Terms and Conditions of Use of the Bits CRM Service

Version: 1.0 Effective date: 03 May 2026 Last updated: 03 May 2026 Language: English (courtesy translation — the Romanian version prevails)

Important note on this courtesy translation. This English version is a courtesy translation of the official Romanian Terms and Conditions. In case of any discrepancy or interpretive divergence, the Romanian-language version prevails as the legally binding document. This English text is provided for ease of reading by international users and is not, by itself, a substitute for the official Romanian text.

NOTICE — BETA STAGE. The Bits CRM Service is in BETA stage as of the date of these Terms. This means that features may be unstable, incomplete, modified, suspended or withdrawn at any time, without extended prior notice. The Operator does not guarantee continuous availability, complete data integrity, performance, or fitness of the Service for any particular purpose. Use of the Service during this period is at the Customer’s own risk. The Operator exercises reasonable diligence to continuously improve the Service, but the Customer expressly understands and accepts that a Service in BETA stage may exhibit defects, interruptions and temporary loss of data which are not covered by contractual warranties or standard remedy mechanisms.

Preamble

This document, hereinafter referred to as the “Terms” or “T&C”, governs the legal relationship between BITS DIGITAL SOLUTIONS S.R.L., in its capacity as the operator of the “Bits CRM” platform (hereinafter the “Operator”), on the one hand, and any natural or legal person who uses the Service, in its capacity as customer (hereinafter the “Customer” or “User”), on the other hand.

Acceptance of these Terms is performed electronically, by ticking the dedicated checkbox (“I agree to the Terms and Conditions”) and pressing the registration or upgrade button. By this action, the Customer confirms that it has read, understood and accepted in full and without reservations this document, as well as the policies referred to herein.

If the Customer does not agree to these Terms, it must not create an account, access or use the Service. Continued use of the Service amounts to acceptance of any modifications notified in accordance with these Terms, within the limits permitted by applicable law.

1. Definitions

In these Terms, the terms below have the following meaning, regardless of whether they are used in singular, plural or with capital letter:

• Operator: BITS DIGITAL SOLUTIONS S.R.L., a Romanian legal entity identified in section 2.
• Customer / User: any natural or legal person who creates an account and/or uses the Service, regardless of whether they pay or use the free plan.
• Consumer: a natural person acting for purposes outside their commercial, industrial, craft, liberal or agricultural activity, within the meaning of art. 2 point 2 of the Romanian Government Emergency Ordinance (“GEO”) no. 34/2014.
• Business: any natural or legal person (including authorised natural person — PFA, individual or family enterprise, limited liability company — SRL, joint-stock company — SA, liberal profession, association, foundation, non-profit entity etc.) acting for the purposes of its commercial, industrial, craft or liberal activity.
• Account: the electronic space created by the Customer on the Bits CRM platform, accessible through a set of credentials (e-mail + password, optionally complemented by two-factor authentication).
• Plan / Subscription: the level of access and the features contracted by the Customer (Free, Pro, Premium or Business), as set out on the Operator’s pricing page.
• Services: the entirety of features offered through the Bits CRM platform, generically described in section 4 and detailed on the product page.
• Customer Content: any data, files, recordings, texts, images, documents, contacts, invoices, appointments, messages, photographs, audio or video recordings and other materials uploaded, created, transmitted or processed by the Customer or its Users through the Service.
• Personal Data: any information relating to an identified or identifiable natural person, as defined in EU Regulation 2016/679 (GDPR).
• Services we rely on: third-party providers of technology whose infrastructure, software or services are necessary for the operation of the Service (see section 4).
• Incorporated Policies: the documents annexed to these Terms, integrated by reference, which govern specific aspects of the relationship between the Operator and the Customer (Privacy Policy, Data Processing Agreement, Cookie Policy, Acceptable Use Policy, etc.).
• Force majeure: an external, unforeseeable, absolutely invincible and inevitable event, within the meaning of art. 1351 para. (2) of the Romanian Civil Code.

2. Identification of the Operator

In accordance with Romanian Law no. 365/2002 on electronic commerce, art. 5, the Operator communicates:

Status under data protection legislation:

• Controller (within the meaning of art. 4 point 7 GDPR) for the personal data of the Customer collected in connection with account administration, billing, contractual communications and the Operator’s own marketing.
• Processor (within the meaning of art. 4 point 8 GDPR) for Customer Content containing personal data (for example, data about the Customer’s end clients, contacts, counterparties). In this capacity, the relationship is governed by the Data Processing Agreement (DPA) — an Incorporated Policy made available separately to the Customer.

Competent authorities:

• Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP) — https://dataprotection.ro
• Romanian National Authority for Consumer Protection (ANPC) — https://anpc.ro
• ODR Platform (Online Dispute Resolution for consumer disputes) — https://ec.europa.eu/consumers/odr
• ADR Platform (Alternative Dispute Resolution) — https://sal.anpc.ro

3. Scope of application and acceptance of the Terms

3.1 Who the Service addresses

The Bits CRM Service is intended for use both by Businesses (PFA, individual enterprises, family enterprises, SRL, SA, liberal professions, associations, foundations, non-profit entities, public institutions etc.) and by Consumers (natural persons).

Certain clauses in this document apply differently depending on the Customer’s category. Clauses that apply exclusively to one category are explicitly marked with the indication “Applicable exclusively to consumers” or “Applicable exclusively to businesses”.

3.2 Capacity to contract

In order to accept these Terms and use the Service, the Customer declares and warrants that:

• it has full legal capacity (a minimum age of 18 for natural persons);
• in the case of legal entities, the person accepting the Terms has a valid mandate to legally bind the entity in question;
• the data provided at registration is correct, complete and up to date;
• it is not subject to any legal or contractual prohibition from using the Service.

3.3 Acceptance mechanism

Acceptance of the Terms is performed by express ticking of the dedicated checkbox at the time of account registration, prior to completion of the account creation. For paid subscriptions, additional acceptance may be required at the time of upgrade.

For consumers, before the conclusion of the contract, the mandatory pre-contractual information required by GEO 34/2014 art. 6 is displayed, summarised in section 20 of this document.

3.4 Modification of the Terms

The Operator reserves the right to modify these Terms at any time, in order to reflect the evolution of the Service, legislative changes or business decisions. Modifications will be notified through:

• e-mail message, to the address associated with the Customer’s account;
• in-app notification, on the first connection following the modification;
• publication of the updated version on the dedicated page within the platform, with the effective date.

The prior notice period is at least 30 calendar days before the modifications take effect, except for modifications imposed by mandatory legislative changes or those that have no adverse effect on the Customer (clarifications, corrections, neutral technical changes).

In the case of substantial adverse modifications, the Customer has the right to terminate the contract without penalty, by notification to office@64bits.it, prior to the entry into force of the modifications. For consumers, the right to free termination for substantial adverse modifications is guaranteed and takes immediate effect.

Continued use of the Service after the entry into force of the modifications amounts to acceptance thereof, within the limits permitted by consumer law.

4. Description of the Services

4.1 Main features

The Bits CRM Service offers, without limitation, the following functional components (effective availability depends on the chosen plan):

• management of contacts and customer relations of the User’s end clients (CRM);
• issuance and administration of invoices, including integration with the Romanian national e-invoicing system RO e-Factura (SPV) under GEO 120/2021;
• payment tracking and management, including optical character recognition (OCR) for supporting documents;
• calendar and synchronisation with external calendars;
• online appointments and public booking pages;
• task management of Kanban type;
• integrated video meetings;
• cloud storage space (Drive), with sharing and access control;
• collaborative notes with real-time editing;
• document scanning (feature available exclusively on mobile applications);
• push notifications and reminders;
• intelligent assistant based on artificial intelligence models (AI Assistant);
• reporting and analytics;
• role-based access control (RBAC).

The effective features and technical limits (storage quotas, number of users, meeting minutes, OCR volumes etc.) correspond to the chosen plan and are presented on the pricing page published by the Operator. The Operator reserves the right to modify the composition of the plans, with prior notice in accordance with section 3.4.

4.2 Bits CRM as a tool

The Customer expressly acknowledges and accepts that the Bits CRM Service is a software tool made available, and:

• all documents (invoices, payments, contracts, messages, appointments, recordings etc.) are issued, transmitted and managed by the Customer, through the platform;
• the Operator does not issue invoices on behalf of the Customer, does not transmit fiscal documents to authorities on behalf of the Customer, does not represent the Customer in dealings with ANAF, ANPC or other authorities;
• the fiscal, accounting and legal liability for the documents generated through the platform rests exclusively with the Customer;
• the Operator does not provide fiscal, legal, medical or other professional advice.

4.3 Services we rely on

The operation of the Service depends on a series of third-party services integrated (such as, without limitation: cloud hosting, payment processing, transactional e-mail communications, SMS and telephony communications, artificial intelligence models, content delivery networks, anti-bot protection solutions, payment gateways, performance and error monitoring solutions and similar tools). The availability, performance and accuracy of the Service may be affected by the operation of such third-party services.

The detailed list of third-party services on which the Service depends can be provided to the Customer upon written and reasoned request transmitted to office@64bits.it, possibly under a reasonable confidentiality obligation, in order to protect the software design and the commercial strategy of the Operator.

The Operator exercises reasonable diligence in selecting and monitoring such providers, but does not bear liability for unavailability, delays, modifications or termination of third-party services that are not under the Operator’s direct control.

4.4 AI features

The Service includes features based on artificial intelligence (AI Assistant, OCR for invoices and payments, automatic suggestions, summarisations etc.).

With respect to these features, the Customer confirms that it understands and accepts the following:

• The output generated by AI models may be inaccurate, incomplete, erroneous or unsuitable for the Customer’s purpose. Such output does not constitute legal, fiscal, medical, financial or other professional advice.
• The Customer has the obligation to verify the AI output before using it in operational decisions, communications with third parties or official documents.
• Content generated with the help of AI may be marked as such in the Service interface, in accordance with the transparency obligations of EU Regulation 2024/1689 (AI Act) art. 50.
• Customer data transmitted to AI components is governed both by this document and by the terms of the AI model providers that the Operator uses. The Operator exercises reasonable diligence to configure the services so that Customer data is not used for training third-party providers’ models, but cannot contractually guarantee the behaviour of such providers beyond their public terms.
• The rights to the output generated in the Customer’s account belong to the Customer, within the limits permitted by Romanian Law no. 8/1996 on copyright (certain outputs purely generated by AI may not benefit from copyright protection).

4.5 Mobile features

Certain features, such as document scanning with the device camera, are available exclusively through the mobile applications (iOS and Android) and depend on the capabilities of the Customer’s device.

5. Account registration and security

5.1 Registration procedure

Creating an account requires the provision of accurate and complete data:

• Businesses: entity name, CUI (sole registration code), legal form, valid e-mail address, contact person. CUI verification may be performed automatically by querying the public ANAF database.
• Consumers: surname, first name, valid e-mail address.

The Operator may refuse or cancel a registration if the data provided is incorrect, incomplete or false, or if there are reasonable indications of fraudulent use.

5.2 Account security

The Customer is responsible for:

• choosing a password compliant with the platform’s security policy (length, complexity);
• the confidentiality of its credentials and those of the Users it adds;
• enabling two-factor authentication (2FA), available via TOTP, as the feature is integrated into the platform (strongly recommended);
• logging out from shared devices;
• promptly notifying the Operator in case of a suspected account compromise.

The Operator is not liable for the consequences of unauthorised use of the account as a result of the Customer’s failure to comply with security obligations.

5.3 Sub-users and roles

The Customer may add sub-users with differentiated roles (owner, manager, employee, external collaborator, client portal user etc.), in accordance with the chosen plan’s features. The Customer is fully responsible for:

• the actions of all sub-users added to its account;
• their compliance with this document and with all Incorporated Policies;
• the proper management of permissions and the revocation of access where appropriate (for example, upon termination of employment relationships).

5.4 Access recovery

In case of credential loss, access recovery is performed through the standard “password reset” procedure based on the associated e-mail address. For accounts with active 2FA, additional procedures are provided (recovery codes, identity verification).

6. Plans, prices, payment

6.1 Available plans

The Service is offered through the following main plans:

• Free — basic access with quota limitations;
• Pro — extended features for active professionals;
• Premium — full features for small teams, with priority support;
• Business — enterprise plan, available exclusively under a contract individually negotiated with the Operator.

The effective features, usage limits (quotas, number of users, meeting minutes, OCR volumes, storage capacity etc.) and prices applicable are displayed on the pricing page published by the Operator at the time of purchase and/or renewal. Acceptance of the Terms entails acceptance of the prices and features displayed at the time of the actual transaction.

The Operator reserves the right to modify the composition and/or names of the plans with prior notice of at least 30 days, in accordance with section 3.4.

6.2 14-day Premium trial (no upfront card)

New Customers may benefit from a 14-calendar-day free trial period of the Premium plan, without being asked for a credit card at registration.

Upon expiry of the 14 days:

• the account automatically reverts to the Free plan, with the corresponding limitations;
• no amount is automatically debited;
• the Customer’s data remains accessible within the limits of the Free plan; premium features become unavailable;
• in order to continue with a paid plan (Pro, Premium), the Customer must act expressly (introducing a credit card / payment method and placing the order).

6.3 Automatic renewal (paid plans)

Paid plans (Pro, Premium and, where applicable, Business) automatically renew at the end of each billing period (monthly or annual, as chosen by the Customer), by debiting the associated payment method.

Prior notification: The Operator transmits a notification by e-mail at least 48 hours before each automatic debit, indicating the amount, the date of the debit and the cancellation options.

Right to cancel: The Customer may cancel automatic renewal at any time directly from the account settings, through an easily accessible button, without penalty. Cancellation takes effect at the end of the current paid period; the Customer benefits from access until the expiry of that period.

6.4 Modification of prices

The Operator may modify the prices of the plans with prior notice of at least 30 days, by e-mail and in-app notification. The notice will indicate the old price, the new price, the effective date and the Customer’s options.

The Customer has the right to terminate the contract without penalty if it does not accept the new price, by notification to office@64bits.it prior to the entry into force of the modification.

Applicable exclusively to consumers: if the price increase exceeds 10% of the previous price, the right to free termination is expressly guaranteed to the consumer, without the possibility for the Operator to invoke contrary clauses.

6.5 Invoicing and e-Factura

The Operator issues the invoice for the subscription at the end of each billing period (or in advance, depending on the configuration of the plan):

• For businesses: the invoice is issued through the Romanian national RO e-Factura (SPV) system, in accordance with GEO no. 120/2021. The Customer confirms, by accepting the Terms, that it is registered with SPV or has the obligation to be so registered, in accordance with applicable legislation, and ensures the correct configuration of its tax data in the Account.
• For consumers: the invoice is issued in standard format and transmitted to the e-mail address associated with the account.

Payment term:

• Self-service subscriptions (purchased online through the platform): 14 days from the invoice date, with automatic debit at term through the associated payment method;
• Enterprise contracts (individually negotiated): 30 days from the invoice date, unless otherwise stipulated in the contract.

Penalties for late payment: in the case of Businesses, the Operator may apply legal penalties under Romanian Law no. 72/2013 on combating late payment of obligations (BNR reference rate + 8 percentage points).

Currency: prices are expressed in Romanian Lei (RON). For transactions in foreign currency, conversion is performed at the National Bank of Romania (BNR) exchange rate of the invoice date.

VAT: prices displayed to consumers include VAT. For businesses, prices may be displayed with or without VAT, with clear indication thereof; VAT is applied in accordance with Tax Code art. 290.

6.6 Refund Policy — 30-Day Money-Back Guarantee

The Operator offers a 30-calendar-day money-back guarantee from the first activation of a paid plan:

• The Customer may request a full refund of the amount paid by written notification to office@64bits.it within 30 days of activation;
• The refund is processed within 14 working days at most from the date of acceptance of the request, through the same payment method used at purchase;
• The guarantee is granted only once per person / per account / per payment method. The Operator reserves the right to refuse repeated or abusive requests (for example, successive creation of accounts with the same identity or with fictitious identities for the purpose of obtaining multiple refunds).

After the 30 days have elapsed: no refunds are granted for the remaining paid period. Unilateral termination of the subscription takes effect at the end of the current billing period; the Customer benefits from access until the expiry of that period, after which the account reverts to the Free plan or is suspended in accordance with section 6.8.

Applicable exclusively to consumers: the right of withdrawal provided by GEO 34/2014 (section 6.7 below) applies in addition to the 30-day guarantee. The consumer benefits from the most favourable regime. The 30-day guarantee does not restrict the consumer’s mandatory rights under the law.

6.7 Right of withdrawal for consumers (GEO 34/2014)

Applicable exclusively to consumers.

In accordance with Romanian GEO no. 34/2014 on consumer rights in contracts concluded with professionals, the Consumer benefits from the right to withdraw without giving reasons within a period of 14 calendar days from the conclusion of the contract (the date of activation of the paid subscription).

6.7.1 Manner of exercise

In order to exercise the right of withdrawal, the Consumer may:

• transmit a written notification to office@64bits.it, with a clear statement of the decision to withdraw; or
• use the standard withdrawal form in Annex A to this document.

The burden of proof regarding the exercise of the right of withdrawal lies with the Consumer.

6.7.2 Commencement of performance prior to expiry of the withdrawal period

At the time of upgrade to a paid plan, the Consumer is presented with a separate checkbox (independent of the acceptance of the Terms), with the following text:

“I request the immediate commencement of performance of the Service and I understand that: (i) if the Service is fully performed within the 14-day period, I lose my right of withdrawal under GEO 34/2014 art. 9 (exclusion under art. 16 letter m); (ii) if I withdraw within this period after performance has commenced, I will pay the Operator an amount proportional to the service actually rendered up to the moment of withdrawal.”

Ticking this box constitutes the prior express consent and the confirmation of loss of the proportional right of withdrawal. Without ticking this box, actual performance is postponed until after the expiry of the withdrawal period.

6.7.3 Refund

In the case of a compliant withdrawal, the Operator refunds:

• in full the amount paid, if performance has not commenced;
• proportionally to the unused service, if performance has commenced with express consent under 6.7.2.

The refund is processed within 14 days at most from the date of receipt of the withdrawal notification, through the same payment method used in the initial purchase (except in cases where the Consumer expressly agrees otherwise).

6.7.4 Exclusions

In accordance with art. 16 GEO 34/2014, the right of withdrawal does not apply in the case of:

• the supply of fully performed services, after performance has commenced with the prior express consent of the Consumer and after the Consumer has confirmed acknowledgement of the loss of the right of withdrawal (art. 16 letter a);
• the supply of digital content not provided on a tangible medium, if performance has commenced with the prior express consent of the Consumer and after confirmation of loss of the right of withdrawal (art. 16 letter m).

6.8 Account suspension for non-payment

In case of non-payment of due amounts at term, the Operator may:

• transmit a prior notice of at least 7 days, with a remediation request;
• suspend access to the account at the expiry of the remediation term, with the data preserved;
• reactivate the account upon full payment of outstanding amounts, including any legal penalties;
• proceed with termination of the contract and account deletion in accordance with section 13, in case of prolonged suspension.

7. Use rights and intellectual property

7.1 Licence granted to the Customer

The Operator grants the Customer a non-exclusive, non-transferable, non-sublicensable, revocable and limited licence, valid for the duration of the active subscription and strictly for use of the Service for legitimate purposes consistent with these Terms and applicable legislation, in the Customer’s own interest and that of its authorised Users.

This licence does not transfer to the Customer any ownership right over the Service, source code, design, databases, trademarks, documentation or any other element of the platform.

7.2 Customer Content

Customer Content remains the exclusive property of the Customer.

For the purpose of providing the Service, the Customer grants the Operator a non-exclusive, worldwide, royalty-free licence, limited in scope and duration, to:

• store, process, transmit, display, copy, back up and perform any technical operation necessary for providing the Service;
• make such content available to Users authorised by the Customer;
• fulfil applicable legal obligations.

The Operator does not sell, rent or disclose Customer Content to third parties, with the exception of:

• transmission necessary to services we rely on (see 4.3), exclusively for the purpose of delivering the Service;
• fulfilment of legal obligations (response to requests from competent public authorities, courts, criminal investigation bodies or fiscal control bodies, strictly within the limits permitted by law).

The Operator exercises reasonable diligence so that Customer Content transmitted to AI components of the Service is not used for training third-party providers’ models. The Operator does not contractually guarantee the behaviour of such providers beyond their public terms and reserves the right to update configurations in accordance with market evolution and provider terms.

7.3 Use restrictions

The Customer undertakes not to:

• decompile, disassemble, reverse engineer, modify or create derivative works from the Service, except in cases expressly permitted by mandatory law;
• carry out automated scraping of the Service outside of public APIs, where such APIs exist;
• conduct DoS/DDoS attacks, injections, brute-force or other attempts at security compromise;
• create multiple accounts for the purpose of evading plan limits or restrictions;
• use the Service for illegal, fraudulent, abusive, defamatory activities or activities infringing third-party rights;
• resell, sublicence, rent or allow third-party access to the account without the Operator’s written consent;
• use data or materials protected by intellectual property rights without holding the necessary rights;
• transmit through the Service malware, viruses, trojans or other malicious code.

7.4 Feedback

Any suggestion, idea, improvement proposal, bug report, review or other feedback voluntarily transmitted by the Customer to the Operator (referred to as “Feedback”) becomes, from the moment of transmission, freely usable by the Operator, without confidentiality, attribution or compensation obligations, for any purpose, including for improvement of the Service. This clause does not apply to personal data, which is governed by the Privacy Policy.

7.5 Trademarks

“Bits CRM”, logos, signs, interface design, product names, slogans and any other distinctive sign associated with the Service are the property of the Operator or its licensors. The Customer does not acquire any rights over them by accepting the Terms.

The Customer has the right to publicly mention that it uses the “Bits CRM” Service for descriptive and citation purposes, without suggesting an association, partnership or endorsement from the Operator.

7.6 AI output and related rights

The rights to the output generated by AI features in the Customer’s account belong to the Customer, within the limits permitted by Romanian Law no. 8/1996 on copyright and by the terms of AI model providers.

The Customer takes note that:

• output purely generated by AI, without sufficient human creative contribution, may not benefit from copyright protection under Romanian legislation and applicable case-law;
• content generated with the help of AI may be marked as such in the Service interface, in accordance with AI Act art. 50;
• responsibility for the use of AI output (verification, correction, operational decisions) rests exclusively with the Customer.

8. Customer obligations and responsibilities

8.1 Acceptable use

The Customer undertakes to use the Service in good faith and in accordance with applicable laws. The following are prohibited, without the enumeration being exhaustive:

• the upload, transmission or storage of illegal content, defamatory, obscene, pornographic, inciting violence, discrimination or hatred, infringing on the rights of minors or promoting illicit activities;
• infringement of the intellectual property rights of third parties (copyrights, trademarks, designs, patents, trade secrets);
• transmission of unsolicited communications (spam) through or with the help of the Service;
• transmission of malware, phishing, deceptive content or any other material that prejudices third parties;
• use of the Service to disrupt, disable, overload or compromise other networks, servers or systems.

Additional details regarding acceptable use are contained in the Acceptable Use Policy (AUP), incorporated by reference into these Terms. The Operator reserves the right to update the AUP with appropriate notice.

8.2 Responsibility for Customer Content

For personal data included in the Customer Content (in particular data about end clients, contacts, counterparties and other third parties with whom the Customer interacts through the Service), the Customer acts as a GDPR controller, and the Operator as a processor.

In this capacity, the Customer is responsible for:

• the legal basis of the processing of data it uploads, transmits or creates through the Service (consent, contract, legal obligation, legitimate interest etc.);
• the information of data subjects (art. 13-14 GDPR);
• the management of data subject rights (access, rectification, erasure, objection, portability);
• compliance with consent requirements under Law 506/2004 art. 12 for electronic commercial communications (e-mail, SMS), including an unsubscribe mechanism in each communication;
• announcing participants of recorded video calls or meetings, in accordance with Law 506/2004 and GDPR;
• the accuracy of fiscal documents (invoices, payments) generated through the Service;
• registration with SPV and any other system required by tax law;
• compliance with professional laws specific to the Customer’s activity (for example, lawyer professional secrecy, medical secrecy, psychologist confidentiality etc.).

The Customer indemnifies and holds harmless the Operator from any claims, sanctions, fines or damages arising from the failure to comply with these obligations (see section 12).

8.3 Commercial communications and anti-spam

With respect to the use of the Service for transmission of electronic commercial communications (e-mail, SMS, automated messages), the Customer undertakes to comply with Romanian Law no. 506/2004, art. 12, in particular:

• to obtain the prior express consent of recipients for commercial communications, with the exception of communications to existing customers for similar products/services (soft opt-in), in accordance with the law;
• to clearly identify the sender and the commercial nature of the communication;
• to include in each communication a simple and free mechanism for withdrawal of consent (unsubscribe);
• to comply with withdrawal requests immediately and not transmit further communications to recipients who have unsubscribed.

If the Operator receives notifications, complaints or sanctions from ANSPDCP, ANCOM, ANPC or other authorities arising from communications transmitted by the Customer through the Service in breach of the law, the Customer fully indemnifies the Operator, in accordance with section 12.

9. Processing of personal data

9.1 General framework

The processing of personal data in connection with the Service is governed by:

• the Operator’s Privacy Policy (published separately) — for Customer data processed by the Operator as controller (account, billing, communications data);
• the Data Processing Agreement (DPA) — for Customer Content containing personal data, processed by the Operator as a processor, in accordance with art. 28 GDPR.

The Privacy Policy and the DPA are incorporated by reference into these Terms and constitute an integral part of the contractual agreement.

9.2 Services we rely on and international transfers

For the provision of the Service, the Operator uses third-party services which may process Customer Content (see 4.3). The detailed list of these services may be obtained upon written and reasoned request.

Certain services may involve international transfers of data, including to states outside the European Economic Area. These transfers are covered by standard contractual clauses adopted by the European Commission (Decision 2021/914/EU) and/or by other transfer mechanisms recognised by GDPR.

Substantial modifications to services we rely on which impact the processing of Customer’s personal data are notified at least 30 days in advance; the Customer has a right of reasoned objection and termination in accordance with the DPA.

9.3 Cooperation with data subject requests

The Operator cooperates with the Customer in fulfilling its obligations as controller, within the technical and organisational possibilities of the Service, including for:

• responding to access, rectification, erasure, objection, portability requests of data subjects;
• notification of security breaches to ANSPDCP within 72 hours (GDPR art. 33);
• carrying out impact assessments (DPIA) upon reasoned request.

9.4 Return and deletion of data

Upon termination of the contract, Customer Content is treated in accordance with section 13.3 of this document and the specific provisions of the DPA.

10. Availability, maintenance, support

10.1 BETA stage and absence of contractual SLA

As indicated in the introductory sections, the Bits CRM Service is in BETA stage.

The Operator does not currently offer any contractual SLA, no service credit, no late penalty, no uptime, RTO (Recovery Time Objective) or RPO (Recovery Point Objective) guarantee. The Operator exercises reasonable diligence to maintain the availability of the Service, without assuming specific contractual obligations of result in this matter.

Features may be modified, suspended, restricted or withdrawn during the BETA stage, without extended prior notice, in particular for resolving stability or security issues or for alignment with legislative changes.

Contractual SLA agreements with service credits and availability targets may be available only through individually negotiated enterprise contracts with the Operator.

10.2 Maintenance

• Planned maintenance: prior notice of at least 24 hours, by e-mail and/or in-app, indicating the window and the expected impact. The Operator schedules such work preferably outside Romanian standard working hours.
• Emergency maintenance (security incidents, critical incidents, escalations from providers): may be performed without mandatory prior notice; the Operator communicates after the fact, as promptly as possible, the nature and impact of the intervention.

10.3 Technical support

• Single contact channel: office@64bits.it
• Mode of operation: best-effort, without contractually guaranteed response time;
• Priority support: available for the Premium and Business plans, within the limits described on the product page (best-effort).

The Operator reserves the right to refuse support requests that breach the AUP, are abusive, repetitive, or exceed the scope of product support (for example, general IT consultancy, fiscal/legal consultancy, advanced training).

11. Limitation of liability

11.1 “AS IS” provision

Given the BETA stage, the Service is provided “AS IS” and “AS AVAILABLE”.

To the maximum extent permitted by law, the Operator disclaims any implied warranty regarding:

• the fitness of the Service for any particular purpose of the Customer;
• the quality, reliability, accuracy, completeness or up-to-dateness of the Service;
• the absence of defects, errors or interruptions;
• absolute security or immunity to attacks.

Applicable exclusively to consumers: mandatory legal warranties (in particular regarding conformity of digital content, under GEO no. 140/2021) are not excluded or limited by these Terms. The consumer benefits from all mandatory rights provided by law.

11.2 Liability exclusions

To the extent permitted by law, the Operator is not liable for:

• indirect damages, including loss of profit, loss of opportunity, loss of reputation, cost of replacement products or services, business interruption;
• loss or corruption of data, to the extent that the Customer had a reasonable possibility of export or backup of its data;
• interruptions or errors caused by third-party services (see 4.3);
• third-party claims arising from Customer Content or from the Customer’s manner of use of the Service;
• consequences of the Customer’s failure to comply with security obligations (see 5.2).

Applicable exclusively to consumers: exclusion clauses that would be qualified as abusive under Romanian Law no. 193/2000 and the Annex thereto are interpreted restrictively; any contradiction with the consumer’s mandatory rights is struck by partial nullity without affecting the other clauses.

11.3 Liability cap

To the extent permitted by law, the Operator’s total cumulative liability towards the Customer, arising from or in connection with the Service, is limited to the amount actually paid by the Customer to the Operator in the 12 months preceding the event giving rise to liability, regardless of the basis of liability (contractual, tort, other) and regardless of the number of claims made.

Applicable exclusively to consumers: in order to avoid the limitation making the remedy illusory, the liability cap for consumers is at least RON 500 or the annual subscription paid, whichever is greater.

11.4 Mandatory exceptions

The limitations and exclusions of liability provided above do not apply and cannot be invoked for:

• the Operator’s wilful misconduct and gross negligence (Romanian Civil Code art. 1355 para. (2));
• bodily injury or harm to physical integrity;
• liability under GDPR art. 82 towards data subjects;
• mandatory obligations towards Consumers provided by GEO no. 140/2021, GEO no. 34/2014, Law no. 363/2007, Law no. 193/2000 and other applicable mandatory legal acts.

11.5 Term for contractual claims

Applicable exclusively to businesses: any claim arising from the contract or from the use of the Service must be made in writing, to office@64bits.it, within a maximum of 12 months from the date of occurrence of the event giving rise to liability. The term is below the legal limitation period of 3 years (Civil Code art. 2517) and is permitted in business-to-business relations.

Applicable exclusively to consumers: applicable legal terms (3 years limitation, 2 years for digital content conformity under GEO no. 140/2021) are not shortened by these Terms.

12. Indemnification

12.1 Customer’s indemnification obligation

The Customer undertakes to defend, indemnify and hold harmless the Operator, its affiliates, directors, employees, collaborators, sub-contractors and agents, against any claims, actions, demands, complaints, sanctions, fines, damages, costs (including reasonable attorneys’ fees) arising from or in connection with:

• Customer Content uploaded, transmitted or processed through the Service;
• breach of these Terms by the Customer or by its Users;
• infringement of third-party rights (including intellectual property rights, data protection rights, image rights);
• failure to comply with applicable laws (including tax, commercial, consumer protection, GDPR, anti-spam, AI Act);
• commercial communications transmitted through the Service in breach of Law 506/2004 (see 8.3);
• recording of video calls or meetings without compliance with information/consent obligations;
• fraudulent, abusive or out-of-scope use of the Service.

The Operator will promptly notify the Customer of any claim, will allow the Customer (upon request) to take over control of the defence (with counsel acceptable to the Operator) and will reasonably cooperate. The Customer will not enter into settlement agreements involving the recognition of obligations on the Operator without the Operator’s written consent.

12.2 Operator’s indemnification obligation — limited

Applicable exclusively to businesses.

In the case of formal claims by third parties asserting that the conformant use of the Service by the Customer infringes the intellectual property rights of those third parties, the Operator undertakes to defend the Customer, under the following cumulative conditions:

• the Customer notified the Operator promptly and in writing of the claim (within 10 days at most of receipt);
• the Operator has exclusive control over the defence and any settlements;
• the Customer reasonably cooperates and makes available the necessary information;
• the claim does not result from: use of the Service in older versions (after the Operator notified the update), unauthorised modifications, non-compliant configurations, combination of the Service with products or services not provided by the Operator, or Customer Content.

The Operator’s liability under this clause is subject to the cap provided in 11.3.

13. Suspension and termination

13.1 Customer’s unilateral termination

The Customer may unilaterally terminate the subscription at any time, by direct action in the account settings (cancel/terminate button), without penalty. Termination takes effect at the end of the current billing period; the Customer benefits from access until the expiry of that period.

Exception: individually negotiated enterprise contracts may provide minimum terms and specific termination conditions.

13.2 Suspension and termination by the Operator

The Operator may suspend or terminate the contract, as the case may be, in the following situations:

• non-payment at term — with prior notice of at least 7 days;
• serious breach of these Terms or of the AUP — with notice of 24-48 hours and granting a remediation term, where remediation is possible;
• immediate security risk or imminent legal risk — without prior notice, with after-the-fact communication;
• fraudulent, abusive or illegal use of the Service;
• insolvency, entry into insolvency proceedings, bankruptcy or dissolution of the Customer;
• prolonged inactivity of the account (see 13.3).

Termination for reasons attributable to the Customer does not give rise to any right to refund of amounts already paid.

13.3 Data retention and deletion

Upon termination of the contract (regardless of the cause):

• Customer Content remains accessible for export for 90 days from the date of termination, through the standard tools made available by the platform; the Customer has the obligation to export its data within this period;
• after expiry of the 90 days, data is irreversibly deleted from production systems, with the exception of data which the Operator has the legal obligation to retain (for example, invoices — 10 years under Romanian Accounting Law no. 82/1991; audit logs in accordance with specific compliance requirements);
• backups may contain data for an additional period of up to 35 days, after which they are rotated and deleted in accordance with the Operator’s backup policy.

Inactive account: accounts without significant activity for 6 consecutive months may be earmarked for full deletion. The Operator transmits a prior notification to the associated e-mail address, offering a reasonable term of at least 30 days for reactivation. In the absence of reactivation, the account and all associated data (with the exception of those retained in accordance with law) are fully deleted.

Quota exceedance: if Customer Content exceeds the limits of the chosen plan (for example, Drive storage capacity), the Operator transmits a prior notification and grants a reasonable remediation term (plan upgrade, selective deletion by the Customer). In the absence of remediation, the Operator may proceed with selective deletion of data exceeding the quota, starting with the oldest or least accessed, in accordance with criteria announced to the Customer.

13.4 Clauses surviving termination

The following clauses remain in force after termination of the contract, to the extent applicable:

• section 7 (use rights and IP);
• section 9 (data processing — within the limits of the DPA);
• section 11 (limitation of liability);
• section 12 (indemnification);
• section 15 (confidentiality);
• section 16 (general provisions, in particular applicable law and jurisdiction);
• any due financial obligation.

14. Force majeure

Neither party shall be liable for the failure to perform or for the defective performance of its contractual obligations if such is caused by an event of force majeure, within the meaning of Romanian Civil Code art. 1351 para. (2) — an external, unforeseeable, absolutely invincible and inevitable event.

By way of example and without limitation, the following constitute force majeure: natural disasters (earthquakes, floods, major fires), war, armed conflicts, acts of terrorism, embargo, decisions of public authorities making performance impossible, massive interruptions of internet infrastructure at national or regional level, massive cyberattacks beyond the parties’ reasonable control, massive or prolonged failures of essential third-party cloud services, pandemics with specific effects making performance impossible.

The affected party notifies the other party of the event within 5 days at most from its occurrence, indicating the nature, estimated duration and impact. Upon request, the affected party will present a force majeure certificate issued by the Romanian Chamber of Commerce and Industry (CCIR) or other relevant supporting document.

For the duration of the force majeure event, performance of affected obligations is suspended. If the event lasts more than 60 consecutive days, either party may terminate the contract by written notification, without penalty. Amounts paid in advance for unused periods are refunded proportionally.

15. Confidentiality

Applicable exclusively to businesses.

15.1 Definition

“Confidential Information” means any information, data, documents, plans, strategies, know-how, technical, commercial or financial materials exchanged between the parties in connection with the Service, regardless of form (verbal, written, electronic), whether or not marked as such, if it can reasonably be considered confidential.

15.2 Obligations

Each party undertakes to:

• keep the Confidential Information received confidential;
• not disclose such information to third parties, with the exception of permitted cases (lawyers, consultants, sub-contractors bound by confidentiality);
• use the information strictly for contractual purposes;
• exercise the same care as for its own confidential information, at least the care of a diligent professional.

15.3 Exceptions

The confidentiality obligation does not apply to information:

• already public at the time of disclosure or which subsequently becomes public without the fault of the receiving party;
• already known to the receiving party prior to disclosure, without confidentiality obligation;
• developed independently by the receiving party, without the use of the other party’s confidential information;
• disclosed with the written consent of the disclosing party;
• the disclosure of which is imposed by a legal obligation (court order, official request from competent authorities etc.); in this case, the obligated party will promptly notify the other party (to the extent permitted by law) and will disclose only the necessary minimum.

15.4 Duration

The confidentiality obligation remains in force for the entire duration of the contract and for a period of 3 years after termination. For information of strategic nature, trade secrets or sensitive data, the obligation remains in force 5 years after termination.

16. General provisions

16.1 Applicable law

These Terms and the relations between the parties are governed by Romanian law, with the exception of conflict of laws rules that would refer to other legislation.

16.2 Dispute resolution and jurisdiction

16.2.1 For businesses (B2B)

All disputes arising from or in connection with these Terms shall be settled by the courts having material and territorial competence at the Operator’s registered office. This jurisdiction clause is valid in accordance with Romanian Code of Civil Procedure art. 126 and EU Regulation no. 1215/2012 (Brussels I bis).

16.2.2 For consumers (B2C)

Disputes arising from relations with Consumers may be settled by the courts having competence at the Consumer’s domicile (mandatory clause under art. 17-19 EU Regulation no. 1215/2012; the Annex to Romanian Law no. 193/2000 qualifies any contrary clause as abusive). The Operator does not invoke these Terms in order to limit this right.

16.2.3 Alternative resolution for consumers (voluntary)

Consumers have available, optionally, alternative dispute resolution mechanisms:

• ODR Platform (Online Dispute Resolution) — EU Regulation no. 524/2013: https://ec.europa.eu/consumers/odr
• ADR Platform (Alternative Dispute Resolution) — Directive 2013/11/EU / Romanian GO no. 38/2015: https://sal.anpc.ro
• Notification of ANPC — https://anpc.ro

These mechanisms are voluntary; their use does not condition or replace the Consumer’s right to apply directly to court.

16.3 Prior negotiation (recommended, non-mandatory)

The parties agree, in the spirit of good faith, that, to the extent possible, they will attempt the amicable resolution of any dispute, by written notification to office@64bits.it, with a reasonable response term of 30 days. This procedure is not a mandatory prerequisite for court action and does not limit either party’s right to apply directly to the competent authorities.

16.4 Notifications

• To the Operator: official communications shall be transmitted to office@64bits.it. The Operator confirms receipt in a reasonably prompt manner.
• To the Customer: communications shall be transmitted to the e-mail address associated with the account and/or via in-app notification. Communications are deemed received at the time of transmission through the electronic system, except in cases of obvious delivery error.

The Customer has the obligation to keep up to date the e-mail address associated with the account. Communications transmitted to the indicated address are deemed validly notified.

16.5 Assignment

The Customer may not assign rights or obligations resulting from these Terms without the prior written consent of the Operator.

The Operator may assign its rights and obligations, in whole or in part, in the context of reorganisation, merger, division, business sale, change of control or other similar transactions, with reasonable prior notice to the Customer. The assignment will not prejudice the rights acquired by the Customer.

16.6 Severability

If a clause of these Terms is declared null, unenforceable or struck by nullity by a competent court or public authority, the remaining clauses remain in force and produce effects. The affected clause will be replaced with a valid clause that reflects as closely as possible the original intention of the parties, within the limits permitted by law.

16.7 Waiver

The non-exercise or delayed exercise of a right by a party does not amount to waiver of that right. Waiver of a right must be express, in writing, signed by the party waiving.

16.8 Versioning and archive

The Operator publishes successive versions of these Terms on the dedicated page, with the effective date. Previous versions remain archived and accessible to Customers for consultation.

16.9 Language

The Romanian version of these Terms is the official and prevailing version. Any translations into other languages are provided as a courtesy, without equal legal value. In case of discrepancy or interpretive divergence, the Romanian-language text shall prevail.

16.10 Entire agreement

These Terms, together with the Incorporated Policies referenced (Privacy Policy, Data Processing Agreement, Cookie Policy, Acceptable Use Policy, Annexes) and with any specific enterprise contract, constitute the entire agreement between the parties regarding the use of the Service and replace any prior agreement or understanding on the same subject.

17. Contact

For any question, request or notification in connection with these Terms or the Service, please use the unique contact address:

Official e-mail: office@64bits.it

Competent authorities:

• ANSPDCP — https://dataprotection.ro
• ANPC — https://anpc.ro
• ODR Platform — https://ec.europa.eu/consumers/odr
• ADR Platform — https://sal.anpc.ro

Annex A — Standard withdrawal form (Consumers)

Applicable exclusively to consumers, in accordance with Romanian GEO no. 34/2014, Annex I part B.

To BITS DIGITAL SOLUTIONS S.R.L. Electronic contact address: office@64bits.it

I hereby give notice of my withdrawal from the contract for the following service:

Service name: ____________________________________ Subscription plan: ____________________________________ Date of contract conclusion (date of paid subscription activation): ____________ Date of first effective use (if applicable): ____________

Consumer’s name: ____________________________________ Consumer’s address: ____________________________________ E-mail address associated with the account: ____________________________________

Consumer’s signature (only if this form is sent on paper): ____________

Date: ____________

The completed form may be transmitted by e-mail to office@64bits.it.

Annex B — Acceptable Use Policy (AUP)

The full Acceptable Use Policy is published as a separate document and is incorporated by reference into these Terms:

Acceptable Use Policy (AUP) — full version

The AUP details: prohibited content and activities, rules for commercial communications (Law 506/2004), rules for recordings (calls, video, chat), account security obligations, AI usage rules, violation reporting, sanction levels (warning → suspension → termination) and the indemnification obligation.

Acceptance of these Terms implies acceptance of the AUP in the version published at the time of acceptance. AUP modifications are notified in accordance with the mechanisms set out in the AUP.

20. Pre-contractual information for Consumers (GEO 34/2014 art. 6)

Applicable exclusively to consumers.

This information is displayed to the Consumer before the conclusion of the contract and is deemed accepted together with the T&C, in accordance with art. 6 GEO 34/2014.

Closing note

Application in BETA stage. The disclaimer regarding the BETA stage is a structural feature of the document and protects the Operator against claims based on typical defects of software in development. This disclaimer cannot be invoked to justify wilful misconduct, gross negligence, legal violations or abusive practices — which remain subject to full liability.

Related documents:

• Privacy Policy
• Data Processing Agreement (DPA)
• Acceptable Use Policy (AUP)
• Cookie Policy

End of Terms and Conditions — version 1.0 — 03 May 2026.

The Romanian-language version is the official and prevailing version. This English version is a courtesy translation.