1. INTRODUCTION AND ACCEPTANCE

1.1 Agreement to Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("Customer," "you," or "your") and the applicable Nucleus AI Contracting Party (as defined in Section 1.3 below). These Terms govern your access to and use of the Nucleus AI Neuron Brain platform, including our Neural Network as a Service (NNAS) platform, APIs, web interfaces, applications, AI models, and all related services (collectively, the "Services").

BY ACCESSING OR USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS.

1.2 Our Corporate Structure

"Nucleus AI" refers collectively to The AI Brain Company, Inc. and its affiliates, including Social XOS Artificial Intelligence L.L.C, which operate under a unified corporate structure:

(a) The AI Brain Company, Inc. ("AI Brain") — A corporation incorporated under the laws of Delaware, USA, with its registered agent at Harvard Business Services, Inc., 16192 Coastal Highway, Lewes, Delaware 19958. AI Brain serves as the primary contracting entity for customers outside the UAE/GCC region and holds intellectual property rights to the Nucleus AI platform.

(b) Social XOS Artificial Intelligence L.L.C ("Social XOS") — A limited liability company established under the laws of Mainland Dubai, UAE (DET Contract No. 11114079, established December 18, 2023). Social XOS operates as an affiliate of The AI Brain Company under a unified corporate structure, utilizing AI Brain's intellectual property under license.

Unified Corporate Structure: Social XOS operates under the same corporate structure as The AI Brain Company, Inc., with common ownership and unified management. This structure ensures consistent service delivery, unified liability coverage, and seamless customer experience across all jurisdictions.

1.3 Contracting Party and Applicable Terms

*EU/EEA consumers retain mandatory statutory rights under EU law.

1.4 Product Tiers

• Consumer Products: Nucleus AI Free, Pro, and Max plans

• Commercial Products: Enterprise, API, Gov, Education, Work (Team/Enterprise)

• Third-Party Platforms: Access via AWS, Google Cloud, Azure, or authorized partners

2. SERVICE DESCRIPTION

2.1 Platform Overview

Nucleus AI provides a Neural Network as a Service (NNAS) platform offering contextual intelligence infrastructure, including: AI-powered chatbots and call center solutions; knowledge graph integration (2.2 million token context windows); Constitutional AI governance frameworks; enterprise decision support systems; regulatory compliance automation (ATOM framework); and custom AI model deployment.

2.2 Service Features and Technical Specifications

• Content Filtering: Configurable safety classifiers for harmful content detection

• Rate Limiting: API rate limits per subscription tier (see developers.nucleus.ae)

• Monitoring Dashboard: Real-time usage metrics and cost tracking

• API Versioning: Version-stable APIs with 12-month deprecation notice minimum

• Custom Model Deployment: Enterprise option for fine-tuned models

2.3 Technical Limitations

Customer acknowledges the following technical limitations:

• Context Window: 2.2M tokens maximum per session

• Response Latency: Target 600ms median (P50), not guaranteed

• Model Output Variability: Same input may produce different outputs

• AI outputs may contain errors, inconsistencies, or biases and require human review

2.4 Beta Services

Beta Services are clearly labeled as "Beta," "Preview," "Alpha," or "Experimental" in documentation.

• Beta Services are provided "AS-IS" with no warranties

• Beta Services are excluded from SLA commitments and indemnification

• Beta data retention: Up to 90 days unless ZDR elected

• Beta Services may be discontinued with 30 days' notice where feasible

3. CUSTOMER RESPONSIBILITIES AND RESTRICTIONS

3.1 Account Security

Customer is responsible for maintaining the confidentiality of account credentials, API keys, and access tokens. Customer shall implement multi-factor authentication where available and immediately notify Nucleus AI of any unauthorized access or security breach.

3.2 Acceptable Use

Customer agrees NOT to use the Services to:

• Violate any applicable laws, regulations, or third-party rights

• Generate, distribute, or facilitate illegal, harmful, or malicious content

• Develop competing AI products or services using our outputs

• Reverse engineer, decompile, or attempt to extract source code or models

• Circumvent security measures, rate limits, or access controls

• Represent AI-generated outputs as human-generated where disclosure is required

3.3 High-Risk Use Cases

Without prior written approval from Nucleus AI, Customer shall not use the Services for:

• Critical infrastructure control systems

• Autonomous weapons or military applications

• Medical diagnosis or treatment without licensed professional oversight

• Legal advice without attorney supervision

• Any use classified as "high risk" under EU AI Act or similar regulations

3.4 Prohibited Uses Under EU AI Act

Customer shall not use the Services for AI practices prohibited under Article 5 of EU Regulation 2024/1689, including:

• Social scoring by public authorities

• Exploitation of vulnerabilities of specific groups

• Subliminal manipulation causing harm

• Biometric categorization inferring sensitive attributes

• Real-time remote biometric identification in public spaces (law enforcement)

• Emotion recognition in workplace/education (except with explicit consent)

• Indiscriminate scraping of facial images

3.5 High-Risk Use Notification (EU AI Act)

For High-Risk AI Systems under EU AI Act Annex III, Customer must:

1. Notify Nucleus AI in writing prior to deployment

2. Implement human oversight mechanisms

3. Maintain logs and documentation per EU requirements

4. Conduct conformity assessment where required

5. Register system in EU database where applicable

Nucleus AI reserves the right to decline support for High-Risk use cases that require additional security and compliance measures.

4. DATA, PRIVACY, AND MODEL TRAINING

4.1 Model Training Policy

Commercial Products: Nucleus AI commits to NEVER using Customer Data for model training.

4.2 Zero Data Retention (ZDR)

Enterprise customers may qualify for ZDR arrangements where inputs and outputs are not stored except for real-time abuse detection. Safety classifier results are retained solely for Usage Policy enforcement. ZDR requires a separate security addendum.

4.3 Data Security

4.3.1 Encryption Standards

• At Rest: AES-256 encryption

• In Transit: TLS 1.3 (minimum TLS 1.2)

• Key Management: Hardware Security Modules (HSM) or cloud KMS

4.3.2 Multi-Tenancy Isolation

• Virtual Private Cloud (VPC) segmentation

• Database-level access controls

• Unique encryption keys per customer (Enterprise)

• Network-level isolation (where applicable)

4.3.3 Access Controls

• Role-Based Access Control (RBAC)

• Multi-Factor Authentication (MFA) required for admin access

• Principle of least privilege

• Access logging and regular reviews

4.4 Data Processing Addendum (DPA)

Our DPA with Standard Contractual Clauses (SCCs) is incorporated into Commercial Terms. It addresses GDPR, CCPA, UAE PDPL, and DIFC Data Protection Law compliance. The DPA includes Annex C (Subprocessor List) available at trust.theaibraincompany.com.

4.5 Data Subject Rights and Portability

4.5.1 Data Portability

Upon Customer's request and where technically feasible, Nucleus AI will provide Customer Data in a structured, commonly used, and machine-readable format (JSON, CSV, or XML) within thirty (30) days to facilitate data portability rights under GDPR Article 20 and CCPA Section 1798.130.

4.5.2 Data Subject Access Requests (DSARs)

Customer is responsible for responding to data subject requests. Nucleus AI will provide reasonable assistance to enable Customer to fulfill obligations under GDPR Articles 15-22 and CCPA Sections 1798.100-1798.120, including:

• Access to personal data

• Rectification of inaccurate data

• Erasure ("right to be forgotten")

• Restriction of processing

• Objection to processing

4.5.3 Automated Decision-Making Disclosures

Where Customer uses the Services for automated decision-making with legal or similarly significant effects (GDPR Article 22), Customer must:

6. Obtain explicit consent or establish legal basis

7. Implement suitable safeguards including human intervention rights

8. Provide meaningful information about the logic involved

9. Disclose the use of automated decision-making to data subjects

Nucleus AI's Services are designed as decision-support tools and should not be used as the sole basis for automated decisions without human review.

4.6 Data Residency (Enterprise Tier)

4.6.1 Regional Processing

By default, Customer Data may be processed in any region where Nucleus AI maintains infrastructure. Current regions include: United States (US-East, US-West), European Union (EU-Central), United Arab Emirates (UAE-Dubai), and Asia-Pacific (Singapore).

4.6.2 Data Residency Option

Enterprise customers may elect regional data residency for an additional fee, restricting Customer Data processing to specific geographic regions. Data residency elections must be specified in the Order Form and may affect service availability and latency.

4.6.3 Cross-Border Transfers

Where Customer Data is transferred outside Customer's jurisdiction, such transfers are governed by our Data Processing Addendum and Standard Contractual Clauses (Section 4.4).

5. INTELLECTUAL PROPERTY

5.1 Nucleus AI Property

The AI Brain Company, Inc. retains all rights to the Services, including AI models, neural architectures, algorithms, patents (including quantum-inspired memory systems), and trademarks. Social XOS operates under license from AI Brain but does not acquire ownership of any intellectual property. All intellectual property developed in connection with the Services vests in The AI Brain Company, Inc.

5.2 Customer Rights

Customer retains all rights to Customer Data and owns Outputs generated through authorized use. Customer grants Nucleus AI a limited license to process data solely for service delivery.

5.3 IP Indemnification

Nucleus AI will defend Customer against third-party claims that authorized use of the Services infringes intellectual property rights, subject to:

• Customer's prompt notification and cooperation

• Nucleus AI's control of the defense and settlement

• Exclusions for: modifications, combinations with third-party materials, Customer Data violations, or continued use after notice

6. WARRANTIES AND DISCLAIMERS

6.1 Limited Warranty

Nucleus AI warrants that Services will perform substantially in accordance with documentation during the subscription term. Warranty excludes Beta Services.

6.2 DISCLAIMER

EXCEPT AS EXPRESSLY PROVIDED, SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE." NUCLEUS AI DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. NUCLEUS AI DOES NOT WARRANT THAT AI OUTPUTS WILL BE ACCURATE, ERROR-FREE, OR MEET CUSTOMER'S REQUIREMENTS. CUSTOMER ASSUMES ALL RISK FOR AI OUTPUT VALIDATION.

7. LIMITATION OF LIABILITY

7.1 Exclusion of Consequential Damages

IN NO EVENT SHALL NUCLEUS AI (INCLUDING THE AI BRAIN COMPANY, INC. AND SOCIAL XOS ARTIFICIAL INTELLIGENCE L.L.C) BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFITS, GOODWILL, USE, OR DATA.

7.2 Liability Cap

THE TOTAL AGGREGATE LIABILITY OF NUCLEUS AI (INCLUDING ALL AFFILIATED ENTITIES) SHALL NOT EXCEED THE GREATER OF: (A) AMOUNTS PAID BY CUSTOMER IN THE 12 MONTHS PRECEDING THE CLAIM; OR (B) $100 USD.

7.3 Unified Liability Structure

The liability limitations apply collectively to The AI Brain Company, Inc., Social XOS Artificial Intelligence L.L.C, and their respective officers, directors, employees, and agents. Any claim against one entity reduces the available liability cap for all entities under the unified corporate structure.

7.4 Carve-Outs

The limitations in Sections 7.1-7.2 do not apply to: (a) indemnification obligations under Section 5.3; (b) gross negligence or willful misconduct; (c) death or personal injury caused by negligence; (d) fraud or fraudulent misrepresentation; or (e) breaches of Section 4 (Data Security) caused by Nucleus AI's negligence.

8. INDEMNIFICATION

Customer agrees to indemnify and hold harmless Nucleus AI (including The AI Brain Company, Inc., Social XOS Artificial Intelligence L.L.C, and their respective affiliates, officers, directors, employees, and agents) from claims arising from: Customer's use in violation of Terms; Customer Data or its processing; violation of laws or third-party rights; and disputes with end users.

9. COMPLIANCE AND CERTIFICATIONS

9.1 Certifications

Nucleus AI maintains:

• SOC 2 Type I & II

• ISO 27001:2022 (Information Security)

• ISO/IEC 42001:2023 (AI Management System)

• HIPAA Configurable (with BAA for eligible services)

Current certifications and audit reports are available via our Trust Portal at trust.theaibraincompany.com.

9.2 Audit Rights (Enterprise Only)

Upon thirty (30) days' advance written notice and no more than once per year, Enterprise customers may audit Nucleus AI's compliance with Section 9 (Compliance) and Section 4 (Data Security) during normal business hours. Audits must be conducted by qualified third-party auditors subject to confidentiality obligations. Audit costs are borne by Customer unless material non-compliance is discovered.

9.3 Incident Response

In the event of a security incident:

• Initial Notification: Within 72 hours of discovery

• Preliminary Assessment: Within 5 business days

• Root Cause Analysis: Within 30 days (where feasible)

• Remediation Plan: Provided with root cause analysis

9A. EU AI ACT COMPLIANCE (For EU/EEA Customers)

9A.1 Risk Classification

For Customers subject to EU Regulation 2024/1689 (EU AI Act), Nucleus AI provides a General-Purpose AI Model (GPAI) that may be integrated into various AI systems. Customer is responsible for determining the risk classification of their specific use case in accordance with Annex III of the EU AI Act.

9A.2 High-Risk Systems

If Customer intends to use the Services for High-Risk AI Systems as defined under Annex III of the EU AI Act (including critical infrastructure, education/vocational training, employment, essential services, law enforcement, migration/asylum, or judicial administration), Customer must:

10. Provide prior written notice to Nucleus AI

11. Implement required human oversight mechanisms

12. Maintain conformity assessment documentation

13. Not use the Services for Prohibited AI Practices (Article 5)

9A.3 Transparency Obligations

Services may be used to generate content visible to end users. Customer must comply with transparency obligations under Article 50 of the EU AI Act, including disclosure that content is AI-generated where required by law.

9A.4 Technical Documentation

Nucleus AI provides technical documentation to support Customer's compliance obligations. For High-Risk use cases requiring conformity assessment, additional documentation is available upon request via compliance@theaibraincompany.com.

9A.5 GPAI Model Obligations

Nucleus AI complies with obligations applicable to providers of General-Purpose AI Models under Chapter V of the EU AI Act, including maintaining technical documentation, providing information to downstream providers, and implementing policies to comply with EU copyright law.

10. GOVERNING LAW AND DISPUTE RESOLUTION

This Section 10 sets forth the exclusive means of resolving disputes. The applicable governing law, arbitration venue, and contracting party depend on your location as set forth in Section 1.3.

10.1 For Customers in USA, Americas, or Rest of World

Contracting Party: The AI Brain Company, Inc. (Delaware, USA)

Governing Law: Laws of the State of Delaware, USA, without regard to conflict of law principles.

Arbitration: Binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules. Sole arbitrator in Wilmington, Delaware. Federal Arbitration Act governs.

Informal Resolution: 60 days prior to arbitration. Contact: legal@theaibraincompany.com

Class Action Waiver: All proceedings conducted on individual basis only. No class, consolidated, or representative actions.

10.2 For Customers in UAE, GCC, or MENA Region

Contracting Party: Social XOS Artificial Intelligence L.L.C (Dubai, UAE)

Governing Law: Federal Laws of the United Arab Emirates. DIFC law may apply if mutually agreed in writing.

Arbitration: Binding arbitration administered by Dubai International Arbitration Centre (DIAC) under DIAC Rules 2022. Seat: DIFC (per Article 20). Sole arbitrator, English language. UNCITRAL Model Law applies.

Informal Resolution: 60 days prior to arbitration. Contact: legal@nucleus.ae

Enforcement: Awards enforceable under New York Convention (1958) and DIFC Courts enforcement mechanisms.

10.3 General Provisions (All Jurisdictions)

• IP Exception: Either party may seek injunctive relief in court for IP infringement without first pursuing arbitration.

• Costs: Initiating party pays filing fees. Each party bears own attorneys' fees unless frivolous claim.

• Confidentiality: All arbitration proceedings are confidential.

• Unified Defense: AI Brain may assume defense on behalf of Social XOS in any dispute.

11. GENERAL PROVISIONS

11.1 Term and Termination

Either party may terminate upon 30 days' notice. Nucleus AI may terminate immediately for material breach or violation of Acceptable Use Policy. Upon termination, all licenses terminate, Customer shall cease use, and Nucleus AI will delete Customer Data within 30 days per Section 4.

11.2 Confidentiality

Each party agrees to protect Confidential Information with at least the same care used for its own confidential information. Customer Content is Customer's Confidential Information.

11.3 Force Majeure

Neither party shall be liable for delays caused by events beyond reasonable control, including acts of God, government actions, natural disasters, civil unrest, terrorism, pandemics, or internet/telecommunications failures.

11.4 Assignment

Neither party may assign without written consent, except Nucleus AI may assign to an affiliate or as part of a merger/acquisition. Assignment between AI Brain and Social XOS does not require Customer consent.

11.5 Entire Agreement and Amendments

These Terms, Order Forms, Privacy Policy, Usage Policy, DPA, and SLA constitute the entire agreement. Nucleus AI may modify Terms with 30 days' notice for material changes. Continued use constitutes acceptance.

11.6 Government Use

For US Government: Services are "commercial computer software" under FAR 12.212 and DFARS 227.7202. For UAE Government: Services are provided subject to applicable public procurement requirements.

11.7 Export Compliance

Customer shall comply with all applicable export controls and trade sanctions, including US Export Administration Regulations (EAR), OFAC sanctions, and UAE/GCC export requirements.

EXHIBIT A: SERVICE LEVEL AGREEMENT (ENTERPRISE TIER)

This Service Level Agreement ("SLA") applies only to Enterprise Tier customers with a valid Order Form specifying SLA coverage. Specific uptime commitments and service credits, if any, shall be negotiated and set forth in the applicable Order Form.

A.1 Service Availability

Nucleus AI targets high availability for the Services. However, service availability is provided on a commercially reasonable efforts basis and is not guaranteed. Any specific uptime commitments, measurement methodologies, and remedies shall be negotiated separately and documented in the applicable Order Form.

A.2 Scheduled Maintenance

Nucleus AI will use commercially reasonable efforts to:

• Provide 72 hours advance notice for scheduled maintenance

• Schedule maintenance during off-peak hours where feasible

• Minimize service disruption during maintenance windows

Emergency maintenance for security issues may be performed without advance notice.

A.3 Performance Targets

The following are performance targets, not guarantees. Actual performance may vary:

• API Response Time: 600ms median (P50) target

• Context Window: 2.2 million tokens as documented

• Rate Limits: Per tier, documented at developers.nucleus.ae

These targets do not create any warranty, guarantee, or commitment. Nucleus AI disclaims all liability for failure to meet performance targets.

A.4 Support Response Times (Enterprise)

A.5 Custom SLA Arrangements

Enterprise customers requiring specific uptime commitments, service credits, or enhanced support may negotiate custom SLA terms. Custom SLA arrangements will be documented in the applicable Order Form and may include additional fees. To discuss custom SLA requirements, contact: enterprise@theaibraincompany.com

ANNEX C: AUTHORIZED SUBPROCESSORS

Pursuant to Section 4.4 (Data Processing Addendum), Nucleus AI engages Subprocessors to process Customer Data in connection with the Services.

C.1 Subprocessor Categories

Nucleus AI may engage Subprocessors in the following categories:

• Infrastructure Hosting: Cloud computing and data center services

• AI Compute: GPU infrastructure and model inference

• Authentication: Identity and access management services

• Security Monitoring: Threat detection and performance monitoring

• Support Services: Customer support and communication tools

C.2 Obtaining the Current Subprocessor List

Due to the evolving nature of technology services and vendor relationships, the specific Subprocessors engaged by Nucleus AI may change from time to time. The current, complete list of authorized Subprocessors is available upon written request.

To request the current Subprocessor list, contact:

• Email: privacy@theaibraincompany.com

• Subject Line: "Subprocessor List Request — [Customer Name]"

Nucleus AI will provide the current Subprocessor list within ten (10) business days of receiving a written request.

C.3 Subprocessor Change Notifications

Nucleus AI will provide thirty (30) days' advance written notice before engaging any new Subprocessor or materially changing the processing activities of an existing Subprocessor. Notifications will be sent to the email address associated with Customer's account or as otherwise specified in the Order Form.

C.4 Objection to Subprocessors

Customer may object to a new Subprocessor by providing written notice to privacy@theaibraincompany.com within fifteen (15) days of receiving notification. The objection must include specific, legitimate grounds related to data protection. Nucleus AI will work in good faith to address Customer's concerns. If the parties cannot resolve the objection, Customer may terminate the affected Services without penalty.

C.5 Subprocessor Obligations

All Subprocessors are bound by written agreements that impose data protection obligations no less protective than those in these Terms and the Data Processing Addendum. Nucleus AI remains liable for the acts and omissions of its Subprocessors to the same extent it would be liable if performing the services directly.

12. CONTACT INFORMATION

For questions about these Terms, contact the appropriate entity:

Nucleus AI US — The AI Brain Company, Inc.

c/o Harvard Business Services, Inc., 16192 Coastal Highway, Lewes, Delaware 19958, USA

legal@theaibraincompany.com  |  https://theaibraincompany.com

Nucleus AI UAE — Social XOS Artificial Intelligence L.L.C

DET Contract No. 11114079, Emirate of Dubai, United Arab Emirates

legal@nucleus.ae  |  https://nucleus.ae

Additional Resources

Trust Portal: trust.theaibraincompany.com

Developer Portal: developers.nucleus.ae

Status Page: status.nucleus.ae

Privacy: privacy@theaibraincompany.com

Compliance: compliance@theaibraincompany.com