconduct to the extent not excludable under applicable law). Subject to that:

17.2  (a) the Company and the Operators shall not be liable for any indirect, incidental, special, consequential or punitive loss, nor for any loss of profit, revenue, business, goodwill, anticipated savings, data, content or use, even if advised of the possibility and even if caused by negligence;

17.3  (b) the Company and the Operators shall not be liable for any loss arising from outages, interruptions, delays, suspension, disconnection, deactivation, fraud, third-party acts, the Customer's devices or solutions, or matters outside the Company's reasonable control;

17.4  (c) the Company's total aggregate liability under or in connection with this Agreement, for all events in any 12-month period (whether in contract, tort, including negligence, statute or otherwise), shall not exceed the lower of (i) the total Charges paid by the Customer for the affected Service in the three (3) months immediately before the event, or (ii) EUR 500 in aggregate; and

17.5  (d) any claim must be brought within twelve (12) months of the event giving rise to it, failing which it is waived to the extent permitted by law; and

17.6  (e) to the fullest extent permitted by law, and without prejudice to Clause 17.1, the Customer expressly and irrevocably waives any right to claim, sue for, recover or be awarded from the Company, whether in respect of any single event or any number of events whether connected or separate, any amount exceeding EUR 500 in aggregate.

17.7  These limitations apply for the benefit of the Company, its affiliates and the Operators, survive termination, and apply regardless of the basis of the claim. The Charges are set on the basis of these allocations of risk.

18.1  The Customer shall defend, indemnify and hold harmless the Company, its affiliates and the Operators (and their officers, employees and agents) from and against all claims, damages, losses, liabilities, fines, penalties, costs and expenses (including reasonable legal fees) arising out of or in connection with: (a) the Customer's or any End User's use of the Service; (b) any breach of this Agreement, applicable law, Operator conditions, acceptable-use, fraud, sanctions, regulatory or data provisions; (c) any content or solution transmitted or provided by the Customer or its End Users; and (d) any claim by an End User or third party relating to the Service, regardless of whether the claim alleges fault by the Company.

18.2  Claims brought against the Company. Without limiting the above, if the Customer (directly or indirectly, including through an End User, affiliate or assignee) commences, pursues or supports any claim, action or proceeding against the Company that is contrary to, or that seeks to recover more than, the limitations, exclusions and waivers in this Agreement, or that is withdrawn, dismissed or otherwise unsuccessful, the Customer shall indemnify the Company, to the fullest extent permitted by law, for all resulting costs, expenses and reasonable legal and other fees.

19.1  Each Party must keep confidential, and use only for the purposes of this Agreement, the other Party's non-public information, including the Company's pricing, tariffs, platform, APIs and know-how. The Customer must not disclose the Company's commercial terms to any third party except its End Users on a need-to-know basis under equivalent confidentiality obligations. This Clause survives termination and continues for three (3) years thereafter.

20.1  All intellectual property in or related to the Company, the Service, the Network, the platform, the portal, the APIs, software and SIMs remains the exclusive property of the Company or its licensors. The Customer acquires no rights other than a limited, non-exclusive, non-transferable right to use them for the permitted use of the Service. The Customer must not use the Company's marks without prior written consent.

21.1  Any platform, portal or API is provided at the Company's discretion, "as is", with no guarantee of availability, functionality or continuity, and may be changed, limited, suspended or withdrawn at any time. The Customer is solely responsible for actions taken via the portal/API and their consequences (including on invoicing and the Service). Data available via the portal remains the Company's property.

21.2  Third-party integrations. Any third-party plug-ins, integrations or value-added modules made available through the platform are not part of the Service, are governed solely by the relevant third party's terms, and are used at the Customer's own risk. The Company is not responsible or liable for them and may activate, vary, suspend or deactivate them at its sole discretion at any time without liability.

21.3  Chargeable features and updates. Where a platform feature or ancillary service is provided free of charge, the Company may begin charging for it on prior notice (after which the Customer may stop using that feature). The Company may issue updates and upgrades; the Customer is responsible for any resulting adjustments to its own systems and devices, and the Company is not liable for incompatibilities arising from the Customer's failure to make them.

22.1  The Company is not liable for any failure or delay caused by events beyond its reasonable control, including acts of God, natural disasters, fire, flood, war, terrorism, civil unrest, strikes, epidemics/pandemics, failure or congestion of Networks or Operators, power or telecommunications failures, cyber-attacks, and acts of authorities. Force majeure does not relieve the Customer of any obligation to pay amounts due.

23.1  The Company may terminate this Agreement or any Service immediately, by notice (including email), without compensation, if: (a) the Customer fails to remedy a suspension cause within ten (10) days; (b) the Customer materially breaches this Agreement or repeatedly breaches it; (c) the Customer provided false or incomplete information; (d) the Customer uses the Service unlawfully or contrary to public order or Operator conditions; or (e) the Customer becomes insolvent, bankrupt, or subject to liquidation or similar proceedings.

23.2  Either Party may also terminate for convenience at any time in accordance with Clause 4, without compensation or penalty.

23.3  Termination does not affect accrued rights or obligations. On termination, the Service and all SIMs are deactivated, all sums become immediately due, and the Customer must cease use and return or destroy Company property. Clauses relating to payment, fraud, liability, indemnity, confidentiality, IP, data and governing law survive termination.

24.1  The Customer may not assign, novate, subcontract or transfer any of its rights or obligations without the Company's prior written consent. The Company may assign, novate, subcontract or transfer all or part of its rights or obligations at its discretion, including to an affiliate or Operator, without consent.

25.1  The Customer must keep accurate records of its and its End Users' use of the Service, including KYC and registration records, for at least the period required by law. The Company (or its representative) may, on reasonable notice, audit the Customer's compliance with this Agreement, and the Customer must provide reasonable cooperation and access.

26.1  The Customer must maintain adequate insurance (including general and professional/product liability) appropriate to its use and resale of the Service, and provide evidence on request.

27.1  Notices to the Company must be sent to its customer-service department and, where applicable, via its official website or portal. Notices to the Customer may be given by post, email, invoice, portal or by publication of the Online Terms, and are deemed received accordingly. The Customer must keep its contact details current.

27.2  The Parties accept electronic communications, electronic and scanned signatures, and portal confirmations as valid, binding and admissible evidence to the fullest extent permitted by law.

28.1  (a) Entire agreement. This Agreement (with the Online Terms, Schedules and any Order Form) is the entire agreement between the Parties and supersedes all prior representations, save for liability for fraud.

28.2  (b) Severability. If any provision is held invalid or unenforceable, it will be modified to the minimum extent necessary to be enforceable, or severed, without affecting the remaining provisions.

28.3  (c) No waiver. No delay or failure to enforce a right is a waiver of it.

28.4  (d) Interpretation. Any ambiguity or conflict is resolved in the manner most favourable to the Company, save where the Service Specific terms expressly prevail.

28.5  (e) No third-party rights, except that affiliates and Operators may rely on the disclaimers, limitations and indemnities in their favour.

28.6  (f) Survival. Clauses which by their nature should survive (including those on payment, fraud, regulatory and data obligations, liability, indemnity, confidentiality, intellectual property and governing law) survive termination.

28.7  (g) Language. This Agreement is in English, which prevails over any translation.

28.8  (h) No conflicting or additional terms or conditions of the Customer (including any purchase order or the Customer's general terms) apply, even if not expressly rejected; only this Agreement and the documents it incorporates govern. No verbal side agreements have been made, and amendments must be in text form.

28.9  (i) Independent contractors. The Parties are independent contractors; nothing in this Agreement creates any agency, partnership or joint venture between them.

29.1  This Agreement is governed by and construed in accordance with English law, excluding its conflict-of-laws rules and the UN Convention on Contracts for the International Sale of Goods.

29.2  The courts of Zurich, Switzerland have exclusive jurisdiction over any dispute arising out of or in connection with this Agreement, subject to any mandatory jurisdiction. The Company may also bring proceedings to recover amounts due in any court of competent jurisdiction where the Customer is established or holds assets.

• Customer details and authorised contact
• Service type(s): IoT / M2M / Mobile Data — prepaid and/or postpaid
• Operators selected and territories / excluded countries
• Tariffs, bundles and pay-as-you-go rates (per MB / per SMS)
• Recurring charges (SIM, activation, monthly, platform, reseller capabilities)
• Credit limit and/or deposit (if any)
• Prepaid funding and auto top-up settings (if any)
• Resale authorisation (yes/no) and permitted End-User scope

The Company publishes its current Acceptable Use Policy and Fair Use Policy online; they form part of this Agreement and may be updated under Clause 3. They prohibit, among other things, GSM-gateway/SIM-box use, traffic aggregation, fraudulent or artificial traffic, unlawful or abusive content, and use that causes abnormal Network load.

This Platform Agreement (the "Agreement") is entered into between:

(1) Extrafon GmbH, a company incorporated under the laws of Switzerland, with registered office at Kluggasse 10, CH-8640 Rapperswil SG, Switzerland, VAT CHE-111.652.526 (the "Company" or "Extrafon"); and

(2) the person or entity that subscribes to, orders, pays for or uses the Platform (the "Customer", also referred to as the "Partner" or "User").

The Company and the Customer are each a "Party" and together the "Parties". This Agreement takes effect on the date of the Company's acceptance of the Customer's Order Form, or the date the Customer first uses the Platform, whichever is earlier (the "Effective Date").

1.1  In this Agreement: "Platform" means the Extrafon Assets Management Platform (AMP), the customised eCommerce environment, the APIs and related tools and documentation; "Assets" means SIM cards, eSIMs, virtual/QR SIMs, IMSI profiles and any other items the Customer manages via the Platform; "Supplier" means any mobile network operator or third-party asset provider whose Assets the Customer manages via the Platform, which may include the Company; "Connectivity Agreement" means the Company's Service Agreement for IoT/M2M/Mobile Data SIM connectivity; "End User", "Order Form", "Charges", "Operator", "Online Terms" have the meaning given in the Connectivity Agreement and apply here mutatis mutandis. Headings are for convenience; "including" means "including without limitation".

1.2  The Schedules, the Data Processing Agreement (Schedule 2) and any Order Form form part of this Agreement. Any ambiguity or conflict is resolved in the manner most favourable to the Company, save that the Data Processing Agreement prevails on data-protection matters.

2.1  Platform. The Company grants the Customer access to the Platform to manage Assets from one or more Suppliers and, where permitted, to resell Assets and services onward to its own customers and End Users. The Platform is a software/management tool only; it does not itself provide connectivity.

2.2  Multi-supplier; precedence. The Platform is supplier-agnostic. Where the Assets managed are supplied by the Company, the Connectivity Agreement governs those Assets and the underlying connectivity; this Agreement governs the Platform. Nothing in this Agreement expands the Company's connectivity obligations or liability beyond the Connectivity Agreement.

2.3  Two-agreement structure. Where the Customer also holds a Connectivity Agreement with the Company, the two agreements are complementary: each governs its own subject matter, the General Terms are common to both, and in case of conflict the agreement specific to the matter in question prevails for that matter.

2.4  Prerequisites. Suitable, ready-to-use devices and suitable SIMs/Assets are a prerequisite for use of the Platform. Selection of third parties for infrastructure, development and integration is at the Company's discretion. The Customer acknowledges that the Platform is subject to the current state of technology and to limitations, including geographical limitations, and may not be available everywhere at all times.

3.1  The binding terms governing the Platform are those published by the Company online from time to time. The Company may change, withdraw, suspend, replace or introduce terms, policies, prices, fair-use rules and Platform features at its sole discretion and at any time, and will make the current version available online. The Company may adjust the scope of the Platform and, in cases of abuse, reduce functionality.

3.2  Customer's duty to check. The Customer is responsible for informing itself, from time to time, of the then-current Online Terms and for reviewing them periodically. Publication online (or notice by email, invoice or the portal) constitutes valid notice of the change.

3.3  Acceptance by use. The Customer's continued use of, or continued payment for, the Platform after any change constitutes acceptance of, and binds the Customer to, the then-current Online Terms.

4.1  Term per Order Form. This Agreement takes effect on the Effective Date and continues for the term set out in the applicable Order Form. Unless an Order Form specifies a minimum or committed term, the Agreement continues for an indefinite term with no minimum duration, and either Party may terminate at any time on written notice without compensation or penalty.

4.2  Committed term (where agreed). Where an Order Form specifies a minimum or committed term, the Agreement continues for that term and renews as stated in the Order Form; if the Customer terminates early, it must pay the recurring Charges for the remainder of the then-current term plus the Company's implementation costs, as set out in the Order Form.

4.3  Termination for cause. Either Party may terminate immediately for good cause, including material breach not remedied within five (5) days of notice, or the other Party's insolvency or bankruptcy. The Company may terminate immediately, without notice, if the Customer attempts to breach Platform security, poses a security or service risk, uses the Platform unlawfully or other than as permitted, or where provision becomes impractical or prohibited for legal/regulatory reasons.

4.4  Effect of termination. On termination the Platform access is deactivated, all sums become immediately due, and the confidentiality, liability, indemnity, IP, data and governing-law provisions survive. Any unused, cleared prepayment balance is refunded in accordance with Clause 6 (Charges).

4.5  Wind-down. On termination the Customer may place no new orders; existing Assets are deactivated or terminated; and the Parties may agree a short wind-down period during which the affected Service continues and is paid for. Termination does not affect accrued rights or obligations.

5.1  Ownership and licence. The Company (and its licensors) own all right, title and interest in the Platform, software, APIs and related IP. The Company grants the Customer a non-exclusive, non-transferable, revocable right to use the Platform for the term, for the permitted purposes only. The Customer owns its own data, applications and confidential information.

5.2  Restrictions. The Customer must not (and must not permit any third party to): sublicense, sell, lease, loan or otherwise transfer the Platform; access or extract the source code; or alter, translate, reverse-engineer, decompile, disassemble or create derivative works. The Customer must comply with the API specifications and policies provided by the Company.

5.3  Each Party will not infringe or harm the other's trademarks, service marks or other IP. No IP or title transfers under this Agreement except the limited licence stated.

6.1  Charges and taxes. Charges (setup/non-recurring, monthly recurring, per-Asset, time-and-material and usage) are set out in the Order Form or the Company's prevailing price sheet, are stated in EUR and are exclusive of VAT, taxes, freight, packaging, customs and duties. The Customer bears all such taxes and must gross up any withholding so the Company receives the full amount.

6.2  Price changes. The Company may alter prices or introduce new charges, at its sole discretion, on reasonable prior notice. A price change for Services provided directly by the Company does not entitle the Customer to terminate unless the total increase exceeds 20% of the European inflation rate over the prior 12 months (in which case the Customer may terminate within five working days of notice). Increases for Services provided by third parties (indirect) never entitle the Customer to terminate. Continued use after a change constitutes acceptance and a waiver of any objection.

6.3  Invoicing and late payment. Invoices are electronic and are due within five (5) working days of receipt, payable by wire transfer without set-off, deduction, counterclaim or withholding; the debtor bears payment costs. Undisputed amounts unpaid three (3) calendar days after the due date bear interest of 1.5% per month plus the relevant central-bank rate, together with administrative and recovery costs. The applicable time zone is CET/CEST.

6.4  Prepayment (cleared funds). Where the Platform or Assets are provided on a prepaid basis, the Customer must maintain a positive, cleared prepayment balance greater than its processed traffic at current rates. The Company's figures are used to allocate consumption against the balance (irrespective of any dispute). When the prepaid balance is exhausted, the Company may suspend the Service without prior notice and may require a further prepayment. A prepayment is effective only when funds are cleared in the Company's account; proof of payment or a commitment to pay is not accepted as credit.

6.5  Payment not contingent. The Customer's payment obligations are not contingent on it collecting payment from its own Enterprise Customers or End Users. No credit note or refund is due where the Customer cannot collect from its customers, including on their insolvency, fraud or unauthorised use, whether or not reported.

6.6  Netting, currency and suspension. The Company may net any undisputed overdue amounts under this Agreement against any undisputed overdue amounts under any other agreement between the Parties. Invoices in different currencies are paid in their respective currencies; no conversion is accepted. The Company may suspend the Platform for non-payment without liability, and the Customer waives claims and indemnifies the Company for third-party claims arising from such suspension.

6.7  Billing disputes. The Customer must dispute an invoice in writing before its due date (failing which it irrevocably waives the dispute), stating invoice number, date, period, disputed amount, Service and grounds, to the Company's ticketing address. The Customer must still pay the full amount by the due date and may not withhold or offset. No dispute may be raised for amounts under EUR 50. A dispute resolved in the Customer's favour is settled by credit note, with any unused credit refunded on termination.

7.1  Supply and delivery. The Customer may order Assets (including plastic, virtual/QR and embedded SIMs and IMSI profiles) via Order Forms. The Company endeavours to meet communicated delivery dates but, being dependent on third-party suppliers, assumes no liability for delays. The Customer grants a grace period of at least seven (7) weeks before it may terminate the relevant Order Form by written notice; damages for non-fulfilment are excluded. Partial deliveries are accepted.

7.2  Cancellation and substitution. The Company may cancel an order if Assets become unavailable, and may substitute Assets of a technical nature that do not materially deviate in functionality; where a substitute is more advanced, the Company may reasonably adjust the price on prior written notice, and the Customer may terminate that Order Form within seven (7) days, failing which the new price applies. Force majeure and unforeseen obstacles extend delivery times.

7.3  Shipping and risk. Where shipping is requested, risk of loss or deterioration passes to the Customer on dispatch (and no later than the Assets leaving the Company's or its reseller's premises). Carriage of all shipments, including returns, is at the Customer's risk.

7.4  SIM warranty. SIMs/Assets are manufactured by third parties; the Company warrants the manufacturers' technical specifications only, which are approximate and not warranted characteristics. The Customer must inspect Assets on delivery and before installation. Visible defects or quantity/type complaints must be notified in writing within ten (10) days of receipt; other defects within seven (7) days of discovery; failing which warranty claims are excluded. The Company's remedy is rectification or replacement; the Company's warranty in any event does not exceed six (6) months from delivery. Consequential costs (transport, travel, labour, material) are excluded.

7.5  Wrongful refusal / cancellation. If the Customer unjustifiably refuses to accept conforming Assets, or cancels an order without justification, the Company may, after a fourteen (14) day grace period, cancel and claim liquidated damages of thirty percent (30%) of the net order value without proof of actual loss (the Customer may prove lower loss), without prejudice to a higher claim.

7.6  Asset ownership. Assets and all associated identifiers (IMSI, MSISDN, ICCID) supplied by the Company remain the Company's (or the relevant Operator's) property, are licensed for use within the Service only, and where Company-supplied may not be ported or transferred to any other operator, network or provider. Any charge for an Asset or activation is for the right of use only and is non-refundable.

8.1  Resale and responsibility. The Customer may resell the Service and make Assets available to Enterprise Customers and End Users in accordance with the Order Form, but remains the sole contracting party of the Company and is fully liable for all acts and omissions of its Enterprise Customers and End Users, including payment of all fees. All obligations under this Agreement apply to the Enterprise Customers and End Users in the same manner as to the Customer.

8.2  Asset security and liability. The Customer must use only technically suitable devices, secure the Assets against abuse, and report any abuse immediately; on loss or loss of control of an Asset the Customer remains liable for all usage until the Asset is suspended via the Portal or by written request. The Customer is liable for all usage costs arising from its Assets, including fraudulent, artificial or unauthorised traffic (IRSF, AIT, Wangiri (missed-call call-back fraud) and SIM-box).

8.3  Usage limits; no bill-shock service. The Platform lets the Customer set usage limits per Asset or across all Assets and (where enabled via the networks/APIs) auto-suspend on IMEI change. The Company does not provide EU Regulation 544/2009 "bill-shock" prevention or tariff-information SMS; the Customer is solely responsible for setting its own usage limits and for managing its prepaid balances to avoid interruptions.

8.4  Account and orders. The Customer is solely responsible for the security of its hardware, data and access credentials for the Portal and APIs, and for all activity under its account. Orders are accepted only via the Order Form and confirmed by the Company in writing (usually email).

8.5  Misuse and deactivation. The Customer must immediately deactivate (via the Portal or by written request) any Asset misused by it or its End Users, and inform the Company; and must inform its End Users of the measures and consequences of misuse. The Company (or an underlying Operator or authority) may deactivate or terminate any Asset on misuse, security risk or lawful request, and will, where it does so, provide the Customer with a list of the affected Assets.

9.1  Integration. On request the Company provides its API set for the Customer to integrate the Platform; all integration is performed under the Customer's full responsibility, in accordance with the Company's API specifications and policies. Integration work and support by the Company is agreed separately in an Order Form. Where the Customer requests integration to a third-party Supplier or network, the Customer introduces the third party, bears all associated third-party costs, and the work is performed without warranty or liability.

9.2  Specification and API changes. The Company may update the Platform, its technical specifications and its APIs from time to time, giving reasonable prior notice of any materially incompatible change where practicable. The Customer is responsible, at its own cost, for adapting its own systems and integrations accordingly, and the Company is not liable for any incompatibility, fault or loss resulting from the Customer's failure to do so.

10.1  No warranty. The Platform and Services are provided on an "as is" and "as available" basis to the best reasonable commercial ability of the Company, without warranty as to any intended result, uninterrupted or error-free operation, or availability, unless a separate signed service-level contract applies. Claims arising from a lack of complete network or Platform availability are excluded and waived.

10.2  Suspension. Without prejudice to the Agreement, the Company may suspend the Platform or Service, wholly or partly, including where: the Customer's usage or liability rises substantially such that the Company reasonably doubts payment; the Customer's use threatens the Company's technical facilities or network; or the Company obtains information that Asset usage violates applicable law. Despite suspension, the Customer remains liable for fixed and usage Charges.

10.3  Data storage. Data storage is not guaranteed unless expressly agreed in writing; the Company bears no liability for loss or deletion of the Customer's data. The Customer is solely responsible for backing up its data.

10.4  Platform availability and dependencies. The Platform, portal and APIs are the Company's own service, provided on an "as is" and "as available" basis with no guarantee of uptime, continuity or error-free operation. They depend on underlying hosting, infrastructure, networks and third-party integrations (including operator portals and APIs). Beyond providing access, the Company is not liable for any incident, outage, error, downtime, interruption, data loss or unavailability of the Platform, portal or APIs, however caused, including where caused by such underlying or third-party elements, and may suspend, vary or withdraw the affected functionality where a third-party dependency fails, is delayed or is withdrawn.

11.1  Fraud cooperation. The Parties share an interest in preventing fraud, abuse, misuse and data breaches, and may notify each other and exchange relevant data (as permitted by law) and cooperate to mitigate. Each Party complies with applicable telecommunications and data-privacy laws and informs the other of special data-handling requirements.

11.2  Security. Each Party uses reasonable efforts to identify vulnerabilities and advise the other of security flaws, advises immediately of any security breach or suspected misuse affecting the Services, collaborates to eliminate incidents, and maintains appropriate business-continuity and recovery measures.

11.3  Sanctions and regulatory. The Customer must not use the Platform or Assets contrary to any applicable law, including export-control and economic-sanctions regulations (US, UK, EU), and must notify the Company immediately of any suspected breach and cooperate with any investigation. Each Party confirms no regulatory constraint or embargo prevents it from contracting, and will inform the other if one arises.

12.1  To the fullest extent permitted by law, the Company disclaims all warranties, conditions and representations of any kind, whether express, implied or statutory, including merchantability, satisfactory quality, fitness for a particular purpose, accuracy, security, non-infringement, and any warranty as to availability, coverage, throughput, latency or uninterrupted operation. No oral or written information from the Company creates any warranty.

13.1  Nothing in this Agreement excludes or limits liability that cannot lawfully be excluded or limited (such as personal injury or death caused by negligence, or fraud, gross negligence or wilful misconduct to the extent not excludable under applicable law). Subject to that:

13.2  (a) the Company and the Suppliers shall not be liable for any indirect, incidental, special, consequential or punitive loss, nor for any loss of profit, revenue, business, goodwill, anticipated savings, data, content or use, even if advised of the possibility and even if caused by negligence;

13.3  (b) the Company and the Suppliers shall not be liable for any loss arising from Platform unavailability, outages, interruptions, delays, suspension, deactivation, fraud, third-party acts, the Customer's devices, integrations or solutions, or matters outside the Company's reasonable control;

13.4  (c) the Company's total aggregate liability under or in connection with this Agreement, for all events in any 12-month period (whether in contract, tort, including negligence, statute or otherwise), shall not exceed the lower of (i) the total Charges paid by the Customer for the affected Service in the three (3) months immediately before the event, or (ii) EUR 500 in aggregate; and

13.5  (d) any claim must be brought within twelve (12) months of the event, failing which it is waived to the extent permitted by law; and

13.6  (e) to the fullest extent permitted by law, and without prejudice to the first paragraph of this Clause, the Customer expressly and irrevocably waives any right to claim, sue for, recover or be awarded from the Company, whether for any single event or any number of events whether connected or separate, any amount exceeding EUR 500 in aggregate.

13.7  These limitations apply for the benefit of the Company, its affiliates and the Suppliers, survive termination, and apply regardless of the basis of the claim. The Charges are set on the basis of these allocations of risk.

14.1  The Customer shall defend, indemnify and hold harmless the Company, its affiliates and the Suppliers from and against all claims, damages, losses, liabilities, fines, penalties, costs and expenses (including reasonable legal fees) arising out of or in connection with: (a) the Customer's or any Enterprise Customer's or End User's use of the Platform, Assets or Services; (b) any breach of this Agreement, applicable law, Supplier conditions, acceptable-use, fraud, sanctions, regulatory or data provisions; (c) any content, solution or integration provided by the Customer; and (d) any claim by an Enterprise Customer, End User or third party relating to the Service, regardless of whether the claim alleges fault by the Company.

14.2  Claims brought against the Company. Without limiting the above, if the Customer (directly or indirectly) commences, pursues or supports any claim against the Company that is contrary to, or seeks to recover more than, the limitations and waivers in this Agreement, or that is withdrawn, dismissed or unsuccessful, the Customer shall indemnify the Company, to the fullest extent permitted by law, for all resulting costs, expenses and reasonable legal fees.

15.1  This Agreement is confidential between the Parties; neither Party will disclose it (even to Affiliates) without the other's prior written consent. Each Party keeps confidential, and uses only for this Agreement, the other's non-public information, including the Company's pricing, Platform, APIs and know-how. If disclosure is legally required, the receiving Party notifies the other (where lawful) and discloses only what is required. This Clause survives termination and continues for three (3) years thereafter.

16.1  The Parties comply with applicable data-protection law (including the GDPR). As between the Parties, the Customer is the controller and the Company is the processor of personal data processed via the Platform; the Parties are bound by the Data Processing Agreement at Schedule 2, which is incorporated by reference and prevails on data-protection matters. The Customer is responsible for instructing the Company, for the lawful basis, notices and consents, and for compliance (including retention), and indemnifies the Company against third-party data-protection claims.

16.2  Processing and transfers. The Company may process traffic, usage, connection and device data (and, where applicable, anonymised/device-level location data) to provide, manage, secure and improve the Service, for fraud prevention and analytics, and to comply with law; and may transfer data outside the EEA using EU Standard Contractual Clauses or another lawful mechanism and engage sub-processors on at least 30 days' notice. The Company is not responsible for the Customer's downstream data sharing.

17.1  The Customer may not assign, novate or transfer this Agreement without the Company's prior written consent (not unreasonably withheld). The Company may assign, novate or transfer, with or without notice, where necessary to provide the Services or otherwise at its discretion, and may subcontract, remaining responsible for subcontracted work.

18.1  Neither Party is liable for any delay or failure caused by force majeure, including acts of God, floods, earthquakes, storms, fire, explosions, epidemics/pandemics, war, hostilities, riots, strikes or labour unrest, civil or military unrest, embargoes, sabotage, fibre or cable cuts, expropriation, regulatory or judicial interruptions, power failures, and any other event beyond the affected Party's reasonable control. Force majeure does not relieve the Customer of payment obligations.

19.1  Notices must be made in writing by email to be valid; a Party may not deny receipt of a notice sent in accordance with this Clause. The Parties accept electronic and scanned signatures and portal confirmations as valid and binding. The Customer must keep its contact details current.

20.1  (a) Entire agreement. This Agreement (with the Online Terms, Schedules, the DPA and any Order Form) is the entire agreement and supersedes all prior representations, save for liability for fraud.

20.2  (b) No waiver; no failure or delay to enforce a right is a waiver of it.

20.3  (c) Severability; an invalid provision is modified to the minimum extent necessary or severed, without affecting the rest.

20.4  (d) Independent contractors; nothing creates any agency, partnership or joint venture.

20.5  (e) No third-party rights, except that affiliates and Suppliers may rely on the disclaimers, limitations and indemnities in their favour.

20.6  (f) No conflicting or additional terms of the Customer apply; only this Agreement and the documents it incorporates govern. Amendments must be agreed in writing; no verbal side agreements have been made.

20.7  (g) Survival; clauses which by their nature should survive (including charges, fraud, liability, indemnity, confidentiality, IP, data and governing law) survive termination.

20.8  (h) Language; this Agreement is in English, which prevails over any translation.

21.1  This Agreement and the relationship of the Parties are governed by English law, excluding its conflict-of-laws rules and the UN Convention on Contracts for the International Sale of Goods.

21.2  Any dispute shall be brought exclusively before the competent courts of Zurich, Switzerland. The Company may also bring proceedings to recover amounts due in any court of competent jurisdiction where the Customer is established or holds assets.

• Customer details and authorised contact
• Platform modules: AMP / eCommerce / APIs
• Suppliers and Assets to be managed (including Extrafon connectivity, if any)
• Asset types and volumes (plastic / virtual QR / eSIM / IMSI profiles)
• Setup / non-recurring charges; monthly recurring charges; per-Asset charges
• Time-and-material rate for integration / support
• Term (default no minimum; committed term if specified) and renewal
• Prepayment / minimum commitment and credit/deposit (if any)
• Resale authorisation and permitted Enterprise-Customer / End-User scope

The Parties enter into the Company's Data Processing Agreement (DPA), which forms an integral part of this Agreement and prevails on data-protection matters. In outline, the DPA provides that:

• the Customer is Controller and the Company is Processor; Data remains the Controller's property;
• the Company processes Data only on the Customer's documented instructions and for the permitted purposes (providing the Services, fraud prevention, and, in anonymised/aggregated form, service improvement);
• the Company applies appropriate technical and organisational security measures (Art. 32 GDPR) and binds its authorised personnel to confidentiality;
• sub-processors are engaged under equivalent terms, with at least one month's prior notice and the Controller's right to object on data-protection grounds;
• international transfers outside the EEA rely on an adequacy decision, necessity for the Agreement, or EU Standard Contractual Clauses;
• the Company notifies and assists on data-subject requests, data breaches (without undue delay) and DPIAs, and permits audits on reasonable notice;
• on termination the Company returns or deletes the Data (typically within 30 days), subject to legal retention; and
• the Processor indemnifies the Controller for damages from the Processor's breach of the DPA.

The full DPA text (and its Data Processing Schedule listing data categories, data subjects, purposes and sub-processors) is appended and executed with this Agreement.