General Terms & Conditions

Last update: July 28, 2025

These General Terms and Conditions (“GTCs”) govern the provision and use of the Company Products (as defined below) provided by FreightFit AI. (“Company” or “FreightFit,”). These GTCs apply to all entities based in the United States or Canada entering into agreements or transactions with FreightFit AI, including but not limited to those expressly identified as “Customer” on any Order Form or online registration, online registration, or similar agreement, as well as any individuals or entities that access, purchase, or otherwise use the Company Products (collectively, “Customer”). By accessing, purchasing, or otherwise using the Company Products, such Customer acknowledges and agrees to be bound by these GTCs. Any additional or conflicting terms presented by the Customer, including in Order Form or online registrations or other documents, are hereby expressly rejected unless expressly agreed to in writing by FreightFit AI. These GTCs shall be effective as of the date of acceptance and shall remain in effect unless terminated or amended in accordance with the terms set forth herein.

1. COMPANY PRODUCTS AND SERVICES

1.1. Provision of Products and Services. Subject to the terms and conditions of this GTC, including all applicable Order Forms, online registration, agreements, (collectively, this “Agreement”), Company will provide Customer with the online software-as-a-service products and services on a subscription basis for the Subscription Term (defined below), and such other products and services, as set forth on an applicable Order Form or online registration (collectively, “Company Product(s)”). Company Products include Company Software (as defined below). Each Order Form or online registration or online registration will be incorporated into, and is fully governed by, this Agreement upon execution of the Order Form or online registration by both parties. In the event of any conflict or inconsistency between this Agreement and an Order Form or online registration, this Agreement shall control.

1.2. Access to Products. Customer may access and use Company Products on a non-exclusive and non-transferrable basis, solely for its internal business purposes, and only in accordance with the terms and conditions of this Agreement, the applicable Order Form or online registration, and any end user technical documentation provided or made available by Company for such Company Products (“Documentation”). To the extent Company provides Customer with any downloadable software, agents, SDKs, APIs, or other code in connection with the Company Products (“Company Software”), Company grants to Customer a revocable, non-exclusive, non-transferable, non-sublicensable, limited right to use the Company Software during the applicable Subscription Term solely as reasonably necessary for Customer’s use of the Company Products in accordance with this Agreement. For clarity, except for Company Software, Company’s software products are provided on a remote, software-as-a-service basis only.

1.3. Permitted Users. Customer may permit its employees, agents, independent contractors and consultants to use the Company Products on its behalf (“Permitted Users”), provided Customer remains responsible for the acts and omissions of each such Permitted User. Use of the Company Products by Customer in the aggregate must be within the restrictions set forth in the applicable Order Form or online registration or online registration (if any). If Customer is given passwords to access Company Products on Company’s systems, Customer shall require that all Permitted Users keep user ID and password information strictly confidential and not share such information with any unauthorized person. Customer shall be responsible for any and all actions taken using Customer’s accounts and passwords.

1.4. Use by Affiliates. Each of Customer’s Affiliates (defined below) identified on an Order Form or online registration will be entitled to access and use the applicable Company Products in accordance with this Agreement and the applicable Order Form or online registration, provided that Customer shall remain responsible to Company for the actions and omissions of each such Affiliate (and each of such Affiliate’s Permitted Users). The terms of this Agreement will govern, and will be incorporated by reference in, each such Order Form or online registration as if this Agreement were separately executed by the applicable Customer Affiliate, and the term “Customer” as used in this Agreement will be deemed as applying to such Customer Affiliate for the purposes of such Order Form or online registration. “Affiliate” means an entity that, directly or indirectly, controls, is controlled by, or is under common control with a party. As used herein, “control” means the power to direct the management or affairs of an entity or the beneficial ownership of fifty percent (50%) or more of the voting equity securities or other equivalent voting interests of an entity.

1.5. General Restrictions. Customer shall not, and shall not allow any third party (including any Permitted User or Affiliate) to: (a) sell, rent, lease or use any Company Product for time sharing purposes; (b) use any Company Product to help develop, or help provide to any third party, any product or service similar to or competitive with any Company Product; (c) reverse engineer, decompile, disassemble, or otherwise seek to obtain the source code of any Company Product; (d) copy, modify or create derivative works from any Company Product or any Documentation; (e) remove or obscure any copyright or proprietary or other notice contained in any Company Product or Documentation; (f) propagate any virus, Trojan horse, or other malware or programming routine intended to damage any system or data; (g) access or use any Company Products in a manner intended to circumvent or exceed service account limitations or requirements; (h) use any Company Products in a manner that violates any applicable law, regulation, or legal requirement or obligation; (i) use any Company Products in violation of any third-party rights of privacy or intellectual property rights; (j) use or permit the use of any tools in order to probe, scan or attempt to penetrate or benchmark any Company Products; (k) post, upload, transmit or provide any Customer Data that Company reasonably deems to be unlawful, harmful, abusive or otherwise objectionable; or (l) use the Company Products except as expressly permitted by this Agreement.

2. CUSTOMER OBLIGATIONS; CUSTOMER DATA

2.1. Generally. “Customer Data” means information, data, and other content, in any form or medium, that is downloaded, or otherwise received, directly or indirectly (including via a third-party provider), from Customer (including from a Permitted User on Customer’s behalf) by or through the Company Products, or provided by Customer to Company to input into the Company Products. Customer represents and warrants to Company that Customer’s use of Company Products and all Customer Data is and will be at all times compliant with Customer’s privacy policies and all applicable local, state, federal and international laws, regulations and conventions, including, without limitation, those related to data privacy, international communications, and the exportation of technical or personal data (including Personal Data (as defined in Section 12)). Customer is solely responsible for the accuracy, content and legality of all Customer Data. Customer represents and warrants to Company that Customer has sufficient rights in the Customer Data to grant the rights granted to Company in Section 2.2 below and that the Customer Data does not infringe or otherwise violate the rights of any third party.

2.2. Rights in Customer Data. As between the parties, Customer shall retain all right, title and interest (including any and all intellectual property rights) in and to the Customer Data. Customer hereby grants to Company a non-exclusive, worldwide, irrevocable, transferable, sublicensable (through multiple tiers), fully paid-up, royalty-free right and license to use, copy store, transmit, modify, and display the Customer Data in order to: (a) provide the Company Products to Customer; and (b) perform such other actions as authorized or instructed by Customer in writing (email to suffice).

2.3. De-identified Data. Company may create and use de-identified data related to Customer’s use of the Company Products in order to improve Company’s products and services, to develop new products and services, and for its other business purposes (and such de-identified data will be owned by Company).

2.4. Third Party Application Service Providers. Customer may be able to access and use certain optional third-party services or products (e.g., a third-party service that integrates with Company via opt-in, or uses Company’s APIs) through or with its use of the Company Products (“Third-Party Services”). Customer is under no obligation to use any Third-Party Services. IF CUSTOMER USES ANY THIRD-PARTY SERVICES, COMPANY WILL NOT BE RESPONSIBLE FOR ANY ACT OR OMISSION OF ANY PROVIDER OF SUCH THIRD-PARTY SERVICES. COMPANY DOES NOT WARRANT OR PROVIDE DIRECT SUPPORT FOR ANY THIRD-PARTY SERVICES. CUSTOMER ACKNOWLEDGES AND AGREES THAT COMPANY WILL HAVE NO RESPONSIBILITY OR LIABILITY FOR THE ACTS OR OMISSIONS OF ANY PERMITTED USERS IN CONNECTION WITH ANY THIRD-PARTY SERVICES.

3. OWNERSHIP

3.1. Ownership. Customer acknowledges that no intellectual property rights are assigned or transferred to Customer hereunder. Customer is obtaining only a limited right to access and use the Company Products set forth on the applicable Order Form or online registration. Customer agrees that Company or its suppliers own and retain all right, title and interest (including all patent, copyright, trade secret and other intellectual property rights) in and to (a) the Company Products, Documentation, and any and all related and underlying technology, documentation, and other information and (b) any intellectual property it develops hereunder, and any derivatives thereof (individually and collectively, “Company Technology”).

3.2. Feedback. In the event Customer provides Company with any suggestions, ideas, improvements or other feedback with respect to any aspect of the Company Products (“Feedback”), Company shall own such Feedback.

4. SUBSCRIPTION TERM, FEES AND PAYMENT

4.1. Subscription Term and Renewals.

4.1.1. Unless otherwise terminated as set forth below, each Order Form or online registration will have a term as set forth therein (“Initial Term”). Thereafter, each Order Form or online registration will automatically renew for successive renewal terms of equal length to the Initial Term (each, a “Renewal Term,” and together with the Initial Term, the “Subscription Term”), unless either party provides the other party with written notice of non-renewal at least thirty (30) days prior to the expiration of the then-current Subscription Term. If no term is stated on an Order Form or online registration, the Initial Term for such Order Form or online registration is one (1) year.

4.1.2. In case of a monthly subscription, the Agreement shall commence on the Effective Date and shall be renewed on a monthly basis (“Regular Contract Term”), unless a longer term has been contractually agreed on; thereafter, this Agreement shall be extended on a monthly basis (a “Monthly Renewal Term”), unless either party notifies the other party prior to the expiration of the then-current term that it does not wish to renew this Agreement. The termination of a monthly subscription does not require any justification and must be declared in writing (by email) to the other party. (Each Regular Contract Term and Monthly Renewal Term is referred to herein as a “Term”).

4.1.3. FreightFit AI may offer additional services (“Add-ons”) that can be purchased exclusively in conjunction with the Company Products. FreightFit AI has the right to change the available offerings of the Add-ons as it sees fit. If a Customer opts to purchase an Add-on, the purchase becomes binding upon confirmation, and the Add-ons are subject to these GTC in their entirety.

4.1.4. For any free subscription plan offered by FreightFit AI, FreightFit reserves the right to deactivate inactive accounts after providing reasonable prior notice. Inactivity may be defined as a lack of login activity or data usage for a period of seven (7) consecutive days. Deactivation of an inactive account will not terminate this Agreement, and Customer may reactivate the account at any time through the platform interface.

4.2. Fees, Invoicing and Payment. All fees are as set forth in the applicable Order Form or online registration. Unless otherwise specified in the applicable Order Form, Customer shall pay all undisputed fees within seven (7) days of Customer’s receipt of FreightFit’s invoice or any automatically generated bill. The Base Fee shall be determined by the Order Form or online registration or other offers provided by FreightFit and may be calculated based on one or more usage metrics applicable to the FreightFit platform, including, without limitation: (a) the total number of freight shipments processed or managed through the platform during the applicable billing period; (b) the number of authorized users or seats granted access to the platform; (c) the number of API calls, automated rate requests, transactions processed, or tokens used; and/or (d) any additional services, integrations, or premium features subscribed to by Customer. FreightFit reserves the right to adjust Customer to the corresponding higher usage package if actual usage exceeds the contracted limits for two consecutive billing periods. Any resulting price difference compared to the original contract will be invoiced for the remaining term, and adjustments or credits will not be issued for underuse.

In the case of annual contracts under Section 4.1.1, the fee for each Renewal Term may increase by up to seven percent (7%) above the Base Fee applicable to the immediately preceding Term unless otherwise agreed in the Order Form. If FreightFit does not exercise this right before a new Renewal Term, it retains the right to increase fees in subsequent terms. In the case of monthly subscriptions under Section 4.1.2, FreightFit may adjust the Base Fee at any time with thirty (30) days’ prior written notice to Customer. Unless otherwise agreed, invoicing will be done for the entire contract term in advance, except for any additional usage fees or managed services, which will be invoiced in arrears following delivery. FreightFit may deliver invoices electronically, and payment is due seven (7) days from the invoice date or the date the automatically generated bill was tendered. The invoiced amount must be credited to FreightFit’s account within seven (7) days of the invoice date. Late payments shall accrue interest at the rate of three percent (3%) per month or the maximum rate permitted by law, whichever is less, plus costs of collection. Applicable taxes, excluding those based on FreightFit’s income, are the responsibility of Customer.

4.3. Session Increase and Excess Use. Notwithstanding the foregoing, in the event Customer desires to upgrade their plan or otherwise add features, Customer may order such upgrade or additional features with a corresponding higher fee set out on a new Order Form or online registration subject to these GTC. For the avoidance of doubt, a new Initial Term will accompany a new Order Form or online registration and any unused fees paid towards the prior Order Form or online registration shall carry over to such new Order Form or online registration. FreightFit AI reserves the right to change the customer to the corresponding higher package if the sessions / DAU / number of unique users on the domains / apps specified at the beginning of the contract / or any other commercially reasonable metric are exceeded during two consecutive months. The price difference resulting in comparison to the original contract offer may be invoiced by FreightFit AI for the remaining contract term. Payment must be made within 30 days of the invoice date.

In case the customer adds additional domains to their subscription and exceeds the permitted amount of domains within their package, FreightFit AI reserves the right to change the customer to the corresponding higher package starting with the next contract term, in case of monthly subscriptions. In case of annual subscriptions the price difference resulting in comparison to the original contract offer may be invoiced by FreightFit AI for the remaining contract term. Payment must be made within 30 days of the invoice date.

4.4. Retroactive Billing for Excess Use. Should Customer use the Company Products in excess of the amount of sessions purchased as part of any given Order Form or online registration, Company shall bill Customer to account for Customer’s excess usage, subject to the terms set forth in this Section 4.

4.5. Suspension of Service. If Customer’s account is ten (10) days or more overdue, in addition to any of its other rights or remedies, Company reserves the right to suspend Customer’s access to the applicable Company Product without liability to Customer until such amounts are paid in full.

5. TERM AND TERMINATION

5.1. Term. This Agreement is effective as of the Effective Date and will continue in effect until terminated as set forth below.

5.2. Termination. Either party may terminate this Agreement with at least five (5) days’ prior written notice by contacting support@freightfit.ai if there are no Order Form or online registrations then in effect. In addition, either party may terminate this Agreement if the other party (a) fails to cure any material breach of this Agreement (including a failure to pay fees) within thirty (30) days after written notice (such notice must contain sufficient detail as to the nature of the breach and state the intent to terminate and email notice is sufficient in the case of non-payment); (b) ceases operation without a successor; or (c) seeks protection under any bankruptcy, receivership, trust deed, creditors’ arrangement, composition, or comparable proceeding, or if any such proceeding is instituted against that party (and not dismissed within sixty (60) days thereafter). For clarity, termination of this Agreement will automatically terminate all Order Form or online registrations.

5.3. Effect of Termination. Upon the expiration or termination of this Agreement, (a) Customer shall immediately cease any and all use of and access to Company Products (including any and all related Company Technology) and (b) each party will return to the other party (or destroy) such other party’s Confidential Information. Except as otherwise set forth herein, termination of this Agreement is not an exclusive remedy and the exercise by either party of any remedy under this Agreement will be without prejudice to any other remedies it may have under this Agreement, by law, or otherwise.

5.4. Customer Data. At any time before or within thirty (30) days after termination or expiration of this Agreement, Customer may download Customer Data from the Company Products in accordance with the Documentation. Customer acknowledges that if Customer or a Permitted User deletes Customer Data from the Company Products, such Customer Data may still reside in Company’s systems, applications, databases and servers (including, without limitation, as backups and/or archives). Customer acknowledges that the foregoing actions during any Subscription Term may have an adverse impact on Customer’s use of the Company Products (and Company is not liable with respect thereto).

5.5. Survival. The following Sections shall survive any expiration or termination of this Agreement: 1.5, 2, 3, 4, 5, 6.2, 7, 8, 9, 11, and 13.

6. LIMITED WARRANTY; DISCLAIMER

6.1. Limited Warranty. Company warrants that it will provide the Company Products in substantial conformity with the applicable Documentation and the descriptions in the Order Form or online registration. Company’s sole liability (and Customer’s sole and exclusive remedy) for any breach of this warranty shall be, in Company’s sole discretion and at no charge to Customer, to use commercially reasonable efforts to provide Customer with an error correction or work-around that corrects the reported non-conformity, or if Company determines such remedies to be impracticable, to allow Customer to terminate the Subscription Term and receive as its sole remedy and Company’s entire liability, a refund of any fees Customer has pre-paid for use of Company Products or related services it has not received as of the date of the warranty claim. The limited warranty set forth in this Section 6.1 shall not apply: (a) unless Customer makes a claim within thirty (30) days of the date on which the condition giving rise to the claim first appeared, (b) if the error was caused by misuse, unauthorized modifications or third-party hardware, software or services, or (c) to Company Products provided on a no-charge or evaluation basis.

6.2. Warranty Disclaimer. EXCEPT FOR THE WARRANTIES SET FORTH IN THIS AGREEMENT, COMPANY PRODUCTS AND ALL SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. COMPANY AND ITS SUPPLIERS EACH EXPRESSLY DISCLAIM ANY OTHER WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, TITLE, OR FITNESS FOR A PARTICULAR PURPOSE.

7. LIMITATION OF LIABILITY

NEITHER PARTY SHALL BE LIABLE, UNDER ANY LEGAL OR EQUITABLE THEORY OF LAW, WITH RESPECT TO ANY SUBJECT MATTER OF THIS AGREEMENT FOR ANY INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES OF ANY KIND, INCLUDING LOST PROFITS, BUSINESS, CONTRACTS, REVENUE, GOODWILL, PRODUCTION, AND ANTICIPATED SAVINGS OR DATA, EVEN IF INFORMED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE. NOTWITHSTANDING THE FOREGOING, IN NO EVENT WILL EACH PARTY’S AGGREGATE LIABILITY IN CONNECTION WITH THIS AGREEMENT EXCEED THE FEES PAID BY CUSTOMER TO COMPANY DURING THE TWELVE (12) MONTH PERIOD PRIOR TO WHEN THE CLAIM AROSE.

8. INDEMNIFICATION

8.1. Indemnification by Company. Company shall indemnify, defend, and hold harmless Customer from and against any claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys’ fees and costs) arising from the infringement of a U.S. patent, copyright, trademark, or other intellectual property right asserted against Customer by a third party based upon Customer’s use of Company Products in accordance with the terms of this Agreement, provided that Company shall have received from Customer: (a) prompt written notice of such claim (but in any event notice in sufficient time for Company to respond without prejudice); (b) the exclusive right to control and direct the investigation, defense, or settlement (if applicable) of such claim (as long as such settlement releases Customer from any and all liability); and (c) all reasonable necessary cooperation of Customer. If Customer’s use of any Company Product is, or in Company’s opinion is likely to be, enjoined due to the type of infringement specified above, or if required by settlement, Company may, in its sole and reasonable discretion: (x) substitute substantially functionally similar products or services; (y) procure for Customer the right to continue using Company Products; or if (x) and (y) are commercially impracticable, (z) terminate the Agreement and refund to Customer any unused, prepaid fees paid by Customer for the terminated period. The foregoing indemnification obligation of Company shall not apply to the extent that the alleged infringement arises from: (1) any modification of the Company Products other than by or on behalf of Company; (2) access to or use of any Company Product in combination with any hardware, system, software, network, or other products, materials or services not provided by or on behalf of Company (3) use of Company Products in breach of this Agreement; or (4) Customer Data. THIS SECTION 8.1 SETS FORTH COMPANY’S SOLE LIABILITY AND CUSTOMER’S SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY CLAIM OF INTELLECTUAL PROPERTY INFRINGEMENT.

8.2. Indemnification by Customer. Customer shall indemnify, defend, and hold harmless Company from and against any and all claims, costs, damages, losses, liabilities and expenses (including reasonable attorneys’ fees and costs) arising out of or in connection with any claim arising from or relating to (a) Customer’s violation of any laws, regulations, or rights relating to Customer Data (including, without limitation, privacy laws, regulations, or rights), or Customer’s breach of Section 2.1, (b) any action taken (or not taken) by Customer based upon use of a Company Product, or (c) any dispute between Customer and any other user of the Company Products. This indemnification obligation is subject to Customer receiving: (x) prompt written notice of such claim (but in any event notice in sufficient time for Customer to respond without prejudice); (y) the exclusive right to control and direct the investigation, defense, or settlement of such claim; and (z) all reasonable necessary cooperation of Company at Customer’s expense.

9. CONFIDENTIAL INFORMATION

9.1. Definition. “Confidential Information” means information disclosed by one party to the other that is marked as confidential or proprietary or that ought reasonably to be understood as confidential or proprietary. All Company Technology, performance information relating to the Company Products, and the terms and conditions of this Agreement (including the fees and pricing information) shall be deemed Confidential Information of Company without any marking or further designation. Confidential Information does not include Customer Data, nor does it include information that the recipient already lawfully knew, that becomes public through no fault of the recipient, that was independently developed by the recipient without any reference to or use of Confidential Information, or that was rightfully obtained by the recipient from a third party.

9.2. Obligations. The recipient agrees not to disclose Confidential Information except to its Affiliates, employees, contractors and agents who need to know it and have agreed in writing to keep it confidential. Only those parties may use the Confidential Information, and only to exercise the recipient’s rights and fulfill its obligations under this Agreement, while using at least a reasonable degree of care to protect it. The recipient may also disclose Confidential Information to the extent required by law after providing reasonable notice to the discloser and cooperating to obtain confidential treatment. Unauthorized disclosure of Confidential Information may cause harm not compensable by damages, and the disclosing party may seek injunctive or equitable relief in a court of competent jurisdiction, without posting a bond, to protect its Confidential Information.

10. SECURITY

Company shall use reasonable physical, technical, and administrative procedures designed to protect, safeguard and help prevent loss, misuse, and unauthorized access, disclosure, alteration or destruction of Customer Data, and Company will choose these safeguards based on the sensitivity of the information that is collected, processed, and stored and the current state of applicable technology.

11. PUBLICITY

Except as otherwise agreed in writing (email to suffice), neither party may use the other party’s name, logos or marks without such party’s written pre-approval in each case; provided that Company may use Customer’s name and logo on Company’s web site and in Company promotional materials to identify Customer as a Company customer.

12. DATA PROCESSING

To the extent that Company processes any data which is defined as “personal data,” “personal information,” or “sensitive data” in the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) or the California Consumer Privacy Act of 2018, as amended (“CCPA”) (“Personal Data”), Company shall do so as described within its privacy policy at freightfit.ai/privacy. If the Personal Data that Company processes relates to individuals who are data subjects entitled to the rights granted under GDPR, Customer acknowledges that Company does so as a processor as defined in GDPR. If the Personal Data that Company processes relates to individuals who are California residents, and Customer is subject to CCPA, Customer acknowledges that Company does so as a service provider as defined in CCPA. To comply with the requirements of the applicable data protection laws, including but not limited to GDPR and CCPA, with respect to the processing of Personal Data, the parties agree to enter into an appropriate data processing addendum (“DPA”) and to adhere to the provisions of such DPA. In the event of any conflict between this Agreement and a DPA, the DPA shall govern.

13. GENERAL TERMS

13.1. Assignment. This Agreement will bind and inure to the benefit of each party’s permitted successors and assigns. Neither party may assign this Agreement except upon the advance written consent of the other party, except that either party may assign this Agreement without such consent in connection with a merger, reorganization, acquisition or other transfer of all or substantially all of such party’s assets or voting securities. Any attempt to transfer or assign this Agreement except as expressly authorized under this Section 13.1 will be null and void.

13.2. Force Majeure. Neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to unforeseen events which occur after the signing of this Agreement and which are beyond the reasonable control of such party, such as a strike, blockade, war, act of terrorism, riot, natural disaster, or failure or diminishment of power or telecommunications or data networks or services.

13.3. Subcontractors. Company may use the services of subcontractors for performance of services under this Agreement, provided that Company remains responsible for such subcontractors’ compliance with the terms of this Agreement.

13.4. Independent Contractors. The parties to this Agreement are independent contractors. There is no relationship of partnership, joint venture, employment, franchise or agency created hereby between the parties. Neither party will have the power to bind the other or incur obligations on the other party’s behalf without the other party’s prior written consent.

13.5. Severability. If any provision of this Agreement shall be adjudged by any court of competent jurisdiction to be unenforceable or invalid, that provision shall be limited to the minimum extent necessary so that this Agreement shall otherwise remain in effect.

13.6. Governing Law; Jurisdiction and Venue. This Agreement shall be governed by the laws of the State of Illinois and the United States without regard to conflicts of laws provisions thereof, and without regard to the United Nations Convention on the International Sale of Goods. Except for claims for injunctive or equitable relief or claims regarding intellectual property rights (which may be brought in any competent court in Cook County, Illinois), any dispute arising under this Agreement shall be finally settled in binding arbitration. The Judicial Arbitration and Mediation Service, Inc. (“JAMS”) will administer the arbitration in accordance with its Comprehensive Arbitration Rules and Procedures (though to the extent JAMS’ Expedited Arbitration Procedures are available, they will apply), and the arbitration will be held in Chicago, Illinois. Subject to the foregoing provisions of this Section 13.6, the jurisdiction and venue for actions related to the subject matter hereof shall be the state and United States federal courts located in the state of Illinois and both parties hereby submit to the personal jurisdiction of such courts.

13.7. Notice. Any notice or communication required or permitted under this Agreement shall be in writing to the parties at the addresses set forth as first listed above or at such other address as may be given in writing by either party to the other in accordance with this Section and shall be deemed to have been received by the addressee (a) if given by hand, immediately upon receipt; (b) if given by overnight courier service, the first business day following dispatch or (c) if given by registered or certified mail, postage prepaid and return receipt requested, the second business day after such notice is deposited in the mail. In addition, any legal notices to Company must be delivered to the following email address: support@freightfit.ai but, notwithstanding earlier receipt via email, legal notices will be deemed received when the physical notice is received as set forth in preceding sentence.

13.8. Modifications to this Agreement. Changes to these GTC will be offered by FreightFit AI in text form (a) in the case of monthly subscriptions, no later than thirty (30) days before the proposed date of the Renewal Term, or (b) in the case of all other subscriptions, no later than two (2) months before the proposed date of their effective date, but no later than upon the beginning of the renewal term. The contracting party shall be considered to have given its consent if it has not notified its rejection before the proposed date of effectiveness of the amendments. FreightFit AI will specifically draw the Customer’s attention to this consent requirement.

13.9. Purchase Orders. Purchase orders (and similar documents) issued by Customer are for administrative purposes only (e.g., setting forth products and services ordered and associated fees) and any additional or different terms or conditions contained in any such order shall not apply (even if the order is accepted, or performed on by Company).

13.10. No Third Party Rights. There are no third party beneficiaries to this Agreement.

13.11. Export Compliance. Each party shall comply with all applicable export and re-export control and trade and economic sanctions laws, including the Export Administration Regulations maintained by the U.S. Department of Commerce, trade and economic sanctions maintained by the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”), and the International Traffic in Arms Regulations maintained by the U.S. State Department. Neither party, nor any of its subsidiaries or any person acting on its behalf or owning 50% or more of its equity securities or other equivalent voting interests, is (a) a person on the List of Specially Designated Nationals and Blocked Persons or any other list of sanctioned persons administered by OFAC or any other governmental entity, or (b) a national or resident of, or a segment of the government of, any country or territory for which the United States has embargoed goods or imposed trade sanctions.

13.12. Entire Agreement. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements and communications, relating to the subject matter of this Agreement. This Agreement may be executed electronically and in counterparts (such as via DocuSign), which counterparts taken together shall form one legal instrument. Any pre-printed terms in a Customer purchase order or similar document are null and void.

DATA PROCESSING ADDENDUM

This Data Processing Addendum (“DPA”) forms part of the General Terms and Conditions for FreightFit AI Software (“Agreement”) between the Customer (as defined in the Agreement) and FreightFit AI (“Company,” “FreightFit,” “Processor,” or “Service Provider”), and applies to the extent that Company Processes Personal Data on behalf of Customer in providing the Company Products and related services. This DPA is effective as of the Effective Date of the Agreement and supersedes any prior data processing terms.The headings contained in this DPA are for convenience only and shall not be interpreted to limit or otherwise affect the provisions of this DPA.

1. DEFINITIONS
   Capitalized terms not otherwise defined in this DPA have the meanings given in the Agreement.
   Affiliate: Any entity that directly or indirectly controls, is controlled by, or is under common control with a party.

Controller: The entity which determines the purposes and means of the Processing of Personal Data.

Processor: The entity which Processes Personal Data on behalf of the Controller.

Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”) Processed by Company on behalf of Customer in connection with the provision of Company Products, as defined under Data Protection Laws.

Processing/Process/Processed: Any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, restriction, erasure, or destruction.

Data Protection Laws: All applicable data protection and privacy laws and regulations, including but not limited to the GDPR, CCPA, and other similar laws.

Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data Processed by Company.

Subprocessor: Any third party engaged by Company to Process Personal Data on behalf of Customer.

CCPA: The California Consumer Privacy Act of 2018, as amended.

GDPR: The General Data Protection Regulation (EU) 2016/679.

UK Addendum: The International Data Transfer Addendum to the EU Standard Contractual Clauses issued by the UK Information Commissioner.

US Privacy Laws: All applicable US federal, state, and local privacy laws, including but not limited to the CCPA and CPRA.

2. PROCESSING OF PERSONAL DATA
   2.1 Roles of the Parties
   Under the Agreement between Company and Customer, Company will Process Personal Data as a Processor/Service Provider acting on behalf of the Customer. Customer agrees that it will not require Company to undertake or engage in any activity that would require, or result in, Company acting in the capacity of a Controller/Business.
   2.2 Purpose and Scope
   Company will Process Personal Data, as instructed by Customer below, to provide the services as described in the Agreement and Statement of Work. This includes, but is not limited to:
   • Contact details such as name, address, email address or telephone number;
   • Government identification; and
   • Any other Personal Data or information that the Customer decides to provide to Company or the Services.
   Subject to any Section of the DPA and/or the Agreement dealing with the duration of the Processing and the consequences of the expiration or termination thereof, Company will Process Personal Data for the duration of the Agreement, unless otherwise agreed upon in writing. The frequency of the transfers will be on a continuous basis.
   Company will not use Customer data to train, fine-tune, or otherwise develop any artificial intelligence or machine learning models. The Company’s AI models are closed and do not incorporate or learn from Customer data processed in connection with the provision of Services.
   This DPA, the Agreement, and any subsequent statements of work or service orders, and any configurations by Customer or its authorized users, comprise Customer’s complete instructions to Company regarding the Processing of Personal Data. Any additional or alternate instructions must be agreed upon by the parties in writing, including the costs (if any) associated with complying with such instructions.
   2.3 Customer Obligations
   Customer represents and warrants that it has all necessary rights and authorizations to provide Personal Data to Company for Processing, and that its instructions to Company comply with Data Protection Laws. Company is not responsible for determining if Customer’s instructions are compliant with applicable law. However, if Company is of the opinion that a Customer instruction infringes applicable Data Protection Laws or if Company is unable to comply with Customer’s instructions or its obligations under Data Protection Laws, Company shall notify Customer as soon as reasonably practicable and shall not be required to comply with such infringing instruction. If Customer becomes aware of any unauthorized use of Personal Data that Company Processes, then Customer has the right to send a written request to Company to stop the unauthorized use.
   2.4 Company Obligations
   Company shall:
   • Process Personal Data only as necessary to provide the Company Products and services, or as otherwise instructed in writing herein by Customer, or in a subsequent writing;
   • Not sell, share, or otherwise Process Personal Data for any purpose other than as specified in the Agreement or as required by law;
   • Not combine Personal Data with data received from other sources except as necessary to provide the services or as permitted by law.
   Company may only disclose Personal Data for the purpose of: (a) complying with Customer’s reasonable and lawful instructions; (b) as required in connection with the Services and as permitted by this DPA; and/or (c) as required to comply with Data Protection Laws, or an order of any court, tribunal, regulator, or government agency with competent jurisdiction to which Company is subject. With regard to (c) above, Company will (to the extent permitted by law) inform the Customer in advance of making any disclosure of Personal Data and will reasonably cooperate with Customer to limit the scope, proportionality, and duration of such requested disclosure to what is strictly necessary or legally required.
   For personal Data Subject to the CCPA, Company will not: (a) Sell or Share Personal Data; (b) retain, use, or disclose Personal Data for any purpose other than for the business purposes specified in the Agreement, including retaining, using, or disclosing it for a commercial purpose other than the business purposes specified in the Agreement or as otherwise permitted under Data Protection Laws; (c) retain, use, or disclose Personal Data outside of the direct business relationship between Company and Customer; or (d) combine it with Personal Data it receives from or on behalf of another business or that it collects from its own interaction with the Data Subject unless permitted by Data Protection Laws.
3. SUBPROCESSORS
   3.1 Authorization
   Customer agrees that Company may appoint and use Subprocessors to Process Personal Data in connection with the Services PROVIDED that: (a) Company puts in place a written contract with each Subprocessor that imposes obligations that are (i) relevant to the Services to be provided by the Subprocessors, and (ii) materially similar to the rights and/or obligations granted or imposed on Company under this DPA; and (b) where a Subprocessor fails to fulfill its data protection obligations as specified above, Company shall be liable to the Customer for the performance of the Subprocessor’s obligations. Company will periodically (a) test and monitor the effectiveness of its safeguards, controls, systems, and procedures, and (b) identify reasonably foreseeable internal and external risks to the security, confidentiality, and integrity of the Personal Data, and ensure these risks are addressed.
   3.2 List of Subprocessors
   A current list of Subprocessors is available upon request. Company will notify Customer of any intended changes to Subprocessors and provide Customer with an opportunity to object on reasonable data protection grounds. Customer’s consent shall be deemed given if Customer does not object in writing within thirty (30) days after receipt of the prior notice. If Customer objects to the engagement of any Subprocessor on data protection grounds, then either Company will not engage the Subprocessor or Customer may elect to immediately suspend or terminate the Processing of Personal Data under the Agreement and/or immediately suspend or terminate the Agreement, in each case without penalty.
4. SECURITY
   4.1 Security Measures
   Company shall implement and maintain appropriate technical and organizational measures to protect Personal Data against unauthorized or unlawful Processing and against accidental loss, destruction, damage, alteration, or disclosure, as described in Annex II.
   4.2 Confidentiality
   Company shall ensure that persons authorized to Process Personal Data are subject to appropriate confidentiality obligations.
5. DATA BREACH NOTIFICATION
   Company shall notify Customer without undue delay after becoming aware of a Data Breach affecting Personal Data Processed on behalf of Customer. Such notification shall include, to the extent known:
   • The nature of the Data Breach;
   • The categories and approximate number of Data Subjects concerned;
   • The likely consequences of the Data Breach; and
   • Measures taken or proposed to address the Data Breach.
   Company will cooperate with Customer in investigating and mitigating the Data Breach.
6. DATA SUBJECT RIGHTS
   To the extent required by Data Protection Laws, Company shall assist Customer in responding to requests from Data Subjects to exercise their rights under applicable law (e.g., access, rectification, erasure, restriction, objection, data portability). Company shall not respond to such requests directly except as required by law or as instructed by Customer.
7. DATA PROTECTION IMPACT ASSESSMENTS
   Company shall provide reasonable assistance to Customer, at Customer’s expense, in conducting data protection impact assessments and prior consultations with supervisory authorities, as required by Data Protection Laws.
8. INTERNATIONAL DATA TRANSFERS
   8.1 Transfers
   Company may transfer Personal Data outside the country of origin as necessary to provide the Company Products and services, subject to appropriate safeguards as required by Data Protection Laws.
   8.2 EU Standard Contractual Clauses
   Where required, the parties agree that the EU Standard Contractual Clauses (Module Two: Controller to Processor) and the UK Addendum (as applicable) are incorporated into this DPA by reference. The details required for the Clauses are set out in Annex I.
   8.3 Swiss Data Transfers
   In respect of Personal Data where the Swiss Federal Act on Data Protection (“FADP”) applies, the parties agree to comply with the obligations, the parties agree to comply with the obligations of the Standard Contractual Clauses, Module Two subject to the following amendments: (a) references in the Standard Contractual Clauses to the GDPR shall refer to the FADP; (b) references to specific Articles of GDPR shall be replaced with the equivalent article of the FADP; (c) references to “EU,” “Union,” and “Member State” shall be replaced with references to Switzerland; (d) the term “member state” must not be interpreted in such a way as to exclude data subjects in Switzerland from the possibility of suing for their rights in their place of habitual residence in accordance with Standard Contractual Clause 18(c); and (e) the Standard Contractual Clauses shall also protect the data of legal persons until the entry into force of the revised FADP.
9. DELETION OR RETURN OF DATA
   Upon termination of the Services (for any reason) and if requested by Customer in writing, Company shall, as soon as reasonably practicable and in accordance with applicable law, delete the Personal Data on Company systems, PROVIDED that Company may: (a) retain one copy of the Personal Data as necessary to comply with any legal, regulatory, judicial, audit, or internal compliance requirements; and (b) defer the deletion of the Personal Data to the extent and for the duration that any Personal Data or copies thereof cannot reasonably and practically be expunged from Company’s systems. The parties hereby expressly acknowledge that Customer instructs Company to maintain back-up files of all Customer data (which may include Personal Data), for a reasonable duration. For such retention or deferral periods as set forth above, the provisions of this DPA shall continue to apply to such Personal Data. Company reserves the right to charge Customer for any reasonable costs and expenses incurred by Company in deleting the Personal Data pursuant to this clause. A certificate of destruction will be provided upon request.
10. AUDIT RIGHTS
    Upon reasonable prior written request, Company shall make available to Customer information necessary to demonstrate compliance with this DPA and allow for audits, including inspections, by Customer or an auditor mandated by Customer, no more than once per year, except where required by law or in the event of a Data Breach.
11. US PRIVACY LAWS
    Where Company Processes Personal Data subject to US Privacy Laws, the terms in Annex V apply. Company certifies that it will not sell or share Personal Data, will not retain, use, or disclose Personal Data for any purpose other than as specified in the Agreement, and will comply with all applicable US Privacy Laws.
12. GENERAL
    12.1 Conflict
    In the event of any conflict between this DPA and the Agreement, the terms of this DPA shall prevail.
    12.2 Limitation of Liability
    Any liability arising under this DPA is subject to the limitations and exclusions of liability set forth in the Agreement.
    12.3 Changes
    Company may update this DPA as required to comply with applicable law or to reflect changes in its data processing practices, by providing notice to Customer in accordance with the Agreement.
    ANNEX I: DETAILS OF PROCESSING
    A. LIST OF PARTIES
    Data Exporter (Controller): Customer, as identified in the Agreement.
    Data Importer (Processor): FreightFit AI, as identified in the Agreement.
    B. DESCRIPTION OF TRANSFER
    Categories of Data Subjects: End users, employees, contractors, suppliers, and other third parties relevant to the services.
    Categories of Personal Data: Names, contact details, user credentials, freight and invoice data, usage data, payment information, and any other data uploaded or entered by Customer or its users.
    Special Categories of Data: None anticipated. Customer agrees not to provide special categories of data.
    Nature and Purpose of Processing: As described in Section 2.2 and the Statement of Work.
    Duration of Processing: For the term of the Agreement and as required for legal or compliance purposes.
    C. COMPETENT SUPERVISORY AUTHORITY
    The supervisory authority of the Customer’s primary establishment in the EEA, UK, or Switzerland, as applicable.
    ANNEX II: TECHNICAL AND ORGANIZATIONAL MEASURES
    Company implements the following technical and organizational measures:
    • Logical access controls (e.g., authentication, role-based access);
    • Encryption of data in transit and at rest;
    • Regular security assessments;
    • Data backup and disaster recovery procedures;
    • Employee confidentiality agreements and security training;
    • Incident response and breach notification procedures; and
    • Subprocessor due diligence and contractual obligations.
    Further details are available upon request.
    ANNEX III: LIST OF SUBPROCESSORS
    A current list of Subprocessors is available upon request and will be updated as necessary in accordance with Section 3.
    ANNEX IV: UK ADDENDUM
    Where Personal Data is transferred from the UK, the UK Addendum to the EU Standard Contractual Clauses applies, as set out at https://ico.org.uk/media/for-organisations/documents/4019483/international-data-transfer-addendum.pdf.
    ANNEX V: US DATA PRIVACY ADDENDUM
    Where Company Processes Personal Data subject to US Privacy Laws, the following applies:
    • Company will not sell or share Personal Data.
    • Company will not retain, use, or disclose Personal Data for any purpose other than as specified in the Agreement.
    • Company will provide the same level of privacy protection as required by US Privacy Laws.
    • Customer has the right to take reasonable and appropriate steps to ensure Company uses Personal Data in a manner consistent with Customer’s obligations under US Privacy Laws.