Section 1 — Definitions

The following terms have the meanings set forth below:

Section 2 — Service Description and Acceptable Use

2.1 Service Description

MEMOIZE AI LLC provides an API-based AI personalization memory engine for e-commerce merchants. The Services use Retrieval-Augmented Generation (RAG) architecture with Google Gemini (via Vertex AI) and vector databases to retain and retrieve contextual shopper memory to enhance customer interactions.

2.2 Shopify Platform Compliance

Customer acknowledges that the Services integrate with the Shopify platform via the Shopify API. Customer agrees to comply with Shopify Inc.’s Partner Program Agreement, API Terms of Service, and Acceptable Use Policy at all times. MEMOIZE AI LLC is an independent third-party developer and is not endorsed by, affiliated with, or sponsored by Shopify Inc. Shopify bears no responsibility for the Services, and any claims related to the Services must be directed to MEMOIZE AI LLC, not Shopify.

2.3 Not Medical Advice

THE SERVICES ARE NOT A MEDICAL DEVICE AND DO NOT PROVIDE MEDICAL, CLINICAL, OR HEALTH ADVICE.

Any AI-generated recommendations regarding supplements, allergies, medications, or wellness products are informational only and do not constitute medical advice. Merchants are required to implement a non-removable disclosure visible to End Users stating that all AI recommendations are not medical advice and should not replace consultation with a qualified healthcare professional. This feature is mandatory and may not be disabled by the Merchant.

2.4 Prohibited Uses

Customer shall not use the Services to:

• Process data of individuals under the age of 13 without verified parental consent as required by COPPA;
• Make automated eligibility determinations for credit, housing, employment, or insurance;
• Generate or store content that is obscene, defamatory, or violates applicable law;
• Reverse engineer, decompile, or attempt to extract the underlying AI model or vector embeddings;
• Resell or sublicense access to the Services without prior written consent;
• Make or facilitate disease claims or act as a medical device without FDA clearance, as required under California AB 489 and applicable FTC guidelines;
• Engage in “social scoring” or biometric categorization prohibited under the EU AI Act;
• Use the Services to train competing AI systems;
• Use or permit the AI to use terms, letters, or phrases that indicate or imply that recommendations, assessments, or advice provided through the Services are being offered by a licensed health care professional, as prohibited under California AB 489;
• Sell personal data of consumers known to be under 16 years of age without the consumer’s affirmative opt-in consent, as required under applicable state privacy laws;
• Violate Shopify Inc.’s API Terms of Service.

2.5 California Chatbot Compliance (SB 243)

MEMOIZE AI LLC’s memory widget is designed as a functional e-commerce personalization tool. If a Merchant deploys the widget in a manner that causes End Users to form personal or emotional attachments to the AI (anthropomorphic or relationship-simulating use cases), California SB 243 (effective January 1, 2026) may apply. Where applicable, Merchant is responsible for:

• (a) publishing suicide and self-harm safe messaging protocols;
• (b) implementing immediate redirection of End Users expressing suicidal ideation to emergency resources; and
• (c) disclosing to End Users that they are interacting with an AI system, not a human.

2.6 AI Transparency and Automated Decision-Making Technology (ADMT)

The Services employ automated decision-making technology to generate personalized product recommendations and responses. In accordance with Regulation (EU) 2024/1689 (EU AI Act, Article 50), the chat widget shall clearly and conspicuously disclose to all End Users that they are interacting with an artificial intelligence system prior to or at the commencement of the interaction. This disclosure is mandatory and is enabled by default.

With respect to California consumers, MEMOIZE AI LLC and Merchant acknowledge that the CCPA/CPRA Automated Decision-Making Technology regulations (effective January 1, 2026) may apply to the Services. Where the Services are used for purposes that constitute “significant decisions” as defined under the ADMT regulations, Merchant is responsible for:

• (a) including ADMT disclosures in Merchant’s privacy notice at collection, informing California consumers that automated decision-making technology is used for product recommendations;
• (b) providing California consumers with the ability to opt out of AI-driven personalization upon request; and
• (c) conducting risk assessments as required by the CCPA/CPRA ADMT regulations where the Services process personal information for purposes that trigger such assessments.

MEMOIZE AI LLC shall provide Merchant with reasonable technical assistance to implement ADMT disclosures and opt-out mechanisms within the widget.

Section 3 — Subscription Plans and Pricing

Additional plan features:

• Starter: Standard Analytics.
• Growth: Advanced Analytics Dashboard; “Powered by MEMOIZE AI” branding removed.
• Scale: Priority Support & SLA; HIPAA/BAA Compliance.
• Enterprise: Priority Support & SLA; HIPAA/BAA Compliance; Custom Order Form.

Annual subscription plans are available at a 15% discount from the monthly rate: Starter $1,519/year; Growth $3,049/year; Scale $5,089/year. Annual plan fees are fully earned upon payment at the commencement of the annual term.

Section 4 — Health Data, HIPAA, and Business Associate Agreement

4.1 PHI Prohibition — Starter and Growth Plans

Customer represents and warrants that it will NOT transmit, store, process, or otherwise input any Protected Health Information (PHI) into the Services under the Starter or Growth subscription plans. These Service tiers are not configured to be HIPAA-compliant and MEMOIZE AI LLC is not acting as a “Business Associate” with respect to data processed on these tiers. In the event Customer uploads PHI to a Starter or Growth plan, Customer shall be solely responsible for all liabilities, penalties, and damages arising from such non-compliance, and MEMOIZE AI LLC reserves the right to immediately suspend the account and delete such data without notice and without liability.

4.2 HIPAA Compliance and BAA — Scale and Enterprise Plans

If Customer intends to use the Services to process PHI, Customer must:

• (a) subscribe to the Scale or Enterprise plan; and
• (b) execute MEMOIZE AI LLC’s standard Business Associate Agreement (BAA) prior to uploading or transmitting any PHI to the Services.

MEMOIZE AI LLC shall have no liability for PHI processed prior to the full execution of the BAA by both parties. Once executed, the BAA shall be incorporated by reference into this Agreement and shall control regarding the processing of PHI.

4.3 Sensitive Health Data Consent — All Plans

Merchant is solely responsible for obtaining explicit, legally valid opt-in consent from Shoppers prior to capturing, processing, or sharing any sensitive health-related data (including allergy information, medication history, pregnancy status, or health inferences derived from purchase history) through the Services, as required by the Washington My Health My Data Act (RCW 19.373), the Indiana Consumer Data Protection Act, California’s Automated Decision-Making Technology regulations, and all applicable U.S. state privacy and consumer protection laws. MEMOIZE AI LLC shall have no liability for Merchant’s failure to obtain such consent.

Where the Washington My Health My Data Act applies, Merchant shall:

• (a) publish a consumer health data privacy policy as required by RCW 19.373.020 prior to collecting any consumer health data through the Services, disclosing the categories of health data collected, the purposes of collection, and the categories of third parties with whom such data is shared;
• (b) obtain separate affirmative consent for each category of consumer health data processed through the Services; and
• (c) obtain a separate, signed authorization from consumers before any sale of consumer health data.

MEMOIZE AI LLC shall not sell consumer health data.

Section 5 — Data Processing and Sub-Processors

5.1 Data Processing Roles

With respect to any personal data of EU/EEA data subjects processed through the Services, Customer acts as the Data Controller and MEMOIZE AI LLC acts as the Data Processor. The parties shall enter into a separate Data Processing Agreement (DPA), incorporated herein by reference, governing the processing of such personal data.

5.2 Authorized Sub-Processors

5.3 CCPA/CPRA Service Provider

With respect to personal information of California consumers, MEMOIZE AI LLC acts as a “Service Provider” as defined under Cal. Civ. Code § 1798.140(ag). MEMOIZE AI LLC shall not sell or share End User personal information, shall not retain, use, or disclose such information for any purpose other than performing the Services as specified in this Agreement, and shall not combine such information with personal information received from or on behalf of another person or collected from MEMOIZE AI LLC’s own interactions with consumers, except as permitted under the CCPA/CPRA.

5.4 Sub-Processor Changes and Notification

MEMOIZE AI LLC shall maintain a current list of authorized sub-processors at memoizeai.com/legal/sub-processors. Customer provides general authorization for MEMOIZE AI LLC to engage the sub-processors listed in Section 5.2. MEMOIZE AI LLC shall notify Customer at least thirty (30) days prior to engaging any new sub-processor or materially changing the role of an existing sub-processor by email to the account’s primary contact and by updating the sub-processor list. Customer may object to a new sub-processor by providing written notice to legal@memoizeai.com within fifteen (15) days of notification, specifying reasonable data protection grounds for the objection. If Customer objects and MEMOIZE AI LLC cannot reasonably accommodate the objection, either party may terminate the affected Services upon thirty (30) days’ written notice, and Customer shall receive a pro-rated refund of any prepaid, unused fees.

5.5 Zero Training Reuse Covenant

MEMOIZE AI LLC covenants that Merchant Data and End User Memory Data shall NEVER be used to train, fine-tune, improve, or benchmark any AI model, including but not limited to Google Gemini or any successor model. MEMOIZE AI LLC engages Google Vertex AI exclusively under “Zero Data Retention” settings, meaning prompts and responses are not logged or stored by Google beyond the immediate request processing window. This covenant survives the termination of this Agreement.

5.6 Indiana Consumer Data Protection Act Compliance

To the extent MEMOIZE AI LLC processes personal data of Indiana residents on behalf of Customer, MEMOIZE AI LLC agrees to:

• (a) process such data only on documented instructions from Customer;
• (b) implement appropriate technical and organizational security measures;
• (c) assist Customer in fulfilling consumer rights requests within the timeframes required by Indiana Code § 24-15;
• (d) delete or return all personal data upon termination; and
• (e) cooperate with audits conducted by Customer or a qualified third party.

5.7 Data Subject Rights Assistance

MEMOIZE AI LLC shall provide reasonable technical and organizational assistance to Customer in fulfilling data subject and consumer rights requests under applicable law, including requests for access, deletion, correction, data portability, and opt-out of sale or sharing. MEMOIZE AI LLC shall respond to Customer’s data subject request instructions within ten (10) business days. If MEMOIZE AI LLC receives a data subject request directly from an End User, it shall promptly forward the request to the applicable Merchant and shall not respond directly unless legally required to do so. MEMOIZE AI LLC shall purge the requesting End User’s vector embeddings, memory profiles, and chat logs within thirty (30) days of receiving a verified deletion request instruction from Customer.

5.8 Data Protection Impact Assessments

MEMOIZE AI LLC shall assist Customer in conducting Data Protection Impact Assessments (DPIAs) as required under GDPR Article 35 and risk assessments as required under the CCPA/CPRA ADMT regulations, where the Services involve processing that is likely to result in a high risk to the rights and freedoms of data subjects. MEMOIZE AI LLC shall provide Customer with information necessary to complete such assessments upon reasonable request.

5.9 Records of Processing Activities

MEMOIZE AI LLC shall maintain records of processing activities carried out on behalf of Customer as required by GDPR Article 30(2), including:

• (a) the name and contact details of MEMOIZE AI LLC and each controller on whose behalf processing is carried out;
• (b) the categories of processing carried out on behalf of each controller;
• (c) transfers of personal data to third countries, including documentation of suitable safeguards; and
• (d) a general description of technical and organizational security measures.

5.10 International Data Transfers

Where personal data of EU/EEA data subjects is transferred to the United States, MEMOIZE AI LLC relies on the EU-U.S. Data Privacy Framework and, as a supplementary measure, the European Commission’s Standard Contractual Clauses adopted on June 4, 2021 (Commission Implementing Decision (EU) 2021/914), Module 3 (processor-to-sub-processor). In the event the EU-U.S. Data Privacy Framework is invalidated or otherwise ceases to provide a valid transfer mechanism, MEMOIZE AI LLC shall ensure that Standard Contractual Clauses or an equivalent lawful transfer mechanism remains in place for all EU/EEA personal data transfers. MEMOIZE AI LLC shall conduct Transfer Impact Assessments as necessary to evaluate the adequacy of safeguards for cross-border transfers.

Section 6 — Service Level Agreement (SLA)

6.1 SLA Exclusions

Uptime calculations and any associated service credits shall NOT apply to downtime resulting from:

• (i) planned maintenance (announced with 48 hours’ notice);
• (ii) Force Majeure Events as defined in Section 17;
• (iii) failures attributable to third-party Sub-processors, including Google Vertex AI/Gemini, Google Cloud SQL, Google Cloud Run, Clerk, or Stripe;
• (iv) Customer’s misuse of the API or violation of usage limits; or
• (v) internet or network conditions outside MEMOIZE AI LLC’s reasonable control.

6.2 Data Freshness SLA

MEMOIZE AI LLC commits that Shopify store updates (e.g., product catalog changes, inventory updates) will be reflected in the vector memory context within 60 minutes of the API synchronization call. “Service Unavailability” includes scenarios where the vector search returns null or corrupted embeddings, not only when the server is entirely offline.

6.3 SLA Remedies

For verified downtime exceeding SLA targets, Customer’s sole remedy is a prorated service credit applied to the next billing cycle. Service credits do not apply to Enterprise custom SLA arrangements, which are governed by the applicable Order Form.

Section 7 — Usage Limits and Overages

7.1 Overage Notifications

MEMOIZE AI LLC will notify Customer via email and in-app dashboard banner when usage reaches 80% and 90% of the plan’s monthly allocation. No overage charges shall be processed without Customer’s prior opt-in to overage billing.

7.2 Merchant-Controlled Spending Cap

To prevent surprise overages, MEMOIZE AI LLC provides a Merchant-controlled monthly spending cap feature accessible through the billing dashboard. Once the cap is reached, the API will return a rate-limit response rather than continue accruing charges. Customer may set a maximum monthly overage spend, remove the cap, or allow the widget to pause until the next billing cycle.

Section 8 — Billing and Payment

8.1 Monthly Plans

Monthly subscription fees are billed in advance on a recurring monthly basis. All fees are non-refundable except as expressly stated in Section 9.

8.2 Annual Plans

Annual subscription fees are billed annually in advance. Annual subscribers receive a 15% discount: Starter $1,519/year ($127/month equivalent); Growth $3,049/year ($254/month equivalent); Scale $5,089/year ($424/month equivalent). Annual plan fees are fully earned upon payment.

8.3 Payment Processing

All payments are processed by Stripe Inc. for Merchants subscribing directly or through Google Workspace Marketplace. Merchants subscribing through the Shopify App Store are billed through Shopify’s Billing API in accordance with Shopify Inc.’s policies. MEMOIZE AI LLC does not store full payment card numbers.

8.4 Failed Payments

In the event of a failed payment:

• Day 1 — payment retry and email notification;
• Day 7 — widget disabled and account paused with email warning;
• Day 30 — soft delete initiated and data export offer provided.

Merchant data is retained for 30 days following soft delete to permit export, after which it is permanently deleted.

Section 9 — Refund Policy

9.1 Monthly Plans

Monthly subscription fees are non-refundable. Customer may cancel at any time; cancellation will take effect at the end of the current monthly billing period and Customer will retain access through that date.

9.2 Annual Plans — Refund Schedule

9.3 Cancellation and Exceptions

Customer may cancel its subscription at any time through the billing portal. Notwithstanding the above, MEMOIZE AI LLC may issue refunds at its sole discretion in cases of documented service outages exceeding SLA thresholds, billing errors, or as required by applicable consumer protection law.

Section 10 — Compliance and Security

10.1 Security Obligations

MEMOIZE AI LLC maintains commercially reasonable administrative, physical, and technical safeguards including:

• AES-256 encryption at rest for all stored data;
• TLS 1.3 encryption for all data in transit;
• Role-based access controls limiting employee access to personal data;
• Multi-factor authentication for all internal systems;
• SOC 2 Type II aligned security practices;
• Annual third-party security assessments and penetration testing.

10.2 Breach Notification

In the event of a confirmed personal data breach, MEMOIZE AI LLC will notify Customer without undue delay and in no event later than forty-eight (48) hours after confirmed breach discovery. For Scale/Enterprise Plans operating under a HIPAA Business Associate Agreement, notification will occur within twenty-four (24) hours as required by 45 C.F.R. § 164.410.

Breach notifications shall include, to the extent known:

• (a) the nature of the personal data breach, including the categories and approximate number of data subjects and records concerned;
• (b) the likely consequences of the breach;
• (c) the measures taken or proposed to address the breach, including measures to mitigate possible adverse effects; and
• (d) the contact details of MEMOIZE AI LLC’s privacy team.

MEMOIZE AI LLC shall cooperate with Customer and take reasonable commercial steps to assist in the investigation, mitigation, and remediation of each such breach.

Section 11 — Intellectual Property

11.1 Ownership

MEMOIZE AI LLC retains all right, title, and interest in and to the Services, including the API, widget code, vector memory architecture, and all MEMOIZE AI LLC software and technology. Customer retains all right, title, and interest in and to Merchant Data and End User data.

11.2 License to Customer

MEMOIZE AI LLC grants Customer a limited, non-exclusive, non-transferable, revocable license to access and use the Services solely for Customer’s internal business purposes in connection with Customer’s Shopify store(s) during the term of this Agreement.

11.3 AI-Generated Outputs

Customer acknowledges that Outputs generated by the Services are produced by AI systems and may not be original works of authorship. MEMOIZE AI LLC makes no warranty that AI-generated Outputs are free from third-party intellectual property claims. See Section 15 for IP indemnification protections.

Section 12 — Confidentiality

Each party agrees to keep confidential all non-public information of the other party designated as confidential or that reasonably should be understood to be confidential (including API keys, pricing, business data, and technical architecture), and to use such information solely to perform its obligations under this Agreement. Confidentiality obligations survive termination for a period of three (3) years.

Section 13 — Warranties

13.1 Merchant Warranties

Customer represents and warrants that:

• (a) it has the legal authority to enter into this Agreement;
• (b) its use of the Services and all Merchant Data provided to MEMOIZE AI LLC will comply with all applicable laws, including without limitation HIPAA, GDPR, the EU AI Act, CCPA/CPRA, COPPA, the Washington My Health My Data Act, and all other applicable U.S. state consumer-privacy and data-protection statutes, as well as Shopify Inc.’s Partner Agreement;
• (c) it has obtained all necessary consents from End Users for the collection and processing of their personal data;
• (d) it will not use the Services to process data of children under 13 without verified parental consent; and
• (e) the Merchant Data does not infringe any third party’s intellectual property rights.

13.2 MEMOIZE AI LLC Warranties

MEMOIZE AI LLC represents and warrants that:

• (a) it has the legal authority to enter into this Agreement;
• (b) the Services will perform materially in accordance with the Documentation;
• (c) MEMOIZE AI LLC will maintain appropriate security measures as described in Section 10;
• (d) MEMOIZE AI LLC’s provision of the Services will not knowingly infringe any third party’s intellectual property rights; and
• (e) MEMOIZE AI LLC maintains an AI governance program that includes bias testing, output monitoring, and periodic model evaluation to ensure the Services operate within documented parameters.

13.3 Disclaimer of Warranties

EXCEPT AS EXPRESSLY SET FORTH IN SECTION 13.2, THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT ANY WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. MEMOIZE AI LLC DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED, ERROR-FREE, OR THAT AI-GENERATED OUTPUTS WILL BE ACCURATE, COMPLETE, OR SUITABLE FOR ANY PARTICULAR PURPOSE.

Section 14 — Limitation of Liability

14.1 Exclusion of Consequential Damages

IN NO EVENT SHALL EITHER PARTY BE LIABLE TO THE OTHER FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR DAMAGES FOR LOSS OF PROFITS, REVENUE, GOODWILL, OR DATA, ARISING OUT OF OR RELATED TO THIS AGREEMENT, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

14.2 Liability Cap

EXCEPT AS SET FORTH IN SECTION 14.3, EACH PARTY’S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THIS AGREEMENT SHALL NOT EXCEED THE GREATER OF: (A) THE TOTAL FEES PAID OR PAYABLE BY CUSTOMER TO MEMOIZE AI LLC IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR (B) ONE HUNDRED U.S. DOLLARS ($100.00).

14.3 Exclusions from Liability Cap

Notwithstanding Section 14.2, the liability cap shall NOT apply to either party’s liability for:

• Death or bodily/personal injury caused by that party’s negligence, gross negligence, or willful misconduct;
• Fraud or fraudulent misrepresentation;
• A party’s indemnification obligations under Section 15;
• A party’s breach of its confidentiality obligations under Section 12;
• A party’s breach of its data protection obligations under applicable law (including HIPAA, GDPR, or CCPA/CPRA);
• Any other liability that cannot be limited or excluded under applicable Indiana law.

Customer specifically acknowledges that because the Services may process health-adjacent data including allergies, medications, and supplement preferences, claims arising from AI-generated health recommendations that result in physical harm shall not be subject to the liability cap set forth in Section 14.2.

Section 15 — Indemnification

15.1 By Customer

Customer shall defend, indemnify, and hold harmless MEMOIZE AI LLC and its officers, directors, employees, and agents from and against any third-party claims, demands, lawsuits, damages, and penalties (including reasonable attorneys’ fees) arising from or relating to:

• (a) Customer’s use of the Services in violation of this Agreement or applicable law;
• (b) Merchant Data, including any claim that Merchant Data infringes a third party’s intellectual property rights or violates a third party’s privacy rights;
• (c) Customer’s breach of its representations and warranties; or
• (d) Customer’s negligence or willful misconduct.

15.2 By MEMOIZE AI LLC — IP Indemnification

MEMOIZE AI LLC shall defend, indemnify, and hold harmless Customer and its officers, directors, and employees from and against any third-party claims, demands, lawsuits, damages, and penalties (including reasonable attorneys’ fees) alleging that the authorized use of the MEMOIZE AI Services — specifically including the widget code, vector embeddings generated by the platform, and AI-generated Outputs produced by the Services in response to Merchant’s authorized use — constitutes a direct infringement or misappropriation of a third party’s U.S. copyright, trademark, trade secret, or U.S. patent.

15.3 Exclusions from MEMOIZE AI LLC Indemnification

MEMOIZE AI LLC shall have no obligation under Section 15.2 to the extent the claim arises from:

• (a) infringement caused by specific data, product catalogs, shopper history, or prompts provided by the Merchant or its End Users;
• (b) any unauthorized modification of the widget code or vector embeddings by the Merchant;
• (c) the combination of the Services with any third-party product or software not supplied by MEMOIZE AI LLC; or
• (d) any use of the Services that violates this Agreement.

15.4 Remediation

If the Services become, or in MEMOIZE AI LLC’s opinion are likely to become, the subject of an infringement claim, MEMOIZE AI LLC may, at its own expense:

• (a) procure the right for Customer to continue using the Services;
• (b) replace or modify the infringing component to make it non-infringing while maintaining substantially similar functionality; or
• (c) if options (a) and (b) are not commercially reasonable, terminate Customer’s access to the affected component and provide a pro-rated refund of any prepaid, unused fees.

Section 16 — Term, Termination, and Data Fate

16.1 Term

This Agreement commences on the date Customer accepts these Terms and continues until terminated as provided herein.

16.2 Termination by Customer

Customer may terminate this Agreement at any time by canceling through the billing portal, subject to the refund policy in Section 9.

16.3 Termination by MEMOIZE AI LLC

MEMOIZE AI LLC may terminate this Agreement immediately upon written notice if Customer:

• (a) materially breaches this Agreement and fails to cure within 30 days of written notice;
• (b) violates the PHI prohibition in Section 4.1 (no cure period);
• (c) becomes insolvent; or
• (d) engages in conduct that violates applicable law.

16.4 Termination Due to Third-Party Providers

MEMOIZE AI LLC may terminate this Agreement with 60 days’ written notice to Customer if a critical sub-processor (including Google Vertex AI/Gemini or Google Cloud SQL) materially changes its pricing, revokes access, or materially modifies its terms of service in a manner that makes continued provision of the Services commercially unreasonable or legally impermissible.

16.5 Data Fate Upon Termination

Upon termination or expiration of this Agreement for any reason, MEMOIZE AI LLC shall, within thirty (30) calendar days:

• Permanently delete all End User vector embeddings and associated memory profiles from its active production databases;
• Purge all associated chat logs and shopper interaction data from active systems;
• Delete all Merchant Data from active systems;
• Instruct all underlying AI service providers and sub-processors (including Google Vertex AI, Google Cloud SQL with pgvector, and Google Cloud Run) to delete any associated personal data processed via API within this timeframe.

Data retained in routine, secure backup systems will be permanently overwritten or deleted within ninety (90) calendar days following termination. End Users whose Merchant’s account has terminated retain independent rights under applicable privacy law (GDPR Art. 17, CCPA/CPRA) to request confirmation of deletion from MEMOIZE AI LLC directly. Upon Customer’s written request submitted within 30 days of termination, MEMOIZE AI LLC will provide a formal Certificate of Destruction confirming that all Merchant Data and End User data have been securely erased from all active and backup systems.

Section 17 — Force Majeure

17.1 Force Majeure Events

Neither party shall be liable for any delay or failure to perform its obligations under this Agreement to the extent such delay or failure is caused by a Force Majeure Event. “Force Majeure Event” means any event beyond a party’s reasonable control, including but not limited to:

• Acts of God, natural disasters, pandemics, or public health emergencies;
• Acts of government, war, civil unrest, terrorism, or sanctions;
• Failures or outages of third-party AI model providers, infrastructure, content delivery networks, or payment processors;
• Internet backbone failures, DNS failures, or BGP routing failures;
• Cyberattacks, DDoS attacks, or security incidents affecting third-party infrastructure;
• Labor disputes or strikes affecting MEMOIZE AI LLC’s key sub-processors.

17.2 Notice and Mitigation

The party affected by a Force Majeure Event shall:

• (a) promptly notify the other party in writing describing the Force Majeure Event and its expected duration;
• (b) use commercially reasonable efforts to mitigate its impact; and
• (c) resume performance as soon as reasonably practicable.

17.3 Compliance Carve-Out

If a third-party AI provider is placed under a legal preservation order or litigation hold that prevents deletion of associated output logs or embeddings, MEMOIZE AI LLC shall not be deemed in breach of its deletion obligations under Section 16.5 for the duration of such legal obligation, provided MEMOIZE AI LLC promptly notifies Customer of the restriction.

Section 18 — Chat Message and Data Retention

Chat message retention periods and data retention schedules are governed by Customer’s applicable Service tier and are detailed in MEMOIZE AI LLC’s Privacy Policy, incorporated herein by reference.

Merchants must disclose to their End Users the applicable data retention periods in their own privacy policy or terms of service.

Section 19 — Governing Law, Venue, and Dispute Resolution

19.1 Governing Law

This Agreement shall be governed by and construed in accordance with the laws of the State of Indiana, without regard to its conflict of law provisions.

19.2 Dispute Resolution

Any dispute arising out of or related to this Agreement shall first be subject to good-faith negotiation between the parties for a period of thirty (30) days following written notice of the dispute. If the dispute remains unresolved after the negotiation period, it shall be submitted to binding arbitration under the American Arbitration Association (AAA) Commercial Arbitration Rules. The arbitration shall be conducted in Indianapolis, Indiana (Marion County). Judgment on the award rendered by the arbitrator may be entered in any court having jurisdiction thereof.

19.3 Injunctive Relief

Notwithstanding Section 19.2, either party may seek injunctive or other equitable relief in any court of competent jurisdiction to prevent irreparable harm, including but not limited to the unauthorized use or disclosure of confidential information or intellectual property.

Section 20 — Miscellaneous

20.1 Entire Agreement

This Agreement constitutes the entire agreement between the parties with respect to its subject matter and supersedes all prior agreements, representations, and understandings.

20.2 Amendments

MEMOIZE AI LLC may modify these Terms with 30 days’ written notice for material changes. Continued use of the Services after the effective date of modifications constitutes acceptance. Non-material changes (such as typographical corrections) may be made without notice.

20.3 Severability

If any provision of this Agreement is found invalid or unenforceable by a court of competent jurisdiction, that provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions shall continue in full force and effect.

20.4 Assignment

Customer may not assign this Agreement without MEMOIZE AI LLC’s prior written consent. MEMOIZE AI LLC may assign this Agreement in connection with a merger, acquisition, or sale of substantially all of its assets, provided MEMOIZE AI LLC provides Customer with thirty (30) days’ prior written notice.

20.5 Notices

Legal notices must be sent to: legal@memoizeai.com. Physical mail: MEMOIZE AI LLC, c/o Northwest Registered Agent LLC, 5534 Saint Joe Road, Fort Wayne, IN 46835, USA.

20.6 Waiver

No waiver of any provision shall be effective unless in writing and signed by the waiving party. No waiver shall constitute a continuing waiver unless expressly stated.

20.7 No Agency

Nothing in this Agreement creates any agency, partnership, joint venture, or employment relationship between the parties. MEMOIZE AI LLC is an independent contractor.