TERMS AND CONDITIONS SAAS SERVICES

Updated: August 12th, 2025

THESE TERMS AND CONDITIONS FOR SAAS SERVICES, as amended from time to time, together with any other terms, agreements, and policies referenced herein (which constitute an integral part hereof) (these “Terms”), constitute a legally binding agreement between MalantAI Ltd., a private company duly incorporated under the laws of the State of Israel (the “Company”), and the customer executing or otherwise accepting the Order Form that refers to these Terms (respectively, the “Customer” and the “Order Form”). These Terms govern the manner in which the Customer and its users (each, a “User”) may access and use the Company’s Services (as defined below) on a subscription basis. The Order Form may be completed and entered into in various ways, including via an online form or an offline form delivered by Customer to the Company, including by mail, email, or any other electronic or physical delivery mechanism.

1. THE SAAS SERVICES

1.1            Subject to the terms of these Terms, Company will use commercially reasonable efforts to provide Customer to provide Customer with access to its proprietary software-as-a-service (SaaS) solution for AI-powered cybersecurity services (the “Services”). Customer is granted a limited, non-exclusive, non-transferable, non-sublicensable right to access and use the Services solely for its internal business operations and in accordance with these Terms.

1.2 Subject to these Terms, Company will provide Customer with reasonable technical support services, based on the Company’s standard support services plan (the “Support Services”).

1.3 The Services may include third-party materials, including but not limited to software (including  open source software programs that are made available by third parties under their respective OSS Licenses), content, data, services, platforms, or APIs, which are made available by third parties under their respective licenses or terms of use (“Third Party Materials”). Use of such Third-Party Materials is subject to their respective licenses terms or terms of use. Company warrants that such Third-Party Materials will not prevent Customer from exercising the access and use rights granted to Customer under these Terms.  Company disclaims all liability and warranties, express or implied, with respect to Third-Party Materials.

1.4 The Services utilize artificial intelligence and machine learning technologies (“AI Technologies”) to analyze publicly available information (“OSINT”) and generate insights (“AI Insights”). Customer acknowledges that AI Insights: (i) are based on OSINT data which may be incomplete or inaccurate; (ii) may contain errors, inconsistencies or unexpected results; and (iii) should not be used as the sole basis for business-critical decisions, particularly regarding third parties.

1.5 Customer acknowledges that the Services include security vulnerability assessments and penetration testing of Customer’s systems (the “Security Testing”). Customer hereby expressly authorizes Company to use any information collected during the provision of the Services, including but not limited to Customer Data (as defined below), discovered credentials, login information, access tokens, or other authentication data, to conduct additional and more extensive Security Testing as necessary to identify, assess, and report on security vulnerabilities.

1.6 Company may change or update the Services at any time, including the availability of any feature, content, or database, and may impose limitations or restrictions on certain features and services. In the event of a material change, Company will notify Customer by posting an announcement on the Company’s website, through the Services, or by email.

2. REGISTRATION TO THE SERVICE

2.1 In order to use the Service, each User shall register and create an account (the “Account”). As part of the registration process, Customer will identify an administrative User name and password for Customer’s Company account (the “Administrator”).

2.2 Company reserves the right to refuse registration of, or cancel passwords it deems inappropriate. Customer agrees to provide accurate, current, and complete information during the registration process and to update such information as necessary to ensure it remains accurate and complete.

2.3 Customer is responsible for ensuring that each User provides the Company with accurate, complete, and updated registration information. Customer shall notify the Company immediately of any breach of security or unauthorized use of an Account known to Customer. Customer is solely responsible and liable for all activity that occurs in the Accounts, for the use of the Services by its Users, and for any losses, damages, liability, and expenses incurred by the Company or a third party due to any unauthorized use of the Account by either Customer, any User, or any third party on Customer's behalf. Customer shall (i) not allow anyone other than Customer’s authorized Users to access and use the Accounts; (ii) keep, and ensure that Users keep, all Account login details and passwords secure at all times; and (iii) ensure that the login details for each User may only be used by that User, and that multiple people may not share the same login details..

2.4 The Administrator shall have control over all Accounts and may have the ability to: (i) access information about Users’ activities; and (ii) monitor and manage Users’ Accounts. The Administrator may specify additional Users who will gain Administrator privileges. The Administrator is responsible for the internal management and administration of the Services within the Customer’s Accounts. In addition, the Administrator is responsible for: (i) maintaining the confidentiality of the passwords of the Accounts; (ii) designating those individuals who are authorized to access the Accounts; and (iii) performing monitoring to ensure the protection of Users’ privacy and compliance with applicable law.

2.5 Company reserves the right to refuse registration, suspend, or terminate any Account that it reasonably believes is in violation of these Terms or is otherwise inappropriate, at its sole discretion. Company will not be liable for any loss or damage arising from Customer’s or any User’s failure to comply with these requirements.

3. RESTRICTIONS AND RESPONSIBILITIES

3.1 Customer will not, directly or indirectly: (a) copy, reproduce, reverse engineer, decompile, disassemble or otherwise attempt to discover the source code, object code or underlying structure, ideas, know-how or algorithms relevant to the Services or any software, documentation or data related to the Services; (b) modify, translate, or create derivative works based on the Services (except to the extent expressly permitted by Company; (c) exceed subscribed quantities or authorized user limits; (d) license, sublicense, sell, resell, transfer, assign, distribute or otherwise make the Services available in any manner to any third party, or for the benefit of any third party; (e) remove any proprietary notices or labels; (f) interfere with or disrupt the integrity or performance of the Services; (g) attempt to gain unauthorized access to the Services or related systems/networks; (h) use the Services in a manner that infringes third party rights; (i) store or process regulated sensitive data not required by documentation; (j) use the Services for competitive or benchmark purposes; or (k) export or allow export/re-export of the Services or related items in violation of applicable laws. Customer shall cooperate with Company to resolve any non-compliance, including paying for overages at then-current rates.

3.2 Customer represents, covenants and warrants that Customer will use the Services only in compliance with all applicable laws and regulations. Customer hereby agrees to indemnify and hold harmless Company against any damages, losses, liabilities, settlements and expenses (including without limitation costs and attorneys’ fees) in connection with any claim or action that arises from an alleged violation of the foregoing or otherwise from Customer’s use of Services. Although Company has no obligation to monitor Customer’s use of the Services, Company may do so and may prohibit any use of the Services it believes may be (or alleged to be) in violation of the foregoing.

3.3 Customer shall use the Services and data for authorized purposes only, as defined in these terms of service. Any redistribution, sharing or unauthorized use of data requires explicit prior written consent from the Company. Failure to comply with these requirements can lead to immediate termination of access and/or legal enforcement action by Company.

3.4 Customer shall be responsible for obtaining and maintaining any equipment and ancillary services needed to connect to, access or otherwise use the Services, including, without limitation, modems, hardware, servers, software, operating systems, networking, web servers and the like (collectively, “Equipment”). Customer shall also be responsible for maintaining the security of the Equipment, Customer account, passwords (including but not limited to administrative and user passwords) and files, and for all uses of Customer account or the Equipment with or without Customer’s knowledge or consent.

3.5 Customer is solely responsible for ensuring: (i) only users which were authorized by it (“Authorized Users”) have access to the Services, (ii) that such Authorized Users have been trained in proper use of the Services, and (iii) proper usage of passwords, tokens and access procedures with respect to logging into the Services. The Company may refuse registration, terminate or suspend Customer's or a specific user’s access and use of the Services in the event the Company reasonably suspects that Customer’s or the Authorized User access or use is malicious or otherwise harmful or in breach of the terms hereof.

3.6 Company reserves the right to monitor Customer's use of the Services and may restrict, suspend or terminate access, with or without notice, if Company reasonably suspects that Customer's activities: (a) violate any applicable laws, regulations or Company policies; (b) pose risks of harm to third parties or their rights; (c) may compromise the security or integrity of the Services; (d) involve fraudulent, deceptive or abusive practices; or (e) exceed authorized usage limits or scope. Customer shall cooperate with Company's investigation of suspected violations and implement corrective measures as directed. Company shall not be liable for any damages resulting from such protective actions taken in good faith.

4. CONFIDENTIALITY; PROPRIETARY RIGHTS; CUSTOMER DATA

4.1 Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose business, technical or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Proprietary Information” of the Disclosing Party).  Proprietary Information of Company includes non-public information regarding features, functionality and performance of the Services. Proprietary Information of Customer includes Customer Data, as defined below. The Receiving Party shall not (i) disclose or permit access to Proprietary Information and safeguard the Proprietary Information from unauthorized use, access or disclosure using at least the degree of care it uses to protect its similarly sensitive information and in no event less than a reasonable degree of care, and (ii) use (except to its employees, contractors, subcontractors and agents who need to know it and have agreed in writing to keep it confidential under confidentiality obligations no less restrictive than those set forth herein) or divulge to any third person any such Proprietary Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information after five (5) years following the disclosure thereof or any information that the Receiving Party can document (a) is or becomes generally available to the public, or (b) was in its possession or known by it prior to receipt from the Disclosing Party, or (c) was rightfully disclosed to it without restriction by a third party, or (d) was independently developed without use of any Proprietary Information of the Disclosing Party or (e) is required to be disclosed by law.

4.2 In connection with the use of the Services, Customer Data may be provided, made available, or otherwise become accessible to Company, whether by being uploaded, submitted, transmitted, or through Company’s access to Customer’s systems or environments as part of the Services (“Customer Data”).  Customer hereby grants Company and its affiliates, contractors, and sub-processors a non-exclusive, worldwide, royalty-free, fully paid-up, sublicensable license to access, use, process, copy, store, transmit, display, and distribute Customer Data as necessary to provide, maintain, support, and improve the Services and as otherwise permitted under these Terms or as authorized in writing by Customer. Customer represents and warrants that: (i) it possesses all necessary rights, consents, and permissions to grant the foregoing license and to permit Company and its sub-processors to access, use, process, copy, store and transmit Customer Data as contemplated herein, without infringing or violating any third-party rights, including intellectual property, privacy, or contractual rights; (ii) the Customer Data and its use as contemplated herein do not and will not violate any applicable laws, regulations, or policies, including those relating to data privacy, data protection, or data transfer. Except as expressly set forth in these Terms, Company does not assume any responsibility or liability for Customer Data, and Customer is solely responsible for the accuracy, quality, integrity, legality, reliability, and appropriateness of all Customer Data and for the consequences of its use, disclosure, storage, or transmission.

4.3 Except for Customer Data, Company shall own and retain all right, title and interest in and to the Services, including (a) all improvements, enhancements or modifications thereto, (b) any software, applications, inventions or other technology developed in connection with support or based on suggestions, ideas, requests, feedback, recommendations or other information provided by Customer and (c) all intellectual property rights related to any of the foregoing.

4.4 Notwithstanding anything to the contrary, Company shall have the right collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services (including OSINT data) and related systems and technologies (including, without limitation, information concerning Customer Data and data derived therefrom), and Company will be free (during and after the Term hereof) to (i) use such information and data to improve and enhance the Services and for other development, diagnostic and corrective purposes in connection with the Services and other Company offerings, and (ii) disclose such data solely in aggregate or other de-identified form in connection with its field of business. No rights or licenses are granted except as expressly set forth herein.

4.5 Customer acknowledges that all data accessed through the Services is subject to strict confidentiality obligations. Customer shall: (a) maintain appropriate security measures to protect accessed data; (b) ensure all data usage complies with applicable privacy and data protection laws; (c) restrict data access to Authorized Users; (d) promptly report any unauthorized access or data breaches to the Company; (e) not share, transfer or expose Company data to unauthorized third parties; and (f) implement data handling procedures aligned with Company's confidentiality policies.

5. PRIVACY AND DATA PROTECTION

4.1 By utilizing the Services, Customer acknowledges and agrees to be bound by the Company’s Data Processing Agreement (“DPA”), which governs the processing of personal data by the Company on behalf of, and according to the instructions of the Customer. The DPA is applicable to the extent that relevant data protection laws require such protections based on the applicable jurisdiction. A copy of the DPA is available on our website at https://app.malanta.ai/docs/dpa.

4.2 In the event of any contradiction between the provisions of the DPA and the provisions of this Agreement, the provisions of the DPA shall prevail.

6. TRIAL PERIOD, FREEMIUM AND SUBSCRIPTION

The Company provides Customer access to the Product and Services through the following service tiers:

6.1            Trial Period. The Company may offer, from time to time, some or all of its Services on free trial versions for a period agreed by the Parties or as otherwise set in the Documentation (the “Trial Service” and “Trial Period”). The Company reserves the right to modify, cancel and/or limit each Trial Service at any time and without liability. During the Trial Period, Customer may access the full Services on a trial basis for non-production purposes in accordance with the user manuals, specifications and other documentation made available at https://app.malanta.ai/docs/main as may be updated by the Company from time to time (the “Documentation”). The Trial Period shall commence upon the first use of the Services and shall continue until the earlier of: (i)  commencement of Customer’s paid Subscription; or (ii) 14 days following Company's written termination notice, for any reason or for no reason. During the Trial Period, Customer may only use the Services for internal evaluation purposes in accordance with the Documentation. With respect to the Trial Services (i) any Customer Data or configurations will be permanently deleted 60 days after the end of the Trial Period unless Customer purchases a subscription; (ii) the Services are provided during the Trial Period “as is” without any representation, warranties, liabilities, support obligations or indemnification; (ii) the indemnity undertakings by the Company set forth in Section 10 herein shall not apply; and (iii) notwithstanding the provisions of Section 9 (D) herein, in no event shall the total aggregate liability of the Company under or in connection with the Trial Service exceed US$100. Customer assumes all risks associated with trial use. Customer's sole remedy for any dissatisfaction is to terminate use.

6.2 Subscription Access. The Service is provided on a subscription basis for the term specified in Customer’s Order Form (the “Subscription” and the “Subscription Term”).

7. PAYMENT OF FEES

7.1 During the Subscription Term, Customer will pay Company the then applicable fees for the Subscription as set forth in the Order Form(s)(the “Fees”).

7.2 If Customer’s use of the Services exceeds the agreed upon Service Capacity or otherwise requires the payment of additional fees (per the terms of these Term) as provided in the Order Form(s), Customer shall be billed for such usage and Customer agrees to pay the additional fees provided in the Order Form(s).

7.3 Company reserves the right to change the Fees or applicable charges and to institute new charges and Fees at any time, upon thirty (30) days prior notice to Customer (which may be sent by email).

7.4 Unless expressly set forth herein, the Fees are non-cancellable and non-refundable.

7.5 If Customer believes that Company has billed Customer incorrectly, Customer must contact Company no later than sixty (60) days after the closing date on the first billing statement in which the error or problem appeared, in order to receive an adjustment or credit Inquiries should be directed to Company’s customer support department.

7.6 Company may choose to bill through an invoice, in which case, full payment for invoices issued in any given month must be received by Company thirty (30) days after the mailing date of the invoice. Unpaid amounts are subject to an interest charge at a rate of 1.5% per month on any outstanding balance, or the maximum rate permitted by applicable law, whichever is lower, plus all expenses of collection and may result in immediate termination of Services. All Fees payable by the Customer, are exclusive of all taxes, levies and similar assessments, and Customer is responsible for all applicable taxes, other than taxes imposed on Company’s income. All Fees will be payable in full without any setoff, recoupment, deduction, wire transfer fees, debit or withholding.

8. TERM AND TERMINATION

8.1 Unless otherwise stated in the Order Form, these Terms shall remain in effect for an indefinite period (the “Term”), unless and until terminated in accordance with these Terms.

8.2 Each Subscription to the Services shall commence on the start date specified in the applicable Order Form and continue for the initial subscription period specified therein (the “Subscription Term”). Unless otherwise stated in the Order Form or canceled by either the Company or the Customer at least thirty (30) days prior to its expiration, the Subscription shall automatically renew for successive renewal periods equal in duration to the original Subscription Term (excluding any prior renewal periods), at the then-applicable Fees.

8.3 Customer may terminate its Subscription to the Service by cancelling its Subscription, whereby termination will take effect at the end of the then-current Subscription Term and shall not derogate from Customer’s obligation to pay the applicable Fees for the Subscription Term.

8.4 In addition to any other remedies it may have, either party may also terminate these Terms upon thirty (30) days’ notice (or without notice in the case of nonpayment), if the other party breaches any of the terms or conditions of these Terms. Company may terminate or suspend Customer’s use of and access to the Services (or any part thereof) immediately, without prior notice or liability, in each of the following events: (i) Company believes, in its sole discretion, that Customer or any third party is using the Services in a manner that may impose a security risk, may cause harm to Company or any third party, and/or may create any liability to Company or any third party; (ii) Company believes, in its sole discretion, that Customer or any third party is using the Services in breach of these Terms or applicable laws; or (iii) Company is unable to charge the Fees through Customer’s approved payment means or if any payment is or is likely to become overdue.

8.5 Company may disable and suspend Customer’s use of the Services during the notice period, provided that Company shall notify the Customer of such suspension as promptly as practicable. Customer will pay in full for the Services up to and including the last day on which the Services are provided.

8.6 Upon termination or expiration of these Terms: (i) Customer shall cease all use of the Services, (ii) all Fees owed to Company shall become immediately due and payable by Customer, and (iii) Customer Data shall be available to Customer for electronic retrieval for a period of thirty (30) days, but thereafter Company may, but is not obligated to, delete the stored Customer Data.

8.7 All provisions of these Terms which by their nature should survive termination will survive termination, including, without limitation, accrued rights to payment, confidentiality obligations, warranty disclaimers, and limitations of liability.

9. WARRANTY AND DISCLAIMER

9.1 Company shall use reasonable efforts to maintain the Services, under normal use and circumstances, in a manner which minimizes errors and interruptions in the Services in a professional and workmanlike manner. Services may be temporarily unavailable for scheduled maintenance or for unscheduled emergency maintenance, either by Company or by third-party providers, or because of other causes beyond Company’s reasonable control, but Company shall use reasonable efforts to provide advance notice in writing or by e-mail of any scheduled service disruption. The Services may also include recommendations pertaining to the Customer’s products and changes to be made therein. However, Company does not warrant that the Services will be uninterrupted or error free; nor does it make any warranty as to the results or recommendations that may be obtained from use of the Services. Customer acknowledges and agrees that AI Technologies may: (i) exhibit biases; (ii) generate unexpected or unintended outputs; (iii) any insights regarding third parties are provided 'AS IS' without any verification or warranty of accuracy. Company makes no warranties regarding the accuracy, reliability, appropriateness or completeness of any AI Insights.

9.2 EXCEPT AS EXPRESSLY SET FORTH IN THIS SECTION, THE SERVICES IS PROVIDED “AS IS” AND COMPANY DISCLAIMS ALL REPRESENTATIONS AND WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

10. LIMITATION OF LIABILITY

NOTWITHSTANDING ANYTHING TO THE CONTRARY, COMPANY AND ITS SUPPLIERS (INCLUDING BUT NOT LIMITED TO ALL EQUIPMENT AND TECHNOLOGY SUPPLIERS), OFFICERS, AFFILIATES, REPRESENTATIVES, CONTRACTORS AND EMPLOYEES SHALL NOT BE RESPONSIBLE OR LIABLE WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT OR TERMS AND CONDITIONS RELATED THERETO UNDER ANY CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHER THEORY: (A) FOR ERROR OR INTERRUPTION OF USE OR FOR LOSS OR INACCURACY OR CORRUPTION OF DATA OR COST OF PROCUREMENT OF SUBSTITUTE SERVICES OR TECHNOLOGY OR LOSS OF BUSINESS; (B) FOR ANY INDIRECT, EXEMPLARY, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES; (C) FOR ANY MATTER BEYOND COMPANY’S REASONABLE CONTROL; (D) ANY DECISIONS, ACTIONS OR CONSEQUENCES RESULTING FROM CUSTOMER'S USE OR RELIANCE ON SERVICES, PARTICULARLY REGARDING THIRD PARTIES OR (D) FOR ANY AMOUNTS THAT, TOGETHER WITH AMOUNTS ASSOCIATED WITH ALL OTHER CLAIMS, EXCEED THE TOTAL AMOUNT FEES PAID BY CUSTOMER TO COMPANY FOR THE SERVICES UNDER THIS AGREEMENT DURING THE TWELVE (12) MONTHS PRIOR TO THE ACT THAT GAVE RISE TO THE LIABILITY, IN EACH CASE, WHETHER OR NOT COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

11. INDEMNIFICATION

11.1 By Company. Company agrees to defend and indemnify Customer against any damages awarded against Customer by a court of competent jurisdiction, or paid in settlement, arising from a third-party claim, suit, or proceeding alleging that the grant of rights to use the Service within the scope of these Terms infringes any valid U.S. patent. Company shall have no obligation or liability under this Section in the event that: (i) the Service is used unlawfully or in violation of these Terms; (ii) features are provided at the specific request of Customer; (iii) the Service is used in combination with products, equipment, software, or data not provided by Company; (iv) the alleged infringement results from processes developed by Customer or at Customer’s request within the Service; or (v) the alleged infringement is based on Customer Data or any other content provided by Customer or its Users, or on the use of the Service by Customer. This Section ‎10.1 states Company’s sole and exclusive liability, and Customer’s exclusive remedy, for any intellectual property infringement or misappropriation by Company and/or the Service and underlying technology.

11.2 By Customer. Without derogating from Company’s rights under these Terms or applicable law, Customer agrees to defend and indemnify Company against any damages awarded against Company by a court of competent jurisdiction, or paid in settlement, arising from: (i) a third-party claim, suit, or proceeding alleging that the use of Customer Data or any other content provided by Customer and/or its Users, or the use of the Service by Customer and/or its Users, infringes any intellectual property rights of a third party; or (ii) the use or misuse of the Service by Customer, its Users, or any third party using an Account.

11.3 General. The defense and indemnification obligations of the indemnifying party under this Section 10 are subject to: (i) the indemnified party providing prompt written notice of the claim to the indemnifying party; (ii) the indemnifying party being given immediate and complete control over the defense and/or settlement of the claim; and (iii) the indemnified party providing reasonable cooperation and assistance, at the indemnifying party’s expense, in the defense and/or settlement of such claim, and not taking any action that prejudices the indemnifying party’s defense of, or response to, such claim.

12. PUBLICITY

Customer hereby confirms that Company may display the Customer name at the Company’s Website or as part of Company’s customers list.

13. MISCELLANEOUS

If any provision of this Agreement is found to be unenforceable or invalid, that provision will be limited or eliminated to the minimum extent necessary so that this Agreement will otherwise remain in full force and effect and enforceable. This Agreement is not assignable, transferable or sublicensable by Customer except with Company’s prior written consent. Company may transfer and assign any of its rights and obligations under this Agreement without consent. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements, communications and other understandings relating to the subject matter of this Agreement, and that all waivers and modifications must be in a writing signed by both parties, except as otherwise provided herein. No agency, partnership, joint venture, or employment is created as a result of this Agreement and Customer does not have any authority of any kind to bind Company in any respect whatsoever. In any action or proceeding to enforce rights under this Agreement, the prevailing party will be entitled to recover costs and attorneys’ fees. All notices under this Agreement will be in writing and will be deemed to have been duly given when received, if personally delivered; when receipt is electronically confirmed, if transmitted by facsimile or e-mail; the day after it is sent, if sent for next day delivery by recognized overnight delivery service; and upon receipt, if sent by certified or registered mail, return receipt requested. This Agreement shall be governed by the laws of the State of Israel without regard to its conflict of laws provisions. The exclusive jurisdiction and venue for actions related to the subject matter hereof shall be the applicable courts located in Tel-Aviv-Jaffa, Israel.