Legal

Terms of Business

These Terms of Business govern access to and use of the YokiHub service, including subscription, billing, security, data protection, and operational responsibilities between YokiHub and each subscriber.

Document YokiHub Terms of Business (Master Agreement)

Version 1.0

Start Date 16 March 2026

Introduction And Acceptance

The Agreement

Binding Agreement: These Terms of Business (the "Agreement" or "Terms") constitute a legally binding agreement between Pelegan Innovations Ltd (Registration Number: HE 433101), acting as the sole owner and operator, and the entity or individual ("Subscriber", "Entity", "You", or "Your") accessing or using the software, website, and associated applications (collectively, the "Service").
Provider Entity: Any subsequent references in this Agreement to "Provider", "Pelegan", "the Company", or "YokiHub" shall strictly mean Pelegan Innovations Ltd.
Portal Definition: Any subsequent references in this Agreement to "YokiHub Portal", "Portal", "Management System", or "Management Portal" are interchangeable terms and shall strictly mean the same Service operated by Pelegan Innovations Ltd.

Scope of Service

Ecosystem Description: YokiHub is a Client Relations Management (CRM) and communications ecosystem designed to facilitate management, payments, and communications between subscribing entities and their end-users.
Core Function: The Service functions as a data processing and transmission tool, carrying out instructions to send data between the management system terminal and connected applications.
Compliance and Hosting: The Service operates in absolute compliance with European Union laws, regulations, and the General Data Protection Regulation (GDPR), ensuring that all Tenant Data is hosted securely within the European Economic Area (EEA).

Dual-Interface Ecosystem and Connectivity, and Personal Data Vault: You acknowledge that the Service operates as a dual-interface ecosystem. Pelegan Innovations Ltd provides You, the Subscriber, with the YokiHub Portal for management, while concurrently owning and operating the dedicated End-User mobile applications. Furthermore, the End-User application functions as a centralized personal data repository (the "YokiHub Vault"). End Users may input, store, and manage their personal and dependent information, including Special Categories of Personal Data, centrally within this Vault. Through the application, the End User exercises sovereign control to selectively grant, manage, or revoke access to their specific Vault data across multiple, distinct Subscriber accounts. Upon the End User activating a connection and explicitly authorizing the sharing of data with Your specific Subscriber account, a discrete copy of that authorized data is bridged to Your logically isolated portal environment to utilize mutual services, including but not limited to in-app actionable notifications, attendance tracking, payment execution, consent management, and calendar reminders. You acknowledge that this specific connection and data-sharing authorization is strictly voluntary and may be unilaterally severed or revoked by either the End User or the Subscriber at any time without prior notice.

Acceptance

Explicit Consent: By signing up for, accessing, or using the Service, You agree to be bound by these Terms.
Corporate Authority: If You are entering into this Agreement on behalf of a legal entity, You represent that You have the legal authority to bind that entity to these Terms.

Modifications to Terms and Versioning

Right to Modify: The Provider reserves the right to update, modify, or replace any part of this Agreement to reflect changes in the law, new regulatory requirements, or enhancements to the Service.
Notification of Changes: Any change, amendment, or new version of these Terms of Business shall be communicated to the Subscriber by making the updated document explicitly available within the YokiHub Portal and/or by transmitting a written notification to the registered Administrator email address.
Effective Date and Advance Notice: Any material modifications to these Terms of Business shall become effective seven (7) days after their publication within the YokiHub Portal or the transmission of written notification to the Administrator, whichever is earlier. Non-material changes, including the addition of new features or administrative clarifications that do not adversely alter Your rights or obligations, shall become effective immediately upon publication.
Continued Use: Your continued use of the Service following the publication or notification of any changes constitutes Your explicit acceptance of the revised Agreement.
New Features: Any new features, integrations, or tools added to the Service shall automatically be subject to the most current published version of these Terms.

Definitions

Interpretation of Terms

Service: "Service" refers to the business management and payment facilitation ecosystem operated by the Provider, encompassing the YokiHub Portal for Administrators and the associated End-User mobile applications.
Subscriber: "Subscriber" denotes the legal entity, organization, or individual business owner, acting as the merchant of record for their internal operations, that has formally entered into this Agreement.
Authorized User: "Authorized User" means any employee, agent, or representative of the Subscriber who has been explicitly authorized and granted credentials to access the Management Portal, including but not limited to Administrators and Staff.
End User: "End User" identifies the external individuals, such as clients, members, patients, or customers, whom the Subscriber manages and interacts with via the Service.
Tenant Data: "Tenant Data" encompasses all electronic data (including, inter alia, invoices, financial records, employee information, transaction history, and personal data) that currently resides, is processed, or is generated by the Subscriber strictly within their logically isolated secure database environment of the Service.
Management Unit: "Management Unit" refers to the individual branches, physical locations, subordinate legal entities, or distinct business units that are managed collectively under a single Subscriber account umbrella within the Service.
Merchant Service Charge (MSC): "Merchant Service Charge (MSC)" designates the variable processing fees imposed by third-party payment acquirers and card schemes, such as Visa or Mastercard, for the technical execution and settlement of financial transactions.
Service Fee: "Service Fee" constitutes the technical facilitation and platform maintenance fee charged exclusively by the Provider for the ongoing provision, support, and security of the software ecosystem.
Beta Services: "Beta Services" describes any experimental features, technologies, or services that are not yet part of the standard, commercially available Service and are specifically designated by the Provider as beta, pilot, limited release, early access, developer preview, or by a similar descriptive term.
Tenant Architecture: "Tenant Architecture" describes the structural multi-tenant cloud design wherein a single instance of the software application and its supporting infrastructure serves multiple customers, while maintaining strict logical isolation of each Subscriber's database to ensure privacy, security, and data integrity.
Demarcation Point: "Demarcation Point" represents the specific technical and legal boundary within the network infrastructure of the Provider where its operational responsibility and liability conclude, specifically defined as the exact moment a data packet or instruction successfully exits the controlled network of the Service and is transmitted to a receiving third-party gateway or external system.
Noisy Neighbor Event: "Noisy Neighbor Event" refers to a situation in which a single Subscriber's usage significantly exceeds average parameters or excessive consumption of shared computing resources, such as bandwidth, storage, or API calls, disproportionately degrades the performance, stability, or availability of the Service for other tenants on the shared infrastructure.
Content: "Content" encompasses all text, communications, documents, images, and other materials composed, uploaded, or transmitted by the Subscriber or its Authorized Users to End Users or third parties via the messaging and communication tools embedded within the Service.
YokiHub Vault: "YokiHub Vault" describes the centralized personal data repository housed strictly within the End-User application. It is the independent digital environment operating on the End User's device wherein End Users securely consolidate, control, and store exclusively their personal data, including Special Categories of Personal Data concerning themselves or their dependents. This repository may be populated natively by the End User or seeded via personal data bridged from a connected Subscriber. From this Vault, the End User exercises sovereign control to explicitly authorize the transmission and bridging of specific personal data segments to a selected Subscriber's Tenant environment. Furthermore, the YokiHub Vault serves as the definitive central log where all historical and active records of digital consents, detailing the specific permissions granted or revoked, the exact Subscriber to whom the consent applies, and the precise timestamp of such actions, are securely retained and managed by the End User.

Account Terms And Security

Tenant Architecture

Logical Isolation: The Service operates on a Tenant Architecture model. Each Subscriber is allocated a logically isolated database or data environment. You acknowledge that while the infrastructure is shared, Your data is logically separated from other Subscribers.
Uniform Versioning: As a multi-tenant SaaS platform, the Service is updated globally. You acknowledge that updates, patches, and new features are applied to all tenants simultaneously. You cannot opt-out of updates or request to remain on an older version of the software.
Data Residency: Unless explicitly agreed otherwise in a separate Enterprise agreement, Your Tenant Data will be hosted on secure servers located within the European Economic Area (EEA) to ensure compliance with European data protection standards and the General Data Protection Regulation (GDPR).
Production Environment: Unless explicitly labeled as a Sandbox or Staging environment, the Service is a Production Environment. Any data You input, modify, or delete is treated as live data. The Provider is not responsible for data loss resulting from Your internal testing or training activities performed on the live Service.
Aggregated Statistical Data: You agree that the Provider may collect, use, and publish anonymized and aggregated metadata regarding the use of the Service, including benchmarking, system performance, and average volume of transactions, for the purpose of optimizing the Service architecture.
Fair Use and Resource Limits: You acknowledge that the Service runs on shared infrastructure. To ensure stability for all users, the Provider reserves the right to impose limits on bandwidth, storage, or API usage. If Your usage significantly exceeds the average or threatens the stability of the Service, constituting a Noisy Neighbor event, the Provider reserves the right to throttle Your access or require You to move to a dedicated capacity plan.
Global Maintenance Windows: The Provider performs regular maintenance and security updates. Because the infrastructure is shared, these maintenance windows apply to all users simultaneously. While the Provider attempts to schedule these during off-peak hours, the Provider reserves the right to perform emergency maintenance at any time.
Backups and Retention: The Provider performs regular backups for disaster recovery. You acknowledge that these backups follow a rolling retention policy, typically of thirty days. This means that while Your current, active data is always preserved in our latest backup, older historical snapshots are eventually replaced by newer ones. The Provider is not a long-term archival service for data You deleted or modified prior to the current retention window.
Data Restoration Fees: If You request the restoration of data due to Your own error, such as accidental deletion or corruption by an Authorized User, the Provider reserves the right to charge a reasonable professional service fee for the manual intervention required to retrieve and restore such data.
Dependency on Third-Party Hosting: The Service is hosted on third-party cloud infrastructure. You acknowledge that the availability of the Service is subject to the performance of these third-party providers, and the Provider is not liable for outages caused by upstream infrastructure failures.
No Right of Physical Audit: You acknowledge that the Service is a multi-tenant cloud environment. To maintain the security and integrity of the Service for all users, You may not physically audit or inspect the data centers, offices, or infrastructure of the Provider.
Beta Services: From time to time, the Provider may invite You to try Beta Services. You acknowledge that these features are for testing purposes, may contain bugs, and are provided as-is without warranty.
No Uptime Guarantee (SLA): Unless explicitly agreed in a separate Service Level Agreement (SLA), the Provider does not guarantee any specific uptime percentage. The Service is provided on a best effort availability basis.
Prohibition on Security Testing: You are strictly prohibited from performing penetration tests, vulnerability scans, or load testing on the Service infrastructure without the prior express written consent of the Provider.
Transmission Responsibility (The Demarcation Point): You acknowledge that the Service functions as a conduit for sending instructions, including payment commands and API requests, to external systems. You agree that the technical responsibility of the Provider ends once the data packet successfully leaves our network. The Provider is not responsible for transaction failures, latency, or data loss caused by the downtime, rate limits, or rejection errors of the receiving third-party system, including payment acquirers, banks, or external API partners.
Data Portability Format: In compliance with the right to data portability under the General Data Protection Regulation (GDPR), the Provider ensures that any export of Tenant Data requested by the Subscriber during the active term or the Data Retrieval Grace Period shall be provided in a structured, commonly used, and machine-readable format, such as CSV or JSON.

Account Security

Responsibility Boundary: The Provider shall implement and maintain commercially reasonable technical and organizational measures designed to protect the security and integrity of the Service infrastructure and Tenant Data under our direct control. You acknowledge that no system is entirely free from risk and that absolute security is impossible; therefore, our responsibility is limited to the implementation of these reasonable measures.
Access Control and Duration: You, the Subscriber, are solely responsible for managing Your Authorized Users. You acknowledge that the Service provides tools allowing You to grant, restrict, or revoke access levels for different users. You are responsible for determining the appropriate level of access for each individual and the duration of that access through the controls within the Service.
Security Audit Rights: The Provider reserves the right, but not the obligation, to monitor and audit the list of Authorized Users and their activity logs within Your account. This is performed to ensure compliance with these Terms and to maintain the overall security of the platform.
Death or Incapacity: In the event of the death or permanent incapacity of an individual Subscriber owner, or the dissolution of a Subscriber entity, the Provider must be notified promptly by the Subscriber's legal representatives or successors. The Provider will only grant access to the account to a verified legal successor, executor, or liquidator upon receipt of certified legal documentation recognized under the laws of the Republic of Cyprus. Until such notification and documentation are provided, the Provider shall not be liable for any access or activity on the account.
Neutrality and Emergency Account Freezing: The Provider will not act as an arbiter in internal administrative disputes. However, if the registered owner of the Entity provides credible evidence of an unauthorized account takeover or lockout, the Provider reserves the right to immediately freeze the account to prevent data deletion or further unauthorized use. Access will only be restored or credentials reset once the Entity provides official corporate registration documents proving the claimant's authority.
Ownership Disputes: In the event of a dispute regarding account ownership, the Provider reserves the right to request official corporate registration documents or proof of the primary payment method. Our determination of ownership shall be final and binding.
Credential Integrity: You are prohibited from using passwords that have been compromised in known data breaches. The Provider is not liable for unauthorized access resulting from credential stuffing or the use of weak or recycled passwords.
Named User Policy: Access to the Service is granted to named individuals only. Sharing a single login credential among multiple people is strictly prohibited.
User Responsibility: You are solely responsible for maintaining the security of Your devices, networks, and account credentials, including usernames and passwords.
Duty to Notify: You agree to notify the Provider immediately via support@yokihub.com if You become aware of any unauthorized use of Your account, loss of credentials, or any other breach of security.
Administrator Authority: The Provider will act solely on instructions provided by Your designated account administrators. We will not intervene in internal disputes between You and Your employees regarding account access or data ownership; in all such cases, we will defer to the authority of the Subscriber entity.
Right to Suspend for Security: The Provider reserves the right to temporarily suspend access to Your account or specific user logins without prior notice if we detect suspicious activity.
Phishing and Impersonation Disclaimer: The Provider will never request Your password or sensitive login credentials via email, SMS, or phone call.
Third-Party Sign-On (SSO): If You access the Service using third-party credentials, You are solely responsible for maintaining the security of those external accounts.
Optional Security Features (MFA): If the Service offers additional security controls, such as Multi-Factor Authentication, You are responsible for enabling and utilizing them.
Automatic Session Logouts: To protect Your data, the Service may automatically log You out after a period of inactivity.
Device Security: You are responsible for ensuring that the devices used to access the Service are secure, free from malware, and run up-to-date operating systems and browsers.
Accuracy of Information: You agree to provide and maintain accurate, current, and complete account information, including a valid email address for billing and legal notices.
Entity Responsibility for Users: You are fully responsible and liable for all activities that occur under Your account, including the actions or misconduct of Your Authorized Users, employees, or agents.
Exclusion of Liability: The Provider shall not be liable for any unauthorized access, data breach, or loss resulting from factors beyond our control or where commercially reasonable security measures were bypassed.
Data Exports: You are solely responsible for the security of any data exported from the Service. Once data leaves the secure YokiHub Portal environment, the responsibility of the Provider ceases entirely.
Data Breach Notification Timeline: In the event that the Provider confirms a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Tenant Data, the Provider shall notify the Subscriber without undue delay, and in any event no later than seventy-two (72) hours after becoming aware of the breach, to enable the Subscriber to comply with its obligations under the General Data Protection Regulation (GDPR). You explicitly acknowledge that this notification obligation applies strictly to Your Tenant Data. Security incidents strictly isolated to the independent YokiHub Vault architecture, which do not compromise Your logically isolated database, shall be handled directly between Pelegan Innovations Ltd and the affected End Users acting as independent Data Subjects.
Account Transferability and Assignment: The Subscriber may not assign, sell, or transfer their YokiHub account or any rights under this Agreement to a third party, including in the event of a merger, acquisition, or sale of assets, without the prior express written consent of the Provider. The Provider reserves the right to mandate a formal legal transfer process within the YokiHub Portal and may apply an administrative fee to execute such a change of ownership.
Law Enforcement and Compelled Disclosure: If the Provider receives a valid legal subpoena, court order, or law enforcement request compelling the disclosure of Tenant Data, the Provider shall, to the extent legally permitted, promptly notify the Subscriber in writing prior to disclosure. This notification is intended to provide the Subscriber with a reasonable opportunity to seek a protective order or otherwise contest the disclosure request under applicable law.
Data Processing Agreement (DPA): By agreeing to these Terms, the Subscriber concurrently agrees to the standard YokiHub Data Processing Agreement (DPA), which governs the specifics of data handling, the utilization of sub-processors, and responses to data subject access requests in accordance with the General Data Protection Regulation (GDPR).
PCI-DSS Compliance and Cardholder Data: The Service facilitates payment processing but does not store raw, unencrypted credit card Primary Account Numbers (PANs) on its infrastructure. All payment processing is executed via secure tokenization through PCI-DSS compliant third-party payment gateways. You are solely responsible for Your own PCI compliance regarding any payment data You or Your Authorized Users physically capture or process outside the integrated tokenized environment.
Post-Termination Data Handling: Upon the cancellation, expiration, or termination of Your account, Pelegan Innovations Ltd shall provide a Data Retrieval Grace Period of thirty (30) days, during which You may export Your Tenant Data. Following the expiration of this grace period, Pelegan Innovations Ltd is legally mandated to permanently and irrecoverably delete all associated Tenant Data from its production servers and subsequent backup cycles, in strict accordance with the GDPR storage limitation principle. You explicitly acknowledge and agree that the execution of this data destruction protocol applies strictly to Your logically isolated Tenant Data and shall not affect, compromise, or trigger the deletion of any sovereign personal data independently stored by End Users within their centralized YokiHub Vaults.
Sub-Processor Engagement: You grant the Provider general authorization to engage third-party sub-processors to fulfill its contractual obligations under this Agreement. The Provider shall maintain an up-to-date list of active sub-processors within the YokiHub Portal and shall notify You, via email or portal notification, of any intended changes concerning the addition or replacement of sub-processors at least seven (7) days prior to the change taking effect, providing You the opportunity to raise a justified legal objection to such changes.

Acceptable Use Policy (AUP)

Intended Purpose: You agree to use the Service only for its intended purpose of managing Your direct business relationship with Your End Users. You are solely responsible for Your conduct and the Content You and Your Authorized Users upload or transmit via the Service.
Accomplice Liability and Cooperation: You are strictly prohibited from using the Service in any manner that would render the Provider liable as an accomplice or facilitator to any unlawful act under the laws of the Republic of Cyprus or any applicable international jurisdiction.
User Vetting: You are solely responsible for vetting, verifying, and authorizing the individuals to whom You grant access.
Harmful Behavior: You must not threaten, harass, abuse, intimidate, or defame others, including Your own End Users or Pelegan staff.
Data Privacy and Misuse: Unauthorized sharing, selling, or disclosure of personal data is prohibited. You must not use the Service for phishing, identity theft, or running automated scripts or scrapers to harvest data from the Service.
Communication and Anti-Spam: Sending unsolicited bulk emails, SMS, or other forms of spam to users who have not explicitly opted in is strictly prohibited.
Third-Party Advertising: You must not use the Service to advertise, promote, or distribute content for third-party events, products, or services where You are not the direct organizer or primary provider. This prohibition applies irrespective of whether You have obtained the End User's consent to receive such material.
Political Content and Candidates: You must not use the Service to promote the positions, campaigns, or candidacy of specific political candidates.
Chain Letters: Sending chain letters, pyramid schemes, or multi-level marketing solicitations is prohibited.
Financial Abuse: Card testing, money laundering, or any illicit financial activities are strictly prohibited.
Prohibited Businesses: You may not use the Service to manage or facilitate businesses that fall under High-Risk or Prohibited categories as defined by global financial institutions.
Competitive Research: Direct competitors may not access the Service for benchmarking, monitoring performance, or for the purpose of building a competitive product.
High Risk and Emergency Use: The Service is not intended for mission-critical emergency notifications, such as life-safety alerts or facility lockdowns. Real-time delivery cannot be guaranteed.
Technical Restrictions: Transmitting malware, attempting unauthorized database access, or performing unapproved load or stress tests on the infrastructure is prohibited.
Multi-Branch Usage: While a single Subscriber account may be used to manage multiple branches or locations of the same legal entity, You acknowledge that such usage is subject to the Fair Use and Resource Limits outlined in Section 3.1.
No Reselling: You may not sub-license Your account to manage unrelated legal entities without an express Reseller Agreement with the Provider.
Automated Harvesting Scraping, and AI: Using bots, scrapers, or automated extraction tools to copy content, bypass the YokiHub Vault sharing mechanisms, or unlawfully extract personal data directly from an End User's YokiHub Vault is strictly prohibited. Furthermore, utilizing Tenant Data residing in Your database for the purpose of training artificial intelligence (AI) models or machine learning algorithms without explicit, documented consent from both Pelegan Innovations Ltd and the respective End Users is prohibited.
Content Responsibility: You are solely responsible for the accuracy, quality, integrity, legality, and appropriateness of all Content and data submitted. The Provider does not proactively monitor Content.
Professional Conduct: You must not use the Service to disparage the Provider or its staff.
Deceptive Practices: Using the Service for phishing or social engineering is strictly prohibited.
Intellectual Property: You warrant that You own or have the necessary licenses for all Content distributed. Infringement of third-party copyrights or trademarks is prohibited.
Jurisdictional Compliance: You agree to comply with all laws of the Republic of Cyprus and the jurisdictions where Your End Users reside.
Financial Ecosystem Integrity: You are prohibited from using communications, including Email, SMS, Push, and In-App messaging, to solicit payments for bills or invoices managed within the YokiHub Portal through external links specifically to evade integrated transaction fees.
Messaging Fraud and Artificial Traffic: Generating artificial or fraudulent messaging traffic, including but not limited to SMS Pumping, automated Push Notifications, or bulk In-App alerts, is prohibited. Any costs, carrier penalties, or damages resulting from such traffic are Your sole financial responsibility.
Reputational and Technical Integrity: Any use that risks the technical reputation or deliverability of the IP addresses or developer certificates of the Provider is prohibited.
Reverse Engineering: Attempting to derive the source code, underlying ideas, or algorithms of the Service is prohibited.
Feedback License: You grant the Provider a worldwide, perpetual, irrevocable, royalty-free license to use and incorporate any feedback or suggestions You provide without restriction.
Sanctions and Export Control: You warrant that neither You nor Your Authorized Users are on any restricted party list, including EU, UN, or US sanctions.
Third-Party Legal Indemnity: If Your breach of this Acceptable Use Policy results in a third party bringing a claim against the Provider, You agree to indemnify and hold the Provider harmless for all damages and costs, including reasonable legal fees.
Notice and Takedown Procedure: In compliance with European Union digital services regulations, the Provider reserves the right to immediately and without prior notice remove, disable access to, or delete any Content that We reasonably believe infringes upon the intellectual property rights of a third party, violates applicable law, or breaches this Acceptable Use Policy.
Verified Ratings and Reciprocal Accountability: You acknowledge that the Service may feature mechanisms for verified ratings and conduct assessments to foster mutual trust and reciprocal accountability between Subscribers and End Users. You agree to utilize these features in good faith, and You acknowledge that the Provider reserves the right to moderate or remove content that violates our acceptable use policies.

Right to Refuse Service and Suspension

Discretionary Refusal and Termination: The Provider reserves the right, at its sole and absolute discretion, to deny access to the Service, refuse a subscription, or terminate an existing account for any reason whatsoever, without the obligation to provide a detailed justification, provided that such refusal or termination does not violate applicable European Union or Republic of Cyprus anti-discrimination legislation.
Immediate Suspension: The Provider reserves the right to immediately, and without prior notice, suspend Your access to the Service, in whole or in part, if We reasonably suspect that Your account is being used for fraudulent activity, is subject to a security compromise, or is operating in material violation of the Acceptable Use Policy outlined in Section 3.3.
Notice and Remediation: Where commercially feasible and legally permissible, the Provider will endeavor to provide You with concurrent or post-suspension notification detailing the nature of the suspension. At our sole discretion, we may provide You with an opportunity and a specified timeframe to remediate the violation before proceeding to permanent account termination.
Financial Reconciliation Upon Refusal: In the event that the Provider terminates Your account without cause under the discretionary rights granted in this section, You shall be entitled to a pro-rata refund of any prepaid Service Fees for the unused remainder of Your current billing cycle. Conversely, if suspension or termination is executed due to a verified breach of this Agreement, including but not limited to violations of the Acceptable Use Policy, no refunds of any kind shall be issued.
Data Handling During Suspension: During any period of account suspension, Your Tenant Data will be retained securely within the Service infrastructure in accordance with our standard retention policies, but You will be entirely restricted from accessing, exporting, or modifying said data until the suspension is lifted or the account is formally terminated and enters the Data Retrieval Grace Period.

Subscription, Payments, And Billing

Payment Methods and Compliance

Processing and Acquirers: Payments are processed via regulated payment acquirers, designated by the Provider. The Provider reserves the right to change or add designated payment acquirers or processors at any time without prior notice.
Direct and Master Merchant Arrangements: You acknowledge that to process payments, You may be required to enter into a direct Merchant Agreement with a payment acquirer or, alternatively, the Provider may act as a Master Merchant to facilitate Your access to payment services. In either scenario, Your use of payment features is governed strictly by the underlying requirements of the payment acquirer.
Authorization vs. Settlement: You acknowledge that a "Paid" or "Authorized" status within the Service indicates that the payment acquirer has successfully authorized the transaction. However, the Provider does not guarantee the actual settlement of funds into Your bank account, as the timing and finality of settlement are strictly governed by the payment acquirer and the banking clearing system.
System Availability and In-App Payments: The Service facilitates payment processing for invoices issued by the Subscriber through the connected End User application. While the Provider strives for high availability, the Service, the associated applications, or the payment acquirer's gateway may be temporarily unavailable due to scheduled maintenance or technical failures. The Provider is not liable for any losses, late fees, or missed payment deadlines incurred by the Subscriber or the End User resulting from the inability to complete a transaction during such periods.
Instruction Finality: You acknowledge that the Service acts on Your direct instructions to initiate payment requests. Once a payment instruction has been transmitted to the payment acquirer through the Service, it is considered final and cannot be cancelled, retracted, or modified by the Provider.
Invoicing Accuracy and Modification: You are solely responsible for the accuracy of all invoices issued through the Service. You acknowledge that once a payment has been made against an invoice, that specific invoice cannot be cancelled or modified within the system. In the event of an invoicing error, it is Your sole responsibility to issue supplementary invoices or credit notes. While the Provider may, in the future, offer features to facilitate invoice adjustments after payment, the current technical state of the Service requires manual reconciliation by the Subscriber.
Not Accounting Software: You acknowledge and agree that the Service is a business management and payment facilitation tool and does not constitute accounting or bookkeeping software. The Service is not intended to satisfy Your statutory obligations to maintain proper books of account or to comply with international accounting standards or local tax laws.
Automatic Pass-Through of Acquirer Costs: You acknowledge that the Merchant Service Charge (MSC) is determined by the payment acquirer and the relevant card schemes. Any adjustments, increases, or new fees imposed by the payment acquirer, card schemes (e.g., Visa or Mastercard), or regulatory bodies will be passed through directly to You. Such increases are applied immediately upon the effective date of the third-party adjustment.
Bank-Imposed Reserves and Holds: You acknowledge that payment acquirers may, at their discretion, impose reserve funds, rolling reserves, or temporary holds on Your settled funds. The Provider has no control over, and accepts no liability for, these financial mandates.
Variable Merchant Service Charges (MSC): You acknowledge and agree that payment acquirers apply a Merchant Service Charge (MSC) which varies based on the Interchange Fees and Scheme Fees applicable to the specific transaction, such as distinctions between local versus international cards, or consumer versus corporate cards. You are responsible for being aware of these variations as set by the relevant financial institutions.
Service Charges and Remuneration: The Service facilitates the technical processing of payments within a secure software ecosystem. You acknowledge and agree that for providing, maintaining, and securing this ecosystem, the Provider receives a percentage of the Merchant Service Charge (MSC) applied to each transaction.
Non-Refundable Fees: You acknowledge that in the event of a refund, reversal, or chargeback, the original Merchant Service Charges, including the portion received by the Provider, are strictly non-refundable.
Currency and Exchange Rates: All transactions are processed in the currency designated by the Subscriber. Any currency conversion fees or exchange rate fluctuations are the sole responsibility of the End User or the Subscriber.
Partial Payments and Reconciliation: The Service may allow for partial payments if enabled by Your account settings. You acknowledge that reconciling partial payments within Your internal accounting structure is Your sole responsibility.
Settlement Thresholds and Payouts: You acknowledge that payouts are subject to the terms of the relevant payment acquirer. The Provider is not responsible for funds held by an acquirer due to settlement thresholds, security reviews, or compliance checks.
Transaction Records and Financial Source of Truth: While the YokiHub Portal provides convenience reports, You acknowledge that the official financial Source of Truth for tax and audit purposes resides solely with the payment acquirer. You are responsible for archiving Your official financial statements directly from the acquirer's portal.
Chargebacks and Disputes: You are solely responsible for all chargebacks, reversals, and disputes. You agree to provide all necessary evidence to the payment acquirer to defend against disputed transactions and agree to reimburse the Provider immediately if any such funds are deducted from our accounts due to Your disputed transactions.
Tax Responsibility: You are solely responsible for determining, collecting, reporting, and paying all applicable taxes, including Value Added Tax (VAT), resulting from payments made by Your End Users.
KYC/AML Compliance: You agree to promptly provide any documentation or information requested by our payment acquirers to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations.
Hosted Payment Gateway and PSD2 Compliance: You acknowledge that the Provider does not process payment orders or store credit card details. When an End User initiates a payment within the application, they are securely routed to, or interact within an embedded window of, the designated payment acquirer's secure gateway systems. All sensitive data entry and physical transaction execution occur entirely within the acquirer's controlled environment. Therefore, in accordance with the European Union Revised Payment Services Directive (PSD2), all mandatory Strong Customer Authentication (SCA) or 3D Secure verification challenges are administered exclusively by the payment acquirer and the End User's issuing bank. The Provider explicitly disclaims any liability for transaction abandonment, processing delays, or payment failures caused by these external, bank-mandated security protocols.

Subscription Plans and Entity Logic

Billing Cycle: The Service is billed in advance on a monthly or yearly basis. The billing cycle begins on the date of Your first successful payment and recurs on the same calendar day of each subsequent period.
Per-Entity Licensing and Settlement Mapping: A single subscription grant is valid for one (1) legal entity only. Each Subscriber must be mapped to a unique, verified bank account for the settlement of funds.
Subscription Plans (Model and Logic): You acknowledge that the Service is currently provided under a fixed-rate model, structured per Entity or per Enterprise Bundle. However, the Provider explicitly reserves the right to modify the subscription logic at its sole discretion, including transitioning to a tier-based or per-user model.
Standard Plan: The Standard Plan is valid for one (1) legal entity operating as a single, isolated tenant environment and is available on monthly or yearly billing cycles. You are strictly prohibited from using the Standard Plan to manage or process payments for multiple distinct legal entities.
Enterprise Plan (Bundled Licensing): The Enterprise Plan is designed for Subscribers operating multiple branches, locations, distinct legal entities, or separate Management Units. This constitutes a bundled license consisting of multiple environments at an aggregate discount. Unless otherwise agreed in writing, the Enterprise Plan is available exclusively on a Yearly (Annual) basis.
Modular Architecture and Plug-ins: The Service is designed as a modular platform; whether on a Standard or Enterprise plan, You have the opportunity to customize Your environment by opting-in to additional Feature Modules or Plug-ins, such as Accounting Connectors, Payroll Modules, or Advanced Analytics. Additional modules can be activated at any time via the Management Portal, which will result in an immediate pro-rata charge for the remainder of Your current billing cycle.
Module Deactivation: You may deactivate optional modules at any time, with deactivation taking effect at the start of Your next billing cycle. No pro-rata refunds are issued for the mid-cycle deactivation of individual modules.
Downgrade Technical Restrictions: If You choose to deactivate a module or downgrade a plan, You are responsible for ensuring that Your data usage fits within the new plan's limits. The Provider is not liable for any data loss or loss of functionality, including disabled reports or disconnected integrations, resulting from a Subscriber-initiated downgrade.
Implementation and Onboarding: The Provider reserves the right to charge a one-time, non-refundable Implementation Fee for the initial setup of an Enterprise Bundle or the configuration of complex Feature Modules. This fee covers the administrative and technical costs of environment provisioning and initial data mapping.
Usage Limits and Overages: Each plan or module may be subject to fair-use thresholds, including but not limited to storage capacity, API calls, or notification volumes. If Your usage exceeds these thresholds, the Provider reserves the right to charge an overage fee or require a migration to a higher-capacity tier to maintain system stability.
User Seat Licensing: Unless specified otherwise, a subscription grants access to a reasonable number of Authorized Users associated with that specific legal entity. Sharing login credentials between different individuals is strictly prohibited; the Provider reserves the right to monitor session activity to prevent unauthorized credential sharing.
Tenant Switching Architecture: The Service architecture supports a Tenant Switcher interface for Authorized Users who administer more than one entity or unit. Administrators can navigate between their different management systems through a drop-down selection menu within the portal without the requirement to log out and log in for each entity or unit.
Identity Management and Data Isolation: Access to the switcher is governed by the User's authenticated identity, which remains constant across the Enterprise bundle. However, each branch, entity, or unit remains a logically isolated tenant environment with its own database and settings. Data is not automatically shared or merged between units unless a specific Cross-Tenant module is activated.
Service Availability (Uptime): While the Provider strives for 99.9% uptime, we do not guarantee uninterrupted service. Scheduled maintenance, which usually occurs during low-traffic hours within the Eastern European Time (EET) zone, does not constitute a breach of contract or entitle the Subscriber to any credits or refunds.
Auto-Renewal and Annual Price Adjustment: Subscriptions automatically renew for a successive term of the same length unless cancelled in accordance with Section 4.3. You acknowledge and agree that the Provider may increase Your subscription fees annually by up to 15% to account for inflation and infrastructure costs. Such adjustments will be applied automatically at the start of Your next renewal period without a separate thirty-day notice.
Notice of Significant Pricing Changes: In the event of a change to the subscription logic or a price increase exceeding the 15% annual adjustment, the Provider will provide You with at least thirty (30) days' notice.
Fair Use and Resource Monitoring: While the current logic is not restricted by End User count, it remains subject to the Fair Use and Resource Limits outlined in Section 3.1. High-usage entities may be subject to custom enterprise plans.
Free Trials, Data Processing, and Deletion: You acknowledge that the Provider acts strictly as a Data Processor during any free trial or pilot phase. Upon the expiration of a trial, the processing purpose is considered fulfilled. In accordance with the GDPR principle of Storage Limitation, Your trial account and all associated Tenant Data will be queued for automated and permanent deletion immediately following the trial expiration. The Provider is under no obligation to provide data exports or retrieval services for expired, non-paid trial accounts.
Taxes: All fees quoted are exclusive of Value Added Tax (VAT) and any other applicable government levies or duties. These will be added to Your invoice at the prevailing rate based on Your jurisdiction.
Electronic Licensing Audits: The Provider reserves the right to electronically monitor and audit the number of distinct legal entities, Management Units, and Authorized Users provisioned within Your account to verify strict compliance with Your selected subscription tier. If an electronic audit reveals that You are managing unlicensed entities or exceeding permitted thresholds, the Provider reserves the right to immediately invoice You for the excess usage at the current Standard Plan rates.
Cross-Branch Data Access: Where the Subscriber utilizes an Enterprise Plan or manages multiple Management Units/branches, You explicitly authorize the Provider to facilitate the sharing of End User profile data across Your authorized branches. This sharing is conducted strictly to ensure continuity of service and administrative efficiency across Your logically isolated environments.

Cancellations, Refunds, and Plan Adjustments

Anytime Cancellation and Access: You may cancel Your subscription or specific units at any time. Cancellation takes effect at the end of the current paid billing period, and You retain access until that date.
Debt Clearance Prerequisite: A cancellation is only valid and processed once all outstanding debts, including unpaid fees, failed payments, or SMS overages, are settled in full. A contract cannot be terminated while a balance remains owed to the Provider.
Retroactive Re-rating and Discount "Clawback": If a cancellation or downgrade breaks a long-term (Annual) or volume-based (Enterprise) commitment, any refund due will be subject to a Retroactive Re-rating. Discounts applied for Annual or Multi-Branch commitments will be revoked only for the specific units or months being cancelled. The used portion of those specific cancelled units will be recalculated at the Standard Monthly Rate as documented in Your original agreement. The added-back costs from this re-rating will be deducted from Your remaining balance, and only the surplus balance, if any, is eligible for refund.
Non-Refundable Usage Fees: Any fees associated with consumed resources, including but not limited to SMS credits, transactional processing fees (MSC), or one-time implementation fees, are strictly non-refundable regardless of when the subscription is cancelled.
No Right of Set-Off: You agree to pay all invoices in full by their due date. You are not permitted to withhold, defer, or set off any current payments against anticipated refunds or Q1 settlements.
Refund Settlement Window: All refunds are processed and settled within the first quarter (Q1) of the following fiscal year.
Source-Back and Currency Matching: Refunds will be returned exclusively to the original source of payment, ensuring funds return to the same bank account or card from which they originated. To protect the Subscriber from exchange rate fluctuations, refunds shall be issued in the same currency in which the original payment was made.
VAT and Tax Adjustments: All refunds are calculated based on the net amount paid. Where VAT has been charged and remitted to the Cyprus Tax Department for a previous fiscal period, the Provider will issue a formal Credit Note. The refund of the VAT portion is subject to the successful processing of this credit adjustment.
Non-Transferability of Credits: Any pending refund balances or credits are tied to the specific legal entity of the Subscriber and may not be transferred, assigned, or sold to any third party without the express written consent of the Provider.
Administrative Dispute Fee and Reasoning: If a Subscriber proceeds to initiate a bank dispute or chargeback instead of following the established refund procedure, an administrative fee of no less than EUR100 (or the equivalent in the Subscriber's local currency) will be applied to the Subscriber's account. You acknowledge that a bank chargeback triggers immediate non-refundable penalties and requires significant manual intervention; this fee is intended to cover these actual administrative and penalty costs.
Exemption of Administrative Dispute Fee: This fee will be waived or refunded if the chargeback initiated by the Subscriber is determined by the bank to be the result of a demonstrable error or fault by the Provider. If the Provider is found at fault, we will cover the associated processing costs.
EU Right of Withdrawal (Distance Selling): If You are a consumer within the European Union, You have a legal right to withdraw within 14 days. However, You explicitly acknowledge that by accessing the Service or activating a Module, You are requesting immediate performance and thereby waive Your right of withdrawal once the digital content has been accessed.
Anti-Abuse Provision: The Provider reserves the right to refuse future service as well as the right to apply additional administrative fees to any Subscriber found to be cycling subscriptions to manipulate billing cycles, discount tiers, or refund windows.
Formal Refund Request Procedure: To initiate a refund or re-rating request, the Subscriber must submit a formal ticket via the Management Portal or an email to billing@yokihub.com. Verbal requests are not considered valid notices.
Source of Truth for Usage: In the event of a dispute regarding the date of cancellation or the active unit count, the internal system logs of the Provider shall serve as the final Source of Truth. You agree that these logs are a definitive record of Your account activity.
Survival of Payment Obligations: The cancellation, termination, or expiration of Your subscription shall not relieve You of the overarching legal obligation to pay any fees, overages, or penalties accrued prior to the effective date of such termination.
Promotional Credits and Balances: Any promotional credits, discount codes, or courtesy balances applied to Your account by the Provider possess no cash value, are strictly non-refundable, non-transferable, and cannot be exchanged for fiat currency. All such credits shall immediately expire and be permanently forfeited upon the cancellation or termination of Your subscription.

Payment Due Dates and Lockout Procedure

Payment Due Date: All fees are payable in full on the day following the expiration of Your current billing term.
Late Payment Interest and Recovery Costs: In accordance with EU Directive 2011/7/EU, the Provider reserves the right to charge statutory interest at 8% above the European Central Bank (ECB) rate, alongside a tiered administrative recovery fee. This fee is EUR40 per overdue invoice for Standard or Professional Units, and EUR125 per overdue invoice for Enterprise or Tiered Bundles applicable to Multi-Branch, Multi-Management Units, or Multi-Entity structures.
Automated Retry Cycle: Failed transactions are retried automatically 5, 10, and 15 days after the original due date.
Account Lockout (Suspension): If the final retry on Day 15 fails, Your account access will be automatically suspended. During Lockout, all Authorized Users and End Users are blocked from accessing the YokiHub Portal and App features.
Impact on Integrations: The Provider is not liable for any disruptions to third-party software connections, APIs, or data exports caused by account suspension or deletion.
Restoration Requirement and Right to Deny: Restoration of a suspended account requires the settlement of the entire outstanding balance, including any accrued fees. The Provider reserves the absolute right, at its sole discretion, to deny any request for re-activation based on risk management or repeated defaults.
Restoration Timeline: Approved restorations are typically executed within 24 to 48 hours following full settlement of the account.
Cold Storage Grace Period: From Day 31 to Day 90 following a failed payment, Your account enters Cold Storage. During this period, the Provider reserves the right to apply a EUR100 Re-activation Fee to cover the technical costs of restoration.
Limited Data Portability in Cold Storage: During Cold Storage, a one-time data export may be requested by the Subscriber, subject to a Data Extraction Fee.
Communication Responsibility: Notifications regarding billing, failures, and suspension are sent via the Administrator email on file and via System Messages within the YokiHub Portal. Notice is deemed legally received once sent or posted.
Permanent Deletion (The 90-Day Rule): If full payment is not received within ninety (90) days of the original due date, all associated Tenant Data is permanently and irreversibly deleted. A Final Notice will be issued at least seven (7) days prior to deletion. You acknowledge that this action satisfies the GDPR principle of Storage Limitation and that once the 90-day window closes and deletion is executed, no data can be restored under any circumstances. Furthermore, You explicitly acknowledge that the permanent deletion of Your isolated Tenant environment shall have absolutely no impact on the sovereign personal data stored and controlled by End Users within their independent YokiHub Vaults.
Good Faith Invoice Disputes: If You believe an invoice contains an error, You must notify the Provider in writing at billing@yokihub.com within seven (7) calendar days of receiving the invoice, detailing the nature of the good faith dispute. You remain strictly obligated to pay the undisputed portion of the invoice by the original due date. Failure to report a dispute within this seven-day window constitutes Your explicit acceptance of the invoice as accurate, and the standard Account Lockout procedures detailed in Section 4.4.4 shall apply to any subsequent non-payment.
Billing Errors and Lookback Period: The Provider endeavors to invoice all fees promptly. However, in the event of a technical or administrative error resulting in an undercharge or a failure to invoice for utilized services (such as SMS overages or module activations), the Provider reserves the explicit right to issue retrospective invoices for such unbilled usage, provided that the usage occurred within the one hundred and eighty (180) days immediately preceding the date of the corrected invoice.

Payment Execution and Mandates

Continuous Payment Authority: You grant the Provider a continuous mandate to automatically charge Your registered digital payment method for all recurring subscription fees and associated charges.
Obligation to Maintain Valid Payment Method: You agree to maintain at least one valid, unexpired digital payment method on file within the YokiHub Portal at all times. Failure to maintain a valid payment method resulting in consecutive failed charges shall trigger the Account Lockout procedure detailed in Section 4.4.
Card Account Updater Services: You explicitly authorize the Provider and its designated payment acquirers to utilize automated "Account Updater" services provided by major card networks (such as Visa and Mastercard) to securely update the expiration date or replacement card numbers of Your registered payment method, ensuring uninterrupted service.
Strict Prohibition of Cash and Cheques: The Provider strictly does not accept cash or cheque payments under any circumstances.
Electronic Invoicing: All official invoices and receipts are generated and issued electronically via the YokiHub Portal.
Debt Collection and Assignment: In the event that Your account is permanently deleted due to non-payment under the 90-Day Rule, the Provider reserves the explicit right to assign Your outstanding debt to a third-party debt collection agency or external legal counsel. You agree to bear all reasonable legal fees, agency commissions, and court costs incurred by the Provider during the recovery of these unpaid commercial debts.

Data Protection And Gdpr

Roles of Parties

Data Controller and Processor Designation: In explicit compliance with the General Data Protection Regulation (GDPR) and applicable European Union data protection laws, the parties acknowledge and agree to their respective statutory roles regarding the processing of personal data. The Subscriber explicitly acts as the sole Data Controller for all Tenant Data (as defined in Section 2.1.5) residing within their logically isolated database environment. Pelegan Innovations Ltd strictly acts as the Data Processor, processing personal data solely on behalf of, and acting upon the documented instructions of, the Subscriber.
Electronic Execution of Data Processing Agreement: The specific mechanics of this Controller-Processor relationship, including sub-processor authorizations, detailed security measures, and cross-border data transfer mechanisms, are comprehensively governed by the YokiHub Data Processing Agreement (DPA). You acknowledge and agree that by accepting these Terms of Business, You are concurrently executing and legally binding Your Entity to the YokiHub DPA, which is provided in electronic form and strictly incorporated herein by reference.
Independent Controller Status for App Access and Vault Data: Notwithstanding the provisions of Section 5.1.1, You acknowledge that due to the dual-interface nature and the YokiHub Vault architecture defined in Section 1.2.4, Pelegan Innovations Ltd acts as an independent Data Controller regarding all personal data, Special Categories of Personal Data, and credentials inputted and stored directly into the End-User application by the End User prior to any sharing authorization. Upon the End User explicitly executing a digital command to share specific Vault data with Your Subscriber account, a discrete copy of that authorized data is bridged to Your logically isolated environment. At the exact moment of this authorized transmission, You, the Subscriber, become the independent Data Controller of that specific shared copy, which subsequently constitutes Tenant Data. From that point forward, Pelegan Innovations Ltd acts strictly as Your Data Processor for the ongoing hosting, management, and localized processing of that specific copy within the YokiHub Portal.

Data Ownership

Absolute Tenant Data Ownership: The Provider claims no intellectual property rights or ownership over the Tenant Data submitted to the Service. You retain all rights, ownership, and ultimate control over Your data.
Processing Conduit: The Service functions strictly as a data processing and transmission conduit, carrying out Your explicit instructions to transmit data between the YokiHub Portal terminal and connected End User applications.

Data Processor Obligations

Processing Limitations: The Provider agrees to process personal data exclusively for the purpose of providing, maintaining, and supporting the Service. The Provider shall not utilize Tenant Data for any independent commercial purpose, unauthorized data mining, or secondary profiling.
Technical and Organizational Security: As the Data Processor, the Provider commits to implementing and maintaining appropriate technical and organizational security measures specifically designed to protect Tenant Data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure.
Confidentiality and Non-Disclosure: The Provider shall ensure that all personnel authorized to process Tenant Data have committed themselves to strict confidentiality. We shall not disclose personal data to any external third parties, except as explicitly required by European Union or Republic of Cyprus law, or as strictly necessary for authorized sub-processing activities.
International Data Transfers: While primary Tenant Data is hosted within the European Economic Area (EEA), You acknowledge that certain authorized sub-processing activities (such as global telecommunications routing for SMS) may require the transfer of personal data outside the EEA. The Provider warrants that any such international transfer shall be conducted in strict accordance with Chapter V of the GDPR, utilizing recognized legal transfer mechanisms such as the European Commission's Standard Contractual Clauses (SCCs) or verified adequacy decisions.
Compliance and Audit Rights: In accordance with GDPR Article 28(3)(h), the Provider shall make available to the Subscriber all information necessary to demonstrate compliance with its obligations as a Data Processor. To reconcile this statutory right with the strict prohibition on physical multi-tenant data center inspections outlined in Section 3.1.12, the parties agree that the Subscriber's audit rights shall be fully satisfied by the Provider providing, upon written request, comprehensive written responses to reasonable security questionnaires or supplying available third-party security certifications and compliance summaries.

Subscriber Obligations (Controller)

Lawful Basis and Consent: As the Data Controller, You explicitly warrant that You have established a valid lawful basis, and obtained all necessary and verifiable consents under the GDPR, required to lawfully collect, process, and input the personal data of Your End Users into the Service.
End User Rights Management: You bear the sole statutory responsibility for addressing and fulfilling all Data Subject Rights requests submitted by Your End Users, including but not limited to requests for data access, rectification, erasure (the right to be forgotten), and data portability.
Processor Assistance: While the burden of regulatory compliance rests entirely with the Subscriber as the Data Controller, the Provider shall, taking into account the nature of the processing, assist You through appropriate technical and organizational measures within the YokiHub Portal, insofar as this is commercially reasonable and technically feasible, for the fulfillment of Your obligation to respond to requests for exercising the End User's rights laid down in Chapter III of the GDPR.
Indemnification for Controller Breach: You agree to fully indemnify, defend, and hold the Provider harmless from any regulatory fines, legal penalties, or End User claims arising directly from Your failure to secure lawful consent, establish a lawful basis for processing, or otherwise fulfill Your statutory obligations as a Data Controller under the General Data Protection Regulation.

Conditional Processing of Minors' Data and Special Categories: You acknowledge that the Service is a general-purpose CRM and communications ecosystem. In the event that Your specific use of the Service involves the collection or processing of the personal data of minors or Special Categories of Personal Data as defined by Article 9 of the GDPR (including but not limited to medical or health-related information), You bear the absolute and exclusive statutory responsibility to comply with the heightened regulatory thresholds applicable to such data. While the Provider, acting as the Data Processor, provides technical mechanisms and digital interfaces within the End-User application to assist in gathering digital consents, You explicitly acknowledge that the Provider provides these tools solely to facilitate Your compliance. Whether You operate an educational institution, a parent association, a commercial facility, or any other entity, if the specific consents gathered through the provided digital tools are legally insufficient for Your particular organizational needs or local regulations, it remains Your sole, non-delegable responsibility to gather and secure any additional, necessary consents (such as verifiable parental consent under GDPR Article 8) outside of the Service. The Provider accepts no liability for Your failure to actively deploy the provided consent mechanisms or to secure the complete and heightened consent thresholds required for the lawful processing of these specific data categories.

Data Implications of Connection Severance: In accordance with the dual-interface connectivity outlined in Section 1.2.4, You acknowledge that the End User possesses the unilateral right to sever the digital connection with Your Subscriber account at any time. You acknowledge that such severance legally constitutes an immediate withdrawal of active consent for the live transmission of data via the Service. Upon severance, the Provider shall immediately cease bridging live data to the End User's application. However, You, as the Data Controller, recognize that historical Tenant Data generated prior to severance (including but not limited to paid invoices, service fulfillment logs, attendance records, or signed consent logs) remains securely retained within Your YokiHub Portal environment. You bear the sole statutory responsibility for the lawful retention or deletion of this historical data in accordance with Your internal data lifecycle policies, subject to the Data Retrieval Grace Period and permanent deletion protocols outlined in Sections 3.2.27 and 4.4.11 in the event of account termination or suspension.

Angel Guard (Absence Tracking And Escalation Procedures)

Conditional Application and Administrative Designation

Optional Utilization: In the event that the Subscriber elects to utilize the "Angel Guard" module or any associated absence tracking features provided within the Service, the provisions of this Section 6 shall explicitly apply.
Administrative Tool Status: You explicitly acknowledge that Angel Guard is strictly an administrative automation tool designed to reduce manual communication volumes for the Subscriber. These features do not constitute, and shall not be relied upon by the Subscriber as, a guaranteed compliance mechanism for local educational, physical security, or statutory attendance laws.

Best Effort and Network Reliance

Delivery Variables: The successful delivery of these automated escalation messages is provided strictly on a "best effort" basis. You acknowledge that delivery is heavily reliant on third-party networks, internet service providers, and the End User's specific device configurations, including battery life and "Do Not Disturb" settings. The Provider expressly disclaims all liability to the Subscriber for delayed, dropped, or undelivered administrative notifications.

Waiver of Liability and Indemnification

Protection of Provider: The Provider shall not be held liable for any statutory fines, legal penalties, or compliance failures incurred by the Subscriber resulting from unverified absences, software downtime, or missed notifications. Furthermore, the Subscriber agrees to fully indemnify, defend, and hold the Provider harmless against any claims, damages, lawsuits, or fines brought forward by an End User or regulatory body resulting from the Subscriber's failure to adequately monitor attendance or execute the required manual follow-up procedures.

Intellectual Property

the Provider Rights

Ownership of the Service: You acknowledge and agree that the Provider and its licensors retain all absolute legal right, title, and interest in and to the Service. This encompasses, but is not limited to, the underlying software, source code, object code, APIs, algorithms, user interfaces (UI/UX), database schemas, trade secrets, and all associated intellectual property rights, whether registered or unregistered, globally.
Trademarks and Branding: The "YokiHub" name, the "Angel Guard" module name, the "the Provider" corporate identity, and all related logos, product names, designs, and slogans are the exclusive trademarks of the Provider or its affiliates. You are strictly prohibited from utilizing these trademarks, or any confusingly similar marks, in any commercial context, marketing material, or domain name without express, prior written consent.
Limited License Grant: Subject to Your strict and continuous compliance with this Agreement, including the timely payment of all applicable Subscription Fees, the Provider grants You a limited, non-exclusive, non-transferable, non-sublicensable, and revocable license to access and utilize the YokiHub Portal exclusively for Your internal business operations during Your active subscription term.
Restrictions on Modification and Derivative Works: You are expressly prohibited from modifying, adapting, translating, or creating derivative works based upon any part of the Service. Furthermore, You shall not attempt to reverse engineer, decompile, disassemble, or otherwise attempt to discover the source code, object code, or underlying technical architecture of the Service.

Subscriber Rights and Content Licenses

Ownership of Tenant Data: As established in Section 5.2.1, You retain all sovereign intellectual property rights to the proprietary Content You or Your Authorized Users upload, create, or transmit via the Service, alongside full operational control over Your Tenant Data. Pelegan Innovations Ltd claims no proprietary ownership over Your specific business database. Notwithstanding the foregoing, You explicitly acknowledge and agree that while You exercise operational control as a Data Controller, the raw personal data residing within Your Tenant Data is not subject to intellectual property ownership. You agree that Your proprietary rights over Your database structure or Content do not supersede an End User's statutory data protection rights regarding their explicitly bridged personal data. Furthermore, You claim zero ownership, intellectual property rights, or processing rights over the personal data housed independently within an End User's YokiHub Vault. Your rights are strictly limited to the Tenant Data residing physically within Your logically isolated database environment.
License to Process Data: By uploading Tenant Data or Content to the Service, or by receiving bridged data from an End User, You grant Pelegan Innovations Ltd a worldwide, royalty-free, and non-exclusive license to host, store, process, transmit, and display such data. You acknowledge that this license is granted strictly to the extent necessary for Pelegan Innovations Ltd to provide, maintain, and secure the Service, and to fulfill our obligations under this Agreement and the accompanying Data Processing Agreement (DPA).
Marketing and Reference Acknowledgment: You grant the Provider the non-exclusive, royalty-free right to utilize Your Entity's standard name, primary logo, or trademark in our customer rosters, marketing materials, and corporate website strictly to identify You as a subscriber of the Service. You may revoke this marketing authorization at any time by submitting a formal written request to support@yokihub.com, upon which the Provider will remove Your branding from future external publications within a commercially reasonable timeframe.

Limitation Of Liability And Warranties

Disclaimer of Warranties

"As-Is" and "As-Available" Basis: The Service, including all features, modules, and associated applications, is provided to the Subscriber on an "as-is" and "as-available" basis. The Provider explicitly disclaims all warranties of any kind, whether express, implied, statutory, or otherwise.
Exclusion of Implied Warranties: To the maximum extent permitted by applicable law, the Provider specifically disclaims all implied warranties, including but not limited to implied warranties of merchantability, fitness for a particular purpose, non-infringement, and quiet enjoyment.
No Guarantee of Perfection: The Provider does not warrant that the Service will be completely secure, entirely free from bugs or defects, completely uninterrupted, or that all errors in the software will be corrected. You acknowledge that complex software is inherently subject to minor technical anomalies.
Third-Party Integrations and Links: The Service may contain features designed to interoperate with external third-party applications (such as accounting software or custom APIs). The Provider makes no warranties regarding the availability, performance, or continued support of these third-party integrations. You acknowledge that the Provider shall not be liable for any data loss, synchronization errors, or service interruptions caused directly or indirectly by the failure, modification, or downtime of such external systems.

Limitation of Liability

Exclusion of Indirect Damages: Under no circumstances shall the Provider, its directors, employees, partners, or affiliates be liable to the Subscriber or any End User for any indirect, incidental, special, consequential, punitive, or exemplary damages. This explicitly includes, but is not limited to, damages for loss of profits, loss of anticipated revenue, loss of goodwill, loss of data, or severe business interruption, regardless of whether the Provider was advised of the possibility of such damages.
Aggregate Liability Cap: To the maximum extent permitted by the laws of the Republic of Cyprus, the total aggregate liability of the Provider arising out of or in connection with this Agreement, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, shall be strictly limited to the total amount of Service Fees actually paid by the Subscriber to the Provider during the twelve (12) months immediately preceding the event giving rise to the claim.
Fundamental Basis of the Bargain: You explicitly acknowledge and agree that the Provider has set its pricing and entered into this Agreement in reliance upon these limitations of liability and disclaimers of warranties, and that these provisions form an essential basis of the commercial bargain between the parties.
Statutory Exceptions: Nothing in this Agreement shall be construed to limit or exclude the liability of either party for death or personal injury caused by its proven gross negligence, for deliberate fraud or fraudulent misrepresentation, or for any other liability that cannot be lawfully excluded or limited under the mandatory laws of the Republic of Cyprus.
Time Limitation on Claims: You agree that any claim, dispute, or cause of action arising out of or related to Your use of the Service or this Agreement must be formally filed or initiated within one (1) year after the specific incident giving rise to the claim occurred. If not filed within this one-year period, such claim or cause of action is permanently and forever barred, regardless of any general statutory limitation periods to the contrary.

Force Majeure

Excusable Delays: The Provider shall not be held liable or deemed to be in breach of this Agreement for any failure or delay in the performance of its obligations if such failure or delay is caused by events beyond its reasonable commercial control.
Defined Events: Such Force Majeure events include, but are not limited to, acts of God, natural disasters, pandemics, global public health emergencies, acts of war, terrorism, civil unrest, government embargoes or mandates, labor strikes, generalized internet or telecommunications outages, catastrophic hardware failures of third-party cloud providers, and severe distributed denial-of-service (DDoS) attacks.

General Indemnification

Subscriber Indemnity: In addition to the specific indemnifications established in Sections 5 and 6, You agree to unconditionally defend, indemnify, and hold harmless the Provider, its officers, directors, and employees from and against any third-party claims, lawsuits, regulatory fines, damages, or legal expenses (including reasonable attorneys' fees) arising directly or indirectly out of: (a) Your breach of this Agreement; (b) any allegation that Your Tenant Data or Content infringes upon the intellectual property or privacy rights of a third party; or (c) Your violation of any applicable local, European, or international law.

Governing Law, Dispute Resolution, And Miscellaneous

Governing Law and Jurisdiction

Governing Law: This Agreement, including its formation, interpretation, performance, and any non-contractual disputes arising out of or related to it, shall be governed by and construed strictly in accordance with the laws of the Republic of Cyprus, without regard to its conflict of laws principles. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded.
Exclusive Jurisdiction: The parties irrevocably consent to the exclusive jurisdiction and venue of the competent courts located in the Republic of Cyprus for the adjudication of any legal action, suit, or formal proceeding arising out of or relating to this Agreement or the use of the Service.

Dispute Resolution

Good Faith Negotiations: In the event of any dispute, claim, or controversy arising out of or relating to this Agreement, You agree to first attempt to resolve the matter informally through good faith negotiations. The complaining party must provide a formal written notice of dispute to the other party. Following receipt of this notice, executive representatives of both parties shall meet (virtually or in person) within thirty (30) days to attempt a commercial resolution before initiating any formal litigation.
Injunctive Relief Exception: Notwithstanding the requirement for good faith negotiations in Section 9.2.1, You acknowledge and agree that the Provider retains the absolute right to bypass this informal process and seek immediate injunctive or equitable relief from any court of competent jurisdiction to prevent the unauthorized use, disclosure, or misappropriation of its Intellectual Property, Confidential Information, or the security of the overall Service infrastructure.

Miscellaneous Provisions

Entire Agreement: This Agreement, together with the incorporated Data Processing Agreement (DPA) and any formally executed offline Enterprise proposals, constitutes the entire and exclusive understanding between the parties regarding the subject matter herein. It completely supersedes and replaces all prior or contemporaneous oral or written agreements, representations, proposals, or negotiations between You and the Provider.
Severability: If any provision of this Agreement is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable, the remaining provisions of this Agreement shall remain in full force and effect. The parties agree that the invalid provision shall be deemed modified to the minimum extent necessary to render it valid and enforceable while preserving the original legal and commercial intent of the parties.
No Waiver: The failure or delay of the Provider to exercise, enforce, or strictly demand compliance with any right, power, or remedy under this Agreement shall not operate as a legal waiver of that right. A formal waiver of any specific breach shall not be construed as a continuous waiver or a waiver of any subsequent breach.
Relationship of the Parties: The parties are strictly independent contractors. Nothing in this Agreement shall be construed to create a partnership, joint venture, agency, franchise, or employment relationship between the Provider and the Subscriber. Neither party possesses the authority to legally bind the other or to incur obligations on the other's behalf.
Formal Notices: All official legal notices, demands, or formal requests required under this Agreement must be submitted in writing. Notices to the Provider shall be sent via email to legal@yokihub.com. Notices to the Subscriber shall be sent to the primary Administrator email address currently registered within the YokiHub Portal or delivered via an official in-system portal notification. Legal notices are deemed formally received twenty-four (24) hours after successful digital transmission.
Prevailing Language: The Greek language version of this Agreement shall serve as the definitive and legally binding text. If the Provider provides translations of this Agreement into English or any other language for convenience, You explicitly agree that the Greek version shall absolutely prevail in the event of any conflict, discrepancy, or dispute regarding contractual interpretation.
Survival of Terms: Any provisions of this Agreement which by their nature should reasonably survive the termination or expiration of Your subscription shall so survive. This explicitly includes, but is not limited to, provisions concerning Intellectual Property rights (Section 7), accrued payment obligations (Section 4), Data Protection post-termination handling (Section 5), disclaimers of warranties, limitations of liability, and indemnification (Section 8), and Governing Law (Section 9).
Assignment by Provider: While the Subscriber may not assign this Agreement without permission as per Section 3.2.23, the Provider reserves the absolute right to freely assign, transfer, or delegate any or all of its rights and obligations under this Agreement to a subsidiary, an affiliate, or a successor entity in the event of a merger, acquisition, corporate reorganization, or sale of substantially all of its assets, without requiring the prior consent of the Subscriber.