Last Updated: September 6, 2022

1. General

This Terms of Service Agreement, including any exhibits, appendices and policies that are referenced or attached, forms a binding agreement (“Agreement”) between Arist Holdings Inc. and our affiliated companies (collectively, “Arist”, “we”, “our” or “us”) and the person or entity agreeing hereto (“you” or “your”).  This Agreement is effective as of your initial access to or use of the Services or upon execution of an order hereunder (“Order”), whichever is earlier (the “Effective Date”).  This Agreement governs all access and use of our website located at http://arist.co (the “Site”), the Arist microlearning platform made available via the Site, and all other Arist services, technology, data, programs and materials (collectively, the “Services”).  Arist and you are each a “Party” and collectively, the ”Parties.”

The Services enable registered “Authors” to create, list and market text message-based lessons for education, training and development purposes (the “Courses”).  The Services also enable registered “Learners” (and their Permitted Users, as defined below) to enroll with an Author to take a Course.   The Courses are completed via text messaging or via other messaging features that we may offer.  The Services also enable users to store, post and share content such as texts (in posts or communications with others), files, documents, graphics, images, music, software, audio and video (collectively, “User Content”).  Using the Services, Authors and Learners directly interact with each other regarding enrollment in Courses.   Arist’s role is limited to providing the Services to facilitate these interactions.  Arist is not a party to any interaction or agreement between Authors and Learners.

In consideration of the mutual promises herein, the Parties agree as follows:

2. Acceptance

By accessing or using the Services or placing an order with us (“Order”), you represent and warrant that you are 18 years or older and have the authority to enter into and be bound by, and you are bound by, this Agreement.  If you access or use the Services or place an Order on behalf of a legal entity such as your employer, “you” and “your” will refer to that entity, and you represent and warrant that you have the authority to enter into and bind that entity to this Agreement, and agree to be bound.  If the term of an Order is inconsistent with a term of this Agreement, the Order term will take precedence.

3. Amendments, Updates

a. We may amend this Agreement from time to time, in our sole discretion, by posting the amended Agreement on the Site.  We may also send you other forms of notice.  If you continue to use the Services after such posting or notice, it means that you accept and agree to be bound by the amended Agreement.  If you don’t agree to the amendments, you must cease any access or use of the Services.  

b. We may modify, update or discontinue all or any part of the Services in our sole discretion, with or without notice, including as needed to comply with law, address a security risk, or avoid an economic or technical burden.  If a modification materially reduces the functionality of the Services or if we discontinue any Services that are not replaced by a substantially equivalent function or feature, you may terminate the affected Services upon providing 30 days written notice to Arist; and in such event, Arist will refund any prepaid, unused Fees in respect of the terminated Services.  

4. Grant of Rights, Intellectual Property

a. Our License to You.  Arist hereby grants you the limited, non-exclusive, non-transferable, non-assignable and non-sublicensable right to access and use the Services, and to permit your Permitted Users to access, use and receive the benefit of the Services, including the content and materials made available through the Services (the “Content”), solely for the purposes of this Agreement.  “Permitted User” means any employee or agent whom you authorize to use the Services.  Subject only to the foregoing, Arist retains all worldwide rights, title and interest in and to the Services, Usage Metadata, and Intellectual Property Rights embodied therein or related thereto, whenever developed.   "Intellectual Property Rights" means all patents, copyrights, trade secrets, trademarks and service marks, trade names, trade dress, goodwill and marketing rights related thereto, works of authorship, inventions, discoveries, improvements, enhancements, methods, processes, formulas, designs, techniques, derivative works, know how, all other intellectual property or proprietary rights (registered or not) and equivalents or similar forms of protection existing worldwide, and all applications for and registrations in such rights.  “Usage Metadata” means and includes aggregated data sets, reports and analyses that we may create relating to the Services, in a form that is anonymized and does not identify you or any individual user.

b. Permitted Users.  You agree that the maximum number of Permitted Users (i.e., Learners) that you authorize to access and use the Services will not exceed the number of Permitted User Subscriptions you have purchased.  “Permitted User Subscriptions” means the user subscriptions or “seats” that you purchase, which entitle Permitted Users to access and use the Services in accordance with this Agreement.  If you wish to increase the number of Permitted User Subscriptions, you must notify us in writing and if we agree to increase the number of Permitted User Subscriptions, we will invoice you at the then-current rate for the additional Permitted User Subscriptions.  You will not allow any Permitted User Subscription to be used by more than one individual Permitted User unless it has been reassigned in its entirety to another individual, in which case the prior individual will no longer have any right to access or use the Services.  You also will cause each Permitted User to keep a secure, confidential password for use of the Services, and to change such password on a regular basis.

c. Your License to Us. You grant to Arist, its affiliates and their respective agents, suppliers and subcontractors, a non-exclusive, transferable, worldwide, perpetual, royalty-free license, with the right to sublicense through multiple tiers, to (i) access and use, ingest, reproduce, duplicate, format, store, distribute, display and perform the User Content, User Comments (defined below), and associated metadata in order to provide the Services, and (ii) generate Usage Metadata.  Subject to the foregoing license, you retain all rights, title and interest in and to your User Content and the Intellectual Property Rights therein.  

d. User Content.  You are solely liable for your User Content.  By providing User Content, you represent and warrant that: (i) you own or have all necessary licenses, rights, consents and permissions to grant the license herein; and (ii) neither the User Content, nor any access or use of the User Content via the Services, will infringe, misappropriate or otherwise violate a third party’s intellectual property rights or rights of publicity or privacy, or result in the violation of any other applicable law or regulation.  Arist expressly disclaims any liability for Course content, quality, timing, suitability, reliability, accuracy, completeness, legality or availability.  You may remove your User Content from the Services by specifically deleting it to the extent feasible and practicable, or by contacting us at support@arist.co.  In some instances, certain User Content (such as posts or comments) may not be completely removed and copies may continue to exist on the Services.  We reserve the right, but are not obligated, to remove or disable access to any content, including User Content, at any time and without notice or liability, including if we, at our sole discretion, consider it objectionable or in violation of this Agreement.  

e. User Comments.  As a Learner, upon completing a Course you may be invited to leave comments on the Services regarding your experience with a Course and its Author (“User Comments”). We advise you to exercise caution when posting User Comments because once submitted they cannot be edited.  You are solely liable for your User Comments.  We do not monitor or censor User Comments, but we reserve the right, in our sole discretion, to remove User Comments that we deem in violation of this Agreement.  Arist expressly disclaims any liability for User Comments.  

f. Feedback.  We appreciate any feedback, comments, ideas, proposals, suggestions, recommendations, enhancement requests, data, statistics or other information that you may provide regarding the Services (“Feedback”).  You agree that Arist owns all right, title and interest in such Feedback, including all associated Intellectual Property Rights.  

g. Trial Services.  From time to time, we may offer certain Services or products to you on a limited basis without fee or charge, including for example, free accounts, trial use, and access to pre-release and beta services or products (collectively, “Trial Services”).  Your use of Trial Services are subject to any additional terms that we may specify.  We may terminate your access or use of Trial Services at any time in our sole discretion, without liability.

h. Third Party Resources.  The Services may allow you to access and/or integrate with certain third-party products, services, websites or other resources, including any content, products or services that they display, link to, or make available (“Third Party Resources”).  We provide access to Third Party Resources only as a convenience, without endorsement or liability.  If you choose to use any Third Party Resources in connection with the Services, we may provide the relevant third party provider with access or use of your information as authorized by you.  Access and use of any Third Party Resources will be subject to any applicable agreement between you and the third party provider. We are not responsible for any access to or use of your information by such third party providers.  Arist expressly disclaims all liability for any Third Party Resources and for the acts and omissions of any third-party providers.

5. Account Registration, Courses

a. To access and use the Services, you must create an account (“Account”) – either as an Author or Learner.  You agree to provide accurate, complete and current information for your Account at all times.  You also agree to keep your Account login credentials confidential and secure, and to notify us immediately of any unauthorized use of your Account.  You are responsible for all activities that occur under your Account.  

b. If you register as an Author to create and offer Courses, you will register via the Site.  We will request your name, email address, a description of your skill set with respect to Course subject areas, third-party payment-processing account information (your “Payment Account”), and any other necessary Account information. We will use this information to administer your Account and for internal purposes, including keeping records of your indicated skill sets.  When you register as an Author, you may create Courses and make them available (i) as “Public Courses” via Arist’s online library (the “Course Library”) that Learners may access through the Site, and/or (ii) as private Courses via your own selected advertising and promotional channels, including third-party websites, social media services or other such channels (collectively, the “Channels”).  We grant you limited permission to use the Arist name solely to advertise and promote the Courses you make available through the Services, subject to our prior approval in each instance.  For each Course that you create, you must specify in reasonable detail: (1) the skill set required for a Learner to participate in and complete the Course; and (2) instructions sufficient for a Learner with the requisite skill set to participate in and complete the Course.  Also, you must comply with all Arist rules and guidelines for Course creation. Notwithstanding anything to the contrary herein, all Courses remain subject to our prior approval. As an Author, you may also approve or reject enrollment by any Learner in your Course, subject to this Agreement. You agree to use best efforts to continuously and diligently monitor and supervise Learners’ participation in and completion of your Courses, including by responding promptly to any Learner inquiries.

c. If you register as a Learner to enroll or subscribe in Courses, you may register either via the Site or through your existing accounts with certain third-party social media services such as Meta/Facebook Messenger or WhatsApp (each, an “SNS Account”).  If you register via your SNS Account, we will create your Arist Account by extracting certain personal information as authorized via your privacy settings in your SNS Account, including name, email address and other information.  We will use this information to administer your Account and to recommend to you certain Public Courses based on your indicated interests.  Before subscribing to Course related content, we have implemented two-factor authentication. By providing us your phone number, you will receive a one-time security code to authenticate your identity.

6. Fees, Payments, Cancellations

a. Subscription Fees.  If you are an Author, you may purchase a Services subscription from Arist on a monthly or annual basis (“Subscription”) by agreeing to pay the subscription fee (“Subscription Fee”) at the rate then in effect, plus any other applicable charges and taxes.  By electing to purchase a Subscription, you acknowledge that your Subscription has recurring payment features, you authorize Arist to initiate recurring, non-refundable payments, and you accept responsibility for all payment obligations prior to cancellation of your Subscription.  Your Subscription will continue until you or Arist cancels or terminates in accordance with this Agreement.   If you have a monthly Subscription, we will send you a notice at least 14 days before your current monthly term expires (or otherwise in accordance with applicable law), indicating the Subscription Fee due and reminding you that the term will automatically renew unless terminated. If you have an annual Subscription, we will send you a notice at least 15 days but no more than 45 days before your current annual term expires (or otherwise in accordance with applicable law), indicating the Subscription Fee due and reminding you that the term will automatically renew unless terminated.  

b. Fee Payments.  When you purchase a Subscription from Arist (each, a “Transaction”), you agree to the pricing, billing and payment terms as posted or otherwise communicated to you.  We will bill you via one of these methods (as specified in your Order):

    - By direct debit of your credit card, in which case you authorise us to debit you in the month after the commencement of the monthly billing cycle.

    - By issuing an invoice in accordance with the billing cycle or payment milestones specified in your Order, in which case you must pay the invoice within 30 days after the date of invoice.

    - By such other forms of payment that we make available on the Services, which may be subject to additional terms and conditions.

We may ask you to provide relevant payment information, including credit card number, expiration date, email, billing and notification addresses, and identify verification information (collectively, “Payment Information”).  By providing the Payment Information, you represent and warrant that you have the legal right to use the payment method you have specified; and you expressly authorize us to charge you, or to provide your Payment Information to our third-party payment processor as required to charge you, and to complete the Transaction.  All fees, charges and taxes are payable in U.S. Dollars.  All payments are non-refundable and non-creditable except as expressly provided in this Agreement or applicable Order.  If you dispute any fee or charge that we have billed you (acting reasonably and in good faith) you must notify us of the dispute without unreasonable delay.  If an undisputed portion of a due and payable fee or charge becomes delinquent, we may (i) suspend or terminate Services, (ii) apply a late charge on the unpaid amount equal to the lesser of 1% interest per month or the maximum rate allowed by law, and/or (iii) pursue any other available remedy.  We may also institute a chargeback policy if a payment obligation is not honored or if we question our ability to collect funds.  

c. Taxes.  You are solely responsible for all costs that you incur in using the Services and in determining, collecting, reporting and paying all applicable duties, customs fees or taxes (other than our income tax) associated with the Services provided to you, including any sales, VAT or other applicable tax, and any related penalties or interest.  

d. Cancellations.  

    - If you are a Learner, please note that if you do not or cannot complete a Course within the period of time set by the Author(s), you will be required to re-enroll in the Course.  

    - If you are an Author, you may cancel a Subscription payment Transaction for a full refund by notifying us within 10 calendar days of your initial purchase.  After that, you may still cancel, but your purchase will be final, non-refundable and non-creditable.  If you cancel a Subscription, your Subscription rights and obligations will terminate at the end of your Subscription period.  

    - To cancel a Transaction, you may notify us as follows:

        Email: support@arist.co

        Postal: 2261 Market Street, #4320, San Francisco, CA 94114

        Web:  www.arist.co

7. Confidentiality

"Confidential Information" means proprietary, nonpublic or trade secret information, disclosed in written, oral or visual form, that the disclosing Party, its Affiliates or agents (each, "Disclosing Party") provides to the receiving Party, its Affiliates or agents (each, "Receiving Party") and that the Disclosing Party designates as being confidential or that should reasonably have been understood under the circumstances as being confidential.  The Receiving Party will not use, copy or disclose Confidential Information except as permitted herein.  Confidential Information remains the sole property of the Disclosing Party.  The Receiving Party will protect the Disclosing Party's Confidential Information using no less than reasonable procedures.  The Receiving Party may disclose Confidential Information to its employees, consultants and contractors who have a need to know and who are bound by similarly stringent confidentiality obligations.  The Receiving Party also may disclose Confidential Information pursuant to a legal requirement (e.g., subpoena) or to establish rights or obligations under this Agreement; provided, that (1) reasonable prior notice, unless legally prohibited, is provided to the Disclosing Party to permit an opportunity to contest the disclosure and (2) the Receiving Party discloses only to the extent necessary to comply with the legal requirement or to establish its rights or obligations.  The Receiving Party will notify the Disclosing Party upon discovery of any unauthorized use or disclosure of Confidential Information and will cooperate to help prevent further unauthorized use or disclosure.  The Receiving Party acknowledges that the Disclosing Party's Confidential Information is valuable and unique and that unauthorized use or disclosure may result in irreparable injury to the Disclosing Party for which monetary damages are inadequate.  

8. Privacy

a. We will take reasonable steps to ensure that personal information is secure from unauthorized access, use or disclosure and will treat any personal information collected from you in accordance with the Arist Privacy Policy at https://arist.co/legal/privacy-policy.

b. You agree to comply with all applicable privacy and data protection laws and you are responsible for ensuring that you have obtained all individual consents required for us to provide the Services in respect of any personal information that you provide.

c. Where: (i) the EU General Data Protection Regulation 2016/679 (GDPR); and/or (ii) the laws of other states and territories that create and regulate substantially similar concepts and legal principles as are contained in the GDPR apply to any of your personal information, the terms of Arist’s Data Processing Addendum (attached as Exhibit 1) will apply.

d. Other than as expressly set forth herein, you acknowledge and agree that it is your responsibility to satisfy yourself that your use of the Services will allow you to meet any legal obligations applicable to you in respect of personal information and other User Content, and we disclaim all liability for your non-compliance with any such laws or standards arising from your use of the Services.

9. Security

a. Each Party will implement reasonable physical, technical and organizational safeguards designed to secure the Services and Content (with respect to us) and the User Content (with respect to you and your Permitted Users) from unauthorized access, disclosure, loss, modification, or destruction.

b. If a Party discovers that a Security Incident has occurred, that Party will notify the other Party promptly (and in any event within 72 hours) unless otherwise prohibited by law or otherwise instructed by a law enforcement or supervisory authority.  In addition to providing such notice, the notifying Party will promptly take reasonable steps to investigate and mitigate the effects of the Security Incident.  “Security Incident” means a breach of security of the Services leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Client Content in the possession or control of Provider.

c. In addition to the foregoing, we will provide and make available the Services in accordance with the security measures set forth at https://arist.co/legal/security.

10. Term and Termination  

a. Term.  This Agreement will continue for one year from the Effective Date (“Initial Term”) unless terminated earlier pursuant hereto, and thereafter, will renew automatically for successive periods of the same length (each, a “Renewal Term”) unless, before expiration of the Term, either Party provides timely notice of non-renewal.  The Initial Term and all Renewal Terms are collectively, the “Term”.  If the Parties enter into an Order that expires after the Term, the Term will expire on the same date as that Order.

b. Termination.  

    - You may terminate your Account at any time by notifying us or by following the online process specified on the Services for cancellation; and in such event, unless expressly agreed in writing, you will not be entitled to any refund or credit.

    - We may terminate your Account at any time in our sole discretion, upon notice to you.  If we terminate your Account for reasons other than as set forth in the following Subsection 3, we will refund to you any unused Subscription Fees (if you are an Author).

    - Either Party may terminate this Agreement in whole or part, including any particular Order(s), immediately upon notice to the other Party if: (i) the other Party is in material breach of this Agreement and does not cure the breach within 30 days after written notice of the breach; or (ii) if the other Party ceases to operate or is liquidated or dissolved, has a receiver or administrator appointed, commences (or has commenced against it) proceedings under any bankruptcy, insolvency or debtor’s relief law which are not dismissed within 60 days, makes a general assignment for the benefit of its creditors, or otherwise becomes insolvent or unable to meet its financial obligations

c. Effect of Termination.  Upon termination of this Agreement, (i) all rights to access or use the Services will terminate and we will cease providing the Services, (ii) each Party will pay the other Party all applicable fees or charges accrued but unpaid, (iii) all liabilities accrued before the date of termination will survive and (iv) upon request, each Receiving Party will return or destroy all copies of Disclosing Party’s Confidential Information.

11. Representations and Warranties

Each Party represents and warrants that: (i) it possesses the full right, power and authority to enter into and fully perform the Agreement and grant the rights granted herein; (ii) it is not bound by any obligation that would prevent it from entering into or performing its obligations herein; (iii) the execution, delivery and performance of this Agreement has been duly authorized by all necessary corporate action; and (iv) it will comply with all applicable laws, rules and regulations in its performance hereunder.  You further represent and warrant that you own or have all required rights, consents and permissions for the use, processing and transfer of User Content provided to us.

12. Disclaimers

a. General.  THE SERVICES AND ALL CONTENT, INCLUDING COURSES, ARE PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND.  ARIST EXPLICITLY DISCLAIMS ALL WARRANTIES OF ANY KIND, EXPRESSED OR IMPLIED, STATUTORY OR OTHERWISE IN LAW OR FROM A COURSE OF DEALING OR USAGE OF TRADE, TO THE FULLEST EXTENT PERMITTED BY LAW.  FURTHER, ARIST DOES NOT WARRANT OR REPRESENT THAT THE SERVICES OR CONTENT WILL MEET YOUR REQUIREMENTS, BE AVAILABLE ON AN UNINTERRUPTED, SECURE, ERROR-FREE, OR DEFECT-FREE BASIS, BE FREE OF ANY MALICIOUS CODE, OR BE ACCURATE, COMPLETE OR RELIABLE.  

b. Third Party Charges.  ARIST, ITS AFFILIATES AND LICENSORS DO NOT GUARANTEE ANY TEXT (SMS) MESSAGE DELIVERY, TIMELINESS OR AVAILABILITY, AND ARE NOT RESPONSIBLE FOR ANY LOST OR MISDIRECTED MESSAGES, OR FOR ANY TEXT MESSAGING OR WIRELESS SERVICE CHARGES INCURRED IN CONNECTION WITH THE SERVICES.

c. No Liability for User Conduct.  ARIST, ITS AFFILIATES AND LICENSORS ARE NOT RESPONSIBLE FOR ANY USER CONDUCT, NOR WILL THEY BE A PARTY TO OR IN ANY WAY RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND OTHER USERS. ARIST DOES NOT RECOMMEND ANY PARTICULAR COURSE OR AUTHOR.  ARIST DOES NOT PROVIDE ANY WARRANTIES OR GUARANTEES REGARDING ANY AUTHOR’S PROFESSIONAL ACCREDITATION, REGISTRATION, LICENSE OR OTHER QUALIFICATIONS.

13. Indemnification  

a. Indemnification.  You agree to defend, indemnify and hold harmless Arist, its affiliates, licensors and service providers, and its and their respective officers, directors, employees, contractors, agents, licensors, suppliers, successors and assigns (each, an “Arist Indemnitee”) through final judgment or settlement, from and against any third-party claim, action, suit,  proceeding, judgments, settlements, losses, damages, expenses (including reasonable legal fees and expenses) and costs (including allocable costs of in-house counsel) ("Claim") brought against an Arist Indemnitee arising out of or based upon: (i) unauthorized access to or use of the Services and any information obtained therefrom; (ii) User Content; (iii) violation of this Agreement; (iv) any determination that you are or were an Arist employee; and (v) use of other than the then-current, unaltered release of any software used in the Services.

b. Process. The Arist Indemnitee will (i) promptly provide notice to you of any Claim for which indemnity is claimed (provided, that, any delay in providing notice will not relieve you of your obligations hereunder, except to the extent that you are materially prejudiced by the delay), (ii) permit you to control the defense of any such Claim and (iii) provide reasonable assistance at your reasonable cost.  Subject to the foregoing, you may select legal counsel to represent the Arist Indemnitee (such counsel to be reasonably satisfactory to the Arist Indemnitee) and to otherwise control the defense.  If you elect to control the defense, the Arist Indemnitee may fully participate in the defense at its own cost.  If you, within a reasonable time after receipt of notice of Claim, fail to defend the Arist Indemnitee, the Arist Indemnitee may defend and compromise or settle the Claim at your cost.  Notwithstanding the foregoing, you may not consent to entry of any judgment or enter into any settlement that imposes liability or obligations on the Arist Indemnitee or diminishes its rights, without obtaining the Arist Indemnitee's express prior consent, such consent not to be unreasonably withheld or delayed.

14. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL ARIST BE LIABLE FOR ANY INDIRECT, CONSEQUENTIAL, SPECIAL, EXEMPLARY OR INCIDENTAL DAMAGES OF ANY KIND, INCLUDING LOST PROFITS, REVENUES, SAVINGS, BUSINESS OPPORTUNITIES, DATA OR GOODWILL, SERVICE INTERRUPTIONS, COMPUTER DAMAGES OR SYSTEM FAILURES, OR REPLACEMENT SERVICES, HOWEVER CAUSED AND REGARDLESS OF THEORY OF LIABILITY, WHETHER OR NOT ARIST WAS NOTIFIED OF THE POSSIBILITY OF SUCH DAMAGES, AND WHETHER OR NOT THE REMEDIES PROVIDED FOR HEREIN FAIL OF THEIR ESSENTIAL PURPOSE.  YOU SPECIFICALLY ACKNOWLEDGE THAT ARIST WILL NOT BE LIABLE FOR ANY USER CONTENT OR CONDUCT AND THAT THE RISK OF HARM OR DAMAGE FROM  ANY OF THE FOREGOING RESTS SOLELY WITH YOU.  ARIST’S AGGREGATE LIABILITY FOR ANY AND ALL CAUSES OF ACTIONS, CLAIMS AND DAMAGES IN CONNECTION WITH THIS AGREEMENT IS LIMITED TO THE LESSER OF (i) DIRECT DAMAGES PROVEN BY YOU, (ii) THE AMOUNT OF FEES OR CHARGES PAID BY YOU TO ARIST DURING THE 12-MONTH PERIOD BEFORE THE DATE ON WHICH ANY CLAIM AROSE, OR (iii) ONE-HUNDRED U.S. DOLLARS ($100.00) IF YOU HAVE NOT HAD ANY PAYMENT OBLIGATIONS TO US.

15. Other Arist Policies

a. Privacy Policy.  Please review our Privacy Policy at https://arist.co/legal/privacy-policy for information on how we collect, use and share your information.  

b. Copyright Policy.  We respect copyright law and expect our users to do the same. It is our policy to terminate in appropriate circumstances Account holders who repeatedly infringe or are believed to be repeatedly infringing the rights of copyright holders. Please see our Copyright Policy, available at https://arist.co/legal/copyright-policy for further information.

c. Acceptable Use Policy.  You agree not to do any of the following:

    - Post, upload, publish, submit or transmit any User Content that: (i) infringes, misappropriates or violates Intellectual Property Rights, or rights of publicity or privacy; (ii) violates, or encourages any conduct that would violate, any applicable law or regulation; (iii) is fraudulent, false, misleading or deceptive; (iv) is defamatory, obscene, pornographic or offensive; (v) promotes discrimination, bigotry, racism, hatred, harassment or harm; (vi) is violent or threatening; (vii) promotes violent, illegal or harmful activities or substances; or (viii) contains any malicious computer code, file or program;

    - Use, display, mirror or frame the Services (in whole or part), any Arist name, mark, logo or other proprietary information, or the layout and design of any page or form, without Arist’s express prior written consent;

    - Avoid, bypass, remove, deactivate, impair, descramble or otherwise circumvent any technological measure implemented to protect the Services or Content;

    - Attempt to access or search the Services or Content or download Content from the Services through the use of any engine, software, tool, agent, device or mechanism (including spiders, robots, crawlers, data mining tools or the like) other than the software and/or search agents provided by Arist or generally available third-party web browsers;

    - Send any unsolicited or unauthorized advertising, promotional materials, spam, emails, junk mail, chain letters or other forms of solicitation;

    - Use any metatags or other hidden text or metadata that incorporates an Arist name, mark, logo, domain or product name without Arist’s express prior written consent;

    - Rent, lease, distribute, license, sublicense, sell, loan, transfer, assign, distribute, network or otherwise provide access or use of the Services or Content to, or for the benefit of, any third party in any manner not permitted by this Agreement, including without limitation to create a competitive service or product;

    - Forge any TCP/IP packet header or any part of the header information in any email or newsgroup posting, or in any way use the Services or Content to send altered, deceptive or false source- identifying information;

    - Attempt to decipher, decompile, disassemble, reverse engineer, exchange or translate any software on the Site or used to provide the Services, or remove or tamper with any disclaimers, Intellectual Property Rights notices, proprietary rights notices or other legal notices in the Services;

    - Attempt to reproduce, modify, adapt or create derivative works of the Services.

    - Interfere with, or attempt to interfere with, the access of any user, host or network, such as by sending a virus, overloading, flooding, spamming or mail-bombing the Services;

    - Scan, probe or test the Services, or breach the security of the Services;

    - Disrupt the normal flow of communications on the Services, or access or use the Services in any way that could damage, disable, overburden or otherwise impair Arist’s systems;

    - Impersonate or misrepresent your affiliation with any person or entity; or

    - Otherwise violate any applicable law or regulation.

d. We are not obligated to monitor access to or use of the Services or to monitor, review, censor or edit any Content.  However, we have the right to do so for the purposes of operating the Services, ensuring compliance with this Agreement, protecting the rights and safety of our personnel and third parties, and complying with legal requirements.  We reserve the right to investigate violations or other conduct that affects the Services.  We may also consult and cooperate with law enforcement authorities to prosecute users who violate applicable law.

16. Miscellaneous

a. Force Majeure. Neither Party will be liable in damages or have the right to terminate this Agreement for any delay or default in performing hereunder (except for failure to timely pay) if such delay or default is caused by conditions beyond its reasonable control including acts of God, government restrictions (including the denial or cancellation of any export or other necessary license), acts of terrorism, wars, disease, or insurrections.

b. Governing Law and Forum.  This Agreement will be construed and enforced in accordance with the laws of the State of California, without regard to its conflict of laws provisions. Each Party agrees that any action, suit or other proceeding involving Arist arising from or based upon this Agreement will be brought and maintained only in a state or federal court of competent jurisdiction located in San Francisco County, California.  Notwithstanding the foregoing, in the event that you have a dispute with an Author or Learner, you acknowledge and agree that Arist is not involved with such dispute; you agree to address such dispute directly with the Author or Learner as applicable; and you hereby release Arist, its affiliates, and their respective officers, directors, employees, contractors, agents, licensors, suppliers, successors and assigns from any and all claims, demands and damages of any kind, whether known or unknown, arising out of or related to such dispute

c. Survival.  The Parties’ rights and obligations set forth in Section 4 (with respect to Intellectual Property Rights ownership), 6(c) (Payment Disputes), 7 (Confidentiality), 10 (Disclaimers), 11 (Indemnification), 12 (Limitation of Liability) and 14 (Miscellaneous) will survive termination of this Agreement.

d. Export Compliance.  The Services and, other technology Arist makes available, and derivatives thereof, may be subject to export laws and regulations of the U.S. and other jurisdictions. You represent that you are not named on any U.S. government denied-party list. You will not permit users to access or use the Services in a U.S. embargoed country (currently Cuba, Iran, North Korea, Sudan or Syria) or in violation of any U.S. export law or regulation.

e. Entire Agreement. This Agreement constitutes the entire and exclusive understanding and agreement between Arist and you regarding the Services, and supersedes and replaces all prior oral or written understandings or agreements between Arist and you regarding the Services.

f. Severability. If any provision of this Agreement is held invalid or unenforceable by an arbitrator or a court of competent jurisdiction, that provision will be enforced to the maximum extent permissible and the other provisions will remain in full force and effect.

g. Construction. Without limitation, the terms of any other document, course of dealing, or course of trade will not modify this Agreement, except as expressly provided herein or as the parties may agree in writing.

h. Interpretation. The headings to Sections are for convenience or reference only and do not form a part of this Agreement and will not affect their interpretation. Neither Party will be afforded or denied preference in the construction of this Agreement, whether by virtue of being the drafter or otherwise. For purposes of the Agreement, the words and phrases “include”, “includes”, “including”, and “such as” are deemed to be followed by the words “without limitation”.

i. Relationship of Parties. Nothing herein will be deemed to create, or be construed as creating, a joint venture, partnership, employment or agency relationship between the parties.

j. Assignment. You may not assign, delegate or otherwise transfer this Agreement, by operation of law or otherwise, in whole or in part, without our prior written consent. Any attempt by you to assign or transfer the Agreement without such consent, will be null and void. We may freely assign or transfer this Agreement, in whole or in part, without restriction. This agreement will bind and inure to the benefit of the parties, their successors and permitted assigns.

k. Notices. Any notices or other communications provided by Arist will be given: (i) via email; or (ii) by posting to the Services. For notices made by email, the date of receipt will be deemed the date on which such notice is transmitted.

l. Waiver of Rights. Our failure or delay to enforce any right or provision of this Agreement will not be considered a waiver of that right or provision. Any waiver will be effective only if in writing and signed by a duly authorized representative of Arist. Except as expressly set forth in this Agreement, the exercise by either Party of any of its remedies hereunder will be without prejudice to its other available remedies.

17. Contact Us

If you have any questions about this Agreement or the Services, please contact us at:

Arist Holdings, Inc.

2261 Market Street, #4320

San Francisco, CA 94114

Email: support@arist.co

Web:  www.arist.co

Exhibit 1

Data Processing Addendum

1. Definitions.  Capitalized terms used but not defined in this Addendum will have the meanings set forth in the Agreement.

1. “Data Controller” means an entity which, alone or jointly with others, determines the purposes and means of Processing of Personal Data.

b. ”Data Processor” means an entity which Processes Personal Data on behalf of the Data Controller.

c. “Data Protection Laws” mean all privacy or data protection laws applicable to Arist’s Processing of Personal Data under the Agreement or this Addendum, including any applicable EU and UK Data Protection Laws.

d. “EU Data Protection Laws” means the EU General Data Protection Regulation 2016/679 (“GDPR”).

e. “EU Standard Contractual Clauses”, “SCCs” or “Clauses” means as applicable, the Standard Contractual Clauses forming part of Decision 2021/914/EC (as amended or replaced from time to time), including their appendices and with the relevant Modules and Options set out herein.

f. “Personal Data” means User Content (i.e., personal information) relating to an identified or identifiable individual.

g. “Process” or “Processing” means any operation or set of operations performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

h. UK Data Protection Laws means Data Protection Act 2018 and the United Kingdom’s version of the GDPR which is part of UK law by virtue of the European Union (Withdrawal) Act 2018 ("UK GDPR") and any legislation applicable in the UK in force from time to time relating to privacy or the processing of personal data.

i. “UK Standard Contractual Clauses” means, as context requires, (a) the Standard Contractual Clauses (controllers) set out in Decisions 2004/915/EC ("Controller SCCs") with option (iii) of section II(h) being selected and the initials of the Data Importer deemed inserted; and/or (b) the Standard Contractual Clauses (“Processor SCCs”) set out in Decision 2010/87/EC, in each case including their appendices, and as amended or replaced from time to time by a competent authority or in accordance with the UK GDPR, including as contemplated herein.

2. Controller/Processor.  

a. Arist is the Data Controller in respect of certain Personal Data (such as Account registration details) that Arist collects directly from you and other users of the Services, and that we use for the purposes of our business.  

b. You are the Data Controller and Arist is the Data Processor in respect of any other Personal Data provided by you and other users, including User Content (as defined in the Agreement), and Arist will such Process Personal Data solely in accordance with the Agreement or other documented instructions of Client provided in accordance with the Agreement, or as otherwise required by applicable law.  Where you are Data Controller, it is your responsibility to ensure that in accordance with relevant Data Protection Laws, there is a lawful basis for the collection and processing of Personal Data and you have provided an appropriate privacy policy to users and other data subjects.

c. To the extent that the Services comprise the processing of Personal Data where Arist is the Data Controller and you are also the Data Controller, the provisions herein shall apply where applicable.

3. Terms of Data Processing.  

Where Arist acts as Data Processor of Personal Data on your behalf, Arist will:

a. process Personal Data only on your reasonable documented instructions unless required to do so by law; in such a case, Arist will inform you of that legal requirement before processing, unless prohibited by law on grounds of public interest.  You acknowledge and agree that your final and completion instructions regarding the processing of Personal Data are set out in the Agreement. Any additional or alternate instructions must be agreed in writing by the Parties (and Arist will be entitled to charge a reasonable fee to cover any compliance costs incurred);

b. ensure that persons authorised to process the Personal Data on Arist’s behalf have committed themselves to confidentiality obligations or are under an appropriate statutory obligation of confidentiality;

c. implement appropriate technical and organizational measures to ensure a level of security for the Personal Data that is appropriate to the risks to individuals that may result from the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the Personal Data;

d. not engage another processor without notice to you.  You may request a list of sub-processors currently engaged by Arist by emailing us at privacy@arist.co.  You may notify us in writing of any objections to new sub-processors (provided the objection is based on reasonable grounds relating to data protection). If we receive such an objection, the Parties will discuss such objections in good faith and Arist will use reasonable commercial efforts to resolve the objection.  If the Parties are unable to resolve the objection, you may terminate the affected Services by providing 30 days written notice to Arist.  We will impose obligations on any Data Processor that we appoint on your behalf that are equivalent to the terms set out herein.  We will remain liable for the performance of these processors;

e. taking into account the nature of the processing, assist the Data Controller by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of the Data Controller's obligation to respond to requests for exercising the data subject's rights laid down in Chapter III of the EU Data Protection Laws and any assistance that Arist provides to you in to respond to requests from: (i) data subjects to exercise their rights under Data Protection Laws; or (ii) regulatory authorities, will be at your cost on a time and materials basis;

f. at the Data Controller’s election, delete or return all the Personal Data to the Data Controller after the end of providing the Services relating to processing, and delete existing copies except that Arist will be entitled to retain Personal Data where required by Data Protection Laws or another applicable law, or where such data is required for Arist’s internal record keeping or where it is necessary for use in any legal proceedings; You must notify us of Personal Data that you wish to have returned or deleted within 30 days after the effective date of termination; and

g. make available to the Data Controller all information reasonably necessary to demonstrate compliance with the obligations laid down in Article 28 of the EU Data Protection Laws and allow for and contribute to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller (in each case at the Data Controller's cost). Any assistance that Arist provides to you to demonstrate compliance with Data Protection Laws will be provided at your cost. The Parties will mutually agree on the timing, scope and duration of any audit.  You may not carry out audits more than once in any one-year period, other than where a data security incident has taken place, you shall be entitled to carry out an additional audit within 30 days of arist notifying you of such security incident. You will ensure that any third-party auditor that you appoint is (i) not an Arist competitor; and (ii) is committed to appropriate confidentiality obligations. You and/or any third-party auditor will comply with Arist’s standard policies and procedures when accessing Arist’s premises or systems.

4. EU International Transfers.  With respect to any EU International Transfers, Arist (acting on its own behalf and as agent for each Arist affiliate) and you (acting on your own behalf and as agent for each of your affiliates) hereby enter into the EU Standard Contractual Clauses incorporating:

a. the general clauses (Clauses 1-6);

b. Modules One (Transfer Controller to Controller), Two (Transfer Controller to Processor), and Four (Transfer Processor to Controller) as applicable and the relevant options as specified in the table set out in Section 5 herein; and

c. with the Annexes populated as set out below:

(x) Annex I of the EU Standard Contractual Clauses (Details of Data Processing) will be pre-populated with the details set out in Section 6(a) herein; and

(y) Annex II of the EU Standard Contractual Clauses (Security Measures) are described in Section 6(b) herein.

The EU Standard Contractual Clauses will come into effect upon commencement of an EU International Transfer.

Before commencing any EU International Transfer to or from a sub-processor, Arist will use its reasonable efforts to enter into the EU Standard Contractual Clauses with such sub-processor, incorporating the general Clauses (Clauses 1-6) and Module 3 (Transfer Processor to Processor).

EU Standard Contractual Clauses: Modules and Options.   For the purposes of Section 4 above, the Parties agree that the following Modules and Options of the EU Standard Contractual Clauses are deemed to be incorporated:

[see images 1 and 2 below]

6. Details of Data Processing, Security Measures.  

a. For the purposes of Section 4 above, the Parties agree that Annex I of the EU Standard Contractual Clauses will be pre-populated with the following details:

[see images 3 and 4 below]

‍

b. For the purposes of Section 4 above, the Parties agree that Annex II of the EU Standard Contractual Clauses will be pre-populated with the following details:

Description of the technical and organizational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights and freedoms of natural persons.

Technical Security Measures

Cloud Security

    - Cloud Infrastructure Security; All of our services are hosted with Amazon Web Services (AWS). They employ a robust security program with multiple certifications. For more information on our provider’s security processes, please visit AWS Security.

    - Data Hosting Security: All of our data is hosted on Amazon Web Services (AWS) databases. These databases are all located in the United States. Please reference the above vendor specific documentation linked above for more information.

    - Encryption at Rest: All databases are encrypted at rest.

    - Encryption in Transit: Our applications encrypt in transit with TLS/SSL only.

    - Vulnerability Scanning: We perform vulnerability scanning and actively monitor for threats.

    - Logging and Monitoring: We actively monitor and log various cloud services.

    - Business Continuity and Disaster Recovery: We use our data hosting provider’s backup services to reduce any risk of data loss in the event of a hardware failure. We utilize monitoring services to alert the team in the event of any failures affecting users.

    - Incident Response: We have a process for handling information security events which includes escalation procedures, rapid mitigation and communication.

‍Access Security

    - Permissions and Authentication: Access to cloud infrastructure and other sensitive tools are limited to authorized employees who require it for their role. Where available, we have Single Sign-on (SSO), 2-factor authentication (2FA) and strong password policies to ensure access to cloud services are protected.

    - Least Privilege Access Control: We follow the principle of least privilege with respect to identity and access management.

    - Quarterly Access Reviews: We perform quarterly access reviews of all team members with access to sensitive systems.

    - Password Requirements: All team members are required to adhere to a minimum set of password requirements and complexity for access.

    - Password Managers: All company issued laptops utilize a password manager for team members to manage passwords and maintain password complexity.

Vendor and Risk Management

    - Annual Risk Assessments: We undergo at least annual risk assessments to identify any potential threats, including considerations for fraud.

    - Vendor Risk Management: Vendor risk is determined and the appropriate vendor reviews are performed prior to authorizing a new vendor.

Organizational Security Measures

    - Information Security Program: We have an Information Security Program in place that is communicated throughout the organization. Our Information Security Program follows the criteria set forth by the SOC 2 Framework. SOC 2 is a widely known information security auditing procedure created by the American Institute of Certified Public Accountants.

    - Third-Party Audits: Our organization undergoes independent third-party assessments to test our security and compliance controls.

    - Third-Party Penetration Testing: We perform an independent third-party penetration at least annually to ensure that the security posture of our services is uncompromised.

    - Roles and Responsibilities: Roles and responsibilities related to our Information Security Program and the protection of our customer’s data are well defined and documented. Our team members are required to review and accept all of the security policies.

    - Security Awareness Training: Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.

    - Confidentiality: All team members are required to sign and adhere to an industry standard confidentiality agreement prior to their first day of work.

    - Background Checks: We perform background checks on all new team members in accordance with local laws.

For more information, please see https://arist.co/legal/security.

7. UK International Transfers.   You, acting on your own behalf and as agent for each of your affiliates (each as "data exporter") and Arist acting on its own behalf and as agent for each Arist affiliate (each as "data importer") hereby enter into the relevant UK Standard Contractual Clauses in respect of any UK International Transfer from you (or your affiliate) to Arist (or an Arist affiliate) and the Appendices to the UK Standard Contractual Clauses will be completed as follows:

a. In respect of the Processor SCCs:

    - Appendix 1 will be pre-populated with the details set out in Section 6 above in respect of ‘data exporter’, ‘data importer’, ‘data subjects’, ‘categories of data’, ‘special categories of data (if appropriate)’ and ‘processing operations’; and

    - Appendix 2: the technical and organizational security measures implemented by the data importer are described in Section 6 above.

b. In respect of the Controller SCCs, Annex B will be pre-populated with the details set out in Section 6 herein in respect of ‘data subjects’, ‘purpose’, ‘categories of data’, and ‘special categories of data (if applicable)’ and as follows:

    - Recipients: the personal data transferred may be disclosed only to the following recipients or categories of recipients: data importer and employees, contractors, staff, and personnel of the data importer.

    - Data protection registration information of data exporter (where applicable): as available on the Supervisory Authority of Ireland’s website.

    - Additional useful information: as set out in the Agreement.

c. The UK Standard Contractual Clauses will come into effect upon commencement of a UK International Transfer (the "UK Standard Contractual Clause Effective Date"), provided that such UK Standard Contractual Clause Effective Date is before the UK Addendum Date (as defined below).

d. If the UK Information Commissioner, in accordance with S119A Data Protection Act 2018, issues an Addendum to the EU Standard Contractual Clauses (the "UK Addendum"), Arist (acting on its own behalf and as agent for each Arist affiliate) and you (acting on your own behalf and as agent for each of your affiliates) agree that:

    - from its date of issuance (the "UK Addendum Date"), the UK Addendum will be deemed incorporated into the EU Standard Contractual Clauses entered into in accordance with Section 5 above;

    - they will be bound by the UK Addendum as incorporated into the EU Standard Contractual Clauses;

    - the UK Addendum and the EU Standard Contractual Clauses into which it is incorporated will come into effect upon commencement of any UK International Transfer on or after the UK Addendum Date and for all UK International Transfers taking place on or after such UK Addendum Date; and

    - before commencing any UK International Transfer to or from a sub-processor, Vista will use its reasonable efforts to enter into the EU Standard Contractual Clauses with such sub-processor, incorporating the general Clauses (Clauses 1-6), Module 3 (Transfer Processor to Processor) and the UK Addendum.

SMS Terms

1. Arist is a text-message based learning platform. You can expect to receive course content messages for courses that you sign up for.

2. You can cancel the SMS service at any time. Just text "STOP" to the short code. After you send the SMS message "STOP" to us, we will send you an SMS message to confirm that you have been unsubscribed. After this, you will no longer receive SMS messages from us. If you want to join again, just sign up as you did the first time and we will start sending SMS messages to you again.

3. If you are experiencing issues with the messaging program you can reply with the keyword HELP for more assistance, or you can get help directly by emailing us at support@arist.co.

4. Carriers are not liable for delayed or undelivered messages.

5. As always, message and data rates may apply for any messages sent to you from us and to us from you. You will receive messages daily. If you have any questions about your text plan or data plan, it is best to contact your wireless provider.

6. If you have any questions regarding privacy, please read our privacy policy: https://arist.co/legal/privacy-policy