Terms of service

1. Acceptance and scope

These Terms of Service (the "Terms") govern your access to Qubicbox Technologies Limited websites, APIs, Trust Notes, and verification products (collectively, the "Services"). By using the Services you agree to be bound by these Terms and any applicable agreements executed with Qubicbox.

If you are accepting the Terms on behalf of an organisation, you represent that you have authority to bind that organisation. You must comply with all applicable laws, including NDPR, NDPA, GDPR, AML/CFT rules, Know Your Customer/Know Your Business regulations, and industry codes of conduct.

Supplemental product schedules, processing agreements, and support annexes are incorporated into these Terms by reference. If there is any inconsistency, the negotiated order of precedence in your commercial agreement applies.

2. Accounts, verification, and platform access

Access to restricted areas of the Services may require registration and verification through Qverity. You agree to provide accurate and complete information, keep credentials confidential, and promptly update information when it changes.

Qubicbox may require administrators to enable multi-factor authentication or hardware-based security keys for privileged actions. We may also ask you to reconfirm control of your domain, email, or phone number if suspicious activity is detected.

• The Services may only be used for lawful business purposes connected to trust, safety, and dispute resolution activities.
• You will not attempt to probe, scan, reverse engineer, or disrupt the Services or any connected systems.
• You must notify Qubicbox immediately if you suspect unauthorised access to your account or credentials.
• You are responsible for ensuring that your end users receive and accept any mandated end user terms, privacy notices, or consent prompts required for Trust Notes or Qverity.

3. Data protection and confidentiality

Each party will process personal data in accordance with applicable privacy laws including Nigeria’s NDPR/NDPA and the EU GDPR. The Qubicbox Privacy Notice forms part of these Terms and describes how we collect, use, and secure information.

If Qubicbox receives a legally binding request for your data, we will notify you promptly unless prohibited from doing so. You are responsible for maintaining your own records of processing activities and privacy impact assessments.

• Where Qubicbox acts as data processor, we will only process personal data in line with your documented instructions and will assist with data subject requests.
• You must not share personal data with Qubicbox unless you have a lawful basis to do so and have provided the necessary notices to individuals.
• Both parties will maintain appropriate technical and organisational measures to protect confidential information and personal data from unauthorised access or disclosure.
• You will ensure cross-border transfers comply with standard contractual clauses or other approved safeguards where required.

4. Service levels, fees, and payment

Unless otherwise agreed in writing, Qubicbox delivers the Services on an "as is" basis. Service level commitments, support hours, or remediation credits are defined in individual customer agreements and incorporated schedules.

Planned maintenance will be communicated in advance and, where possible, performed outside of peak operating windows. Emergency maintenance may occur without notice to preserve system integrity.

Customers are responsible for paying all agreed fees, taxes, and charges within the specified timelines. Failure to pay may result in suspension of access or termination of the Services, and you remain liable for any outstanding amounts and collection costs.

• Disputes regarding invoices must be raised in writing within 14 days of receipt; undisputed amounts remain payable.
• All charges are exclusive of withholding taxes, VAT, or other levies unless expressly stated otherwise.

5. Suspension and termination

Qubicbox may suspend or terminate access to the Services if you breach these Terms, fail to pay fees, violate acceptable use standards, or if required by law or regulatory instruction. We may also suspend access to prevent security threats to you, us, or other users.

You may terminate usage at any time by providing written notice and ceasing access. Termination will not relieve you of obligations accrued before the effective termination date unless otherwise agreed.

Upon termination each party must destroy or return confidential information and personal data except where retention is required by law. Sections relating to confidentiality, data protection, liability, intellectual property, and governing law survive termination.

• If suspension is due to curable breach, we will provide notice describing the breach and remediation steps.
• You are responsible for exporting your data before the effective termination date; post-termination retrieval requests may attract additional fees.

6. Liability and governing law

To the maximum extent permitted by law, Qubicbox is not liable for indirect, consequential, or punitive damages, lost profit, or lost revenue. Aggregate liability for direct damages is limited to the fees paid for the Services in the 12 months preceding the claim, unless prohibited by law.

Nothing in these Terms limits liability for fraud, gross negligence, wilful misconduct, or any other liability that cannot be excluded under applicable law.

These Terms are governed by the laws of the Federal Republic of Nigeria, without regard to conflict of law principles. Parties submit to the exclusive jurisdiction of the courts of Lagos, Nigeria, unless otherwise specified in a written agreement. The United Nations Convention on Contracts for the International Sale of Goods does not apply.

• Each party shall indemnify the other against third-party claims arising from a breach of confidentiality or data protection obligations, subject to the liability cap above.
• Force majeure events (including power grid failures, cyberattacks, or regulatory directives) relieve the affected party from performance while the event persists, provided reasonable mitigation steps are taken.