General Terms of Service (GTS)

Updated version as of May 1, 2026

These general terms of service (the "GTS") are entered into between Corolair, a Société par Actions Simplifiée registered under number 949 255 566 RCS Créteil, with its registered office at 112 avenue de Paris, 94300 VINCENNES, (hereinafter "Corolair" or the "Service Provider") and the client as identified in the purchase order (hereinafter the "Client") with respect to the conditions of provision of the Services by Corolair. Corolair and the Client are individually referred to as a "Party" and together as the "Parties".

The Agreement constitutes the entire agreement entered into between Corolair and the Client regarding the provision of the Services. The terms of the Purchase Order shall prevail over the SaaS Terms of Service. The Client expressly waives the application of its own general terms and conditions. Unless otherwise stipulated in the Purchase Order, by signing the Purchase Order, the Client acknowledges (i) having read and (ii) accepted, without reservation, the SaaS Terms of Service.

IT IS FIRST SET OUT AS FOLLOWS:

Following a discussion phase between the Parties during which the Client acknowledges having received from Corolair all the necessary information enabling it to assess the suitability of the Solution and the conditions of use to its needs and expectations, the Client wished to subscribe to Corolair's services.

On the basis of the objectives pursued by the Client, Corolair has issued a Purchase Order accepted by the Client for the provision of the Application Service from the Solution and associated Services in accordance with the terms and conditions of the Agreement.

THIS HAVING BEEN SET OUT, IT HAS BEEN AGREED AS FOLLOWS:

Article 1. Definitions

Purchase Order: means the contractual document setting out the particular conditions and/or information relating to the Client's order, as well as all commercial, financial and/or legal information specifically agreed between the Parties.

Agreement: means a set of contractual documents comprising: the Purchase Order, the GTS including their annexes. Signing the Purchase Order implies unconditional acceptance by the Client of the GTS. The GTS shall prevail over all other general or particular conditions not expressly agreed upon by the Service Provider. The Service Provider reserves the right to modify the GTS at any time. In any event, material changes to the Services and financial conditions shall be brought to the Client's attention and, in the event of the Client's written refusal within fifteen (15) calendar days of receipt of the notification, the applicable GTS shall be those in force at the date of the Purchase Order signed by the Client.

Effective Date: means the Effective Date indicated on the Purchase Order by the Client.

Documentation: means the user manuals, user information, descriptions of functionalities and any other documents accessible online at the following URL < insertlink > relating to the use of the Application Service and the Solution.

Client Data: means the data, information and publications of the Client imported by the Client and/or an Authorised User into the Solution, intended to be used with the Application Service.

Personal Data: has the meaning given to the term "personal data" by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

Credentials: means any means of identification of an Authorised User for access to the Solution and the Application Service, whether by a combination of a username and password or a single sign-on system implemented by the Client.

Confidential Information: means (i) any information disclosed by one Party to the other Party, whatever its nature and medium, in writing or orally; (ii) including, without limitation, commercial, marketing, industrial, strategic and financial information, Client Data, the Solution and/or the Application Service, as well as any data or element capable of protection under intellectual property rights – protected or protectable – or under know-how and/or trade secrets.

Business Continuity and Recovery Plan: means the business continuity and recovery plan to be complied with by the Service Provider as described in Annex 3 of the GTS.

Application Service: means any software in the form of an executable programme, including its functionalities, updates, modifications, corrections, revisions, developments or additions, as well as the Documentation made available to the Client under the Agreement.

Services: means the installation, hosting and maintenance services for the Solution and the Application Service provided by the Service Provider under the terms of the Agreement.

Solution: means the service offered in Software as a Service (SaaS) mode by the Service Provider, enabling the Client to access and use the Application Service.

Terminal: means any electronic communication device such as a workstation, mobile phone or tablet equipped with an Internet connection and compatible with the internet browsers and operating systems indicated by the Service Provider.

Authorised User: means any natural person affiliated with the Client and duly authorised by the Client to access and use the Application Service from a Terminal under the terms of the Agreement.

Article 2. Purpose

The purpose of the Agreement is to define the technical, legal and commercial terms and conditions of the Services and those applicable to access to and use of the Solution and the Application Service.

Article 3. Duration and renewal

The Agreement enters into force on the Effective Date for the duration and in accordance with the renewal terms set out in the Purchase Order.

Article 4. Financial terms

The pricing conditions are set out in Annex 4 of the GTS.

The Client acknowledges and accepts that the Service Provider reserves the right to revise the pricing conditions prior to each renewal of the Agreement, on the basis of the increase in the Syntec index according to the following formula: P1 = P0 x (S1 / S0) where P0 means the price in force at the date of revision; P1 means the revised price; S0 means the value of the Syntec index published at the date of the previous price revision or at the Effective Date and S1 means the value of the Syntec index on the date of the price revision.

Amounts due under the Agreement are invoiced in advance. The payment period is set at thirty (30) days from the date of issue of the invoice by the Service Provider.

The Client acknowledges and accepts that payment of amounts due under the Agreement, for the duration of the Agreement, shall be made by bank transfer or SEPA direct debit to the Service Provider. In the event of SEPA direct debit, the Client undertakes to sign, simultaneously with the signing of the Agreement, the SEPA direct debit mandate sent by the Service Provider in electronic form. On each anniversary date of the Agreement, the Service Provider shall electronically notify the Client with fifteen (15) days' notice of the SEPA direct debit due date. The notification sent to the Client must include the amount of the direct debit and the due date. It should be noted that the Client remains free to revoke the mandate and opt for another payment method.

The Client also acknowledges and accepts that payment of amounts due under the Agreement may be made to the Service Provider through a payment service provider (e.g. Stripe Payments Europe Ltd). In such case, the Client is expressly informed and accepts that payments made in this context are managed by the payment service provider and that the Client contracts directly with the payment service provider with respect to the implementation of the payment. No liability of the Service Provider may be sought by the Client in this respect.

Any amount not paid by the Client within the above-mentioned period shall automatically and without prior formality give rise to late payment penalties corresponding to the interest rate applied by the ECB to its most recent refinancing operation plus ten (10) percentage points, from the due date until full payment of the amounts owed. In addition, in accordance with Article L 441-6 of the French Commercial Code, the Client may automatically be required to pay a fixed indemnity for recovery costs of forty (40) euros, which may be increased by the amount of sums incurred by the Service Provider for recovery upon presentation of supporting documents.

Notwithstanding the foregoing, in the event of late payment by the Client, the Service Provider reserves the right, in the absence of a written dispute of the invoice by the Client, to (i) immediately suspend, automatically and without prior formal notice, access to and use of the Solution and the Application Service and/or (ii) automatically terminate the Agreement fifteen (15) days after the Service Provider sends a formal notice by registered letter with acknowledgement of receipt requiring the Client to settle all outstanding amounts, which remains without effect.

For any written correspondence relating to the Agreement or invoicing, the Client must address its correspondence to Corolair at the following address: 112 avenue de Paris, CS 60002, 94300 VINCENNES, or electronically: contact@corolair.com.

Article 5. Access to and use of the solution and the application service

5.1. Access to the Solution and the Application Service

The Client undertakes to:

(i) have adequate equipment and connection means to maintain sufficient internet access for the purpose of accessing the Solution and the Application Service, which is provided from any Terminal, within the limits of the availability conditions referred to in Annex 1 of the GTS, using Credentials assigned by the Service Provider to the Client or the identification system set up by the Client.

(ii) comply with the Service Provider's instructions and the technical requirements set out in the Documentation relating to the Solution and the Application Service.

(iii) regularly change, and have Authorised Users regularly change, the passwords associated with Credentials, which may only be changed at the Client's request or at the Service Provider's initiative in the event of a security risk, subject to informing the Client by any means.

(iv) maintain and have Authorised Users maintain the confidentiality and secrecy of the Credentials and not disclose them in any form whatsoever to third parties. The Client shall bear the consequences of any unauthorised use by third parties who have had access to or knowledge of the Credentials. In the event that the Client becomes aware of the theft or misappropriation of Credentials by a third party, it shall inform the Service Provider without delay and confirm this by registered letter addressed to the Service Provider. In the event of loss or theft of Credentials, the Client shall use the procedure set up by the Service Provider to recover its Credentials.

5.2. Use of the Solution and the Application Service

5.2.1 Licence of use

In consideration of full payment of the price and compliance with the terms of the Agreement, the Service Provider grants the Client, for the duration of the Agreement, a personal, non-exclusive, non-assignable, non-transferable licence without the right to sublicense, for the purpose of enabling the Client and Authorised Users to access and use the Solution and the Application Service in accordance with the subscriptions taken out by the Client as determined in the Purchase Order.

The right of use is granted within the limit of the number of Authorised Users specified in the Purchase Order. In the event of an overrun, the Client undertakes to immediately inform the Service Provider and to subscribe to additional subscriptions to remedy the overrun.

The Authorised User type licence prohibits the sharing of an access right, simultaneously or alternately, granted for one Authorised User among several members of the Client's staff. However, the access and use rights associated with an Authorised User may be transferred from one member of the Client's staff to another, provided that the initial member is no longer authorised to access and use the Solution, the Application Service and the associated results.

5.2.2 Restrictions on use

Access to and use of the Solution and the Application Service are strictly limited to the terms of the Agreement.

The Client undertakes not to: (i) copy, transfer, transmit, make available and/or distribute all or part of the Application Service in any way whatsoever to third parties (including in particular service providers or clients of the Client); (ii) permit access to and/or use of the Application Service beyond the number of Authorised Users specified in the Purchase Order without the prior authorisation of the Service Provider or the signing of a new Purchase Order; (iii) assign, sell, rent, lend, sublicense, distribute, outsource or transfer the rights granted to the Client under the Agreement; (iv) use the Application Service on behalf of third parties or for any similar purpose, through a data processing service, including on a time-sharing basis, in outsourced mode, outsourcing or bureau service; (v) adapt, modify, including for correction purposes, or translate the Application Service, create or attempt to create other works from the Application Service, or authorise a third party to do so or provide them with the means to do so; (vi) disassemble, decompile the Application Service, reverse engineer, or otherwise attempt to discover or reconstruct its source code, except as specifically provided for by applicable law. Should the Client wish to obtain information to implement the interoperability of the Application Service, the Client must request such information from the Service Provider by registered letter with acknowledgement of receipt; (vii) alter, destroy, or delete the notices or notices relating to intellectual property rights or any other ownership notice of the Service Provider appearing in the Application Service or in the Documentation; (viii) use or distribute all or part of software created in whole or in part using the Application Service.

Article 6. Intellectual property

The Client acknowledges that all material and intellectual property rights attached to or relating to the Documentation, the Services, the Solution and the Application Service are and remain the exclusive property of the Service Provider or its licensors. Except for the grant of a right to use the Application Service and access to the Solution under the terms of Article 7 of the Agreement, the Client acquires no ownership rights over the Documentation, the Services, the Solution or the Application Service. The Client undertakes not to directly or indirectly infringe the Service Provider's property rights. The Client is informed that by accessing and/or using the Application Service and the Solution, third-party software incorporated in whole or in part in the Application Service is used.

The Client retains intellectual and material property rights over the Client Data. The Client grants a right of use over the Client Data to the Service Provider in the context of the Agreement, solely for the purposes of performing the Agreement and for the entire duration of the Agreement. The Client expressly acknowledges and accepts that in the context of the performance of the Agreement, the Service Provider may be required to adapt certain Client Data (namely certain educational content in terms of form and not substance).

The Client shall own all data and information resulting from the exploitation of the Solution and/or the Application Service by the Client (reports, statistics).

Article 7. Services

The Service Provider shall provide the Services and make available to the Client Documentation updated upon the release of new functionalities and in accordance with the conditions of the GTS, and shall grant the Client a non-exclusive and non-transferable right to enable Authorised Users to use the Application Service and the Solution during the term of the Agreement and worldwide.

7.1 Installation and accessibility

In the context of the provision of the Services, the Service Provider (i) undertakes to integrate the Solution at the Client's site and verify the accessibility and functioning of the Application Service (ii) undertakes to make all reasonable efforts to reach or exceed the service levels as defined in Annex 1 of the GTS.

The parties acknowledge and accept that: (i) service credits shall be the Client's sole and exclusive remedy with respect to any loss it would otherwise have incurred by making payment of the fees relating to the Services that are the subject of a service failure; and (ii) service credits are not exclusive of any right or remedy of the Client with respect to any loss other than that described in section (i) above, suffered or incurred by the Client due to or in connection with any failure of the Solution or the Application Service, within the limits of the provisions of Article 11.

7.2 Hosting

Resources and quotas. The Service Provider provides a default configuration suitable for a production start-up (for example 2 vCPU and 4 to 12 GB of RAM). The local application storage associated with this configuration is indicative (10 GB). Content and files are hosted on an object storage service designed for capacity expansion. Resource, performance and application or object storage levels are adjusted according to the Client's needs and, where applicable, specified in the Purchase Order or by amendment. Higher capacities, including autoscaling mechanisms and dedicated environments, can be set up upon request.

At the Client's express request and subject to the conclusion of a new Purchase Order, the Service Provider may provide a hosting service exclusively dedicated to the Client at the financial conditions in force at the date of the request.

The Service Provider shall not be held liable for the accidental destruction of Client Data by the Client or a third party who has accessed the Application Service using the Client's Credentials. The Client acknowledges that the Agreement does not create any obligation on the Service Provider to retain Client Data on the Service Provider's server upon expiry or termination of the Client's agreement in the absence of a reversibility request from the Client.

7.3 Maintenance

The Service Provider undertakes to ensure the operational maintenance of the Solution as well as corrective and evolutionary maintenance of the Application Service in order to correct Incidents in accordance with the conditions set out in Annex 2 of the GTS.

In the event of maintenance, access to the Solution and/or the Application Service may be temporarily unavailable. The Service Provider shall endeavour to carry out maintenance operations outside working days and hours with one (1) week's notice given by any means to the Client, except in the case of emergency maintenance.

The Service Provider reserves the right to modify at its discretion all or part of the Application Service, the Solution, as well as any hardware or software used in the context of the provision of the Solution, it being specified that the Service Provider shall ensure that such modifications do not lead to a material regression in the performance and functionalities of the Application Service.

Article 8. Data

8.1. Personal Data

In the event that each of the Parties processes Personal Data on its own account, each Party undertakes, with regard to the processing of Personal Data, to comply with: (i) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the "GDPR") and (ii) Law No. 78-17 of 6 January 1978 on data processing, files and civil liberties as amended (hereinafter collectively the "Applicable Regulations"). Terms used in this clause with a capital letter at the beginning of the word have the meaning given to them under the GDPR.

In the context of the performance of the Agreement and for the entire duration of the Agreement, the Service Provider may be required to collect and process Personal Data of Authorised Users (Credentials, connection logs to the Solution, Incident notifications) for the purposes of performing the Agreement, managing and controlling access rights and use of the Solution and the Application Service, as well as improving the Solution and the Application Service. In this case, the Service Provider shall be considered as Data Processor and the Client as Data Controller.

As such, the Service Provider undertakes to: (i) process Personal Data only for the purposes for which the Data Processor has been entrusted with the Processing of such data; (ii) process Personal Data only on the basis of documented instructions from the Client.

The Service Provider further undertakes to: (i) only process Personal Data on documented instructions from the Client unless it is required to do so under a legal provision of the Applicable Regulations and subject to informing the Client in advance where applicable; (ii) ensure that persons authorised to process Personal Data undertake to respect confidentiality or are subject to an appropriate legal obligation of confidentiality; (iii) implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk to the rights and freedoms of Authorised Users; (iv) inform the Client of any planned changes regarding the addition or replacement of a sub-processor of the Service Provider and impose on the latter the same obligations regarding the protection of Personal Data as those in this clause; (v) taking into account the nature of the Processing, assist the Client in fulfilling its obligation to follow up on requests from data subjects exercising their rights; (vi) assist the Client in ensuring compliance with the obligations set out in Articles 32 to 36 of the GDPR; (vii) at the Client's choice, delete all Personal Data or return it to the Client at the end of the Agreement, and destroy existing copies, unless the Applicable Regulations require retention of Personal Data or unless the Client has not requested to retrieve and/or transfer them in the conditions provided for in Article 14 (Reversibility) of the GTS; (viii) make available to the Client all information not subject to business secrecy necessary to demonstrate compliance with the obligations set out in this article and to allow audits to be carried out at most once (1) per year, at the Client's expense and by an external auditor who is not a competitor of the Service Provider, subject to eight (8) days' written notice; (ix) immediately inform the Client if, in its opinion, an instruction constitutes a violation of the Applicable Regulations.

8.2. Use of Client Data

The Client owns all Client Data. The Client is solely responsible for the quality, lawfulness and relevance of the Client Data it transmits to the Service Provider as well as for its use with the Application Service and the results thereof. The Client further guarantees that it holds all rights (including, in particular, intellectual property rights and third-party authorisation) enabling it to use the Client Data and that such data does not violate applicable laws and regulations, third-party rights and is free from any virus or malicious code likely to harm the Solution or the Application Service.

8.3. Security of Client Data

Each Party undertakes to implement appropriate technical means to ensure the security of Client Data.

The Service Provider undertakes to preserve the integrity and confidentiality of Client Data and to follow the Client Data backup procedures as defined in Annex 3 of the GTS.

Article 9. Disclaimer of warranty

The Service Provider gives no warranty other than the legal warranties applicable under the Agreement. The Client acknowledges that the Solution and the Application Service cannot be free from anomalies and their uninterrupted operation. The Client declares having a thorough knowledge of the functioning of the internet and its limitations. In particular, it acknowledges that transmissions over the internet are not secure and may be delayed, lost, intercepted, corrupted and that the transmission of Client Data via the internet is carried out by the Client at its own risk.

Article 10. Indemnification

The Client undertakes to indemnify and hold harmless the Service Provider against any claims, actions, proceedings, losses, damages, expenses and costs (including, but not limited to, court costs and reasonable attorney's fees) (i) arising from or in connection with the non-conforming use of the Solution and/or the Application Service by the Client and/or the Authorised Users, (ii) in the event of the Client's breach of the Applicable Regulations and/or Client Data that causes harm to the Service Provider and (iii) in the event of infringement of the Service Provider's intellectual property rights.

Article 11. Liability

This clause defines the entire financial liability of the Service Provider (including liability for the acts or omissions of its employees, agents and sub-contractors) towards the Client with regard to: (i) any breach of the Agreement (ii) the Services, the Application Service, the Solution provided by the Service Provider; (iii) any use made by the Client of the Documentation, the Solution and/or the Application Service or any part thereof.

Unless otherwise provided for in the Agreement: (i) the Client assumes full responsibility for the use by it and the Authorised User of the Solution, the Documentation and the Application Service. The Service Provider is not responsible for damage caused by errors or omissions in Client Data and Personal Data transmitted by the Client in connection with the Service or any action taken by the Service Provider on the Client's instructions under the Agreement; (ii) the Services, the Solution, the Application Service and the Documentation are provided to the Client "as is".

In the event of the Service Provider's fault proven by the Client and to the extent permitted by law, the Service Provider shall only be liable for direct and foreseeable damages arising from the Services or Application Services. The Service Provider shall in no event be liable for indirect losses or damages of the Client or third parties, which includes in particular any loss of profit, loss of turnover or profit, loss of opportunity, cost of recovering Client Data, cost of obtaining a substitute product, service or technology.

To the extent permitted by law, the overall, lump sum and final amount of the Service Provider's liability is strictly limited to the highest of the amounts effectively paid by the Client during (i) the three (3) months preceding the date of occurrence of the event giving rise to the damage or (ii) the twelve (12) months preceding the date of occurrence of the event giving rise to the damage.

Article 12. Force majeure

With the exception of payment obligations, neither Party shall be held liable for a breach of its obligations under the Agreement if such breach results from a case of force majeure as defined in Article 1218 of the French Civil Code and interpreted by the French courts, including in particular governmental decisions such as withdrawal or suspension of authorisations of any kind, total or partial strike, internal or external to the company, fire, natural disaster, act of terrorism, state of war, total or partial interruption or blockage of telecommunications or electricity networks, act of computer hacking, or a pandemic.

The Party noting the force majeure event must without delay and by all means inform the other Party of its inability to perform its obligations. The force majeure event suspends the performance of the Parties' obligations. In the event of force majeure lasting more than thirty (30) consecutive days, each Party is free to terminate the Agreement by operation of law from the date of notification of termination.

Article 13. Termination and expiry of the agreement

13.1 Termination

Unless otherwise provided for in the Agreement, the Agreement may be terminated automatically, without judicial intervention, by the other Party fifteen (15) days after the sending of a formal notice by registered letter with acknowledgement of receipt requiring the defaulting Party to remedy the breach, which remains without effect.

Subject to the provisions of applicable law, the Service Provider may automatically terminate the Agreement, without judicial intervention, if the Client is subject to dissolution, judicial reorganisation or liquidation proceedings, or if the audit report so warrants.

Termination of the Agreement is pronounced without prejudice to all other rights and remedies that the Party initiating termination may invoke.

13.2 Effects

From the effective date of termination or expiry of the Agreement, all rights of access to and use of the Solution and the Application Service cease to have effect. The Client must immediately cease accessing the Solution and the Application Service and using the Credentials associated therewith.

Articles 4, 6 and 16, as well as all clauses which by their nature are intended to survive beyond the termination or expiry of the Agreement, remain in force and applicable by operation of law.

Article 14. Reversibility

At the Client's request sent by registered letter with acknowledgement of receipt no later than the effective date of termination or expiry of the Agreement, the Service Provider shall return all Client Data and Personal Data belonging to it in a standard readable electronic format, in an environment equivalent to that of the Service Provider, within thirty (30) working days from the date of receipt of the request.

The Client and/or the subsequent service provider retained by the Client undertake(s) to actively cooperate with the Service Provider in order to facilitate the reversibility of Client Data and Personal Data.

At the Client's request, the Service Provider may provide additional technical assistance services to the Client and/or the third party designated by the Client in the context of reversibility.

Reversibility and reversibility assistance services shall be provided in accordance with the Service Provider's financial conditions in force at the date of notification.

In the absence of a reversibility request from the Client, Client Data and Personal Data shall be fully deleted at the end of the Agreement.

Article 15. Non-solicitation of staff

Each Party undertakes to refrain from hiring or having work done, directly or through an intermediary, by any employee of the other Party, without the prior express consent of the other Party. This waiver is valid for the entire duration of the Agreement and for the twelve (12) months following its termination.

In the event of a breach by one of the Parties of the non-solicitation obligation, the defaulting Party shall automatically be required to pay a lump sum penalty corresponding to six (6) times the gross monthly salary of the employee at the date of their departure.

Article 16. Confidentiality

Each Party undertakes to (i) keep confidential the other Party's Confidential Information, (ii) not disclose the other Party's Confidential Information to any third party other than its employees or agents who need to know it and who are subject to confidentiality obligations at least as strict as these; and (iii) only use the other Party's Confidential Information for the purposes of the Agreement.

Notwithstanding the foregoing, the above confidentiality obligations do not apply to Confidential Information that (i) has or will fall into the public domain independently of any fault by the Party receiving the Confidential Information, (ii) is independently developed by the receiving Party, (iii) was known to the receiving Party before the disclosing Party disclosed it to them, (iv) is legitimately received from a third party not subject to a confidentiality obligation, or (v) must be disclosed in accordance with legal provisions or by order of a competent court or administrative authority, in which case the Confidential Information may only be disclosed to the extent required and subject to promptly informing the disclosing Party.

The Parties' obligations with respect to Confidential Information shall remain in force for the entire duration of the Agreement and for as long, after its term, as the information concerned remains confidential to the Party disclosing it, and in any event for a period of five (5) years after the term of the Agreement.

At the end of the Agreement and at the request of the disclosing Party, the receiving Party shall return all copies of documents and media containing the other Party's Confidential Information.

Article 17. Audit

The Service Provider reserves the right to audit the Client in the event of suspicion of (i) non-compliance with Authorised User subscriptions and/or (ii) infringement of the Service Provider's intellectual property rights. The auditor shall be an independent third party acting on behalf of the Service Provider. No access other than that strictly necessary to verify the suspicion shall take place. The Client undertakes to provide access to the elements enabling the audit to be carried out.

In the event of proven non-compliance established by the audit report transmitted on a contradictory basis to both Parties, the entire cost of the audit shall be charged to the Client, without prejudice to the Service Provider's right to terminate the Agreement with immediate effect, without judicial intervention, and to independently claim damages in accordance with Article 10 of the Agreement. In the event of a proven discrepancy of X%, the Service Provider shall invoice the subscriptions owed, plus a penalty of 20%.

Article 18. Transfer – assignment

The Client is not authorised to sublicense, assign or transfer to a third party all or part of its rights and obligations under the Agreement without the prior written consent of the Service Provider and the payment of additional transfer royalties.

The Client expressly agrees that the Service Provider is authorised to freely sublicense, assign or transfer all or part of the Agreement, to any entity of its choice, by any means (including, in particular, merger, demerger, partial contribution of assets).

Article 19. Applicable law – jurisdiction

The Agreement is governed by French law.

In the event of a dispute between the Parties, the Parties agree to meet in order to seek an amicable solution before initiating any formal proceedings to resolve the dispute.

In the absence of agreement between the Parties within thirty (30) days following the first meeting between the Parties, the Parties expressly agree to submit any dispute relating to the existence, validity, interpretation, performance, termination or resolution of the Agreement to the jurisdiction of the competent courts of Paris, notwithstanding plurality of defendants or third-party proceedings, including proceedings on application or in summary proceedings. A version of this text is available in French and English. The French version shall prevail over the English version in the event of an interpretation dispute.

Article 20. Miscellaneous

During the term of the Agreement, the Client authorises the Service Provider to use and reproduce on its website and/or advertising materials the Client's trademarks, logos and/or trade names as a commercial reference.

The Parties are and shall remain independent contractors for the entire duration of the Agreement. Each Party remains solely responsible for its acts, assertions, commitments, services, products and personnel.

The Parties agree to sign the Agreement electronically using an electronic signature process enabling the signatories to be authenticated and the integrity of the Agreement in electronic format to be guaranteed. The Parties agree that the affixing of the electronic signature expresses their consent to the content of the Agreement and recognise the electronically signed Agreement as an original document with evidentiary value equivalent to a handwritten signature on paper.

The Agreement expresses the entire agreement between the Parties with respect to its subject matter; it supersedes all prior agreements, negotiations and discussions.


ANNEX 1 — SERVICE LEVELS

1. Availability

1.1 During the term of the Agreement, the Service Provider undertakes to ensure the availability of the Solution according to a monthly Availability Rate of 99%.

The "Monthly Availability Rate" corresponds to the percentage calculated, for a calendar month M, according to the following formula:

(Total number of minutes in month M – duration in minutes of the Interruption) / Total number of minutes in month M

An "Interruption" means, for the domain associated with the Solution, a user error rate observed on the server side exceeding five percent (5%).

The Availability Rate does not include unavailability of the Solution resulting from the following cases:

  • maintenance operations carried out by the Service Provider;

  • cases of force majeure;

  • events not attributable to the Service Provider (such as internet network disruptions, unavailability of the Client's network or its internet service provider, unreasonable and excessive use likely to affect the stability of the Solution);

  • interruptions related to modifications made to the Solution or the Application Service by the Client or third parties without the Service Provider's authorisation;

  • inaccessibility due to the Client's non-compatible equipment and/or Terminals.

    1.2 Failure by the Service Provider to meet the Monthly Availability Rate entitles the Client to a liberatory service credit corresponding to a number of days of SaaS service subscription offered, carried forward over the duration of the Agreement (the "Service Credit") as follows:

Monthly Availability RateService Credit (in days)
between < 99% and 98.0%1
between < 98.0% and > 95.0%3
≤ 95.0%10

At the Client's request, the Service Provider shall provide a statement for the month prior to the request to verify the Monthly Availability Rate.

The Service Credit constitutes the sole remedy to which the Client may claim in respect of the unavailability of the Solution. The Client must request the Service Credit no later than the month following the failure to meet the Monthly Availability Rate. After this period, the Client will no longer be able to assert its right to obtain a Service Credit.

The total number of cumulative Service Credits granted to the Client by the Service Provider in respect of an Interruption during a given month may not exceed ten (10) days. Service Credits are exclusively carried forward at the end of the Agreement; they may not be subject to monetary compensation or a credit note.

2. Security

Access to the Solution and the Application Service is secured.

The Service Provider ensures the security of access to and use of the Solution through the use of current encrypted communication protocols, in accordance with standard practices in the industry.

3. Backup

Client Data is subject to daily backup.

In the event of accidental deletion, the restoration time for backed-up Client Data is two (2) days.

4. Integrity

The Service Provider guarantees the implementation of control measures capable of providing reasonable assurance that Client Data processed with the Application Service and the results are not subject to omission, alteration, distortion or any other form of anomaly likely to harm their integrity.

The integrity of processing extends to every component of the system comprising the Application Service and to all phases of processing (data entry, transmission, processing, storage and data output). These controls consist of processing consistency checks, the detection and management of anomalies and the information of Authorised Users in the event of non-compliance.

5. Monitoring

The Service Provider carries out access controls to the Solution on a continuous basis, 365 days a year, 24/7.


ANNEX 2 — MAINTENANCE CONDITIONS

1. Definitions

Incident Start: means the time of receipt by the Service Provider of an Incident notification from the Client at the address support@corolair.com.

Business Hours: means Monday to Friday inclusive, from 10am to 6pm, excluding public holidays in France.

Incident: means a malfunction, anomaly or error of the Application Service, preventing access to or use of the Application Service.

Other Incident: means any Incident that cannot be qualified as a Critical, Urgent, Important or Minor Incident.

Critical Incident: means an Incident that (i) renders the Application Service inoperable for all Authorised Users, or (ii) affects the integrity of Client Data.

Important Incident: means an Incident that affects (i) one or more functionalities of the Application Service on an intermittent basis or (ii) a limited number of Authorised Users.

Minor Incident: means Incidents relating to minor functionalities or operations of the Application Service such as routine technical operations, exports and/or imports of Client Data, system configuration or navigation within the Application Service.

Urgent Incident: means an Incident that affects one or more major functionalities of the Application Service or severely degrades the performance of the Application Service on a persistent basis for several Authorised Users.

Compatible Browsers: means the versions of internet browsers supported by the Service Provider in accordance with the current Documentation.

2. Maintenance conditions

2.1 Scope of services

During the term of the Agreement, the Service Provider ensures the operational maintenance of the Solution and provides maintenance and support services for the Application Service for Compatible Browsers.

Maintenance of the Application Service includes: (i) the provision of updates, developments and/or additions to the Application Service from the Solution; (ii) the correction of Incidents in accordance with the conditions of Article 2.2 below.

The Client is required to notify any Incident by email to the address support@corolair.com and to communicate any useful information or information requested by the Service Provider in order to enable the identification and, where applicable, the processing of the Incident.

2.2. Response time in the event of an Incident

From the Incident Start and subject to the Incident being reproducible in the Service Provider's environment, the Service Provider undertakes to use its best commercial efforts to process and diagnose the Incident within the following timeframes:

IncidentAcknowledgement time (Business Hours)Acknowledgement time (Outside Business Hours)Initial diagnosis time (Business Hours)Initial diagnosis time (Outside Business Hours)
Critical4 hours6 hours6 hours24 hours
Urgent6 hoursN/A24 hoursN/A
Important10 hours48 hours
Minor24 hours7 days

These levels of guarantees apply subject to the provision of adequate information by the Client when notifying an Incident. The initial diagnosis time for an Incident means an initial technical analysis of the Incident in an attempt to resolve it, accompanied by a response from the Service Provider by email. The diagnosis does not include the definitive resolution of the Incident but may be accompanied, where applicable, by the provision by the Service Provider of a fix or workaround.

The qualification of the Incident as Critical, Urgent, Important, Minor or Other is at the sole discretion of the Service Provider.

In the event of an Urgent Incident, a technical representative of the Service Provider shall be made available to the Client within the aforementioned timeframes.

The Service Provider reserves the right not to provide a fix for an Other Incident and to subsequently incorporate a correction in an update or development of the Application Service.

2.3. Technical assistance

If the cause of the Incident is outside the reasonable control of the Service Provider, the Service Provider undertakes to formulate technical suggestions that could temporarily or permanently resolve the Incident. However, in such case, the Service Provider's commitments in terms of response time are not applicable.

Incidents outside the reasonable control of the Service Provider include in particular the following non-exhaustive cases: (a) a hardware or software defect of the Client not provided by the Service Provider, (b) a connectivity defect of the Client, (c) an error in a user account of the Client including use of the Application Service by unauthorised persons who have accessed the Application Service via the authentication certificate of an Authorised User, (d) unreasonable and excessive use of the Application Service, (e) corrupted Client Data, (f) use by the Client of the Application Service in a manner not in conformity with the Documentation and the Service Provider's instructions, (g) non-conforming use by the Client of the Application Service after the Service Provider has informed the Client by any means of the need to modify the use of the Application Service to remedy the Incident, (h) a case of force majeure as defined in the Agreement.

2.4 Exclusions

The Service Provider's maintenance commitments do not apply in the following cases:

  • failure by the Client to fulfil its obligation to cooperate with the Service Provider in resolving Incidents, including responding to the Service Provider's questions and requests for information;
  • use of the Application Service in a manner not in conformity with the Agreement, its intended purpose or the Documentation;
  • unauthorised modification of the Application Service by the Client or a third party;
  • use of the Application Service with a non-compatible or obsolete browser;
  • use of the Application Service with any software packages, software or operating systems not compatible with the Application Service;
  • failure of electronic communication networks;
  • wilful act of degradation, malice or sabotage on the part of the Client or a third party;
  • case of force majeure as defined in the Agreement.

ANNEX 3 — BUSINESS RECOVERY AND CONTINUITY PLAN

1. Business recovery

In the event of a disaster occurring at the Service Provider, a backup process is put in place to recover Client Data from one of the following:

  • a daily backup over a period of 30 (thirty) days before the occurrence of the disaster;
  • a weekly backup over a period of 5 (five) weeks before the occurrence of the disaster;
  • a monthly backup over the period of 12 (twelve) months preceding the occurrence of the disaster;
  • an annual backup over a period of 10 (ten) years before the occurrence of the disaster.

The Service Provider undertakes to put in place backup and disaster recovery means enabling it to provide the Services, the Solution and the Application Service to the Client with a minimum of interruptions or delays.

Personal data protection — Reconciling the multi-level backup policy and the data deletion commitment: the backup policy described above (daily for 30 days, weekly for 5 weeks, monthly for 12 months, annual for 10 years) is maintained exclusively for business continuity and recovery purposes, and is not inconsistent with the commitment to delete personal data within 30 days as provided for in the DPA and Privacy Policy. Indeed, in the event of contract termination or an accepted erasure request, the Service Provider implements, within thirty (30) days, the destruction of the encryption keys associated with the Client's data, rendering all existing backups technically inaccessible and unrestorable, regardless of their physical retention cycle. Backup media continues its normal rotation cycle without containing any decipherable data relating to the Client concerned. The commitment of inaccessibility within 30 days takes precedence over the physical backup retention schedule.

2. Business continuity

The Service Provider shall, during the term of the Agreement and in accordance with industry best practices, maintain detailed and comprehensive contingency plans against events that could affect the Service Provider's ability to perform and provide the Services, the Solution and the Application Service in accordance with the Agreement.

The Service Provider shall, from time to time, make the necessary modifications to the business continuity plan, in accordance with industry best practices.

3. Miscellaneous

At least once per calendar year during the term of the Agreement, the Service Provider shall (i) test the operability of business continuity solutions against various crisis scenarios (unavailability of the site housing staff, information system failure, employee absenteeism, unavailability of the provider(s) providing a critical or significant service, malicious attacks on information systems and/or computerised data) and (ii) annually certify that the tests have been carried out and that the recovery and business continuity plan is fully operational for the various crisis scenarios.

The Service Provider complies with disaster recovery and business continuity requirements through its hosting partner. Consequently, the Service Provider shall ensure that the above disaster recovery clauses apply mutatis mutandis and at all times to its hosting counterpart.


ANNEX 4 — PRICING CONDITIONS

1. Base offer

Implementation fee: a lump sum fee corresponding to the costs of configuring the Application Service.

The base offer is payable annually, unless otherwise specified in the Purchase Order.

2. Subscription offers for Authorised Users

Administrator subscription: right to administer, configure and manage/supervise the Application Service. This subscription benefits IT administrators, digital learning managers and trainers alike.

Creator subscription: right to upload digital content to the Solution for subsequent transformation into AI Tutors, with the ability to monitor the use of these AI Tutors throughout the lifetime of the AI Tutors created. This subscription benefits instructional/e-learning designers, digital learning managers and trainers alike.

Viewer subscription: right to view and read the results of AI Tutors (interactions, analyses, etc.). This subscription benefits instructional/e-learning designers, digital learning managers and trainers alike.

Learner subscription: right to access and use the AI Tutors, to interact with the AI Tutors to which access is granted. This subscription benefits recipients of the underlying training courses – corporate employees, adults in training, adults.

All persons benefiting from the above subscriptions are Authorised Users under the Agreement.

Optional offers are payable monthly, unless otherwise specified in the Purchase Order.

3. Additional services

Training: training of the Client and/or Authorised Users in the use of the Solution and/or the Application Service.

Technical assistance: assistance in the operational management of the Solution and/or the Application Service.

Exclusive hosting: hosting exclusively and independently of the Service Provider's other clients.

Additional services are payable monthly, unless otherwise specified in the Purchase Order.

4. Miscellaneous

Prices are set in euros and are exclusive of applicable taxes, which remain the responsibility of the Client.

The Client irrevocably undertakes to pay the prices in accordance with the payment terms agreed in the Purchase Order where applicable.

The subscription of additional subscriptions or additional services by the Client during the Agreement shall be at the catalogue price in force at the Effective Date.

In the event of early termination of the Agreement by the Client, all annual payments for the remaining period up to the end of the Term become immediately due and payable to the Service Provider.