Terms of Service

Effective date: May 19, 2026 · Last updated: May 19, 2026

These Terms of Service (the "Terms") form a binding agreement between ShareData Inc., a Delaware corporation doing business as Tumban ("Tumban," "we," "us," or "our"), and the entity that accesses or uses the Service ("Customer," "you," or "your").

By accessing the Service, executing an Order Form referencing these Terms, clicking to accept, or otherwise indicating assent, you agree to these Terms on behalf of the entity you represent and warrant that you have authority to bind that entity.

If you do not agree to these Terms, do not access or use the Service.

1. Definitions

1.1 "Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a party, where "control" means ownership of more than 50% of the voting interests.

1.2 "Applicable Law" means all laws, regulations, and rules applicable to a party's performance under these Terms, including data protection, anti-money-laundering, consumer protection, and export control laws.

1.3 "Authorized User" means an employee, contractor, or agent of Customer or its Affiliate who is authorized by Customer to access the Service and to whom Customer has provided credentials.

1.4 "Confidential Information" means non-public information disclosed by one party to the other, whether orally, in writing, or by inspection of tangible objects, that is designated as confidential or that a reasonable person would understand to be confidential given the nature of the information and the circumstances of disclosure. Confidential Information includes Customer Data, the Service (including its design, architecture, models, and methodology), the Policy Database, pricing, and the terms of any Order Form.

1.5 "Creator" means any third-party individual or entity whose profile, listings, content, account, transactions, or related information is submitted by Customer to the Service for Evaluation.

1.6 "Customer Data" means data, information, or content that Customer (or any Authorized User on Customer's behalf) submits to, transmits to, or makes available to the Service, including Creator identifiers, profile data, storefront content, listings, link graphs, and any associated metadata.

1.7 "Documentation" means the technical and operational documentation for the Service made available by Tumban, including API reference materials, integration guides, and policies, as updated from time to time.

1.8 "Evaluation" means the analysis performed by the Service in response to a Customer-initiated request, resulting in an Output.

1.9 "Order Form" means an ordering document or online order specifying the Services to be provided, executed by both parties or otherwise accepted by Customer.

1.10 "Output" means the data returned by the Service in response to an Evaluation request, which may include a recommended disposition (e.g., approve, hold, escalate), a risk score, category labels, policy match references, an audit identifier, and supporting evidence signals.

1.11 "Policy Database" means Tumban's compiled, structured representation of payment processor policies, card network rules, and other third-party policies and standards used by the Service to perform Evaluations.

1.12 "Processor Policies" means the prohibited business, restricted business, acceptable use, and risk-related policies of third-party payment processors and card networks, including but not limited to Stripe Restricted Businesses, PayPal Acceptable Use Policy, Visa Acquirer Monitoring Program (VAMP), Mastercard Business Risk Assessment and Mitigation (BRAM), and similar policies issued by Adyen, Braintree, Square, and other processors.

1.13 "Service" means Tumban's hosted software-as-a-service offering, including the Tumban API, related dashboards, audit logs, Policy Database access, and any associated tools, components, and Documentation, as made available to Customer.

2. The Service

2.1 Service Description. The Service is a software product that, in response to Customer requests, evaluates Creator information submitted by Customer against the Policy Database and returns Output intended to assist Customer in its own decision-making with respect to payouts, account actions, listing review, and related operational decisions.

2.2 Provision of the Service. Subject to Customer's compliance with these Terms and timely payment of all fees, Tumban will make the Service available to Customer during the Term in accordance with these Terms, the applicable Order Form, and the Documentation.

2.3 Service Levels. Any service-level commitments, uptime targets, support response times, or performance metrics will be set forth in the applicable Order Form, service-level agreement, or supplemental terms. Absent any such written commitment, the Service is provided on a commercially reasonable basis without guaranteed service levels.

2.4 Updates. Tumban may, at its discretion, modify, enhance, replace, deprecate, or discontinue features, models, integrations, or components of the Service. Tumban will use reasonable efforts to provide advance notice of material adverse changes that materially reduce core functionality. Updates that are required for security, legal compliance, or processor policy changes may be made without prior notice.

2.5 Beta and Preview Features. Tumban may offer features designated as alpha, beta, preview, evaluation, or similar ("Beta Features"). Beta Features are provided "as is," may be modified or discontinued at any time, are excluded from any service-level commitments, and are excluded from any warranties or indemnities under these Terms. Customer's use of Beta Features is at its own risk.

3. Account Registration and Access

3.1 Account Setup. To access the Service, Customer must register an account and provide accurate, complete, and current information. Customer is responsible for maintaining the security of its account credentials and API keys and for all activity under its account, whether or not authorized by Customer.

3.2 Authorized Users. Customer may permit Authorized Users to access the Service on its behalf. Customer is responsible for all acts and omissions of its Authorized Users and for ensuring that Authorized Users comply with these Terms. Customer must promptly notify Tumban of any unauthorized access or use.

3.3 API Keys. API keys issued by Tumban are confidential and may not be shared, sold, transferred, or used by any party other than Customer and its Authorized Users. Tumban may rotate, revoke, or rate-limit API keys at any time for security, abuse, or compliance reasons.

4. License Grant and Restrictions

4.1 License to Customer. Subject to these Terms, Tumban grants Customer a limited, non-exclusive, non-transferable, non-sublicensable license during the Term to access and use the Service and Documentation, solely for Customer's internal business purposes and as expressly contemplated by these Terms.

4.2 Restrictions. Customer will not, and will not permit any third party to:

(a) copy, modify, translate, or create derivative works of the Service or Documentation;

(b) reverse engineer, decompile, disassemble, or otherwise attempt to derive source code, models, algorithms, or training data of the Service, except to the extent such restriction is prohibited by Applicable Law;

(c) resell, rent, lease, sublicense, distribute, time-share, or otherwise commercially exploit the Service for the benefit of any third party, except as expressly permitted under an Order Form;

(d) use the Service to build, train, or improve any competing product, classifier, model, or service;

(e) circumvent or attempt to circumvent any access controls, rate limits, usage quotas, or security measures of the Service;

(f) use the Service in any manner that exceeds the scope of the license granted or violates these Terms;

(g) remove, obscure, or alter any proprietary notices in the Service or Documentation;

(h) submit to the Service any data that Customer does not have the legal right to submit; or

(i) use the Service to violate Applicable Law or the rights of any third party.

4.3 Reservation of Rights. Tumban reserves all rights not expressly granted to Customer. No rights are granted to Customer by implication, estoppel, or otherwise.

5. Customer Obligations and Acceptable Use

5.1 Compliance with Law. Customer represents and warrants that its use of the Service, the Customer Data it submits, and the actions it takes based on Output will comply with all Applicable Law, including data protection, financial services, consumer protection, anti-discrimination, anti-money-laundering, and sanctions laws.

5.2 Authority to Submit Data. Customer represents and warrants that, with respect to each item of Customer Data submitted to the Service, Customer has all rights, consents, permissions, licenses, and lawful bases necessary to (a) submit such data to Tumban, (b) authorize Tumban to process such data as contemplated by these Terms, and (c) authorize Tumban to combine such data with information obtained from publicly available sources as part of an Evaluation. Customer is responsible for providing all required notices to Creators and other data subjects and for obtaining any required consents or other lawful bases under Applicable Law.

5.3 Acceptable Use. Customer will not use the Service to:

(a) discriminate against any person on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, or any other characteristic protected by Applicable Law;

(b) make adverse decisions about any individual in a manner that requires human review, transparency, or appeal rights under Applicable Law without providing such review, transparency, or appeal independently of the Service;

(c) make the sole automated decision in any context where Applicable Law (including data protection law) prohibits solely automated decision-making without appropriate safeguards;

(d) harass, surveil, or stalk any individual;

(e) submit data of children under the age of 13 (or the applicable age of digital consent under local law) without lawful basis;

(f) circumvent the policies of any third-party processor, card network, or platform; or

(g) engage in any activity that is unlawful, fraudulent, deceptive, or harmful.

5.4 Customer Decisions. Customer acknowledges and agrees that Customer is solely responsible for all decisions and actions taken with respect to Creators, including all payout, account, listing, content moderation, suspension, termination, and remediation decisions, whether or not such decisions are informed by Output. See Section 7 (Output — Advisory Nature).

5.5 Cooperation. Customer will provide reasonable cooperation with Tumban in connection with the Service, including by promptly responding to inquiries about Customer Data, integration, or use of the Service, and by promptly remediating any non-compliant use upon notice from Tumban.

5.6 Prohibited Use Cases — Permissible-Purpose Laws. Customer represents, warrants, and covenants that it will not use the Service or Output, in whole or in part:

(a) to determine an individual's eligibility for credit (including initial decisions, account reviews, account upgrades, or collections), insurance underwriting or pricing, employment (including hiring, retention, promotion, reassignment, or termination), housing, government benefits, or any other purpose covered by the U.S. Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq. ("FCRA"), or by any analogous U.S. state, U.S. federal, or non-U.S. consumer-reporting, credit-reporting, background-screening, or tenant-screening law;

(b) in a manner that would cause any Output to constitute a "consumer report" or "investigative consumer report" within the meaning of the FCRA, or that would cause Tumban to be a "consumer reporting agency" under the FCRA or any analogous law;

(c) for any purpose subject to the Equal Credit Opportunity Act, the Fair Housing Act, the Gramm-Leach-Bliley Act, or any analogous law governing protected classes or financial privacy in a manner that requires lawful bases, disclosures, or adverse-action procedures Customer has not implemented; or

(d) as a substitute for tenant screening, background-check, due-diligence, or similar end-user services regulated under any of the foregoing laws.

Customer acknowledges that Tumban is not a consumer reporting agency and that Output is not a consumer report. Customer is solely responsible for compliance with this Section 5.6, and Customer will indemnify Tumban under Section 14.4 for any claim arising from or relating to a breach of this Section 5.6.

6. Customer Data and Privacy

6.1 Ownership. As between the parties, Customer owns all right, title, and interest in and to Customer Data. Customer grants Tumban a worldwide, non-exclusive, royalty-free license during the Term to host, store, process, transmit, display, and otherwise use Customer Data solely as necessary to (a) provide and support the Service, (b) perform Evaluations and generate Output, (c) maintain audit logs, (d) prevent or address technical, security, or fraud issues, (e) comply with Applicable Law and lawful requests of public authorities, and (f) exercise its rights under Section 6.3.

6.2 Security. Tumban will maintain commercially reasonable administrative, technical, and physical safeguards designed to protect Customer Data against unauthorized access, use, disclosure, alteration, and destruction, consistent with industry standards for software-as-a-service offerings of similar nature. Specifics of Tumban's information security program are set forth in Tumban's security documentation, which may be made available upon request and subject to confidentiality.

6.3 Aggregated and De-Identified Data. Tumban may create, use, and retain aggregated, de-identified, or anonymized data derived from Customer Data and from Service operation (including Evaluation signals, decision patterns, error patterns, model performance metrics, and feedback signals) ("Aggregated Data") for purposes of operating, securing, analyzing, evaluating, improving, and developing the Service and Tumban's products and services. Aggregated Data does not identify Customer, any Creator, or any natural person, and Tumban may retain and use Aggregated Data during and after the Term. Nothing in these Terms restricts Tumban's use of Aggregated Data.

6.4 Personal Data. To the extent Customer Data includes personal data of natural persons subject to data protection laws (including the EU/UK GDPR, the California Consumer Privacy Act/California Privacy Rights Act, and similar laws), the parties will comply with their respective obligations under such laws. Where Tumban acts as a processor or service provider on behalf of Customer with respect to such personal data, the parties will execute a data processing addendum (the "DPA"), which is incorporated into these Terms by reference where applicable.

6.5 Cross-Border Transfers. Customer acknowledges that the Service is provided from the United States and that Customer Data may be transferred to, processed, and stored in the United States and in other jurisdictions where Tumban or its subprocessors operate. Customer is responsible for ensuring that such transfers are permitted under Applicable Law, and Tumban will cooperate in implementing appropriate transfer mechanisms where required by the DPA.

6.6 Retention and Deletion. Tumban retains Customer Data and Output for the period necessary to provide the Service and to maintain audit records, in accordance with its retention policies as set forth in the Documentation. Customer may request deletion of Customer Data relating to a specific Creator (including in response to a verified data-subject deletion or erasure request that Customer is obligated to honor under Applicable Law) by submitting a request through the channels designated in the Documentation. Tumban will, within a commercially reasonable period and in accordance with the DPA where applicable, delete or de-identify the identifying Creator data from active production systems. Notwithstanding the foregoing, Tumban may retain: (a) Aggregated Data; (b) audit records reflecting the existence, time, inputs, and outcome of Evaluations, with direct identifiers redacted or pseudonymized where commercially feasible; and (c) routine backups, archival snapshots, and disaster-recovery copies until they cycle out of Tumban's storage in the ordinary course, in each case as necessary to evidence the operation of the Service, to comply with Applicable Law, or to defend against claims. Audit records and backup copies described in clauses (b) and (c) may be retained beyond termination for the same purposes. Customer acknowledges that Output already disclosed to Customer is in Customer's possession and that deletion from Tumban's systems does not retrieve such Output from Customer's systems.

6.7 Customer Responsibility for Data Quality. Customer is responsible for the accuracy, completeness, lawfulness, and quality of Customer Data. Tumban is not responsible for Output to the extent it is affected by inaccurate, incomplete, stale, or unlawful Customer Data.

6.8 Customer Security Responsibilities. Customer is solely responsible for the security of Customer's own systems, networks, applications, integrations, and personnel, including the security of any endpoint that receives webhooks, callbacks, or other transmissions from the Service. Without limiting the foregoing, Customer will:

(a) keep API keys, secrets, and webhook signing keys confidential, store them using industry-standard secret-management practices, and rotate them promptly upon any actual or suspected compromise;

(b) verify the authenticity and integrity of every transmission received from the Service using the cryptographic signatures, request identifiers, replay-protection tokens, or other validation mechanisms documented by Tumban, and reject any transmission that fails such verification;

(c) implement appropriate transport-layer security (TLS), authentication, authorization, and access controls on all endpoints that interact with the Service, including webhook receivers;

(d) maintain logs sufficient to investigate suspected unauthorized access or spoofing of communications with the Service; and

(e) promptly notify Tumban of any actual or suspected unauthorized access, security incident, or anomalous activity affecting Customer's integration with the Service.

Tumban is not responsible for any loss, damage, claim, or unauthorized disclosure arising from Customer's failure to secure its own systems or to verify the authenticity of data purportedly received from the Service.

7. Output — Advisory Nature

7.1 Informational Output. Customer acknowledges and agrees that Output is provided for informational and decision-support purposes only. Output does not constitute legal, financial, tax, compliance, or other professional advice. Tumban is not a payment processor, card network, money transmitter, bank, lender, identity verification service, credit reporting agency, consumer reporting agency, or regulator, and the Service does not perform any of those functions.

7.2 No Final Decisions by Tumban. Tumban does not make, authorize, or execute any payout, account, listing, suspension, termination, content removal, refund, or remediation decisions with respect to any Creator. All such decisions are made by Customer in its sole discretion. A recommendation in Output (such as "hold" or "escalate") is a suggestion intended to assist Customer's review and is not, and must not be treated as, an instruction or determination.

7.3 No Guarantee of Detection or Accuracy. Compliance evaluation is inherently probabilistic and depends on the availability, quality, and timeliness of source data, third-party policies, and signals that may change without notice. Tumban does not warrant, and disclaims any warranty, that:

(a) the Service will detect every violation, prohibited business, restricted activity, or non-compliant Creator;

(b) any risk score, category label, or policy reference is accurate, complete, or current;

(c) approved Creators are, in fact, compliant with any Processor Policy, Applicable Law, or other standard;

(d) flagged Creators are, in fact, non-compliant; or

(e) the Service will prevent any enforcement action, fine, penalty, freeze, hold, reserve adjustment, MATCH listing, termination, chargeback, or other adverse action by any processor, card network, regulator, or other third party.

7.4 Processor Policies Are Third-Party Materials. The Policy Database reflects Tumban's good-faith interpretation of publicly stated Processor Policies and other third-party rules as of the time of compilation. Processor Policies are owned and controlled by their respective issuers, may change without notice, and may be interpreted or enforced differently than reflected in the Policy Database. Tumban is not affiliated with, sponsored by, endorsed by, or acting on behalf of any payment processor, card network, or platform referenced in the Service. References to processors and networks are nominative.

7.5 Human Review. Customer is responsible for establishing appropriate human review, escalation, and appeal procedures for material decisions affecting Creators, in compliance with Applicable Law. The Service is designed to support, not replace, Customer's trust and safety, compliance, and operational processes.

7.6 No Reliance Without Independent Judgment. Customer agrees that it will not rely solely on Output to make any decision that has a material legal, financial, or reputational effect on a Creator and will exercise its own independent judgment, supplemented by other information as it deems appropriate, before taking any such action.

7.7 Use of Machine Learning and Artificial Intelligence. Customer acknowledges that the Service uses machine learning models, large language models, generative artificial intelligence, and similar probabilistic components (collectively, "AI Components"), including AI Components hosted or operated by third-party providers, to perform classification, retrieval, summarization, reasoning, and Output-generation tasks. AI Components are inherently probabilistic and may produce Output — including risk scores, category labels, evidence summaries, reasoning narratives, and policy citations — that is incorrect, incomplete, inconsistent, biased, internally contradictory, fabricated, or otherwise unreliable, including the phenomenon commonly referred to as "hallucination." Natural-language Output (such as evidence narratives or reasoning explanations) may not be a faithful description of the underlying data or signals on which it appears to be based, and citations or references within such Output may not exist, may not say what they appear to say, or may not be relevant. Customer agrees to treat all Output produced or shaped by AI Components as preliminary analytical material requiring human verification, never as a final determination, and to verify any material assertion against original sources before taking action against a Creator. Tumban does not warrant the factual accuracy, currency, or completeness of any AI Component Output. Sections 13 (Disclaimers) and 15 (Limitation of Liability) apply in full to AI Components and to Output generated by AI Components.

8. Third-Party Data Sources

8.1 Customer-Directed Access to Public Sources. Customer acknowledges and agrees that, when Customer submits a Creator for Evaluation, Customer directs Tumban to retrieve and analyze, on Customer's behalf and at Customer's instruction, publicly available information from third-party sources associated with that Creator, including social media posts, public web pages, public link graphs, public profile pages, search-engine results, and similar sources (collectively, "Third-Party Sources"). Each Evaluation request constitutes Customer's specific instruction to perform such retrieval and analysis with respect to the Creator submitted. Tumban performs this retrieval at Customer's direction and on Customer's behalf; Customer's instruction and Customer's representations and warranties under Section 8.3 are the basis on which the retrieval is conducted. Tumban does not represent or warrant that any particular Third-Party Source permits, by its published terms or otherwise, automated or programmatic access for the purposes contemplated by an Evaluation, and Customer assumes the risk that any such Third-Party Source may take the position that an Evaluation conducted at Customer's direction is inconsistent with its terms.

8.2 No Endorsement. References in Output to third-party sources, content, or activities do not constitute endorsement, verification, or adoption by Tumban. Customer is responsible for evaluating the relevance and accuracy of third-party information in light of its own context.

8.3 Customer Warranties for Submitted Identifiers and Directed Retrieval. With respect to each identifier (such as a social handle, profile URL, username, email address, display name, or other contact reference) that Customer submits in connection with an Evaluation, Customer represents, warrants, and covenants that:

(a) Customer has a legitimate business purpose, connected to a payout, account, listing, or compliance decision under Customer's own platform, for instructing Tumban to retrieve and analyze publicly available information associated with that identifier;

(b) Customer has all rights, consents, lawful bases, and authority necessary to instruct such retrieval and analysis, including any notices, disclosures, or consents required under Applicable Law and under Customer's own agreements with the relevant Creator or other data subject;

(c) Customer is not aware of any specific court order, written cease-and-desist, account-level prohibition, or similar restriction from the operator of any Third-Party Source that prohibits Customer (or any party acting at Customer's direction) from accessing the identifier or its associated publicly available information;

(d) Customer's instruction does not direct Tumban to access any non-public information or to circumvent any access controls, authentication requirements, paywalls, login gates, rate-limiting measures, or other technical protection measures of any Third-Party Source; and

(e) Customer's instruction is consistent with all Applicable Law, including computer-fraud, unauthorized-access, anti-circumvention, and data-protection laws.

Customer further acknowledges that Tumban's retrieval and analysis of Third-Party Source information is performed at Customer's direction and on Customer's behalf for purposes of Section 14.4 (Indemnification by Customer), including Section 14.4(f).

9. Fees and Payment

9.1 Fees. Customer will pay all fees specified in the applicable Order Form. Unless otherwise stated, fees are quoted and payable in U.S. dollars, are non-cancellable and non-refundable except as expressly set forth in these Terms, and are exclusive of taxes.

9.2 Invoicing and Payment. Tumban will invoice Customer in accordance with the applicable Order Form. Undisputed invoices are due within thirty (30) days of the invoice date. Late payments accrue interest at the lesser of 1.5% per month or the maximum rate permitted by Applicable Law, plus reasonable collection costs.

9.3 Taxes. Customer is responsible for all sales, use, value-added, withholding, and similar taxes assessed on the Service, excluding taxes based on Tumban's net income. If Customer is required to withhold any tax, Customer will gross up amounts payable so that Tumban receives the full invoiced amount.

9.4 Suspension for Non-Payment. Without limiting other remedies, Tumban may suspend access to the Service if any undisputed amount is more than thirty (30) days overdue and remains unpaid ten (10) days after written notice. Suspension does not relieve Customer of the obligation to pay outstanding fees.

9.5 Fee Changes. Tumban may change fees for renewal terms by providing notice at least thirty (30) days before the end of the then-current term. Fee changes will not apply retroactively or within a paid term.

10. Confidentiality

10.1 Obligations. Each party (as "Recipient") will: (a) use the other party's (as "Discloser") Confidential Information solely to perform under or exercise its rights under these Terms; (b) protect Confidential Information using at least the same degree of care it uses to protect its own confidential information of similar importance, and in any event no less than reasonable care; and (c) not disclose Confidential Information to any third party except to Recipient's Affiliates, employees, contractors, advisors, and subprocessors who have a need to know and who are bound by confidentiality obligations no less protective than those in this Section.

10.2 Exceptions. The obligations in Section 10.1 do not apply to information that the Recipient can demonstrate: (a) was lawfully in its possession without confidentiality obligations before disclosure; (b) is or becomes publicly available through no fault of the Recipient; (c) was lawfully received from a third party without confidentiality obligations; or (d) is independently developed without use of or reference to the Discloser's Confidential Information.

10.3 Compelled Disclosure. Recipient may disclose Confidential Information to the extent required by Applicable Law or by a court, regulatory authority, or similar order, provided that Recipient (to the extent legally permitted) gives the Discloser prompt notice and reasonable cooperation to seek a protective order or other appropriate remedy.

10.4 Return or Destruction. Upon termination of these Terms or upon Discloser's written request, Recipient will return or destroy Confidential Information in its possession, except that Recipient may retain (a) Confidential Information in routine backups and archives until destroyed in the ordinary course, and (b) Confidential Information necessary to comply with Applicable Law, audit obligations, or to maintain audit records of the Service. Confidential Information so retained remains subject to the confidentiality obligations of this Section.

10.5 Survival. The obligations in this Section survive termination of these Terms for a period of five (5) years, except that trade secrets remain protected for so long as they qualify as trade secrets under Applicable Law.

11. Intellectual Property

11.1 Tumban IP. As between the parties, Tumban owns and retains all right, title, and interest in and to the Service, the Documentation, the Policy Database, the Output (other than Customer Data inputs reflected therein), any underlying software, models, algorithms, scoring logic, evidence graphs, audit identifiers, methodology, infrastructure, and all related intellectual property rights, including all modifications, enhancements, and derivative works thereof.

11.2 Customer IP. As between the parties, Customer owns and retains all right, title, and interest in and to Customer Data and Customer's own products, services, and platforms. No rights are granted to Tumban in Customer IP other than the limited licenses expressly set forth in these Terms.

11.3 Feedback. Customer may, but is not obligated to, provide suggestions, comments, ideas, evaluations, error reports, or other feedback regarding the Service ("Feedback"). Customer grants Tumban a perpetual, irrevocable, worldwide, royalty-free, sublicensable license to use, reproduce, modify, distribute, and exploit Feedback for any purpose, without restriction or compensation. Feedback is provided voluntarily and is not Confidential Information.

11.4 Trademarks. Each party retains its trademarks, service marks, trade names, and logos. Neither party may use the other's marks without prior written consent, except that Customer authorizes Tumban to identify Customer as a customer of Tumban and to use Customer's name and logo on Tumban's website and in customer lists, sales materials, and similar contexts, subject to Customer's reasonable brand guidelines. Customer may revoke this authorization by written notice.

12. Representations and Warranties

12.1 Mutual Warranties. Each party represents and warrants that: (a) it is duly organized, validly existing, and in good standing under the laws of its jurisdiction of formation; (b) it has the full power and authority to enter into and perform these Terms; (c) its execution and performance of these Terms do not violate any agreement to which it is bound or any Applicable Law; and (d) it will comply with Applicable Law in performing under these Terms.

12.2 Tumban Warranty. Tumban warrants that during the Term, the Service will perform materially in accordance with the Documentation under normal use. Customer's sole and exclusive remedy, and Tumban's sole and exclusive obligation, for breach of this warranty is, at Tumban's option, to (a) use commercially reasonable efforts to correct the non-conformity, or (b) if Tumban is unable to do so within a reasonable period, terminate the affected portion of the Service and refund any prepaid fees for the unused portion of the Term applicable to that portion. This warranty does not apply to: (i) Beta Features; (ii) issues caused by Customer, Customer Data, or third-party services; (iii) use of the Service in a manner not permitted by these Terms or the Documentation; or (iv) any free, trial, or evaluation use.

12.3 Customer Warranty. Customer warrants that (a) it has all rights, consents, and authority to submit Customer Data and to direct Tumban to process Customer Data as contemplated by these Terms; (b) Customer Data, and Customer's use of the Service and Output, will comply with Applicable Law; and (c) it has and will maintain reasonable independent processes for evaluating Output and making decisions about Creators consistent with Section 7.

13. Disclaimers

13.1 As-Is. EXCEPT FOR THE EXPRESS WARRANTIES IN SECTION 12, THE SERVICE, THE OUTPUT, THE POLICY DATABASE, AND ALL RELATED MATERIALS ARE PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, TUMBAN AND ITS AFFILIATES, LICENSORS, AND SUBPROCESSORS DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, ACCURACY, AND ANY WARRANTIES ARISING FROM COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

13.2 No Warranty of Compliance Outcomes. WITHOUT LIMITING SECTION 13.1, TUMBAN DOES NOT WARRANT THAT THE SERVICE WILL: (A) DETECT ALL OR ANY PARTICULAR INSTANCES OF NON-COMPLIANCE; (B) PREVENT FINES, FREEZES, RESERVE ADJUSTMENTS, TERMINATIONS, MATCH LISTINGS, CHARGEBACKS, OR OTHER ACTIONS BY ANY PROCESSOR, CARD NETWORK, OR REGULATOR; (C) PROVIDE OUTPUT THAT IS UNINTERRUPTED, ERROR-FREE, OR FREE FROM FALSE POSITIVES OR FALSE NEGATIVES; OR (D) BE COMPATIBLE WITH ALL HARDWARE, SOFTWARE, OR SYSTEMS USED BY CUSTOMER.

13.3 Third-Party Materials. TUMBAN MAKES NO REPRESENTATION OR WARRANTY REGARDING ANY PROCESSOR POLICIES, CARD NETWORK RULES, THIRD-PARTY DATA SOURCES, OR OTHER THIRD-PARTY MATERIALS. ALL SUCH MATERIALS ARE PROVIDED AS-IS AND ARE THE RESPONSIBILITY OF THEIR RESPECTIVE OWNERS.

14. Indemnification

14.1 Indemnification by Tumban. Tumban will defend Customer against any third-party claim alleging that Customer's use of the Service strictly in accordance with these Terms infringes a U.S. patent, U.S. copyright, or U.S. trademark of such third party, and will indemnify Customer for damages and reasonable attorneys' fees finally awarded by a court of competent jurisdiction against Customer or agreed to in settlement by Tumban arising from such claim.

14.2 Exclusions. Tumban's obligations in Section 14.1 do not apply to claims arising from: (a) Customer Data; (b) Customer's combination of the Service with any product, service, or material not provided by Tumban; (c) modification of the Service by anyone other than Tumban; (d) use of the Service in violation of these Terms, the Documentation, or Applicable Law; (e) Beta Features; or (f) free, trial, or evaluation use.

14.3 Remedies. If the Service becomes, or in Tumban's opinion is likely to become, the subject of an infringement claim, Tumban may, at its option and expense: (i) procure for Customer the right to continue using the Service; (ii) modify the Service to make it non-infringing while preserving substantially equivalent functionality; or (iii) terminate the affected Service and refund any prepaid fees for the unused portion of the Term applicable to that Service. The remedies in this Section state Tumban's sole and exclusive liability, and Customer's sole and exclusive remedy, for any third-party intellectual property infringement claim relating to the Service.

14.4 Indemnification by Customer. Customer will defend Tumban, its Affiliates, and their respective officers, directors, employees, and agents against any third-party claim arising from or relating to:

(a) Customer Data, including any claim that Customer Data, or Tumban's processing of Customer Data as authorized under these Terms, infringes, misappropriates, or violates the rights of any third party (including privacy, publicity, intellectual property, or contractual rights);

(b) Customer's, an Authorized User's, or a Creator's use of, or actions taken based on, the Service or Output, including any payout, account, listing, suspension, termination, or content moderation decision and any claim of discrimination, defamation, tortious interference, or unfair business practice arising therefrom;

(c) Customer's breach of Section 5 (Customer Obligations) (including Section 5.6 (Prohibited Use Cases — Permissible-Purpose Laws)), Section 6 (Customer Data and Privacy) (including Section 6.8 (Customer Security Responsibilities)), Section 7.5 (Human Review), Section 8.3 (Customer Warranties for Submitted Identifiers and Directed Retrieval), or Section 12.3 (Customer Warranty);

(d) Customer's violation of Applicable Law;

(e) claims by Creators or other data subjects relating to the collection, processing, sharing, or use of personal data; or

(f) claims by any operator of a Third-Party Source — including any social network, web platform, search service, or other publisher — relating to Tumban's retrieval or analysis of information from that source pursuant to an Evaluation submitted by Customer, including claims of breach of terms of service, claims under computer-fraud, unauthorized-access, or anti-circumvention statutes, and claims of unjust enrichment, trespass to chattels, or similar theories.

Customer will indemnify Tumban for damages and reasonable attorneys' fees finally awarded by a court of competent jurisdiction against Tumban or agreed to in settlement by Customer arising from such claim.

14.5 Procedure. The indemnified party will (a) promptly notify the indemnifying party in writing of the claim (provided that failure to give prompt notice will not relieve the indemnifying party of its obligations except to the extent materially prejudiced); (b) give the indemnifying party sole control of the defense and settlement, provided that no settlement that imposes a material non-monetary obligation on the indemnified party may be entered without the indemnified party's prior written consent (not to be unreasonably withheld); and (c) provide reasonable cooperation at the indemnifying party's expense.

15. Limitation of Liability

15.1 Exclusion of Indirect Damages. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY (NOR ITS AFFILIATES, LICENSORS, OR SUBPROCESSORS) WILL BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF PROFITS, REVENUE, GOODWILL, BUSINESS, ANTICIPATED SAVINGS, OR DATA, ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE, REGARDLESS OF THE CAUSE OF ACTION (WHETHER IN CONTRACT, TORT, STRICT LIABILITY, OR OTHERWISE) AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

15.2 Cap on Direct Damages. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EACH PARTY'S TOTAL CUMULATIVE LIABILITY ARISING OUT OF OR RELATING TO THESE TERMS WILL NOT EXCEED THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER TO TUMBAN UNDER THE APPLICABLE ORDER FORM IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE LIABILITY.

15.3 Specific Disclaimer of Processor Enforcement Liability. WITHOUT LIMITING THE GENERAL LIMITATIONS IN SECTIONS 15.1 AND 15.2, TUMBAN WILL NOT BE LIABLE FOR ANY FINE, PENALTY, RESERVE ADJUSTMENT, FREEZE, TERMINATION, MATCH LISTING, CHARGEBACK, REVENUE LOSS, OR OTHER ADVERSE ACTION IMPOSED ON OR INCURRED BY CUSTOMER BY ANY PAYMENT PROCESSOR, CARD NETWORK, ACQUIRING BANK, REGULATOR, OR OTHER THIRD PARTY, REGARDLESS OF WHETHER OUTPUT WAS GENERATED, USED, OR FOLLOWED.

15.4 Exceptions to Liability Cap. The limitations in Sections 15.1 and 15.2 do not apply to: (a) Customer's payment obligations; (b) either party's indemnification obligations under Section 14; (c) either party's breach of Section 10 (Confidentiality) (provided that this exception does not apply to incidents that constitute or relate to a security incident involving Customer Data, which remain subject to Section 15.2); (d) Customer's breach of Section 4.2 (Restrictions); or (e) liability that cannot be excluded or limited under Applicable Law.

15.5 Allocation of Risk. The parties acknowledge that the limitations of liability in this Section are an essential element of the bargain between the parties, that the fees reflect this allocation of risk, and that these limitations will apply notwithstanding the failure of any limited or essential remedy.

16. Term and Termination

16.1 Term. These Terms commence on the Effective Date and continue until terminated as provided herein or until the expiration or termination of all Order Forms, whichever is later. Each Order Form has its own term as specified therein.

16.2 Termination for Convenience. Either party may terminate these Terms (where no Order Form is in effect) for convenience on thirty (30) days' written notice. Termination of an Order Form for convenience is governed by the Order Form.

16.3 Termination for Cause. Either party may terminate these Terms and any Order Form for cause if the other party: (a) materially breaches these Terms and fails to cure the breach within thirty (30) days after written notice (or ten (10) days for non-payment); (b) becomes the subject of a bankruptcy, insolvency, receivership, or similar proceeding; or (c) ceases to do business in the ordinary course.

16.4 Immediate Suspension. Tumban may suspend access to the Service, in whole or in part, immediately upon notice if: (a) Customer's use poses a security risk, a risk of harm to Tumban or third parties, or a risk of legal liability; (b) Customer violates Section 4.2 or Section 5.3; (c) suspension is required to comply with Applicable Law or a lawful order; or (d) any subprocessor, integration, or third-party requirement compels suspension. Tumban will use reasonable efforts to limit suspension to the affected portion of the Service and to restore access promptly once the cause is resolved.

16.5 Effect of Termination. Upon termination or expiration: (a) all licenses granted to Customer cease; (b) Customer will pay all amounts accrued through the effective date of termination; (c) Customer will cease all use of the Service; and (d) each party will return or destroy the other's Confidential Information as provided in Section 10.4. Customer may, for a period of thirty (30) days after termination (the "Transition Period"), request a reasonable export of Customer Data and audit records associated with Customer's account, subject to payment of any reasonable fees. After the Transition Period, Tumban may delete Customer Data and audit records in accordance with Section 6.6 and its retention policies.

16.6 Survival. Sections 1 (Definitions), 4.2 (Restrictions), 4.3 (Reservation of Rights), 5.6 (Prohibited Use Cases — Permissible-Purpose Laws) (with respect to any Output retained by Customer), 6.3 (Aggregated Data), 6.6 (Retention and Deletion), 7 (Output — Advisory Nature) (with respect to Output generated during the Term), 8.3 (Customer Warranties for Submitted Identifiers and Directed Retrieval) (with respect to Evaluations submitted during the Term), 9 (Fees and Payment) (with respect to amounts accrued), 10 (Confidentiality), 11 (Intellectual Property), 13 (Disclaimers), 14 (Indemnification), 15 (Limitation of Liability), 16.5 (Effect of Termination), 16.6 (Survival), 17 (Modifications), 18 (Governing Law and Dispute Resolution), and 19 (General Provisions) survive termination of these Terms.

17. Modifications to These Terms

17.1 Updates. Tumban may update these Terms from time to time. Tumban will post the updated Terms on its website and update the "Last Updated" date. For material adverse changes, Tumban will use reasonable efforts to provide at least thirty (30) days' advance notice (by email to the Customer's notice address or via the Service). Continued use of the Service after the effective date of an update constitutes acceptance of the updated Terms.

17.2 Inconsistencies. If there is any conflict between these Terms and an executed Order Form, the Order Form controls solely with respect to its subject matter. If there is a conflict between these Terms and the DPA, the DPA controls with respect to processing of personal data.

18. Governing Law and Dispute Resolution

18.1 Governing Law. These Terms and any dispute arising out of or relating to these Terms are governed by the laws of the State of Delaware, U.S.A., without regard to its conflict of laws rules. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

18.2 Informal Resolution. Before initiating any formal proceeding, a party with a dispute will provide written notice to the other party describing the dispute and proposed resolution. The parties will use good-faith efforts to resolve the dispute informally for at least thirty (30) days.

18.3 Forum. Subject to Section 18.4, the state and federal courts located in New Castle County, Delaware will have exclusive jurisdiction over any dispute that is not resolved informally, and each party irrevocably submits to the personal jurisdiction of such courts and waives any objection based on inconvenient forum.

18.4 Equitable Relief. Notwithstanding Section 18.3, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to protect its intellectual property, Confidential Information, or to prevent unauthorized access to or use of the Service.

18.5 Waiver of Jury Trial. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EACH PARTY WAIVES ANY RIGHT TO TRIAL BY JURY IN ANY ACTION ARISING OUT OF OR RELATING TO THESE TERMS.

18.6 Limitation Period. Any claim arising out of or relating to these Terms must be brought within one (1) year after the cause of action accrues, except for claims that cannot be subject to a shortened limitation period under Applicable Law.

19. General Provisions

19.1 Entire Agreement. These Terms, together with any Order Form, DPA, and other documents expressly incorporated by reference, constitute the entire agreement between the parties regarding the Service and supersede all prior or contemporaneous proposals, agreements, and communications, whether oral or written.

19.2 No Reliance. Each party acknowledges that it has not relied on, and will not be entitled to rely on, any representation or warranty other than those expressly set forth in these Terms.

19.3 Assignment. Neither party may assign or transfer these Terms without the other party's prior written consent, except that either party may assign these Terms in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets, upon written notice to the other party. Any prohibited assignment is null and void. These Terms bind and inure to the benefit of the parties and their permitted successors and assigns.

19.4 Subcontractors and Subprocessors. Tumban may engage Affiliates, contractors, and subprocessors to perform the Service, provided that Tumban remains responsible for their performance and for ensuring they are bound by obligations no less protective than those in these Terms with respect to confidentiality and (where applicable) data protection.

19.5 Notices. Notices to Tumban must be sent to legal@tumban.com with a copy to ShareData Inc. at the address designated by Tumban for legal notices. Notices to Customer will be sent to the email or postal address on file for Customer's account. Notices are deemed given when received (for email, upon transmission absent bounce; for postal mail, upon delivery confirmation).

19.6 Force Majeure. Neither party will be liable for any failure or delay in performance (other than payment obligations) caused by events beyond its reasonable control, including acts of God, war, terrorism, civil unrest, government action, labor disputes, fire, flood, earthquake, pandemic, telecommunications or internet failures, denial-of-service attacks, or actions or omissions of upstream providers.

19.7 Independent Contractors. The parties are independent contractors. Nothing in these Terms creates any agency, partnership, joint venture, employer-employee, or fiduciary relationship.

19.8 No Third-Party Beneficiaries. These Terms do not create any third-party beneficiary rights, including for any Creator, Authorized User, or end user of Customer's platform.

19.9 Waivers and Severability. A failure or delay to enforce any provision is not a waiver. A waiver is effective only if in writing and signed by the waiving party. If any provision is held invalid or unenforceable, the remainder of these Terms remains in effect, and the invalid provision will be modified to the minimum extent necessary to be valid and enforceable while preserving the parties' intent.

19.10 Export and Sanctions Compliance. The Service may be subject to U.S. and other export control and sanctions laws. Customer represents and warrants that it (a) is not located in, ordinarily resident in, or organized under the laws of a country or region subject to comprehensive U.S. sanctions; (b) is not on any U.S. government restricted-party list; and (c) will not use, export, re-export, or transfer the Service in violation of Applicable Law.

19.11 U.S. Government Rights. The Service is "commercial computer software" and "commercial computer software documentation" as those terms are defined in 48 C.F.R. § 2.101. Use, duplication, or disclosure by the U.S. government is subject to these Terms.

19.12 Headings and Interpretation. Section headings are for convenience and have no legal effect. "Including" and "include" are non-exhaustive. References to laws include amendments and successor laws.

19.13 Counterparts and Electronic Signature. Order Forms may be executed in counterparts and delivered by electronic means; each counterpart is an original, and together they constitute one instrument.

20. Contact

For questions about these Terms, please contact:

ShareData Inc. (doing business as Tumban)

Attn: Legal

Email: legal@tumban.com

General: hello@tumban.com

Website: https://tumban.com

These Terms reference standard provisions for B2B software-as-a-service offerings and are tailored to the advisory nature of compliance-related Output. They are not a substitute for legal advice. The parties should consult qualified counsel before relying on these Terms in any specific transaction.