LICENCED SERVICES AGREEMENT between [INSERT ENTITY NAME] (Registration Number) ("the Customer") and iiDENTIFii (PROPRIETARY) LIMITED Registration Number: 2016/463843/07) ("iiDENTIFii") 1. Recordal 1.1 iiDENTIFii has developed the iiDENTIFii Service and owns or has licensed Intellectual Property Rights in and to the iiDENTIFii Service. 1.2 The Customer wishes to Use the iiDENTIFii Service in the Territory and any other territory agreed to by the Parties in writing for its own internal business purposes. 1.3 The Parties hereby agree as follows: 2. Definitions and interpretation 2.1 In this Agreement, the following words shall, unless otherwise stated or inconsistent with the context in which they appear, bear the following meanings and other words derived from the same origins as such words (that is, cognate words) shall bear corresponding meanings: 2.1.1 “Account” means an account on the iiDENTIFii Service which relates to a specific Customer; 2.1.2 "Agreement" means this licence agreement (including any schedules attached hereto); 2.1.3 “Affiliate” means, any holding company, subsidiary, associate company or any entity owned, directly or indirectly, by a Party; or any person that directly or indirectly Controls, is Controlled by, or is under common Control with a Party; and any joint venture agreement entered into or incorporated by a Party; 2.1.4 “Applicable Laws” 2.1.5 “Applicable Anti-Bribery Law means all national, provincial, local and municipal legislation, regulations, statutes, by-laws, consents and/or other laws of any relevant Governmental Authority and any other instrument having the force of law as may be issued and in force from time to time relating to or connected with the activities contemplated under this Agreement, including applicable data protection laws; means any bribery, fraud, kickback, or other similar anti-corruption law or regulation; 2.1.6 "Approvals" means all approvals, consents, licences, permits and rights, including, inter alia, all approvals, consents (including consumer or data subject consents), licences, permits and rights from all government, regulatory and statutory entities and authorities; 2.1.7 "Business Day" means any day other than a Saturday, Sunday or gazetted national public holiday in the Republic of South Africa; 2.1.8 "Commencement Date" means the date of signature hereof by the Party signing last in time; 2.1.9 "Companies Act" means the Companies Act of 2008, as amended; 2.1.10 "Confidential Information" means, in relation to a party, any information of a confidential and/or commercially sensitive nature, howsoever obtained or received and whether or not marked confidential including, without limitation, any trade secrets, discoveries, marketing and business information, customer and supplier information, pricing information and/or any other information or material of whatever description or nature proprietary to a party in which that party has an interest in keeping confidential and which is not readily available in the public domain or by an actual or potential competitor of that party. For purposes of clarity, the Confidential Information of a Party’s Affiliates shall be deemed to form part of the Confidential Information of such Party; 2.1.11 "Control" "Control" or "control" or "Controlled" means, with respect to any entity, the possession, directly or indirectly, of the power to direct or cause the direction of the management or policies of such entity, whether through the ownership of voting securities (or other ownership interests), by contract or otherwise, and (without derogating from the generality of the foregoing) includes: a) owning (directly or indirectly) the majority of the issued ordinary shares or membership interests of such entity; and/or b) controlling (directly or indirectly) the majority of voting rights in relation to such entity; and/or c) the right to appoint (and then appointing) so many directors on the board of directors or so many trustees or so many other individuals (who, in relation to such entity perform a similar decision making function as directors perform in respect of a company and as trustees perform in respect of a trust), as the case may be, of such entity as controls or control the majority of the voting rights of all such directors, trustees or individuals, as the case may be. 2.1.12 “the Customer Offering” means the Customer application, incorporating the iiDENTIFii Service. 2.1.13 “the Customer Personnel” means the individual partners, directors, officers, employees, representatives, agents, independent contractors, subcontractors, suppliers, advisors, licensors, product providers, and service providers of the Customer and/or the individual partners, directors, officers, employees, representatives, agents, independent contractors, subcontractors, suppliers, advisors, licensors, product providers, and service providers of any of the Customer s Affiliates, but shall exclude iiDENTIFii Personnel, and the terms "Personnel of the Customer" or "the Customer's Personnel" shall have a corresponding meaning; 2.1.14 “Data” means any data, including Personal Information as amplified if applicable by the definition thereof set out in the Protection of Personal Information Act 4 of 2013 and/or any equivalent legislation of the jurisdiction(s) where the iiDENTIFii Services are being provided and/or performed, supplied to 1Identity by Customer or Processed on behalf of Customer by iiDENTIFii; 2.1.15 "Destructive Code and Instructions" means, any "viruses", "trojan horses", computer code, malware, instructions, devices or other Materials that (i) are designed to disrupt, disable, harm or otherwise impede in any manner, excluding aesthetic disruptions or distortions, the operation or Use of the iiDENTIFii Service or (ii) which contains any other similar harmful, malicious or hidden procedures, routines or mechanisms; or (iii) that can cause damage to or corrupt software, data, storage media, programs, networks, equipment or communications, or otherwise interfere with operations thereof; 2.1.16 “End User” means a client or prospective client of the Customer that utilises the Customer Offering; 2.1.17 "iiDENTIFii Personnel" means the individual partners, directors, officers, employees, representatives, agents, independent contractors, subcontractors, suppliers, licensors, product providers, and service providers of iiDENTIFii and/or of any of iiDENTIFii's Affiliates, and the terms "Personnel of iiDENTIFii" or "iiDENTIFii's Personnel" shall have a corresponding meaning; 2.1.18 "iiDENTIFii Service" means the digital identity verification service including inter alia, all Materials directly or indirectly related to the services which exist at the Commencement Date and improvements to all of the foregoing and which are described at www.iidentifii.com; 2.1.19 "Loss" means, without limitation, any claims, losses, damages, costs, charges, liabilities, penalties, interest and fines and expenses (including legal and other professional charges and expenses); 2.1.20 "Materials" means all products, goods, software, documentation, literature, materials, tools, data, information, databases, modules, components, compilations of data, methodologies, processes, policies, procedures, techniques, models, configurations, protocols, routines, interfaces (including API interfaces), SDK’s, reports, plans, notes, files, diagrams, manuals, templates, schematics, correspondence, designs, circuit designs, algorithms, specifications, records, equipment, hardware, servers, computers, platforms, computer code, derivative works, works of authorship, technology and intellectual property, and irrespective of the form and format of the foregoing and whether tangible or intangible; 2.1.21 "Parties" means the parties to this Agreement, being the Customer and iiDENTIFii and “Party” shall mean either of them as the context requires; 2.1.22 "Permitted Transferee" means a Party’s Affiliates. 2.1.23 “Personal Information” means information relating to an identifiable, natural or juristic person, including but not limited to, information relating to race, gender, sex, marital status, nationality, ethnic or social origin, colour, sexual orientation, age, physical or mental health, religion, belief, disability, language, birth, education, identity number, telephone number, email, postal or street address, biometric information and financial, criminal or employment history as well as correspondence that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; 2.1.24 “Process” means any operation or activity or any set of operations, whether or not by automatic means, concerning Data, including its collection, receipt, recording, organisation, collation, storage, updating or modification, merging, linking, blocking, degradation, erasure or destruction retrieval, alteration, consultation, testing or use, dissemination or distribution by any means and "Processing” shall have a corresponding meaning; 2.1.25 "Support Agreement" means the support and maintenance agreement concluded or to be concluded between iiDENTIFii and the Customer in respect of the iiDENTIFii Service and attached at Schedule 2; 2.1.26 "Territory" means; TBC 2.1.27 "Trade Marks" means any trade marks (including, plain word marks, logos and/or slogans) used by iiDENTIFii from time to time (whether registered anywhere in the Territory or not) in relation to the iiDENTIFii Service including, without limitation, the name "iiDENTIFii"; 2.2 In this Agreement, headings are included for convenience only and shall be ignored in construing this Agreement, and the following rules of interpretation apply to this Agreement, unless otherwise stated or where inconsistent with the context: 2.2.1 if a word or expression is defined, its other grammatical forms have a corresponding meaning; 2.2.2 words importing the masculine gender include the feminine and neuter genders and vice versa; the singular includes the plural and vice versa; and natural persons include artificial persons and vice versa; 2.2.3 the rule of construction that if general words or terms are used in association with specific words or terms which are a species of a particular genus or class, the meaning of the general words or terms shall be restricted to that same class (i.e. the eiusdem generis rule) shall not apply, and whenever the words "include", "includes" or "including" are used, these shall mean "include without limitation", "includes without limitation" and "including without limitation" respectively; 2.2.4 references to a statutory provision include any subordinate legislation made from time to time under that provision and include that provision as modified or re-enacted from time to time; 2.2.5 references to a "person", "entity", "third party" or "party" shall include a natural person, company, close corporation or any other juristic person or other corporate entity, a charity, trust, partnership, joint venture, syndicate, or any other association of persons and their successors-in-title; 2.2.6 if a definition imposes substantive rights and obligations on a Party, such rights and obligations shall be given effect to and shall be enforceable, notwithstanding that they are contained in a definition; 2.2.7 where any number of days is prescribed, those days shall be reckoned exclusively of the first and inclusively of the last day unless the last day falls on a day which is not a Business Day, in which event the last day shall be the next succeeding Business Day; 2.2.8 where the day upon or by which any act is required to be performed is not a Business Day, the Parties shall be deemed to have intended such act to be performed upon or by the next succeeding Business Day; 2.2.9 any words or expressions defined in this Agreement, shall, unless otherwise stated or inconsistent with the context in which they appear, have same meaning whenever used elsewhere in this Agreement and cognate words and expressions shall bear corresponding meanings; 2.2.10 to the extent that any provision in this Agreement shall be held by a court of competent jurisdiction or other competent authority or arbitrator to be unlawful, invalid or unenforceable, in whole or part, then such provision or part of it shall, to the extent that it is unlawful, invalid or unenforceable, be severed from this Agreement without invalidating or affecting the enforceability of the remaining provisions of this Agreement or affecting the validity or enforceability of the remainder of such provision where only a part of such provision is unlawful, invalid or unenforceable. The Parties shall however promptly enter into a negotiation in good faith to determine whether an alternative provision can be formulated to achieve by valid, legal and enforceable means the objectives which underlay the provision, or part thereof, held to be unlawful, invalid or unenforceable. If such an alternative provision is so formulated, the Parties undertake to incorporate it in this Agreement by amendment, and both Parties undertake to apply all reasonable speed and co-operation in achieving this result; 2.2.11 except where expressly stated otherwise, the rights, powers and remedies provided to the Parties in this Agreement are in addition to, and do not exclude or limit, any right, power or remedy provided by law or by any agreement between the Parties; and 2.2.12 the expiration or termination of this Agreement shall not affect such of the provisions of this Agreement which are expressly provided to operate after any such expiration or termination, or which implicitly or of necessity must continue to have effect after such expiration or termination, notwithstanding that the relevant provisions themselves do not provide for this. For avoidance of doubt and without derogating from, or limiting, the generality of the foregoing, the following provisions shall survive and continue after the expiry or termination of this Agreement for whatever reason: clauses 2, 3, 5, 7, 8, 9, 10, 11, 12, 14 and 15 ("Surviving Provisions"). 3. Provision of the iiDENTIFii Service 3.1 With effect from the Commencement Date, iiDENTIFii hereby agrees to provide the iiDENTIFii Service to the Customer, on a non-exclusive, non-transferable basis subject to the terms and conditions of this Agreement to use the iiDENTIFii Service for the purposes of their own internal business purposes in the Territory. 3.2 No ownership in any aspect of the iiDENTIFii Service will pass to the Customer or their End User in terms of this Agreement. 3.3 Open Source Software. The iiDENTIFii Service may include and be distributed with certain third party open source and other free download components (together "Free Download Programs"). Each person’s use of and access to Free Download Programs is governed by the applicable license hereto as amended from time to time. iiDENTIFii shall have no responsibility for or liability in respect of Free Download Programs. Any obligations undertaken by iiDENTIFii in this Agreement in relation to the Free Download Programs distributed in connection with the iiDENTIFii Service are provided by iiDENTIFii alone, and not by the third party licensors of the Free Download Programs. The Free Download Programs are provided “as is” by the third party licensors who disclaim all liabilities, damages (even if they have been advised of the possibility of such damages), warranties, indemnities and other obligations of any kind, express or implied, with regard to the Free Download Programs. 3.4 Further disclaimer of warranties and liabilities. The Free Download Components are provided “as is” by the third party licensors who disclaim all liabilities, damages (even if they have been advised of the possibility of such damages), warranties, indemnities and other obligations of any kind, express or implied, with regard to the Free Download Components. Nothing in the foregoing affects any performance warranty provided by iiDENTIFii with regard to the iiDENTIFii Service as a whole. 3.5 Disclaimer of indemnities. The Free Download Components are excluded from any indemnity that may be provided by iiDENTIFii in this Agreement. 3.6 The Customer is responsible for procuring and maintaining the necessary operating systems to meet the minimum required specifications to operate the iiDENTIFii Service as advise by iiDENTIFii to the Customer in writing. 3.7 The Customer may not, and shall obligate their End Users to so refrain, and may not permit any third party to: 3.7.1 decompile, disassemble, or otherwise reverse engineer or attempt to reconstruct or discover, in any way, any source code, programming, algorithms, design structure, interoperability interfaces, concepts, construction methods underlying ideas, or file formats of the iiDENTIFii Service, for any purpose, (ii) use the iiDENTIFii Service in any manner that is inconsistent with this Agreement; 3.7.2 copy, modify, duplicate, create derivative works from, frame, mirror, republish or display all or any portion of the iiDENTIFii Service in any form or media or by any means; 3.7.3 combine with other software so that it effects this License in any way including without limitation no combination so as to render the iiDENTIFii Service (a) be made available in source code form, (b) be made available without charge or at minimal charge, (c)be licensed for the creation of derivative works or (d) which would require iiDENTIFii or its licensors to grant any third party any rights or immunities under any intellectual property owned by or licensed to iiDENTIFii. Portions of the iiDENTIFii Service may include one or more components that are derived from software subject to an open source license. Any such components are licensed exclusively under the open source license, as applicable, and not under this License; 3.7.4 make the iiDENTIFii Service freely available , lease or lend or allow any unauthorised access thereto; 3.7.5 remove, alter, cover or obfuscate any copyright notices or other proprietary rights notices placed on or in the iiDENTIFii Service; 3.7.6 knowingly generate transactions that are prevented from completing; 3.7.7 attempt to spoof the iiDENTIFii Service, including by means of images or by injecting digital data into any APIs, without iiDENTIFii’s specific written approval; 3.7.8 The Customer shall not, and shall not encourage or allow any use, and shall obligate their End Users not to engage in any use, (and in the event the Customer or their End Users do, iiDENTIFii may, without liability, suspend the use of the iiDENTIFii Service immediately in the event iiDENTIFii in their sole and absolute discretion determines that the Customer or their End Users do not comply with this clause 3.7.8) that: 3.7.8.1 entails or facilitates illegal activity; 3.7.8.2 is discriminatory based on race, gender, colour, religious belief, sexual orientation or disability; 3.7.8.3 is promotes or causes damage or injury to any person or property; or 3.7.8.4 relates to storage or distribution of any Viruses. 3.7.9 The Customer understands and acknowledges that circumstances may arise from time to time in which iiDENTIFii may be required to amend the terms by which the iiDENTIFii Service is provided, such as, by way of example, for purposes of preventing or minimizing iiDENTIFii’s actual or contingent liabilities or as may be required by iiDENTIFii’s third party vendors. Accordingly, the Customer agrees that iiDENTIFii may from time to time amend the Agreements. The Customer agrees to cooperate in good faith with iiDENTIFii in the event that iiDENTIFii requests that the Customer modify the terms of this Agreement. iiDENTIFii expressly reserves the right, in its sole discretion, to amend the foregoing minimum required contractual provisions on a going-forward basis, provided that iiDENTIFii shall exercise commercially reasonable efforts to provide notice to the Customer no less than thirty (30) days prior to requiring implementation of such amendments in subsequent agreements between the Customer and their End Users. 4. Term Notwithstanding the date of signature of this Agreement, this Agreement shall be deemed to have commenced on the Commencement Date and shall continue for a period of 5 (five) years unless terminated earlier in accordance with its terms. 5. Consideration and Payment In consideration for the provision of the iiDENTIFii Service, the Customer shall pay iiDENTIFii the fees set out in Schedule 1, in accordance with the terms of Schedule 1. 6. Taxes 6.1 Any taxes levied by any government upon the payments to be made by the Customer to iiDENTIFii pursuant to this Agreement, and required by applicable law to be withheld by the Customer from such payments, shall be withheld and paid by the Customer to the appropriate tax authorities of the relevant government as required. To the extent that any amounts payable by Customer are subject to withholding taxes, the amount payable shall be grossed up by Customer when Customer remits payment such that the amount paid net of withholding taxes equals the amount invoiced by iiDENTIFii. 6.2 For the avoidance of doubt, any amounts withheld by the Customer in terms of clause 6.1 shall be deducted from the consideration payable to iiDENTIFii in terms of this Agreement. 6.3 The Customer shall transmit to iiDENTIFii, promptly upon each tax payment, official tax receipts or other evidence issued by the tax authorities sufficient to enable iiDENTIFii to support a claim for credit in respect of the taxes so withheld and paid against iiDENTIFii's tax obligations. All other taxes imposed as a result of the existence of this Agreement or the performance of it by the Parties shall be borne and paid by the Party required to do so by applicable law. 7. Intellectual Property Rights 7.1 The Customer acknowledges and agrees that: 7.1.1 none of the Customer, the Customer 's Affiliates or any of the Customer’s Personnel shall acquire any rights, title, ownership or interest, of whatever nature (including Intellectual Property Rights) in or to the iiDENTIFii Service and nothing contained herein shall confer any of such rights, title, ownership or interest on the Customer, the Customer 's Affiliates or the Customer 's Personnel; 7.1.2 all rights, title, ownership and interests, including the Intellectual Property Rights, in and to the iiDENTIFii Service shall, as between iiDENTIFii and the Customer, belong to iiDENTIFii or their third party licensors; and 7.1.3 The Customer, the Customer 's Affiliates or the Customer 's Personnel shall not possess or assert any lien or other right against or to the iiDENTIFii Service, or sell, assign, lease or otherwise dispose of the iiDENTIFii Service, or any part thereof to any third party 7.2 A breach of this clause shall constitute a material breach of the Agreement. 8. Confidentiality 8.1 Subject to the further provisions of this clause 8: 8.1.1 the Parties acknowledge that, during pre-contractual discussions and/or during the course of this Agreement, they have or are likely to become privy to certain Confidential Information belonging or pertaining to the other Party. The Parties further acknowledge that they have a legitimate business interest in keeping their respective Confidential Information confidential; 8.1.2 the Parties undertake, during and after termination of this Agreement, to keep the Confidential Information of other Party confidential. Neither Party may disclose the other’s Confidential Information to any third party except to its affiliates, consultants, agents, contractors, directors, officers and employees, provided that such disclosure is limited to only such persons to whom disclosure is necessary for purposes of giving effect to this Agreement (but then only to the extent that each such person has a need to know) and such persons are first bound by confidentiality and restricted use obligations no less onerous than those set out in this Agreement; 8.1.3 throughout this Agreement a Party may use the other Party’s Confidential Information for the purposes of and pursuant to this Agreement only and for no other purpose; 8.1.4 after termination of this Agreement, neither Party shall make use of the other Party’s Confidential Information nor shall either Party, in any manner whatsoever, disclose the other Party’s Confidential Information to any other person. 8.2 The obligations set out in terms of this clause 8 shall not apply to any Confidential Information to the extent to which: 8.2.1 the Party receiving the information can show by written records was in its possession prior to receiving the information from the other Party; 8.2.2 was generally available to the public prior to disclosure by the Party disclosing the information or becomes generally available to the public after disclosure (other than through a breach by the Party receiving the information of its obligations hereunder); 8.2.3 the Party receiving the information can prove it received from a third party legally entitled to possess such information; 8.2.4 is approved for release upon the written confirmation of the Party to whom the information belongs or pertains; 8.2.5 it is required to be disclosed for the enforcement of any rights in this Agreement or in relation to any legal or arbitration proceedings between the Parties; or 8.2.6 is required by the provisions of any law, statute or regulation, or during any court or arbitration proceedings with third parties, or by the rules or regulations of any recognised stock exchange to be disclosed provided that the extent of such disclosure is, as far as reasonably possible, limited and that the Party to whom the information belongs or pertains, to the extent permissible, has been consulted prior to such disclosure. 8.3 Regardless of anything contained in this 8, a Party shall be liable for any breach of this clause caused by any of its directors, officers, employees, consultants, agents and/or professional advisers. 9. Data Retention 9.1 iiDENTIFii acknowledges and agrees that retention and destruction of records shall be in accordance with Applicable Laws. However, the Parties agree that certain personal information may be required to be retained as follows: 9.2 iiDENTIFii, its processors and other third party vendors will store the liveness stream biometric components ("the Liveness Components"). Such Liveness Components will be stored for 60 (sixty days) and will be utilised as follows: 9.3 Analyse false attempts at verification in order to prevent future spoofing; 9.4 In order to counter any future arguments that the technology involved in the liveness verification is racially biased. 10. Data Protection 10.1 The Parties acknowledge and agree that all Data provided by the Customer to iiDENTIFii, or to which iiDENTIFii may be exposed, shall constitute Confidential Information and where applicable, Intellectual Property belonging to the Customer. 10.2 iiDENTIFii hereby warrants, represents and undertakes in favour of the Customer that: 10.3 it shall at all times strictly comply with all Applicable Laws and with all the provisions and requirements of any of the Customer's data protection policies and procedures which may be in force from time to time; 10.4 it shall not, at any time Process Data for any purpose other than with the express prior written consent of the Customer, and to the extent necessary to provide the iiDENTIFii Services to the Customer; and 10.5 it shall ensure that all its systems and operations which it uses to provide the iiDENTIFii Services, including all systems on which Data is Processed as part of providing the iiDENTIFii Services, shall at all times be of a minimum standard required by all Applicable Laws and be of a standard no less than the standards which are in compliance with the Best Industry Practice for the protection, control and use of Data. 10.6 iiDENTIFii shall take appropriate and reasonable technical and organisational measures to prevent the loss of, damage to or unauthorised destruction of Data and the unlawful access to or Processing of Data. The measures taken must at all times be of a minimum standard required by all Applicable Laws and be of a standard no less than the standards which are in compliance with Best Industry Practice for the protection, control and use of Data. 10.7 iiDENTIFii shall take reasonable steps to identify all reasonably foreseeable internal and external risks posed to Data under iiDENTIFii's possession or control and establish and maintain appropriate safeguards against any risks identified. iiDENTIFii shall regularly verify that the safeguards are effectively implemented, and keep a record of such verification. The safeguards shall be updated continually in response to new risks or deficiencies in previously implemented safeguards. Records kept must be available for inspection on 7 (seven) days notice, upon notice in writing from the Customer. 10.8 iiDENTIFii shall immediately notify the Customer (i) of any risks posed to Data that it has identified; (ii) of the safeguards established by iiDENTIFii to mitigate the impact of the risks; and (iii) that the safeguards have been effectively implemented. 10.9 iiDENTIFii shall notify the Customer of any security compromises or suspected security compromises of which it becomes aware or suspects, immediately on becoming so aware or forming such a suspicion. 10.10 iiDENTIFii acknowledges and agrees that retention and destruction of records shall be in accordance with Applicable Laws. 10.11 iiDENTIFii further acknowledges and agrees that any breach of its obligations under this clause 10 shall be deemed a material breach of this Agreement. 11. Representations, Warranties and Limitation of Liability 11.1 To the fullest extent permitted by law, and except as set forth elsewhere in this Agreement, iiDENTIFii makes no representations, warranties or conditions, either express or implied or statutory, including any representation, warranty or condition of satisfactory quality or fitness for a particular purpose or non-infringement. 11.2 iiDENTIFii does not warrant that the operation of the iiDENTIFii Service will be uninterrupted or error free or that any defects that may exist in the iiDENTIFii Service can be corrected. 11.3 In no event shall iiDENTIFii be liable for any loss of profits, business, use, data or information or for any incidental, indirect, special or consequential damages, including but not limited to damages resulting from loss of use, loss of anticipated savings or lost data even if iiDENTIFii has been advised, knew (or should have known) of the possibility thereof, or for any claim by any third party. 11.4 The Customer agrees that iiDENTIFii’s liability under this Agreement, in contract or in delict shall not exceed the lesser 10% (ten percent) of the fees (if any) paid or payable by the Customer in the preceding 12 (twelve) months or the proceeds paid out of any insurance policy taken out in this regard. 11.5 iiDENTIFii hereby warrants and undertakes, with effect from the Commencement Date and all times thereafter, that: 11.5.1 it has obtained, and shall maintain in force for the duration of the Agreement, all Approvals which may be required for iiDENTIFii to validly and lawfully perform its obligations in terms of this Agreement; 11.5.2 it has the legal right and full power and authority to provide the iiDENTIFii Service and all other rights conferred by this Agreement; 11.5.3 it will not intentionally or with gross negligence introduce or permit the introduction of any Destructive Code and Instructions into the iiDENTIFii Service; 11.5.4 it is duly constituted, organised and validly existing under the laws of the Republic of South Africa; 11.5.5 it has the legal right and full power and authority to execute and deliver, and to exercise its rights and perform its obligations under this Agreement and all the documents which are to be executed by it as envisaged by this Agreement; 11.6 The Customer hereby warrants and undertakes, with effect from the Commencement Date and all times thereafter, that: 11.6.1 it has obtained, and shall maintain in force for the duration of the Agreement, all Approvals which may be required for the Customer to validly and lawfully perform its obligations in terms of this Agreement including all necessary consents required for the Processing of Data; 11.6.2 it is duly constituted, organised and validly existing under the laws of the Republic of South Africa; 11.6.3 it has the legal right and full power and authority to execute and deliver, and to exercise its rights and perform its obligations under this Agreement and all the documents which are to be executed by it as envisaged by this Agreement. 11.7 Each of the warranties and undertakings set out in clause 11.5 and 11.6 shall be read separately from and without prejudice to and without derogation from the others. 12. Indemnity The Customer shall defend, indemnify and hold harmless iiDENTIFii against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with any claim brought by a third party (including, without limitation, any authority or regulator) relating to or based on any breach by the Customer of this Agreement. 13. Termination and Suspension 13.1 Either Party may terminate this Agreement with immediate effect if the other Party hereto is declared bankrupt, is placed in liquidation or sequestration (whether provisionally or finally and whether voluntary or compulsory), becomes insolvent, is unable to pay its debts as they become due, is subject to a scheme of arrangement or compromise or is wound up. 13.2 iiDENTIFii may suspend the use of the iiDENTIFii Service immediately in the event that they suspect (in their sole discretion) that the iiDENTIFii Service is being utilised other than as set out in this Agreement. In addition, iiDENTIFii can require the Customer to immediately terminate any End User use of the Customer Offering should iiDENTIFii suspect it is being used contrary to the License, and failing which iiDENTIFii shall be entitled to terminate the use of the iiDENTIFii Service by the Customer without liability of any kind, howsoever arising. 13.3 iiDENTIFii may suspend the use of the iiDENTIFii Service on 5 (five) Business Days written notice in the event that any amount to be paid as set out in this Agreement has not been paid by the due date therefore. Should such payment not be remedied in full with such notice period iiDENTIFii may terminate the Agreement. 13.4 iiDENTIFii may terminate this Agreement on 2 (two) days written notice if the iiDENTIFii Service is found to infringe a third party’s intellectual property rights and it cannot be modified so as to be non-infringing. 13.5 Where any act or omission, or series of acts or omissions, by either party constitutes a material breach of this Agreement and where that party fails to remedy such breach within 5 (five) Business Days of the receipt of written notice from the other to do so then, in such event, the non-breaching party may, with immediate effect terminate this Agreement by written notice. 13.6 Any termination as contemplated in this clause 13 shall be without prejudice to any other rights which the terminating Party may have against the other Party whether for damages or otherwise. 14. Consequences of Termination On termination of this Agreement for any reason: 14.1 all rights granted under this Agreement shall immediately terminate and the Customer shall immediately cease, and ensure that each End User ceases, all use of the iiDENTIFii Service; 14.2 each Party shall return and make no further use of any equipment, property, Confidential Information and other items (and all copies of them) belonging to the other Party; 14.3 any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the areement which existed at or before the date of termination shall not be affected or prejudiced. 15. Dispute resolution 15.1 Should any dispute, disagreement or claim arise between the Parties (called hereafter the dispute) concerning this agreement the parties shall endeavour to resolve the dispute by negotiation. 15.2 If the dispute has not been resolved by such negotiation within seven (7) days of the commencement thereof, then the Parties shall: 15.2.1 submit the dispute to mediation to be administered by the Arbitration Foundation of Southern Africa, upon such terms as agreed between the Parties and the secretariat of the Arbitration Foundation of Southern Africa; and 15.2.2 failing agreement as aforesaid within seven (7) days of the dispute being submitted to mediation, the Parties shall refer the dispute to arbitration as provided in clause 15.4 below. 15.3 The decision of the mediator shall become final and binding within seven (7) days of delivery thereof to the Parties, unless one or either of the Parties disputes the mediator's decision by written notice to the other Party within the aforesaid seven (7) day period, in which event the dispute shall be referred to arbitration in accordance with the provisions of clause 15.4 below. 15.4 Failing agreement as referred to in clause 15.3 above or in the event of either of the Parties furnishing its notice of dispute within seven (7) days of the mediator's decision as envisaged in terms of clause 15.3 above, the dispute shall be submitted to arbitration for final resolution in accordance with the rules of the Arbitration Foundation of Southern Africa by an Arbitrator or Arbitrators appointed by the Foundation. 15.5 Any such negotiation, mediation or arbitration shall be held in Cape Town. 16. Miscellaneous matters 16.1 Addresses 16.1.1 Any written notice in connection with this Agreement may be addressed to: 16.1.1.1 in the case of the Customer to: address : [●] e-mail : [●] and is marked for the attention of [●] 16.1.1.2 in the case of iiDENTIFii to: e-mail : info@iidentifii.com and is marked for the attention of 16.1.1.3 Any notice given in terms of this Agreement shall be in writing and shall: 16.1.1.3.1 if delivered by hand, be deemed to have been duly received by the addressee on the date of delivery; 16.1.1.3.2 if delivered by courier service, be deemed to have been duly received by the addressee on the 1st (first) Business Day following the date of such delivery by the courier service concerned; and 16.1.1.3.3 if transmitted by email, be deemed to have been received by the addressee 1 (one) Business day after despatch. 16.1.1.4 Notwithstanding anything to the contrary contained in this Agreement, a written notice or communication actually received by one of the Parties from another shall be adequate written notice or communication to such Party, including any electronic communications contemplated in the Electronic Communications and Transactions Act, No. 25 of 2002; unless the addressor is aware, at the time the notice would otherwise be deemed to have been given, that the notice is unlikely to have been received by the addressee through no act or omission of the addressee. 16.1.2 Notwithstanding anything to the contrary herein contained, a written notice or communication actually received by a Party shall be an adequate written notice or communication to that Party notwithstanding that it was not sent to or delivered at that Party's chosen address in 16.1.1. 16.2 address for service of legal documents 16.2.1 The Parties choose the following physical addresses at which documents in legal proceedings in connection with this Agreement may be served (i.e. their domicilia citandi et executandi): 16.2.1.1 in the case of the Customer: address : [●] [●] [●] 16.2.1.2 in the case of iiDENTIFii: address : 3Rd Floor Equinox Building 154 Main Rd, Sea Point, 8060 16.2.2 A Party may change that Party's address for this purpose to another physical address in the Republic of South Africa by notice in writing to the other Party such change to be effective only on and with effect from the 7th Business Day after the giving of such notice. 16.2.3 Notwithstanding anything to the contrary herein contained, a written notice or communication actually received by a Party shall be an adequate service of such written notice or communication to that Party notwithstanding that it was not sent to or delivered or served at that Party's chosen domicilium citandi et executandi. 16.3 entire contract This Agreement contains all the express provisions agreed on by the Parties with regard to the subject matter of the Agreement and supersedes and novates in its entirety any previous understandings or agreements between the Parties in respect thereof, and the Parties waive the right to rely on any alleged provision not expressly contained in this Agreement. 16.4 no representations A Party may not rely on any representation which allegedly induced that Party to enter into this Agreement, unless the representation is recorded in this Agreement. 16.5 variation, cancellation and waiver No contract varying, adding to, deleting from or cancelling this Agreement (including this clause 16.5), and no waiver of any right under this Agreement, shall be effective unless reduced to writing and signed by or on behalf of the Parties. For the purposes of this clause, writing shall not include email. 16.6 indulgences The grant of any indulgence, extension of time or relaxation of any provision by a Party under this Agreement shall not constitute a waiver of any right by the grantor or prevent or adversely affect the exercise by the grantor of any existing or future right of the grantor. 16.7 cession and delegation Without limiting a Party's rights under this Agreement, a Party may not cede any or all of that Party's rights or delegate any or all of that Party's obligations under this Agreement without the prior written consent of the other Party, except that either party shall be entitled to cede any of its rights and delegate any of its obligations under this Agreement to any Permitted Transferee on written notice. 16.8 applicable law This Agreement is to be governed, interpreted and implemented in accordance with the laws of the Republic of South Africa. 16.9 jurisdiction of South African courts The Parties consent to the non-exclusive jurisdiction of the South Gauteng High Court, Johannesburg/Western Cape High Court, Cape Town for any proceedings arising out of or in connection with this agreement. 16.10 costs 16.10.1 Each Party shall bear that Party's own legal costs and disbursements of and incidental to the negotiation, preparation, settling, signing and implementation of this Agreement. 16.10.2 Any costs, including all legal costs on an attorney and own client basis and any tax, incurred by a Party arising out of or in connection with a breach by another Party shall be borne by the Party in breach. 16.11 signature in counterparts This Agreement may be executed in counterparts, each of which shall be deemed to be an original and which together shall constitute one and the same agreement. 16.12 independent advice Each of the Parties hereby respectively agrees and acknowledges that: 16.12.1 it has been free to secure independent legal advice as to the nature and effect of each provision of this Agreement and that it has either taken such independent legal advice or has dispensed with the necessity of doing so; and 16.12.2 each provision of this Agreement (and each provision of the Annexes) is fair and reasonable in all the circumstances and is part of the overall intention of the Parties in connection with this Agreement. 16.13 good faith The Parties shall at all times act in good faith towards each other and shall not bring any of the other Parties into disrepute. 16.14 non-solicitation The Parties agree that they will not either during, or within 12 (twelve) months of the termination of this Agreement, engage, employ or otherwise solicit for employment whether directly or indirectly, any Personnel or clients of the other Party, and in the case of Personnel, those who during the currency of this Agreement was a member of the staff of the other Party involved in the provision of services in terms of this Agreement (and as set out on wwww.iidentifii.com). Nothing in this clause shall prevent either Party from hiring or contracting with any person who applies for a job or contract as a response to a generally advertised invitation by the relevant Party. 16.15 non-circumvention The Customer agrees that they will at all times attempt to act collaboratively and the warrants that it will not make any contact with, deal or otherwise be involved with any transaction with any technology owners, licensors, corporations, companies, or individuals, buyers or sellers, or any other entities, introduced by iiDENTIFii or identified through the Confidential Information. Nor will it enter into competition with iiDENTIFii. No circumvention, will be permitted by the Customer or their respective office, agents, employees, assignees, guarantors, or any third party. The Customer agrees and understands that any direct or indirect (including the use of third parties) action of circumvention shall constitute a fraudulent act, against iiDENTIFii, and will be subject to judicial action, recompense for damages, possible punitive damages and injunctive relief imposed by the legal process. 16.16 anti-bribery and corruption and sanctions compliance 16.16.1 In connection with the activities to be carried out under this Agreement, the Customer agrees to comply with, and shall ensure that the Customer’s Personnel and any third parties engaged or instructed to act for or on behalf of the Customer (the Relevant Persons) are aware of and comply with all Applicable Anti-Bribery Law. 16.16.2 The Relevant Persons shall not take any actions or make any omissions that would cause iiDENTIFii or their third party licensors to be in violation of any Applicable Anti-Bribery Law. 16.16.3 The Customer shall not and shall ensure that the Relevant Persons shall not, directly or indirectly, offer, pay, promise to pay or authorise any bribe, other undue financial or other advantage or make any facilitation payment to, or receive any bribe or other undue financial or other advantage from, a public official or a private party in connection with this Agreement. 16.17 co-operation Each of the Parties undertakes at all times to do all such things, perform all such acts and take all such steps, as may be open to it and necessary for and incidental to the putting into effect or maintenance of the terms, conditions and import of this Agreement. Signed at on 2020 iiDENTIFii (Proprietary) Limited (who warrants their authority) xyz (Proprietary) Limited (who warrants their authority) Schedule 1: Fee Schedule Fees are comprised of transaction fees and support fees. Transaction fees: per transaction. A transaction will be billable when consumed in terms of the table below: Identity Document Capture Liveness Detection Fetch Image from Department Of Home Affairs The Customer collects data from iiDENTIFii Transaction is Consumed 1. ID Document capture failed. N/A : Stage not reached N/A : Stage not reached N/A : Stage not reached No 2 Pass Liveness not attempted N/A : Stage not reached N/A : Stage not reached No 3. Pass Liveness failed N/A : Stage not reached N/A : Stage not reached No 4. Pass No data submitted from iiDENTIFii SDK to iiDENTIFii server N/A : Stage not reached N/A : Stage not reached No 5. Pass Data is submitted from iiDENTIFii SDK to iiDENTIFii server DHA photo is missing for the individual being authenticated Collection is either successful OR unsuccessful Yes 6. Pass Data is submitted from iiDENTIFii SDK to iiDENTIFii server DHA API link is down, and iiDENTIFii retries Collection is either successful OR unsuccessful Yes 7. Pass Data is submitted from iiDENTIFii SDK to iiDENTIFii server DHA photo is present for the individual being authenticated Collection is either successful OR unsuccessful Yes Support fees will be charged as per the table below: All fees are payable on xyz days of/ on presentation of invoice. Late payments will attract interest at a rate of xy% per year or the maximum allowable rate in terms of applicable law, until such late payment has been remedied. Payments must be made by EFT/Debit Order into our nominated bank account, namely:   SUPPORT AGREEMENT (SLA) 1.1 This SLA is made pursuant to the terms of the Licensed Services Agreement (“the Agreement”) entered into between the parties. Defined terms used herein but not defined shall have the meanings assigned to them in the Agreement unless the context otherwise requires. This SLA is attached to and incorporated into the Agreement as a Schedule thereto and save where expressly provided to the contrary herein, shall be subject to the terms and conditions of the Agreement. 2 TERM OF SLA 2.1 The services set out in this SLA (“the Services”), will commence on the Commencement Date as set out in the Agreement and endure for the duration of the Agreement. 3 SCOPE OF SERVICES iiDENTIFii agrees to provide the Services in accordance with the Agreement and this SLA, as more particularly set out below. 3.1 iiDENTIFii has created a remote identification capability using facial recognition using the native application on iOS and Android platforms which it will utilise to provide the iiDENTIFii Services as set out in the Agreement as supported by this SLA. 3.2 The Customer Monitoring requirements: 3.2.1 Email alerts to be sent to a designated Customer email address(es) 3.2.2 Alerts to be generated when the iiDENTIFii Service is not available 3.2.3 API response times to be under 3 seconds for request origination and data retrieval. However, this doesn’t apply to the actual completion of the digital identity verification of an End User’s identity. 3.3 Hosting and Security 3.3.1 Hosting considerations (if being Hosted in the Cloud): 3.3.1.1 The Customer will periodically (but not more than twice in any 12 (twelve) month period) do an end to end penetration test with any component integrated into the Customer’s technology stack and infrastructure platform on at least 3 (three) months written notice for planned penetration testing 1 (one) months written notice for unplanned penetration testing. Penetration testing on any new functionality within the iiDENTIFii SDK will be done on at least 1 (one) months written notice. Notification of the scope and of which environment is going to be penetration tested must also be provided. The cost of such penetration testing will be for the Customer’s account. 3.3.1.2 The Customer as part of its penetration test process only may decompile or reverse engineer code of any components integrated into the Customer applications. The Customer applications shall consist of a mobile application for the Customer as well as any other web based or mobile applications to be agreed between the Parties from time to time (“the Customer Applications”). This is purely to ensure that the Customer Applications in their entirely have been thoroughly tested, and any vulnerabilities or control inefficiencies are identified and plans put in place to mitigate any critical risks. 3.4 Service Levels, Maintenance and Support 3.4.1 Services Service Description The support and maintenance services in relation to the iiDENTIFii Service & iiDENTIFii technology platform iiDENTIFii Responsibilities • Ensure the end-to-end iiDENTIFii Service functions within the agreed service levels; • Definition of scale of demand (to be determined within first 3 (three) months after commencement date of this SLA); • Monitoring of the iiDENTIFii infrastructure on an ongoing basis to ensure overall health of the iiDENTIFii Services; • Implement Customer’s integration Application Programming Interface (“API”) changes within 6 (six) months of being notified in writing thereof. • Standard Support Services: o First line support for the Customer department running the iiDENTIFii Service; o Passing unresolved incidents to the appropriate second line and other support teams; o Third line support for critical incidents; o Constant feedback and correspondence to the Customer via the iiDENTIFii support desk; o Escalation of unresolved incidents to completion; o Ensure that all incidents are tracked and monitor throughout incident’s lifecycle; o Where a Non-Significant Business Impact item is to be corrected in a forthcoming Maintenance Release, then for a reasonable period before the issue of such Maintenance Release iiDENTIFii may decline to provide assistance in respect of that Non-Critical Fault. • Maintenance Services o iiDENTIFii will ensure that the iiDENTIFii Service provided to the Customer are continuously tested and quality assured in line with iiDENTIFii’s standard practices; o iiDENTIFii will take advantage of technology improvements to support the Customer to maintain competitiveness; o Continuously update APIs, subject to the Customer’s responsibility to upgrade to a newer version of the iiDENTIFii Service used by the Customer within a timescale agreed with iiDENTIFii and in any event not exceeding six (6) months (“EOL period”) If requested by iiDENTIFii; o iiDENTIFii will endeavour to ensure backward compatibility of the iiDENTIFii API in the event of a material change leading to an implementation requirement on the part of the Customer. o Continuously update Standard Development Kits (SDKs), within the 3 (three) month time period specified while maintaining backwards compatibility (meaning compatibility with the latest release of the iOS versions minus 2 and Android versions minus 4), subject to the Customer’s responsibility to upgrade to a newer version of the solution used by the Customer within a timescale agreed with iiDENTIFii and in any event not exceeding three (3) months (“EOL period”). If requested by iiDENTIFii. Continuously upgrade and maintain Infrastructure at times that are acceptable to the Customer; o Notwithstanding the aforegoing, iiDENTIFii will continuously update and improve some of the iiDENTIFii Service components and previous versions of these components shall be deemed EOL (End Of Life) within the EOL Period. iiDENTIFii will notify and request the Customer to upgrade to the latest version of the SDK within a 3 (three) month period. o iiDENTIFii shall render Services until the end of the agreed period but no less than 3 (three) months after the EOL notification in respect of the iiDENTIFii SDK and no less than 6 (six) months after the EOL notification in respect of the iiDENTIFii API. The Customer’s Responsibilities • Communication of anticipated changes in demand; • Provide up to date information on custodians and access controllers for systems and business applications, for example the individuals with whom iiDENTIFii is expected to engage in providing the iiDENTIFii Services; • Communicate services / service levels agreed between the Customer and third party suppliers that has an impact on the iiDENTIFii Service; • Communicate services / service levels agreed between the Customer and iiDENTIFii that has an impact on the iiDENTIFii Service, including but not limited to the access to the Customer’s APIs; • Communicate services / service levels agreed between the Customer and iiDENTIFii that has an impact on the iiDENTIFii Service, including but not limited to (“the Customer’s Applications”); • Continuously update APIs and Customer Applications Training of IT staff for Customer specific requirements / Customer Applications; • Define critical users and critical systems; • Supply information to enable iiDENTIFii to perform the Services; o At iiDENTIFii’s request, the Customer will upgrade to a newer version of the iiDENTIFii SDK used by the Customer within a timescale agreed with iiDENTIFii and in any event not exceeding three (3) months and iiDENTIFii may in addition advise the Customer on not less than 3 (three) months notice that a previous version utilised by the Customer will be declared end of life (“EOL period”). If requested by iiDENTIFii, the Customer will use reasonable endeavours to employ, and require the Customer’s to employ, such means of communication with End Users as it has access to in order to encourage End Users to update their installed Customer Applications to the latest version. SDK updates will be required where, without limitation: there is an inherent security threat as determined by iiDENTIFii in their sole but reasonably exercised discretion; the SDK no longer functions with the operating system of the mobile or web based application upon which it runs; there is a forced upgrade from operating system provider or software vendor; there is a hardware issue from a handset manufacturer which prevents the correct functioning of the SDK. • At iiDENTIFii’s request, the client will upgrade to a newer version of the iiDENTIFii API used by the Customer within a timescale agreed with iiDENTIFii and in any event not exceeding six (6) months and iiDENTIFii may in addition advise the Customer on not less than 6 (six) months notice that a previous version utilised by the Customer will be declared end of life (“EOL period”). • Be at all times responsible for the design, functionality, look-and-feel and maintenance of any and all aspects of the Customer Applications, including without limitation the integration, display and performance of the iiDENTIFii Service, according to any usage or integration requirements provided by iiDENTIFii. • Maintain and upgrade to the latest versions of the iiDENTIFii Service, this is to ensure that the stability and security controls within the iiDENTIFii Service are adhered to. • Notify iiDENTIFii in writing of their data retention and destruction policy requirements. • Notify iiDENTIFii in writing of their data retry policy requirements. • Notify iiDENTIFii in writing of any Customer integration API changes as soon as any change is logged in their development pipeline. • Provide iiDENTIFii with email addresses for system alert notifications. Availability (iiDENTIFii Services) System Availability System Uptime 24 x 7 x 365 98% per month • When calculating availability, only outages of the iiDENTIFii Service or the servers shall be taken into consideration; • Proof of performance shall be deemed to have been provided if availability during one calendar month is higher than the above 98% (ninety eight percent). Availability % = (agreed service time – downtime) / agreed service time (the “Availability Service Level”); • Downtime shall begin at the moment iiDENTIFii acknowledges opening of a support ticket notifying an apparent outage. Outage notification ticket must be opened by email to support@iidentifii.com or by opening a support ticket directly on our ticketing system; • Availability shall be deemed to have been established as soon as either the iiDENTIFii Services have been restored or a suitable, appropriate interim solution has been provided. • Subject to paid up Fees, iiDENTIFii shall use commercially reasonable efforts to ensure the Availability Service Levels as stated above with regard to the iiDENTIFii Service during any given month of the iiDENTIFii Service, excluding the periods: o in which any of the Parties are performing scheduled maintenance; o that result from a termination as described in the Agreement; o that result from suspension due to overdue payments; o caused by factors outside of iiDENTIFii’s’ reasonable control, including any Force Majeure Event or Internet access or related problems; o that result from any actions or inactions of the Customer or any third party on behalf of Customer; o that result from Customer’s equipment, software or other technology (including but not limited to the APIs developed by Customer or a third party on behalf of the Customer) and/or third party equipment, software or other technology, contracted by Customer; o caused by Customer’s use of the iiDENTIFii Service in a manner inconsistent with the documentation or iiDENTIFii’s guidance; o caused by Customer’s use of the iiDENTIFii Service after iiDENTIFii advised the Customer to modify its use of any API, SDK, or any other interface supplied by iiDENTIFii; o attributable to acts by persons gaining unauthorized access to or use of the software due to Customer’s failure to maintain and control security and access to the software utilised for purposes of the iiDENTIFii Service; o attributable to the acts or omissions of Customer or its employees, agents, contractors, or vendors, or anyone gaining access to the iiDENTIFii Service by means of Customer’s credentials or equipment; and o attributable to downtime caused by factors outside the control of iiDENTIFii including but not limited to the downtime of the Integration API endpoints. Exclusions • Items not covered by the SLA. Unless specifically agreed to under the Agreement or this SLA iiDENTIFii is not obligated to provide Services for errors or problems caused by the following: o third-party components (including hardware and software) or scripts not provided by iiDENTIFii or contemplated within the Documentation; o any modifications to the iiDENTIFii Services not authorised by or carried out by iiDENTIFii; o any custom code introduced by the Customer; o any modifications undertaken by anyone other than iiDENTIFii on behalf of the Customer; o use of the iiDENTIFii Service other than as described in the Documentation; • Additionally, iiDENTIFii shall have no obligation to support: o Software installed on any hardware and/or interfaces that are not supported by iiDENTIFii. Notwithstanding the aforegoing, iiDENTIFii undertakes to meet regularly with the Customer to align the handsets that are being tested by iiDENTIFii with the handsets that the Customer is focussed on supporting, to endeavour to ensure availability insofar as is possible; o Problems caused by End User’s gross negligence, abuse or misapplication or use of the iiDENTIFii Service within the Customer Applications other than as specified in the Documentation, in the Licensed Services Agreement or other causes beyond the control of iiDENTIFii; o Failure to maintain the necessary environmental conditions for the use of the iiDENTIFii Service by the Customer. o EOL components of the iiDENTIFii Service, beyond the agreed transition period of 3 (three) months for SDKs and 6 (six) months for APIs. • The following services are not included: o The Customer’s Applications development and support; o End User support o iiDENTIFii is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and client acknowledges that the iiDENTIFii Service may be subject to limitations, delays and other problems inherent in the use of such communications facilities. • Support for external system integrations into third parties e.g. an internal IDC API; • The Customer acknowledges that the iiDENTIFii Service can, apart from removable errors in the code, i.e. certain bugs, show other errors which are a result of imperfection of technologies developed and/or embedded in the software components by iiDENTIFii or its licensors and which can result in inaccurate and/or imprecise scanning results. Such errors by their nature may be removed within the reasonable time limit, however their removal does not enter the scope of support or maintenance services herein contracted, but the same shall be communicate to iiDENTIFii’s development team for further development and enhancement of the software components. In determining what is reasonable iiDENTIFii will take into consideration the Customer’s advice as to what is critical for them in terms of market or End User segment impacted. 3.4.2 Service Levels 3.4.2.1 the Customer shall promptly notify iiDENTIFii of all defects / problems. Where such notification is made orally, the Customer shall provide written confirmation by email of the notification within 2 (two) working days. 3.4.2.2 iiDENTIFii, on receipt of above notification, shall determine the Severity Level and respond and resolve as stated below: Severity code Description Measurement Period Response (Business Hours) Response (After Hours, Public/ Holidays / Saturdays and Sundays) Resolve Severity 1 (Urgent) Critical Business Impact: An incident or widespread impact anomaly making the execution of critical business operations impossible, and for which no reasonable workaround exists. Support shall involve the intervention of maintenance and/or development teams and their partners, including the analysis and resolution of incidents from Severity Level 2. Measured 24x7 2 hours 4 hours TBD, provided that the Parties utilise best endeavours to resolve the issue as soon as possible taking into account whether or not resolution of the issue is within their control. Severity 2 (High) Serious Business Impact An incident or widespread impact anomaly leading to a significant degradation of services for which no reasonable workaround exists, while business critical operations remain possible. Support shall include the provision of advanced assistance on the use of the iiDENTIFii Service and analysis and attempts to resolve the incidents referred from Severity Level 3. Business Hours 2 hours 4 hours Part of the Bi-Weekly update Severity 3 (Medium) Minor Business Impact An incident or anomaly that disrupts operations without significantly damaging them, or a minor incident or anomaly for which a reasonable workaround exists. Support shall include support for Customers, generally provided by trained employees of iiDENTIFii, including provision of basic assistance on the use of the iiDENTIFii Service and requests applicable to a documented procedure. Business Hours 8 hours Next Business day Version updates typically on a quarterly basis. Severity 4 (Low) No Significant Business Impact Any other incident or anomaly that does not significantly disturb operations. Business hours 24 hours Next Business Day The continuous improvement of the product subject to approval. 3.4.2.3 The above Service levels may be varied by agreement in writing signed by an authorised representative of the Parties, which shall take precedent over the above Service Levels; 3.4.2.4 Severity 3 and Severity 4 Problems reported outside normal working hours will be treated as though they were received at 08H00 the next normal working day. 3.4.2.5 In the absence of no severity classification the default severity will be 4; 3.4.2.6 It must be stated that the time frames indicated for resolve times are the average times required to resolve a logged incident / event. iiDENTIFii will always endeavour to provide best possible support, and as such will always aim to improve on these times. Note that the maximum time to resolve an incident / event is three times the average times indicated above. 3.4.2.7 Response time shall mean the elapsed time between a report of an incident to the service desk ticketing system and the commencement of incident resolution efforts. 3.4.2.8 Resolution time shall mean the elapsed time between commencement of incident resolution efforts to successful resolution (i.e. resolve, not escalation). 3.4.2.9 Performances against the abovementioned levels will be captured each month and discussed between the Parties; 3.4.2.10 Services contact email: support@iidentifii.com (“ticketing system”) 3.4.2.10.1 Functions within the iiDENTIFii Service Desk; 3.4.2.10.1.1 Email Logging and First-Line Resolution: This function is responsible for the capturing of the incident/request details and attempting to resolve issues. First line resources are to meet the requirements of the Customer. It must be noted, however, that if the first line engineers are not able to resolve the event, the incident is reassigned to the appropriate resolver group; 3.4.2.10.1.2 Email Tracking: The email tracking function is responsible for the tracking of the incident from logging to closure, based on its predefined Service Level. The email tracker manages all points of escalation, queries and reallocation. This ensures that the full responsibility for the incident lies with the email tracker and not the engineer. In so doing, SLAs are appropriately managed, and the Customer is well informed throughout the incident life cycle; 3.4.2.10.1.3 Service Desk Analyst: Problems are managed and analysed by the email analyst on a daily basis. This ensures that all emails logged by the Customer are monitored and resolved. 3.4.2.10.2 Support Tick Escalations; Escalation Process is defined below for illustrative purposes. In the event of a conflict between this diagram and the Agreement the Agreement will prevail to the extent of the conflict. 3.4.2.10.2.1 Once an incident, or request for service is logged into the ticketing system, it is allocated the appropriate Service Level, Severity Level, priority and/or category of service. This allocation dictates the manner in which the incident’s lifecycle will be addressed. 3.4.2.10.2.2 Typically, thresholds are defined per Service Level and alerts are automatically triggered when each threshold is breached. iiDENTIFii and The Customer will collectively define who the recipients of each escalation will be and at what level. 3.4.2.10.2.3 Typically, thresholds are defined per SLA and alerts are automatically triggered when each threshold is breached. iiDENTIFii and the Customer will each define their own recipients of each escalation will be and at what level. 3.4.3 Planned/Scheduled Maintenance and Unplanned Maintenance 3.4.3.1 From time to time, iiDENTIFii or its nominees reserves the right to perform maintenance interventions. These interventions update the iiDENTIFii Service to ensure the Customer benefits from new capabilities and defect fixes. 3.4.3.2 In the event of Scheduled Maintenance 3.4.3.2.1 iiDENTIFii will carry out Scheduled Maintenance during the 22:00 – 08:00 SAST 3.4.3.2.2 iiDENTIFii will use commercially reasonable efforts to notify the Customer with at least 3 business days in advance. 3.4.3.3 In the event of Unplanned Maintenance: iiDENTIFii will with best endeavours try to notify the Customer in advance of possible maintenance that needs to be executed Planned Maintenance Unplanned Maintenance Three Business Days’ notice, between 22:00 and 08:00 SAST. 6 Normal Business Hours’ notice (where reasonably possible). Critical issues may result in immediate action with a notice less than the aforesaid number of hours . 3.5 Service Location Remotely from 3rd Floor, Equinox Building. Corner Main and Milton Road, Sea Point, Cape Town, 8005. 3.6 EXPENSES 3.6.1 In case of Services rendered that require air travel or overnight stays, the cost thereof shall be for the Customer’s account, provided that all such expenses shall be subject to the prior written approval of the Customer and the following principles will apply: Item Description Mileage Vehicle mileage will be charged at R2,90 per kilometre travelled. Hired Car Car hire fees will be charged at B-class tariffs. Airfares Airfares, where incurred, will be charged at Premium Economy class rates. Hotel Accommodation Hotel accommodation will be charged on a bed and breakfast basis and maximum standard for hotel accommodation is 3-star. 4 iiDENTIFii RESPONSIBILITIES 4.1 In addition to its obligations under the Agreement, iiDENTIFii shall comply with the obligations set out below for the purpose of this Service Request: 4.1.1 Co-operation with Third Parties If applicable iiDENTIFii must co-operate with any third party appointed by the Customer (“Third Party”) where this is necessary to ensure the integrated and efficient conduct of the Customer’s operations. Without limiting the foregoing, iiDENTIFii must provide such reasonable assistance to Third Parties as the Customer may request from time to time. For the avoidance, of doubt this clause does not constitute a guarantee by iiDENTIFii that the iiDENTIFii Service will be compatible with current and or future vendors of the Customer. 5 ESCALATION PROCESS AND CONTACT PERSONS 5.1 In the event that the Parties need to escalate any issue regarding the Services, the matter can be escalated to the relevant contacts as set out in the tables below. If no response is received from the first tier contact within 8 (eight) business hours, the matter can be escalated to the next level; and if no response is received from the second tier contact within 8 (eight) business hours, the matter can be escalated to the third tier contact, if applicable. 5.1.1 The Customer First Tier Second Tier Third Tier Name: Telephone: Email: Name: Telephone: Email: Name: Telephone: Email: 5.1.2 iiDENTIFii First Tier Second Tier Third Tier Name: Email: Name: Email: Name: Email: 6 ADDITIONAL PROVISIONS 6.1 Listed below are additional provisions which shall form part of the Agreement for the purpose of this SLA: 6.1.1 Responsibility Matrix: RACI (responsible, accountable, consulted and informed) for Services Service Responsible Informed Support for iiDENTIFii Service which includes certain Android mobile SDK, iOS mobile SDK, and APIs. iiDENTIFii Customer Upgrade of Customer Applications which consume the iiDENTIFii SDK. Customer iiDENTIFii Maintenance, Monitoring, Patching and upgrades of iiDENTIFii servers, API’s, Databases, SDK’s and Web Portals. iiDENTIFii Customer Monitoring, availability and uptime pertaining to external third-party client owned systems, API’s, databases and other related systems and software, e.g. Department of Home Affairs. Customer iiDENTIFii Monitoring, availability and uptime pertaining to internal client owned systems, API’s, databases and other related systems and software, e.g. Call-back URL for iiDENTIFii to consume. Customer iiDENTIFii Monitoring, availability and uptime pertaining to external third party iiDENTIFii owned and managed systems, API’s, databases and other related systems and software, e.g. liveness, document scanning and facial recognition systems. iiDENTIFii Customer Monitoring, availability, backups and uptime pertaining to internal iiDENTIFii owned systems, API’s, databases and other related systems and software, e.g. API endpoint for data destruct or get data methods. iiDENTIFii Customer Notifying iiDENTIFii pertaining to expected high volume transaction peak periods Customer iiDENTIFii