Terms and Conditions
These Terms and Conditions (the “Terms and Conditions”, “T&C” or “Agreement”), including all schedules, annexes and appendices, govern the contractual relationship between:
- SMART BIT SINGLE MEMBER S.A., a company incorporated under the laws of Greece (the “Service Provider”); and
- any legal entity that registers for, accesses or uses the System and/or the Services (the “Customer”),
each a “Party” and together the “Parties”.
By registering through the Dashboard, clicking “Sign Up” on the Website, or accessing or using the System and/or Services, the Customer confirms that it has read, understood and agrees to be bound by these Terms and Conditions. If the Customer does not agree, it must not access or use the System or Services.
1. Definitions and Interpretation
Definitions remain as provided except where amended by these Terms and Conditions. In case of conflict, the operative clauses prevail over definitions.
Interpretation rules remain unchanged, subject always to mandatory provisions of applicable EU law.
2. Term
2.1 These Terms and Conditions enter into force on the Commencement Date and remain in effect for an initial period of twelve (12) months following the Billing Start Date (the “Initial Period”).
2.2 The Agreement shall automatically renew for successive twelve-month periods (each a “Renewal Period”), unless terminated in accordance with Section 10.
2.3 Renewal mechanics linked to Pre-Payment remain valid, provided they do not deprive either Party of mandatory termination rights under applicable law.
3. Access to the System and Services
3.1 Access to the System and Services shall be granted upon the Billing Start Date, subject to successful completion of onboarding, due diligence and payment activation.
3.2 Any Trial Period is optional, limited in scope, and provided solely for evaluation purposes. The Customer shall not upload personal data of Applicants during a Trial Period unless explicitly permitted and documented.
3.3 The Service Provider shall provide the Services in accordance with:
- the applicable Pricing Plan,
- the SLA, and
- these Terms and Conditions.
3.4 New Releases may be implemented for security, legal, or technical reasons. The Customer shall implement mandatory updates within a reasonable timeframe communicated by the Service Provider. The Service Provider shall not be liable for deficiencies resulting from the Customer’s failure to implement required updates.
3.5 Activation of additional Services through the Dashboard constitutes acceptance of the applicable service-specific terms and Fees.
4. Intellectual Property Rights
4.1 All Intellectual Property Rights in and to the System, Services, API, SDK, Documentation and New Releases remain vested in the Service Provider or its licensors.
4.2 The Customer is granted a limited, non-exclusive, non-transferable, non-sublicensable licence for the duration of the Term, solely for the Business Purpose.
4.3 Reverse engineering, reproduction, derivative works, or competitive use is strictly prohibited except where mandatory law expressly permits.
5. Fees and Payment
5.1 Fees are payable in accordance with the applicable Pricing Plan.
5.2 Pricing Plan changes shall take effect as specified in the Dashboard, subject to reasonable notice.
5.3 Late payments may result in suspension of Services and statutory interest in accordance with Directive 2011/7/EU.
5.4 Suspension for non-payment shall be proportionate and lifted promptly upon settlement.
6. Confidentiality and Data Protection
6.1 Confidentiality
Each Party shall keep Confidential Information strictly confidential and use it solely for performance of this Agreement.
Confidentiality obligations survive termination for as long as the information remains confidential under applicable law.
6.2 Data Protection Roles
(a) Customer acts as data controller in respect of Applicant personal data.
(b) Service Provider acts as data processor, unless explicitly stated otherwise in writing.
6.3 Processing Instructions
The Service Provider shall:
- process personal data only on documented instructions from the Customer;
- ensure appropriate technical and organisational measures under Article 32 GDPR;
- notify personal data breaches in accordance with Articles 33–34 GDPR.
6.4 No Unauthorised Secondary Use
The Service Provider shall not process personal data for its own purposes.
Any service improvement, analytics, fraud-pattern analysis, or AI development shall use irreversibly anonymised data only, unless the Service Provider acts as an independent controller with a valid legal basis and appropriate transparency.
6.5 Sub-processing and Transfers
Sub-processors and international transfers shall comply with GDPR, including Standard Contractual Clauses where applicable.
6.6 Data Return and Deletion
Upon termination, the Customer may retrieve Applicant personal data within thirty (30) days. Thereafter, the Service Provider shall delete such data unless retention is required by law.
7. Security
The Customer is responsible for:
- access control,
- credential confidentiality,
- role-based permissions.
Actions performed using valid credentials are attributed to the Customer unless caused by the Service Provider’s breach.
8. Liability
8.1 Neither Party excludes liability for:
- fraud or fraudulent misrepresentation;
- wilful misconduct;
- amounts lawfully due;
- liability which cannot be excluded under applicable law.
8.2 GDPR Carve-Out
Nothing in these Terms and Conditions limits or excludes liability under Regulation (EU) 2016/679, including liability under Article 82 GDPR.
8.3 Subject to clause 8.1 and 8.2, neither Party shall be liable for indirect or consequential losses, including loss of profit or goodwill.
8.4 Subject to clause 8.2, the Service Provider’s total aggregate liability shall not exceed the lower of:
- 100% of Fees paid in the three (3) months preceding the claim; or
- EUR 5,000.
9. Representations and Warranties
9.1 Each Party represents that it has authority to enter into this Agreement.
9.2 The Customer warrants lawful use of the Services and compliance with applicable laws, including non-discrimination and data protection laws.
9.3 The Services provide supporting information only and do not constitute legally binding determinations. The Customer remains solely responsible for decisions taken based on the Services.
10. Suspension and Termination
10.1 Either Party may terminate for convenience with thirty (30) days’ written notice.
10.2 Immediate termination is permitted for material breach, insolvency, or legal non-compliance.
10.3 Suspension shall be proportionate, reasoned, and lifted where possible upon remediation.
10.4 Accrued rights and obligations survive termination.
11. Amendments
11.1 The Service Provider may amend these Terms for valid reasons (legal, regulatory, security, or material service changes).
11.2 Material changes require at least thirty (30) days’ prior notice.
If a material change adversely affects the Customer, the Customer may terminate without penalty before the change takes effect.
11.3 Continued use after the effective date constitutes acceptance of non-material changes.
12. Reusable KYC Service
12.1 Reusable KYC operates strictly under GDPR data portability and controller-to-controller transfer principles.
12.2 Applicants’ data shall be transferred only:
- upon valid legal basis,
- with transparency to the Applicant,
- and in accordance with the DPA.
12.3 The Service Provider acts as processor only and does not determine purposes of such transfers.
12.4 The Service Provider may suspend Reusable KYC for compliance or security reasons.
13. Governing Law and Dispute Resolution
This Agreement is governed by the laws of Greece.
All disputes shall be finally resolved by ICC arbitration, seated in Athens, Greece, conducted in English, by a sole arbitrator, under the Expedited Procedure Rules.
Proceedings and awards shall remain confidential.