AUTHLN TERMS OF SERVICE

Effective Date: December 1, 2025

These Terms of Service (“Terms”) govern access to and use of the AuthLN services (“Services”) provided by AuthLN, Inc., a Delaware corporation (“AuthLN,” “we,” “us,” or “our”).

By accessing or using the Services, you agree to these Terms.

These Terms incorporate by reference:

• AuthLN’s Privacy Policy
• AuthLN’s Data Processing Addendum (where applicable)

If you enter into a separate written Master Services Agreement with AuthLN, that agreement controls in the event of a conflict.

1. Description of Services

AuthLN provides authentication enforcement, access control, and security telemetry services designed to strengthen identity protection and reduce unauthorized access attempts.

The Services integrate with third-party identity providers and infrastructure. AuthLN does not replace Customer identity systems and does not control Customer configurations.

2. Account Responsibilities

You are responsible for:

• Maintaining the confidentiality of account credentials
• All activities occurring under your account
• Proper configuration of authentication policies
• Compliance with applicable laws

You must promptly notify AuthLN of any suspected unauthorized use of your account.

3. Acceptable Use

You may not:

• Use the Services for unlawful purposes
• Attempt to disrupt or reverse engineer the Services
• Circumvent authentication controls
• Use the Services in violation of export or sanctions laws

AuthLN reserves the right to suspend or terminate accounts for misuse.

4. Data Protection & Privacy

AuthLN processes personal data in accordance with its Privacy Policy.

Where AuthLN processes personal data on behalf of a Customer, the Customer acts as Data Controller and AuthLN acts as Data Processor.

If required by applicable data protection laws, processing shall be governed by AuthLN’s Data Processing Addendum.

AuthLN does not sell personal information.

Individuals located in certain jurisdictions may have rights regarding their personal data as described in the Privacy Policy.

AuthLN may engage trusted third-party service providers (subprocessors) to support operation of the Services. AuthLN conducts appropriate due diligence and requires such subprocessors to maintain reasonable security and confidentiality protections.

5. Security

AuthLN implements commercially reasonable administrative, technical, and organizational safeguards designed to protect Customer Data.

The Services enhance authentication controls but do not eliminate all security risks.

In the event of a security incident involving personal information, AuthLN will provide notice as required by applicable law or applicable written agreement.

6. Digital Asset Handling

Certain authentication configurations may result in the capture of digital assets.

Captured digital assets:

• Are retained by AuthLN
• Do not constitute Customer funds
• Do not create fiduciary, custodial, escrow, or financial intermediary relationships

AuthLN does not provide insurance or guarantee prevention of financial loss.

7. Intellectual Property

AuthLN retains all rights, title, and interest in and to the Services, including all software, algorithms, documentation, and related intellectual property.

No rights are granted except as expressly stated.

8. Disclaimer of Warranties

THE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE.”

AuthLN disclaims all implied warranties, including merchantability and fitness for a particular purpose.

AuthLN does not warrant that the Services will prevent all unauthorized access or eliminate all security risks.

9. Limitation of Liability

To the maximum extent permitted by law:

AuthLN’s total aggregate liability arising out of or relating to the Services shall not exceed the fees paid by you in the twelve (12) months preceding the claim.

AuthLN shall not be liable for indirect, incidental, consequential, or punitive damages, including loss of profits, revenue, or data.

Some jurisdictions do not allow certain limitations, so portions of this section may not apply.

10. Termination

AuthLN may suspend or terminate access for violation of these Terms.

Upon termination, access to the Services will cease.

11. Governing Law

These Terms are governed by the laws of the State of Delaware.

Venue shall lie in the state or federal courts located in Franklin County, Ohio.

12. Changes to Terms

AuthLN reviews these Terms periodically and may update them from time to time to reflect changes in operations, legal requirements, or security practices. Material changes will be posted with an updated effective date.

Continued use of the Services after changes constitutes acceptance.