TERMS OF USE / TERMS OF SERVICE

Introduction: This document describes the terms and conditions of use for the My Menthor platform. By accessing or using our services, you agree to these Terms of Use.

Defined Terms:

  • Software as a Service (“SaaS”): Means that the services include the license to use the software application(s), managed hosting, system configuration, administration and monitoring activities, product updates, and support during the term of the agreement.
  • Software Product: Software application(s), related APIs owned or distributed by the SERVICE PROVIDER to which it grants access to the CLIENT as part of the services, including program documentation and all program updates provided as part of the service during the term of the agreement.
  • Service Provider: Company that holds the rights to market and operate the My Menthor platform, namely Aprimore Consultoria em Gestão Empresarial LTDA in Brazil, and Top Tier Business Group LLC in the United States.
  • client: The entity subscribing to the service and using the platform services.
  • Authorized Partners: Companies authorized by the SERVICE PROVIDER to market, implement, or provide consulting services to the direct or indirect CLIENT of the SERVICE PROVIDER.
  • Access: Access to the system means logging in, registering and storing data, retrieving data, or otherwise approaching or using the Software Product electronically.
  • Authorized User: Any individual, including employees and consultants, authorized by the CLIENT to use the SaaS as an individual user.
  • Client Data: All data and files recorded or uploaded to the Software Product by Authorized Users.
  • Documentation: The embedded framework or knowledge base made available through tips or instructions, user guides, and other content provided by the SERVICE PROVIDER to the CLIENT as part of the services.
  • Product Updates: Means new versions of the Software Product containing new or improved features and functionalities, modifications, corrections, or other enhancements.
  • Third-Party Technology: Means any third-party technology provided or made available by the SERVICE PROVIDER or the CLIENT in connection with the Software.

Scope of Services: Description of the services provided:

  • Software Licensing: Involves user licenses with distinct access profiles and well-defined permission rules.
  • Services: Encompasses implementation consulting services, mentoring, and complementary services related to the SaaS platform.
  • License and Service Packages: The following packages are available: Starter, Basic, Premium, and Enterprise, with the latter being fully customized according to the specific needs of the CLIENT.
  • Technical Support and Storage: Includes technical support and storage space according to the contracted package.

The license and service packages can be adjusted at any time by the SERVICE PROVIDER.

Platform Usage

This chapter specifies the usage rights granted to the CLIENT, clarifies the user's responsibilities when using the platform, limitations and restrictions on usage, detailing the conditions of service provision.

  • License Grant for Access and Use of the Service: The CLIENT receives a license to use for the predefined number of users. The CLIENT is responsible for providing a list of Authorized Users, including full name and professional email, who will receive named licenses and permissions for use. The license is non-exclusive, non-sublicensable, and non-transferable, intended exclusively for internal use by the CLIENT and does not include access to the software's source code or internal structure.
  • password: Each AUTHORIZED USER receives a unique and personal access password. The password is personal and non-transferable, and the CLIENT is responsible for its safekeeping and conservation, in addition to encouraging the use of security mechanisms, such as two-factor authentication.
  • CLIENT Duties and Restrictions:
    • Do not rent, lend, sublicense, or transfer the access and/or usage rights of the services to third parties.
    • Do not attempt to copy, modify, decompile, or reverse engineer the software.
    • Do not access the services with the purpose of building a competing product.
    • Do not use the services to provide services to third parties.
    • Do not introduce or allow the introduction of any virus into the Service Provider's network.
    • Do not share access with unauthorized individuals.
    • Do not disclose material protected by intellectual property, copyrights, or confidentiality without authorization.

The CLIENT is responsible for all activities performed in their account and for all actions of their AUTHORIZED USERS. The CLIENT must immediately notify the SERVICE PROVIDER of any unauthorized use of the account or passwords, or any other security breach known or suspected by the CLIENT.

Service Standards (SaaS)

This chapter describes the technical support policies offered to CLIENTS, service availability, including communication channels, service hours, and response times.

  • Technical Support
    • Service Availability: The services will be available 365 days a year, with an availability goal of 98%. System availability is measured as a percentage of minutes in a month that the service components are operational, excluding scheduled downtime resulting from: a) Scheduled or emergency maintenance; b) Acts and omissions of the CLIENT; c) Failure of an internet service provider; d) Force majeure events; e) Malicious attacks on the system.
    • Maintenance: Scheduled maintenance will be communicated in advance, and emergency maintenance will be minimized to reduce the impact on services.
    • Support: Technical support is provided in English and Portuguese through a ticketing tool, during business hours from 8:00 AM to 6:00 PM (Brasília Time or Eastern Time).
  • Service Levels (SLA - Service Level Agreement): Support for incident handling, improvements, and problem resolution, as well as service requests, must be requested through the ticketing tool by opening a ticket. Improvements may or may not be considered in the product roadmap.
Category Response Time (*) Resolution Time (**)
Incidents 1h According to severity and urgency
Improvements 1h N/A
Specialized Services 1 business day According to scope and consultant seniority

Response Time: Incidents reported outside business hours will be considered received at 8:00 AM on the next business day.

  • Resolution Time:
    • Level 1: First-level support is handled internally by the CLIENT's platform administrator. Requests may include inquiries, reports, access, user rights and privileges, password resets, usage instructions, network connectivity, and browser behavior. Level 1 can escalate qualified requests to Level 2 support through the Customer Support Portal.
    • Level 2: Product-related incidents resolved within 1 business day. Issues requiring development will have mutually agreed-upon timelines.
    • Level 3: Infrastructure-related incidents requiring intervention from the low-code platform manufacturer.
  • Specialized Services: For mentoring, consulting, training, and complementary services that depend on the consultant's level of seniority and expertise, the allocation, analysis, and solution proposal timelines will be defined after the initial contact. Costs may vary if services are provided outside business hours and/or at the CLIENT's premises.
  • Service Level Failure:
    • Service Credits: In case of failures that exceed the 95% tolerance, the CLIENT may receive service credits applied to the maintenance value included in the monthly subscription. Daily percentages may vary from 0.5% to 10%, depending on the severity level of the failure.
  • Incident Severity Levels:
    • Level 1 - Critical Functionality: Production environment unavailable or a large number of users without access to the SaaS application, with no available workaround.
    • Level 2 - Important Functionality: Some functionality is unavailable for a small number of users, allowing limited use with an available workaround, with minimal service loss.
    • Level 3 - Problem or Inconvenience: Issue in a specific report or field, with an available workaround, without service loss.
Severity Response TIme Resolution Time Maximum Time Hosting Fee Credit
Level 1 – Requires Immediate Attention 30 min < 4h < 24h 10%
Level 2 - Requires Priority Attention 1h < 8h < 48h 5%
Level 3 – Requires Attention 4h < 24h < 7 days 1%
  • Root Cause Analysis: After resolving a Level 1 or Level 2 Severity incident, the SERVICE PROVIDER will inform the CLIENT of the cause of the failure, the actions taken to resolve the failure, and a schedule of preventive or corrective actions planned to prevent such failure from occurring again.
  • Service Level Audit: The CLIENT will have the right to audit the SERVICE PROVIDER's records and measurement and audit tools to verify compliance with the service level obligations and determine the correct payment of any Service Credit. This audit must be conducted according to the terms and conditions agreed between the parties and within the stipulated deadlines.
  • Data Backup: In addition to the backup provided by the low-code platform, the SERVICE PROVIDER will perform a full backup of all data weekly.
  • Data restoration will be available as needed for up to 30 days after the request.
  • Disaster Recovery: The Recovery Time Objective (RTO) is defined as 72 hours. The RTO sets the target time to restore services after a disaster or interruption, ensuring business continuity and disaster recovery. This period indicates the maximum acceptable time between the incident and the full restoration of services to avoid significant impacts on business continuity.
  • Disaster Recovery Plan: The SERVICE PROVIDER shall maintain, make available, and annually review a standard procedure governing the management of business continuity events, including disaster recovery plans and tests. This plan will include strategies and procedures to be implemented in case of catastrophic failure at the primary hosting site, ensuring the rapid availability of the secondary site for Authorized Users. The business continuity strategy will include regular exercises and simulations to test the readiness of the disaster recovery plan, the results of which may be shared with the CLIENT.
  • Neither party shall be liable to the other for any failure or delay in the performance of its obligations under this contract due to causes beyond its reasonable control, including, but not limited to, strikes, failure of telecommunications or power systems, war, acts of terrorism, pandemics, natural disasters, or adverse weather conditions.

Intellectual Property

  • Intellectual Property Rights: All copyrights, patents, trademarks, and other intellectual property rights related to the MY MENTHOR platform, including associated documentation and manuals, are and will remain the exclusive property of the SERVICE PROVIDER. The CLIENT agrees not to challenge or claim any ownership or copyright over the platform at any time during or after the contract.
  • CLIENT Content: Any content generated by AUTHORIZED USERS remains the property of the CLIENT.
  • Use of Suggestions and Feedback: The SERVICE PROVIDER reserves the right to use any suggestions, ideas, feedback, or other recommendations provided by the CLIENT or AUTHORIZED USERS to improve the services.
  • Contact with Authorized Users: The CLIENT grants the SERVICE PROVIDER the right to contact its AUTHORIZED USERS regarding the use of the services, unless otherwise stipulated.

Information Security and Data Protection

This chapter clarifies information related to the Security, Protection, and Data Privacy Policy, including how CLIENT data will be collected, stored, protected, and used. Security measures implemented to protect CLIENT data.

  • Security: The SERVICE PROVIDER follows the security policies and terms of the development and data storage platform and maintains internal practices that adhere to and reinforce these policies.
  • Hosting: The SERVICE PROVIDER's CLIENT data is hosted in the United States.
  • Indemnification: The parties are responsible for indemnifying and holding each other harmless from any violation of intellectual property rights, confidentiality, or data protection.
  • Role-Based Security: The SERVICE PROVIDER offers a role-based access management system that allows for the control of permissions and access to functionalities and content. Users are assigned to specific roles according to the privileges granted by the administrators.
  • Data Ownership: All records entered by AUTHORIZED USERS remain the property of the CLIENT. The SERVICE PROVIDER and/or AUTHORIZED PARTNERS will only have access to these records for specific services contracted by the CLIENT, such as consulting and mentoring, with the access profile defined by the CLIENT. The SERVICE PROVIDER will implement appropriate technical and organizational measures to protect any CLIENT content against unauthorized or unlawful processing and accidental loss or damage. The CLIENT must implement appropriate safeguards to prevent unauthorized access, use, or disclosure of Protected Information.
  • Data Quality: The CLIENT will be responsible for the accuracy, quality, integrity, legality, reliability, and appropriateness of all content recorded in the software.
  • Data Loss: In the event of loss or corruption of CLIENT content stored in the software, the CLIENT must notify the SERVICE PROVIDER. The SERVICE PROVIDER must make all reasonable efforts to promptly restore the content from the most recent available backup copy, if available. The SERVICE PROVIDER will not be responsible for any loss, destruction, alteration, or disclosure of CLIENT content caused by third parties, except subcontractors ('Authorized Partners') of the SERVICE PROVIDER.

Confidentiality

This section establishes the commitment of both parties to maintain the confidentiality of sensitive information shared during the provision of services.

  • Confidential Information: All information recorded by the CLIENT on My Menthor is considered confidential and cannot be shared with other clients unless expressly authorized by the CLIENT.
  • Legal Commitment: Both parties commit to comply with data protection legislation, including GDPR, recognizing that, for legal purposes, the CLIENT is the Controller and the SERVICE PROVIDER is the Processor regarding any personal data shared during the provision of services.
  • Non-Disclosure Agreement (NDA): The confidentiality commitment can be reinforced by formalizing Non-Disclosure Agreements (NDA), ensuring the protection of sensitive information.
  • Controlled Disclosure: Confidential information may be disclosed only if required by law or competent authority, considering the interests of the other party.
  • Post-Contract Protection: After the termination of the contract, the SERVICE PROVIDER must return and/or destroy the CLIENT's records.
  • Use of Brand and Advertising: The use of the brand and the publication of success stories related to results obtained with the use of SaaS at the CLIENT are subject to prior written approval by the CLIENT.
  • Neither party shall be liable to the other for any failure or delay in the performance of its obligations under this contract due to causes beyond its reasonable control, including, but not limited to, strikes, failure of telecommunications or power systems, war, acts of terrorism, pandemics, natural disasters, or adverse weather conditions.

SaaS Termination and Cancellation Terms

Contract Duration, Renewal, or Termination

  • Duration: The contract comes into effect on the date of signature and has an initial duration of 12 months, unless otherwise defined in the contract.
  • Renewal: The contract can be automatically renewed 15 days after the expiration date, unless one of the parties indicates otherwise. During renewal, adjustments to the subscription license prices may be applied.
  • Termination for Convenience: Either party may terminate the contract at any time by giving written notice 30 days in advance.
  • Termination for Cause: Breach of any contract term may result in immediate termination or notice by the SERVICE PROVIDER, without the right to claim or compensation. Reasons include violation of contractual rules or non_ payment/delays of monthly subscription fees.

Effects of Contract Termination (Penalties or Compensation)

  • The contract may be terminated after all outstanding financial obligations are settled by the CLIENT. The CLIENT must pay the amounts corresponding to the remaining term of the contract, except when waived by the SERVICE PROVIDER.
  • The SERVICE PROVIDER will discontinue all services on the effective termination date, canceling all granted licenses.
  • Data Return and Transfer: Information on the platform will be available for 15 days after the contract ends, accessible only to the administrator designated by the CLIENT to extract reports from the information base. After this period, all CLIENT data will be deleted from the servers, without the right to compensation.
  • Any amounts already paid by the CLIENT, such as implementation and setup, customizations, and monthly fees, will not be refunded.