TERMS AND CONDITIONS

INTRODUCTION

1. These Terms and Conditions (hereinafter "Terms") govern the use of the AI powered, agentic, conversation and meeting management and summarising tool (hereinafter "Tool") offered by Digiotouch OÜ. The Tool is available as a web application, a desktop application, and a mobile application. These Terms govern the use of all above applications.
2. The Tool is operated by Digiotouch OÜ (hereinafter "Digiotouch"), registry code 14507464, address Narva mnt 5, 10117 Tallinn, Estonia.
3. You (hereinafter "you" and "user") will be asked to confirm that you have read the Terms and that you agree to follow the Terms whenever you are using the Tool. If you do not agree to these Terms, you must not use the Tool.
4. Digiotouch may make amendments to these Terms. If Digiotouch makes amendments to these Terms, then Digiotouch will send the amended Terms to you via email to confirm and accept the amended version of the Terms. The amended version of the Terms will be sent to you for review 14 calendar days prior to the amended Terms entering into force. If you do not accept the amended Terms, you must not use the Tool. The updated version of the Terms is always available at https://digiotouch.ai/en/termsofservice.
5. As part of providing the Tool and its features to you, Digiotouch may process personal data in a role of data processor as further specified in the data processing agreement, which is incorporated as an Annex 1 to the Terms.

USE OF THE TOOL

1. The Tool can be used to capture meetings (both audio and video data), transcribe meetings, record voice memos, and upload previous meeting recordings to summarise and generate action items and share a list of summary, action items, transcription, and recorded meeting data.
2. To use the Tool, you must create an account (hereinafter "Account"). You can sign in with your Google account, Apple account, or use your email address as you choose.
3. You represent and warrant that all the required information you submit is accurate.
4. Users of the Tool can be legal or natural persons.
5. You are responsible for maintaining the confidentiality of your Account login information and are fully responsible for all activities that occur under your Account. You agree to immediately notify Digiotouch of any unauthorized use or suspected unauthorized use of your Account or any other breach of security.
6. When using the Tool, the user can activate integrations with other products (such as Google Drive, Dropbox, Slack, Notion etc). The integrations will not be activated automatically. The user can activate and deactivate the integration at any time. If the user activates an integration to store the meeting notes in another platform, Digiotouch will not be able to control what will happen with the meeting notes in the other platform. Digiotouch will not be liable for any damages occurring from this.
7. Digiotouch is using analytics' tools to detect and promptly address errors in using the app. The user can read detailed information about the analytics' tools in Microsoft Clarity and Google Analytics.

FEES

1. Digiotouch offers free and paid subscriptions for the use of the Tool. Pricing and included features of the subscriptions are set forth here. For paid subscriptions, fees are billed in advance on a recurring monthly or annual basis, as applicable to the selected subscription plan.
2. You have the right to cancel your subscription any time. To cancel your subscription, you need to navigate to the "My subscription" page in the Tool's interface and click "Downgrade Plan". Upon cancellation of a paid subscription, you will retain access to the paid subscription until the end of the then-current billing cycle. Thereafter, your Account will convert to a free subscription, and no further subscription fees will be charged.
3. Digiotouch may update prices from time to time. If Digiotouch increases the subscription price, Digiotouch will provide at least 30 days' prior notice. Any price increase will apply only from your next renewal date, allowing you to cancel the subscription if you do not agree to the revised price.
4. To the fullest extent permitted by applicable law, all fees paid under these Terms are non-refundable and payment obligations are non-cancellable. Digiotouch does not provide refunds or credits for partially used subscription periods.
5. If any fees owned for a paid subscription are overdue, Digiotouch reserves the right to convert your paid subscription to a free subscription, until such overdue amounts are paid in full.

INTELLECTUAL PROPERTY

1. Subject to your compliance with the Terms, Digiotouch gives you for the validity of the Terms a limited, revocable, non-exclusive, non-transferable, and non-sublicensable right to access and use the Tool. If you are a legal person, you must only access and use the Tool for business purposes.
2. In particular, you understand that the right to use the Tool according to these Terms are subject to the following restrictions:
   1. You shall not license, sell, rent, lease, transfer, assign, distribute, host, or otherwise commercially exploit the Tool, whether in whole or in part;
   2. You shall not modify, make derivative works of, disassemble, reverse compile or reverse engineer any part of the Tool;
   3. You shall not access the Tool in order to build a similar or competitive tool, platform, website, product or service;
   4. Except as expressly stated herein, no part of the Tool may be copied, reproduced, distributed, republished, downloaded, displayed, posted or transmitted in any form or by any means.
3. You will not receive any IP rights related to the Tool as a result of using the Tool. You understand that by registering an Account and by fulfilling other conditions stipulated by Digiotouch, you will merely have the right to use the Tool for its intended purposes.
4. In the course of using the Tool, you and, where applicable, your end users may submit, generate, or otherwise make available video, audio recordings, content, text, outputs, and documents through the Tool (hereinafter "User Content"). In order to provide the Tool to you, Digiotouch requires a licence to use the User Content. Therefore, you hereby grant Digiotouch a worldwide, non-exclusive, royalty-free licence to access, use, host, store, reproduce, display, modify, and create derivative works form the User Content for providing the Tool, improving and troubleshooting the Tool, protecting the Tool, customizing the Tool and developing new products or adding features to the Tool. Digiotouch does not use User Content to train, fine-tune, validate, or otherwise improve any artificial intelligence or machine learning systems, including but not limited to large language models (LLMs), small language models (SLMs), or other generative or predictive models.

LIABILITY

1. You acknowledge and understand that the Tool is meant to process the content which is provided by you. The quality of the summary and the action items to be delivered depend on the content provided by you.
2. Note that the Tool utilises open source AI and Google's Gemini family models. Due to this, Digiotouch cannot fully eliminate the risk of AI hallucinations, i.e., outputs generated by the Tool that may be incorrect, incomplete, misleading, or otherwise not reflective of verified facts, including where such output is presented in a confident manner. As the provider of the Tool, Digiotouch has taken reasonable measures to reduce the risk of AI hallucinations as much as possible. Still, Digiotouch cannot warrant that the output will be totally free of AI hallucinations.
3. Digiotouch will use reasonable endeavours to ensure that the user can access the Tool and the services in accordance with these Terms. However, Digiotouch may be required to temporarily suspend the functioning of the Tool for unexpected maintenance requirements due to malware, hacking, computer viruses and/or other reasons. You acknowledge that you may not always be able to access and use the Tool due to this reason.
4. To the extent permitted by applicable law, Digiotouch's liability is limited only to direct material damages to the fees paid by you to Digiotouch for the preceding six (6) month period to the time when the damages occurred or the actual damages, whichever is the lesser.
5. Digiotouch is not liable for any loss of damage suffered by you under a breach of contract and shall not be obliged to compensate you for any loss of income, business interruption, loss of profit or other similar losses, unless our actions are deemed culpable (intentional or through gross negligence).
6. Digiotouch shall not be responsible for any damages which have occurred due to the Tool being unavailable because of force majeure, which may include, among other scenarios, power outage, civil unrest, governmental orders, natural disasters and infrastructure failures.
7. Digiotouch is not liable for third-party links on the website and the Tool that may direct you to third-party websites not affiliated with Digiotouch.

TERM AND TERMINATION

1. Digiotouch may terminate your right to use the Tool if you violate these Terms.
2. In addition, Digiotouch may suspend or terminate the user's right to use the Tool in any of the following cases:
   1. the user has violated or attempted to violate the intellectual property rights of Digiotouch;
   2. the user has uploaded illicit materials when using the Tool.
3. Upon the suspension of the user's right to use the Tool, the user's access to the Account shall be temporarily blocked. Upon termination of the user's rights under these Terms, the user's right to access and use the Account and the Tool will end permanently.
4. As a user, you may delete your Account at any time, for any reason, by following the instructions given by Digiotouch in the Tool's interface.

DISPUTE RESOLUTION, APPLICABLE LAW AND JURISDICTION

1. These Terms are subject to the laws of the Republic of Estonia.
2. Any disputes regarding the services and/or in connection with these Terms shall be settled through negotiations. If the parties fail to resolve the dispute through negotiation, the disputes shall be settled by Harju Maakohus (Harju county court) in Estonia, unless mandatory provisions of applicable law provide otherwise.
3. Digiotouch is neither obliged nor willing to participate in a dispute resolution proceedings before a body for a settlement of consumer dispute, unless required by applicable law.

OTHER

1. Should a clause in these Terms be illegal or void (in whole or in part), then such a clause will not affect the validity or enforceability of any part of the other clauses in the Terms. The illegal or void clause will be replaced by a new valid clause with the same meaning and intent as the original clause.
2. These Terms constitute the entire agreement between the parties with respect to the subject matter hereof and supersede any prior agreements in relation to the subject matter of the Terms, including, but not limited to, any prior versions of the Terms.
3. The user may not assign these Terms or assign any rights or delegate any obligations hereunder, in whole or in part, whether voluntarily, by operation of law or otherwise, without Digiotouch's prior written consent. Any purported assignment or delegation by the user without Digiotouch's prior written consent will be null and void.
4. Digiotouch may assign these Terms or any rights hereunder to a third party at any time without the user's consent.
5. Should you have any questions regarding these Terms or the use of the Tool, please send an email to Digiotouch at contact@digiotouch.com.

ANNEX 1 TO THE TERMS – DATA PROCESSING AGREEMENT

GENERAL

1. This data processing agreement (hereinafter "DPA") is an annex to and an integral part of the Terms, which governs the personal data processing conducted by Digiotouch (hereinafter "Processor") on behalf of you (hereinafter "Controller") within the scope of providing the Tool during fulfilment of the Terms.
2. For matters not stipulated in this DPA the Terms apply. In the event of a conflict or ambiguity between the Terms and this DPA, this DPA shall prevail.
3. The DPA has been designed to ensure the parties' compliance with Article 28(3) of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (hereinafter "GDPR").
4. The Processor processes personal data on behalf of the Controller in relation to the relevant data subjects when the processing is needed as part of fulfilling the obligations under the Terms concluded between the parties.
5. The personal data processing's subject-matter, nature, types of personal data and categories of data subjects and processing duration are specified in Annex 1 to this DPA.
6. All and every term, unless specifically defined herein, is being used in the meaning of the GDPR or as used in the Terms.

OBLIGATIONS OF THE CONTROLLER

1. The Controller shall comply with the GDPR and the applicable laws, including ensure the accuracy, quality and lawfulness of the personal data processed by the Processor and inform the data subjects of the processing operations carried out by the Processor.
2. The Controller shall ensure that all instructions for the processing of the personal data under DPA and the Terms shall comply with the GDPR and other applicable laws, and such instructions will not in any way cause the Processor to be in breach of the GDPR and the applicable laws.

OBLIGATIONS OF THE PROCESSOR

1. The Processor shall process the personal data on behalf of the Controller only based on documented instructions (including the ones regulated herein) from the Controller and in accordance with the GDPR and the applicable laws, unless required to do so by the applicable laws to which the Processor is subject. In such case, the Processor shall inform the Controller of that legal requirement before processing, unless the applicable laws prohibits this on important ground of public interest.
2. The Processor shall inform the Controller if, in the Processor's opinion, instructions given by the Controller infringe the GDPR and/or the applicable laws.
3. The Processor shall ensure that all of its employees, subcontractors, members of the management board, or other persons to whom the Processor has provided access to the personal data are subject to confidentiality obligation or to an appropriate statutory confidentiality obligation and are aware of their duties and obligations in relation to the personal data processing.
4. The Processor shall assist the Controller in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, to the extent it is reasonable, appropriate and not unduly burdensome, while taking into account the nature of processing and the information available to the Processor.

SECURITY MEASURES

1. The Processor shall take technical and organisational measures pursuant to Article 32 of the GDPR, including implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk related to the processing of personal data and avoid alternation, loss or nonauthorised processing thereof or access thereto.
2. The security measures deemed necessary and applied by the Processor shall be risk-based and shall be updated regularly by the Processor.

DATA BREACH

1. In case of a data breach, the Processor shall notify the Controller without undue delay, but no later than within forty-eight (48) hours after becoming aware of the data breach concerning personal data processed by the Processor. The notification shall include at least the information required in Article 33(3) of the GDPR. Where any of this information is not available at the time of the original notification, the Processor shall obtain it forthwith and notify the Controller of such information after becoming aware of it.
2. For clarity, a personal data breach does not automatically imply that the Processor has violated this DPA as long as the Processor has duly applied the necessary procedures outlined in this DPA.

DATA SUBJECTS' RIGHTS

1. The Processor shall provide reasonable assistance to the Controller by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Controller's obligations to respond to the data subjects' requests for exercising their rights laid down in Chapter III of the GDPR.
2. The Processor shall forward any requests received from the relevant data subjects for exercising any of their rights to the Controller's contact person as soon as reasonably possible after the receipt of such a request.
3. The Processor shall not communicate to the data subjects nor perform the data subjects' request directly and independently.

AUDITS

1. Upon the Controller's reasonable request with a sixty (60) calendar days prior notice to the Processor, the Processor shall make available all information necessary to demonstrate compliance with the obligations laid down in this DPA.
2. The notification provided to the Processor shall contain a proposal for an auditing plan. If parts of the requested scope of the audit are covered by an audit carried out by a qualified auditor within the last twelve (12) months as of submitting the notification, the Processor is entitled to provide the Controller that audit report instead of the proposed audit.
3. The Processor shall allow for and contribute to audits, including inspections, requested by the Controller. These audits may be conducted by the Controller or by an independent auditor appointed by the Controller if bound by confidentiality obligations. The performance of an audit must not interrupt the Processor's business activities.
4. The audits shall be carried out not more than once a year, unless an exceptional event justifies an audit (e.g. request or investigation by a supervisory authority). Any audit shall be solely limited to confirming the Processor's compliance with its obligations under this DPA, and shall exclude all data, content and information which relates to the Processor's any other clients, accounting or financial information and trade secrets.
5. If infringements are detected during the audits, the Processor shall be given a reasonable timeframe of up to thirty (30) to ninety (90) days, depending on the nature and severity of the infringements, to implement corrective actions, at the Processor's expense.
6. Each Party shall bear its own costs in relation to the audits, except when an infringement by the Controller has been found, in which case, the Controller bears all costs at full and reimburses any costs that the Processor might have incurred within thirty (30) days as of the date of the invoice.

USE OF SUB-PROCESSORS

1. The Processor is free to engage under the Controller's general authorisation another sub-processor deemed suitable by the Processor to carry out all or part of the processing activities under this DPA. The Controller acknowledges and agrees that at the time of concluding the DPA, the Processor has engaged the sub-processors specified in Annex 2 to this DPA.
2. Should the Processor wish to engage a new sub-processor or replace a current sub-processor, then the Processor is obliged to notify the Controller. Upon having reasonable grounds, the Controller may object to the addition or replacement of sub-processor within 14 days as of the Processor informing the Controller. If the Controller does not object during such time period, the addition or replacement shall be deemed to be accepted by the Controller.
3. The sub-processor shall be subject to the same obligations as the Processor. Therefore, the sub-processor shall comply with all obligations set out in this DPA and the obligations applicable to the Processor under the GDPR and any applicable data protection laws and regulations. The Processor shall impose these obligations on the sub-processor in writing by the way of a contract.
4. If the sub-processor does not fulfil his data protection obligations, the Processor shall remain fully liable to the Controller as regards the fulfilment of the obligations of the sub-processor.

TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA

1. The Controller allows the Processor to transfer personal data outside the European Economic Area (hereinafter "EEA"), including engage any subprocessors located outside the EEA, if the Processor transfers personal data to countries in which the European Commission has issued an adequacy decision or if the Processor implements other appropriate safeguards in accordance with the GDPR.
2. In the event that the applied safeguards are no longer sufficient to satisfy the requirements of the GDPR and applicable laws and regulations to legalise the transfer outside the EEA, the Processor shall use any reasonable efforts to implement either an alternative safeguard or cease with such transfer.

ENTRY INTO FORCE AND TERMINATION

1. This DPA enters into force concurrently with the Terms.
2. The DPA and the Terms are interdependent and cannot be terminated separately. Termination of the DPA causes automatic termination of the Terms and vice versa. Termination of this DPA does not exempt the parties from fulfilling their obligations as specified in the applicable laws.

DELETION OR RETURN OF PERSONAL DATA

1. Upon the Controller's request, the Processor shall return all the personal data to the Controller and delete existing copies, unless storage of any personal data is required by the applicable law. In such case, the party shall inform the other party of that legal requirement as soon as possible.
2. In the event that the Controller does not submit a request for return of the data, the Processor shall delete personal data within 2 months as of the termination of this DPA. The foregoing cannot be considered an obligation of the Processor to retain the personal data for 2 months, and the Processor has the right to delete the said personal data earlier.

ANNEX 1 TO THE DPA – DESCRIPTION OF THE PROCESSING

1. Subject matter of the processing

   The Processor shall process the personal data as necessary to provide the Tool according to the Terms.

2. Nature of the processing

   The Processor may conduct the following processing activities: collecting data, receiving data, analysing data, storing data, accessing data, returning data, deleting data.

3. Categories of data subjects and types of personal data

   The Processor shall process the personal data of users of the Tool and any other individuals whose personal data is provided when using the Tool (e.g., meeting participants). Such personal data may include name, e-mail address, and audio and video data from meetings (including voice and image), as well as communications and other content shared through the Tool to the extent it contains personal data.

4. Duration of the processing

   The Processor shall process the personal data as long it is necessary for the provision of the Tool.

ANNEX 2 TO THE DPA – SUB-PROCESSORS

The Controller acknowledges and agrees that at the time of concluding this DPA, the Processor has engaged the following sub-processors: