TERMS OF USE OF THE AFFLU WEBAPP

1. DEFINITIONS

“Afflu” means AFFLU S.r.l., with registered office at Piazza Santiago del Cile No. 8, 00197 Rome (RM), VAT No. 18294811007.

“WebApp” or “Dashboard” means the web application accessible at app.afflu.eu.

“User” means the natural person who creates or uses an Account on the WebApp.

“Organization” means the company or entity on whose behalf the User accesses the WebApp.

“Account” means the credentials and User profile created through registration or assigned by Afflu.

“Agreement” means any separate written or electronic agreement governing services provided by Afflu.

2. SUBJECT MATTER AND SCOPE OF APPLICATION

These Terms govern the registration for, access to, and use of the WebApp.

The WebApp is intended exclusively for subjects operating for professional purposes (B2B) and may only be used by users who have reached the age of majority.

Where an Agreement is entered into between Afflu and the User or Organization, such Agreement shall prevail over these Terms in the event of any conflict.

The User represents that it accesses and uses the WebApp exclusively for professional purposes.

The User acknowledges that it is not acting in the capacity of a consumer pursuant to applicable consumer protection laws.

Afflu reserves the right to verify the User's professional status and to refuse or revoke access.

These Terms do not govern the provision of affiliate marketing or consulting services, which remain subject to any Agreement between the parties.

3. ACCEPTANCE OF THE TERMS

By creating an Account, the User declares that it has read, understood, and fully accepted these Terms.

For Users already bound by an Agreement with Afflu, access to the WebApp constitutes use of the tools provided under such Agreement.

Acceptance occurs through a specific affirmative action and, where required by law, through separate approval of the clauses indicated in Article 17.

4. REGISTRATION AND PRE-CONTRACTUAL NATURE

The User may request creation of an Account by entering required data in the registration procedure.

Registration to the WebApp:

• does not result in the conclusion of any contract;
• does not entail the automatic activation of any services;
• does not confer any right to access WebApp functionalities.

The Account may be marked as “under review” or “pending” and shall remain inactive until approved by Afflu.

Registration constitutes a request by the User to be assessed for a possible professional collaboration with Afflu.

Afflu may contact the User using data provided during registration for: account checks, approval phase management, proposal of an introductory call, presentation of services offered, and possible commencement of the contracting process.

Such communications fall within pre-contractual steps at the request of the data subject pursuant to Article 6(1)(b) GDPR and do not constitute marketing communications.

Registration and acceptance of these Terms do not constitute an offer to the public or a contractual acceptance by Afflu.

If the assessment phase is not completed within a reasonable period, Afflu reserves the right to reject or delete the Account without further notice.

Non-approval of the Account shall not give rise to any right, claim, or legally protected expectation.

5. APPROVAL, REJECTION, AND ACCOUNT STATUS

Afflu reserves the right, at its sole discretion, to approve the Account, reject the registration request, or suspend/delete the Account, without any obligation to state reasons, without prejudice to mandatory obligations under applicable law.

While the Account is in “under review” status, the User shall not be able to access WebApp functionalities.

6. ACCOUNT AND CREDENTIALS

The User shall be responsible for: the truthfulness and completeness of data provided; the safekeeping of access credentials; all activities carried out through its Account.

The User undertakes to keep credentials confidential and to promptly notify Afflu of any unauthorized use.

Accounts are personal and non-transferable.

Where the User acts on behalf of an Organization, it represents that it is authorized to act in the name and on behalf of the same.

Afflu reserves the right to request additional information to verify professional status. Failure to respond may result in suspension or rejection.

Where API keys or tokens are used, the User acknowledges that: such credentials may be managed by Afflu on behalf of the User; credentials are treated as confidential and protected by encryption; Afflu does not store credentials in plain text except where strictly necessary for technical purposes; the User remains responsible for its relationship with third-party providers.

The User undertakes to use adequately secure credentials and not to reuse passwords from other services.

7. PERMITTED USE OF THE WEBAPP

The User undertakes to use the WebApp in compliance with applicable laws, these Terms, and any Agreement.

The following are expressly prohibited:

• attempting unauthorized access;
• circumventing security measures;
• interfering with WebApp operation;
• using malware or unauthorized automated tools;
• carrying out mass scraping;
• engaging in unlawful or fraudulent activities.

The User undertakes not to compromise the security, stability, or integrity of Afflu's IT systems or those of third parties.

The User undertakes not to use the WebApp for purposes other than professional purposes, nor for testing, reverse engineering, or unauthorized analysis of systems.

8. COMMUNICATIONS

Afflu may send communications relating to Account management, including:

• registration confirmation;
• account status;
• technical and security communications;
• password reset;
• pre-contractual phase communications.

Such communications do not constitute marketing and do not require separate consent.

Any additional promotional communications shall be sent only with the User's prior consent where required by applicable law.

9. PERSONAL DATA

Processing of personal data is governed by the Privacy Policy available on the WebApp.

Afflu adopts appropriate technical and organizational measures pursuant to Article 32 GDPR, including:

• encryption of data in transit;
• encryption of data at rest;
• protection of credentials;
• access control.

Personal data are retained for the time necessary to achieve the purposes for which they were collected and thereafter deleted or anonymized.

Accounts that are not approved may be deleted or anonymized by Afflu in accordance with internal criteria and applicable data protection legislation.

10. INTELLECTUAL PROPERTY

The WebApp, software, interface, design, trademarks, and content are the exclusive property of Afflu or their respective owners.

The User is granted a limited, non-exclusive, non-transferable, and revocable right of use solely for the purposes set out in these Terms and any Agreement.

11. SUSPENSION AND DEACTIVATION

Afflu may suspend or deactivate the Account in the event of:

• breach of these Terms;
• security risks;
• legal obligations;
• prevention of abuse or fraud.

Unapproved Accounts may be deleted at any time.

12. SERVICE AVAILABILITY

The WebApp is provided “as is” and “as available”.

Afflu does not guarantee:

• uninterrupted continuity of the service;
• absence of errors;
• achievement of economic results.

Afflu may at any time:

• temporarily suspend access;
• carry out maintenance;
• update or modify functionalities.

Certain functionalities may be based on integrations with third-party services including affiliate networks. Access to such functionalities is governed by separate agreements between the User and Afflu and/or the terms of relevant third-party providers.

13. LIMITATION OF LIABILITY

Except in cases of willful misconduct or gross negligence, Afflu shall not be held liable for:

• indirect or consequential damages;
• loss of profit or opportunity;
• malfunctions not directly attributable to Afflu;
• interruptions caused by third parties.

In any event, Afflu's total liability shall be limited to any amounts paid by the User in the 12 months preceding the harmful event.

Afflu shall not be held liable for loss of data except in cases of willful misconduct or gross negligence, nor for failure to retain data beyond the technical and operational limits of the WebApp.

14. AMENDMENTS TO THE TERMS

Afflu reserves the right to amend these Terms for legal, technical, or organizational reasons.

Any amendments shall be published on the WebApp with the relevant update date.

15. GOVERNING LAW AND JURISDICTION

These Terms shall be governed by Italian law.

Any dispute shall be subject to the exclusive jurisdiction of the Court of Rome, without prejudice to any mandatory applicable provisions of law.

16. LANGUAGE VERSIONS

These Terms may be available in multiple languages. In the event of any discrepancy between language versions, the Italian-language version shall prevail and be controlling for interpretative purposes.

17. SPECIFIC APPROVAL

Pursuant to Articles 1341 and 1342 of the Italian Civil Code, the User declares that it has read and expressly approves the following clauses:

• Article 4 (Pre-contractual nature and contacts)
• Article 5 (Approval and rejection of the Account)
• Article 11 (Suspension and deactivation)
• Article 12 (Service availability)
• Article 13 (Limitation of liability)
• Article 15 (Jurisdiction)

18. CONTACTS

For information: info@afflu.eu

For privacy requests: privacy@afflu.eu

19. DATA PROCESSING AGREEMENT (DPA)

Where the User or Organization acts as data controller and Afflu processes personal data on its behalf, Afflu shall act as data processor pursuant to Article 28 GDPR.

In such cases, processing is governed by Annex A (Data Processing Agreement), which forms an integral part of these Terms. By accepting these Terms, the User also accepts the Data Processing Agreement.

ANNEX A – DATA PROCESSING AGREEMENT (DPA)

Last updated: 26/03/2026

1. ROLES OF THE PARTIES

The User or Organization acts as data controller (“Controller”). Afflu S.r.l. acts as data processor (“Processor”). Afflu acts as independent data controller for data processed for registration, account management, platform security, and pre-contractual phase management.

2. SUBJECT MATTER AND PURPOSE OF THE PROCESSING

Afflu processes personal data exclusively to: enable access to and use of the WebApp; manage technical functionalities; support performance of services under the Agreement; ensure security, stability, and integrity of systems.

3. DURATION OF THE PROCESSING

Processing continues for the period during which the Controller uses the WebApp and, where applicable, the term of the Agreement. Upon termination, data shall be deleted or anonymized unless retention is required by law.

4. TYPES OF DATA AND DATA SUBJECTS

Types of data: identification data (name, surname); contact data (email); technical data (logs, timestamps, identifiers); data relating to use of the platform.

Categories of data subjects: users of the WebApp; Controller's collaborators; any persons involved in activities managed through the platform.

5. OBLIGATIONS OF AFFLU (PROCESSOR)

Afflu undertakes to:

• process personal data solely on documented instructions of the Controller;
• ensure persons authorized to process data are bound by confidentiality;
• adopt appropriate technical and organizational measures pursuant to Article 32 GDPR (including data encryption, access control, credential protection, monitoring systems);
• assist the Controller in complying with GDPR obligations;
• notify the Controller of any personal data breach without undue delay;
• ensure processing complies with applicable law.

6. SUB-PROCESSORS

The Controller authorizes Afflu to engage third-party providers for the provision of services, such as:

• cloud and hosting services;
• technical infrastructure;
• database management;
• communication services.

Afflu undertakes to:

• select sub-processors providing adequate guarantees;
• bind them by agreements compliant with Article 28 GDPR;
• remain responsible for their activities.

7. DATA TRANSFERS

Where personal data are transferred outside the EEA, Afflu guarantees compliance with Articles 44 et seq. GDPR through Standard Contractual Clauses, adequacy decisions, or other applicable mechanisms.

8. RIGHTS OF DATA SUBJECTS

Afflu shall assist the Controller in handling data subject requests relating to:

• access;
• rectification;
• erasure;
• restriction;
• portability;
• objection.

Where Afflu receives a request directly, it shall forward it to the Controller without responding independently, unless required by law.

9. RETURN AND DELETION OF DATA

Upon termination, Afflu shall delete or anonymize personal data, except where retention is required by law, it being understood that residual copies may temporarily remain in backup systems.

10. AUDITS AND INFORMATION

Afflu shall make available reasonable information to demonstrate compliance with this DPA. Audit requests must be proportionate, reasoned, and compatible with system security and other customers' interests.

11. LIABILITY

Afflu's liability is limited as provided in the WebApp Terms and any Agreement between the parties.

12. PREVAILING EFFECT

In the event of conflict between this DPA and the Terms, this DPA shall prevail with respect to matters relating to the processing of personal data.