Important: Please read these Terms of Service carefully before using CRA Evidence. By accessing or using our platform, you agree to be bound by these terms.

1. Agreement to Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("User", "you", or "your") and Senda Tech Solutions, S.L., trading as CRA Evidence ("Company", "we", "us", or "our") governing your access to and use of the CRA Evidence platform ("Service").

By creating an account or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms and our Privacy Policy.

1.1 Definitions

In these Terms:

  • "Platform" means the CRA Evidence Platform, the software solution provided by the Company and registered with relevant national cybersecurity authorities.
  • "Service" means the Platform, including all features, APIs, and related services.
  • "Customer Data" means all data you upload or input into the Service, including product information and documents.
  • "SBOM Data" means Software Bills of Materials and related component, dependency, and vulnerability information.
  • "Compliance Artifacts" means reports, exports, and documentation generated by the Service based on your Customer Data.

1.2 Business Use Declaration

This Agreement is a business-to-business ("B2B") contract. By creating an account or using the Service, you represent and warrant that:

(a) You are acting on behalf of a business entity (company, partnership, or sole proprietorship) in the course of your trade, business, craft, or profession; (b) You are not entering into this Agreement as a consumer within the meaning of EU Directive 2011/83/EU on consumer rights; (c) Consumer protection regulations, including the 14-day right of withdrawal under EU Directive 2011/83/EU, do not apply to this Agreement; (d) You have the legal authority to bind the business entity you represent.

If you are a natural person, you confirm that this Agreement relates exclusively to your professional or commercial activity. The Service is not intended for personal, family, or household use.

2. Description of Service

CRA Evidence is a compliance management platform designed to help manufacturers of Products with Digital Elements (PDEs) meet the requirements of:

  • EU Cyber Resilience Act (Regulation (EU) 2024/2847)
  • BSI TR-03183 (SBOM quality and vulnerability handling)

The Service allows you to:

  • Register and manage products and versions
  • Upload, validate, and store Software Bills of Materials (SBOMs)
  • Manage compliance documentation
  • Track CRA readiness status
  • Generate technical file exports

2.1 Artificial Intelligence and Machine Learning

The Service incorporates artificial intelligence and machine learning features for SBOM analysis, vulnerability matching, and compliance assessment.

Company will not use Customer Data or Customer's Compliance Artifacts to train AI or machine learning models.

Company may collect, use, and analyse aggregated, anonymised usage data (logs, metadata, feature interaction patterns) that cannot identify Customer or its users, to improve the Service and train internal models.

AI-generated outputs (vulnerability assessments, compliance scores, readiness indicators) are provided as tools to assist Customer's decision-making. Customer is solely responsible for verifying AI outputs before relying on them. Company makes no warranty as to the accuracy, completeness, or fitness for purpose of AI-generated outputs.

Customer may contact support to request that AI features be disabled for their account.

2.2 Trial Access

If Company grants Customer access to a trial, the Service is made available for the period communicated at registration ("Trial Period").

The Trial Period ends at the earlier of: (a) the end of the communicated trial period; (b) the start date of any paid subscription; or (c) termination by Company at its sole discretion.

Upon expiry of the Trial Period, Customer's account will be suspended and access to the Service will be locked immediately. No grace period applies to trial expiry.

Customer Data is preserved following trial expiry and is subject to the standard data retention policy in Section 13.3. Company recommends Customer export any data before the Trial Period ends if Customer does not intend to subscribe.

TRIAL DISCLAIMER: TRIAL ACCESS IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. COMPANY HAS NO INDEMNIFICATION OBLIGATIONS WITH RESPECT TO TRIAL ACCESS UNLESS SUCH EXCLUSION IS NOT ENFORCEABLE UNDER APPLICABLE LAW, IN WHICH CASE COMPANY'S LIABILITY WITH RESPECT TO TRIAL ACCESS SHALL NOT EXCEED EUR 100. CUSTOMER SHALL BE FULLY LIABLE UNDER THIS AGREEMENT FOR ANY DAMAGES ARISING OUT OF CUSTOMER'S USE OF TRIAL ACCESS AND ANY BREACH OF THESE TERMS DURING THE TRIAL PERIOD.

Important Compliance Notice

The Service is designed to assist you in managing documentation and evidence related to the EU Cyber Resilience Act. However:

  • The Service does NOT guarantee compliance with the CRA, EN 303 645, or any other regulatory requirement.
  • You remain solely responsible for ensuring your products comply with all applicable laws and regulations.
  • The Service does NOT constitute legal, regulatory, or professional advice.
  • CRA Evidence is NOT a Notified Body, Conformity Assessment Body, or certification authority.
  • Use of the Service does NOT guarantee market surveillance authority approval or avoidance of regulatory penalties.

We recommend consulting with legal counsel and qualified conformity assessment bodies regarding your specific CRA compliance obligations.

3. Account Registration

3.1 Eligibility

To use the Service, you must:

  • Be at least 18 years of age
  • Have the legal authority to enter into these Terms
  • Represent a legitimate business entity (for business accounts)

3.2 Account Security

You are responsible for:

  • Maintaining the confidentiality of your account credentials
  • All activities that occur under your account
  • Notifying us immediately of any unauthorized access

3.3 Accurate Information

You agree to provide accurate, current, and complete information during registration and to update this information as needed.

3.4 Authorized Users

Customer may designate employees, contractors, and agents to access the Service as authorised users ("Authorised Users").

Account credentials (username and password) are personal to each Authorised User and may not be shared with or used by any other person.

Sharing credentials or permitting concurrent access by multiple individuals under a single account is a material breach of these Terms.

Customer is responsible for all actions taken by Authorised Users and for ensuring Authorised Users comply with these Terms.

Customer must notify Company immediately at security@craevidence.com upon becoming aware of any unauthorised access to or use of an account.

4. Acceptable Use

You agree NOT to:

  • Use the Service for any unlawful purpose
  • Upload malicious content, viruses, or harmful code
  • Attempt to gain unauthorized access to the Service or other accounts
  • Interfere with or disrupt the Service or servers
  • Reverse engineer, decompile, or disassemble any part of the Service
  • Use automated systems to access the Service without permission
  • Resell or redistribute the Service without authorization
  • Use the Service to store or transmit content that infringes intellectual property rights

4.5 Prohibited Uses — Competitive Activity

"Competitor" means any entity that provides, develops, or is actively planning to provide products or services that are substantially similar to or competitive with the Service (compliance management, SBOM management, or CRA readiness platforms).

The following are prohibited and constitute a material breach:

(a) Accessing or using the Service if you are a Competitor; (b) Accessing or using the Service on behalf of, or for the benefit of, a Competitor; (c) Using the Service to benchmark, evaluate, replicate, or develop features for a competing product; (d) Extracting, scraping, or systematically collecting Service data, workflows, or outputs for competitive purposes.

Company may terminate access immediately and without cure period upon discovering a violation of this section.

5. Confidentiality

5.1 Definition

"Confidential Information" means any financial, technical, or business information disclosed by one party ("Disclosing Party") to the other ("Receiving Party") that is designated as confidential at the time of disclosure or that a reasonable party would understand to be confidential given the context of disclosure.

The Service and its underlying technology constitute Company's Confidential Information. Customer Data constitutes Customer's Confidential Information.

5.2 Obligations

The Receiving Party agrees to:

(a) Protect the Disclosing Party's Confidential Information with at least the same degree of care it uses for its own confidential information, and in no event less than reasonable care; (b) Use Confidential Information only to exercise rights and fulfil obligations under these Terms; (c) Limit disclosure to employees, contractors, and advisors with a need to know who are bound by confidentiality obligations no less protective than those in this section.

5.3 Compelled Disclosure

The Receiving Party may disclose Confidential Information if required by law or court order, provided that the Receiving Party gives the Disclosing Party prior written notice sufficient to allow the Disclosing Party to seek a protective order, and any disclosure is limited to what is legally required.

5.4 Exclusions

The following are not Confidential Information:

(i) information that becomes publicly available through no breach by the Receiving Party; (ii) information independently developed by the Receiving Party without reference to Confidential Information; (iii) information received from a third party without confidentiality restrictions.

5.5 Remedies

Either party may seek injunctive or other equitable relief for a breach or threatened breach of this section without needing to prove irreparable harm or post a bond.

5.6 Duration

Confidentiality obligations survive termination of this Agreement for a period of three (3) years, except with respect to trade secrets, which shall be protected for as long as the information remains a trade secret under applicable law.

6. User Content

6.1 Ownership

You retain ownership of all content you upload to the Service ("User Content"), including SBOMs, documents, and product information.

6.2 License to Us

By uploading User Content, you grant us a limited, non-exclusive license to store, process, and display the content as necessary to provide the Service to you.

6.3 Your Responsibilities

You are solely responsible for:

  • The accuracy and legality of your User Content
  • Ensuring you have the right to upload and share the content
  • Backing up your important data

7. Intellectual Property

7.1 Our Property

The Service, including its design, features, functionality, and content (excluding User Content), is owned by us and protected by copyright, trademark, and other intellectual property laws.

7.2 Limited License

We grant you a limited, non-exclusive, non-transferable license to access and use the Service for its intended purpose, subject to these Terms.

7.3 Compliance Artifacts

You own all Compliance Artifacts generated by the Service based on your Customer Data, including:

  • Technical file exports and compliance reports
  • CRA readiness assessments and checklists
  • SBOM exports in CycloneDX or SPDX formats

We retain no ownership rights to your Compliance Artifacts after generation.

7.4 Feedback

Customer may provide suggestions, comments, enhancement requests, or other feedback regarding the Service ("Feedback").

By submitting Feedback, Customer grants Company a fully paid-up, royalty-free, worldwide, irrevocable, perpetual, transferable, sublicensable license to use, reproduce, modify, distribute, and commercialise the Feedback in connection with the Service and Company's other products and services.

Company has no obligation to implement any Feedback.

Company will treat Feedback as confidential if Customer marks it as such.

Customer retains no IP rights in features or improvements that Company builds based on Feedback, even if substantially similar to the Feedback submitted.

8. Fees, Payment, and Subscription Terms

8.1 Subscription Plans

The Service is offered under paid subscription plans (Professional and Enterprise) as described on our pricing page. Subscriptions are available on a monthly or annual billing cycle.

There is no free tier. A time-limited trial may be offered at our discretion. When the trial period ends, you must subscribe to a paid plan to continue using the Service.

8.2 Payment Methods

We accept the following payment methods:

(a) Credit or debit card -- processed via Stripe. Cards are charged automatically at the start of each billing period. (b) SEPA Direct Debit -- available for customers with a bank account in the SEPA zone (36 countries). A SEPA mandate is collected during checkout. Payments are debited automatically at the start of each billing period. (c) Bank transfer -- available for Enterprise tier and invoiced accounts. Payment instructions are included on each invoice. Funds must be received before or on the due date.

We may add or remove payment methods at our discretion. All payments are processed by Stripe, Inc. and are subject to Stripe's terms of service.

8.3 Auto-Renewal

Your subscription automatically renews at the end of each billing period (monthly or annually) for successive periods of the same duration, unless:

(a) You cancel your subscription before the renewal date as described in Section 8.6; or (b) We terminate your account in accordance with Section 13.

We will send a reminder to the email address associated with your account at least fifteen (15) days before each renewal date, stating the renewal date and the amount to be charged. Non-receipt of a reminder does not affect the auto-renewal of your subscription.

8.4 Pricing

(a) All fees are quoted in Euros (EUR) and are exclusive of applicable taxes (VAT, sales tax) unless stated otherwise. (b) Fees are charged in advance at the beginning of each billing period via the payment method on file. (c) You are responsible for maintaining a valid payment method. If your payment method fails, we will attempt to charge it again. If payment is not received within fourteen (14) days, your account may be suspended per Section 8.7. (d) We may change subscription pricing with at least thirty (30) days' prior written notice. Price changes take effect at the next renewal date. If you do not agree with a price change, you may cancel before the next renewal.

8.5 No Refunds

All fees are non-refundable. Specifically:

(a) Monthly subscriptions: No refunds for partial months. If you cancel mid-cycle, you retain access until the end of your current billing period. (b) Annual subscriptions: No refunds or pro-rata credits for unused months. If you cancel mid-term, you retain access until the end of your annual billing period. (c) Downgrades: No refund is provided for the remaining period. (d) Exceptions: Nothing in this section affects any statutory rights you may have under applicable law that cannot be excluded by contract.

8.6 Cancellation

You may cancel your subscription at any time through your account settings (Settings > Billing > Manage Subscription) or by contacting us at billing@craevidence.com.

(a) Cancellation takes effect at the end of the current billing period. You will not be charged for subsequent periods. (b) You retain full access to paid features until the end of your current billing period. (c) Upon expiration, your account will be locked. Your data is preserved for thirty (30) days. You may reactivate your subscription at any time during this period to regain access and all fees from the original cancellation date to the reactivation date will be charged at the applicable plan rate. (d) After thirty (30) days without an active subscription, we may permanently delete your data. We will send a reminder at least fifteen (15) days before deletion. (e) We will send a confirmation email upon cancellation.

8.7 Suspension for Non-Payment

If we are unable to collect payment for your subscription:

(a) We will notify you by email of the payment failure. (b) We will retry the payment method on file automatically (typically three attempts over seven days). (c) You will have a fourteen (14) day period from the first payment failure to update your payment method or resolve the payment issue. (d) During this period, your account remains fully functional. (e) If payment is not resolved within fourteen (14) days, we will suspend your account. Suspended accounts retain all data but cannot access the Service beyond billing settings. (f) Your account will be reactivated immediately upon successful payment. (g) If payment is not resolved within ninety (90) days of the original payment failure, we may permanently delete your data after sending a thirty (30) day advance warning.

8.8 Late Payment (B2B)

For invoiced accounts (Enterprise tier), amounts not paid when due shall bear interest at the rate of eight (8) percentage points above the European Central Bank's reference rate, calculated daily from the due date until paid in full, in accordance with EU Directive 2011/7/EU on late payment in commercial transactions. In addition, we are entitled to recover a fixed sum of EUR 40 as compensation for recovery costs per overdue invoice.

8.9 Billing Disputes

(a) If you believe a charge is incorrect, you must notify us at billing@craevidence.com within thirty (30) days of the charge date, providing a detailed description of the dispute. (b) Before initiating any payment dispute with your bank, credit card company, or payment provider, you agree to contact us first to attempt resolution in good faith. We commit to responding to billing disputes within five (5) business days. (c) Chargebacks or payment disputes initiated without prior written contact to us may constitute a breach of this Agreement and may result in account suspension and recovery of our administrative costs. (d) Fraudulent chargebacks (disputes filed after receiving and using the Service) may be reported to relevant authorities.

8.10 Taxes

You are responsible for all applicable taxes, duties, and levies imposed by any government authority, except for taxes based on our net income. If we are required to collect taxes, they will be added to your invoice. If you are entitled to a tax exemption, you must provide valid documentation before the charge date.

If you claim exemption from VAT on the basis that you are a VAT-registered business in another EU member state (reverse charge mechanism), you must provide a valid VAT registration number before the charge date. You are solely responsible for the accuracy of the VAT information you provide. If a claimed exemption is invalidated by any tax authority -- including where a VAT number is found to be invalid, expired, or incorrectly applied -- any resulting tax liability, interest, or penalties are solely your responsibility. Company reserves the right to issue a corrected invoice and collect any unpaid VAT.

9. Service Availability and Security

We strive to maintain high availability but do not guarantee uninterrupted access. Where Customer has subscribed to a paid plan, we will endeavour to provide the Service in accordance with the Service Level Agreement available at https://craevidence.com/sla. The Service may be unavailable due to:

  • Scheduled maintenance (with advance notice when possible)
  • Emergency maintenance or security updates
  • Circumstances beyond our reasonable control

9.1 Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments

9.2 Incident Notification

In the event of a security incident affecting your Customer Data, we will:

  • Notify you within 72 hours of becoming aware of the incident
  • Provide details about the nature and scope of the incident
  • Take reasonable steps to mitigate the impact and prevent recurrence

10. Disclaimer of Warranties

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO:

  • WARRANTIES OF MERCHANTABILITY
  • FITNESS FOR A PARTICULAR PURPOSE
  • NON-INFRINGEMENT

We do not warrant that:

  • The Service will meet your specific requirements
  • The Service will be uninterrupted, timely, secure, or error-free
  • The results obtained from using the Service will be accurate or reliable
  • The Service will ensure your CRA compliance (you remain responsible for compliance)

10.1 SBOM and Vulnerability Data

The Service analyzes Software Bills of Materials (SBOMs) you provide. You acknowledge that:

  • We do not warrant that our analysis will identify all components, licenses, or dependencies in your software.
  • Vulnerability information is sourced from third-party databases (NVD, GitHub Advisory, etc.) and may contain inaccuracies, delays, or omissions.
  • We do not guarantee detection of all vulnerabilities ("false negatives") or absence of incorrect vulnerability matches ("false positives").
  • Any remediation actions you take based on Service outputs are your sole responsibility.

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR:

  • INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES
  • LOSS OF PROFITS, DATA, USE, OR GOODWILL
  • BUSINESS INTERRUPTION

OUR TOTAL LIABILITY SHALL NOT EXCEED THE AMOUNT PAID BY YOU FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM.

11.1 Regulatory Exclusions

Without limiting the foregoing, we shall not be liable for:

  • Regulatory fines, penalties, or sanctions imposed by any government authority
  • Costs of product recalls or market withdrawal
  • Market surveillance authority actions or enforcement measures
  • Failure to achieve CRA compliance or conformity assessment approval

11.2 Chargeback and Dispute Costs

If you initiate a payment dispute, chargeback, or payment reversal that is resolved in our favour, you agree to reimburse us for:

(a) The disputed amount; (b) Any fees or penalties imposed on us by payment processors, card networks, or financial institutions as a result of the dispute; (c) Reasonable administrative costs incurred in responding to the dispute.

11.3 Force Majeure

Neither party will be liable for any failure or delay in the performance of its obligations caused by events beyond that party's reasonable control, including but not limited to: acts of God, natural disasters, fire, flood, earthquake, epidemic, pandemic, war, terrorism, civil unrest, labour disputes, government actions, cyberattacks on third-party infrastructure, or failures of third-party service providers (including cloud infrastructure providers).

The affected party must: (a) notify the other party promptly in writing of the force majeure event and its expected duration; and (b) use commercially reasonable efforts to resume performance as soon as practicable.

Payment obligations under Section 8 are explicitly excluded from this section. Force majeure does not excuse failure to pay fees when due.

If a force majeure event continues for more than sixty (60) consecutive days, either party may terminate the affected Order Form or subscription by written notice, with a pro-rata refund of prepaid unused fees.

12. Indemnification

12.1 Indemnification by Customer

You agree to indemnify and hold harmless the Company, its officers, directors, employees, and agents from any claims, damages, losses, or expenses (including reasonable legal fees) arising from:

  • Your use of the Service
  • Your violation of these Terms
  • Your violation of any third-party rights
  • Your User Content

You specifically agree to indemnify us from claims arising from:

  • Inaccurate, incomplete, or misleading SBOM Data you provide
  • Failure to disclose known vulnerabilities or security issues in your products
  • Third-party claims related to your product's components or dependencies

12.2 Indemnification by Company

Company will defend Customer against any third-party claim alleging that the Service, as provided and used in accordance with these Terms, directly infringes a third party's copyright, trademark, patent, or trade secret rights under applicable law. Company will pay damages finally awarded against Customer or agreed in settlement by Company.

Cap: Company's total liability under this section shall not exceed six (6) months of fees paid by Customer in the twelve (12) months preceding the claim.

Exclusions: Company has no obligation under this section if the claim arises from:

(i) Customer's modification of the Service; (ii) Customer's combination of the Service with third-party software, data, or systems not provided by Company; (iii) open-source components or third-party databases integrated into the Service (including NVD, GitHub Advisory, OSV, Grype, or similar); (iv) Customer Data uploaded by Customer; (v) Customer's continued use of the Service after Company notifies Customer of an available fix or non-infringing workaround.

Remedy options: If the Service becomes or is likely to become subject to an infringement claim, Company may at its option: (a) procure Customer's right to continue using the Service; (b) modify the Service to be non-infringing while maintaining equivalent functionality; or (c) terminate the affected Service and provide a pro-rata refund of prepaid unused fees.

This section states Company's sole and exclusive liability and Customer's sole and exclusive remedy for any intellectual property infringement claim.

12.3 Indemnification Procedures

The party seeking indemnification must: (a) promptly notify the indemnifying party in writing of any claim or proceeding for which indemnification is sought (failure to provide prompt notice reduces the indemnifying party's obligations only to the extent it is materially prejudiced by such failure); (b) grant the indemnifying party sole control over the defence and settlement of the claim; and (c) provide reasonable cooperation and assistance at the indemnifying party's expense.

13. Termination

13.1 By You

You may cancel your subscription at any time in accordance with Section 8.6. Account deletion (permanent removal of all data) may be requested separately by contacting privacy@craevidence.com. Account deletion is irreversible.

13.2 By Us

We may terminate your account under the following conditions:

(a) Material breach with cure period: If you materially breach these Terms (other than the exceptions in (b) below), we will provide written notice specifying the breach. If the breach is not remedied within thirty (30) days of notice, we may terminate your account immediately.

(b) Immediate termination (no cure period): We may suspend or terminate your account immediately, without notice, if you: (i) Engage in fraudulent or illegal activity; (ii) Violate Section 4.5 (Competitor Access Restriction); (iii) Create a security risk to the Service or other customers; (iv) Fail to pay applicable fees and the non-payment is not resolved within the fourteen (14) day period specified in Section 8.7.

13.3 Effect of Termination

Upon termination:

  • Your access to the Service will be revoked
  • You may request export of your data within 30 days of termination
  • We will provide exports in standard formats (JSON, CSV, CycloneDX, SPDX)
  • Your Customer Data will be deleted within 30 days after the export period
  • Anonymized, aggregated data may be retained indefinitely for analytics

The same 30-day data retention window applies whether your account ends by cancellation (Section 8.6) or termination (Section 13.2).

13.4 Survival

The following sections survive termination of this Agreement: Section 6 (User Content -- ownership provisions), Section 7 (Intellectual Property), Section 8.5 (No Refunds), Section 8.8 (Late Payment), Section 8.9 (Billing Disputes), Section 10 (Disclaimer of Warranties), Section 11 (Limitation of Liability), Section 12 (Indemnification), Section 14 (Governing Law), and this Section 13.4.

14. Governing Law and Jurisdiction

These Terms shall be governed by and construed in accordance with the laws of Spain, without regard to its conflict of law provisions.

Any disputes arising from these Terms shall be subject to the exclusive jurisdiction of the Juzgados de lo Mercantil of Oviedo, Spain.

15. Changes to Terms

We reserve the right to modify these Terms at any time. We will provide notice of material changes by:

  • Posting the updated Terms on the Service
  • Sending an email to the address associated with your account
  • Displaying a prominent notice on the platform

Your continued use of the Service after changes become effective constitutes acceptance of the revised Terms.

16. Miscellaneous

16.1 Entire Agreement

These Terms, together with the Privacy Policy and Data Processing Addendum (DPA), constitute the entire agreement between you and us regarding the Service.

16.2 Data Processing

For customers in the European Economic Area, our Data Processing Addendum (DPA) forms part of these Terms and governs our processing of personal data on your behalf. The DPA includes EU Standard Contractual Clauses for international data transfers. Contact legal@craevidence.com to request a copy.

16.3 Severability

If any provision of these Terms is found to be unenforceable, the remaining provisions shall remain in full force and effect.

16.4 Waiver

Our failure to enforce any provision of these Terms shall not constitute a waiver of that provision.

16.5 Assignment

You may not assign these Terms without our prior written consent. We may assign these Terms without restriction.

16.6 Terms Version and Acceptance

These Terms are versioned. The current version identifier and effective date are displayed at the bottom of this page. By continuing to use the Service after a new version becomes effective, you accept the revised Terms. We maintain an archive of prior versions available upon request at legal@craevidence.com.

Current version: 3.0 Effective date: April 12, 2026 Previous version: 2.0 (May 1, 2026)

16.7 Publicity

Company may use Customer's company name and logo to identify Customer as a customer of the Service on Company's website and in general marketing materials.

Company will not use Customer's name or logo in press releases, case studies, testimonials, or paid advertising without Customer's prior written consent (email is sufficient).

Customer may revoke general logo/name use at any time by written notice to legal@craevidence.com. Company will remove Customer's name and logo within fifteen (15) business days of receiving such notice.

16.8 Anti-Corruption

Each party represents and warrants that it has not offered, promised, given, or received any bribe, kickback, improper payment, or other thing of value in connection with this Agreement.

Reasonable and customary business gifts and hospitality that are modest in value, openly given, and compliant with applicable law do not violate this section.

Each party agrees to comply with all applicable anti-bribery and anti-corruption laws, including Spain's Organic Law 1/2015 amending the Criminal Code and, where applicable, the UK Bribery Act 2010 and the US Foreign Corrupt Practices Act.

Each party will promptly notify the other upon becoming aware of any actual or suspected violation of this section.

17. Contact Information

For questions about these Terms, please contact us at:

Senda Tech Solutions, S.L. CIF: B26914895 C/ Melquiades Álvarez, 20, Piso 4, Puerta 3 33003 Oviedo, Asturias, España Email: legal@craevidence.com

Last updated: April 12, 2026 Terms version: 3.0