Welcome

The EGT Codex

Terms of Service & Privacy Policy

Version 18 · Effective Date: the date this Version is published.

Table of Contents

• PREAMBLE — Purpose and Vision (Non-Operative)
• Part 1 — Foundations
• Part 2 — Universal Terms
• Part 3 — Privacy & Data
• Part 4 — Fees & Growth Rate
• Part 5 — Buyer Terms
• Part 6 — Seller / Merchant Terms
• Part 7 — Developer / App Artisan
• Part 8 — Confidentiality & Trade Secrets
• Part 9 — Intellectual Property
• Part 10 — Competequo
• Part 11 — HIPAA Schedule
• Part 12 — Warranties & Limitation of Liability
• Part 13 — Indemnification
• Part 14 — Governance & Disputes
• Part 15 — Enforcement
• Part 16 — General Provisions
• Schedule — Growth Rate / Pricing

PREAMBLE — Purpose and Vision

(Non-Operative)

Status of this Preamble — please read first. This Preamble — including every statement of mission, vision, values, purpose, and aspiration set out in it — is provided for context and understanding only. It is not part of the Operative Terms. It does not create, and shall not be construed to create, any contractual obligation, representation, warranty, guarantee, or condition. The statements in this Preamble are statements of purpose and aspiration; they are not promises, representations, or warranties, and they confer no rights and impose no duties on any person. They may be used to understand the intent behind the Operative Terms, but they do not by themselves bind anyone. In the event of any inconsistency between this Preamble and the Operative Terms, the Operative Terms govern. "Operative Terms" has the meaning given in Section 1.1, and identifies the only provisions of this Codex that are binding (Parts 1 through 16).

What this is. The EGT Codex is a single, shared agreement — one place where EGT and the people it serves can understand how they stand together. EGT is more than any one product: we build tools, we create entertainment, we offer goods and services, and we help people. The Universe Platform is one part of that work. We have tried to write this Codex to be modern, clear, and concise, so that whichever part of EGT you use, you can find and understand the terms that apply to you.

What EGT is for. Our purpose is to help people live their best life and pursue their dreams. We strive to give people hope — and the means — to build, to create, to be entertained, to learn, and to be helped. We want to let a person start a brand, open a storefront, gather a community, tell a story, make a living, and reach the world, and to be the ground beneath that work rather than a toll upon it. We aspire to a place where a person with an idea and the will to pursue it is not held back by the cost or the complexity of the tools, and where the people they serve are treated with care. We believe we are here to help make a world worth living in, and we strive to make the seemingly impossible possible.

What we strive toward. We strive to deal plainly, and to leave those we serve freer than we found them. We aspire to grow as those who build and create with us grow, and to measure our success by theirs. We strive to be steady, to be honest about our limits, and to earn the trust placed in us.

Our values. We hold that dignity, honesty, and fair dealing are worth more than any single transaction; that communities are built on respect; that the people who create, the businesses they start, and the people they serve are the heart of what we do; and that EGT is at its best when it lifts up the people who use it. These are the values we strive to live by. They are aspirations that guide us — not terms that bind you. The conduct that is actually required, and the conduct that is actually prohibited, is set out as enforceable rules in the Operative Terms (in particular, Part 2). Where this Preamble speaks of what we hope to be, the Operative Terms speak of what we and you agree to do; only the Operative Terms govern.

This instrument is the agreement. Although it carries a name of its own, this Codex is the Terms of Service and the Privacy Policy of The EGT Universe, LLC, which does business as EGT, and it governs EGT's products and services, including The Universe Platform. The binding agreement is the Operative Terms that follow.

Part 1 — Foundations

This Part is Operative. It binds everyone who uses the Services.

This Part establishes the defined vocabulary of the Codex, the Roles by which the Codex applies to you, how you accept it, how conflicts within it are resolved, and how it changes over time.

1.1 Definitions

In this Codex, a capitalized term has the meaning given to it below or where it is otherwise expressly defined. A term that is defined controls over its ordinary meaning. One concept carries one defined term throughout; the same word is not used for two concepts.

1. "Codex" and "Agreement" mean this instrument, The EGT Codex, in the Version identified on its face, together with all Parts and Schedules incorporated into it.

2. "Operative Terms" means Parts 1 through 16 of this Codex and all Schedules incorporated into them, except the Preamble and any item that is expressly labeled non-operative (including plain-language summaries and illustrative examples). Only the Operative Terms are binding.

3. "Company," "EGT," "we," "us," and "our" mean The EGT Universe, LLC, a limited liability company organized under the laws of the State of Ohio, doing business as "EGT."

4. "The Universe Platform" (also "The Universe") means the Company's multi-tenant software, commerce, and creation platform. "Service" and "Services" mean all of the products, services, features, applications, tools, games, software, storefronts, marketplaces, entertainment, goods, and assistance the Company offers under the EGT brand, including The Universe Platform, except to the extent separate terms are expressly stated to apply to a particular product or feature.

5. [Reserved.]

6. "Account" means the credentialed access through which a person uses the Services as a registered user.

7. "User" and "Account Holder" mean a person who holds an Account.

8. "Visitor" means a person who accesses the Services without an Account.

9. "Buyer" means a person who acquires, or seeks to acquire, a product or service through the Services.

10. "Seller" and "Merchant" mean a person who lists, offers, or sells a product or service through the Services. These two words have the same meaning.

11. "Developer" and "App Artisan" mean a person who participates in the App Artisan Program or who builds on, extends, or accesses the Company's code, tools, or platform under Part 7. These two words have the same meaning.

12. "Covered Entity" means a User that is a covered entity or business associate within the meaning of HIPAA and that opts in to the HIPAA Schedule (Part 11) by executing a Business Associate Agreement.

13. "Role" means a capacity in which a person uses the Services — Visitor, User / Account Holder, Buyer, Seller / Merchant, Developer / App Artisan, or Covered Entity — determined by that person's conduct and status rather than by any election or checkbox. A person may hold more than one Role at the same time, in which case the applicable Parts bind that person cumulatively.

14. "Content" means anything a User provides, submits, uploads, records, posts, or transmits through the Services.

15. "Buyer Data" means personal data of a Buyer that is collected through the Services in connection with a purchase or prospective purchase.

16. "Confidential Information" has the meaning given in Part 8.

17. "Growth Rate" means the Company's transactional take-rate by category, as defined operatively in Part 4 and stated in the Schedule — Growth Rate / Pricing.

18. "Assent" means a person's agreement to this Codex, given by an affirmative click and/or manifested by accessing or using the Services, as described in Section 1.3. Assent is not tied to a numbered Version.

19. "Version" means the sequential version identifier assigned to a published edition of the Codex, as described in Section 1.5.

20. "Effective Date" means the date on which a Version takes effect, as recorded in the Change Log.

21. "Change Log" means the maintained, public record of Versions, their Effective Dates, and a summary of what changed in each Version.

22. "Code of Authority" means the Company's internal, good-faith, time-boxed dispute-resolution and grievance process that is a condition precedent to arbitration or court proceedings, as established in Part 14.

23. "Schedule" means a structured exhibit incorporated into the Codex, including the Schedule — Growth Rate / Pricing.

24. "Notice" means a communication given as described in Section 16.5, by email to the address associated with an Account and/or by a conspicuous in-product message.

25. "Including" means "including, without limitation," and any list or example introduced by it is illustrative and not exhaustive, as stated in Section 1.7.

26. "Competequo" means the Company's anti-circumvention doctrine, anchored on the Company's intellectual-property, confidentiality, trade-secret, and data-control rights, as established in Part 10.

27. "Minor" means a person who has not reached the age of eighteen (18), or the greater age of majority where that person resides. A "Minor" includes both a Child and a Teen as those terms are defined below.

28. "Child" means a Minor under the age of thirteen (13), or under the higher age that applicable law sets for the processing of that person's personal data with parental consent. This is the population to whom the Children's Online Privacy Protection Act and its implementing rule (together, "COPPA") apply.

29. "Teen" means a Minor who is at least thirteen (13) and not yet eighteen (18). A Teen is a regulated population under this Codex, as Section 2.7 and Section 3.7 provide, and is not treated as an unregulated User merely because COPPA's under-thirteen threshold does not reach the Teen.

30. "Parent" means a parent or legal guardian who establishes and manages a Family Account for a Child or a Teen, who is responsible for that Minor's use of the Services, and who gives and may withdraw the consents this Codex requires for that Minor. A Parent is the Account Holder and the contracting party for a Family Account.

31. "Family Account" and "Family Group" mean the Parent-managed account structure through which a Parent links one or more Child or Teen members to the Parent's own Account, sets the Parental Controls that apply to each Minor, and serves as the controlled exception to the minimum-age requirement in Section 2.1, as Section 2.7 provides. These two terms have the same meaning.

32. "Parental Controls" means the controls the Company makes available to a Parent to manage a Minor's use of the Services, including the Ask-to-Buy approval, the Allowance, content and age-band gating, communication approval, and time controls described in Section 2.7 and Part 5.

33. "Content Rating" means the age band and the content descriptors that result from a Seller's completion of the Company's rating questionnaire for a product, application, experience, or other surface offered through the Services, as Section 6.9 provides. A Content Rating is an attestation by the Seller — it is rated by the Seller — and is not a representation or warranty by the Company.

34. "Age Band" means an age range, at least two (2) years wide, used to describe the audience for which a surface is suitable, or the age range a User is assured to fall within, expressed as a band rather than as a date of birth. The Company works from an Age Band, and not from a Minor's date of birth, wherever an Age Band is sufficient for the purpose.

35. "Family-Safe Certification" means a current Content Rating, given by a Seller and reasonably relied on by the Company, by which a surface is attested to be suitable for a Minor of a stated Age Band and to be free of the hard-gated content described in Section 6.9. Family-Safe Certification governs only whether a surface is served to a Minor; it does not determine whether the surface is available to adults.

36. "Allowance" means a spending cap a Parent sets for a Minor — a ceiling, settable to zero, on the amount the Minor may spend against the Parent's funding source within a period, as Section 5.5 provides. An Allowance is a cap on approved spending; it is not a stored, pre-loaded, or redeemable balance, and it is not a gift card, prepaid account, or other stored-value instrument.

37. "Coarse Location" means a low-precision location anchor — such as a city, a postal code, or a wide geographic area deliberately broader than the precise-geolocation thresholds set by applicable law — that is set once by a Parent for a bounded purpose. Coarse Location does not include precise geolocation, real-time location, or any continuous or background tracking of a Minor's location.

1.2 Roles and Applicability

1. Roles are determined by conduct. Your Role or Roles are determined by how you use the Services and your status, not by any label you select. A person who lists or sells through the Services is a Seller, whether or not that person calls itself one; a person who acquires a product or service is a Buyer; and so on for each Role defined in Section 1.1.

2. Your Role or Roles determine which Parts bind you. The general Parts bind every User and Visitor as stated below. Each Role-specific Part binds you only while, and to the extent that, you act in the corresponding Role. If you hold more than one Role, every applicable Part binds you cumulatively.

3. Applicability map. The following map is provided as a navigation aid only. It does not enlarge or reduce the operative scope set out in this Section; where the map and the operative text differ, the operative text governs.

| Role | Parts that apply | | --- | --- | | Visitor | Preamble (non-operative), Part 1, Part 2, Part 3, and Part 16, plus Parts 12, 13, 14, and 15 to the extent a claim, dispute, or enforcement matter concerns the Visitor. | | User / Account Holder | The above, plus Part 4 to the extent the User transacts. | | Buyer | The above, plus Part 5 (including the Part 4 subscription terms where the Buyer subscribes). | | Seller / Merchant | Parts 1–4 and 16, plus Part 6 and Part 8, and Parts 12, 13, 14, and 15. | | Developer / App Artisan | Parts 1–4 and 16, plus Part 7 and Part 8, and Parts 12, 13, 14, and 15. | | Covered Entity | The Parts applicable to that person's other Roles, plus Part 11 (HIPAA Schedule), upon opt-in. |

Parts 9, 10, 12, 13, 14, and 15 apply to every person, including a Visitor, to the extent their subject matter concerns that person. In particular, Parts 12 (limitation of liability), 13 (indemnification), 14 (governance and disputes, including the arbitration agreement and the class-action waiver), and 15 (enforcement) apply to everyone to the extent a claim, dispute, or enforcement matter concerns them; the row for a Role above does not narrow that application, and where the map and this catch-all differ, this catch-all and the operative text govern. Each Part is separately anchored so that a Role-specific reference within the Services can resolve to it.

1.3 Acceptance and Assent

1. Affirmative acceptance. You accept this Codex by affirmatively agreeing to it through a clickwrap mechanism — for example, by selecting an unchecked control next to a statement such as "I have read and agree to The EGT Codex (the Terms of Service)." This control is presented at login and at account creation.

2. Acceptance by use; every person is bound. Every person who accesses or uses any EGT surface or Service — including every Visitor — accepts and is bound by this Codex. EGT surfaces display a conspicuous notice that using the Services means you accept this Codex (the Terms of Service and Privacy Policy), and the Company also obtains an affirmative click acceptance at login and at checkout. By accessing or using the Services, you agree to this Codex; if you do not agree, you must not access or use the Services. The Company presents this notice conspicuously and adjacent to the point at which a person accesses or uses the Services, so that a reasonably prudent person would see it before proceeding. For every term other than those identified in Section 1.3(3), a person's act of accessing or using the Services after that notice is that person's unambiguous manifestation of assent to this Codex. Acceptance by use binds you to the Operative Terms that apply to your Role or Roles, as Section 1.2 provides.

3. Terms that take effect only with your affirmative agreement. Certain terms take effect only with your affirmative agreement, and not by use alone. These are: the arbitration agreement and the class-action waiver in Part 14, which take effect subject to your thirty (30) day right to opt out under Section 14.5; a substantial increase in the price of a paid subscription, as defined in Section 4.4; and a change that tightens subscription sharing for an existing subscriber under Section 4.8. As to these terms, the general acceptance-by-use rule in Section 1.3(2) does not apply, and the Company does not treat your access, use, continued use, or silence as agreement to them. An ordinary price increase that is not substantial takes effect on advance Notice and your continued use, as Section 4.4 provides; it is not one of the terms listed in this Section.

4. Record of acceptance. The Company keeps records of acceptance events — the login or account-creation click, the checkout acceptance, and the date and context — as evidence of agreement. Acceptance is also manifested by use; these records are a record of agreement, not the only basis for it.

1.4 Order of Precedence

If two provisions of this Codex conflict, the conflict is resolved in the following fixed order, applied to the subject matter in question:

1. The HIPAA Schedule (Part 11) and the Business Associate Agreement control over all other Parts with respect to protected health information, including the liability figures stated in BAA Section 9.2, which control over the general liability limits.

2. A Role-specific Part or product Schedule controls over the general Operative Terms with respect to its subject matter.

3. The general Operative Terms control otherwise.

4. The Preamble and any summary are subordinate to all Operative Terms and never override them.

5. Any external policy incorporated by reference is incorporated to a specific Version or URL and yields to the Operative Terms on conflict, unless the Operative Terms expressly state otherwise.

1.5 Changes and Versioning

1. Version, Effective Date, Change Log. Each published edition of the Codex carries a sequential Version number and an Effective Date, and is accompanied by a maintained, public Change Log summarizing what changed in that Version. These records identify the Codex and what changed in it; they do not tie your acceptance to a numbered Version, which is governed by Section 1.3.

2. How a change takes effect. The Company may modify this Codex. It posts the modified Codex and, for a material change — including any change to fees, to the dispute or arbitration provisions, to the intellectual-property license, or to any term that is materially adverse to you — it gives at least thirty (30) days' advance Notice. Except for the changes identified in Section 1.5(3), your continued access or use of the Services after a change takes effect is your acceptance of the change.

3. Changes that require affirmative agreement. Some changes take effect only with your affirmative agreement, and not by continued use. A substantial increase in the price of a paid subscription requires that subscriber's affirmative consent, as Section 4.4 provides; an ordinary price increase takes effect on advance Notice and your continued use, as Section 4.4 provides, and is not a change governed by this Section. A change that tightens subscription sharing for an existing subscriber requires affirmative consent, as Section 4.8 provides. A material change to the arbitration agreement or the class-action waiver in Part 14 requires affirmative agreement consistent with Section 1.3(3); such a change applies only prospectively and does not affect a dispute that has already accrued or of which the Company has notice, as Section 14.5 provides. A change to the arbitral administrator, the arbitrator-selection mechanics, the applicable rules, or the seat that is not adverse to you is not a material change and takes effect on Notice under Section 1.5(2). As to the changes that require affirmative consent or agreement under this Section, the Company does not treat your continued use or your silence as agreement.

4. Non-material changes; archived versions. A non-material change takes effect upon posting and is recorded in the Change Log. The Company archives every prior Version immutably, so that the Change Log and the Company's records establish the terms in effect at a given time.

1.6 Summaries and Headings

1. Summaries are subordinate. Any plain-language summary, "gist," or similar convenience note that accompanies a provision is for convenience and understanding only. It is not part of the Operative Terms and does not modify them. If a summary and an Operative Term differ, the Operative Term governs. A summary is version-locked to the provision it describes and is intended to be substantively accurate.

2. Headings are not operative. Headings, titles, captions, and the Table of Contents are provided for convenience and navigation only. They do not affect the meaning or interpretation of any Operative Term.

1.7 Interpretation

1. "Including" is non-limiting. The word "including" means "including, without limitation." Every list, illustration, or example in the Operative Terms is illustrative and does not limit the general rule it accompanies; an example never sets the outer boundary of the rule.

2. Defined terms control. A capitalized defined term carries the meaning given to it in Section 1.1 or where it is otherwise defined, and that meaning controls over the term's ordinary usage.

3. Construction. Where the meaning of a provision is otherwise clear from the text, the provision is not to be construed against either party merely because that party drafted it. This Section does not waive, and shall not be read to waive, any non-waivable consumer protection; where applicable law provides that an ambiguity in a consumer term is resolved in the consumer's favor, that law applies notwithstanding this Section.

4. Time, money, and measurement. Unless otherwise stated, references to days are to calendar days; references to a number of business days are to days on which banks are generally open in the State of Ohio; and references to money are to United States dollars.

Part 2 — Universal Terms

This Part is Operative. It binds every User and every Visitor.

This Part states the eligibility, account-security, identity, conduct, reporting, and enforcement rules that apply to everyone who uses the Services, in every Role. Where another Part states a more specific rule for a particular Role, that Part controls for its subject matter as provided in Section 1.4. The values and aspirations that inform these rules are stated in the Preamble and are non-operative; the rules that bind you are the ones set out below.

2.1 Eligibility and Age

1. Minimum age. You may use the Services only if you are at least eighteen (18) years old, or older if the age of majority or the age required to form a binding contract where you reside is greater, in which case that greater age applies to you. By accepting this Codex you represent that you meet this requirement.

2. Capacity. You must have the legal capacity to enter into this Codex. If you use the Services on behalf of a company, organization, or other legal entity, you represent that you are authorized to bind that entity, and "you" in this Codex refers both to you and to that entity.

3. No use by barred persons. You may not use the Services if you are barred from doing so under any applicable law, if you are subject to applicable trade sanctions or export controls that prohibit your use, or if your Account has been terminated by the Company for cause and not reinstated.

4. Children. The Services are not directed to, and may not be used by, children below the age stated in Section 3.7. The handling of children's data is governed by Section 3.7.

2.2 Account and Security

1. Registration. To use the Services as a User you must register an Account and provide the information the registration process requires. You must provide information that is accurate, current, and complete, and you must keep it accurate, current, and complete while your Account remains active.

2. Credential security. You are responsible for safeguarding the credentials used to access your Account. You may not share your credentials except through a feature the Company provides for that purpose, and you may not permit any person to use your Account in a manner that conceals who is acting.

3. Responsibility for account activity. You are responsible for all activity that occurs under your Account, whether or not you authorized it, except to the extent the activity results from the Company's own failure to maintain the security of the Services. This allocation does not relieve the Company of any obligation that applicable law makes non-waivable.

4. Reporting unauthorized use. If you become aware of any unauthorized access to or use of your Account, or any other breach of its security, you must notify the Company through the Security contact within seven (7) days of discovering it. Prompt notice allows the Company to act to limit harm; the Company may require you to reset your credentials or may suspend access to protect the Account or the Services.

5. Credential resets. The Company may require a credential reset, additional verification, or another reasonable security measure where it has a good-faith basis to believe an Account's security is at risk.

2.3 Identity and Accountability

1. Every action is attributable. Every action taken through the Services must be attributable to an identified person or entity that is accountable for it. You act on the Services as yourself or as an entity you are authorized to represent; you do not act anonymously in a way that defeats accountability for conduct that this Part prohibits.

2. Accurate identity. You must not provide false, misleading, or materially incomplete identifying information, and you must not register or maintain an Account under an identity that is not yours or that you are not authorized to use.

3. No impersonation. You must not impersonate any person, brand, or entity, or misrepresent your affiliation with any person, brand, or entity, in a manner that is intended to deceive or that is reasonably likely to deceive. Operating an account that is clearly identified as a parody, commentary, or fan account, and that a reasonable person would not mistake for the source it references, is not impersonation.

4. Automated and programmatic access. You must not access the Services by any automated means, script, bot, scraper, or programmatic interface except through an interface the Company makes available for that purpose and in accordance with the terms governing it. A Developer who builds on or accesses the Company's interfaces does so under Part 7. The Company may impose and enforce technical limits, including rate limits, to protect the Services.

5. Multiple accounts; no evasion of enforcement. You must not create, control, or use more than one Account, or any duplicate or substitute Account, to commit, facilitate, or conceal fraud, or to evade or circumvent a suspension, termination, restriction, or other enforcement action the Company has taken, or has stated it will take, against you or an Account you control. Holding more than one Account is otherwise permitted where each Account reflects a genuine, identified, and accountable person or entity under Section 2.3(1) and is not used for a purpose prohibited above — for example, a separate business or brand Account, or distinct accountable persons within a household. The Company enforces this Section through the graduated remedies in Part 15, which may include suspension or termination of any or all affected Accounts and addition to the suppression list under Section 3.5(5) to prevent re-registration; consistent with Section 4.8(5), the Company does not treat the creation or use of multiple Accounts as a criminal matter or as a matter of computer-fraud law.

6. Federated sign-in; one identity. You may authenticate using a third-party login or identity provider, and you may use your Account to sign in to a third-party service that integrates the Company's login. Doing either does not create a separate or alternate identity — you have one Account, as Section 2.3(1) provides; a provider only attests an external, verified factor, and the Company determines which Account that attestation corresponds to. You are responsible for the security of any third-party account you use to access the Services, as Section 2.2 provides for your credentials. The Company is not responsible for the acts, terms, security, or availability of a third-party identity provider, or of a relying party into which you authenticate, except as this Codex expressly provides; this disclaimer reaches only a provider's or relying party's own, independent conduct and does not limit the Company's responsibility for its own conduct.

2.4 Acceptable Use and Conduct

You must not use the Services to engage in, facilitate, or assist any of the following. Each prohibition is a binding rule. The lists in this Section are illustrative and not exhaustive, as provided in Section 1.7.

1. Unlawful activity. Any activity that violates applicable law, or that offers, promotes, or facilitates an unlawful act or unlawful goods or services.

2. Exploitation of children. Any child sexual abuse material; any sexualization of a minor; and any conduct that grooms, solicits, exploits, or endangers a minor. This prohibition admits no exception, and the Company acts on it immediately.

3. Human trafficking and forced labor. Any human trafficking, forced labor, involuntary servitude, or the facilitation of any of them. This prohibition admits no exception, and the Company acts on it immediately.

4. Fraud and deception. Any fraud, scam, phishing, deceptive solicitation, false or misleading representation, or scheme to obtain money, credentials, or data by deception.

5. Spam and abusive messaging. Any unsolicited bulk or commercial messaging that violates applicable anti-spam or telemarketing law; any use of false or misleading message headers, sender identities, or subject lines; and any failure to honor an opt-out from messaging you originate through the Services.

6. Harassment and threats. Any targeted harassment, stalking, threat of violence, or incitement of violence or self-harm against a person or group.

7. Infringement. Any infringement or misappropriation of another person's intellectual-property rights, including copyright, trademark, patent, and trade-secret rights, or any violation of another person's privacy or publicity rights.

8. Unlawful discrimination. Any use of the Services to engage in conduct that is unlawfully discriminatory under applicable law.

9. Malware and harmful code. Any distribution of malware, ransomware, or other harmful code, or any conduct designed to disrupt, disable, overburden, or impair the Services or any system or network connected to them.

10. Security circumvention. Any unauthorized access to the Services, any account, or any system or data; any circumvention or attempted circumvention of authentication, access controls, security features, usage limits, or technical protections; and any probing, scanning, or testing of the Services' vulnerabilities except as expressly authorized in writing by the Company through the Security contact.

11. Fee circumvention. Any scheme to evade fees properly owed under Part 4, including routing a transaction that belongs on the Services around the Services to avoid the Growth Rate, where the Company facilitated or introduced the relationship. The lawful boundaries of this rule are set out in Part 6 and Part 10.

12. Action only on actionable conduct. The Company acts under this Section on conduct, not on belief about a person's views or intent. The Company does not take enforcement action on the basis of unpublished drafts, private notes, journals, or other material a User keeps to itself and has not transmitted or made available to others, except where retaining or possessing the material is itself unlawful.

13. First-party chargeback abuse. A Buyer must not knowingly initiate or pursue a payment dispute, chargeback, or reversal on a false or bad-faith basis — including by falsely asserting that goods or services were not delivered or not received when they were, or falsely asserting that a charge was unauthorized when the Buyer, or a person the Buyer permitted to use the payment method, in fact authorized it — for the purpose of obtaining goods, services, or a refund to which the Buyer is not entitled. Conduct prohibited by this paragraph is fraud within the meaning of Section 2.4(4). This paragraph reaches only a knowing, bad-faith assertion; it does not apply to, and is not to be construed to discourage, a Buyer's good-faith dispute, and nothing in it limits, waives, or conditions a Buyer's rights under the Fair Credit Billing Act, Regulation Z, or applicable card-network rules, including the right to assert a billing error in good faith. The Company acts under this paragraph only on a reasoned determination, supported by evidence and made after the dispute-handling process in Section 5.3, that a dispute was made knowingly and in bad faith, consistent with Section 2.4(12).

2.5 Reporting

1. How to report. Any person may report conduct or Content that they believe in good faith violates this Codex or applicable law. Reports are made through the reporting intake the Company provides, which includes a web form and, for Users, a reporting action within the dashboard. The Disputes contact (disputes@egt.studio, Part 14) and the Security contact (security@egt.studio, Part 3) are available for the matters they describe.

2. Good-faith reporting. You must make reports in good faith. You must not submit reports that you know to be false, or use the reporting intake to harass another person.

3. The Company's discretion to act. The Company reviews reports and may act on them, but it does not guarantee that it will investigate or respond to any particular report, or that it will act within any particular time. Where the Company acts, it does so as provided in Section 2.6. This Section does not create a duty to monitor, and nothing in it requires the Company to take any specific action on any specific report.

2.6 Suspension, Termination, and Due Process

1. The Company's right to act. The Company may suspend, restrict, limit, or terminate your access to the Services, to your Account, or to any feature, where it has a good-faith basis to believe that you have breached this Codex, that your conduct exposes the Company, the Services, or others to legal or security risk, or that the action is required by law. The Company applies measures that are proportionate to the matter, escalating from warning to restriction to suspension to termination where the circumstances allow.

2. Statement of reasons. When the Company takes an enforcement action against a User, it will provide a statement of the reasons for the action, except where providing it is prohibited by law, would compromise an investigation or the security of the Services, or concerns conduct described in Section 2.6(4). For Users to whom the EU Digital Services Act applies, the statement of reasons and the appeal pathway in Section 2.6(3) are provided in the manner that Act requires.

3. Internal appeal. A User against whom the Company takes an enforcement action may appeal the action through the internal appeal pathway, which is the entry point to the Code of Authority process described in Part 14. The Company will consider a timely appeal and may affirm, modify, or reverse the action. This internal pathway is a condition precedent to the dispute procedures in Part 14 and does not waive any right that applicable law makes non-waivable.

4. Immediate action. The Company may act immediately, and without advance notice, where the matter involves conduct described in Section 2.4(2) or 2.4(3), a credible security threat, fraud, a court order or other legal requirement, or repeated infringement. Immediate action does not deprive a User of the statement of reasons and appeal pathway above, except as Section 2.6(2) provides.

5. Seller notice. Where the affected User is a Seller, the advance-notice and statement-of-reasons protections specific to Sellers, including the thirty (30) day notice required before certain terminations, are stated in Part 6 and apply in addition to this Section. The immediate-action carve-out in Section 2.6(4) applies to Sellers as well.

6. Effect of termination. On termination, your right to access and use the Services ends. Termination does not by itself extinguish a payment obligation that accrued before termination, an entitlement that this Codex provides survives a party's exit (including a Buyer's entitlement under Part 5), or a provision of this Codex that by its nature is intended to survive. The provisions that survive termination are identified in Part 16, and include at least Parts 3, 8, 9, 12, 13, 14, 15, and 16 to the extent their subject matter continues to apply.

2.7 Family Accounts and Minors

This Section is the controlled exception to the minimum-age requirement in Section 2.1. It permits a Minor to use the Services only through a Parent-managed Family Account, on the terms stated here. The handling of a Minor's personal data is governed by Section 3.7; purchases by a Minor are governed by Section 5.5; and the rating of a Seller's surfaces for age-appropriateness is governed by Section 6.9. This Section operates together with those Sections.

1. The controlled exception to the minimum age. Section 2.1(1) requires a User to be at least eighteen (18). A Minor may nonetheless use the Services, notwithstanding Section 2.1(1), only within a Family Account that a Parent establishes and manages, and only on the terms of this Section. Outside a Family Account, the Services remain unavailable to a Minor, and the Company does not knowingly permit a Minor to register or use the Services except through a Family Account.

2. The Parent is the Account Holder and is responsible. A Parent who establishes a Family Account is the Account Holder and the contracting party, accepts this Codex on the Parent's own behalf, and is responsible for the Minor's use of the Services under the Family Account, including each charge approved as Section 5.5 provides. The Parent represents that the Parent is the parent or legal guardian of each Minor the Parent adds, and that the Parent is authorized to give the consents this Section and Section 3.7 require.

3. Verifiable parental consent before collection from a Child. Before the Company collects any personal data from a Child, the Company obtains verifiable parental consent from the Parent through a method described in Section 3.7. The Company does not collect personal data from a Child before that consent is given, except for the limited identifiers necessary to obtain the consent itself, as Section 3.7 provides. Consent for a Teen is handled as Section 3.7 provides.

4. Safe by default. When a Parent adds a Minor to a Family Account, the Company applies protective settings for that Minor by default, without requiring the Parent to find or change a setting — including conservative content and discovery settings, communication and contact approval, purchase approval through the Ask-to-Buy mechanism in Section 5.5, location settings off, and no profiling of, or targeted advertising to, the Minor. These defaults scale with the Minor's Age Band, and a Parent may adjust the Parental Controls within the bounds this Codex sets. The Company does not use a design that nudges a Minor or a Parent to weaken a protection or to disclose more data than a purpose requires.

5. Parental Controls; the Company's layer. The Company provides the Parental Controls described in this Section and in Part 5, and enforces age-appropriateness gating at its own service layer: because the Company renders the surfaces offered through the Services, it evaluates a surface's Age Band, its content descriptors, and its access setting against the viewer's Age Band before the surface is served, and it does not serve to a Minor a surface that is gated above the Minor's Age Band or that lacks a current Family-Safe Certification, as Section 6.9 provides. This gating is applied at the Company's layer and does not depend on a Seller's cooperation after the Content Rating is given.

6. Tools and gating, not a guarantee of outcomes. The Company provides tools, Parental Controls, and age-appropriateness gating, and it commits to the reasonable, scoped efforts this Codex states. The Company does not represent, warrant, or guarantee that any surface, Seller, product, or interaction is "safe for kids," that a Minor will not encounter unsuitable content or conduct, or that any control will be effective in every case. Age-appropriateness is rated by the Seller under Section 6.9, and the Company's gating rests on that Seller-given Content Rating and on the Parent's exercise of the Parental Controls. A statement in this Codex that the Company gates, controls, or protects is a commitment of reasonable efforts appropriate to the matter, and is not an absolute or factual warranty, as Section 12.1(3) provides.

7. Enforcement gates Minors, not adults. Where a Seller's surface lacks a current Family-Safe Certification, or where the Company raises a surface's Age Band or withdraws its Family-Safe Certification under the enforcement ladder in Section 6.9, the consequence is that the surface is not served to a Minor, or is served only to a Minor of a higher Age Band. That consequence does not remove the surface, unpublish it, or end its availability to adults. The Company's family-safe enforcement gates access by Minors; it is not a removal of a Seller or a Seller's lawful offering to adults.

8. A Parent's withdrawal. A Parent may close a Family Account or remove a Minor from it at any time. On removal or closure, the Minor's continued use of the Services under that Family Account ends, and the Minor's personal data is handled as Section 3.7 provides, including deletion on account closure.

Part 3 — Privacy and Data

This Part is Operative. It binds the Company and applies to everyone whose personal data the Company processes through the Services.

This Part is the Company's privacy notice and its operative data-protection terms. It states the roles the Company takes when it processes data, what it collects and why, how it shares data, the rights available to the people whose data it processes, and how it handles retention, cookies, children's data, international transfers, security, and health information. Where the Company processes protected health information for a Covered Entity, Part 11 and the Business Associate Agreement govern, and this Part yields to them as provided in Section 1.4.

3.1 Our Roles

1. Controller of platform data. With respect to the personal data the Company collects to provide and operate the Services for its Users and Visitors — including Account data, device and usage data, and communications with the Company — the Company is the controller. The Company decides the purposes and means of that processing and is responsible for it under this Part.

2. Controller of Buyer Data for the platform relationship. With respect to Buyer Data collected through the Services in connection with a purchase or prospective purchase, the Company is the controller for the purpose of operating the marketplace relationship, processing the transaction, providing receipts and support, and protecting against fraud and abuse. A Seller's narrower role with respect to Buyer Data is described in Section 3.3 and governed in detail by Part 6.

3. Processor for a Seller or Covered Entity. Where the Company processes personal data on the documented instructions of a Seller or a Covered Entity — that is, where the customer, and not the Company, determines the purposes and means of the processing — the Company acts as a processor or service provider. That processing is governed by a data-processing addendum with the Seller, or, for protected health information, by the Business Associate Agreement under Part 11.

4. How a request is routed. Because the applicable role determines who must answer a data request, the Company will, on receiving a request, determine in which role it holds the data and route the request accordingly. Where the Company holds the data only as a processor, it will direct the requester to the responsible controller or refer the request to that controller, and will assist that controller as the applicable addendum requires.

3.2 Data We Collect; Sources; Purposes; Legal Bases

1. Categories and sources. The Company collects the following categories of personal data: (a) information you provide, including registration, profile, and Content; (b) transaction and commercial information about purchases, listings, and orders; (c) payment and billing information processed through the Company's payment providers; (d) communications you send to the Company or through the Services; (e) device, network, and technical information, including IP address, identifiers, and similar data; and (f) usage and activity data describing how the Services are used. The Company collects this data from you, from your devices and use of the Services, and from service providers acting on the Company's behalf. Where the Company obtains personal data about you other than from you, the categories of source are payment processors, identity-verification and fraud-prevention providers, authentication and identity providers, and analytics providers. The Company collects other data only where it is reasonably necessary to operate, secure, and improve the Services, and it does not treat this provision as a license to collect without limit.

2. Purposes. The Company processes personal data to: provide, maintain, and secure the Services; create and administer Accounts; process and fulfill transactions and provide receipts and support; communicate with you about the Services; prevent, detect, and investigate fraud, abuse, and security incidents and enforce this Codex; comply with legal obligations; and improve and develop the Services.

3. Legal bases. For Users to whom the EU General Data Protection Regulation applies, the Company relies on the following legal bases under Article 6: (a) performance of a contract, Article 6(1)(b), to create and administer your Account and to process and fulfill your transactions; (b) legitimate interests, Article 6(1)(f), to secure the Services, to prevent and investigate fraud and abuse, to enforce this Codex, and to improve the Services, in each case where those interests are not overridden by your interests or fundamental rights, as recognized for fraud-prevention purposes in Recital 47; (c) consent, Article 6(1)(a), for marketing communications and for non-essential cookies and similar technologies; and (d) compliance with a legal obligation, Article 6(1)(c), where processing is required to meet a legal duty to which the Company is subject. Where the Company relies on legitimate interests, you may obtain further information about the balancing the Company has performed through the Privacy contact.

4. Device-authentication data. Where a tenant requires it, access to that tenant's surfaces may be conditioned on a device presenting a valid certificate. The Company processes the certificate's device identifiers — such as its fingerprint, subject name, or serial number — to control device access and secure the Services, on the bases stated in Section 3.2(3). These device and security identifiers are cryptographic artifacts that identify a device or authenticate a session; they are not, and the Company does not use them as, a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry within the meaning of applicable biometric-privacy law (including 740 ILCS 14/10). Where a device is unlocked locally by a fingerprint or facial recognition, that biometric operation occurs on your device under the control of its operating system, and the Company receives only a cryptographic assertion and does not collect, receive, or store the underlying biometric identifier. Where the Company would collect a biometric identifier for any purpose, it does so only with the notice and consent applicable law requires.

3.3 How We Share

1. Service providers and processors. The Company shares personal data with service providers and processors that perform functions on its behalf — including payment processing, hosting, communications delivery, analytics, and security — under contracts that limit them to processing the data for the Company's purposes and require them to protect it.

2. Legal and safety. The Company may disclose personal data where it believes in good faith that disclosure is required by law or legal process, or is reasonably necessary to protect the rights, property, or safety of the Company, its Users, or the public, or to prevent or address fraud, abuse, or a security incident.

3. Business transfers. If the Company is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal data may be transferred as part of that transaction. The Company will require the successor to honor this Part with respect to personal data transferred, and will give Notice where applicable law requires it.

4. No sale of personal data. The Company does not sell personal data for money, and it does not share personal data for cross-context behavioral advertising in exchange for valuable consideration, as those terms are used under applicable United States state privacy law. Where any processing would constitute a "sale" or "share" under that law, the Company honors an opt-out, and it treats a Global Privacy Control signal as a valid request to opt out of sale or sharing for the browser or device that sends it and, where you are known to the Company, for the associated identity.

5. What a Seller receives. A Seller receives only the minimum Buyer Data necessary to fulfill and support the Buyer's order, and receives it only through the Services. The Company does not provide a Seller with the Buyer's raw email address; instead, a Seller communicates with a Buyer through a masked relay alias and the dashboard "Message customer" action that the Company routes on the Seller's behalf. For a physical-goods order that a Seller fulfills, the Seller receives the shipping name and address necessary to ship the order, and nothing more than is necessary for that purpose. A Buyer may revoke a Seller's ability to initiate contact, and a Seller's ability to contact a Buyer deactivates when the Seller leaves the Services. The detailed allocation of Buyer Data between the Company and a Seller, and the residual billing or shipping data that reaches a Seller in a direct-charge sale, are governed by Part 6.

6. Sharing you direct ("Login with The Universe"). Where you choose to use your Account to sign in to a third-party site or application (a "relying party") through a "Login with The Universe" feature, the Company discloses to that relying party only the minimum identity information necessary for the sign-in you requested, and only the additional profile information you consent to release, through the same minimum-necessary, masked-relay process described in Section 3.3(5) and Part 6. This sharing happens only at your direction and with your consent, for each relying party, and you may withdraw a relying party's access at any time. To the extent you direct this disclosure and intentionally interact with the relying party, the sharing is excluded from the definitions of "sale" and "share" under applicable United States state privacy law, including California Civil Code Section 1798.140, consistent with Section 3.3(4); where any such disclosure would nonetheless constitute a sale or share, the Company honors your opt-out and the Global Privacy Control as Section 3.3(4) provides. The relying party is a separate, independent controller of the information it receives; the relying party's own privacy policy, not this Codex, governs what it does with that information; the Company requires a relying party, by the terms governing its integration, not to sell or share the minimum-necessary identity information the Company relays; and the Company is not responsible for a relying party's own, independent acts or terms except as this Codex expressly provides. Nothing in this Section limits the Company's responsibility for its own conduct — including its obligation to relay only the minimum identity information necessary, and its own duties as a controller or business under applicable data-protection law — which remain governed by this Part, Part 12 (including the matters not limited or excluded under Section 12.4), and applicable law. Where instead you choose to sign in to the Services using a third-party identity provider, the Company receives from that provider only the information you authorize it to share for that sign-in, and the provider's own terms and privacy policy govern the provider's processing.

7. Sharing you direct (contact sharing with a Seller). Where you affirmatively choose to share your real contact information with a Seller through a mechanism the Company provides, the Company discloses that information to the Seller at your direction and with your consent; absent your affirmative choice, the default is the masked-relay, minimum-necessary handling described in Section 3.3(5). To the extent you direct this disclosure and intentionally interact with the Seller, the sharing is excluded from the definitions of "sale" and "share" under applicable United States state privacy law, including California Civil Code Section 1798.140, consistent with Sections 3.3(4) and 3.3(6); where any such disclosure would nonetheless constitute a sale or share, the Company honors your opt-out and the Global Privacy Control as Section 3.3(4) provides. The Seller is a separate, independent controller of the contact information it receives; the Seller's own privacy policy, not this Codex, governs what the Seller does with it; the Company requires the Seller, by the terms governing it, not to sell, rent, or further disclose the consented contact information; and the Company is not responsible for the Seller's own, independent acts or terms except as this Codex expressly provides. Once you share it, the contact information is in the Seller's hands, and the Company cannot technically prevent a Seller from misusing it; your protection is the Seller's contractual commitment under Section 6.3(7) and the Company's enforcement against a Seller that breaches it, including on your report, and not a technical guarantee. You may withdraw this sharing at any time. Withdrawal is forward-only: the Company stops sharing your contact information and re-masks you going forward, but cannot retrieve or delete a copy the Seller already received or exported — that copy is the Seller's own obligation, and you may also need to use the Seller's own unsubscribe to stop the Seller's messages. Your rights to erasure, and to have the Company forward your request to the Seller, are described in Sections 3.4 and 3.5. Nothing in this Section limits the Company's responsibility for its own conduct — including its obligation to share only at your direction and with your consent, to share only the contact information you consented to share, and to stop sharing on your withdrawal, and its own duties as a controller or business under applicable data-protection law — which remain governed by this Part, Part 12 (including the matters not limited or excluded under Section 12.4), and applicable law.

3.4 Your Rights and Choices

1. Rights. Subject to applicable law and to verification of your identity, you may request to: access the personal data the Company holds about you; correct inaccurate personal data; delete your personal data; receive a portable copy of personal data you provided; object to or restrict certain processing; and withdraw a consent you previously gave, without affecting processing already carried out on that consent. Where the General Data Protection Regulation or equivalent law applies to you, you may also lodge a complaint with your data-protection supervisory authority. The Company does not make decisions about you based solely on automated processing that produce legal or similarly significant effects; where any enforcement decision is reached with the assistance of automated means, it remains subject to the human-supervised review and appeal in Section 2.6(3) and Part 14. These rights are subject to the limits stated in Section 3.5.

2. State-law rights. For residents of United States states that grant privacy rights, including under the California Consumer Privacy Act as amended by the California Privacy Rights Act, the Company honors the rights those laws provide, including the rights to know, to access, to delete, to correct, to opt out of sale or sharing, and to be free from discrimination for exercising a right. To the extent the Company processes sensitive personal information as that term is defined under applicable state law — such as account log-in credentials, precise geolocation, or health data processed under Part 11 — it does so only for the purposes that law permits without a right to limit, or it honors your right to limit its use and disclosure. The Company does not deny goods or services, charge a different price, or provide a different level of service because you exercised a privacy right, except where a difference is permitted by law and reasonably related to the value of the data.

3. How to exercise. You exercise these rights through the Company's privacy web form, which performs the identity verification that applicable data-protection law requires before the Company acts on a request. You may also use the Privacy contact (privacy@egt.studio, Section 3.12). An authorized agent may submit a request on your behalf where the law permits, subject to proof of authorization.

4. Appeals. If the Company declines a request, it will tell you why, and, where applicable law provides a right to appeal that decision, it will tell you how to appeal and will consider a timely appeal.

3.5 Right to Erasure and Its Limits

1. The right. You may request deletion of your personal data, and the Company will delete it, except to the extent retention is lawful and necessary for one of the reasons stated below. Where an exception applies, the Company retains only the data within the scope of that exception and deletes the rest.

2. Fraud, abuse, and security. The Company may retain personal data where retention is necessary to detect, prevent, and investigate fraud, abuse, and security incidents, and to protect the Services and others. For Users to whom the General Data Protection Regulation applies, this retention rests on the Company's legitimate interests under Article 6(1)(f), as recognized for fraud-prevention purposes in Recital 47, and is disciplined by the data-minimization principle of Article 5(1)(c) and the storage-limitation principle of Article 5(1)(e). For residents of California, this retention rests on the exceptions in California Civil Code Section 1798.105(d), including the exceptions to complete a transaction and provide a requested good or service under subdivision (d)(1), to detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity under subdivision (d)(2), and to enable solely internal uses reasonably aligned with your expectations under subdivision (d)(7).

3. Legal obligation and recordkeeping. The Company may retain personal data where retention is necessary to comply with a legal obligation, including tax, accounting, and records-retention requirements.

4. Legal claims. The Company may retain personal data where retention is necessary for the establishment, exercise, or defense of legal claims.

5. Suppression list. Where the Company terminates an Account for serious cause — including conduct described in Section 2.4(2), Section 2.4(3), fraud, or repeated serious breach — the Company may add minimal, hashed identifying data to a suppression list whose only purpose is to prevent the terminated person from re-registering and repeating the conduct. The Company maintains this list as a fraud-prevention and platform-integrity measure resting on its legitimate interests under Article 6(1)(f), disciplined by the minimization and storage-limitation principles in Article 5(1)(c) and (e); the Company does not rely on Article 17(3) as the basis for building the list. The Company limits the list to the minimum data necessary to identify a returning person, retains an entry for six (6) years and then deletes it, reviews entries on a regular cadence, and never retains an entry indefinitely. A person on the suppression list may contest their inclusion through the Privacy contact, and the Company will review a timely challenge.

6. Erasure of shared contact information. Where you have directed the Company to share your contact information with a Seller under Section 3.3(7) and you later request erasure, the Company deletes or de-identifies the copy it holds and stops sharing your contact information going forward, and — consistent with the principles of Article 19 of the General Data Protection Regulation, and as a voluntary practice the Company extends to all Buyers — forwards your request to the Seller to delete the contact information the Seller received, unless doing so proves impossible or involves disproportionate effort. The Company records each such disclosure to make forwarding feasible in the ordinary case. A copy the Seller has already received is held by the Seller as an independent controller; the Seller's deletion of that copy is the Seller's own obligation under the law that applies to it, and you may exercise your rights directly against the Seller. The Company retains the record that your consent and any withdrawal occurred, to the extent Section 3.5(4) permits, as evidence; that record is separate from your contact information.

3.6 Cookies and Tracking

1. What we use. The Company uses cookies and similar technologies that are strictly necessary to operate and secure the Services, and, where you consent, cookies and similar technologies for analytics and preferences. Strictly necessary technologies cannot be disabled without impairing the Services; limiting other technologies may limit certain features.

2. Consent and controls. Where applicable law requires consent for non-essential cookies and similar technologies, the Company obtains that consent before using them, and you may withdraw it. The Company recognizes and gives effect to the Global Privacy Control and similar opt-out preference signals to the extent applicable law gives them effect.

3.7 Children and Minors

This Section states how the Company handles the personal data of a Minor. Outside a Family Account, the Services are not directed to a Minor and the Company does not knowingly collect a Minor's personal data; within a Family Account established under Section 2.7, the Company handles a Minor's personal data on the terms of this Section. This Section supports Family Accounts and is read together with Section 2.7.

1. No collection outside a Family Account. The Services are not directed to a Minor outside a Family Account, and the Company does not knowingly collect personal data from a Minor except through a Family Account established and managed by a Parent under Section 2.7. If the Company obtains actual knowledge that it has collected personal data from a Minor outside a Family Account, and without the consent that law requires, it deletes that data promptly. A Parent who believes the Company has collected such data may contact the Company through the Privacy contact.

2. Verifiable parental consent before collecting from a Child. Within a Family Account, the Company does not collect personal data from a Child until the Parent gives verifiable parental consent through a method reasonably calculated, in light of available technology, to confirm that the person giving consent is the Child's Parent. Before that consent is given, the Company collects from the Child only the limited online contact information necessary to obtain the consent, and no more. The Company maintains a written, time-stamped record of each consent — the method used, the scope consented to, and the version of the notice shown — and of each later withdrawal of consent.

3. Separate consent; no profiling or targeted advertising. The Company obtains the Parent's consent to collect a Child's personal data and to use it internally to provide the Services separately from any consent to disclose that data to a third party; the Parent may consent to the former while withholding the latter, and the Company defaults to no third-party disclosure. The Company does not profile a Minor, and does not direct targeted advertising to a Minor, and it does not condition a Minor's participation in an activity on the collection of more personal data than is reasonably necessary for that activity.

4. Minimal categories. Within a Family Account, the Company collects only the categories of a Minor's personal data that are reasonably necessary to operate the Family Account and the Parental Controls and to secure the Services, and it works from an Age Band rather than from a Minor's date of birth wherever an Age Band is sufficient for the purpose.

5. Coarse Location only. Where a feature genuinely requires a location anchor for a Minor, the Company collects only Coarse Location, set once by the Parent and bound to the purpose for which it is collected. The Company does not collect a Minor's precise geolocation, does not track a Minor's location in real time or in the background, and does not retain raw precise coordinates of a Minor. A Family Account, and a family-sharing subscription under Part 5, need not use location at all, and where no feature requires it the Company does not prompt for it. The Company does not use a Minor's location for advertising, profiling, or sale.

6. Identity-verification data deleted after the check. Where the Company uses a government-issued identifier, a biometric identifier, or a similar document to verify a Parent's consent or to assure an Age Band, it uses that artifact only to perform the check and deletes it promptly after the check is complete. The Company does not retain the verification artifact beyond the check, and retains at most the resulting Age Band or a minimal record that the check was performed.

7. A Parent's access and deletion rights. A Parent may, through the Privacy contact or the controls the Company provides, review the personal data the Company has collected from the Parent's Child, direct the Company to delete it, and refuse to permit the Company's further collection or use of it. The Company honors a Parent's request consistent with the rights and limits in Sections 3.4 and 3.5, and a Minor of sufficient age may exercise the rights that applicable law grants the Minor directly.

8. Written retention; deletion on closure. The Company retains a Minor's personal data only as long as is reasonably necessary for the specific purpose for which it was collected, states a specific deletion timeframe for each category in its retention practices, and does not retain a Minor's personal data indefinitely. When a Family Account is closed, or a Minor is removed from it, the Company deletes the Minor's personal data, except to the minimum extent retention is permitted under Section 3.5; the retention principles in Section 3.10 apply, disciplined for a Minor by the minimization stated in this Section.

9. No use to train artificial intelligence. The Company does not use a Minor's personal data to train its artificial-intelligence systems or models. This is in addition to the never-train carve-out for protected health information stated in Section 3.13 and Section 9.3.

10. Scope of this Section. This Section states the Company's data-handling commitments for a Minor and the tools it provides. It does not, and is not to be read to, represent or warrant that any surface or interaction is "safe for kids" or that any control is effective in every case; the scope of the Company's family-safe commitments is stated in Section 2.7(6), and age-appropriateness is rated by the Seller under Section 6.9.

3.8 International Transfers

1. United States first. The Services are directed to users in the United States, and personal data the Company processes is processed in the United States. The Company has not, at the Effective Date, appointed a representative under Article 27 of the General Data Protection Regulation or an equivalent United Kingdom representative, because it does not, at the Effective Date, process the personal data of individuals in the European Economic Area or the United Kingdom in a manner that requires one.

2. Trigger. If and when the Company processes the personal data of individuals in the European Economic Area or the United Kingdom in a manner that requires it, the Company will appoint the representative that the General Data Protection Regulation and applicable United Kingdom law require, and will put in place the transfer mechanism that the law requires for transfers of that data, and it will update this Part accordingly.

3.9 Security

1. Reasonable safeguards. The Company maintains administrative, technical, and physical safeguards designed to protect personal data, appropriate to the nature of the data and the risks of its processing. The Company describes its safeguards as reasonable and appropriate to the risk; it does not represent or warrant that the Services or any data are absolutely secure or immune from every intrusion, and no method of transmission or storage is perfectly secure.

2. Breach handling. If the Company determines that a breach of security has compromised personal data in a manner that triggers a legal obligation to notify, it will provide the notifications that applicable law requires, within the time that law requires. For protected health information, the breach-notification terms of Part 11 and the Business Associate Agreement govern.

3.10 Retention

1. Retention principles. The Company retains personal data for as long as it is necessary for the purposes for which it was collected, including to provide the Services, to maintain your Account while it is active, and to meet the legal, fraud-prevention, security, and claims-related needs described in Section 3.5. When personal data is no longer necessary for a permitted purpose, the Company deletes it or de-identifies it.

The Company retains each category of personal data for the period, or by the criterion, stated for it: Account data, for the life of the Account and then for the period necessary to wind down the relationship; transaction, tax, and accounting records, for the period required by applicable tax and recordkeeping law; device, usage, and security-log data, for the period necessary for the security and fraud-prevention purposes in Section 3.2(2); marketing-consent records, until consent is withdrawn and then for the period necessary to evidence the prior consent; and suppression-list entries, six (6) years per Section 3.5(5). Where a fixed period cannot be stated, the criterion is the period necessary for the purpose in Section 3.2(2) plus any applicable limitation or recordkeeping period.

2. Suppression-list retention. The retention of the suppression list described in Section 3.5(5) is six (6) years per entry, as stated in that Section.

3.11 Health Information

1. PHI pointer. Where a Covered Entity opts in to the HIPAA Schedule, the protected health information that the Company processes for that Covered Entity is governed by Part 11 and the Business Associate Agreement, and not by the general terms of this Part, to the extent of any conflict. The Company processes protected health information only on infrastructure designated for that purpose, and it never uses protected health information to train artificial-intelligence systems.

3.12 Contact

1. How to reach us about privacy. You may contact the Company about this Part, or exercise a right under it, through the Company's privacy web form, which performs the identity verification that applicable law requires, and at privacy@egt.studio (the "Privacy contact"). Where a law requires a postal address for a specific privacy purpose, the Company provides the registered-agent formal-notice address stated in Section 16.5.

2. Security contact. You may report a security vulnerability or a suspected security incident, and the Company receives breach and security-incident communications, through the Company's security web form and at security@egt.studio (the "Security contact").

3.13 Artificial-Intelligence Training

1. Disclosed training use. The Company uses Content to operate, improve, and train its artificial-intelligence features and models, as part of the license stated in Section 9.2 and disclosed in Section 9.3. This use of Content for training is specifically disclosed here and in Section 9.3.

2. Sensitive-content opt-out. A User may opt out of the use of Content for training by flagging that Content as sensitive through the mechanism the Company provides, and the Company excludes Content so flagged from training, as Section 9.3(2) provides.

3. Protected health information is never used. The Company never uses protected health information to train any artificial-intelligence system or model. This carve-out admits no exception and is the same commitment stated in Section 9.3(3) and Section 11.3(2). Data that has been de-identified in compliance with HIPAA is not protected health information, and its use is governed by the Business Associate Agreement.

3.14 Financial-Information Privacy

1. Conditional Gramm-Leach-Bliley Act notice. To the extent the Company is a "financial institution" subject to the Gramm-Leach-Bliley Act with respect to certain nonpublic personal financial information, the Company provides the privacy notice and the opt-out that the Act and its implementing regulations require for that information.

Part 4 — Fees and Growth Rate

This Part is Operative. It binds every User who transacts through the Services, including Sellers and Developers, and it binds Buyers to the extent they subscribe.

This Part states the Company's transactional take-rate — the Growth Rate — the principles that discipline it, how the Company bills, how subscriptions renew and may be cancelled, how taxes are handled, and how payments are processed. The rate table is set out in the Schedule — Growth Rate / Pricing, which is part of this Codex. Where a figure in this Part and a figure in that Schedule differ, the conflict is resolved as Section 1.4 provides.

4.1 The Growth Rate

1. What the Growth Rate is. The "Growth Rate" is the Company's transactional take-rate, charged as a percentage of the value of a transaction completed through the Services, by category. The Growth Rate is the Company's transactional charge for the Services; it is not a penalty, a fine, or a charge imposed for breach, each of which is governed separately by Part 15.

2. The categories and rates. The Growth Rate, by category, is:

| Category | Growth Rate | | --- | --- | | Digital goods and subscriptions — including the sale of applications, extensions, plugins, and components through the App Artisan Program and through Universe App Tools | 10% | | Physical goods, and goods or services sold by or for a nonprofit | 3% | | Utilities | 0.5% | | Leasing | 5% |

These rates are also stated in the Schedule — Growth Rate / Pricing, together with any thresholds and product-specific charges. No external pricing page is incorporated into this Codex by reference.

3. One rate per transaction; no stacking. A single transaction is charged the Growth Rate for its category once. The Growth Rate is not applied a second time to the same transaction, and it does not compound on itself. Where a transaction could fall within more than one category, the category that most specifically describes the transaction applies.

4. What the Growth Rate is charged on. The Growth Rate is charged on the value of the transaction as completed through the Services. Amounts that are not the Company's to take — including taxes the Company collects and remits as described in Section 4.5, and amounts a payment partner deducts under Section 4.6 — are accounted for as those Sections provide and are not themselves a second Growth Rate.

5. Category determined by economic substance. The Growth-Rate category that applies to a transaction is determined by the predominant economic substance of the transaction, and not by the label, packaging, or structure a Seller gives it. Where a transaction is bundled, structured, or described in a manner whose purpose or effect is to obtain a lower Growth Rate than the category that predominantly describes the substance of the transaction — for example, by characterizing a digital good as a physical good, or by combining items so that a higher-rate item is presented as part of a lower-rate sale — the Company may determine the applicable category by that predominant economic substance and assess the Growth Rate accordingly. A determination under this Section is subject to the due process and appeal in Part 15, and any monetary remedy is measured as Section 15.2 provides.

4.2 Growth-Rate Principles

The following principles govern the Growth Rate and are operative commitments of the Company.

1. No eroding cap (no-cap). The Company does not impose a per-volume or per-merchant ceiling whose effect is to raise a Seller's effective take-rate as that Seller's volume grows. The Growth Rate for a category does not increase with a Seller's volume.

2. Down-only. The Company may decrease the Growth Rate for a category, and a decrease takes effect for transactions completed after it is published. The Company does not increase the Growth Rate that applies to an existing Seller above that Seller's founding ceiling, as described below. Any change to the Growth Rate that is materially adverse to you is a material change and is made only as Section 1.5 provides, including the advance Notice required there.

3. Founding ceiling. The Growth Rate in effect for a Seller's category when that Seller onboards is the ceiling of the Growth Rate the Company will charge that Seller for that category. A later decrease benefits the Seller; a later increase does not raise the Seller above that ceiling.

4. Two-line disclosure. Where a Seller is charged the Growth Rate, the Company discloses the applicable rate plainly, in a short, conspicuous statement of no more than two lines, at the point of sale or onboarding, so that the rate and the category to which it applies are clear before the Seller commits.

4.3 No-Gimmicks Billing

1. No hidden fees. The Company charges the Growth Rate and the amounts stated in the Schedule — Growth Rate / Pricing, and it does not impose undisclosed fees for the Services. A charge for the Services that is not the Growth Rate is disclosed before it is incurred.

2. No trials, guarantees, or proration. The Company does not offer free trials, money-back guarantees, or proration of amounts already due. Because the Company does not prorate, it does not pre-charge for time not yet elapsed and then claw back a partial period; instead, a paid period runs to its end.

3. Cancel anytime, effective through the paid period. You may cancel a subscription or recurring charge at any time. Cancellation stops future charges and takes effect at the end of the period you have already paid for; you retain access through the end of that paid period. Because there is no proration, cancellation mid-period does not generate a refund of the paid period, except where a non-waivable consumer right or Section 5.3 requires otherwise.

4. No early-termination penalty. The Company does not charge an early-termination fee or penalty for cancelling a subscription or recurring charge. This Section concerns charges for the Services; it does not limit the Company's recovery of amounts that accrued before cancellation, or remedies for breach under Part 15.

4.4 Subscriptions and Automatic Renewal

This Section applies to any subscription or other recurring charge offered through the Services, and it binds a Buyer who subscribes as well as a Seller who bills on a recurring basis through the Services.

1. Clear recurring-charge disclosure. Before you are charged for a subscription, the Company discloses, clearly and conspicuously, that the charge is recurring — that it continues and automatically renews until cancelled — together with the amount of the charge, the billing interval, and how to cancel. The Company obtains your affirmative consent to the subscription before the first charge.

2. Advance notice of a price increase; cancel or continue; substantial increases. The Company gives at least thirty (30) days' advance Notice of any increase in the price of a subscription, stating the new price and the date it takes effect. An ordinary price increase takes effect at your next renewal on or after that date; having received the Notice and the opportunity to cancel, your continued subscription after that date is your acceptance of the new price, and you may cancel before it takes effect, at no penalty, through the self-serve cancellation in Section 4.4(3). The Company does not keep a prior price in force merely because you were silent. A substantial price increase — one that, alone or together with other increases over the preceding twelve (12) months, exceeds thirty-five percent (35%) of the price in effect at the start of that twelve-month period — does not take effect for you unless you affirmatively consent to it; the Company does not treat your continued use or your silence as consent to a substantial increase. If you do not consent to a substantial increase, your subscription continues at your existing price through the current paid period and then does not renew unless you consent to the new price or choose an available plan, and the Company gives you at least thirty (30) days' Notice and an easy option to move to an available plan. The Company does not structure, split, or sequence increases to evade the substantial-increase threshold; a pattern of repeated increases that are each kept just below the threshold is itself treated as a substantial increase requiring affirmative consent. New York subscribers. For a subscriber in the State of New York, the Company either obtains the subscriber's affirmative consent to an increased price before charging it, or permits the subscriber to cancel within at least fourteen (14) days after the increased charge and provides a pro-rata refund of the unused portion of the then-current term; this New York pro-rata refund applies notwithstanding the no-proration rule in Section 4.3, as a non-waivable consumer right preserved by Section 4.4(4).

3. Self-serve cancellation. The Company provides a self-serve mechanism to cancel a subscription that is at least as easy to use as the mechanism by which you subscribed, and that stops future charges. You are not required to call, to wait, or to complete steps materially harder than enrollment in order to cancel.

4. Consumer-protection compliance. This Section is intended to operate consistently with applicable automatic-renewal and recurring-charge law, and nothing in this Codex waives a right that such law makes non-waivable. Where that law requires a disclosure, consent, or cancellation method beyond what this Section states, the Company provides it.

4.5 Taxes and Marketplace Facilitation

1. Facilitator collection and remittance. Where the Company is a marketplace facilitator for a transaction under applicable law, the Company collects and remits the taxes that law requires it to collect and remit for that transaction, and it files in its own name where the law so requires. The Company may show prices exclusive of tax, with tax stated at checkout.

2. Seller responsibility otherwise. Except where the Company collects and remits as a facilitator under Section 4.5(1), each Seller is responsible for determining, collecting, reporting, and remitting the taxes applicable to that Seller's transactions, and for its own tax obligations generally. A Seller is responsible for the accuracy of the tax information and settings it provides through the Services.

4.6 Payment Processing

1. Payment partners. Payments through the Services are handled by the Company's payment partner or partners. A Seller, and where applicable a Buyer, may be required to agree to the partner's terms, and may be subject to the partner's requirements, including identity verification, onboarding, and account-maintenance requirements. The Company is not responsible for a payment partner's own acts or terms except as this Codex expressly provides.

2. Allocation of merchant-of-record status. Who is the merchant of record for a given sale, and how chargebacks, refunds, reserves, and payouts are allocated, are governed by Part 6 for sales by Sellers.

4.7 Sale-of-a-Venture Fee

1. Pointer. Where a User sells or transfers a venture, brand, or storefront through a transfer the Company facilitates, a tapered Sale-of-a-Venture fee applies. That fee, its tapered schedule and cap, and its limitation to platform-facilitated transfers, are governed by Part 10 and stated in the Schedule — Growth Rate / Pricing. This Section is a pointer; the operative mechanics are in Part 10.

4.8 Family Sharing of Subscriptions

This Section applies where a subscription offered through the Services may be shared among the members of a household. It states when sharing is available, how the Company describes a household, how the Company confirms — in a privacy-preserving way — that a shared subscription is used within the household, and how the Company responds to apparent sharing outside the household. This Section operates together with the subscription and automatic-renewal terms in Section 4.4, the no-gimmicks billing terms in Section 4.3, the privacy and minors' data terms in Part 3 (including Section 3.7), the Family Account terms in Section 2.7, and the proportionate enforcement of Part 15.

1. Opt-in sharing, where an offering supports it. A subscription may be shared within a household only where the offering supports sharing and the Account Holder opts in to sharing it. Sharing is not automatic and is not a default; an Account Holder enables it. A shared subscription may carry a different price from an unshared one — including a higher price — which the Company or the Seller discloses clearly and conspicuously before purchase, as Section 4.4(1) requires for any recurring charge. Sharing is provided through the Company's entitlement system: the Account Holder's entitlement is extended to the members the Account Holder designates, and the Account Holder remains the contracting and billed party for the subscription.

2. What a household is. For the purpose of this Section, a household is the Account Holder together with the members the Account Holder designates who primarily use the Services from the Account Holder's home. A household may include adults, and may include a Minor within a Family Account under Section 2.7. The home-boundary check described in Section 4.8(3) is corroborating evidence that a member belongs to the household; it is not the sole determinant of household membership. The Company describes a household in these terms so that it may correct a mistaken result without breaching this Section, and it does not represent or warrant that a household is identified correctly in every case.

3. Privacy-preserving home check-in for an adult member. To confirm that a shared subscription is used within the household, the Company may, about once every thirty (30) days, perform an ephemeral check of whether an adult member's device is within a home boundary the Account Holder has set or is connected to the Account Holder's home network. This check produces only a yes-or-no result, which is tested and not stored. The Company stores only the date of a member's last successful home check-in and a flag state derived from it; it does not store, for this purpose, the member's coordinates, the member's precise location, or the member's raw network address. The Account Holder sets a home boundary as a setting on the Family Account and may set up to two (2) home boundaries, for example for two residences. The Company asks for a home boundary only when a sharing feature actually requires it: a subscription, including a Seller-offered family subscription, that does not require a home boundary never prompts for one, and a household that does not need one is never asked to set one. Changing a home boundary unusually frequently is itself treated as a signal of possible sharing abuse under Section 4.8(5).

4. A Minor is not individually located. The Company does not perform an individual location check on a Minor for the purpose of confirming household membership. A Minor within a Family Account inherits household status from the Account Holder — through the Account Holder's home network or through the Account Holder's trusted device — rather than by independently locating the Minor. This Section is consistent with the handling of a Minor's location in Section 3.7(5) and with the verifiable-parental-consent framework of Section 2.7 and Section 3.7, under which the Company does not collect a Minor's precise geolocation and does not track a Minor's location in real time or in the background.

5. Grace, travel, and a proportionate response. A single missed home check-in does not flag a member. The Company treats a member as possibly sharing the subscription outside the household only after repeated, consecutive missed check-ins, and it provides a self-service way for a member to indicate legitimate travel. The Company does not block lawful travel within a region by a member who is entitled to use the subscription there. Sharing a subscription outside the household is a matter of these terms, addressed through the remedies of this Codex; any response the Company takes is proportionate to the matter under Part 15, escalating from notice toward a change in the sharing arrangement, and is selected as the least severe measure adequate to address it. The Company does not treat the sharing of a subscription as a criminal matter or as a matter of computer-fraud law.

6. A change to the sharing rules. A change to the rules of this Section that tightens sharing for an existing subscriber — including a change that reduces the members with whom a subscription may be shared, or that newly conditions sharing on a home check-in — is a material change. The Company makes such a change only as Section 1.5 and the automatic-renewal terms in Section 4.4 provide: with at least thirty (30) days' advance Notice, a grace period, and the subscriber's affirmative consent before the change applies to that subscriber. The Company does not treat continued use or silence as consent to such a change.

Part 5 — Buyer Terms

This Part is Operative. It binds Buyers.

This Part states what a Buyer receives when the Buyer purchases through the Services — the license to a digital good, the durability of that entitlement and the Buyer-Continuity Guarantee, the Company's refund posture, and the terms that apply to in-person purchases. Where a Buyer also holds another Role, the Parts applicable to that Role bind the Buyer cumulatively, as Section 1.2 provides.

5.1 Buyer-Purchase License

1. What a Buyer receives. When a Buyer purchases a digital good through the Services, the Buyer receives a perpetual, personal, non-exclusive license to use that digital good for the Buyer's own personal use. The license is perpetual in the sense that it does not expire of its own accord; it continues subject to the access terms in Section 5.2.

2. License, not ownership of the underlying intellectual property. The Buyer is licensed to use the digital good. The Buyer does not, by purchasing, acquire ownership of the copyright or other intellectual property in the digital good, and the purchase does not grant a right to resell, redistribute, sublicense, or commercially exploit the digital good, except to the extent the Seller's own product terms expressly grant such a right or applicable law expressly permits it. The purchase conveys the license described in this Section; it is not a transfer of the underlying work.

3. The file the Buyer keeps. Where a digital good is delivered as a downloadable file, the Buyer keeps that file. The license to use it is personal to the Buyer and is not transferable except as Section 5.1(2) allows.

5.2 Digital-Goods Durability and the Buyer-Continuity Guarantee

1. Re-download and continued access. For a digital good the Buyer has purchased, the Company makes re-download or continued access available for as long as the Buyer maintains an Account and the Service operates. Because delivery occurs at purchase and, in the downloadable mode, the Buyer keeps the delivered file, this entitlement is bounded by the existence of the Buyer's Account and of the Service, and is not an open-ended guarantee of access beyond them. The Buyer's continued use of a downloaded file the Buyer already holds does not depend on the Account; it is the re-download and continued-access service that is so bounded.

2. Delivery modes. A digital good is supported in either of two delivery modes: a downloadable mode, in which the Buyer receives and keeps a file, and a stream-or-access-only mode, in which the Buyer accesses the good through the Services without receiving a separate file. The downloadable mode is the default; a Seller may choose the stream-or-access-only mode for a given good. The delivery mode and the durability of access are disclosed at checkout before the Buyer commits.

3. The Buyer-Continuity Guarantee — survival of the entitlement when a Seller leaves. A Buyer's entitlement to a digital good the Buyer has already paid for survives the departure of the Seller who sold it. If the Seller leaves the Services, the Company will continue to make the Buyer's paid entitlement available for the access window described in Section 5.2(1), so that the Buyer's purchase is not stranded by the Seller's exit; the Company may determine the means by which it does so. This continuation is provided out of the consideration the Company has already received on the sale. The commitments stated in Section 5.2(3) and Section 5.2(4) are the "Buyer-Continuity Guarantee."

4. No data ransom. A Buyer is never required to surrender personal data to a departing Seller, or to follow a departing Seller off the Services, in order to keep, re-download, or continue to access what the Buyer has already paid for. The Buyer's entitlement under this Section does not depend on the Buyer giving anything further to the Seller.

5. Beneficiary status. Buyers are limited intended third-party beneficiaries of the Buyer-Continuity Guarantee stated in this Section, and of no other provision of this Codex. The mechanics of that beneficiary status — its scope and its limits — are stated in Part 16, and this Section is to be read with it.

6. Wind-down window on discontinuation of the Service. If the Company discontinues the Service, or discontinues the relevant store, the Company gives affected Buyers Notice and, for a digital good supplied in the stream-or-access-only mode under Section 5.2(2), provides a window of at least thirty (30) days after that Notice during which a Buyer may download or export the good the Buyer has purchased, so that a Buyer of a stream-or-access-only good is not stranded by discontinuation of the Service. For a digital good supplied in the downloadable mode, the Buyer already holds the delivered file under Section 5.1(3), and that file is unaffected by discontinuation of the Service. The Buyer-Continuity Guarantee is bounded by the existence of the Service as stated in Section 5.2(1); the export window stated in this Section is the Company's commitment for stream-or-access-only goods at discontinuation. This durability, including its bounds, is disclosed at checkout before the Buyer commits.

5.3 Refunds

1. Refund posture. Consistent with the no-gimmicks billing in Section 4.3, the Company does not offer a money-back guarantee, and a digital good is generally non-refundable once it has been delivered. This posture is subject to the non-waivable consumer rights stated below and to a Seller's own stated refund or returns policy, which may be more generous.

2. Non-waivable consumer rights and cooling-off. Nothing in this Codex waives a refund, cancellation, withdrawal, or cooling-off right that applicable law makes non-waivable. Where such a right applies to you — including a statutory right of withdrawal for certain purchases — that right governs notwithstanding any "all sales final" or similar statement, and the Company honors it.

3. Physical goods. For a physical good, returns and refunds are handled under the applicable Seller's stated policy together with any non-waivable statutory right. The Seller's responsibility for the physical good is governed by Part 6.

4. Chargebacks and disputes. A Buyer who believes a charge is in error should first use the Company's support and dispute intake so the matter can be addressed directly. Where a Buyer initiates a chargeback or payment dispute with a card issuer or payment provider, the matter is handled through that provider's process; the allocation of chargeback responsibility between the Company and a Seller is governed by Part 6, and does not change the Buyer's rights under this Section.

5. Digital-content withdrawal-right consent. For a digital good supplied immediately, where applicable law conditions the loss of a statutory right of withdrawal on the Buyer's prior consent, the Company obtains, before delivery, the Buyer's express request to begin and the Buyer's acknowledgment that the Buyer thereby loses any statutory right of withdrawal, and supplies confirmation of that consent. Where that consent is not captured, the statutory withdrawal right applies and the Company honors it.

6. Good-faith disputes protected; abuse handled by process. The Company resolves disputes through its support and intake process and, where applicable, through the card networks' established dispute and representment mechanisms before treating any dispute as abusive. A Buyer who disputes a charge in good faith — including under the Fair Credit Billing Act or Regulation Z — is exercising a protected right, and the Company does not penalize, restrict, report, or take recovery action against a Buyer for doing so. The prohibition on first-party chargeback abuse in Section 2.4(13) reaches only a dispute the Company has determined, on the basis of evidence and after using the process described in this Section, to have been made knowingly and in bad faith; recovery from such a Buyer is governed by, and limited as stated in, Section 15.2(4).

5.4 In-Store and Point-of-Sale Purchases

1. Same terms; additional point-of-sale terms. A purchase a Buyer makes in person, through a point-of-sale or in-store flow operated through the Services, is governed by these Buyer terms. Such a purchase may also be subject to additional point-of-sale terms presented at or before the point of sale — including terms describing how an in-person purchase is linked to the Buyer's Account and how a digital or structured receipt is provided. Those additional terms supplement, and do not diminish, the rights stated in this Part.

5.5 Family and Minor Purchases

This Section states how a purchase by a Minor within a Family Account is approved, capped, and treated. It operates together with Section 2.7, which establishes Family Accounts, and with the no-gimmicks billing and subscription terms in Part 4. A Parent is the Account Holder and the party charged for a purchase approved under this Section.

1. Ask-to-Buy approval linked to the Parent. A Minor does not complete a purchase through the Services on the Minor's own authority. Where a Minor requests a purchase, the Company routes the request to the Parent for approval, and presents to the Parent — on the approval surface itself, before the Parent approves — the item and its price and the fact that approval will result in a charge. The purchase completes only on the Parent's affirmative approval, charged to the Parent's funding source. The Parent gives the express, informed authorization for the charge; the Minor does not.

2. The Allowance is a spending cap, not stored value. A Parent may set an Allowance for a Minor — a ceiling, settable to zero, on the amount the Minor may spend against the Parent's funding source within a period — within which the Minor may make a purchase without a separate per-purchase approval. The Allowance is a cap on approved spending and is not a stored, pre-loaded, or redeemable balance: the Company holds no monetary value for the Minor, does not auto-replenish the cap, and does not roll an unused cap over to the Parent's funding source. Funding an Allowance is the Parent's express, informed, and revocable consent to a bounded window of the Minor's spending up to the cap; the Parent may lower the cap, set it to zero, or revoke it at any time, and the Company discloses the cap, its period, and the categories it covers before the Minor spends against it.

3. Higher-risk purchases stay behind approval. A subscription or other recurring charge, and a purchase the Company designates as higher-risk, requires the Parent's per-purchase approval under Section 5.5(1) even where an Allowance is in effect; a Minor and an Allowance do not start a recurring charge without the Parent's renewal-specific consent under Section 4.4. The recurring-charge disclosures, the consent, and the cancellation rights in Section 4.4 are owed to and exercisable by the Parent as the billed Account Holder.

4. No dark patterns. The Company does not use a confusing, misleading, or manipulative design in any part of the purchase, approval, cancellation, refund, or dispute flow under this Section, and it does not penalize a Parent or Minor who disputes a charge by withdrawing access to unrelated goods or services the Parent has already paid for. The cancellation and refund paths are at least as easy to use as the path by which the purchase was made.

5. Unauthorized purchases by a Minor; refunds. Where a Minor makes a purchase through the Services without the Parent's authorization required by this Section — including a purchase outside, or in excess of, an Allowance the Parent set — the Parent may seek a refund of that charge through the Company's support and dispute intake, and the Company provides a clear and accessible path to do so. This Section operates together with the refund terms in Section 5.3 and the non-waivable consumer rights preserved there, and does not diminish any right a Buyer holds under Section 5.3.

Part 6 — Seller / Merchant Terms

This Part is Operative. It binds Sellers / Merchants.

This Part states a Seller's obligations and the Company's allocation of merchant-of-record status, chargebacks, reserves, payouts, fulfillment, product responsibility, and the handling of Buyer Data. Where this Part addresses Buyer Data, it operates together with Part 3, which states the Company's privacy roles and the Buyer-facing description of what a Seller receives.

6.1 Merchant-of-Record Allocation

1. Single-store sales — the Seller is the merchant of record. For a sale from a single Seller's store, the Seller is the merchant of record. As merchant of record, the Seller bears responsibility for chargebacks and refunds on that sale, and bears product responsibility for the goods or services sold, as further provided in this Part. The Company does not become the merchant of record for a single-store sale; this allocation is deliberate, so that chargeback and product responsibility rest with the Seller who controls the goods, the listing, and the customer relationship.

2. Multi-seller carts — the Company is the merchant of record by technical necessity. Where a single Buyer transaction spans goods from more than one Seller in one cart, the Company is the merchant of record for that transaction, because a single charge cannot otherwise be split across multiple Sellers' accounts. In that case, the economics of a chargeback, refund, or dispute attributable to a Seller are passed through to that Seller as Section 6.2 provides — by reversing the transfer of that Seller's share, by holding reserves, and through the Seller's indemnity — so that the Company's status as merchant of record by technical necessity does not shift the underlying economic responsibility away from the Seller whose goods are at issue. The Company's status as merchant of record for a multi-seller transaction is limited to settlement and dispute mechanics; product responsibility for each Seller's goods remains with that Seller under Section 6.4, and the Seller's warranty and indemnity, including for product-liability claims, apply to its goods in a multi-seller cart as in a single-store sale.

3. Clarity to Buyers. Where the Seller is the merchant of record under Section 6.1(1), the Company identifies the Seller to the Buyer so that the Buyer knows whom the merchant is for purposes of disputes and refunds. Where the Company is the merchant of record under Section 6.1(2), the Company identifies itself to the Buyer as the merchant for that transaction and routes the dispute, passing the economics to the responsible Seller under Section 6.2.

6.2 Chargebacks, Reserves, Payouts, and Negative Balances

1. Pass-through for platform-merchant-of-record sales. For a sale on which the Company is the merchant of record under Section 6.1(2), the Company may reverse the transfer of the Seller's share, withhold or recover the disputed amount, and require the Seller to indemnify the Company for a chargeback, refund, or dispute attributable to that Seller, including associated costs charged by a payment partner.

2. Single-store sales. For a single-store sale, chargebacks and refunds are the responsibility of the Seller as merchant of record under Section 6.1(1).

3. Reserves. The Company may establish and hold a reserve against a Seller's anticipated chargebacks, refunds, or other liabilities to the Company or to Buyers, in an amount and for a period reasonably related to that risk, and may apply the reserve to satisfy such liabilities. The Company releases the balance of a reserve when it is no longer reasonably required.

4. Payouts and offset. The Company pays out amounts owed to a Seller on the schedule and subject to the holds it describes through the Services. The Company may offset against amounts payable to a Seller any amount the Seller owes the Company or owes a Buyer under this Codex, including reversed transfers, refunds, reserves, and indemnified amounts.

5. Negative balances. Where a Seller's obligations to the Company or to Buyers exceed the amounts then payable to the Seller, the resulting negative balance is due from the Seller, and the Company may recover it by offset against future payouts or by other lawful means.

6.3 Buyer-Data Protection

1. Controller and processor. As provided in Part 3, the Company is the controller of Buyer Data. A Seller that receives Buyer Data through the Services acts as a processor of that Buyer Data and may use it only to fulfill and support the specific order to which it relates. The Seller's processing of Buyer Data is governed by this Section and by the data-processing terms the Company makes applicable to Sellers.

2. Permitted use only; no marketing, resale, or off-platform use. A Seller must not use Buyer Data for marketing, must not sell, rent, or otherwise disclose Buyer Data, must not enrich it, and must not export or load it into an external customer-relationship-management system or other off-platform system. The Seller may use Buyer Data only to fulfill and support the order, and for no other purpose, unless the Buyer gives separate, specific consent through a mechanism the Company provides. These restrictions bind the Seller's own personnel, contractors, and processors, and continue to apply to any Buyer Data the Seller lawfully retains after departure for as long as it is retained.

3. Minimum-necessary data. A Seller receives only the minimum Buyer Data necessary to fulfill and support the order. For a digital good, a Seller may receive nothing beyond what is necessary to record the entitlement. For a physical good the Seller fulfills, the Seller receives the shipping name and address necessary to ship the order, and nothing more than is necessary for that purpose.

4. Contact only through the Company. A Seller reaches a Buyer only through the Company's dashboard "Message customer" action, which the Company routes to the Buyer on the Seller's behalf. The Company does not provide the Seller with the Buyer's raw email address or telephone number. A Buyer may revoke a Seller's ability to initiate contact, and the Company may revoke a Seller's contact ability at any time. A Seller's ability to contact a Buyer deactivates when the Seller leaves the Services.

5. Delete-or-return on departure. When a Seller leaves the Services, or when the Company so directs, the Seller must delete or return the Buyer Data it holds, except to the minimum extent retention is required by law, and must cease all further use of it.

6. Residual data on direct-charge sales. On a single-store sale processed as a direct charge, the payment processor may expose some billing data, and for a physical good the shipping data, to the Seller's own processor account. This residual exists because of how a direct charge works and cannot be reduced to zero without the Company becoming the merchant of record, which it does not do for single-store sales. To the extent the Seller is, in fact, an independent controller of the billing data it receives directly through the payment processor on such a direct charge, the Seller is bound as such — by a controller-to-controller restriction — to the same limits: the Seller's use of any such data remains limited to fulfilling and supporting the order, and the prohibitions in Sections 6.3(2) through 6.3(5) apply to it whether the Seller holds the data as the Company's processor or as an independent controller. The restriction is contractual control, not a representation that the Seller never receives the data.

7. Consented contact sharing. Notwithstanding Section 6.3(2), where a Buyer gives separate, specific, affirmative consent through a mechanism the Company provides, the Seller may receive the Buyer's real contact information (such as an email address, telephone number, or postal address), may export and load it into the Seller's own systems (including a customer-relationship-management system), and may use it to contact the Buyer off the Services for the purpose to which the Buyer consented: the Buyer consents to the Seller contacting the Buyer about the Buyer's purchase from, or subscription to, that Seller, and the Buyer, not the Company, sets the purpose of that contact. As to such consented contact information, the Seller acts as an independent controller under its own privacy policy and is not the Company's processor for it; the Seller is bound by negative covenants reflecting the consumer-directed nature of the disclosure — it must not sell, rent, further disclose, or enrich the consented contact information, and it must honor the Buyer's opt-out and comply with applicable law, including the CAN-SPAM Act (15 U.S.C. §7704), as the Seller's own independent legal duty. These are negative covenants only: the Company does not determine the purposes or means of the Seller's processing of the consented contact information, does not jointly control it, and is not a joint controller of it; the Company's role is limited to the disclosure by transmission made at the Buyer's direction, and the Seller alone determines the purposes and means of its subsequent processing as an independent controller. Once the Company shares the consented contact information, the Seller contacts the Buyer off the Services and from the Seller's own systems; the Seller is the sole "sender" of those messages under 15 U.S.C. §7704, and the Company is not a sender or initiator of them. The Buyer may withdraw this consent at any time; withdrawal is forward-only — it re-masks the Buyer and drops the Buyer from future exports going forward, but does not affect the lawfulness of, or claw back, contact information already shared or exported, and the Buyer's separate erasure rights are stated in Part 3. Consented contact information the Seller has exported is the Seller's own contact, and is not part of the Company's Buyer base under Section 10.8; the delete-or-return-on-departure duties in Sections 6.3(5) and 10.8(2) apply to any consented contact information the Seller still holds on the Services. A Seller's breach of the covenants in this Section is a breach of this Codex, subject to the Company's enforcement under Part 15 and Section 6.7 — including a warning, a restriction or loss of standing, suspension, and termination — and is the basis on which the Company acts on a Buyer's report that a Seller has misused consented contact information. This contractual commitment and the Company's enforcement of it, and not any technical control over data a Seller already holds, are the Buyer's protection once the contact information is in the Seller's hands. Nothing in this Section limits the Company's responsibility for its own conduct, which remains governed by Part 3, Part 12 (including the matters not limited or excluded under Section 12.4), and applicable law.

6.4 Seller Obligations and Warranties

1. Lawful goods and accurate listings. A Seller must offer and sell only lawful goods and services, must describe them accurately and not misleadingly in its listings, must honor the terms of its listings, and must comply with the laws applicable to its goods, services, and business, including consumer-protection, labeling, and regulatory requirements.

2. Responsibility for products. A Seller is responsible for the goods and services it sells, including their quality, safety, conformity to description, fulfillment, and after-sale support.

3. Warranty. Each Seller warrants, with respect to the goods and services it sells, that they are lawful, that they are safe and compliant for their intended use, that they conform to their listings, and that they do not infringe or misappropriate the intellectual-property or other rights of any person. This warranty is given by the Seller; it is scoped to the Seller's own goods, services, and listings, and is not a warranty by the Company.

4. Indemnity. A Seller indemnifies the Company for claims arising out of the Seller's goods, services, or listings, including product-liability claims, claims of infringement, and claims of non-compliance with law, as further provided in Part 13.

5. Buyer's tort rights are not limited. The warranty and liability disclaimers and the limitations of liability in this Codex, including those in Part 12, do not, and are not represented to, limit or waive a Buyer's non-waivable product-liability or other tort rights against the responsible Seller, or as applicable law otherwise requires. The Seller's responsibility for its goods does not eliminate any liability a marketplace may bear to an injured person under applicable product-safety or product-liability law; the Company addresses that exposure through the Seller's warranty, the Seller's indemnity, and the Company's reserved insurance right in Section 6.5, and not by a representation that any disclaimer immunizes a product-liability claim.

6.5 Insurance

1. No general requirement. The Company does not require a Seller to carry general or product-liability insurance as a condition of using the Services.

2. Reserved right for high-risk categories. The Company reserves the right to require a Seller to provide proof of product-liability or other appropriate insurance where the Seller offers goods in a higher-risk category — including ingestibles, electrical goods, products for children, and regulated goods — and to condition the Seller's continued offering of such goods on that proof. This is a reserved right exercised by category and risk; it is not a general insurance mandate.

6.6 Fulfillment and Shipping

1. Fulfillment. A Seller must fulfill, ship where applicable, and support its orders in accordance with its listings and applicable law. Where the Services offer shipping tools, a Seller receives the shipping label and tracking necessary to ship the order, consistent with the minimum-necessary handling of Buyer Data in Section 6.3(3).

2. Accurate fulfillment information. A Seller is responsible for the accuracy of the fulfillment, shipping, and inventory information it provides through the Services.

6.7 Seller Suspension and Termination

1. Advance notice and statement of reasons. Before the Company terminates a Seller, the Company gives the Seller at least thirty (30) days' advance Notice and a statement of the reasons for the termination, as provided in Section 2.6(5). This protection is in addition to the general due-process protections in Section 2.6, and the enforcement and monetary-remedy mechanics in Part 15 apply to a Seller as they do to any User.

2. Immediate action. The advance-notice requirement in Section 6.7(1) does not apply where the Company may act immediately under Section 2.6(4) — including conduct described in Section 2.4(2) or 2.4(3), a credible security threat, fraud, a court order or other legal requirement, or repeated infringement. In such a case the Company may suspend or terminate the Seller without the thirty-day Notice, subject to the statement-of-reasons and appeal provisions of Section 2.6 as they apply.

3. Appeal. A Seller may appeal an enforcement action through the internal appeal pathway, which is the entry point to the Code of Authority process described in Part 14, as provided in Section 2.6(3).

6.8 Seller Departure and Customer Continuity

1. A Seller's own contacts versus the Company's Buyer base. A Seller that leaves the Services may take its own contact list — the contacts the Seller brought to or independently developed on the Services — but may not take, copy, or repurpose the Company's Buyer base or the Buyer Data the Company collected, which remains subject to Section 6.3 and to Part 3.

2. Buyer continuity applies. A Seller's departure does not extinguish a Buyer's entitlement to what the Buyer has already paid for. The Buyer-Continuity Guarantee in Section 5.2 applies, and the Company may continue to serve paid Buyers for the access window described there.

3. Pointer to Part 10. The full doctrine governing a Seller's departure, including the limits on restricting a Seller's lawful trade and the Sale-of-a-Venture mechanics, is stated in Part 10 (Competequo). This Section operates together with that Part.

6.9 Content Rating and Family-Safe Certification

This Section states how a Seller rates the age-appropriateness of the products, applications, experiences, and other surfaces it offers through the Services, how the Company relies on that rating to gate access by a Minor, and how the Company enforces against a mis-rating. It supports the Family Accounts established under Section 2.7 and the data-handling stated in Section 3.7, and it operates together with the warranty and indemnity framework in Part 13. The Content Rating is rated by the Seller; it is not a representation or warranty by the Company.

1. The Seller completes the rating questionnaire. Where a Seller offers a surface that may be served to a Minor, or that the Seller wishes to make eligible for family-safe surfaces, the Seller completes the Company's rating questionnaire for that surface. From the Seller's answers, the Company derives a Content Rating — an Age Band and a set of content descriptors — by a consistent mapping the Company maintains. The Company provides the questionnaire and the mapping as a neutral tool; the inputs, and the resulting Content Rating, are the Seller's.

2. The Seller attests and warrants the Content Rating. By completing the questionnaire and offering the surface, the Seller attests that its answers are accurate and complete, and warrants that the resulting Content Rating — including the Age Band and the content descriptors, and including whether the surface contains mature or adult content or explicit content that is hard-gated from family-safe surfaces — correctly describes the age-appropriateness of the surface. This attestation and warranty are given by the Seller; the Content Rating is rated by the Seller and is not a representation or warranty by the Company that any surface is suitable for any Minor or is "safe for kids."

3. Indemnity for mis-rating. The Seller indemnifies the Company for a claim arising out of or relating to a Content Rating the Seller gives, including a claim that a surface was mis-rated, under-rated, or wrongly attested as suitable for a Minor or as free of hard-gated content. This indemnity is part of, and is enforced under, the Seller's indemnification obligation in Part 13, and it operates together with the Seller's warranty in Section 6.4(3) and its listing accuracy obligations in Section 6.4(1).

4. Recertification on material change and periodically. A Seller must complete the questionnaire again, and update its Content Rating, when the Seller materially changes the content or behavior of a rated surface in a way that would change the resulting Content Rating, and on the periodic cadence the Company sets. A Content Rating that has become stale, or that no longer reflects the surface, is not a current Content Rating for purposes of Family-Safe Certification.

5. The Seller must respond to a mis-rating report. The Company provides a means for a User to report that a surface is mis-rated. A Seller must respond to the Company's notice of a credible mis-rating report concerning the Seller's surface, and must correct its questionnaire answers and Content Rating where the report is well-founded. The Company may act on a report under Section 6.9(7) whether or not the Seller has responded.

6. The Company's reasonable reliance. The Company reasonably relies on the Seller's attested Content Rating to gate access by a Minor at the Company's service layer, as Section 2.7(5) provides. That reliance is reasonable because it rests on a current, Seller-attested Content Rating, is supported by the report-and-correction process in this Section, and is paired with the enforcement ladder below. The Company's reliance on a Seller's Content Rating is not, and is not to be construed as, the Company's own representation or warranty that the surface is suitable for a Minor.

7. Enforcement gates Minors; it does not unpublish or remove the Seller. Where the Company determines, on a credible report or its own review, that a surface is mis-rated or lacks a current Content Rating, the Company applies a proportionate measure from the following ladder, escalating as the circumstances warrant: (a) raising the surface's Age Band; (b) requiring the Seller to complete the questionnaire again before the surface is served to a Minor; (c) gating the surface from Minors — serving it only to adults — pending the Seller's correction; and (d) withdrawing the surface's Family-Safe Certification. For repeated or deliberate mis-rating, the Company may also restrict or suspend the Seller's participation in family-safe surfaces and may invoke the indemnity in Section 6.9(3). Each of these measures gates or limits access by Minors only. None of them unpublishes the surface, removes it, or ends its availability to adults, who retain full access to the surface throughout. A measure under this Section is an enforcement of family-safe gating and is distinct from a suspension or termination of the Seller under Section 6.7; where the Company instead suspends or terminates the Seller as a User, it does so under Section 6.7 and Part 15, with the due process those provisions require.

8. Adult availability and lawful content unaffected. Nothing in this Section requires a Seller to make its surface suitable for a Minor, and a Seller may offer lawful adult or mature content to adults. The consequence of declining or failing to obtain a Family-Safe Certification is that the surface is not served to a Minor; it is not a restriction on the Seller's lawful offering to adults. This Section concerns age-appropriateness gating for Minors and does not enlarge the acceptable-use rules in Part 2, which apply to all Content regardless of any Content Rating.

Part 7 — Developer / App Artisan

This Part is Operative. It binds Developers / App Artisans.

This Part states the terms of the App Artisan Program: how a Developer is admitted, the limited access a Developer may be granted to select Company code and tools and the scope and limits of that access, the confidentiality that flows down with it, the Growth Rate that applies to a Developer's sales, the boundaries of what a Developer may build and derive, the deference owed to open-source licenses, the limits of the Company's gatekeeping of third-party code, and the notice-and-takedown process for intellectual-property claims. Where this Part addresses non-public Company code, concepts, or materials, it operates together with Part 8, which binds the Developer as to anything confidential the Developer accesses, and Part 9, which governs intellectual property.

7.1 The App Artisan Program

1. What the Program is. The App Artisan Program is the framework through which a Developer builds on, extends, or accesses the Company's code, tools, or platform, and through which a Developer may offer applications, extensions, plugins, or components to other Users. A person who participates in the Program, or who builds on, extends, or accesses the Company's code, tools, or platform, is a Developer and is bound by this Part, as Section 1.1 provides.

2. Qualification and admission. Admission to the Program is at the Company's discretion and may be conditioned on the Developer meeting the Program's stated requirements, which may include being of the age and capacity required by Section 2.1, providing accurate identifying and tax information, completing the identity-verification and onboarding steps the Company's payment partner requires under Section 4.6, and affirmatively accepting this Codex. As additional conditions of admission and of continued participation, the Developer must (a) maintain an active, paid subscription to the Company's App Studio Max plan, and (b) pay the Program's then-current identity-verification fee. These conditions exist to assure Developer identity, to deter automated and bad-faith abuse of the Program, and to support genuine engagement; the identity-verification fee funds identity verification and onboarding and is not a charge on, or a substitute for, the Growth Rate under Section 7.4. The Company may require a Developer to renew or repeat identity verification from time to time — on a periodic cadence, when a security, fraud, or risk signal reasonably warrants it, or when the Developer's identifying, tax, or beneficial-ownership information materially changes — and the Developer's continued participation is conditioned on completing a required re-verification within the time the Company states. A re-verification may carry the then-current identity-verification fee, disclosed before it is incurred. Consistent with the no-gimmicks billing commitments in Section 4.3, the App Studio Max subscription charge and the identity-verification fee — including the amount of the fee, any recurrence, and whether it is refundable — are disclosed clearly and conspicuously at enrollment, before they are incurred, and are billed as line items separate from the Growth Rate. The App Studio Max plan remains separately available to persons who are not Developers, and these conditions are imposed to administer the Program and to assure identity, and not to restrict competition in any other market. The Company may decline admission, and may condition or revoke admission, where a requirement is not met or where the Company has a good-faith basis under Section 2.6 to do so.

3. Listing obligations. A Developer that offers an application, extension, plugin, or component to other Users must describe it accurately and not misleadingly, must keep its description and behavior consistent, must honor the terms on which it offers it, and must comply with the laws applicable to it. The accurate-listing and acceptable-use obligations of Part 2 apply to a Developer's offerings as they apply to any listing.

7.2 Grant and Scope of Access

1. Limited, licensed, revocable access. Where the Company grants a Developer access to specified Company code, tools, interfaces, or materials, that access is a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to use the granted items solely for participating in the Program and building permitted offerings in accordance with this Codex. The Company grants no right beyond what it expressly grants, and reserves all rights not expressly granted.

2. Ownership unchanged. The granted code, tools, interfaces, and materials, and all modifications, improvements, and derivatives of them that embody the Company's own software or Confidential Information, remain the property of the Company, as provided in Part 9. A grant of access conveys no ownership of the Company's intellectual property and is not a sale of it.

3. Scope and limits. A Developer accesses the Company's code, tools, and interfaces only through the means the Company makes available for that purpose and within the limits the Company sets, including authentication requirements, scopes, usage limits, and rate limits. A Developer must not exceed the granted scope, must not access code, tools, data, or interfaces it has not been granted, and must not circumvent any control on that access, consistent with Section 2.4(10). The Company may modify, limit, suspend, or revoke a grant of access where it has a good-faith basis under Section 2.6 to do so, and access ends on termination of the Developer's participation in the Program.

4. Extensions, integrations, and issued credentials. An extension or third-party integration executes on the Developer's own infrastructure and accesses the Services only through the API calls, webhooks, and event subscriptions the Company makes available, using the credentials the Company issues, and only within the scope, usage limits, and rate limits the Company sets under Section 7.2(3); the Company does not load or run an extension's code. A Developer must use issued credentials, key pairs, and rotating tokens only as authorized and within granted scope; must safeguard them against unauthorized access, use, disclosure, or loss, using measures no less protective than Section 8.2(3) requires, and must not embed, share, or expose them; must not exceed its granted API, webhook, or event scope, or access anything it has not been granted, consistent with Sections 2.3(4) and 2.4(10); and must report any actual or reasonably suspected compromise of those credentials, or any security incident affecting its integration or its authentication with the Services, to the Security contact without undue delay and in no event later than five (5) business days after it confirms a reportable compromise or incident, as Section 7.7(5) provides. The Company may rotate, suspend, or revoke issued credentials, and may suspend or revoke a grant of access, where it has a good-faith basis under Section 2.6 to do so.

7.3 Confidentiality Flow-Down

1. Bound by Part 8. Any non-public Company code, concept, design, roadmap, method, material, or other information that a Developer accesses through the Program or otherwise under this Part is Confidential Information, and the Developer is bound by Part 8 as to it. This is how the Company protects its non-public code and concepts — as Confidential Information and trade secrets under Part 8 — and not by any claim of ownership over the Developer's own independent ideas.

2. Use and disclosure limited. A Developer must not use Company Confidential Information except as permitted to participate in the Program and build permitted offerings under this Codex, and must not disclose it, except as Part 8 permits. The obligations of Part 8 survive as that Part provides.

7.4 Fees

1. Growth Rate on Developer sales. A Developer's sales of applications, extensions, plugins, or components through the Services are digital-goods sales and are subject to the Growth Rate for digital goods and subscriptions stated in Part 4 and in the Schedule — Growth Rate / Pricing. The Growth-Rate principles in Section 4.2, including the no-cap, down-only, founding-ceiling, and two-line-disclosure commitments, apply to a Developer as they apply to any Seller. Where a Developer also acts as a Seller, the Parts applicable to that Role bind the Developer cumulatively, as Section 1.2 provides.

2. Admission conditions are distinct from the Growth Rate. The App Studio Max subscription and the identity-verification fee that condition admission to the Program under Section 7.1(2) are conditions of participation and identity assurance; they are distinct from, and are not, a transactional charge on a Developer's sales. The Growth Rate is the Company's sole transactional take, as Sections 4.1(3) and 10.3 provide.

7.5 Derivative-Works Boundaries

1. What a Developer may build. A Developer may build applications, extensions, plugins, and components that operate with or extend the Services within the granted scope, and may create and own the original work the Developer independently authors.

2. What a Developer may not build. A Developer must not create a derivative work of the Company's own software, code, or other materials using the Company's Confidential Information, and must not replicate, reproduce, or reconstruct the Company's own software or products using the Company's Confidential Information or in a manner that infringes the Company's intellectual property. These boundaries are anchored on the Company's intellectual-property and trade-secret rights, as provided in Parts 8, 9, and 10.

3. Independent creation is not prohibited. This Part does not prohibit a Developer from independently creating a product, including a competing product, where the Developer does so without using the Company's Confidential Information and without infringing the Company's intellectual property. Independent creation that meets the exclusions in Section 8.4 is outside the boundaries stated in Section 7.5(2). Nothing in this Part is, or is to be read as, a general restraint on a Developer's lawful trade; the limits stated here are the use of Confidential Information and the infringement of the Company's intellectual property, and nothing more.

7.6 Open-Source and Copyleft Deference

1. The open-source license governs its component. Where a component a Developer uses or distributes carries an open-source license — including a copyleft license such as the GNU General Public License or the GNU Affero General Public License — that license governs that component, and this Codex does not impose on that component any further restriction beyond what its open-source license permits. To the extent a term of this Codex would conflict with the open-source license of a component, this Codex yields as to that component.

2. Disclosure of components. A Developer must disclose the open-source components it uses or distributes, identified in a machine-readable, SPDX-style list of components and their licenses, so that the Company can determine the licenses that apply. A Developer is responsible for complying with the open-source licenses of the components it uses or distributes.

3. Screening of incompatible licenses. Because a network-copyleft license such as the GNU Affero General Public License can impose source-disclosure obligations on a hosted or distributed service, the Company may screen a Developer's components and may refuse to host, distribute, or admit a component whose license is incompatible with the Company's operation of the Services. This screening right is exercised by license and compatibility; it is not a representation that the Company has reviewed a component for any other purpose.

7.7 Plugin and Extension Safety

1. Curated screen; not a warranty, and no reliance. Only a member of the App Artisan Program may offer an application, extension, plugin, or component through the Services, and before an item is made available the Company conducts a limited, internal pre-admission screen of it for the Company's own curation, integrity, and platform-protection purposes. The screen differs by type: a plugin — code the Company loads and runs in-trust on its own systems — receives a code-level screen; an extension (a third-party integration) — which executes on the Developer's own infrastructure and integrates with the Services through API calls, webhooks, and event subscriptions within its granted scope, and whose code the Company does not load or run — receives a testing-and-usefulness screen. The screen is conducted solely for the Company's benefit; it creates no duty to, and no promise running to, any Developer, User, or other person, no person is an intended beneficiary of it, and it does not increase, and is not intended to increase, any risk to any person beyond the risk that would exist absent the screen — a User remains responsible for its own precautions. The screen is not, and no Developer, User, or other person may rely on it as, a representation, warranty, guarantee, or condition that any application, extension, plugin, or component is safe, secure, error-free, fit for any purpose, of any quality, free of defects or of malware or other harmful code, non-infringing, or compliant with law; the Company's decision to permit an item to be offered, and its availability, are not an endorsement, recommendation, or quality judgment. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY DISCLAIMS ALL IMPLIED WARRANTIES AND CONDITIONS, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT, AS TO THIRD-PARTY APPLICATIONS, EXTENSIONS, PLUGINS, AND COMPONENTS, consistent with Section 12.1. Where the Services present such an application, extension, plugin, or component as screened or curated, the Company presents the limitation in this Section conspicuously and proximately to that presentation. The fact that the Company has screened, tested, permitted, or made available an item does not relieve the Developer of any obligation under Section 7.7(3) or elsewhere in this Codex, and nothing in this Section addresses or limits the Company's own duties under Part 3 or applicable law for the Company's own conduct. As Section 12.1(3) provides, this is a commitment that the Company conducts the limited screen described, and is not an absolute or factual warranty.

2. Known-malware takedown. The Company maintains a process to disable or remove code that it identifies, or that is reported to it and confirmed, as malware, and acts to remove or disable an application, extension, plugin, or component it confirms contains malware without undue delay after that confirmation. This is a commitment to act on confirmed known malware without undue delay; it is not a representation that the Company's screen detects all malware or identifies every defect or harmful component, and it is not a fixed-time service-level guarantee.

3. Developer security and abuse obligations. A Developer warrants that the applications, extensions, plugins, and components it offers are lawful, do not contain malware or other harmful code, do not infringe or misappropriate the rights of any person, and do not violate Part 2. A Developer must promptly remediate or remove an offering that fails to meet these obligations, and must cooperate with the Company's security and abuse processes.

4. Removal and kill-switch. The Company may remove, disable, or block an application, extension, plugin, or component, including by a remote kill-switch, where it has a good-faith basis to believe the item violates this Codex, contains malware or other harmful code, infringes the rights of a person, or exposes the Company, the Services, or others to legal or security risk. The Company may act immediately where Section 2.6(4) permits. A Developer is subject to the statement-of-reasons and appeal provisions of Section 2.6 as they apply.

5. Authentication providers and identity integrations. A Developer that operates an authentication provider or identity integration that participates in a User's authentication to the Services (an "Integration Operator") accepts this Codex as a condition of participating, is bound by this Part and by Sections 2.3 and 2.4, and is an embedded operator within the Program — no separate agreement is required. An Integration Operator warrants that it will not, and that its integration will not: (a) create, forge, assert, or select any Universe identity, or name, mint, or create any user identifier; (b) assign, elevate, or assert any role, permission, or entitlement; (c) mint, issue, extend, or set any session or session credential; (d) harvest, retain, log, or transmit any credential, authentication secret, or personal data beyond the minimum it is expressly permitted to verify and return; (e) exceed its granted API, webhook, event, or other scope, or bypass, weaken, or circumvent any authentication, authorization, rate, or other control of the Services; or (f) misrepresent the assurance level or outcome of a verification it performs. An Integration Operator returns only the attestation the Company's interface defines, and the Company alone resolves identity, account creation, linking, role, and session. An Integration Operator must protect its issued credentials as Section 7.2(4) requires and must report a compromise of those credentials, or an incident affecting the authentication it performs, to the Security contact without undue delay and in no event later than five (5) business days after it confirms a reportable compromise or incident. The operative obligation is to report without undue delay; the five (5) business-day period is an outer limit and not a target, reflecting the Integration Operator's heightened, identity-critical role. It operates alongside, and addresses a different role and risk than, the ordinary account-reporting window in Section 2.2(4). A breach of this Section is a material breach, and the Company may suspend or revoke the integration immediately under Sections 2.6(4) and 7.7(4); an immediate suspension or revocation under this Section carries the statement-of-reasons and appeal provisions of Section 2.6 as they apply, consistent with Section 7.7(4).

7.8 DMCA and Third-Party Rights for Plugins

1. Notice-and-takedown for plugin intellectual property. A claim that an application, extension, plugin, or component infringes a copyright or other intellectual-property right is handled through the notice-and-takedown, counter-notice, and repeat-infringer process stated in Section 9.6, including the designated Copyright Agent identified in Section 9.6. A Developer must not offer an application, extension, plugin, or component that infringes or misappropriates the intellectual-property or other rights of any person, and the Company may remove or disable an offering subject to a compliant notice as Section 9.6 provides.

Part 8 — Confidentiality and Trade Secrets

This Part is Operative. It binds anyone who receives Confidential Information, including Users, Sellers, Developers / App Artisans, partners, and contractors.

This Part is how the Company protects its non-public concepts, designs, roadmaps, methods, code, and other ideas — by treating them as Confidential Information and trade secrets, and not by claiming ownership of anyone else's independent ideas. It defines Confidential Information, states the obligations of a person who receives it, identifies who is bound, sets out the standard exclusions that keep those obligations fair and enforceable, and provides for the survival of the obligations, the return or destruction of the information, and the relief available for a breach. This Part operates together with Part 9, which governs intellectual property, and Part 10, which re-anchors the Company's anti-circumvention doctrine on the enforceable rights this Part and Part 9 establish.

8.1 Confidential Information

1. Definition. "Confidential Information" means non-public information disclosed by or on behalf of the Company to a person, in any form and whether or not marked or designated as confidential, that the person knows or reasonably should understand to be confidential from its nature or the circumstances of its disclosure. Confidential Information includes, without limitation, the Company's non-public concepts, designs, product roadmaps, plans, methods, processes, algorithms, source code, data, pricing methods, and the non-public business know-how the Company develops and keeps to itself — the Company's "secret sauce."

2. How the Company protects its ideas. This Part is the means by which the Company protects its ideas and concepts: it protects them as Confidential Information and, where they qualify, as trade secrets. The Company does not, by this Part or elsewhere in this Codex, claim ownership of any other person's independent ideas or concepts. A person's own ideas, developed independently and without use of the Company's Confidential Information, are that person's own, and the exclusions in Section 8.4 make this explicit.

3. Trade-secret subset. Confidential Information that derives independent economic value from not being generally known and that is the subject of the Company's reasonable measures to keep it secret is a trade secret. The Company maintains reasonable measures to preserve the secrecy of its trade secrets, and trade-secret information is protected for as long as it remains a trade secret, as Section 8.6 provides.

8.2 Obligations

1. No use except as permitted. A person who receives Confidential Information must not use it except as necessary to use the Services or to perform that person's role under this Codex, and must not use it for any other purpose or for the benefit of any other person.

2. No disclosure. A person who receives Confidential Information must not disclose it to any other person, except to those of the recipient's own personnel or contractors who need it to use the Services or perform under this Codex and who are bound by confidentiality obligations at least as protective as this Part. The recipient is responsible for a disclosure by a person to whom it discloses Confidential Information.

3. Protective measures. A person who receives Confidential Information must protect it using measures at least as protective as those the recipient uses for its own confidential information of like importance, and in no event less than reasonable measures.

8.3 Who Is Bound

1. Recipients bound. This Part binds any person who receives Confidential Information, including a User, a Seller, a Developer / App Artisan, a partner, and a contractor. For a Developer, this Part operates together with the flow-down in Section 7.3.

2. Flow-down. A person who is permitted under Section 8.2(2) to let another person access Confidential Information must first bind that other person to confidentiality obligations at least as protective as this Part, and remains responsible for that person's compliance.

8.4 Exclusions

1. What is not Confidential Information. The obligations of this Part do not apply to information that the recipient can show: (a) was or became publicly known through no act or omission of the recipient in breach of this Part; (b) was independently developed by the recipient without use of or reference to the Company's Confidential Information; (c) was lawfully received by the recipient from a third party that was free to disclose it without restriction; or (d) was already lawfully known to the recipient, without obligation of confidentiality, before the Company disclosed it.

2. Independent creation preserved. Because of the exclusion in Section 8.4(1)(b), this Part does not prohibit, and is not to be read to prohibit, a person from independently developing a product, concept, or work without using the Company's Confidential Information. This Part protects the Company's non-public information; it does not restrain a person's lawful, independent creation.

8.5 Compelled Disclosure

1. Disclosure required by law. If a recipient is required by law, regulation, or legal process to disclose Confidential Information, the recipient may disclose the minimum necessary to comply, and, where lawful to do so, gives the Company prompt notice before disclosing so that the Company may seek a protective order or other protection. Disclosure made under this Section does not make the information cease to be Confidential Information for any other purpose.

2. Defend Trade Secrets Act immunity notice. An individual is not held criminally or civilly liable under any federal or state trade-secret law for the disclosure of a trade secret that is made (a) in confidence to a federal, state, or local government official, directly or indirectly, or to an attorney, solely for the purpose of reporting or investigating a suspected violation of law, or (b) in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal, as provided in 18 U.S.C. § 1833(b).

8.6 Survival, Return or Destruction, and Relief

1. Survival. The obligations of this Part survive the termination of this Codex and of a person's use of the Services. As to the trade-secret subset, the obligations survive for as long as the information remains a trade secret. As to other Confidential Information, the obligations survive for so long as the information remains confidential and is not within an exclusion in Section 8.4.

2. Return or destruction. On the Company's request, or on termination of a person's role under this Codex, a recipient must return to the Company or destroy the Confidential Information in its possession or control, and must confirm that it has done so, except to the minimum extent retention is required by law, in which case the retained information remains subject to this Part for as long as it is retained.

3. Injunctive relief. A recipient acknowledges that a breach or threatened breach of this Part may cause the Company harm for which monetary damages would be an inadequate remedy. Accordingly, in addition to any other remedy available, the Company may seek injunctive or other equitable relief to prevent or stop a breach, without the necessity of posting a bond where permitted by law. This Section operates with, and does not enlarge or reduce, the intellectual-property and injunctive carve-out from arbitration stated in Part 14.

Part 9 — Intellectual Property

This Part is Operative. It applies to every person to the extent its subject matter concerns that person.

This Part states who owns what, the license a User grants the Company in the Content the User uploads, the Company's disclosed use of Content to train its artificial-intelligence systems and the opt-outs that apply, the handling of feedback and moral rights, the Company's notice-and-takedown process for intellectual-property claims, and the rules for using the Company's brand and marks. It is anchored on the Company's own intellectual-property and trade-secret rights and on the license a User grants; it does not claim ownership of any person's independent ideas, which are addressed, where they are the Company's Confidential Information, by Part 8.

9.1 Company Intellectual Property

1. Ownership. The Company owns, or licenses from its licensors, all right, title, and interest in and to the Services and their components, including the Company's software, application and storefront engine, service code, the text of this Codex, designs, design system, user-interface graphics, databases, and the Company's names, brands, trademarks, service marks, trade dress, copyrights, and trade secrets. Nothing in this Codex transfers any of those rights to a User, and all rights not expressly granted are reserved.

2. Trademark-notice discipline. The Company uses the registered-trademark symbol "®" only for a mark that is in fact registered — namely the Company's registered stylized design mark — and uses the trademark symbol "™" for its other names and marks that are claimed but not registered as word marks. The Company describes its marks as registered or pending as applicable, and does not claim a registration it does not hold. A User must not represent that an unregistered mark of the Company is registered.

3. No claim over independent ideas. The Company does not claim ownership of, and acquires no rights in, a User's underlying ideas, concepts, business methods, or know-how. The Company protects its own non-public concepts and methods as Confidential Information and trade secrets under Part 8, and not by any claim of ownership over ideas; this Part does not enlarge that protection into an ownership claim over anyone's ideas.

4. License to use the Services. Subject to this Codex, the Company grants a User a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the Services for their intended purpose. All rights not expressly granted are reserved to the Company.

9.2 User-Content License

1. The User retains ownership. As between the User and the Company, the User retains ownership of the Content the User provides, submits, uploads, records, posts, or transmits through the Services.

2. The license granted. The User grants the Company a non-exclusive, worldwide, royalty-free, and sublicensable license — transferable by the Company only in connection with an assignment of this Codex permitted under Section 16.2 — to host, store, use, reproduce, display and publicly display, perform and publicly perform, distribute, adapt and modify for formatting and display, create derivative works of, and promote the Content, solely in connection with operating, securing, providing, and promoting the Services. Each sublicense the Company grants is limited to the same purposes. This license is non-exclusive, so that the Content remains the User's to use and license elsewhere.

3. Duration; survival on deletion. The license subsists while the Content is hosted through the Services. When the User deletes the Content or the User's Account, the Company's right to make new uses of the raw, original Content ends, except that the following survive that deletion:

a. derivative and marketing materials the Company already created before the deletion — including an advertisement, promotion, compilation, or preview already produced — which remain licensed and may continue to be used (this is the "ad already in flight" rule: an advertisement the Company has already produced and put into circulation does not have to be withdrawn because the underlying Content was later deleted);

b. copies the Company already distributed or sublicensed before the deletion, including copies delivered or sublicensed to Buyers, which remain governed by the license under which they were distributed, including the Buyer-purchase license in Part 5;

c. copies retained in the Company's routine backups, pending their scheduled deletion in the ordinary course; and

d. data the Company has aggregated or de-identified so that it no longer identifies the User or the Content.

The survival stated in this Section is a survival of the Company's copyright license in the expressive work; it is not a basis for the continued processing of personal data after a valid erasure or consent-withdrawal request. Where a surviving derivative or copy under (a) or (b) still identifies a data subject, the Company, on a valid request under Section 3.4 or Section 3.5, de-identifies the personal data within it or ceases the identifying use, unless an independent exception in Section 3.5(2) through (5), or an applicable statutory exception (including Article 17(3) of the General Data Protection Regulation or California Civil Code Section 1798.105(d)), independently permits retention. To that extent, Part 3 governs the personal-data dimension and this Section governs the copyright dimension.

4. No perpetual grab. Except for the surviving uses stated in Section 9.2(3), the Company does not retain a perpetual or irrevocable right to make new uses of deleted Content. The license is the right the Company needs to operate and promote the Services with the Content the User chooses to host, and no more.

9.3 Artificial Intelligence and Model Training

1. Disclosed training use. The license in Section 9.2 expressly includes using Content to operate, improve, and train the Company's artificial-intelligence systems and models. The Company discloses this training use specifically, here and in Part 3.

2. Sensitive-content opt-out. A User may opt out of the use of Content for training by flagging that Content as sensitive through the mechanism the Company provides, and the Company excludes Content so flagged from training.

3. Protected health information is never used. The Company never uses protected health information to train any artificial-intelligence system or model. This carve-out admits no exception and is stated also in Part 3 and Part 11. Data that has been de-identified in compliance with HIPAA is not protected health information, and its use is governed by the Business Associate Agreement rather than by this carve-out.

4. Machine-readable reservation honored. Where applicable law provides a machine-readable means to reserve content from text-and-data-mining or training use — including the reservation recognized under European Union law — the Company honors a valid reservation expressed by that machine-readable means to the extent the law gives it effect.

5. Material retroactive changes. A material change to how the Company uses existing Users' Content for training is a material change made only as Section 1.5 provides, including advance Notice and, where that Section requires it, your affirmative agreement.

9.4 Feedback

1. Assignment of feedback. Where a User voluntarily provides the Company with feedback, suggestions, or ideas about the Services, the User assigns to the Company all right, title, and interest, including intellectual-property rights, in that feedback, which the Company may use for any purpose without confidentiality obligation and without compensation to the User. This Section is limited to feedback about the Services and does not reach a User's pre-existing or independent works, and feedback a User volunteers is not the Company's Confidential Information under Part 8.

9.5 Moral Rights

1. Waiver where permitted; consent where not. To the extent permitted by applicable law, the User waives, and agrees not to assert, any moral rights the User has in the Content with respect to the acts contemplated by the license in this Part. Where applicable law does not permit a waiver of moral rights, the User consents to the acts contemplated by the license in this Part to the fullest extent that law permits a consent. This Section does not purport to effect an absolute waiver where the law forbids one.

9.6 Notice-and-Takedown

1. Designated Copyright Agent. The Company maintains a designated Copyright Agent to receive notices of claimed copyright infringement, identified by the role "Copyright Agent, The EGT Universe, LLC" and reachable at dmca@egt.studio and through the Company's takedown web form (the "Copyright / DMCA contact"). The Copyright Agent is also listed, as Section 512 requires, in the U.S. Copyright Office's directory of designated agents and on the Services, at the registered-agent formal-notice address stated in Section 16.5. The Company maintains this process consistent with Section 512 of the United States Copyright Act.

2. Notice. A person who believes that material on the Services infringes that person's copyright may submit a notice through the Company's takedown web form or to dmca@egt.studio, carrying the statutory elements of a compliant notice, an attestation under penalty of perjury, and an electronic signature. On receipt of a compliant notice, the Company may remove or disable access to the material claimed to be infringing.

3. Counter-notice and restoration. A person whose material has been removed or disabled may submit a counter-notice carrying the statutory elements, an attestation under penalty of perjury, and an electronic signature. The Company handles counter-notices and the restoration of material as Section 512 provides, restoring the material within the statutory window unless the original complainant first notifies the Company that it has filed an action seeking a court order to restrain the allegedly infringing activity.

4. Repeat-infringer policy. The Company maintains and enforces a policy of terminating, in appropriate circumstances, the Accounts of Users who are repeat infringers. This policy is reasonably implemented and actually enforced, and repeat infringers' Accounts are terminated under it.

5. Fair use and good faith. A person submitting a notice must consider whether the use complained of is authorized by law, including fair use, and must not misuse the notice process. The Company may decline to act on, and may disregard, a notice that does not meet the statutory requirements or that is submitted in bad faith.

6. Equivalent processes. Where the European Union Digital Services Act or another applicable law provides an equivalent notice-and-action mechanism for user-generated content, the Company provides the mechanism that law requires for the persons to whom it applies, at a level consistent with this Section.

9.7 Brand and Trademark Use

1. Limited permission. A User must not use the Company's names, marks, or trade dress in a manner that is confusing, that implies the Company's sponsorship, endorsement, or affiliation where none exists, or that bids on or piggybacks on the Company's marks to divert or mislead, except as this Section or applicable law permits.

2. Nominative and fair use preserved. This Section does not restrict a User's nominative or other fair use of the Company's marks — including truthful references to the Services, truthful statements of compatibility or comparison such as "built on The Universe," and reviews or commentary — and is not to be read as a blanket prohibition on referring to the Company or its marks. A User must not, however, use the Company's marks in a way that implies endorsement the Company has not given.

Part 10 — Competequo

This Part is Operative. It binds Sellers / Merchants, and binds Developers / App Artisans through Part 7. It applies to any person to the extent that person's conduct concerns the rights this Part protects.

This Part states the Company's anti-circumvention doctrine — Competequo. It protects the Company's legitimate interests in its intellectual property, its Confidential Information and trade secrets, and its platform and Buyer Data, and it states the mechanics that govern a Seller's departure from the Services and the continuity of Buyers. It is anchored on the enforceable rights established by Part 8 (Confidentiality and Trade Secrets), Part 9 (Intellectual Property), and the data-control rules of Part 3 and Part 6. It does not restrain lawful, independent competition, and it does not impose a covenant not to compete.

10.1 What Competequo Protects

1. The protected interests. Competequo protects (a) the Company's intellectual property, including the copyrighted software and true derivative works of that software, and the Company's names, marks, and trade dress, as provided in Part 9; (b) the Company's Confidential Information and trade secrets, as provided in Part 8; and (c) the Company's control of platform data and Buyer Data, as provided in Part 3 and Part 6. These are the Company's own materials and rights — the things you receive from the Company or that belong to the Company — and not any idea merely because it resembles the Company's.

2. What Competequo does not prohibit. This Part does not claim ownership of a person's underlying ideas, concepts, business methods, or know-how; it does not prohibit independent creation; it is not a covenant not to compete; and it is not a customer non-solicitation covenant. A person may build, own, and operate a competing business, including a business that competes with the Company, and may solicit and serve customers, provided the person does so without using the Company's Confidential Information, without infringing the Company's intellectual property, and without misappropriating platform data or Buyer Data. The limits stated in this Part are the use of the Company's own materials and the misappropriation of the Company's data, and nothing more.

3. No blanket restraint of trade. The Company does not impose, and this Part is not to be read to impose, a blanket non-compete or a blanket customer non-solicitation covenant on any Seller or Developer. The Company relies for its protection on its intellectual-property rights, its trade-secret and confidentiality rights, and its control of Buyer Data — not on a covenant restraining a person from competing. A non-compete or customer non-solicitation covenant is void under the law of certain jurisdictions, including under California Business and Professions Code Section 16600 as amended by Assembly Bill 1076 and Senate Bill 699, under which an attempt to enforce such a covenant is itself unlawful; the Company does not assert such a covenant.

10.2 Anti-Circumvention

1. Bounded, time-limited duty. A Seller or Developer must not build or operate a competing product or service by means of the Company's Confidential Information, by infringing the Company's intellectual property, or by misappropriating platform data or Buyer Data. This duty concerns the Company's own materials that the person received from the Company; it does not concern a similar idea the person conceives or develops independently of those materials, as Section 8.4 makes explicit.

2. No diversion of platform-introduced relationships to evade the Growth Rate. A Seller or Developer must not divert off the Services a transaction or relationship that the Company facilitated or introduced, where the purpose or effect is to evade the Growth Rate owed under Part 4 on that transaction, as provided in Section 2.4(11). This duty applies for eighteen (18) months from the Company's introduction of the relationship, after which it lapses. This rule is limited to relationships the Company facilitated or introduced; it does not reach a Seller's or Developer's own pre-existing customers, or customers the Seller or Developer independently acquired.

3. Reasonable in scope and time; severable. Any restriction stated in this Section is, and is intended to be, reasonable in scope and limited in time. If a court or arbitrator of competent jurisdiction determines that any restriction in this Section is broader than is enforceable, the restriction is reformed to the maximum extent enforceable and otherwise severed, and the remainder of this Part continues in force, as provided in Part 16.

4. Introduction record. The Company maintains a record of the customer relationships it introduces or facilitates through the Services, including the first contact or first order between a Buyer and a Seller or Developer that the Company facilitated (the "introduction record"). The introduction record evidences whether, and when, the Company introduced or facilitated a relationship, and so establishes the start and the running of the eighteen (18) month period stated in Section 10.2(2). A relationship for which there is no introduction record is presumed to be a relationship the Seller or Developer independently acquired and outside the duty in Section 10.2(2), consistent with Section 10.1(2).

10.3 Fees

1. The Growth Rate is the transactional layer. The lawful transactional charge for the Services is the Growth Rate by category, as defined in Part 4 and stated in the Schedule — Growth Rate / Pricing. The Growth Rate does not stack on itself, and this Part imposes no transactional charge in addition to the Growth Rate.

10.4 Sale-of-a-Venture Fee

1. Facilitation fee on platform-facilitated transfers only. Where a User sells or transfers a venture, brand, or storefront through a transfer the Company facilitates — including a transfer for which the Company provides verification, escrow, or Buyer-continuity handling — a tapered Sale-of-a-Venture fee applies as a fee for that facilitation. The fee is:

| Portion of the transfer value | Sale-of-a-Venture fee | | --- | --- | | The first $25,000 | 5% | | The portion from $25,001 to $250,000 | 3% | | The portion above $250,000 | 1% |

The total Sale-of-a-Venture fee is capped at twenty-five thousand U.S. dollars ($25,000), so that a large transfer is not charged disproportionately. These figures are also stated in the Schedule — Growth Rate / Pricing.

2. A facilitation fee, not a penalty or an exit tax. The Sale-of-a-Venture fee is the Company's charge for facilitating the transfer and providing the related verification, escrow, and Buyer-continuity handling; it is not a penalty, a fine, or a charge imposed for breach, and it is not a charge for leaving the Services. It applies only to a transfer the Company facilitates and only where the Company provides those facilitation services; a User who declines the facilitation services does not owe the fee. The Company discloses the fee plainly before the transfer, consistent with the two-line-disclosure discipline in Section 4.2(4). This fee and the anti-diversion duty in Section 10.2 are independent of each other; neither is a charge for leaving the Services, and a Seller who departs without selling a venture and without diverting a platform-introduced relationship owes neither. Any escrow provided in connection with a facilitated transfer is performed through a licensed payment partner or a regulated escrow agent, and not by the Company holding funds as principal.

3. Private off-platform sales — notice and onboarding, not a fee. A User who sells or transfers a venture, brand, or storefront in a private transfer that the Company does not facilitate does not owe the Sale-of-a-Venture fee for that transfer. Instead, the transferring User must give the Company a transfer notice identifying the change of ownership, and the new owner must complete the Company's onboarding and accept this Codex before operating the venture, brand, or storefront on the Services. The new owner thereafter pays the Growth Rate on its transactions in the ordinary course; no separate fee is charged for the private transfer itself.

10.5 Remedies

1. Reasonable liquidated damages. Any monetary remedy this Part provides for a breach of Section 10.2 is, and is to be construed as, reasonable liquidated damages tied to a genuine pre-estimate of the Company's actual loss — including the value of the Company's introduction or acquisition of the diverted relationship and the Growth Rate the Company would have earned over the bounded period to which the duty applies — the parties agreeing that the actual damages from such a breach would be difficult to ascertain. A monetary remedy under this Part is not, and is not to be construed as, a penalty, and the Company does not impose a remedy measured as a percentage of all of a person's transactions. The heaviest consequences are reserved for deliberate, bad-faith evasion, and not for legitimate independent business.

2. Injunctive relief. A breach or threatened breach of the Company's intellectual-property rights, of the Confidentiality and Trade-Secrets obligations of Part 8, or of the data-control obligations of Part 3 and Part 6, may cause the Company harm for which monetary damages would be an inadequate remedy. The Company may seek injunctive or other equitable relief to prevent or stop such a breach, consistent with Section 8.6(3) and the intellectual-property and injunctive carve-out from arbitration stated in Part 14.

10.6 [Reserved]

10.7 [Reserved]

10.8 Seller Departure and Customer Continuity

1. Buyer Data stewardship — controller and processor. As provided in Part 3 and Part 6, the Company is the controller of Buyer Data, and a Seller that receives Buyer Data through the Services acts as a processor of that Buyer Data, limited to fulfilling and supporting the specific order to which it relates and bound by the data-processing terms the Company makes applicable to Sellers. This allocation is a matter of substance and not of label, and the Company's control of Buyer Data does not depend on any characterization a Seller gives it.

2. No export or repurposing of the Company's Buyer base on departure. A departing Seller must not export, copy, retain, or repurpose Buyer Data, and must not export, copy, retain, or repurpose the Company's Buyer base, for off-platform marketing or for any purpose other than fulfilling and supporting an active order. On departure, suspension, or termination, the Seller must delete or return the Buyer Data it holds, except to the minimum extent retention is required by law, as provided in Section 6.3(5), and must cease all further use of it.

3. Deactivation of masked-relay contact ability. Because a Seller reaches a Buyer only through the Company's masked relay and the dashboard "Message customer" action that the Company routes, as provided in Section 3.3(5) and Section 6.3(4), the Company may deactivate a departing Seller's ability to initiate contact with Buyers on departure, and that ability deactivates when the Seller leaves the Services. A Buyer may also revoke a Seller's ability to initiate contact at any time.

4. The Buyer-Continuity Guarantee survives. A Seller's departure does not extinguish a Buyer's entitlement to what the Buyer has already paid for. The Buyer-Continuity Guarantee stated in Section 5.2 survives the Seller's departure, and the Company may continue to serve paid Buyers for the access window described there. A Buyer is never required to surrender personal data to a departing Seller, or to follow a departing Seller off the Services, in order to keep, re-download, or continue to access what the Buyer has already paid for, as provided in Section 5.2(4).

5. A Seller's own list, not the Company's Buyer base. A Seller that leaves the Services may take its own contact list — the contacts the Seller brought to the Services or independently developed — but may not take, copy, or repurpose the Company's Buyer base or the Buyer Data the Company collected, as provided in Section 6.8(1).

6. The Buyer's consent is the bridge. A Buyer may choose to follow a departing Seller by exercising the Buyer's own data-portability right under applicable law, and may consent to a transfer of the Buyer's own personal data to the Seller through a mechanism the Company provides. The bridge that lets a Buyer follow a Seller is the Buyer's own consent and portability right, exercised by the Buyer; it is not a license for the Seller to take the Company's Buyer base. The Company does not hinder a Buyer's exercise of a portability right that applicable law grants.

7. No conversion fee. The Company does not charge a conversion fee, a poaching fee, or any similar charge when a Seller departs or when a Buyer chooses to follow a departing Seller. The Company relies on the data-control rules of this Section and on the Buyer-Continuity Guarantee, and not on a conversion fee.

8. No data ransom. The Company does not withhold a Buyer's paid entitlement, and does not condition a Buyer's continued access to what the Buyer has already paid for, in order to coerce the Buyer or the Seller into any migration or any transfer of data. This Section operates with the no-data-ransom rule of Section 5.2(4).

Part 11 — HIPAA Schedule

This Part is Operative. It binds a Covered Entity that opts in to HIPAA-enabled services and executes the Business Associate Agreement.

This Part states when the Company's HIPAA obligations apply, incorporates the Company's Business Associate Agreement by reference, and states the Company-wide rules that govern the Company's handling of protected health information. It operates together with Part 3 (Privacy and Data), which states the Company's privacy roles and points to this Part for protected health information, and with the Business Associate Agreement, which governs the Company's handling of protected health information in detail. Where this Part and the Business Associate Agreement differ as to protected health information, the Business Associate Agreement controls, as Section 1.4 provides.

11.1 Scope and Opt-In

1. HIPAA features are opt-in per tenant. The Company's HIPAA-enabled features are opt-in per tenant, elected at onboarding. A standard plan does not by itself create a HIPAA relationship or enable the processing of protected health information, and a paid plan — including Studio Max — is not by itself HIPAA-enabled.

2. PHI processed only after opt-in and execution of the Business Associate Agreement. The Company processes protected health information for a Covered Entity only after that Covered Entity affirmatively opts in to HIPAA-enabled services and executes the Company's Business Associate Agreement. A User that has not opted in and executed that Agreement is not a Covered Entity for purposes of this Codex, and the Company does not process protected health information for that User.

3. Designated PHI Environment. The Company processes protected health information only within the infrastructure, databases, servers, applications, and workflows the Company designates for that purpose (each, a "Designated PHI Environment"), as the Business Associate Agreement describes. Other components of the Services are not subject to the HIPAA obligations of this Part or of that Agreement. EGT account information is not protected health information except as the Business Associate Agreement provides.

11.2 Incorporation of the Business Associate Agreement; Precedence

1. Incorporation by reference. The Company's Business Associate Agreement is incorporated into this Codex by reference and is executed or accepted by a Covered Entity at opt-in. The Business Associate Agreement governs the Company's handling of protected health information in detail, including its permitted uses and disclosures, its safeguards, its reporting obligations, the individual-rights and Secretary-access support it provides, its retention and return-or-destruction obligations, and the allocation of liability for protected health information.

2. The Business Associate Agreement controls on any PHI conflict. Where a provision of this Part conflicts with the Business Associate Agreement as to protected health information, the Business Associate Agreement controls, consistent with Section 1.4. In particular, the liability figures stated in Section 9.2 of the Business Associate Agreement — the greater of trailing-twelve-month fees or two thousand five hundred U.S. dollars ($2,500), subject to an absolute maximum of fifty thousand U.S. dollars ($50,000), with a breach of unsecured protected health information riding the same cap — are the sole and controlling limitation of liability for any claim arising out of or relating to protected health information, and control over the general limitation of liability stated elsewhere in this Codex. This limitation is the sole and controlling limitation for the capped protected-health-information claims, except that it does not limit any liability that this Codex or applicable law does not permit to be limited — including a party's fraud, willful misconduct, or gross negligence, and any liability that cannot be limited or excluded under applicable law — which remain uncapped as Section 12.4 and Section 9.2(d) of the Business Associate Agreement provide. A breach of unsecured protected health information, a breach of the confidentiality or safeguarding obligations relating to protected health information, and any indemnity for civil monetary penalties under HIPAA attributable to the Business Associate are not uncapped and ride the cap stated in this Section, as Section 9.2 of the Business Associate Agreement provides. The figures stated in Section 9.2 of the Business Associate Agreement govern; any figure restated elsewhere in this Codex is for convenience and yields to the Business Associate Agreement on any discrepancy.

3. A claim with a protected-health-information component is governed in its entirety by the Business Associate Agreement cap. Where a single claim, or a single incident giving rise to a claim, includes both a protected-health-information component and a non-protected-health-information component — including a claim that touches both Confidential Information under Part 8 and protected health information — that claim is governed in its entirety by the cap in Section 9.2 of the Business Associate Agreement, and not by the general limitation of liability in Part 12. There are not two competing caps for such a mixed claim; the Business Associate Agreement cap is the single, controlling limitation for the whole of it. This Section gives effect to the Parties' intent, stated in Section 9.1 of the Business Associate Agreement, that no claim relating to protected health information is left without an applicable limitation of liability, and it does not limit any liability that, under Section 12.4 or Section 9.2(d) of the Business Associate Agreement, may not be limited.

11.3 Handling of Protected Health Information

1. Designated infrastructure. The Company processes protected health information only in a secure environment designated for that purpose under a HIPAA-compliant arrangement, as the Business Associate Agreement provides, and not on other infrastructure.

2. Never used to train artificial intelligence. The Company never uses protected health information to train, fine-tune, or otherwise develop any artificial-intelligence or machine-learning system or model, and does not permit any subcontractor to do so. This carve-out admits no exception and is stated also in Section 3.11 and Section 9.3. Data that has been de-identified in compliance with HIPAA is no longer protected health information, and its use is governed by the Business Associate Agreement.

3. Minimum necessary. The Company limits its uses, disclosures, and requests of protected health information to the minimum necessary to accomplish the intended purpose, as the Business Associate Agreement provides.

4. Masked-relay and data-control protections apply. The masked-relay contact handling and the data-control protections stated in Part 3 and Part 6 apply to a Covered Entity's use of the Services, in addition to the protections the Business Associate Agreement provides for protected health information.

11.4 Roles

1. The Company acts as a Business Associate. With respect to protected health information it processes for a Covered Entity within a Designated PHI Environment, the Company acts as a Business Associate within the meaning of HIPAA, and the Covered Entity acts as the covered entity or as a business associate with respect to its own obligations.

2. Individual rights routed through the Covered Entity. A request by a patient or other individual to exercise a right of access, amendment, or accounting of disclosures with respect to protected health information is the responsibility of the Covered Entity. Where such a request is made directly to the Company, the Company routes it to the Covered Entity, which is responsible for responding to it. The Company supports the Covered Entity's response to a request for access, amendment, and an accounting of disclosures, and makes its internal practices, books, and records available to the Secretary of the U.S. Department of Health and Human Services, as set out in the Business Associate Agreement.

11.5 Breach Notification

1. Notification per the Business Associate Agreement. The Company notifies a Covered Entity of a breach of unsecured protected health information, or a material security incident affecting protected health information within a Designated PHI Environment, without unreasonable delay and in no event later than thirty (30) calendar days after discovery, as the Business Associate Agreement provides. This window controls over the general breach-handling statement in Section 3.9(2) for protected health information.

2. Security contact. Breach and security-incident communications concerning protected health information are made through the Security contact (security@egt.studio, Section 3.12), as the Business Associate Agreement provides.

11.6 Relationship to the Rest of the Codex

1. Privacy module and never-train-AI line. This Part operates together with Part 3, which states the Company's general privacy roles and yields to this Part and to the Business Associate Agreement for protected health information, as Section 1.4 provides. The Company's commitment never to use protected health information to train any artificial-intelligence system or model is stated consistently in Section 3.11, Section 9.3, and Section 11.3(2), and is the same commitment in each place.

Part 12 — Warranties and Limitation of Liability

This Part is Operative. It applies to every person to the extent its subject matter concerns that person, and it governs the warranties the Company makes and does not make, and the limits on the Company's liability.

This Part disclaims warranties to the extent the law permits, allocates risk between you and the Company, and states the limits on the Company's liability. It is read together with the consumer savings in Section 12.5 and with the dispute and governing-law terms of Part 14. Where the Company processes protected health information for a Covered Entity, the liability figures stated in Section 9.2 of the Business Associate Agreement control over this Part for any claim arising out of or relating to protected health information, as Section 1.4 provides.

12.1 Warranty Disclaimer

1. "As is" and "as available." TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE," WITH ALL FAULTS, AND YOUR USE OF THE SERVICES IS AT YOUR OWN RISK.

2. Disclaimer of implied warranties. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY DISCLAIMS ALL IMPLIED WARRANTIES AND CONDITIONS, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT, AND ANY WARRANTY ARISING FROM A COURSE OF DEALING, A COURSE OF PERFORMANCE, OR A USAGE OF TRADE.

3. Scope of any availability or security statement. Where this Codex states that the Company secures the Services, maintains safeguards, or makes the Services available, that statement is a commitment of reasonable efforts appropriate to the matter and is not a guarantee. The Company does not represent or warrant that the Services are, or will be, secure, error-free, uninterrupted, free of harmful components, or that any defect will be corrected; and no method of transmission or storage is perfectly secure, as Section 3.9 also provides. A statement of reasonable efforts is not, and is not to be construed as, an absolute or factual warranty.

4. Effect of the disclaimer. No advice or information, whether oral or written, that you obtain from the Company or through the Services creates a warranty that this Section does not expressly make. This Section does not exclude or limit a warranty or condition that applicable law does not permit to be excluded or limited, and is read down to that extent as Section 12.5 provides.

12.2 Exclusion of Certain Damages

1. Excluded categories. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY WILL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES, OR FOR ANY LOST PROFITS, LOST REVENUE, LOST GOODWILL, LOST OR CORRUPTED DATA, OR COST OF SUBSTITUTE SERVICES, ARISING OUT OF OR RELATING TO THE SERVICES OR THIS CODEX, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER THEORY, AND WHETHER OR NOT THE COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

2. Failure of essential purpose. THE EXCLUSIONS IN THIS SECTION 12.2 AND THE LIABILITY CAP IN SECTION 12.3 ARE INDEPENDENT OF, AND SURVIVE, ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED OR EXCLUSIVE REMEDY, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW. The agreed allocation of risk in this Part is to be given effect even if a limited remedy stated elsewhere is found to have failed of its essential purpose, consistent with Section 2-719(2) of the Uniform Commercial Code as adopted in the State of Ohio.

12.3 Limitation of Liability — Aggregate Cap

1. The cap. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, THE COMPANY'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATING TO THE SERVICES OR THIS CODEX WILL NOT EXCEED THE GREATER OF (i) ONE HUNDRED U.S. DOLLARS ($100) OR (ii) THE TOTAL FEES THE CLAIMANT PAID THE COMPANY IN THE TWELVE (12) MONTHS BEFORE THE EVENT GIVING RISE TO THE CLAIM.

2. One cap for all claims. The cap in this Section applies to all claims in the aggregate and is not multiplied by the number of claims, theories, or proceedings. Multiple claims do not enlarge the cap.

3. PHI claims excepted. This Section does not apply to a claim arising out of or relating to protected health information, and a claim that includes a protected-health-information component is governed in its entirety by the cap in Section 9.2 of the Business Associate Agreement, as Section 11.2(3) provides, rather than by this Section. The liability figures stated in Section 9.2 of the Business Associate Agreement are the sole and controlling limitation for such a claim, as Section 1.4 and Section 11.2 provide, except that they do not limit liability that this Codex or applicable law does not permit to be limited — including a party's fraud, willful misconduct, or gross negligence, and any liability that cannot be limited or excluded under applicable law — which remain uncapped as Section 12.4 and Section 9.2(d) of the Business Associate Agreement provide. A breach of unsecured protected health information, a breach of the confidentiality or safeguarding obligations relating to protected health information, and any indemnity for civil monetary penalties under HIPAA attributable to the Business Associate ride the cap stated in Section 9.2 of the Business Associate Agreement and are not uncapped.

12.4 Matters Not Limited or Excluded

Nothing in Section 12.2 or Section 12.3 limits or excludes the liability of either party for:

1. fraud or fraudulent misrepresentation;

2. willful misconduct or gross negligence;

3. death or personal injury caused by that party's negligence or willful act;

4. a User's, Seller's, or Developer's indemnification obligations under Section 13.1 (the Company's own narrow indemnity under Section 13.2 remaining subject to the limitation of liability in this Part, as Section 13.2(2) provides);

5. a party's obligation to pay amounts due under this Codex (so that the cap and exclusions are not a shield against non-payment); or

6. any liability under applicable mandatory consumer-protection law, as preserved in Section 12.5; or any other liability that cannot be limited or excluded under applicable law.

7. California Civil Code Section 1668 savings. To the extent the cap in Section 12.3 or the exclusions in Section 12.2 would be void under California Civil Code Section 1668 as applied to a party's own (a) fraud or fraudulent misrepresentation, (b) willful injury to the person or property of another, or (c) violation of law, whether willful or negligent, neither the cap nor the exclusions apply to that liability, and each such limitation is read down to the minimum extent necessary to remain valid as to all other liability, consistent with the principle confirmed in New England Country Foods, LLC v. VanLaw Food Products, Inc. (Cal. 2025). The remainder of this Part continues in full force, as Part 16 provides.

Preserves the floor; does not enlarge liability. The exceptions in this Section preserve, and do not enlarge, the liability that applicable law makes non-limitable. They except from Sections 12.2 and 12.3 only that portion of a claim attributable to the excepted conduct, and the cap and exclusions continue to apply to all other liability arising from the same matter. For the avoidance of doubt, a party's breach of the confidentiality obligations of Part 8 is not, by itself, excepted from the cap; except to the extent another exception in this Section applies, such liability rides the cap in Section 12.3.

12.5 Consumer Savings

1. Non-waivable consumer rights preserved. Nothing in this Part limits, excludes, or waives any right or remedy that applicable consumer-protection law makes non-waivable. For a consumer to whom the mandatory consumer-protection law of the European Union or European Economic Area, the United Kingdom, Quebec, Australia, Brazil, or a similar jurisdiction applies, that mandatory local law applies notwithstanding the cap and exclusions in this Part.

2. Read down, not struck. Where a provision of this Part would, as applied to a particular person or in a particular jurisdiction, exceed what applicable mandatory law permits, that provision is read down and applies only to the minimum extent necessary to comply with that law, and is not struck in its entirety. The remainder of this Part, and its application to other persons and in other jurisdictions, is unaffected.

12.6 Allocation of Risk

1. Basis of the bargain. The disclaimers, exclusions, and limitations in this Part reflect the agreed allocation of risk between you and the Company, and that allocation is reflected in the Growth Rate and the other pricing stated in this Codex. The Company would not provide the Services on the Growth Rate and pricing stated without this allocation of risk, and these provisions are an essential basis of the bargain between you and the Company. This Section does not enlarge any limitation beyond what the preceding Sections state, and it does not override the matters not limited or excluded under Section 12.4 or the consumer savings under Section 12.5.

Part 13 — Indemnification

This Part is Operative. It binds Users, Sellers, and Developers as stated below, and it states the Company's own narrow indemnity, and the procedure that governs any indemnification claim under this Codex.

This Part allocates responsibility for third-party claims. It is the mirror of Part 12: where Part 12 limits the Company's liability between you and the Company, this Part addresses claims brought by third parties. The indemnification obligations in this Part are among the matters not limited by the liability cap, as Section 12.4 provides.

13.1 Indemnification by Users, Sellers, and Developers

1. The obligation. To the fullest extent permitted by applicable law, you will indemnify, defend, and hold harmless the Company, and its officers, members, employees, and agents, from and against any third-party claim, and any resulting loss, liability, damage, cost, and reasonable attorneys' fees, arising out of or relating to: (a) your Content; (b) the goods or services you list, offer, or sell through the Services; (c) your use of the Services; (d) your breach of the Operative Terms; and (e) your violation of applicable law or of the rights of a third party, including intellectual-property, privacy, and publicity rights. Where you act as a Developer or Integration Operator, this obligation includes a third-party claim arising out of or relating to an application, extension, plugin, component, or authentication or identity integration you offer or operate, including a claim arising out of your breach of Section 7.7 or a compromise of your integration or credentials.

2. Seller product-liability and listing indemnity. A Seller additionally will indemnify, defend, and hold harmless the Company from and against any third-party claim arising out of or relating to the Seller's goods, including a product-liability claim, a claim that a listing or description is false, misleading, or infringing, and a claim arising out of the Seller's fulfillment of an order. This obligation operates together with the Seller's insurance obligations stated in Part 6, and the Company's reliance on insurance and indemnity, rather than on a disclaimer, as the backstop for product-liability exposure. This product-liability indemnity survives the Seller's departure, suspension, and termination, and is not discharged by the Seller ceasing to use the Services; it remains in force as to goods the Seller sold through the Services while it was a Seller.

3. Consumer scope. Where you act solely as a consumer, your obligation under this Section is limited to a claim arising out of your own unlawful act, your own Content, or your own breach of the Operative Terms, and does not extend beyond that. This Section does not require a consumer to indemnify the Company for the Company's own conduct, and is read consistently with the consumer savings in Section 12.5 and with any mandatory consumer-protection law that limits a consumer's indemnity.

13.2 Indemnification by the Company

1. Narrow Company indemnity. To the fullest extent permitted by applicable law, the Company will indemnify, defend, and hold harmless a User from and against a third-party claim that the Services themselves — meaning the Company's own software and other intellectual property, and excluding user Content, a Seller's goods, third-party components, and anything the Company does not own — infringe that third party's intellectual-property rights.

2. Exclusions. The Company's obligation under this Section does not apply to a claim to the extent it arises out of: (a) your Content, your goods, or any third-party material; (b) your modification of the Services, or your combination of the Services with anything the Company did not supply, where the claim would not have arisen but for that modification or combination; (c) your use of the Services other than as the Operative Terms permit; or (d) your continued use of an allegedly infringing element after the Company has made a non-infringing alternative reasonably available. The Company's liability under this Section is subject to the limitation of liability in Part 12.

13.3 Indemnification Procedure

1. Notice. The party seeking indemnification will give the indemnifying party prompt Notice of the claim. A delay in giving Notice does not relieve the indemnifying party of its obligations except to the extent the indemnifying party is actually prejudiced by the delay.

2. Control of defense. The indemnifying party has the right to control the defense and settlement of the claim with reputable counsel, and the indemnified party will provide reasonable cooperation at the indemnifying party's expense. The indemnified party may participate in the defense with its own counsel at its own expense.

3. Settlement. The indemnifying party may not settle a claim in a manner that imposes a non-monetary obligation on, requires an admission of fault or liability by, or fails to fully release, the indemnified party, without the indemnified party's prior written consent, which will not be unreasonably withheld.

Part 14 — Governance and Disputes

This Part is Operative. It applies to every person to the extent a dispute concerns that person, and it states the internal resolution process, the arbitration backstop, the waivers, the carve-outs, the opt-out, the consumer savings, and the governing law and venue.

This Part states how a dispute between you and the Company is resolved. It establishes an internal, good-faith resolution process — the Code of Authority — as a condition precedent, followed by a neutral arbitration backstop, and it preserves the court access and consumer rights that applicable mandatory law does not permit to be waived. Capitalized terms used in this Part have the meanings given in Part 1.

14.1 The Code of Authority — Internal Resolution Process

1. A mandatory, good-faith, internal step. Before commencing arbitration under Section 14.2 or, where Section 14.4 permits, an action in court, you and the Company will first attempt in good faith to resolve the dispute through the Code of Authority, the Company's internal resolution process. A party begins the process by giving Notice of the dispute to the other party — for a party other than the Company, through the Disputes contact (the Company's disputes web form and disputes@egt.studio) — describing the dispute and the relief sought. This Disputes contact also receives the arbitration opt-out election under Section 14.5.

2. Good-faith engagement; time-boxed. For a period of forty-five (45) days after that Notice is given, the parties will engage in good faith to resolve the dispute, including by exchanging the information reasonably necessary to evaluate it. This internal step is also the pathway through which a User may pursue the internal appeal of an enforcement action described in Section 2.6(3). The process is self-executing and time-boxed: if the dispute is not resolved within the forty-five (45) day window, either party may proceed under Section 14.2 or, where it applies, Section 14.4.

3. Not a binding tribunal. The Code of Authority is a structured, good-faith negotiation and grievance step. It is not a binding tribunal, it does not impose a binding outcome on either party, and the Company is not the final adjudicator of a dispute through it. Nothing in the Code of Authority requires you to accept any resolution the Company proposes, deprives you of the right to proceed under Section 14.2 or Section 14.4 after the window closes, or waives any right that applicable law makes non-waivable. The window may be extended only by the parties' mutual agreement.

14.2 Binding Arbitration

1. Agreement to arbitrate. Except for the matters carved out in Section 14.4 and subject to the consumer savings in Section 14.6, any dispute between you and the Company that is not resolved through the Code of Authority within the window stated in Section 14.1 will be resolved by binding individual arbitration administered by the American Arbitration Association (AAA) under its rules then in effect that apply to the dispute, including, where applicable, its consumer arbitration rules. The Federal Arbitration Act, 9 U.S.C. §§ 1 et seq., governs the interpretation and enforcement of this Section and the arbitrability of a dispute, notwithstanding the governing-law choice in Section 14.7 as to other matters.

2. Seat and venue. The arbitration is seated in, and any hearing requiring an in-person appearance is held in, the State of Ohio, subject to any AAA rule or applicable law that entitles a consumer to a hearing in or near the consumer's place of residence, and subject to Section 14.6.

3. Who decides what. (i) The arbitrator decides all questions of arbitrability, including the scope, enforceability, formation, and interpretation of this Part and of the agreement to arbitrate. (ii) Notwithstanding (i), and as a specific and severable exception, the enforceability of the class-action waiver in Section 14.3 is decided exclusively by a court of competent jurisdiction and not by the arbitrator. A court's determination of the enforceability of the class-action waiver does not affect the arbitrator's authority over any other question, and this exception is severable from the remainder of this Part. A challenge directed specifically at this delegation provision is for a court to decide.

(iii) Non-severability of the carve-out — poison pill. The carve-out in Section 14.2(3)(ii), by which a court and not the arbitrator decides the enforceability of the class-action waiver, is a material and non-severable condition of the agreement to arbitrate. If that carve-out is itself held unenforceable, void, or unconscionable, or is severed, then — notwithstanding the general severability machinery in Section 14.3(3) and Section 16.3 — the question of the enforceability of the class-action waiver does not pass to the arbitrator; instead, as to the dispute in which that holding is made, the class-action waiver in Section 14.3 and the agreement to arbitrate in this Section 14.2 are both unenforceable and fall away together, and that dispute proceeds in court under Section 14.4, subject to the Code of Authority condition precedent in Section 14.1, the jury waiver in Section 14.3(2), and the governing-law and venue terms in Section 14.7. This Section is the controlling rule for the carve-out in Section 14.2(3)(ii) and prevails over any contrary application of Section 14.3(3) or Section 16.3 to that carve-out.

4. Mass and coordinated filings. Where multiple arbitration demands are filed by or with the assistance of the same or coordinated counsel in a substantially similar manner, those demands are administered under the AAA's supplementary rules for multiple or mass-arbitration filings then in effect. Any bellwether or test-case procedure used under those rules is non-binding: its results do not bind any claimant who is not a party to the particular case decided, and inform, but do not dictate, the resolution of other demands.

5. Costs. The Company pays the arbitration administration and arbitrator fees that the applicable AAA rules require it to pay for a consumer arbitration. For any arbitration, including one brought by a Seller or Developer who is not a consumer, the Company bears any arbitration filing, administration, and arbitrator fees that exceed the cost the claimant would have paid to file the same claim in the courts of the claimant's home jurisdiction, so that the cost of the forum is not a barrier to a claimant's pursuit of a claim. This Section does not shift a party's own attorneys' fees except as the applicable rules or applicable law provide.

14.3 Class-Action Waiver and Jury Waiver

1. Individual basis only. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EACH DISPUTE WILL BE RESOLVED ONLY ON AN INDIVIDUAL BASIS, AND NEITHER YOU NOR THE COMPANY MAY BRING OR PARTICIPATE IN A CLASS, COLLECTIVE, CONSOLIDATED, OR REPRESENTATIVE ACTION OR PROCEEDING. The arbitrator may not consolidate the claims of more than one person and may not preside over any class, collective, or representative proceeding.

2. Jury waiver. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, WHERE A DISPUTE PROCEEDS IN COURT UNDER SECTION 14.4 OR SECTION 14.6, YOU AND THE COMPANY EACH WAIVE ANY RIGHT TO A TRIAL BY JURY.

3. Severability of the waiver. If the class-action waiver in this Section is found by a court to be unenforceable as to a particular claim or request for relief, that claim or request is severed and proceeds in court, and the remainder of the disputes continue in arbitration on an individual basis. The unenforceability of the class-action waiver as to one matter does not render the agreement to arbitrate unenforceable as to any other matter.

14.4 Carve-Outs from Arbitration

1. Small claims. Either party may bring an individual action in a small-claims court of competent jurisdiction for a dispute within that court's jurisdiction, instead of in arbitration.

2. Injunctive and equitable relief to protect rights. Either party may bring an action in a court of competent jurisdiction seeking injunctive or other equitable relief to protect its own intellectual-property rights or Confidential Information, or the integrity and security of the Services. In addition, either party may seek provisional injunctive relief from a court in aid of arbitration to preserve the status quo pending the arbitrator's decision. This is a narrow, mutual provisional-relief exception, and not a general right of either party to litigate a claim that is otherwise arbitrable. A request for relief under this Section is excluded from the arbitration requirement, consistent with Section 8.6(3) and Section 10.5(2).

14.5 Thirty-Day Opt-Out

1. How to opt out. You may opt out of the agreement to arbitrate in Section 14.2 and the class-action waiver in Section 14.3 by giving the Company Notice of your election through the Disputes contact (the Company's disputes web form and disputes@egt.studio, Section 14.1) within thirty (30) days after you first accept this Codex containing this Part, whether by affirmative click or by accessing or using the Services. A timely opt-out is effective when received.

2. Effect. If you opt out, Section 14.2 and Section 14.3 do not apply to you, and a dispute between you and the Company is resolved in court, subject to the Code of Authority condition precedent in Section 14.1, the carve-outs in Section 14.4, and the governing-law and venue terms in Section 14.7. Opting out does not affect any other provision of this Codex, and does not affect the validity of the arbitration agreement as to any other person. The Company records your opt-out as an account flag.

3. How this Part changes; prospective only; no reset of the opt-out. A change to this Part applies only prospectively. No change to this Part applies to a dispute that has accrued, or of which the Company has notice, before the change's Effective Date; the version of this Part in effect when a dispute arose governs that dispute, and the Company does not apply a change to this Part to escape arbitration of, or to alter the rules governing, a dispute that has already arisen. The Company gives at least thirty (30) days' advance Notice of a material change to this Part under Section 1.5(2), and a material change to the arbitration agreement or the class-action waiver requires your affirmative agreement under Section 1.3(3). A change is material only if it alters the class-action waiver in Section 14.3, narrows or expands the scope of arbitrable claims, allocates or shifts costs or fees, limits a remedy, or reduces the neutral-forum protections of Section 14.8; a change to the arbitral administrator, the arbitrator-selection mechanics, the applicable rules, or the seat that is not adverse to you is not material and takes effect on Notice under Section 1.5(2). The Company does not treat a non-material change as reducing any protection you have. A change to this Part does not reopen or reset the thirty (30) day opt-out window in Section 14.5(1); that window runs from your first acceptance of the Part, and the prospective-only protection in this Section, not a renewed opt-out, is what governs a later change.

14.6 Consumer Home-Forum Savings

1. Preserved rights. Where applicable mandatory law gives a consumer the right to bring proceedings in the courts of the consumer's place of residence, or makes a pre-dispute arbitration agreement or a class-action waiver unenforceable against the consumer — as the law of many jurisdictions in the European Union and European Economic Area, the United Kingdom, Quebec, Australia, and Brazil, or a similar jurisdiction whose mandatory law so provides, does — that right is preserved. Such a consumer may bring a dispute in the consumer's local courts notwithstanding Section 14.2 and Section 14.3, and those Sections do not apply to that consumer to the extent the law makes them unenforceable.

2. Internal step still applies. A consumer to whom this Section applies still engages the Code of Authority under Section 14.1 as a condition precedent before proceeding in court, except to the extent applicable mandatory law provides otherwise.

14.7 Governing Law and Venue

1. Governing law. This Codex, and any dispute arising out of or relating to it or to the Services, is governed by the laws of the State of Ohio, without regard to its conflict-of-laws rules, except to the extent that mandatory consumer-protection or other law of your place of residence applies and may not be waived, as Section 12.5 and Section 14.6 provide.

2. Venue. For a matter that proceeds in court rather than in arbitration, venue lies in the courts located in the State of Ohio, subject to the consumer home-forum savings in Section 14.6. No county is designated.

14.8 Neutral-Forum Integrity

1. A neutral, published forum. The arbitration provided in Section 14.2 is conducted before a neutral arbitrator selected under the published rules of the AAA, an independent administrator that neither party controls. The rules are published and apply equally to both parties, and the Company does not select the arbitrator unilaterally, does not act as the adjudicator of a dispute to which it is a party, and does not rewrite the governing rules mid-dispute.

2. Mutuality and no one-sided fee-shifting. The obligations of this Part apply to you and to the Company alike. The Company does not impose a one-sided fee-shifting structure, a cost-prohibitive fee structure, or a remedy limitation that would deny a party a fair opportunity to vindicate its rights in the forum. This Section states the conditions on which the dispute forum operates so that it is fair and enforceable.

Part 15 — Enforcement

This Part is Operative. It applies to every person to the extent the Company takes, or may take, enforcement action against that person, and it states the graduated remedies the Company applies, how any monetary remedy is measured, the due process the Company affords, the effect of suspension and termination, and the rule on waiver.

This Part states what the Company may do when this Codex is breached, and the limits the Company places on itself in doing it. It reworks and supersedes the enforcement provisions of the Company's prior terms. It operates together with Part 2, which states the conduct rules and the general suspension, termination, and due-process framework, and with Part 14, which provides the appeal pathway through the Code of Authority. The Company acts on conduct, not on belief about a person's views, as Section 2.4(12) provides.

15.1 Graduated Remedies

1. Proportionate, escalating measures. Where a person breaches this Codex, the Company applies a remedy that is proportionate to the conduct, escalating as the circumstances warrant. The remedies available to the Company include: a warning; the removal or disabling of Content; the restriction of a feature, a limit, or access; the suspension of an Account or of access to the Services or a feature; a monetary remedy measured as Section 15.2 provides; and termination. The Company may apply one or more of these remedies, and it selects the least severe remedy adequate to address the matter, except where Section 2.6(4) permits immediate action.

2. A recorded basis for action. When the Company takes an enforcement action, it records the reason for the action, the conduct on which it rests, and the remedy applied, so that the action can be stated to the affected person under Section 15.3 and reviewed on appeal. The Company does not act on a person's unpublished drafts, private notes, or other material the person has kept to itself, as Section 2.4(12) provides.

3. Suspension is time-limited. A suspension imposed under this Part is for a defined period proportionate to the conduct; a restriction intended to be indefinite is a termination, governed by Section 15.4. The Company may impose a permanent termination — a complete and indefinite removal of access — where the conduct warrants it, including conduct described in Section 2.4(2) or 2.4(3), fraud, or repeated serious breach. A suspension is not a substitute for the due process stated in Section 15.3.

15.2 Monetary Remedies as Liquidated Damages

1. A reasonable pre-estimate of loss, not a penalty. Any monetary remedy the Company imposes under this Codex is, and is to be construed as, reasonable liquidated damages tied to a genuine pre-estimate of the Company's likely loss and reasonable enforcement and administrative cost arising from the breach, the parties agreeing that the actual damages from such a breach would be difficult to ascertain. A monetary remedy under this Part is not, and is not to be construed as, a penalty. This Section operates consistently with Section 10.5(1), which states the same rule for a breach of the anti-circumvention duty in Part 10.

2. No percentage-of-all-transactions remedy. The Company does not impose, and this Codex does not authorize, a monetary remedy measured as a blanket percentage of all of a party's transactions — including the percentage-of-all-transactions approach (for example, a remedy stated as 35%, 55%, or 100% of a party's transactions) used in the Company's prior terms, which is expressly replaced by this Part. A monetary remedy is measured by the Company's actual loss and enforcement cost from the breach in question, and not by a multiplier applied to unrelated transactions.

3. Chargeback and defunded-payment fees scoped to actual cost. Where the Company charges a fee in connection with a chargeback, a reversed or defunded payment, or a similar payment event, that fee is limited to the Company's actual, documented cost — including any fee, fine, assessment, or penalty imposed on the Company by a business partner, a payment processor or partner, or a card network (such as a card network's dispute- or chargeback-monitoring-program fine, an excessive-chargeback assessment, and any successor or equivalent network charge), together with the reasonable cost of recovering the underlying amount — plus a reasonable, separately disclosed administrative amount that reflects the Company's actual processing cost and is not a penalty. The Company does not charge an inflated multiplier of the underlying sale, and it does not characterize a recovery of its actual cost as a penalty. Such a fee is disclosed conspicuously before it is incurred, consistent with Section 4.3(1).

4. Recovery is charged to the responsible party, not to a good-faith consumer. A fee or recovery under Section 15.2(3) is charged to the responsible Seller or Developer, or to a party that engaged in fraud or other misconduct that caused the cost, and not to a Buyer for exercising in good faith a billing-dispute or chargeback right that applicable law or a card network's rules protect. Nothing in this Codex waives or limits a Buyer's rights under the Fair Credit Billing Act, Regulation Z, or applicable card-network rules, consistent with the consumer savings in Section 12.5. Where a Seller is the merchant of record under Section 6.1(1), the Seller may likewise recover its own actual, documented costs — including a card-network fine or processor charge imposed on the Seller — from a party that engaged in fraud or other misconduct, subject to the same protection for a good-faith consumer. Recovery from a Buyer is permitted only where the Buyer has been found to have committed first-party chargeback fraud in violation of Section 2.4(13), is limited to the underlying transaction amount plus the Company's actual documented cost under Section 15.2(3), and never takes the form of a fee or charge imposed for the act of disputing.

5. General cap framed as cost and loss recovery. Where the Company states a maximum monetary remedy, that maximum is a ceiling on the Company's recovery of its loss and enforcement cost, and not a target or a presumptive amount. The Company recovers its actual, demonstrable loss and cost up to that ceiling, and not more.

15.3 Due Process

1. Statement of reasons. Before the Company takes a non-urgent enforcement action against a person, and otherwise at the time it acts, the Company gives that person a statement of the reasons for the action, identifying the restriction imposed and its scope and duration, the facts and the contractual or legal ground on which the action rests, whether automated means were used in reaching it, and how the person may seek review. The Company provides this statement except where providing it is prohibited by law, would compromise an investigation or the security of the Services, or concerns conduct described in Section 2.6(4). For a person to whom the European Union Digital Services Act applies, the Company provides the statement of reasons in the manner that Act requires.

2. Opportunity to respond and appeal. A person against whom the Company takes an enforcement action may respond to it and may appeal it through the internal appeal pathway, which is the entry point to the Code of Authority process described in Part 14, as provided in Section 2.6(3). The appeal is available for a reasonable period of not less than six (6) months after the action, is reviewed under human supervision rather than by automated means alone, and is considered in good faith; the Company may affirm, modify, or reverse the action. This reworks, and is the operative form of, the right to have one's case heard stated in the Company's prior terms. The appeal pathway does not waive any right that applicable law makes non-waivable.

3. Advance notice to Sellers and business users. Before the Company terminates a Seller or other business user, it gives that person at least thirty (30) days' advance Notice and a statement of the reasons for the termination, as provided in Section 2.6(5) and Section 6.7, consistent with the European Union Platform-to-Business Regulation for in-scope users. This advance-notice protection operates in addition to the statement of reasons and appeal stated above.

4. Urgent and illegal cases. The advance notice in Section 15.3(3), and the non-urgent sequence in Section 15.3(1), do not apply where the Company may act immediately under Section 2.6(4) — including conduct described in Section 2.4(2) or 2.4(3), a credible security or risk threat, fraud, illegal content or conduct, a court order or other legal requirement, or repeated infringement. In such a case the Company may take immediate action, including suspension or termination, without advance notice; the affected person retains the statement of reasons and the appeal pathway above, except as Section 15.3(1) provides.

15.4 Effect of Suspension and Termination

1. Effect. On suspension, the affected access is restricted for the period and to the extent stated. On termination, the person's right to access and use the Services, or the affected part of them, ends.

2. Data handling on termination. Personal data is handled on termination as Part 3 provides, including the retention limits and the right-to-erasure framework in Sections 3.5 and 3.10, and, where the person is a Seller, the delete-or-return and Buyer-Data obligations in Sections 6.3(5) and 10.8(2). Where the person is a Covered Entity, protected health information is handled as Part 11 and the Business Associate Agreement provide.

3. Buyer continuity is not extinguished. Suspension or termination of a Seller does not extinguish a Buyer's entitlement to what the Buyer has already paid for. The Buyer-Continuity Guarantee in Section 5.2 survives, and the Company may continue to serve paid Buyers for the access window described there. A person whose access is restricted or ended may still render off the Services any past-due responsibility owed to a Buyer, and the Company does not block the off-platform rendering of such a responsibility; this operates with the no-data-ransom rule of Sections 5.2(4) and 10.8(8).

4. Survival. Suspension or termination does not extinguish a payment obligation that accrued before it, a remedy for breach, or a provision of this Codex that by its nature is intended to survive. The provisions that survive are identified in Part 16, to which this Section points.

15.5 No Waiver

1. Non-enforcement is not a waiver. The Company's decision not to enforce a provision of this Codex, or to delay enforcing it, on any occasion is not a waiver of that provision or of the Company's right to enforce it on that or any other occasion. A waiver is effective only if it is express, and a single or partial exercise of a right does not preclude any further exercise of that right or of any other right. This Section operates with Section 16.12.

Part 16 — General Provisions

This Part is Operative. It applies to every person to the extent its subject matter concerns that person, and it states the general provisions that make this Codex operate.

This Part states the governing law and venue pointer, assignment, severability and reformation, force majeure, notices, integration, survival, third-party beneficiaries, electronic contracting, export and sanctions compliance, incorporated references, waiver and the relationship of the parties, and the acceptance and Change Log. It binds every person to the extent its provisions concern that person.

16.1 Governing Law and Venue

1. Pointer to Part 14. This Codex, and any dispute arising out of or relating to it or to the Services, is governed by the laws of the State of Ohio, without regard to its conflict-of-laws rules, and venue for a matter that proceeds in court lies in the courts located in the State of Ohio, with no county designated, in each case as stated and qualified in Section 14.7 and subject to the consumer home-forum savings in Section 14.6 and the consumer savings in Section 12.5. This Section is a pointer to those provisions, which govern.

16.2 Assignment

1. The Company may assign. The Company may assign or transfer this Codex, in whole or in part, including in connection with a merger, an acquisition, a reorganization, a financing, a sale of assets, or by operation of law. On such an assignment, the Company's rights and obligations under this Codex pass to the successor, and the data-handling commitment in Section 3.3(3) applies.

2. A User may not assign without consent. A User may not assign or transfer this Codex, or any right or obligation under it, without the Company's prior consent, except as the Sale-of-a-Venture and transfer provisions of Part 10 expressly provide for a venture, brand, or storefront. Any attempted assignment in violation of this Section is void.

16.3 Severability and Reformation

1. Reform, then sever. If any provision of this Codex — including any limitation of liability, any carve-out, or any waiver — is held by a court or arbitrator of competent jurisdiction to be invalid, illegal, or unenforceable, that provision is first reformed to the minimum extent necessary to make it valid, legal, and enforceable while preserving its intent and to the maximum extent then enforceable; and only if it cannot be so reformed is it severed. In either case, the remainder of this Codex remains in full force and effect, and the invalidity of a provision as applied to one person or in one jurisdiction does not affect its validity as applied to another person or in another jurisdiction. This Section operates with the read-down provisions in Sections 12.4(7), 12.5(2), and 10.2(3).

16.4 Force Majeure

1. Events beyond reasonable control. Neither party is liable for a failure or delay in performing an obligation under this Codex, other than an obligation to pay an amount that is due, to the extent the failure or delay results from an event beyond that party's reasonable control — including an act of God, a natural disaster, a fire, a flood, an epidemic or pandemic, a war, an act of terrorism, a civil disturbance, a labor dispute, a governmental action, a failure of a utility or telecommunications or hosting provider, or a malicious act of a third party. The affected party performs the obligation as soon as it reasonably can after the event abates. This Section does not excuse a payment that has accrued and is due, and it does not enlarge any commitment of availability beyond the reasonable-efforts standard stated in Section 12.1(3).

16.5 Notices

1. How the Company gives Notice. The Company gives Notice to a person by email to the address associated with that person's Account or, where applicable, by a conspicuous in-product message, as provided in Section 1.1(24). A Notice the Company gives is effective when sent to that address or displayed in the product.

2. How a person gives the Company notice. A person gives the Company notice through the relevant web form or email contact for the subject of the notice — the legal and general contact at legal@egt.studio; the Privacy contact (privacy@egt.studio, Section 3.12); the Security contact (security@egt.studio, Section 3.12); the Copyright / DMCA contact (dmca@egt.studio, Section 9.6); and the Disputes contact (disputes@egt.studio, Section 14.1) — together with the Company's web forms for those subjects. A formal legal notice to the Company is given to the Company's registered-agent address for formal legal notice: The EGT Universe, LLC, c/o Incorp Services, Inc., 9435 Waterstone Boulevard, Suite 140, Cincinnati, OH 45249. That address is the address for formal legal notice and is the only postal address stated in this Codex; it is also the address used where a law requires a postal address, including the DMCA designated-agent listing under Section 9.6 and the formal-notice address under the Business Associate Agreement.

16.6 Entire Agreement

1. Integration. The Operative Terms are the entire agreement between you and the Company with respect to their subject matter, and they supersede all prior and contemporaneous agreements, understandings, and statements on that subject, including the Preamble, every plain-language summary, and all marketing, promotional, and other statements, whether oral or written. Only the Operative Terms bind, as Section 1.1(2) provides. This Section does not relieve the Company of responsibility for a statement that applicable law makes actionable notwithstanding an integration clause; an integration clause does not cure a deceptive statement, and the Company's substantiation discipline under Parts 9 and 12 continues to apply.

16.7 Survival

1. What survives. A provision of this Codex that by its nature should survive the termination or expiration of this Codex, or of a person's use of the Services, survives. The surviving provisions include, without limitation, the privacy and data-protection terms of Part 3 — including the retention, right-to-erasure, and suppression-list provisions — the intellectual-property terms and the surviving license tails of Part 9, the confidentiality and trade-secret obligations of Part 8, fees and other amounts accrued before termination under Part 4, the warranty disclaimers and limitations of liability of Part 12, the indemnification obligations of Part 13, the dispute-resolution and governing-law terms of Part 14, the enforcement and no-waiver terms of Part 15, the Buyer entitlements that this Codex provides survive under Part 5, and this Part 16 — in each case to the extent their subject matter continues to apply.

16.8 Third-Party Beneficiaries

1. No third-party beneficiaries, with one exception. This Codex is for the benefit of you and the Company only, and creates no right, remedy, or benefit enforceable by any other person, except as stated in Section 16.8(2). No person other than you and the Company is a third-party beneficiary of this Codex.

2. Buyers are limited beneficiaries of the Buyer-Continuity Guarantee only. Buyers are limited intended third-party beneficiaries of the Buyer-Continuity Guarantee stated in Section 5.2, solely to enforce that Guarantee, and of nothing else in this Codex. This limited beneficiary status extends only to the Buyer-Continuity Guarantee and the no-data-ransom and entitlement-survival covenants that form part of it, and confers no right to enforce any other provision of this Codex. Except for this narrow exception, the default of no third-party beneficiaries in Section 16.8(1) applies.

16.9 Electronic Contracting

1. Consent to electronic records and signatures. You consent to transact with the Company by electronic means, to receive records and communications electronically, and to the use of electronic records and electronic signatures in connection with this Codex. An electronic acceptance, electronic record, or electronic signature has the same legal effect as a handwritten signature or a paper record, to the fullest extent permitted by the Uniform Electronic Transactions Act and the federal Electronic Signatures in Global and National Commerce Act (ESIGN). The Company records each acceptance as described in Sections 1.3 and 16.13. You may withdraw consent to receive records electronically only by ceasing to use the Services, because the Services are provided electronically.

16.10 Export and Sanctions Compliance

1. Compliance with export controls and sanctions. You must comply with all applicable export-control and economic-sanctions laws, including those of the United States, in your use of the Services. You represent that you are not located in, organized under the laws of, or ordinarily resident in a jurisdiction subject to comprehensive sanctions, that you are not a person with whom dealing is prohibited under applicable sanctions law, and that you will not use the Services in violation of any export-control or sanctions law. The Company may suspend or terminate access where it has a good-faith basis to believe that continued provision of the Services would violate such a law, as Section 2.1(3) and Section 2.6 provide.

16.11 Incorporated References

1. What is incorporated. The following are incorporated into this Codex: the Business Associate Agreement (Part 11); any data-processing addendum the Company makes applicable to a Seller or Covered Entity; the Schedule — Growth Rate / Pricing; and the terms of the Company's payment partner or partners that a person is required to accept under Section 4.6. Each incorporated reference is incorporated to a specific version and applies as part of this Codex.

2. Precedence on conflict. An incorporated reference yields to the Operative Terms on conflict, except as the Operative Terms expressly provide otherwise. In particular, a Role-specific Schedule controls over the general Operative Terms with respect to its subject matter as Section 1.4 provides, and the Business Associate Agreement controls over all other provisions with respect to protected health information as Sections 1.4 and 11.2 provide. No external policy or pricing page is incorporated into this Codex by reference beyond what this Section states.

16.12 Waiver; Relationship of the Parties

1. Waiver. A waiver of a provision of this Codex is effective only if it is express, and the failure or delay of either party to enforce a provision is not a waiver of that provision or of the right to enforce it later, as Section 15.5 provides for the Company's enforcement.

2. Independent contractors. You and the Company are independent contractors. Nothing in this Codex creates a partnership, joint venture, agency, fiduciary, or employment relationship between you and the Company, and neither party has authority to bind the other or to incur an obligation on the other's behalf.

3. Interpretation. Headings, titles, captions, and the Table of Contents are for convenience only and do not affect interpretation; the word "including" is non-limiting; and defined terms control over their ordinary usage, in each case as Sections 1.6 and 1.7 provide.

16.13 Acceptance and Change Log

1. Acceptance. You accept this Codex by affirmatively agreeing to it through the clickwrap mechanism described in Section 1.3 and by accessing or using the Services, and your acceptance is not tied to a numbered Version. The Company keeps records of acceptance as Section 1.3(4) provides.

2. The Change Log. The Company maintains a public Change Log that records each Version, its Effective Date, and a summary of the material changes in that Version, as Section 1.5 provides. A change takes effect as Section 1.5 provides — by your continued access or use after the change takes effect — except for the changes identified in Section 1.5(3), which take effect only with your affirmative agreement; a non-material change takes effect on posting and is recorded in the Change Log.

Schedule — Growth Rate / Pricing

This Schedule is incorporated into the Codex and is operative as to the rates and figures it states. It is part of Part 4 and is read with it; where a rate in Part 4 and a rate in this Schedule differ, the conflict is resolved as Section 1.4 provides. No external pricing page is incorporated into this Codex by reference.

S1 The Growth Rate by Category

1. The rate table. The Growth Rate is the Company's transactional take-rate, charged once on the value of a transaction completed through the Services, by category, as follows:

| Category | Growth Rate | | --- | --- | | Digital goods and subscriptions — including the sale of applications, extensions, plugins, and components through the App Artisan Program and through Universe App Tools | 10% | | Physical goods, and goods or services sold by or for a nonprofit | 3% | | Utilities | 0.5% | | Leasing | 5% |

2. One rate per transaction. A single transaction is charged the Growth Rate for its category once, and the Growth Rate does not compound on itself, as Section 4.1(3) provides. Where a transaction could fall within more than one category, the category that most specifically describes the transaction applies. Sales by an App Artisan and through Universe App Tools are digital-goods sales charged at the digital-goods-and-subscriptions rate, as Section 7.4 provides.

S2 Growth-Rate Principles

1. No eroding cap (no-cap). The Growth Rate for a category does not increase with a Seller's volume, and the Company imposes no per-volume or per-merchant ceiling whose effect is to raise a Seller's effective take-rate as the Seller's volume grows, as Section 4.2(1) provides.

2. Down-only. The Company may decrease the Growth Rate for a category, with the decrease taking effect for transactions completed after it is published. The Company does not increase the Growth Rate that applies to an existing Seller above that Seller's founding ceiling, and any change to the Growth Rate that is materially adverse to a person is a material change made only as Section 1.5 provides, as Section 4.2(2) provides.

3. Founding ceiling. The Growth Rate in effect for a Seller's category when that Seller onboards is the ceiling of the Growth Rate the Company will charge that Seller for that category. A later decrease benefits the Seller; a later increase does not raise the Seller above that ceiling, as Section 4.2(3) provides.

4. Two-line disclosure. Where a Seller is charged the Growth Rate, the Company discloses the applicable rate plainly, in a short, conspicuous statement of no more than two lines, at the point of sale or onboarding, so that the rate and the category to which it applies are clear before the Seller commits, as Section 4.2(4) provides.

S3 Sale-of-a-Venture Facilitation Fee

1. Tapered fee on platform-facilitated transfers only. Where a User sells or transfers a venture, brand, or storefront through a transfer the Company facilitates, a tapered Sale-of-a-Venture facilitation fee applies, as Part 10 governs and Section 4.7 points. The fee is:

| Portion of the transfer value | Sale-of-a-Venture fee | | --- | --- | | The first $25,000 | 5% | | The portion from $25,001 to $250,000 | 3% | | The portion above $250,000 | 1% |

2. Cap. The total Sale-of-a-Venture fee is capped at twenty-five thousand U.S. dollars ($25,000), so that a large transfer is not charged disproportionately.

3. Facilitated transfers only. The Sale-of-a-Venture fee applies only to a transfer the Company facilitates, and is a facilitation fee and not a penalty or an exit charge, as Section 10.4 provides. A private off-platform transfer that the Company does not facilitate does not owe this fee; instead, the transferring User gives a transfer notice and the new owner completes onboarding and thereafter pays the Growth Rate in the ordinary course, as Section 10.4(3) provides.

S4 Assessment, Sole Transactional Take, Processing, and Taxes

1. How and when the Growth Rate is assessed. The Growth Rate is assessed on the value of a transaction as completed through the Services, at the time the transaction is processed, and is accounted for in the settlement of that transaction. Amounts that are not the Company's to take — including taxes the Company collects and remits as a marketplace facilitator under Section 4.5, and amounts a payment partner deducts under Section 4.6 — are not part of the value on which the Growth Rate is charged and are not a second Growth Rate, as Section 4.1(4) provides.

2. Sole transactional take; no stacking. The Growth Rate is the Company's sole transactional charge for the Services. It does not stack on itself, and no Part of this Codex imposes a transactional charge in addition to the Growth Rate, as Sections 4.1(3) and 10.3 provide. The Sale-of-a-Venture facilitation fee in Section S3 is a separate fee for facilitating a transfer and is not a second transactional take on ordinary sales.

3. Payment-partner processing. Payments are handled by the Company's payment partner or partners, whose own processing charges and requirements apply as Section 4.6 provides. A payment partner's processing charge is distinct from the Growth Rate.

4. Taxes. Taxes are handled as Section 4.5 provides, including the Company's collection and remittance as a marketplace facilitator where applicable law so requires, and the Seller's responsibility for taxes otherwise.

S5 Updates to This Schedule

1. Reductions are non-material; increases follow the material-change process. Consistent with the down-only principle in Section S2(2), the Company may update this Schedule as a non-material change only insofar as the update reduces a rate or fee; such a reduction takes effect on posting and is recorded in the Change Log. Any update that increases a rate or fee, or that is otherwise materially adverse to a person, is a material change made only on the advance Notice required by Section 1.5 and the affirmative consent that Section requires for a subscription price increase, and does not raise an existing Seller above that Seller's founding ceiling under Section S2(3).

End of The EGT Codex, Version 18.