Acceptable Use Policy

This Acceptable Use Policy ("AUP") governs your access to and use of BigGeo Global Inc.'s products, services, platform, datasets, and APIs (collectively, the "Products and Services"). It applies to all users, including enterprise customers, end users, marketplace customers, data users, API users, and data partners (collectively, "you" or "your").

This AUP is incorporated by reference into BigGeo's Master Services Agreement ("MSA"), End User Terms of Service ("End User ToS"), and Data Partner Terms of Service ("Data Partner ToS"), as applicable. Capitalized terms not defined in this AUP have the meanings given to them in those agreements.

By accessing or using the Products and Services, you agree to comply with this AUP. If you do not agree, you must not access or use the Products and Services.

You may access and use the Products and Services solely for:

• Lawful business purposes in accordance with your applicable agreement with BigGeo;
• Accessing, querying, and processing Datasets for which you hold valid access rights;
• Integrating BigGeo's APIs and MCP connector into your internal workflows and applications, subject to the applicable API terms; and
• Any other purpose expressly authorized in writing by BigGeo.

You must not use the Products and Services to:

3.1 Unlawful or Harmful Activity

• Violate any applicable local, provincial, national, or international law or regulation, including data protection laws, export control laws, and anti-spam legislation;
• Engage in fraud, deception, or misrepresentation;
• Facilitate, enable, or assist any third party in conducting any of the foregoing.

3.2 Unauthorized Data and Privacy Violations

• Submit, upload, or transmit personally identifiable information ("PII") of individuals located in the European Union or European Economic Area ("EU/EEA") to BigGeo unless a valid Data Processing Agreement ("DPA") governing EU/EEA personal data is in place between BigGeo and the applicable customer or data provider, in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR");
• Process personal data in a manner that exceeds the scope of your applicable agreement with BigGeo or the applicable Data Processing Agreement;
• Collect, store, transmit, or process personal data without a valid legal basis under applicable data protection law;
• Circumvent or undermine any privacy controls, consent mechanisms, or data subject rights procedures implemented by BigGeo or required under applicable law;
• Submit or process special categories of personal data (as defined under GDPR Article 9) through the Products and Services without BigGeo's prior written approval and an applicable DPA in place.

3.3 Security and System Integrity

• Conduct vulnerability testing, penetration testing, or security scanning of the Products and Services without BigGeo's prior written authorization;
• Introduce malware, viruses, worms, trojans, ransomware, logic bombs, or any other malicious or harmful code;
• Attempt to gain unauthorized access to any part of the Products and Services, BigGeo's systems or networks, or third-party systems connected to the Products and Services;
• Interfere with, disrupt, or overload the Products and Services or any infrastructure supporting them, including through denial-of-service attacks, flooding, or mailbombing;
• Exploit any vulnerability in the Products and Services, whether discovered by you or otherwise.

3.4 Intellectual Property and Competitive Activity

• Reverse engineer, decompile, disassemble, or attempt to derive the source code of any component of the Products and Services;
• Copy, modify, create derivative works of, or reproduce any part of the Products and Services or any Dataset beyond the scope of your license rights;
• Use the Products and Services for benchmarking, competitive analysis, or to develop a product or service that competes with BigGeo;
• Remove, obscure, or alter any proprietary notices, branding, copyright notices, or trademark notices in or on the Products and Services.

3.5 Data Extraction and Automation

• Engage in screen scraping, web crawling, data mining, bulk data extraction, or any other automated or manual process to extract, copy, index, or harvest data from the Products and Services beyond what is expressly permitted by your API or dataset access rights;
• Use bots, scripts, or automated tools to access the Products and Services in a manner that exceeds normal usage patterns or places unreasonable load on BigGeo's infrastructure.

3.6 Misuse of Datasets

• Access, process, or distribute Datasets in a manner that violates the applicable Data Provider's terms and conditions;
• Sub-license, sell, resell, distribute, or otherwise make Datasets available to any third party except as expressly authorized by your agreement with BigGeo and the applicable Data Provider;
• Use Datasets for any purpose that violates applicable law or infringes the intellectual property rights or privacy rights of any person.

3.7 AI and MCP Services

• Use BigGeo's MCP connector or AI-powered services to generate, transmit, or facilitate content that is unlawful, harmful, abusive, defamatory, or that violates any third party's rights;
• Attempt to manipulate, circumvent, or interfere with the outputs or safety controls of any AI model accessed through the Products and Services;
• Submit PII, confidential third-party data, or regulated data (including health information or financial account data) through API calls or MCP tool calls except as expressly permitted under your applicable agreement and applicable law.

4.1 BigGeo's Products and Services are available to users located in the European Union and European Economic Area ("EU/EEA") only where a valid Data Processing Agreement ("DPA") is in place between BigGeo and the applicable customer or data provider governing the processing of EU/EEA personal data.

4.2 If you are located in the EU/EEA, or if you submit personal data relating to EU/EEA residents, you represent and warrant that:

• A valid DPA is in place between BigGeo and you or your organization before any personal data is submitted;
• Your processing of personal data through the Products and Services is conducted in accordance with the GDPR and the terms of the applicable DPA;
• You have obtained all necessary consents or have a valid legal basis under GDPR Article 6 (and Article 9, where applicable) for the personal data you submit or process.

4.3 If no DPA is in place, you must not submit personally identifiable information relating to EU/EEA residents to BigGeo. Submission of EU/EEA personal data without an applicable DPA in place is a material breach of this AUP and your applicable agreement with BigGeo.

4.4 BigGeo processes personal data in accordance with its Privacy Policy, available at biggeo.com/legal/privacy-policy, and where applicable, the terms of the executed DPA.

You are responsible for:

• Ensuring that all users within your organization who access the Products and Services comply with this AUP;
• Maintaining the security and confidentiality of your account credentials and access keys, and notifying BigGeo immediately of any unauthorized access or breach;
• Ensuring that any personal data you submit to BigGeo has been collected and may be processed lawfully under applicable data protection law;
• Maintaining your own independent backups of any Datasets you download, as the Products and Services are not intended to function as a backup or data repository;
• Complying with all applicable export control laws and regulations in connection with your use of the Products and Services.

If you become aware of any actual or suspected violation of this AUP, including any unauthorized access, security incident, or breach involving personal data, you must notify BigGeo promptly at:

Email: support@biggeo.com    Privacy matters: privacy@biggeo.com

BigGeo will investigate all reported violations and take appropriate action.

BigGeo reserves the right, in its sole discretion and without prior notice, to:

• Suspend or terminate your access to the Products and Services if BigGeo reasonably believes you have violated this AUP;
• Remove or disable access to any content, data, or Datasets that violate this AUP;
• Report suspected unlawful activity to appropriate law enforcement or regulatory authorities, including data protection supervisory authorities;
• Cooperate with law enforcement or regulatory investigations relating to your use of the Products and Services.

Suspension or termination for AUP violations does not limit BigGeo's right to seek any other remedies available at law or in equity, including indemnification under your applicable agreement with BigGeo.

BigGeo reserves the right to update this AUP at any time. When changes are made, BigGeo will post the updated AUP at biggeo.com and update the "Last Updated" date. Your continued use of the Products and Services following notice of any change constitutes your acceptance of the updated AUP.

This AUP is governed by and construed in accordance with the laws of Alberta and the federal laws of Canada applicable therein, without regard to conflicts of law principles. To the extent BigGeo processes personal data of EU/EEA individuals pursuant to a DPA, the GDPR applies to such processing in accordance with the terms of that DPA. Nothing in this AUP limits BigGeo's obligations or your rights under the GDPR where it applies.

For questions about this AUP, contact BigGeo at:

BigGeo Global Inc. Suite 200, 1215 1 Street SW Calgary, AB T2R 0V3 Canada

Email: support@biggeo.com    Privacy: privacy@biggeo.com    Website: biggeo.com