Automize RPA SaaS Platform
Capitol Hill Consulting (Pty) Ltd

1. ACCEPTANCE OF TERMS

The following terms and conditions (the "Terms") constitute a binding agreement between you and Capitol Hill Consulting (Pty) Ltd. ("Capitol Hill", "Automize", "we", "us", or "our") with respect to your use of:

• The website automize.co.za, or any sub-domain or other Capitol Hill website (the "Sites")
• The Automize Robotic Process Automation (RPA) software-as-a-service platform (the "Platform" or "Services")
• The RPA bot software that executes on your systems (the "RPA Bot")
• Any Content (as defined in Section 2 below) and User Generated Content (as defined in Section 4 below)

BY ACCESSING OR USING THE SITES OR SERVICES IN ANY MANNER (WHETHER AUTOMATED OR OTHERWISE), YOU: (A) ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO THESE TERMS, (B) AFFIRM THAT YOU ARE AT LEAST 18 YEARS OF AGE (OR HAVE REACHED THE AGE OF MAJORITY IN THE JURISDICTION WHERE YOU RESIDE), (C) HAVE THE AUTHORITY TO BIND YOUR ORGANIZATION TO THESE TERMS (IF APPLICABLE), AND (D) AGREE TO OUR PRIVACY POLICY AND DATA PROCESSING AGREEMENT.

IF YOU DO NOT AGREE TO THESE TERMS, DO NOT USE THE SITES OR SERVICES.

2. CHANGES TO TERMS

We may, at any time, revise or modify these Terms or impose new conditions for use of the Sites or Services. Such changes, revisions or modifications ("Changes") shall be effective immediately upon notice to you, which may be given by:

• Posting on the Sites
• Email notification to your registered email address
• In-application notification

Material Changes (those affecting data processing, pricing, service levels, or your legal rights) will be provided with at least 30 days' advance notice before taking effect.

Any use of the Sites or Services by you after such notice shall serve as your acceptance of such Changes. If you do not agree to the Changes, you must discontinue use of the Services and may terminate your account within the notice period.

3. DEFINITIONS

For purposes of these Terms:

• "Account" means your registered user account on the Platform.
• "Client Data" means any data, including personal data, that is processed by the RPA Bot on your behalf.
• "Content" means any computer code, software, applications, files, executable files, comments, messages, posts, graphics, text, instructions, images, audio files, videos, and other materials or documents available through the Sites or Services.
• "Personal Data" means any information relating to an identified or identifiable individual, as defined under Applicable Data Protection Laws.
• "Process Data" means workflow definitions, configurations, screenshots, and metadata you create using the Platform.
• "Applicable Data Protection Laws" means GDPR, POPIA, UAE data protection laws, and any other applicable privacy legislation.
• "Services" means the Automize RPA Platform, including the web application and RPA Bot software.
• "User-Generated Content" means any content you create, upload, or share through the Services.

4. SERVICES DESCRIPTION

4.1 Platform Services

Capitol Hill provides a Robotic Process Automation (RPA) software-as-a-service platform that enables you to:

• Design and configure automated business processes
• Deploy RPA bots that execute on your systems
• Store process definitions and configurations on our infrastructure
• Monitor and manage your automated processes
• Access support and documentation

4.2 RPA Bot Software

The RPA Bot is software that:

• Installs and executes on your own PCs or virtual desktops
• Performs automated tasks according to your process definitions
• Stores credentials locally in your device's native keychain
• May create log files on your local systems
• Does not transmit transactional or personal data to our servers (except optional screenshots during process recording)

4.3 Service Levels

Availability Target: 99.5% uptime (excluding scheduled maintenance)

Scheduled Maintenance: We will provide at least 48 hours' notice for planned maintenance, except in emergencies.

Support:

• Email support: support@automize.co.za
• Response times vary by subscription tier
• Emergency support for critical issues

4.4 Service Limitations

The Services are provided subject to:

• Usage limits specified in your subscription tier
• Fair use policies
• Technical limitations of the platform
• Your compliance with these Terms

5. ACCOUNT REGISTRATION AND SECURITY

5.1 Account Creation

Access to the Services requires you to register for an account. You agree to:

• Provide true, accurate, current, and complete information about yourself
• Keep your account information up to date
• Maintain the security and confidentiality of your account credentials
• Accept responsibility for all activities conducted through your account

5.2 Account Types

Direct Client Accounts: For organizations using Automize directly.

Third-Party Consultant Accounts: For independent consultants providing RPA services to their own clients. Additional terms apply (see Section 17).

User Accounts: For individual users within an organization.

5.3 Credentials and Security

• Your username and password are for your exclusive use only
• Sharing credentials is prohibited and may result in immediate account suspension
• You must use strong passwords meeting our minimum requirements (12+ characters, complexity)
• Multi-factor authentication is available and recommended
• You must immediately notify us of any unauthorized use: security@automize.co.za

5.4 Account Responsibility

You are responsible and liable for all activities conducted through your account, regardless of who conducts those activities. You agree that we are not liable for any loss or damage arising from your failure to protect your username or password.

6. DATA PROTECTION AND PRIVACY

6.1 Privacy Policy

All personal information collected by Capitol Hill is subject to our Privacy Policy, which is incorporated into these Terms by reference. By using the Services, you consent to the collection, use, and processing of your information as described in the Privacy Policy.

6.2 Data Processing Agreement

For processing of Personal Data through the Services, the Data Processing Agreement (DPA) between you and Capitol Hill applies. The DPA is available upon request and forms part of these Terms. Key provisions include:

Our Role:

• We act as Data Processor for Process Data you create
• We act as Data Controller for your account and billing information

Your Responsibilities:

• You are Data Controller for any Personal Data processed by your RPA bots
• You must have lawful basis for all data processing
• You must obtain necessary consents from data subjects
• You must comply with Applicable Data Protection Laws

6.3 Data Location and Storage

Server-Side Data (Stored on our AWS infrastructure):

• Process definitions and workflow configurations
• Screenshots (if you enable this feature)
• User account information
• System logs and usage data
• Data location: Ireland

Client-Side Data (Stored on your systems):

• RPA Bot log files
• Credentials (in your device's native keychain)
• Actual transactional data being processed by bots
• Any files or data your bots work with

International Transfers: Where data is transferred internationally, we use Standard Contractual Clauses and appropriate safeguards as required by Applicable Data Protection Laws.

6.4 Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (TLS 1.2+)
• Encryption at rest (AES-256)
• Access controls and authentication
• Regular security updates
• Automated daily backups (30-day retention)
• Security monitoring and incident response

Your Security Responsibilities:

• Secure your own PCs and systems where RPA Bots run
• Implement appropriate access controls
• Protect log files containing sensitive data
• Follow security best practices we provide
• Report security incidents immediately

6.5 Data Retention and Deletion

During Active Service:

• We retain Process Data for as long as you maintain your account
• You can delete Process Data at any time through the Platform
• We retain billing records for 7 years (legal requirement)

Upon Service Termination:

• You have 30 days to export all your data in machine-readable format (JSON/CSV)
• After 30 days, we will delete all your Process Data from production systems
• Backups are purged within 30 days
• We retain only: billing records (7 years) and anonymized usage statistics
• We provide written confirmation of deletion upon request

Data Export: You may export your data at any time through the Platform or by requesting assistance from support@automize.co.za

6.6 Data Subject Rights

Under GDPR, POPIA, and UAE data protection laws, data subjects have rights including:

• Right to access personal data
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to data portability
• Right to restrict processing
• Right to object

For Direct Clients: Forward data subject requests to privacy@automize.co.za. We will respond within 30 days.

For Third-Party Consultants: You are responsible for handling data subject requests from your clients. We will assist you as Data Processor within 10 business days of your request.

6.7 Data Breach Notification

In the event of a data breach affecting Personal Data:

• We will notify you within 24 hours of becoming aware
• We will provide details of the breach, affected data, and remediation steps
• We will assist you in meeting regulatory notification requirements (72 hours under GDPR/POPIA)
• We will notify relevant supervisory authorities as required by law

You must notify us immediately if you discover a breach: security@automize.co.za

7. LICENSE AND ACCEPTABLE USE

7.1 License Grant to You

Subject to these Terms, Capitol Hill grants you a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to:

• Access and use the Platform during your subscription period
• Install and use the RPA Bot software on your authorized systems
• Create and execute automated processes
• Store Process Data on our infrastructure

7.2 License Restrictions

You may NOT:

• Resell, sublicense, or distribute the Services to third parties (except consultants under Section 17)
• Reverse engineer, decompile, or attempt to extract source code
• Remove or modify proprietary notices
• Use the Services for illegal, fraudulent, or malicious purposes
• Exceed usage limits specified in your subscription
• Share your account credentials
• Access other users' or organizations' data
• Use the Services to compete with Automize

7.3 Acceptable Use Policy

Permitted Uses:

• Automate legitimate business processes
• Improve operational efficiency
• Process data you have legal right to process
• Integrate with systems you are authorized to access

Prohibited Activities:

You must NOT use the Services to:

• Violate any laws or regulations
• Infringe intellectual property rights
• Process data without lawful basis
• Circumvent security measures
• Scrape or harvest data without permission
• Spam, phish, or engage in malicious activities
• Access systems without authorization
• Violate third-party terms of service
• Store or process child sexual abuse material
• Facilitate illegal activities (money laundering, fraud, etc.)
• Distribute malware or viruses
• Conduct denial-of-service attacks
• Harvest or collect information about others

7.4 Enforcement

Violations may result in:

• Warning and required corrective action
• Temporary suspension of service
• Permanent termination of account
• Legal action
• Reporting to law enforcement or regulatory authorities

We reserve the right to investigate suspected violations and take appropriate action at our sole discretion.

8. YOUR CONTENT AND DATA

8.1 Process Data Ownership

You retain all rights, title, and interest in your Process Data. By using the Services, you grant us a limited license to:

• Host and store your Process Data
• Process your data to provide the Services
• Make backups for disaster recovery
• Use anonymized, aggregated data for service improvement

8.2 User-Generated Content

Certain areas of the Sites may enable you to share, create, link, upload, or exchange your own Content ("User-Generated Content"). You are solely responsible for:

• The content and accuracy of User-Generated Content
• Any harm resulting from User-Generated Content
• Compliance with applicable laws

When you provide User-Generated Content, you grant Capitol Hill a transferable, royalty-free, sub-licensable, non-exclusive, worldwide license to copy, distribute, modify, display, and otherwise use the User-Generated Content for:

• Providing the Services
• Improving the platform
• Marketing (with your consent)

Capitol Hill reserves the right to remove or modify User-Generated Content that violates these Terms or applicable law.

8.3 Representations and Warranties

By submitting Process Data or User-Generated Content, you represent and warrant that:

• You own or have necessary rights to the content
• The content does not infringe any intellectual property rights
• The content does not violate any laws or regulations
• You have obtained all necessary consents for processing Personal Data
• The content does not contain malware or malicious code

8.4 Client-Side Data

Important: Data processed by RPA Bots on your systems remains on your systems and is not transmitted to Automize servers (except optional screenshots during recording).

You are responsible for:

• All Client Data processed by RPA Bots
• Security of systems where RPA Bots run
• Compliance with data protection laws for Client Data
• Backup of Client Data and log files
• Managing access to Client Data

9. REMOTE ACCESS SERVICES (OPTIONAL)

9.1 Managed Services

If you purchase managed services where we remotely access your systems:

Authorization Required:

• You must provide written authorization for remote access
• You must specify which systems we may access
• You may revoke authorization at any time

Our Obligations:

• Provide 24 hours' advance notice (except emergencies)
• Access only authorized systems and data
• Use secure VPN connections
• Log all remote access sessions
• Provide post-session activity summaries
• Follow the principle of least privilege

Your Obligations:

• Provide necessary access credentials (VPN, system access)
• Ensure we have authorization to access target systems
• Review and approve major changes before implementation
• Respond to our notifications in a timely manner

Documentation:

• All remote access sessions are logged
• Activity summaries provided within 48 hours
• Logs maintained for 7 years

9.2 Emergency Access

In case of critical security incidents or service outages, we may access your systems without 24-hour notice to:

• Contain security breaches
• Restore service functionality
• Prevent data loss
• Address critical bugs

We will notify you as soon as reasonably possible and provide full documentation of emergency activities.

10. THIRD-PARTY CONSULTANTS

10.1 Consultant Use of Platform

Independent consultants may use Automize to provide RPA services to their own clients ("Consultant Clients"), subject to:

Separate Agreement: Consultants must execute a Third-Party Consultant Agreement with Capitol Hill.

Consultant Responsibilities:

• Enter into agreements with their Consultant Clients
• Act as Data Controller for their Consultant Clients' data
• Provide Data Processing Agreements to Consultant Clients
• Comply with all Applicable Data Protection Laws
• Maintain professional indemnity insurance
• Not represent themselves as Capitol Hill employees or agents

Data Segregation:

• Each consultant has a separate, isolated account
• Consultants cannot access other consultants' or Capitol Hill's direct clients' data
• Consultant is responsible for their Consultant Clients' data

Capitol Hill's Role:

• Provides platform infrastructure
• Acts as Data Processor for consultant's Process Data
• Has no direct relationship with Consultant Clients
• Not responsible for consultant's services or client relationships

10.2 End Client Notification

If you are serviced by an independent consultant using Automize:

• The consultant is your primary service provider
• You should have a separate agreement with your consultant
• Data protection questions should be directed to your consultant first
• Platform security questions may be directed to us: privacy@automize.co.za

11. INTELLECTUAL PROPERTY

11.1 Capitol Hill Ownership

The Sites, Services, Platform, and all Content are owned by Capitol Hill and its licensors and are protected under copyright, trademark, and other applicable South African and international laws and treaties.

This includes:

• The Automize software and technology
• Platform architecture and algorithms
• Trademarks, service marks, and logos
• Documentation and training materials
• All intellectual property rights therein

11.2 Your Ownership

You retain ownership of:

• Your Process Data and configurations
• Your business logic and workflows
• Your Consultant Client data (for consultants)
• Any intellectual property you bring to the Services

11.3 Feedback and Suggestions

If you provide suggestions, ideas, or feedback about the Services:

• We may use them without obligation or compensation
• You grant us a perpetual, worldwide, royalty-free license to use such feedback
• We are not required to keep feedback confidential

11.4 Copyright Infringement

We respect copyright laws. If you believe your work has been copied in a way that constitutes copyright infringement, please provide the following to legal@automize.co.za:

• Your physical or electronic signature
• Identification of the copyrighted work
• Identification of the infringing material
• Your contact information
• A statement of good faith belief
• A statement of accuracy under penalty of perjury
• Authorization to act on behalf of the copyright owner

12. FEES AND PAYMENT

12.1 Subscription Fees

Services are provided on a subscription basis. Fees vary by:

• Subscription tier (number of bots, users, features)
• Billing period (monthly or annual)
• Add-on services (managed services, support level)

Current pricing is available at automize.co.za/pricing

12.2 Payment Terms

• Fees are payable in advance (monthly or annually)
• Payment due within 7 days of invoice
• Accepted payment methods: Credit card, bank transfer
• All fees in ZAR (South African Rand) unless otherwise agreed
• Late payments subject to 2% monthly interest
• Service may be suspended after 30 days non-payment

12.3 Price Changes

We may change prices with 60 days' written notice. Price changes do not affect your current billing period. If you disagree with price increases exceeding 15%, you may terminate your account within the notice period.

12.4 Taxes

All fees exclude applicable taxes (VAT, GST, etc.). You are responsible for all taxes except Capitol Hill's income taxes. If we are required to collect or pay taxes, they will be invoiced separately.

12.5 Refunds

Monthly Subscriptions: No refunds for partial months.

Annual Subscriptions: Pro-rated refunds available if you cancel within first 30 days. No refunds after 30 days.

Exceptions: No refunds for accounts terminated for violations of these Terms.

13. TERM AND TERMINATION

13.1 Term

These Terms begin when you accept them and continue until terminated by either party.

Your subscription continues until:

• You cancel your subscription
• We terminate for breach of Terms
• Services are discontinued

13.2 Termination by You

You may terminate at any time by:

• Canceling through your account settings
• Contacting support@automize.co.za

Notice Period:

• Monthly subscriptions: Cancel anytime, effective end of current billing period
• Annual subscriptions: Cancel anytime, no refund except within first 30 days

13.3 Termination by Us

We may terminate or suspend your account immediately if you:

• Materially breach these Terms
• Fail to pay fees for 30 days after notice
• Engage in illegal, fraudulent, or malicious activities
• Violate Applicable Data Protection Laws
• Repeatedly violate Acceptable Use Policy
• Become insolvent or enter bankruptcy

Notice: We will provide 30 days' notice for non-payment issues, immediate termination for security or legal violations.

13.4 Effect of Termination

Upon termination:

Your Obligations:

• All outstanding fees become immediately due
• You must cease using the Services
• You must uninstall RPA Bot software from your systems
• You must return or destroy any confidential information

Our Obligations:

• You have 30 days to export your Process Data
• We provide data in JSON or CSV format
• After 30 days, we delete all your data (except billing records)
• We provide written confirmation of deletion upon request

Survival:

• Sections 6 (Data Protection), 11 (IP), 12 (Fees), 14 (Warranties), 15 (Liability), 16 (Indemnification), and 19 (General) survive termination

14. DISCLAIMERS AND WARRANTIES

14.1 Service "As Is"

EXCEPT AS OTHERWISE SET FORTH IN WRITING BY CAPITOL HILL OR REQUIRED BY LAW, THE SERVICES ARE PROVIDED TO YOU ON AN "AS IS" "AS AVAILABLE" BASIS, WITHOUT WARRANTIES OF ANY KIND.

CAPITOL HILL HEREBY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO ANY IMPLIED WARRANTIES OF:

• MERCHANTABILITY
• FITNESS FOR A PARTICULAR PURPOSE
• ACCURACY
• NON-INFRINGEMENT
• RELIABILITY
• ERROR-FREE OPERATION

14.2 No Guarantee of Results

We do not guarantee that:

• The Services will meet your specific requirements
• The Services will be uninterrupted, timely, secure, or error-free
• Results obtained from the Services will be accurate or reliable
• Defects will be corrected
• The Services are free from viruses or harmful components

14.3 Your Processes

We are not responsible for:

• The processes you choose to automate
• The accuracy or effectiveness of your process definitions
• Compliance of your processes with applicable laws
• Systems or applications your RPA Bots interact with
• Client Data processed by your RPA Bots

14.4 Third-Party Systems

Your RPA Bots may interact with third-party systems. We are not responsible for:

• Availability or functionality of third-party systems
• Third-party terms of service or acceptable use policies
• Data processed by or stored on third-party systems
• Changes to third-party APIs or interfaces

14.5 Data Protection Compliance

While we implement appropriate security measures and provide tools to help you comply with data protection laws, YOU are ultimately responsible for ensuring your use of the Services complies with all Applicable Data Protection Laws.

15. LIMITATION OF LIABILITY

15.1 Exclusion of Consequential Damages

TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL CAPITOL HILL OR ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, LICENSORS, OR SERVICE PROVIDERS BE LIABLE FOR ANY:

• INDIRECT DAMAGES
• INCIDENTAL DAMAGES
• CONSEQUENTIAL DAMAGES
• SPECIAL DAMAGES
• PUNITIVE DAMAGES
• EXEMPLARY DAMAGES

INCLUDING BUT NOT LIMITED TO:

• LOSS OF REVENUE OR PROFITS
• LOSS OF BUSINESS OR BUSINESS OPPORTUNITY
• LOSS OF USE OR LOSS OF DATA
• COST OF SUBSTITUTE SERVICES
• REPUTATIONAL HARM

WHETHER CAUSED BY TORT (INCLUDING NEGLIGENCE), BREACH OF CONTRACT, BREACH OF WARRANTY, OR OTHERWISE, EVEN IF FORESEEABLE AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

15.2 Cap on Liability

IF, NOTWITHSTANDING THE PROVISIONS OF SECTION 15.1, CAPITOL HILL IS FOUND LIABLE FOR ANY LOSS, DAMAGE, OR INJURY UNDER ANY LEGAL THEORY RELATING IN ANY WAY TO THE SERVICES OR THESE TERMS, IN NO EVENT WILL CAPITOL HILL'S AGGREGATE LIABILITY EXCEED THE GREATER OF:

(A) THE TOTAL AMOUNT OF FEES PAID BY YOU TO CAPITOL HILL IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM; OR

(B) ZAR R1,500.00

15.3 Exceptions to Limitations

The limitations in this Section 15 DO NOT apply to:

• Capitol Hill's gross negligence or willful misconduct
• Data breaches caused by our failure to implement required security measures
• Violations of Applicable Data Protection Laws caused by our actions
• Liabilities that cannot be limited under South African law
• Your indemnification obligations under Section 16

15.4 Use at Your Own Risk

USE OF THE SERVICES IS AT YOUR SOLE RISK. THE FOREGOING LIMITATIONS SHALL APPLY EVEN IF YOUR REMEDIES UNDER THESE TERMS FAIL OF THEIR ESSENTIAL PURPOSE.

15.5 Jurisdictional Limitations

Some jurisdictions do not allow the exclusion or limitation of certain warranties or consequential damages, so some of the exclusions and/or limitations in this Section 15 may not apply to you. In such cases, liability will be limited to the maximum extent permitted by applicable law.

16. INDEMNIFICATION

16.1 Your Indemnification Obligations

You agree to indemnify, defend, and hold Capitol Hill and its officers, directors, employees, agents, licensors, and service providers harmless from and against any and all claims, liabilities, losses, damages, judgments, awards, costs, and expenses (including reasonable attorneys' fees) arising out of or resulting from:

• Your use of the Services
• Your Process Data or User-Generated Content
• Your violation of these Terms
• Your violation of Applicable Data Protection Laws
• Your violation of any rights of third parties
• Your violation of any laws or regulations
• Activities conducted through your account
• Your Client Data or how it is processed
• Claims by your Consultant Clients (for consultants)
• Your RPA Bots' interactions with third-party systems
• Unauthorized access resulting from your security failures

16.2 Defense and Settlement

Your indemnification obligations include the duty to defend. You will:

• Promptly notify Capitol Hill of any claim
• Allow Capitol Hill to participate in the defense (at our expense)
• Not settle any claim without our prior written consent
• Provide reasonable cooperation in the defense

16.3 Capitol Hill's Indemnification

Capitol Hill will indemnify you from third-party claims that the Services infringe third-party intellectual property rights, provided:

• You promptly notify us of the claim
• Capitol Hill has sole control of defense and settlement
• You provide reasonable cooperation
• The claim does not arise from your modifications or misuse of the Services

16.4 Survival

Your indemnification obligations survive termination of these Terms.

17. THIRD PARTY MATERIALS

17.1 Third-Party Content

The Services may display, include, or make available third-party content (including data, information, applications, and other materials) or provide links to third-party websites or services (collectively, "Third Party Materials").

Disclaimer: You acknowledge and agree that Capitol Hill is not responsible for Third Party Materials including their:

• Accuracy, completeness, or timeliness
• Validity, legality, or decency
• Quality or suitability for any purpose
• Availability or security

17.2 No Liability

Capitol Hill does not assume and will not have any liability to you or any other person or entity for any Third Party Materials. Third Party Materials and links thereto are provided solely as a convenience to you, and you access and use them entirely at your own risk and subject to such third parties' terms and conditions.

17.3 Third-Party Platforms

Capitol Hill may provide the Services through third-party platforms (cloud providers, app stores, etc.). Additional terms may apply from these platforms which are not under our control. We do not assume any responsibility or liability for your use of Third-Party Platforms.

18. CHANGES TO SERVICES

18.1 Service Modifications

Capitol Hill reserves the right to make changes to, suspend, or discontinue (temporarily or permanently) the Services or any portion thereof at any time, including:

• Adding or removing features
• Modifying user interface
• Upgrading infrastructure
• Deprecating functionality

Notice: We will provide reasonable notice for material changes that negatively impact your use of the Services (typically 30 days).

18.2 No Liability

You agree that Capitol Hill will not be liable to you or to any third party for any such change, suspension, or discontinuance, except as required by law or these Terms.

18.3 Security Updates

We may implement security updates or patches at any time without notice to protect the Services and your data.

19. GENERAL PROVISIONS

19.1 Electronic Communications

The communications between you and Capitol Hill use electronic means. For contractual purposes, you:

• Consent to receive communications from us in electronic form
• Agree that all terms, conditions, agreements, notices, disclosures, and other communications we provide electronically satisfy any legal requirement that such communications be in writing

19.2 Geographic Restrictions

The Services are provided from, and Capitol Hill is based in South Africa. Capitol Hill makes no representation that the Services are accessible, appropriate, or available for use in other locations. Those who choose to access the Services from other locations do so on their own initiative and are responsible for compliance with applicable local laws.

Prohibited Jurisdictions: We do not provide Services to individuals or organizations in jurisdictions where such provision would be illegal or where we are prohibited from operating.

19.3 Governing Law

These Terms and any dispute or claim arising out of or related to these Terms, their subject matter, or their formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of South Africa without giving effect to any choice or conflict of law provision or rule.

19.4 Jurisdiction and Venue

Any legal suit, action, or proceeding arising out of or related to these Terms or the Services shall be instituted exclusively in the courts located in South Africa. You agree to waive any and all objections to the exercise of jurisdiction over you by such courts and to venue in such courts.

19.5 Dispute Resolution

Negotiation: Before initiating legal proceedings, the parties agree to attempt good faith negotiation to resolve any dispute for a period of 30 days.

Escalation: If negotiation fails, either party may pursue:

• Mediation (non-binding)
• Arbitration (for claims under R100,000)
• Litigation (for larger claims)

Injunctive Relief: Either party may seek injunctive relief in court without first pursuing alternative dispute resolution for:

• Intellectual property violations
• Confidentiality breaches
• Unauthorized access or use
• Violations of data protection laws

19.6 Limitation on Time to File Claims

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, ANY CAUSE OF ACTION OR CLAIM YOU MAY HAVE ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICES MUST BE COMMENCED WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION OR CLAIM ACCRUES, OTHERWISE, SUCH CAUSE OF ACTION OR CLAIM IS PERMANENTLY BARRED.

19.7 Waiver and Severability

Waiver: Our failure to exercise or enforce any right or provision of these Terms will not constitute a waiver of such right or provision. Any waiver must be in writing and signed by Capitol Hill.

Severability: If any provision of these Terms is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable for any reason, such provision shall be eliminated or limited to the minimum extent possible and the remaining provisions will continue in full force and effect.

19.8 Entire Agreement

These Terms, together with the Privacy Policy, Data Processing Agreement, and any other agreements expressly incorporated by reference, constitute the sole and entire agreement between you and Capitol Hill with respect to the Services, and supersede and replace all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter.

19.9 Assignment

You may not assign or transfer these Terms or your rights hereunder without our prior written consent. Any attempted assignment in violation of this provision is void.

Capitol Hill may assign these Terms:

• To an affiliate or subsidiary
• In connection with a merger, acquisition, or sale of assets
• To any successor or acquirer

19.10 Force Majeure

Neither party will be liable for delays or failures in performance resulting from circumstances beyond their reasonable control, including:

• Natural disasters
• Wars or terrorism
• Pandemics or epidemics
• Government actions or regulations
• Strikes or labor disputes
• Infrastructure failures (power, internet, cloud provider outages)

The affected party must notify the other party promptly and use reasonable efforts to mitigate the impact.

19.11 Notices

To You: Notices to you may be sent to the email address associated with your account or by posting on the Sites. Notices are effective upon sending (email) or posting (Sites).

To Us: Notices to Capitol Hill must be sent to:

Email:

• General inquiries: info@automize.co.za
• Legal matters: legal@automize.co.za
• Security incidents: security@automize.co.za
• Privacy/data protection: privacy@automize.co.za
• Support issues: support@automize.co.za

Mail: Capitol Hill Consulting (Pty) Ltd
Attn: Legal Department
4 Muller Street
Bethlehem, 9701
South Africa

Notices to us are effective when received.

19.12 Relationship of Parties

You and Capitol Hill are independent contractors. These Terms do not create a partnership, joint venture, agency, franchise, employment, or fiduciary relationship between the parties.

19.13 No Third-Party Beneficiaries

These Terms are for the sole benefit of you and Capitol Hill. Nothing in these Terms, express or implied, is intended to or shall confer upon any third party any legal or equitable right, benefit, or remedy.

Exception: Capitol Hill's officers, directors, employees, agents, licensors, and service providers are third-party beneficiaries of your indemnification obligations under Section 16.

19.14 Survival

The following sections survive termination or expiration of these Terms:

• Section 6 (Data Protection and Privacy)
• Section 8 (Your Content and Data)
• Section 11 (Intellectual Property)
• Section 12 (Fees and Payment) - for amounts owed
• Section 13.4 (Effect of Termination)
• Section 14 (Disclaimers and Warranties)
• Section 15 (Limitation of Liability)
• Section 16 (Indemnification)
• Section 19 (General Provisions)

19.15 Interpretation

Headings: Section headings are for convenience only and do not affect interpretation.

Examples: Examples provided are illustrative and not exhaustive.

Including: The word "including" means "including but not limited to."

Language: These Terms are drafted in English. Any translations are provided for convenience only. In case of conflict, the English version prevails.

19.16 Government Use

If you are a government entity or using the Services on behalf of a government entity, the Services are "Commercial Items" as defined in FAR §2.101 (or equivalent local regulation) and are provided with only those rights as granted to all other customers under these Terms.

19.17 Export Compliance

The Services and related technology may be subject to export control laws and regulations. You agree to comply with all applicable export and re-export restrictions and regulations, and you will not access or use the Services if you are in a country subject to embargo or if you are on any prohibited party list.

19.18 U.S. Government Rights (If Applicable)

If the Services are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor, the Government's rights in the Services will be only those set forth in these Terms, consistent with FAR 12.212 and DFARS 227.7202.

20. SPECIFIC TERMS BY USER TYPE

20.1 Direct Client Terms

If you are using Automize directly for your own organization:

You are responsible for:

• All users and accounts within your organization
• Ensuring your users comply with these Terms
• Managing user access and permissions
• Your organization's data protection compliance
• Systems where RPA Bots run

We provide:

• Direct support and services
• Data Processing Agreement as Data Processor
• Service level targets as specified
• Direct account management

20.2 Third-Party Consultant Terms

If you are an independent consultant using Automize to service your own clients:

Additional Requirements:

• Execute Third-Party Consultant Agreement
• Maintain professional indemnity insurance (minimum coverage specified in Consultant Agreement)
• Provide Data Processing Agreements to your Consultant Clients
• Comply with data protection laws as Data Controller
• Not represent yourself as Capitol Hill employee or agent

Your Responsibilities:

• All relationships with your Consultant Clients
• Compliance for your Consultant Clients' data
• Support for your Consultant Clients (we support you, not them)
• Billing and contracts with your Consultant Clients

Restrictions:

• Cannot access other consultants' or Capitol Hill direct clients' data
• Cannot sublicense or resell Services without written permission
• Must clearly identify yourself as independent consultant

20.3 End User Terms (Consultant's Clients)

If you are being serviced by an independent consultant using Automize:

Your Relationship:

• Your contract is with the consultant, not Capitol Hill
• The consultant is Data Controller for your data
• Direct all service questions to your consultant
• Platform security questions may be directed to privacy@automize.co.za

Capitol Hill's Role:

• Provides platform infrastructure only
• Acts as Data Processor for your consultant
• No direct contractual relationship with you
• Not responsible for consultant's services or data practices

21. REGULATORY COMPLIANCE

21.1 Data Protection Laws

The Services are designed to help you comply with:

• GDPR (General Data Protection Regulation) - UK/EU
• POPIA (Protection of Personal Information Act) - South Africa
• UAE Data Protection Laws - United Arab Emirates

However, YOU are ultimately responsible for ensuring your use complies with all applicable laws.

21.2 Industry-Specific Regulations

If you operate in regulated industries (financial services, healthcare, etc.), you are responsible for:

• Compliance with industry-specific regulations
• Obtaining necessary certifications or approvals
• Implementing required controls
• Conducting required audits or assessments

We will provide reasonable assistance with compliance upon request, subject to additional fees.

21.3 Prohibited Uses in Regulated Industries

Without prior written approval, you may not use the Services to process:

• Payment card information (PCI DSS scope)
• Protected health information (HIPAA in US, equivalent elsewhere)
• Highly sensitive personal data requiring special certifications
• Data subject to specific regulatory approval requirements

Contact legal@automize.co.za to discuss regulated use cases.

21.4 Changes in Law

If changes in Applicable Data Protection Laws or other regulations require us to make material changes to the Services:

• We will notify you promptly
• We will work with you to implement necessary changes
• We may charge additional fees for compliance-related modifications
• You may terminate if changes materially affect your use

21.5 Regulatory Inquiries

If we receive a regulatory inquiry or request related to your use of the Services:

• We will notify you promptly (unless legally prohibited)
• We will cooperate with lawful requests
• We may require your assistance in responding
• You will reimburse reasonable costs of compliance

22. SECURITY AND INCIDENT RESPONSE

22.1 Security Measures

We implement industry-standard security measures including:

• Encryption of data in transit and at rest
• Regular security updates and patches
• Access controls and authentication
• Security monitoring and logging
• Incident response procedures
• Regular security assessments

Security Details: Available in our Security Whitepaper upon request.

22.2 Security Incidents

Reporting: You must immediately report suspected security incidents to: security@automize.co.za

Our Response:

• Acknowledge within 1 hour for critical incidents
• Investigate and contain threats
• Notify you of data breaches within 24 hours
• Provide incident reports and remediation plans
• Assist with regulatory notifications

Your Cooperation:

• Provide timely information about incidents
• Assist with investigation and remediation
• Implement recommended security improvements
• Report incidents on your side that may affect the Services

22.3 Vulnerability Disclosure

If you discover a security vulnerability in the Services:

Please:

• Report it to security@automize.co.za immediately
• Provide detailed information to help us reproduce
• Give us reasonable time to fix before public disclosure
• Do not exploit the vulnerability

We will:

• Acknowledge your report within 48 hours
• Investigate and provide updates
• Fix verified vulnerabilities promptly
• Credit you for responsible disclosure (if desired)
• Not take legal action against good-faith security researchers

22.4 Penetration Testing

You may not conduct penetration testing or security assessments of the Services without prior written approval. Contact security@automize.co.za to request authorization.

23. SERVICE-SPECIFIC TERMS

23.1 RPA Bot Installation

System Requirements:

• Compatible operating system (Windows, macOS)
• Sufficient system resources (RAM, CPU, disk)
• Network connectivity
• Administrative privileges (for installation)

Installation:

• You are responsible for installing RPA Bots
• We provide installation guides and support
• You must keep RPA Bots updated
• Uninstall upon termination

23.2 Credentials Management

Local Storage:

• Credentials are stored in OS-native keychains
• Windows: Windows Credential Manager
• macOS: macOS Keychain
• Never transmitted to our servers

Your Responsibility:

• Secure systems where credentials are stored
• Implement appropriate access controls
• Manage credential rotation
• Protect against unauthorized access

23.3 Log Files

Client-Side Logs:

• Created and stored on your systems
• May contain sensitive data depending on your processes
• Your responsibility to secure and manage
• See our Log Management Guide for best practices

Server-Side Logs:

• System logs retained for 90 days
• Used for security monitoring and troubleshooting
• Subject to our Privacy Policy

23.4 Screenshots

Optional Feature:

• Screenshots can be captured during process recording
• Stored on our AWS infrastructure
• May contain sensitive data
• Can be disabled in settings
• You can delete screenshots at any time

Privacy Considerations:

• Screenshots may capture Personal Data
• Ensure you have legal basis for capturing
• Inform data subjects if required
• Consider disabling if not necessary

23.5 Process Execution

On Your Systems:

• RPA Bots execute on your systems with your credentials
• Bots have same access as the user account running them
• You are responsible for actions performed by bots
• Ensure bots don't violate third-party terms of service

Our Role:

• Provide the automation technology
• Store process definitions
• Enable bot management and monitoring
• Not responsible for bot actions or data processed

24. SUPPORT AND MAINTENANCE

24.1 Support Services

Included Support:

• Email support: support@automize.co.za
• Knowledge base and documentation
• Community forums (if available)
• Product updates and bug fixes

Response Times:

• Critical issues (service down): 4 hours
• High priority: 1 business day
• Normal priority: 2 business days
• Low priority: 5 business days

Response times vary by subscription tier

24.2 Excluded Support

We are not responsible for:

• Third-party systems or applications
• Your system configuration or maintenance
• Custom integrations you develop
• Training or consulting (available separately)
• Issues caused by your modifications

24.3 Maintenance Windows

Scheduled Maintenance:

• Typically during off-peak hours
• 48 hours' advance notice
• Updates posted to status page (when available)

Emergency Maintenance:

• May be performed without notice for security or critical issues
• Notification as soon as reasonably possible

24.4 Service Level Agreement

Availability Target: 99.5% uptime (excluding scheduled maintenance)

Calculation Period: Monthly

Exclusions from SLA:

• Scheduled maintenance
• Force majeure events
• Issues caused by your actions
• Third-party service failures
• Internet or network issues beyond our control

Remedies: Service credits may be available for SLA breaches as specified in separate SLA document (enterprise customers).

25. BETA FEATURES AND TRIALS

25.1 Beta Features

We may offer beta, pilot, or preview features ("Beta Features") that are:

• Still in development and testing
• Not fully tested or validated
• Subject to bugs or errors
• May be discontinued at any time
• Provided "AS IS" with no warranties

Use at Your Own Risk: Beta Features are provided for testing and feedback purposes. Do not use Beta Features for production or critical processes.

25.2 Feedback on Beta Features

If you use Beta Features:

• You agree to provide feedback
• We may use your feedback without compensation
• You acknowledge features may change significantly
• No guarantee features will be released

25.3 Free Trials

Free trials may be offered with:

• Limited duration (typically 14-30 days)
• Limited features or usage
• No payment required
• Automatic conversion to paid (opt-in only)

Trial Terms:

• No SLA applies during trial
• Support may be limited
• Data created during trial is subject to deletion if not converted to paid
• We may terminate trials at any time

26. REFERRALS AND PROMOTIONS

26.1 Referral Program

If we offer a referral program:

• Rewards or credits may be provided for successful referrals
• Specific terms provided in referral program documentation
• Rewards subject to verification
• We reserve right to modify or terminate program

Prohibited:

• Spamming or unsolicited marketing
• False or misleading representations
• Self-referrals or fraudulent activity

26.2 Promotional Offers

Promotional offers (discounts, free periods, etc.) are:

• Subject to specific terms and conditions
• May have expiration dates
• Cannot be combined unless stated
• Subject to verification
• May be modified or terminated at any time

27. ACCESSIBILITY

27.1 Accessibility Commitment

We strive to make the Services accessible to users with disabilities. If you encounter accessibility barriers, please contact us at support@automize.co.za.

27.2 Limitations

While we work to improve accessibility:

• Some features may not be fully accessible
• Third-party integrations may have accessibility limitations
• We cannot guarantee WCAG compliance for all features
• Accessibility improvements are ongoing

28. CONTACT INFORMATION

28.1 General Inquiries

Email: info@automize.co.za
Website: https://automize.co.za
Support: support@automize.co.za

28.2 Specific Contacts

Technical Support: support@automize.co.za
Sales: sales@automize.co.za
Legal Matters: legal@automize.co.za
Privacy/Data Protection: privacy@automize.co.za
Security Incidents: security@automize.co.za
Compliance Questions: compliance@automize.co.za

28.3 Mailing Address

Capitol Hill Consulting (Pty) Ltd
4 Muller Street
Bethlehem, 9701
South Africa

28.4 Business Hours

Monday - Friday: 08:00 - 17:00 SAST
Saturday - Sunday: Closed
Public Holidays: Closed

Emergency security support available 24/7 via security@automize.co.za

29. ACKNOWLEDGMENT AND ACCEPTANCE

By clicking "I Accept," signing up for an account, or using the Services, you acknowledge that:

• ✓ You have read and understood these Terms
• ✓ You agree to be bound by these Terms
• ✓ You have authority to bind your organization (if applicable)
• ✓ You are at least 18 years old
• ✓ You have read our Privacy Policy
• ✓ You agree to receive communications from us
• ✓ You understand your data protection obligations
• ✓ You accept the limitations of liability
• ✓ You will comply with all applicable laws

If you do not agree to these Terms, you must not use the Services.

DOCUMENT VERSION CONTROL

Terms Version: 2.0
Effective Date: Nov 2025
Last Updated: Nov 2025
Previous Version: 1.0 (replaced)
Next Review: Nov 2026

Changes from Previous Version

Version 2.0 (Current):

• Added comprehensive data protection provisions (GDPR/POPIA/UAE compliance)
• Added data retention and deletion policies (30-day export window)
• Added RPA service-specific terms
• Added remote access provisions
• Added third-party consultant terms
• Added security and incident response provisions
• Enhanced privacy and data processing terms
• Added service level commitments
• Updated liability and indemnification sections
• Added regulatory compliance provisions

Version 1.0 (Previous):

• Initial website terms of use

RELATED DOCUMENTS

These Terms should be read together with:

• Privacy Policy - How we collect, use, and protect your information
• Data Processing Agreement - Terms for processing Personal Data (available upon request)
• Service Level Agreement - Service commitments (enterprise customers)
• Third-Party Consultant Agreement - Additional terms for consultants
• Acceptable Use Policy - Detailed usage restrictions (incorporated in Section 7)
• Security Whitepaper - Security measures and practices (available upon request)

DEFINITIONS APPENDIX

Applicable Data Protection Laws: GDPR, POPIA, UAE data protection laws, and other applicable privacy legislation.

Client Data: Data processed by RPA Bots on your systems (not transmitted to our servers except optional screenshots).

Data Controller: Entity that determines purposes and means of processing Personal Data.

Data Processor: Entity that processes Personal Data on behalf of the Controller.

GDPR: General Data Protection Regulation (EU) 2016/679, as applied in the UK.

Personal Data: Any information relating to an identified or identifiable individual.

POPIA: Protection of Personal Information Act, 2013 (South Africa).

Process Data: Workflow definitions, configurations, screenshots, and metadata stored on our servers.

RPA Bot: Software that executes on your systems to perform automated tasks.

Services: The Automize Platform, including web application and RPA Bot software.

Sites: The websites at automize.co.za and related sub-domains.

© 2025 Capitol Hill Consulting (Pty) Ltd. All rights reserved.

Last Updated: Nov 2025

QUICK LINKS

• Privacy Policy
• Contact Us
• Support
• Security
• Request Data Processing Agreement