TERMS OF SERVICE
TEMPTERA LIMITED
Romanou 2, Tlais Tower, Office 601, 1070 Nicosia, Cyprus
VAT: CY60154949E
Version: 1.0
Effective Date: 01.05.2025
Last Updated: 01.05.2025
IMPORTANT NOTICE — READ CAREFULLY
These Terms of Service constitute a binding legal agreement between you and TEMPTERA LIMITED. By creating an account, accessing the Services, sending or receiving traffic via any number, route, or sender ID provisioned through us, or otherwise using any portion of our platform, you irrevocably accept these Terms in their entirety. If you do not accept these Terms, you must not access or use the Services.
You assume full and personal responsibility for all use of the Services originating from your account. Where you use the Services in a personal capacity, this responsibility extends to your personal estate and assets to the maximum extent permitted under the laws of the Republic of Cyprus, the European Union, and any other applicable jurisdiction.
1. Definitions
For the purposes of these Terms, capitalised terms shall have the following meanings:
"Account" means the user account created by you on the Platform.
"A2P" means Application-to-Person traffic, in which messages are originated by, or routed via, an automated application or platform.
"Carrier" means any underlying mobile network operator, fixed-line operator, transit carrier, aggregator, SMS hub, SS7/Diameter provider, regulated numbering authority, or other upstream supplier whose facilities, routes, numbering ranges, or interconnections are used to deliver any part of the Services.
"CDR" means Call Detail Record or Message Detail Record, including all metadata generated in connection with the use of the Services.
"Company", "we", "us", or "our" means TEMPTERA LIMITED, a private limited liability company duly incorporated and existing under the laws of the Republic of Cyprus, registered office at Romanou 2, Tlais Tower, Office 601, 1070 Nicosia, Cyprus, VAT CY60154949E.
"DID" means a Direct Inward Dialling number, also referred to as a virtual number, telephone number, geographic number, non-geographic number, mobile number, toll-free number, short code, alphanumeric sender ID, or any equivalent telephony numbering resource provisioned, allocated, sub-allocated, hosted, ported, or otherwise made available to you through the Services.
"End User" means any third party that, directly or indirectly, accesses, uses, receives, or is affected by any service, application, or product that you build on or operate through the Services, including the recipients of communications.
"GDPR" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
"Numbering Resources" means DIDs and any other element of a national or international numbering plan made available through the Services.
"Platform" means the websites, customer portals, APIs, dashboards, SDKs, documentation, and any other technical interfaces operated by the Company.
"Services" means, collectively, the supply, provisioning, hosting, routing, termination, origination, and delivery of voice, SMS, MMS, RCS, two-factor authentication, sender ID, number lookup, number porting, SIP trunking, virtual number, DID, and related electronic communications services and any successor, complementary, or ancillary services.
"SMS Services" means the transmission, reception, routing, or delivery of short message service, multimedia message service, RCS, or any equivalent text-based communication, whether person-to-person ("P2P"), application-to-person ("A2P"), or otherwise.
"Traffic" means any voice call, SMS, MMS, RCS message, signalling message, lookup, or other communication originated, terminated, transited, or otherwise processed via the Services.
"You" or "your" means the natural or legal person who has accepted these Terms, registered for an Account, or used the Services, and includes that person's employees, contractors, agents, customers, and End Users.
2. Acceptance, Capacity, and Eligibility
2.1 Binding effect. These Terms enter into force at the moment you create an Account, click "I accept," tick a comparable acceptance box, send your first API request, originate or terminate your first communication via the Services, or otherwise indicate acceptance.
2.2 Capacity. You represent and warrant that you (a) are at least eighteen (18) years of age and have full legal capacity to enter into binding contracts under your domicile law and the laws of the Republic of Cyprus; (b) if acting on behalf of a legal entity, are duly authorised to bind that entity, and the entity is validly existing and in good standing; and (c) are not subject to any restriction, prohibition, or sanction that would prevent your lawful entry into or performance of these Terms.
2.3 No business with sanctioned persons. You represent and warrant on a continuing basis that you, your beneficial owners, your shareholders, your directors, your officers, and your End Users are not (a) listed on any sanctions list maintained by the European Union (including under Council Regulations giving effect to UN Security Council resolutions and EU autonomous sanctions), the United Nations, the United Kingdom (HM Treasury OFSI), the United States (OFAC SDN, SSI, FSE, or sectoral lists), or any equivalent regime; (b) located in, or ordinarily resident in, any country or territory that is the target of comprehensive trade sanctions; nor (c) acting for the benefit of any such person, country, or territory. The Company is entitled, but not obliged, to verify any such representation at any time. The Company's reliance on this representation does not relieve you of your obligations and does not constitute any waiver of the Company's rights. You will notify the Company immediately if any of these representations ceases to be true.
2.4 No consumer use unless expressly accepted. The Services are designed for and offered to professional users (B2B). Nothing on the Platform constitutes a public offer to consumers within the meaning of Directive (EU) 2011/83 (Consumer Rights), Directive 93/13/EEC (Unfair Contract Terms), the Cyprus Law on Certain Aspects of Consumer Sales of Goods 7(I)/2000, the Cyprus Law on Unfair Terms in Consumer Contracts 93(I)/1996, or the Cyprus Law on Consumer Rights 133(I)/2013. Where, notwithstanding the foregoing, you qualify as a "consumer" under mandatory law, your statutory rights are not diminished by these Terms; provisions of these Terms that would, by operation of mandatory consumer law, be unenforceable against you shall be read down to the minimum extent necessary to render them enforceable, and the remainder of these Terms shall continue in full force and effect.
3. Description of the Services
3.1 Nature. The Company provides electronic communications services that include the supply of DIDs, the origination, transit, and termination of voice traffic, the delivery of SMS / MMS / RCS messages, sender ID provisioning, number porting facilitation, SIP trunking, two-factor authentication delivery, lookup, and related ancillary services. Some Services qualify, under Article 2(4) of Directive (EU) 2018/1972 (the European Electronic Communications Code, "EECC"), as "number-based interpersonal communications services"; others as "number-independent interpersonal communications services"; and others again as services consisting wholly or mainly in the conveyance of signals.
3.2 Reliance on third parties. You acknowledge and accept that the Services are delivered, in whole or in part, through Carriers and other third parties whose facilities, terms, technical specifications, regulatory obligations, and tariffs are outside the Company's control, and may include, without limitation, providers comparable to Twilio Inc., Infobip Ltd., Sinch AB, Vonage Holdings Corp., DIDXL B.V., DIDLogic Networks Ltd., Bandwidth Inc., Plivo Inc., Telnyx LLC, DIDWW Ireland Ltd., Voxbone (Bandwidth) S.A., Commio LLC (and its subsidiaries thinQ and Teli), VoIP Innovations LLC, Bird (formerly MessageBird) B.V., Clickatell Inc., Messente Communications OÜ, ClickSend Pty Ltd., SignalWire Inc., Flowroute (Intrado) Inc., and BulkVS LLC. The Company is free to add, remove, replace, or substitute any Carrier or upstream supplier at any time, in its sole discretion, without prior notice and without liability.
3.3 No emergency services. The Services are not a replacement for the public switched telephone network and do not, in general, support reliable connection to emergency services such as 112, 911, or any equivalent number. You agree that you will not rely on the Services for emergency communications, that you will inform your End Users in writing of the absence or limitation of emergency calling, and that you will obtain alternative arrangements where required by law. You assume sole responsibility for any consequence of any End User attempting to use the Services to reach an emergency service.
3.4 No quality of service guarantee. Except where expressly set out in a separate written service-level agreement signed by an authorised officer of the Company, the Services are provided on a "best-efforts" basis. Voice quality, message delivery rates, latency, route quality, sender ID registration outcomes, throughput, and number availability vary by destination, by Carrier, by time, by content, and by regulatory environment, and are not warranted.
3.5 Modifications. The Company may, at any time and at its sole discretion, modify, suspend, replace, deprecate, or discontinue any element of the Services. Where such change is material and adversely affects you, the Company will use reasonable efforts to provide notice via the Platform or by email; however, no such notice is required where the change results from law, regulation, Carrier requirement, security incident, fraud, or force majeure.
4. Identity Verification, Numbering Compliance, and Country-of-Issue Rules
4.1 Country-of-issue rules. Each DID, sender ID, and other Numbering Resource made available through the Services is issued by, or under the authority of, a national numbering authority and is governed at all times by the laws, regulations, numbering-plan rules, and Carrier requirements of the country of issue. These requirements differ by country and may include, without limitation: (a) end-user residency, citizenship, or local-presence requirements (for example, certain United Kingdom geographic numbers, German geographic numbers, French geographic numbers, Italian geographic numbers, Spanish geographic numbers, and many others); (b) registered-address verification within the country of issue; (c) holder identification, beneficial-owner identification, or use-case justification; (d) restrictions on the type of traffic that may be sent to or from the number (geographic vs. non-geographic, fixed vs. mobile, voice vs. SMS, A2P vs. P2P); (e) prohibitions on use outside the country of issue ("nomadic" use restrictions); and (f) prepaid-identification regimes equivalent to, for example, the Cyprus Law on the Identification of Holders and/or Users of SIM or eSIM Cards for Prepaid Mobile Telephony Services 63(I)/2024 (where the Services qualify as prepaid mobile telephony in Cyprus). You are solely responsible for understanding and continuously complying with all such country-of-issue requirements for each Numbering Resource you obtain through the Services. You will provide, on first demand, all documentation, identification, beneficial-ownership information, proof of address, corporate documents, end-user identification, and any other information necessary to satisfy the Company, its Carriers, and the competent numbering authority of the country of issue.
4.2 Numbering rules; no ownership of DIDs. Numbering Resources are made available subject to the rules of the relevant national numbering authority, the regulations of the assigning Carrier, and any applicable end-user residency, business presence, address verification, or use-case restriction. Numbering Resources remain at all times the property of the relevant numbering authority or the assigning Carrier and are licensed to you on a strictly revocable basis. You acquire no ownership interest in any DID. The Company may reclaim, port-out, suspend, or reassign any DID at any time where required by law, regulation, the assigning authority, the Carrier, or where you have breached these Terms. You are responsible, on a continuing basis, for maintaining any local-presence, address-verification, or end-user-residency status that was a condition of the original assignment, and for promptly notifying the Company of any change. You will not represent any DID as a number from a country in which you, or the relevant End User, do not satisfy the country-of-issue requirements.
4.3 A2P registration and 10DLC-equivalent regimes. Where the Services are used to deliver A2P traffic to destinations operating under registration regimes (including, without limitation, the United States 10DLC framework, toll-free verification, the United Kingdom sender ID registry, the Italian or French sender ID registries, the Indian DLT regime, or the equivalent regimes adopted in Saudi Arabia, the United Arab Emirates, Singapore, and other jurisdictions), you are solely responsible for completing all required brand and campaign registrations, paying all associated fees, providing accurate information, and complying with all sender ID, content, and consent restrictions imposed by such regimes.
4.4 Identity verification, sanctions, and cooperation with authorities. You acknowledge that the Company may, at its sole discretion and at any time during or after the contractual relationship, require you (and your beneficial owners, directors, and End Users where relevant) to provide identification, proof of address, proof of beneficial ownership, source-of-funds information, business-description information, intended-use information, and any other information the Company considers reasonably necessary to (a) satisfy upstream Carrier and numbering-authority requirements; (b) ensure compliance with applicable sanctions regimes referred to in clause 2.3; (c) prevent fraud, abuse, or harm to the Company, any Carrier, or any third party; (d) satisfy the requirements of Cyprus Law 63(I)/2024 referred to in clause 4.1, where applicable; (e) comply with any court order, regulatory request, or lawful demand by a competent authority; and (f) where the Company is, or becomes, an obliged entity under the Cyprus Law on the Prevention and Suppression of Money Laundering and Terrorist Financing 188(I)/2007 (as amended), Directive (EU) 2015/849 (4AMLD), Directive (EU) 2018/843 (5AMLD), Directive (EU) 2018/1673, or Regulation (EU) 2023/1113, comply with the customer-due-diligence and ongoing-monitoring obligations imposed thereunder. You will fully cooperate with any such request without undue delay. You authorise the Company to suspend or terminate the Services at any time where any such request is not satisfied to the Company's sole satisfaction.
5. Acceptable Use — User Obligations and Liability
5.1 General undertaking. You undertake that you will, and you will procure that your End Users will, use the Services solely for lawful purposes and in strict compliance with (a) these Terms; (b) the laws and regulations of the Republic of Cyprus, the European Union and the European Economic Area, and every other jurisdiction in which any Traffic originates, terminates, transits, or is received; (c) all applicable Carrier rules, codes of practice, and industry standards; (d) all numbering plan rules; (e) all messaging, sender ID, opt-in, content, and time-of-day restrictions of the destination jurisdiction; and (f) all applicable consumer protection, advertising, e-privacy, and direct marketing rules, including Articles 13 and 16 of Directive 2002/58/EC and any national transposition thereof.
5.2 Prior express consent for messaging. Without limitation to the generality of clause 5.1, where any Traffic constitutes direct marketing, you represent and warrant that, prior to sending or causing to be sent any message, you have obtained from each recipient the freely given, specific, informed, unambiguous, prior, and demonstrable consent required under Article 13 of Directive 2002/58/EC, Articles 6, 7 and 9 of the GDPR, and the corresponding provisions of the Cyprus Law on the Regulation of Electronic Communications and Postal Services 112(I)/2004 (as amended) and the Cyprus Processing of Personal Data (Protection of the Individual) Law 125(I)/2018. You will retain, and will provide to the Company on first demand, full records of consent, including the identity of the consenting individual, the date, time, mechanism, scope, and IP address of consent capture.
5.3 No prohibited content. You will not, and you will not allow any End User to, originate, transmit, route, or terminate any Traffic that:
(a) violates any law, regulation, or Carrier requirement of any source, transit, or destination jurisdiction;
(b) is unsolicited (spam), constitutes phishing, smishing, vishing, "wangiri" callback fraud, "missed call" fraud, traffic-pumping, artificial inflation of traffic, "SIM box" or grey-route bypass, or any equivalent fraudulent, abusive, or deceptive practice;
(c) impersonates any person, sender, brand, governmental body, financial institution, postal carrier, or other entity, or uses a misleading sender ID, calling line identifier, or display name, or constitutes "neighbour spoofing" or any equivalent CLI manipulation prohibited under Article 97 EECC, the BEREC guidelines on CLI spoofing, or any equivalent national rule;
(d) contains, promotes, or facilitates child sexual abuse material, terrorism, violent extremism, human trafficking, illegal firearms or explosives, illegal drugs or controlled substances, illegal gambling, "high-risk financial services" prohibited by the destination jurisdiction, unregistered securities offerings, pyramid schemes, "get-rich-quick" schemes, or any equivalent illegal or grossly objectionable content;
(e) infringes any intellectual property right, right of privacy, right of publicity, trade secret, contract, or other right of any third party;
(f) constitutes harassment, threats, defamation, hate speech, or content unlawful under the Digital Services Act (Regulation (EU) 2022/2065) or its Cyprus implementing measures;
(g) sends pornographic content, escort services, "adult dating," or sexually explicit content where prohibited by Carrier, destination jurisdiction, or sender ID rules;
(h) is sent to recipients on do-not-call, do-not-disturb, opt-out, or equivalent registries;
(i) is sent in volumes or patterns indicative of automated abuse, bot-net activity, denial-of-service attempts, network probing, port scanning, or any conduct that threatens the security, integrity, or availability of any Carrier network, the Platform, or any third-party system;
(j) is encrypted, obfuscated, encoded, or fragmented in a manner designed to evade Carrier or regulatory filtering; or
(k) is otherwise prohibited under these Terms or under any prohibition or restriction notified by the Company to you in writing.
5.4 Personal responsibility. Where you are a natural person, or where you act through a legal entity, you accept that you are personally responsible for the conduct of your Account and for all Traffic, content, fees, charges, fines, claims, losses, costs, and liabilities arising from or relating to the use of the Services through your Account, whether such use is by you, by any End User, by any employee or agent, or by any third party that has gained access to your Account, whether or not such access was authorised by you. To the maximum extent permitted by the laws of the Republic of Cyprus and the European Union, this responsibility is personal, several, and joint with any legal entity through which you operate, and may be enforced against your personal estate and personal assets, including, without limitation, by way of recourse against any guarantor, joint debtor, or beneficial owner.
5.5 Compliance with carrier rules. You acknowledge that Carriers may unilaterally and without prior notice impose, modify, or repeal rules, content restrictions, sender ID requirements, throughput caps, fees, surcharges, or fines, and that any such Carrier action automatically becomes part of your obligations to the Company. Any fee, charge, fine, or pass-through imposed by a Carrier in respect of your Traffic is your sole and exclusive liability and will be invoiced to you, with reasonable evidence on request, without further dispute.
5.6 End User obligations. You will procure that each End User who has access to or benefits from the Services has agreed in writing (including by clickwrap acceptance) to terms substantially equivalent to, and no less protective than, these Terms. The acts and omissions of your End Users are deemed to be your acts and omissions for the purposes of these Terms.
6. Fees, Payment, Taxes, and Suspension
6.1 Fees. You will pay the fees and charges for the Services as set out on the Platform, in your order form, or in any rate sheet communicated to you, plus any usage-based, per-minute, per-message, per-DID, set-up, port-in, port-out, registration, fine pass-through, surcharge, regulatory recovery, and equivalent charge. Unless expressly stated otherwise, fees are quoted exclusive of VAT and other applicable taxes, duties, levies, and charges, all of which are payable in addition by you.
6.2 Pre-paid balance. Where the Services are sold on a pre-paid basis, the Company may suspend the Services without further notice when your balance is exhausted. Unused balances are non-refundable except where a refund is required by mandatory law.
6.3 Invoices. Invoices are payable within the period stated on the invoice or, in default, within fifteen (15) days of issue. Statutory interest under the Cyprus Law on Combating Late Payment in Commercial Transactions 123(I)/2012, transposing Directive 2011/7/EU, applies automatically to overdue amounts.
6.4 Suspension and termination for non-payment. The Company may suspend or terminate the Services without further notice in the event of non-payment of any undisputed amount after the due date.
6.5 Disputes. Invoice disputes must be raised in writing within fifteen (15) days of the invoice date, failing which the invoice is deemed accepted. Disputed amounts must be paid in escrow or, at the Company's option, paid in full pending resolution.
6.6 Right of set-off. The Company may set off any amount due to you against any amount due from you, including future amounts.
6.7 Reverse charge. Where the reverse-charge mechanism under Article 196 of Council Directive 2006/112/EC (the EU VAT Directive) applies, the relevant invoice will be issued accordingly and you will self-account for VAT in your Member State.
7. Term, Suspension, and Termination
7.1 Term. These Terms commence on acceptance and continue until terminated in accordance with this clause 7.
7.2 Termination for convenience. Either party may terminate these Terms for convenience by giving thirty (30) days' written notice, save where a fixed-term commitment is in force, in which case the fixed term and any associated minimum spend obligation will continue.
7.3 Suspension for cause. The Company may immediately suspend, throttle, restrict, or terminate the Services, any DID, or your Account, in whole or in part, with or without notice, where the Company has reasonable grounds to believe that:
(a) you have breached, or any End User has breached, any provision of these Terms;
(b) any Traffic is or may be unlawful, fraudulent, abusive, or in breach of any Carrier rule;
(c) the Services are causing or may cause harm to the Platform, any Carrier, any third party, any network, or any individual;
(d) any information provided by you is or has become inaccurate, incomplete, or misleading;
(e) the continuation of the Services would or may expose the Company to legal, regulatory, reputational, financial, or operational risk;
(f) any Carrier, regulator, court, or competent authority requests or requires suspension or termination; or
(g) you have ceased to satisfy customer due-diligence requirements.
7.4 Consequences of termination. Upon termination, (a) all rights to use the Services cease; (b) all DIDs, sender IDs, and other Numbering Resources are returned to the Company or relevant authority; (c) all unpaid amounts become immediately due and payable; (d) the Company will, where lawful and operationally reasonable, retain CDRs and account data for the periods set out in the Privacy Policy; and (e) clauses that by their nature should survive (including but not limited to clauses 1, 5, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, and 20) survive.
8. Intellectual Property
8.1 Company IP. All intellectual property rights in and to the Platform, the Services, the documentation, the API, the dashboard, all Company trademarks, and all derivative works thereof, are and remain the exclusive property of the Company and its licensors. No right or licence is granted to you other than the limited, revocable, non-exclusive, non-sublicensable, non-transferable right to use the Services strictly in accordance with these Terms during the term.
8.2 No reverse engineering. You will not reverse-engineer, decompile, disassemble, scrape, mirror, frame, or attempt to derive source code from the Platform, except to the limited extent permitted by Article 6 of Directive 2009/24/EC (Software Directive) or its Cyprus implementation, and only after first requesting from the Company the information needed for interoperability.
8.3 Customer content. You retain ownership of content you submit. You grant the Company and its Carriers a worldwide, royalty-free, non-exclusive licence to host, transmit, route, store, copy, log, and process such content solely as necessary to provide the Services, comply with law, and exercise the Company's rights under these Terms.
8.4 Feedback. Any feedback, suggestion, or improvement that you communicate to the Company is granted to the Company on a perpetual, irrevocable, royalty-free, transferable, sublicensable basis.
9. Confidentiality
9.1 Each party will keep confidential and not disclose to any third party (other than its professional advisors and Carriers, and on a need-to-know basis under equivalent obligations) any non-public information of the other party, and will use such information only for the purpose of these Terms. This obligation survives termination for a period of five (5) years.
9.2 Confidentiality does not extend to information that is or becomes public through no fault of the receiving party, was lawfully known prior to receipt, is independently developed without use of the other's information, or is required to be disclosed by law, regulator, or court order.
10. Data Protection
10.1 Roles. With respect to personal data processed in connection with the Services, the Company acts as: (a) controller in respect of customer account data, KYC data, billing data, and certain traffic and location data the processing of which is mandated by the EECC, the ePrivacy Directive 2002/58/EC, the Cyprus Law 112(I)/2004, the Cyprus Law on the Retention of Telecommunications Data 183(I)/2007, and equivalent obligations imposed on electronic communications service providers; and (b) processor in respect of personal data that you upload, transmit, or process via the Services for your own purposes, where you act as the controller or as a processor for an upstream controller.
10.2 Article 28(3) processor terms. Where the Company acts as processor in respect of personal data uploaded, transmitted, or otherwise made available by you (or by an upstream controller for whom you act) via the Services, the following terms apply in accordance with Article 28(3) GDPR. They form a written contract for the purposes of that provision.
(a) Subject matter, nature, and purpose. The Company processes personal data only as necessary to provide the Services to you and to comply with applicable law. The subject matter is the supply of voice, SMS, MMS, RCS, and related electronic communications services. The duration is the term of these Terms plus any retention period required by law.
(b) Categories of data and data subjects. Personal data typically includes telephone numbers, calling-line identifiers, sender IDs, message content (where transmitted via the Services), traffic and routing metadata, and any further data you choose to submit. Data subjects typically include your end users and the recipients of communications you originate or address through the Services.
(c) Documented instructions. The Company processes such personal data only on your documented instructions, including with regard to international transfers, save where required to do otherwise by Union or Member State law to which the Company is subject; in such case, the Company will inform you of that legal requirement before processing, unless prohibited by law on important grounds of public interest. Your instructions consist of these Terms and any further written instructions reasonably given by you. The Company will inform you without undue delay if, in its opinion, an instruction infringes data-protection law.
(d) Confidentiality. The Company ensures that persons authorised to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
(e) Security. The Company implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk in accordance with Article 32 GDPR. A description of the measures is available on request to privacy@temptera.com.
(f) Sub-processors. You provide a general written authorisation to the Company's engagement of sub-processors in accordance with Article 28(2) GDPR. The Company's current sub-processors are made available on request to privacy@temptera.com and include the categories of Carriers and upstream suppliers identified in clause 3.2 of these Terms. The Company will inform you of any intended addition or replacement of sub-processors with reasonable notice, giving you the opportunity to object on reasonable data-protection grounds; if no agreement can be reached, you may terminate the affected Services. Sub-processors are bound by data-protection obligations no less protective than those set out in this clause 10.
(g) Assistance with data-subject rights. Taking into account the nature of the processing, the Company assists you by appropriate technical and organisational measures, insofar as possible, in fulfilling your obligation to respond to requests for the exercise of data-subject rights under Chapter III GDPR.
(h) Assistance with security, breaches, DPIAs, prior consultation. The Company assists you in ensuring compliance with Articles 32 to 36 GDPR, taking into account the nature of processing and the information available to the Company.
(i) Personal-data-breach notification. The Company will notify you without undue delay after becoming aware of a personal data breach affecting personal data processed under these Terms, providing the information specified in Article 33(3) GDPR to the extent then available.
(j) Deletion or return of data on termination. At your choice, the Company will delete or return to you all personal data processed on your behalf at the end of the provision of the Services, and will delete existing copies, save where Union or Member State law requires storage of the personal data.
(k) Information and audit. The Company makes available to you all information necessary to demonstrate compliance with the obligations laid down in Article 28 GDPR. The Company allows for and contributes to audits, including inspections, conducted by you or another auditor mandated by you, no more than once in any twelve-month period (save where required by a competent authority or following a personal data breach), on at least thirty (30) days' prior written notice, during normal business hours, subject to confidentiality undertakings, at your cost, and conducted in a manner that does not unreasonably interfere with the Company's business or breach the rights of other customers. Audit reports prepared by independent third parties (such as ISO 27001 or SOC 2 reports) shall be deemed to satisfy this paragraph where relevant.
(l) International transfers. Where the Company transfers personal data processed on your behalf outside the European Economic Area to a country in respect of which the European Commission has not issued an adequacy decision, the parties agree that the European Commission's Standard Contractual Clauses approved by Implementing Decision (EU) 2021/914 of 4 June 2021 ("SCCs") are incorporated into these Terms by reference and apply between the parties. Module Two (controller to processor) applies where you are the controller; Module Three (processor to processor) applies where you are a processor. The optional docking clause is included; the option in clause 7 is included; the option in clause 9(a) is Option 2 (general written authorisation) with a notice period as set out in paragraph (f) above; the option in clause 11 is excluded; the option in clause 17 is Option 1, governed by the law of the Republic of Cyprus; clause 18 designates the courts of Cyprus. The Annexes to the SCCs are deemed to be populated by reference to these Terms, the Privacy Policy, and the security-measures description referenced in paragraph (e) above. The text of the SCCs is published by the European Commission and is publicly available.
10.3 Your obligations as controller. Where you are the controller, you represent and warrant that (a) your processing has a valid lawful basis under Article 6 GDPR (and, where applicable, Article 9 GDPR); (b) you have provided all required information notices to data subjects; (c) you have obtained, and can demonstrate, all consents required under Article 13 of Directive 2002/58/EC and the GDPR; (d) you maintain a record of processing activities under Article 30 GDPR; and (e) you comply with the data minimisation, accuracy, storage limitation, integrity, and confidentiality principles under Article 5 GDPR.
10.4 Privacy Policy. The Company's Privacy Policy (issued separately) describes the personal data the Company processes as controller, the lawful bases relied on, retention periods, recipients, international transfers, and the rights of data subjects.
10.5 Personal data breach notification. Each party will notify the other without undue delay upon becoming aware of a personal data breach affecting personal data processed under these Terms, and will provide all reasonable cooperation necessary to enable the other party to comply with Articles 33 and 34 GDPR.
10.6 Cyprus Commissioner for Personal Data Protection. Data subjects may at any time lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection (https://www.dataprotection.gov.cy), or with the supervisory authority of their habitual residence.
11. Disclaimers
11.1 "As is." Save as expressly stated in these Terms, and to the maximum extent permitted by the laws of the Republic of Cyprus and the European Union, the Services are provided "as is" and "as available", and the Company expressly disclaims all warranties, conditions, representations, and undertakings, whether express, implied, statutory, or otherwise, including any implied warranty of merchantability, satisfactory quality, fitness for a particular purpose, non-infringement, accuracy, completeness, security, uninterrupted operation, error-free operation, deliverability, or quality of routes.
11.2 No warranty of delivery. The Company does not warrant that any voice call will connect, that any SMS or MMS will be delivered, that any sender ID will be accepted, that any DID will be ported, that any A2P registration will succeed, or that any specific throughput, latency, or uptime will be achieved. Delivery receipts (DLRs) reflect Carrier-supplied information only and do not constitute a warranty by the Company.
11.3 Carrier action. The Company is not liable for, and gives no warranty in respect of, any Carrier's blocking, filtering, throttling, surcharging, fining, refunding, or rejecting of any Traffic, sender ID, DID, or content.
11.4 Statutory rights. Nothing in this clause 11 limits or excludes any warranty, condition, or right that cannot be limited or excluded under mandatory law applicable to consumers.
12. Limitation of Liability
12.1 Excluded losses. Subject to clause 12.4, in no event will the Company, its affiliates, officers, directors, employees, agents, suppliers, or Carriers be liable, whether in contract, tort (including negligence), under statute, or otherwise, for any (a) loss of profit, revenue, business, goodwill, anticipated savings, opportunity, or contracts; (b) loss of or damage to data, save where caused by the Company's gross negligence or wilful misconduct; (c) loss arising from Carrier action or inaction; (d) loss arising from regulatory action; (e) loss arising from your or any End User's content, sender ID, or use of any DID; (f) loss arising from any third-party claim brought against you; or (g) any indirect, special, incidental, consequential, exemplary, or punitive loss.
12.2 Aggregate cap. Subject to clause 12.4, the Company's total aggregate liability arising out of or in connection with these Terms, the Services, the Platform, the Privacy Policy, and any related arrangement, whether in contract, tort, under statute, or otherwise, shall not exceed the lesser of (a) the total fees actually paid by you to the Company in the twelve (12) months immediately preceding the event giving rise to liability; and (b) EUR 5,000.
12.3 Single basis of recovery. All claims arising out of the same event or series of related events shall be treated as a single claim for the purposes of this clause 12.
12.4 Exclusions to limitation. Nothing in these Terms limits or excludes any liability that cannot, by law, be limited or excluded, including liability for death or personal injury caused by negligence, fraud or fraudulent misrepresentation, wilful misconduct, or any other matter that, under Cyprus or applicable EU law, cannot be excluded.
12.5 Allocation of risk. You acknowledge that the limitations and exclusions in this clause 12 are reasonable, are an essential basis of the bargain between the parties, are a material inducement to the Company entering into these Terms, and are reflected in the fees charged.
13. Indemnification
13.1 Indemnity by you. You will defend, indemnify, and hold harmless the Company, its affiliates, and their respective officers, directors, employees, agents, contractors, and Carriers from and against any and all claims, demands, suits, actions, investigations, proceedings, fines, penalties, losses, damages, liabilities, costs, and expenses (including reasonable legal fees on a full-indemnity basis), arising out of or relating to:
(a) any actual or alleged breach by you or any End User of these Terms, any law, regulation, or Carrier rule;
(b) any Traffic, content, sender ID, or use of any DID originated, terminated, transited, or otherwise processed via your Account;
(c) any infringement of any third-party right (including intellectual property, privacy, publicity, defamation, and contract);
(d) any failure to obtain or maintain valid prior express consent for messaging or for processing of personal data;
(e) any fine, surcharge, claw-back, recovery, fee, or pass-through imposed by any Carrier, regulator, court, ombudsman, or competent authority;
(f) any tax, duty, levy, or charge that you should have paid;
(g) any complaint, investigation, or proceeding by the OCECPR, the Cyprus Office of the Commissioner for Personal Data Protection, the European Data Protection Board, the Body of European Regulators for Electronic Communications (BEREC), the Federal Communications Commission (FCC), the Federal Trade Commission (FTC), the Telephone Consumer Protection Act (TCPA) class-action plaintiff, or any equivalent body or party.
13.2 Personal recourse. Where you are a natural person or where the breach giving rise to the indemnity is attributable to your personal acts or omissions, the Company is entitled, to the maximum extent permitted by Cyprus and EU law, to enforce the indemnity against your personal estate, including any personal assets, immovable property, securities, deposits, or other property held in your name, and you irrevocably waive any defence based on the corporate veil where the corporate vehicle has been used to facilitate, conceal, or amplify the conduct giving rise to the indemnity. The Company reserves the right to seek piercing of the corporate veil in any competent forum where the conditions for such relief are met.
13.3 Conduct of claim. The Company will (a) notify you of any indemnified claim; (b) allow you to assume control of the defence with counsel reasonably acceptable to the Company; (c) cooperate in the defence at your cost; provided that the Company may at any time take over the defence at your cost where the claim involves the Company's reputation, security, or regulatory standing.
14. Force Majeure
14.1 Neither party is liable for any failure or delay to perform any obligation (other than payment of fees due) where such failure or delay is caused by an event beyond its reasonable control, including act of God, war, armed conflict, civil unrest, sanctions, embargo, fire, flood, earthquake, epidemic, pandemic, public-health emergency, action of any government, regulator, or court, Carrier failure, undersea cable cut, signalling-protocol incident, denial-of-service attack, security incident, telecommunications infrastructure failure, energy supply disruption, strike, or industrial action.
15. Compliance with Sanctions, Export Control, and Anti-Bribery
15.1 You will comply with all applicable sanctions, export-control, and anti-bribery laws, including Council Regulations of the European Union, the United Nations Security Council resolutions, the United Kingdom sanctions regime, the United States International Traffic in Arms Regulations (ITAR) and Export Administration Regulations (EAR) where applicable, the United States Foreign Corrupt Practices Act (FCPA), and the United Kingdom Bribery Act 2010.
15.2 You will not use the Services in any manner that would, directly or indirectly, cause the Company to violate any of the above.
16. Notices
16.1 Notices to the Company must be sent in writing to TEMPTERA LIMITED, Romanou 2, Tlais Tower, Office 601, 1070 Nicosia, Cyprus, with a copy by email to privacy@temptera.com.
16.2 Notices to you may be sent to the email address or postal address most recently provided in your Account, and are deemed received twenty-four (24) hours after dispatch (email) or three (3) business days after posting (post).
17. Changes to These Terms
17.1 The Company may update these Terms at any time. The Company will use commercially reasonable efforts to notify you of material changes via email or via the Platform at least fifteen (15) days before they take effect. Continued use of the Services after the effective date constitutes acceptance. If you do not accept the change, your sole remedy is to terminate your Account before the effective date.
18. Governing Law and Jurisdiction
18.1 Governing law. These Terms, and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with these Terms or their subject matter or formation, are governed by and shall be construed in accordance with the laws of the Republic of Cyprus, without giving effect to any choice or conflict-of-law provision, and excluding the United Nations Convention on Contracts for the International Sale of Goods.
18.2 Jurisdiction. Each party irrevocably submits to the exclusive jurisdiction of the courts of the Republic of Cyprus situated in Nicosia for the resolution of any dispute arising out of or in connection with these Terms. The Company nonetheless reserves the right to bring proceedings against you in any other court of competent jurisdiction, in particular where injunctive or equivalent relief is sought, or to enforce a judgment.
18.3 Consumer carve-out. Where you qualify as a consumer under Regulation (EU) 1215/2012 (Brussels I recast) and Regulation (EC) 593/2008 (Rome I), nothing in this clause 18 deprives you of any non-waivable right to bring proceedings in the courts of your habitual residence or to benefit from the mandatory consumer-protection rules of that residence.
19. Dispute Resolution and ODR Platform
19.1 In accordance with Article 14 of Regulation (EU) 524/2013, consumers resident in the European Union may submit disputes to the European Commission's Online Dispute Resolution platform at https://ec.europa.eu/consumers/odr.
19.2 Before commencing court proceedings, the parties will use reasonable endeavours to resolve any dispute amicably by negotiation between authorised representatives within thirty (30) days of written notice.
20. General
20.1 Entire agreement. These Terms (together with the Privacy Policy, any service-specific addendum, and any signed order form) constitute the entire agreement between the parties on their subject matter and supersede all prior or contemporaneous communications.
20.2 No reliance. You confirm that you have not relied on any statement, representation, or warranty other than those expressly set out in these Terms.
20.3 Severability. If any provision is held invalid, illegal, or unenforceable, the remainder continues in full force; the parties shall negotiate in good faith to replace the affected provision with a valid one of equivalent commercial effect.
20.4 No waiver. Failure or delay to exercise any right is not a waiver of that right.
20.5 Assignment. You may not assign or transfer these Terms without the prior written consent of the Company. The Company may assign or transfer these Terms freely, including to any affiliate or in connection with a merger, acquisition, restructuring, or sale of assets.
20.6 No partnership. Nothing in these Terms creates a partnership, joint venture, agency, or employer-employee relationship.
20.7 Third-party rights. No person other than a party has any right to enforce any term of these Terms, save that affiliates and Carriers may enforce clauses 5, 11, 12, and 13 directly under the rights conferred upon third-party beneficiaries by the laws of the Republic of Cyprus.
20.8 Language. The English version of these Terms is authoritative; any translation is for convenience only.
20.9 Headings. Headings are for convenience only and do not affect interpretation.
Acknowledgement. By using the Services, you acknowledge that you have read, understood, and agreed to these Terms and the Privacy Policy, and that you accept full and personal responsibility for the use of the Services through your Account, to the maximum extent permitted by the laws of the Republic of Cyprus and the European Union.
© 2025 TEMPTERA LIMITED. All rights reserved.