Provider-Specific Terms (Bonterms Standard End User Agreement v1.0)

Provider-Specific Terms

NVA Ventures Ltd (trading as Narva Software)

Bonterms Standard End User Agreement v1.0

These Provider-Specific Terms form part of the Agreement between NVA Ventures Ltd (trading as "Narva Software"), a company registered in England and Wales (Company No. 15735625), and the Customer, under the Bonterms Standard End User Agreement (Version 1.0) ("Standard Agreement"), available at https://www.atlassian.com/licensing/marketplace/end-user-agreement-v1.

Capitalised terms not defined here have the meanings given in the Standard Agreement.

1. Provider Identity and Notices

The Provider under this Agreement is:

NVA Ventures Ltd (trading as Narva Software)

Registered in England and Wales — Company No. 15735625

Registered office: 71-75 Shelton Street, London WC2H 9JQ, United Kingdom

Notice email: support@narva.net

2. Governing Law and Courts (overrides Section 19.2)

The Governing Law is the law of England and Wales.

The Courts are the courts of England and Wales, to whose exclusive jurisdiction the parties irrevocably submit.

3. Security Measures (supplements Section 3.2)

Provider maintains the following Security Measures:

• Provider holds a SOC 2 Type II certification covering the Security trust services criterion, audited by an independent third-party auditor. A copy of the most recent report summary is available to Customers upon written request and subject to a mutual non-disclosure agreement.

• Provider implements appropriate technical and organisational measures including access controls, encryption in transit and at rest, vulnerability management, and incident response procedures.

• Provider will notify Customer without undue delay upon becoming aware of a security incident affecting Customer Data, in accordance with applicable law.

4. Data Protection (supplements Section 3.3)

Provider’s Cloud Apps are built on the Atlassian Forge platform and operate entirely within Atlassian’s infrastructure. Provider does not access Customer Personal Data in the normal operation of the Products, and such data is processed within Atlassian systems. Atlassian acts as Data Processor for Customer Data within the Atlassian platform, and Atlassian’s Data Processing Addendum governs accordingly.

Enterprise customers may request a Data Processing Agreement by contacting Provider at support@narva.net. Provider will make such agreements available to support customer compliance and procurement requirements.

Provider’s full Data Protection and Privacy Policy is available at: Data Protection and Privacy Policy

5. Support Policy (supplements Section 5.1)

Provider’s Support Policy, including support channels, response times, scope and exclusions, is set out at: Service Level Agreement (SLA)

Provider reserves the right to update the Support Policy with reasonable notice to Customers under Section 19.6 of the Standard Agreement.

6. Acceptable Use (supplements Section 7.1)

Customer must not use the Products to:

• Violate any applicable law or regulation, including UK GDPR and the Data Protection Act 2018

• Transmit malicious code, spam, or unsolicited communications

• Attempt to gain unauthorised access to any system or network

• Use the Products in any manner that could damage, disable, or impair Provider’s infrastructure

• Submit or process Sensitive Personal Information (as defined in Section 20 of the Standard Agreement) through the Products

7. Conflicts

In the event of any conflict between these Provider-Specific Terms and the Standard Agreement, these Provider-Specific Terms shall prevail to the extent of the conflict.

Last updated: April 2026. These Provider-Specific Terms are published by NVA Ventures Ltd and incorporated into the Bonterms Standard End User Agreement (Version 1.0).

Bonterms, Inc. is not a party to and has no liability under this Agreement.