END USER LICENSE AGREEMENT AND PRIVACY POLICY

PLEASE READ THESE TERMS CAREFULLY BEFORE ATTEMPTING TO USE THE SOFTWARE. BY USING THE SOFTWARE, YOU AGREE TO BE BOUND BY THESE TERMS. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, PLEASE DO NOT PROCEED.

This End User License Agreement (“EULA”) together with our Privacy Policy is a legal agreement (collectively referred to as the “Agreement”) between either you as an individual or an entity which you represent (“you”) and Prochain Proprietary Limited (“Prochain”, “we” or “us”) for use of the Vendor Compliance Management System (“VCM”), which comprise of computer software, associated hardware, media, and “online” or electronic documentation and services (collectively referred to as “Software” or “VCM”).

END USER LICENSE AGREEMENT

1. GENERAL

This EULA shall be governed by and interpreted in accordance with the laws of South Africa. The courts of South Africa shall have exclusive jurisdiction in respect of all proceedings arising out of or pursuant to this EULA.

If any provision contained herein is or becomes unenforceable for any reason, such a provision will then be treated as if it had not been included and shall not affect the validity of the remaining provisions of the EULA.

We reserve the right to amend this EULA at any time by publishing the amended and restated EULA on the VCM platform. You will be prompted to accept such terms upon accessing your account or user profile.

It is recorded that primary purpose of VCM is to promote and address suppliers’ compliance with respect Companies- and B-BBEE Acts as well as compliance to technical requirements. Where it is found that fraudulent representations have been made, we shall by law be required to inform to the relevant authorities thereof. Prochain does not in any way guarantee or warrant that the supplier will obtain any opportunities or new business by virtue of registering on VCM.

To respond to RFQs, your company profile must be vetted in full. Vetting of documentation may take up to 3 business days. In this regard, you are urged to timeously submit your entire profile (steps 1 -5) for vetting. We will not be held liable should you be unable to respond to RFQs due to your profile not being vetted.

Use and access to VCM will be at Prochain’s sole discretion. We furthermore reserve the right to remove your profile from VCM, without incurring any liability, where any actual or perceived conflict of interest exists.

If you need any assistance in terms of VCM, you can contact the VCM helpdesk at +27 10 823 4888 or email [email protected].

2. SCOPE OF LICENSE

The license granted to you to use the Software on your computer or mobile device is a limited, personal, revocable, non-exclusive, non-sublicensable, non-transferable license. The Software is licensed and is not sold and is only for use under this EULA.

3. RESTRICTIONS OF USE

Any use of the Software not permitted by this EULA is prohibited and you may not, alone or in conjunction with others: (a) license, sub-license, sell, rent, lease, assign, distribute, transmit, host, outsource, disclose or otherwise commercially exploit the Software or make the Software available to any third party; (b) share or disclose your login details thereby allowing someone else access to your account, or do anything else that might jeopardize the security of your account; (c) copy, modify, reverse compile, reverse engineer or extract source codes from the Software; (d) use any type of spider, virus, worm, trojan-horse, time bomb or any other codes or instructions that are designed to distort, delete, damage or disassemble the Software; or (e) remove, alter or obscure any proprietary notice (including any notice of copyright or trademark) contained in the Software. Any attempt to do so will be a violation of our rights.

4. INTELLECTUAL PROPERTY

All right and title in and to the Software, including without limitation, any and all copyright and any other intellectual property rights, provided to you is the sole property of Prochain. All rights not expressly granted are reserved by Prochain.

You acknowledge that any and all intellectual property rights subsisting in or used in connection with the Software, including all documentation, updates, upgrades, enhancements, new developments, and improvements are and shall remain the sole property of Prochain.

This Agreement does not in any way grant, assign, transfer, or license any of either party's intellectual property rights to the other party.

You will retain ownership of any original content or data which you may upload, transmit or store when using our Software.

We will own all compilations, collective work or derivative works created by us which may incorporate your content.

5. CONFIDENTIALITY

For the purpose of this Agreement, all information furnished by us to you, and vice versa, shall be deemed confidential information. Prochain’s confidential information is specifically recorded to include, but not be limited to: a) coding developed by us; b) training or information manuals; c) VCM screens; d) the manner of collecting information; d) our vetting processes, results, vetting classifications and reports; e) any type of supplier classifications; commodity data and communication issued directly from VCM and any other information that could cause damage in any way or form to Prochain if it is disclosed; or f) any other commercially sensitive information.

The parties will use the same care and diligence to prevent disclosure of confidential information to unauthorised third parties, as it employs to avoid disclosure, publication or dissemination of its own confidential information.

Each party will ensure that if any person who may require to be exposed to the other party’s confidential information, will have been made aware of this Agreement.

If you require to share Prochain’s confidential information with any third party, you shall prior to sharing such confidential information obtain written consent from Prochain detailing what will be shared and for which purposes. It should however be noted that Prochain may withhold such consent at its sole discretion. Where Prochain suspects a breach of these terms, Prochain shall without prejudice and without incurring liability, have the right to suspend your company’s profile and your use of- and access to VCM. This will include restricting any other entities with the same directors. Such suspension may be temporary or permanent.

Notwithstanding the foregoing, this clause will not apply to any information, to which the parties can demonstrate the following: a) at the time of disclosure, such information was known in the public domain; b) after disclosure, such information became published or otherwise, becomes part of the public domain through no fault of the receiving party; c) such information was already in the possession of the receiving party at the time of disclosure by the disclosing party; or d) the receiving party also received such information, after disclosure by the disclosing party, from a third party who had a lawful right to disclose such information to it.

A party may at any time request the other party to destroy all written, printed, electronically stored and copied confidential information of whatever nature in its possession without retaining any copies thereof. The party requested to destroy such confidential information will be required to certify that such destruction was carried out.

The parties agree to use the confidential information for the sole purpose of these terms and conditions and the purposes as set out herein.

Should there be a dispute between the parties as to whether a party complied with these provisions or not, the onus shall be on the alleged defaulting party to show that it took all reasonable steps to comply and further, the aggrieved party shall take all reasonable steps to assist the alleged defaulting party in establishing the source from which such confidential information was made known.

The provisions of this clause shall survive the fulfilment, cancellation or termination of this Agreement for any reason whatsoever and remain binding on the parties in perpetuity.

6. VIOLATION OF THE EULA

We reserve the right, without incurring any liability, to disable or terminate use of your license if you: (a) fail to pay applicable fees; (b) provide false or inaccurate information; or (c) breach any term of this Agreement.

7. NO WARRANTY

You expressly acknowledge and agree that use of the Software is at your own risk. To the maximum extent permitted by law, the Software is provided “as is” and without warranty of any kind to the extent permitted by law.

Prochain disclaims all warranties with respect to the Software, either express, implied, or statutory, including but not limited to, the implied warranties of merchantability, fitness for a particular purpose, accuracy, and non-infringement of third-party rights.

While we endeavour to ensure that the Software is always available, we shall not be liable if, for any reason, the Software is unavailable at any time or for any period.

Access to the Software may be suspended temporarily and without notice in the case of system failure, maintenance, or repair or for reasons beyond our control.

You acknowledge that Software in general is not defect free and agree that the existence of such defects shall not constitute a breach of this Agreement.

If you discover a material defect which substantially affects your use of the Software, we shall use all reasonable endeavours to correct such defects, provided that such defects have not been caused by: (a) your incorrect use, abuse, or corruption of the Software; (b) use of the Software with other products or software; or (c) use of the Software on equipment with which the Software is incompatible.

Although we have used all commercially reasonable efforts to check for the most commonly known viruses, we do not warrant that the Software shall be free from all known viruses. You are therefore solely responsible for virus scanning the Software.

We furthermore do not endorse, monitor, verify or validate any content provided or created by you in the Software.

8. LICENSE FEES

A fee shall be payable annually in advance for the licence granted to you to use VCM. The fee shall include vetting tokens which cover the cost of vetting your company’s legal compliance documentation. In some instances, you may be sponsored by a client whereby such client pays these costs on your behalf.

Fees will be payable each year on the anniversary of the initial registration date. Token fees utilised for vetting are payable in advance to vet each compliance document required in VCM.

Vetting fees will become payable upon the renewal and/or new submission of documents and/or information in VCM as vetting needs to be repeated each time the said documents expire or are updated.

Payment may be made either via VCM’s payment gateway or by means of an electronic funds transfer into the following bank account:

Account holder: Prochain (Pty) Ltd

Institution: First National Bank

Branch Code: 250655

Account Number: 62515129296

Reference: Your company name

Please take note that you will only be provided with access to VCM once the applicable amounts reflect in our bank account. We shall thus not be held liable for any delays caused in this regard. Invoices can be requested via email from [email protected], by providing your company’s registered name, address and VAT number (if applicable).

All fees are exclusive of VAT.

No amounts paid will be refundable under any circumstances nor will additional tokens be provided where incorrect documentation and/or information is submitted for vetting.

We reserve the right to increase any fees in relation to the Software from time to time by providing you with 30 days’ written notice thereof.

9. BREACH AND TERMINATION

In the event of either party breaching any of its obligations under these terms and conditions, and where a defaulting party fails to remedy such breach within a period of 3 business days of receipt of written notice from the aggrieved party calling upon it to do so, the aggrieved party shall be entitled without further notice claim specific performance; or suspend or cancel this Agreement in either event, without prejudice to the aggrieved party’s rights, to claim damages or to enforce any other remedy to which it may be entitled in law.

Specific conditions constituting breach of these terms and conditions include but are not limited to you: a) providing false information b) committing any fraudulent act; or c) breaching the confidentiality provisions contained in this Agreement.

Either party may furthermore terminate this Agreement, immediately without incurring any liability at any given time by written notice thereof to the other party.

10. THIRD-PARTY SERVICES

The Software may include third-party content such as data, information, software and other products or services or may provide links to third-party websites or services.

We do not control or verify the quality or level of services provided by third parties and we are not responsible for and make no representations or warranties in relation to third parties’ privacy practices or services. Your use of such third-party service providers is subject to the applicable third party’s terms and conditions and is at your own risk.

11. LIMITATION OF LIABILITY

We shall not be liable for personal injury, or any incidental, special, indirect or consequential damages whatsoever, including without limitation, damages for loss of profits, loss of data, business interruption or any other commercial damages or losses, arising out of this Agreement or related to your use or inability to use the Software, however caused, regardless of the theory of liability (contract, tort or otherwise) and even if we have been advised of the possibility of such damages.

By accepting these terms, you hereby indemnify and hold Prochain and its directors, officers, employees, third party service providers or agents harmless against any and all losses, liabilities, damages, claims, fines, penalties, costs and expenses (including legal fees) arising out of or in connection with this Agreement or use of the Software.

Prochain shall furthermore not be held liable should your company suffer reputational damage as a result of the vetting conducted and the subsequent compliance status result allocated to your company profile, nor will we accept any liability where current or potential work is compromised due to a non-compliant status.

In no event shall our total liability to you exceed the amount of fees paid by you for use of the Software.

12. DISPUTES

Should any dispute, disagreement or claim arise, the parties’ respective managing directors (or their designated nominees) shall endeavour to resolve the dispute in good faith and with due willingness and intention to determine a solution.

Should the parties fail to resolve the dispute within 15 business days of having declared such a dispute, the matter can be referred to the Arbitration Foundation of Southern Africa (“AFSA”) for a ruling to be made.

Arbitration shall be held at Johannesburg, informally, in the English language and otherwise in accordance with the rules of AFSA, it being the intention that, if possible, it shall be held and concluded within 30 business days after it has been demanded.

The parties agree that the type of arbitrator to be appointed shall be based on the relevant matter.

The provisions set out above shall not prevent either party from approaching any court of competent jurisdiction to obtain interim or other relief in cases of urgency.

Any notice relating to this Agreement must be sent to the following address by registered mail: 557 Jacqueline drive, Garsfontein, 0081. We shall, where required, send you notices to the address supplied by you in VCM.

Each party hereby irrevocably agrees that a decision of the arbitrator in the arbitration proceedings: (a) shall be final and binding on each of them; (b) will be carried into effect; and (c) be made an order of any court to whose jurisdiction the parties are subject.

PRIVACY POLICY

We understand the importance of protecting your personal information and data and as such this Privacy Policy describes how we collect and use your personal information and data, who we share it with, and your choices and rights in relation to your personal information and data.

1. PRIVACY STATEMENT

To comply with the Protection of Personal Information Act 4 of 2013 (“POPIA”) as well as the General Data Protection Regulations 2016/679 (“GDPR”) (in the case of European Union citizens or residents), the following specific provisions are brought to your attention.

The term “Personal Information” refers to any personal or private information about an identifiable living natural person or, an identifiable existing juristic person (company) and “Special Personal Information” refers to religious or philosophical beliefs, race or ethnic origin, trade union membership, political persuasion, health or sex life or biometric information. These terms will be collectively referred to only as “Personal Information”.

2. PERSONAL INFORMATION WE COLLECT

Prochain provides Software to the industry which aims to address a supplier’s compliance with respect Companies- and B-BBEE Acts as well as compliance to technical requirements. As such various Personal Information of your company, its directors and shareholders are captured within the Software.

Personal information which will be collected includes but is not limited to: a) company details: company name, company registration number, addresses, municipal area and contact details; b) directors / members / trustee information: names, identity numbers and documents; c) shareholding information: names, identity numbers and documents, shareholder ownership information, shareholder certificates and shareholder percentages; d) bank account information; e) tax information: tax compliance status pin document and tax numbers; f) B-BBEE information: B-BBEE certificate / affidavit and confirmation of turnover (i.e. turnover letter); g) letter of good standing for workmans compensation; h) contact information; i) other information such as joint venture agreements between you and a third party (if applicable) and other certifications required by a client; j) technical capability and traceability information, including your company’s technical assessment scorecard (if applicable); k) any other Personal Information provided in the Software; and l) Special Personal Information of your company’s directors and/or shareholders such as gender, race, credit history, criminal offences or convictions, political exposure and/or sanctions imposed.

3. PURPOSES OF COLLECTING PERSONAL INFORMATION

The primary purpose of VCM is to: 1) enable the establishment of a central supplier database whereby a supplier registers once and are accessible to all clients making use of VCM; 2) to ensure that supplier’s information can be verified and vetted via various sources namely credit bureaus, suppliers of background checks and publicly available platforms to promote compliance and thus prevent corrupt business activities; 3) to create a platform whereby SMMEs and larger established suppliers can gain equal access to opportunities that participating clients might make available from time to time; and 4) to enable clients of Prochain to outsource their supplier compliance management to us.

As such your Personal Information is used for our clients to: a) update your company information and data within their financial system / ERP via Application Programming Interface (APIs); b) to vet your company’s and director’s Personal Information at bureaus, suppliers of background check services and publicly available platforms; c) to ascertain your company’s compliance status with regard to the Companies- and B-BBEE Act; d) to identify and address any risk which a director may pose should such a director be blacklisted, have a criminal record, be politically exposed and/or have any sanctions imposed on them; e) request quotations, invite tenders or to request information from you; f) issue purchase orders from their financial system / ERPs to you; g) complete contract details; h) classify your company according to locality and the Mining Charter (where applicable); and i) to enable our clients to report on legislative and B-BBEE requirements as required by the Department of Trade Industry and Competition (DTIC) or the Department of Mineral Resources and Energy (DMRE).

4. HOW PERSONAL INFORMATION IS COLLECTED

The source(s) from which your company’s Personal Information can be collected is as follows: (a) by way of direct submission thereof to the Software by yourself; b) from publicly accessible platforms; and c) from client(s) to whom you previously made such Personal Information available.

5. SECURITY OF YOUR PERSONAL INFORMATION

Your Personal Information may at times leave South Africa due to the reason that our client base is not limited to the Republic of South Africa alone and our Software is further hosted on servers located in Europe.

We employ all reasonable efforts to ensure that your information is protected from accidental or unlawful destruction, loss, alteration, unauthorised access, or disclosure by using a combination of physical, administrative, and technical safeguards. We furthermore contractually require that third parties who may be exposed to your Personal Information employ the same data protection and security measures.

Our Software is aligned with the requirements of ISO27001, POPIA & GDPR requirements to ensure data security.

In the unlikely event that your Personal Information is compromised, we shall notify you thereof immediately and we will provide you with the following information: (a) description of the nature of the breach; (b) the likely consequences; and (c) description of the measures taken, or proposed to be taken to address the breach, including measures to mitigate possible adverse effects.

You have the right to lodge a complaint to the Information Regulator where you are of the view that your rights in terms of the POPIA have been neglected.

6. RETAINING YOUR PERSONAL INFORMATION

Your Personal Information will be retained for as long as you are registered on VCM and specifically request your profile to be removed. Should you revoke your consent and request your profile to be removed from VCM, your company profile and information will be removed and/or destroyed. We will issue a declaration or certificate warranting that your company’s profile and information has been removed and/or destroyed upon specific request from you.

We may furthermore retain your Personal Information as is necessary to fulfil the purpose for which it was collected unless a longer retention period is required to comply with legal obligations, resolve disputes, protect our assets, or enforce agreements.

7. YOUR RIGHTS

You may choose not to provide your Personal Information in which instance we will not be able to provide you access to use our Software, as we will be prevented to carry out our obligations in terms of our business relationship with our clients as set out in the purpose.

You have the right to access your Personal Information and to maintain and keep such Personal Information updated.

8. HOW TO CONTACT US

If you have any questions about this agreement, how your Personal Information is handled by us, have a privacy concern or you wish to make a request or a complaint relating to the processing of your Personal Information, please contact us via email at [email protected].

ANTI-BRIBERY AND CORRUPTION

Bribery is a criminal offence under the Prevention and Combating of Corrupt Activities Act, No. 12 of 2004 (as amended) as well as in various other jurisdictions around the world such as the UK. Bribery includes offering, giving, requesting or receiving a payment or something of value (even insignificant value) to secure an improper advantage, improperly influence a decision or to get a party to perform their job improperly.

To protect our interests and that of our clients, it is imperative that your company employs strict measures to prevent bribery or any other corrupt act from taking place. Such measures should include implementing a code of conduct and monitoring adherence thereto, policies, procedures as well as systems of internal controls such as accounting, purchasing and billing systems.

USER UNDERTAKINGS, WARRANTIES AND CONSENT

By accepting these terms and conditions

1. you undertake that neither you, nor your company, your company’s directors, its representatives or employees shall make any promise, authorise, or make any payment to, or otherwise contribute any item of value, directly or indirectly, to secure an improper advantage, to improperly influence a decision or to get a party to perform their job improperly;

2. you warrant that:

• you have the necessary authorisation to provide, submit or make available your company’s information to us;
• you confirm that you have obtained the necessary consent from your company directors, shareholders and employees (as the case may be) to provide their Personal Information in VCM;
• all information and documentation supplied in VCM is accurate, true and current and you agree to maintain your company’s compliance information and documentation in VCM at all times;
• you will not share your VCM login details with a third party and will take all measures necessary to ensure that your login details are kept secret and that the confidentiality provisions as set out in this Agreement, are maintained;

3. you provide consent for Prochain to:

• vet your company’s legal- and B-BBEE information by making use of various sources namely credit bureaus, suppliers of background checks and publicly available platforms and to display the results of such vetting conducted on your company profile to clients which make use of VCM as a tool to manage their suppliers’ compliance;
• make available your company’s compliance documentation to such clients;

4. you agree to indemnify and hold Prochain and its directors, officers, employees, development partners, third party service providers or agents harmless against any and all losses, liabilities, damages, claims, fines, penalties, costs and expenses (including legal fees) arising out of or in connection with this Agreement or use of the Software.

You are entitled to change or revoke your consent at any time. If you revoke your consent, your company’s profile will be removed from VCM and clients of Prochain which make use of VCM to manage their suppliers’ compliance will no longer be able to access your information from that point on.

By clicking on the accept button or continuing to use the Software, you expressly agree to be bound by the terms contained herein.