Terms and Conditions and Data Privacy Agreement

This Terms and Conditions and Data Privacy Agreement (hereinafter the "Agreement") is effective as of the date of the last signature between:

Pacific Smoke International Inc., a corporation organized under the laws of Ontario

Canada, with its office located at 2930 14th Ave. Markham, Ontario, L3R 5Z8 ("Distributor"), and

You, a legal entity organized under the laws of the location registered within the Distributor’s system (hereinafter the "Retailer").

Collectively, hereinafter, the Distributor and Retailer will be referred to as the "Parties".

Purpose

This Agreement governs the collection, sharing, use, and protection of Point of Sale (POS) data (hereinafter the "POS Data") shared between the Parties as part of the POS Data Sharing Program (hereinafter the "Program"). The Parties agree to comply with all

applicable data privacy and security laws and to safeguard the confidentiality, integrity, and availability of the POS Data in accordance with all applicable regulations.
Definitions
- POS Data: Information generated from the Retailer’s POS systems, including but not limited to sales transactions, product details, pricing, and timestamps.
- Personal Data: Any information relating to an identified or identifiable natural person, as defined under applicable data protection laws.
- Data Breach: Any loss of, unauthorized access to, unauthorized disclosure of Personal Data, alteration, loss, or unintended destruction of POS Data.
Scope of Data Sharing
1. The Retailer agrees to provide the Distributor with access to its POS Data as part of the Program for the purposes of inventory management, sales analytics, demand forecasting, new product development, promotional program development, and enhancing Retailer
  
  incentives. The Retailer also agrees that POS Data may be included in aggregate
  
  anonymized market summary information that will only be used internally by the Distributor and/or presented in a report exclusively to Retailers participating in the Program.
2. The Distributor shall only use POS Data for the purposes explicitly agreed upon herein by the Parties and shall not be used for any other purpose without prior written consent from the Retailer.
3. POS Data for the purpose of the Program, will only be collected via official API/App provided to the Retailer directly by the Distributor, and/or to be downloaded via POS API/APP stores or marketplaces.
4. To remain eligible for any incentives associated with the Program, the Retailer must maintain active transmission of its POS Data to the Distributor via the designated API/APP. In the event that the Retailer removes the API/APP and/or ceases such data transmission, the Retailer shall immediately forfeit all rights to any Program-related incentives, analytics, and market data.
Data Privacy Obligations
1. Compliance with Laws: The Parties shall comply with all applicable Federal and
  
  Provincial data protection and privacy laws, in connection with the collection, processing, and any sharing of POS Data.
2. Personal Data: The Distributor will neither request sharing nor access any of the Retailer’s Personal Data as part of the Program.
3. Data Minimization: The Retailer shall only share relevant POS Data necessary to
  
  achieve the purposes of the Program, and only through the agreed upon API/Application.
Data Security Obligations
1. Security Measures: The Parties shall implement and maintain reasonable
  
  administrative, technical, and physical safeguards to protect POS Data from unauthorized access, use, or disclosure. These measures include, but are not limited to:
  - Encryption of POS Data in transit and at rest;
  - Access controls limiting data access to authorized personnel only;
  - Regular security assessments and updates to systems handling POS Data.
2. Data Breach Notification: In the event of a Data Breach, the affected Party shall:
  - Notify the other Party immediately, but no later than 48hrs after discovering the breach;
  - Provide details of the breach, including its scope and impact, including any future updates as they become known;
  - Provide reasonable assistance, comply, and co-operate with any audit, investigation, court order, or litigation;
  - Take reasonable steps to mitigate the breach and prevent recurrence.
Ownership and Intellectual Property
1. The Retailer retains ownership of all POS Data shared with the Distributor under this Agreement.
2. The Distributor is granted a limited, non-exclusive, non-transferable license to use the POS Data solely for the purposes of the Program during the term of this Agreement.
Confidentiality
1. The Parties agree to treat POS Data as confidential and shall not disclose it to any third party without prior written consent of the other Party, except as required by law or governmental agency.
2. This obligation shall survive the termination of this Agreement for a period of 5 years unless otherwise required by applicable laws.
Term and Termination
1. This Agreement shall commence on the date of execution and can be terminated by either Party by providing thirty (30) days written notice.
2. In the event that the Retailer turns off POS Data transmission via the API/APP, the Retailer shall immediately forfeit all rights to any Program-related incentives, analytics, and market data, unless otherwise agreed upon in writing between the Parties.
3. Upon termination of this Agreement, the Distributor shall cease using the Retailer’s POS Data and, unless otherwise directed in writing, securely destroy all the Retailer’s POS Data in its possession within sixty (60) days.

G. Liability and Indemnification

The Retailer shall indemnify and hold harmless the Distributor from any and all claims, damages, or losses arising from its breach of this Agreement or violation of any applicable data protection laws.
Neither Party shall be liable for indirect, consequential, or punitive damages arising from this Agreement.

Miscellaneous
1. Governing Law: This Agreement shall be governed by and construed in accordance with the laws of Ontario, Canada.
2. Dispute Resolution: Any disputes arising under this Agreement shall be resolved through arbitration with a mutually agreed upon arbitrator in Ontario.
3. Amendments: This Agreement may only be amended in writing signed by both Parties.
4. Entire Agreement: This Agreement constitutes the entire understanding between the Parties regarding the subject matter herein and supersedes all prior agreements.

Terms and Conditions and Data Privacy Agreement

Pacific Smoke International Inc., a corporation organized under the laws of Ontario

You, a legal entity organized under the laws of the location registered within the Distributor’s system (hereinafter the "Retailer").

Purpose

Definitions

POS Data: Information generated from the Retailer’s POS systems, including but not limited to sales transactions, product details, pricing, and timestamps.

Personal Data: Any information relating to an identified or identifiable natural person, as defined under applicable data protection laws.

Data Breach: Any loss of, unauthorized access to, unauthorized disclosure of Personal Data, alteration, loss, or unintended destruction of POS Data.

Scope of Data Sharing

Data Privacy Obligations

Compliance with Laws: The Parties shall comply with all applicable Federal and

Personal Data: The Distributor will neither request sharing nor access any of the Retailer’s Personal Data as part of the Program.

Data Minimization: The Retailer shall only share relevant POS Data necessary to

Data Security Obligations

Security Measures: The Parties shall implement and maintain reasonable

Data Breach Notification: In the event of a Data Breach, the affected Party shall:

Ownership and Intellectual Property

Confidentiality

Term and Termination

G. Liability and Indemnification

Miscellaneous

Governing Law: This Agreement shall be governed by and construed in accordance with the laws of Ontario, Canada.

Dispute Resolution: Any disputes arising under this Agreement shall be resolved through arbitration with a mutually agreed upon arbitrator in Ontario.

Amendments: This Agreement may only be amended in writing signed by both Parties.

Entire Agreement: This Agreement constitutes the entire understanding between the Parties regarding the subject matter herein and supersedes all prior agreements.