Even Hub Developer Platform Terms of Service

1. Introduction

Even Hub Developer Platform (or the “Platform”) is a platform open to Developers that allows Developers to use the tools, APIs, and other resources provided by Even Realities to develop and publish Plug-ins (see the definitions in Section 2).

This Agreement applies to Developers’ activities in developing, publishing, and removing Plug-ins on Even Hub Developer Platform, as well as other Developers’ activities in accessing and using the Even Hub Developer Platform.

By clicking any consent box or similar button before accessing the Platform, or by your continuing access and use of the services in the Even Hub Developer Platform, you are deemed to have read, understood, and accepted all the terms of this Agreement.

Even Realities reserves the right to amend, modify, or revise this Agreement at any time and you agree to check periodically for new terms. Please note that your continuing use of the Even Hub Developer Platform shall constitute your acceptance to be bound by the newly updated Agreement.

In this Policy, “Even Realities” “we” “us” or “our” refers to Hong Kong Even Realities Limited, a company registered in Hong Kong with its registered address located at Room 29D, 8/F, On Cheong Factory Building, No. 19 Tai Yip Street, Kwun Tong, Hong Kong. If you are accessing the Services within the European Economic Area (EEA), the terms “Even Realities,” “we,” “us,” or “our” refer to Even Realities GmbH, a company registered in Berlin, with its registered address located at Friedrichstraße 79, 10117 Berlin, Germany.

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE ACCESSING EVEN HUB DEVELOPER PLATFORM, PARTICULARLY THE TERMS THAT ARE CAPITALIZED OR BOLDED, AS SUCH PROVISIONS MAY HAVE A MATERIAL IMPACT ON YOUR RIGHTS UNDER THIS AGREEMENT.

2. Definitions

“Agreement” means this Terms of Service for Even Hub Developer Platform, including any attachments or any exhibits thereto which are hereby incorporated by this reference.

“Applicable European Laws” means, as they may apply to either party, any EU laws or laws of any EU member state, in each case, as amended, extended or re-enacted, including all implementing acts made from time to time, as they relate, or are claimed to relate, to the European Relationship. This includes, without limitation, regulations as well as treaties.

“API” means any authorized application programming interfaces and any accompanying documentation and materials made available by Even Realities to Developers.

“Developers” means any individual or organization Developers registered in Even Hub Developer Platform.

“Even Hub” means the Even Hub function in Even Realities App.

“Even Hub Developer Platform” or “Platform” means the online developer platform, tools, interfaces, and related services made available by Even Realities to Developers at https://evenhub.evenrealities.com/, through which Developers may upload and distribute of Plug-ins within Even Hub.

“Non-Even Realities Application” means any service, template, software, application, or Plug-in that interoperates with the Service that is provided by you or a third party, including those provided through the Even Hub. For clarity, any Plug-ins that are developed or maintained by any party other than Even Realities are considered Non-Even Realities Applications.

“Plug-in” means any application that creates, reads, updates, exports, and removes or deletes certain content from the Services using Even Realities API, including plug-in, widget, layout, skills and any application in any other forms.

“User” or “Customer” means any individual that uses Even Realities Products or Services. When such a user accesses the Even Hub and makes use of a Developer’s plug‑in, they may be considered a user of that Plug‑in.

3. Plug-in Development and Review

3.1 Even Hub Developer Platform Account Registration

Before using Even Hub Developer Platform, Developers must register for and maintain a valid Even Realities account. Even Realities may change the methods for account registration and binding based on user needs and product requirements, and may publish or update specific rules for the use of accounts as needed.

In the course of registering an Even Realities account, Developers are required to provide certain information necessary for account registration (“Account Registration Information”). When using Even Hub Developer Platform, Developers may also be required to submit other information as requested by the Platform (“Developer Information”). Developers shall ensure that all submitted information is true, accurate, lawful, and valid, and shall promptly update such information if any changes occur, so that Even Realities may contact Developers in a timely manner when necessary and assist Developers in resolving issues encountered while using Even Hub Developer Platform.

In certain countries or regions, Even Realities is required under applicable laws, regulations, and policies to conduct necessary identity verification of Developers. Developers shall cooperate with Even Realities in completing the required identity verification procedures in accordance with applicable legal requirements, and shall ensure that all identity information submitted is true and valid. If the information provided by a Developer is incomplete or inaccurate, the Developer may be unable to use the services of Even Hub Developer Platform or may be subject to restrictions in the course of using such services.

Developers understand and agree that, for the purpose of using the services of Even Hub Developer Platform and completing the publication and listing of Plug-ins on Even Hub, Developers authorize Even Realities, to the extent permitted by law, to display to Even users their registration information and other information that is required to be disclosed to users or third parties under applicable laws and regulations.

3.2 Development Management

Developers may use the Platform to conduct preliminary development management for Plug-ins they intend to publish, including design, internal testing, editing, and maintenance. However, before the relevant Plug-in passes Publication Review, the Plug-in cannot be published, will not be displayed to users, and users will not be able to search for or add the Plug-in.

3.3 Publication Review

To ensure the security, stability, and sound user experience of Even Hub Developer Platform, related Plug-ins, the other Even Realities Products and Services, Even Realities will conduct Publication Review of Plug-ins that Developers intend to publish.

“Publication Review” means the process initiated by a Developer whereby the Developer submits a Plug-in that has completed preliminary development to Even Realities, and Even Realities, either by itself or through an entrusted third party, tests, examines, evaluates, or conducts any similar activity with respect to the Plug-in’s legality, reasonableness, security, stability, operability, user experience, and other aspects, by means including but not limited to development information verification, security testing, UI testing, and dynamic testing. If the Plug-in fails the Publication Review, it may not be published to Even Hub.

“Rejection” means that a Plug-in submitted by a Developer for Publication Review fails to pass the review, or that a Plug-in that has already passed the review is temporarily, long-term, or permanently banned, or is otherwise subject to restrictions or prohibitions on publication, or is refused any related service or support in connection with Even Hub Developer Platform.

Developers understand and agree that the Plug-in Publication Review service is a reasonable and prudent formal assessment and judgment service carried out by Even Realities, within its lawful authority and operational capability, on the basis of materials submitted by Developers, including but not limited to registration information, developer documentation, instructions for use, declarations and undertakings, and compliance documents. However, Even Realities is unable to substantively or in real time review Developers’ actual business activities or any operation or promotion of any Non-Even Applications, and Even Realities provides no guarantee with respect to such activities.

Developers are hereby specifically reminded that Even Hub currently does not support the publication of the following types of Plug-ins:

• financial products and services;
• health-related content and services;
• medical treatment, health consultation / diagnosis, healthcare information, and similar services;
• education and training services;
• instant messaging services;
• applications or services specifically directed to children; and
• other applications that Even Realities considers risky or otherwise unsuitable for publication on Even Hub.

Before submitting a Plug-in for Publication Review, Developers shall carefully read all agreements, specifications, and rules of this Platform and those relating to Plug-in publication. Even Realities will endeavor to provide Developers with common review standards and reference materials. However, because policies, regulations, regulatory requirements, product specifications, and user experience needs continue to evolve, the reasons why a Developer’s Plug-in fails the Publication Review may not be exhaustively set out in the terms published by Even Realities, and any legal consequences arising therefrom shall be borne solely by the Developer.

For the purpose of improving review efficiency and accuracy, Even Realities may entrust a third party to review relevant Plug-ins. By signing this Agreement and submitting a request for Publication Review, the Developer shall be deemed to have consented to Even Realities’ engagement of a third party to conduct Plug-in review.

3.4 Common Violations and Remedial Measures

Any Plug-in published by a Developer that falls under any of the following circumstances shall be deemed a violation:

• it contains malicious code, security vulnerabilities, unlawful content, infringing content, or otherwise violates any provision of this Agreement;
• it involves fraud, misleading of users, or infringement of the lawful rights and interests of any third party;
• it collects, uses, or discloses users’ personal information without user consent;
• it undermines platform security, interferes with the normal operation of the platform, or affects the experience of other Developers or users;
• it violates rules, policies, or technical specifications issued by the platform from time to time; or
• other circumstances that the platform reasonably believes may cause harm to the platform, users, or third parties.

If the Platform discovers, or receives a user complaint alleging, that a Plug-in involves any violation, the platform shall have the right, without prior notice and based on the severity of the violation, to unilaterally take one or more of the following measures:

• require the Developer to rectify within a prescribed time limit;
• mark, warn, or functionally restrict the Plug-in;
• suspend or terminate the review, publication, or operation of the Plug-in;
• remove the Plug-in;
• shut down any service interface provided by Even Realities;
• restrict or freeze the permissions of the Developer Even Realities account;
• suspend or terminate this Agreement;
• report to regulatory authorities or cooperate with investigations; or
• take any other measures that Even Realities deems necessary.

To the maximum extent permitted by applicable law, Even Realities shall not be liable for any loss arising from the foregoing measures, including without limitation Developers’ expected revenue or loss of user data.

Even Realities has established a user complaint handling mechanism and will impose penalties of varying degrees depending on the severity of the violation reflected in user complaints. If Even Realities receives any complaint or report from a user as a result of a Developer’s conduct or related factors, the Developer shall fully cooperate with Even Realities in handling such complaint or report, including but not limited to providing supporting materials and fulfilling obligations of explanation.

3.5 Appeal Channel

We understand that a Developer’s violation may arise from mistake, negligence, or other fault. Therefore, if a Plug-in that a Developer plans to publish or has proposed for publication is dealt with because it does not comply with applicable laws, regulations, or platform rules, Even Realities may provide an appeal channel through which the Developer may, after rectifying the relevant Plug-in, resubmit it to Even Realities for Publication Review. However, Developers acknowledge and understand that Even Realities has devoted substantial human and other review resources. In order to ensure the reasonable use of such resources, if a Plug-in still fails to meet the requirements after multiple rounds of rectification, or ultimately cannot pass the review for legal, regulatory, or technical reasons, Even Realities shall have the right to decide, on a case-by-case basis, to temporarily or permanently close the appeal channel for the relevant Plug-in.

To ensure the effective implementation of platform management measures and to prevent users from circumventing, evading, or resisting platform management through the registration of different accounts or the establishment or use of different entities, Even Realities shall have the right to refuse to provide any further appeal channel, and may also refuse to provide services to such entities, where the same entity, or an affiliated entity thereof (including but not limited to a parent-subsidiary relationship, head office-branch relationship, direct or indirect control relationship, a relationship in which the actual controller, directors, supervisors, or senior management directly or indirectly control such entity, a contractual-control VIE structure, or any affiliated relationship that can be confirmed through securities market disclosures, official publicity, or similar materials), individually or in the aggregate, repeatedly engages in illegal, non-compliant, or rule-violating conduct under this service and the relevant agreements or rules.

4. Protection of Users’ Personal Information

Plug-ins developed by Developers may have functions or features involving the collection and processing of users’ personal information. With respect to Plug-ins developed by Developers, the Developers act as independent controllers, and the fact that Plug-ins are developed based on Even Hub Developer Platform does not create any joint controllership relationship between Even Realities and the Developers.

In order to protect the security, integrity, and confidentiality of users’ personal data, we ask Developers to ensure that the Plug-ins they submit for review and publish comply with applicable data protection laws, including without limitation the following key requirements:

4.1 Privacy Policy

• Any Plug-in formally published by a Developer on Even Hub Developer Platform must include a clear and publicly available privacy policy. The privacy policy shall, in clear and transparent language, provide the information required to be disclosed under applicable data protection laws and regulations, including, without limitation, the categories of personal data collected, the purposes of processing, the lawful basis for processing, details of data sharing (including but not limited to categories of recipients), and how data subject rights are protected.
• Developers shall ensure that users are able to review the relevant Plug-in privacy policy and other applicable legal terms before using the relevant Plug-in. In addition, a Plug-in may begin to collect and process data only after obtaining the user’s consent, or otherwise relying on a valid legal basis under applicable data protection laws. If a Plug-in collects data without user consent on the basis of legitimate interests or another lawful basis under the EU General Data Protection Regulation (“GDPR”) or similar laws, the Developer must comply with all requirements of applicable laws and regulations, including without limitation the principle of transparency.
• After a Plug-in is published, the Developer shall continuously protect the security of user data to the highest standard, ensure that all data processing activities based on the Plug-in remain in compliance with applicable data protection laws, and strictly comply with the privacy policy published by the Developer.
• In particular, the privacy policy and other legal terms published by the Developer for its Plug-in may not replace, amend, or conflict with these Terms or any terms or policies applicable to the Even Realities APP&Device.

4.2 Data Collection

Where a Developer processes user data through a published Plug-in, such processing shall be adequate, relevant, and limited to the minimum necessary to achieve the specific purpose of the processing. Specifically:

• Data minimization: collect only the minimum scope of data necessary to realize the application’s functions. The data collected shall be specific, clearly defined, limited in scope, and closely related to the processing purpose. Broad or generic fields should be avoided when collecting personal information.
• Response minimization: when responding to user requests, only data that is directly relevant to the user’s request and the function the user is using shall be returned. Unless strictly necessary, do not include diagnostic information, internal identifiers (such as session IDs, tracking IDs, request IDs, timestamps, or log metadata).
• Restrictions on sensitive personal data: do not collect or process the following data:
  • information subject to the Payment Card Industry Data Security Standard (PCI DSS);
  • protected health information (PHI);
  • government identification numbers (such as ID card numbers or Social Security numbers); and
  • access credentials and authentication keys (such as API keys, MFA / OTP codes, or passwords).
• Special categories or sensitive personal data: Developers may not collect personal data that is regarded as “sensitive” or a “special category” under applicable data protection laws, unless (i) the collection of such personal data is absolutely necessary to realize the application’s functions, (ii) the user has provided legally sufficient and explicit consent, and (iii) before the processing occurs, the Developer has clearly and prominently disclosed the collection and use.
• Location information: if a Plug-in intends to obtain a user’s raw location information by any means, especially precise geolocation information as defined under applicable data protection laws, such data shall be obtained through secure and controllable means and channels, in accordance with the principle of minimum necessity and applicable data protections laws, and the location processing must be auditable and revocable.
• Voice information: only voice information expressly provided with the user’s consent may be processed. Developers may not, without the user’s explicit consent, use permissions such as microphone access on Even Realities products to collect users’ voice information.

4.3 Data Retention, Deletion, and Accessibility

Where Developers store or retain user data, they shall establish a clear and specific data retention policy to ensure that data is not retained longer than necessary for the purpose of the personal data processing.

Unless applicable laws or regulations impose special retention requirements, authorized Developers shall fulfill the following obligations:

• provide users with effective and clear means to exercise data subject rights such as the right to rectification and the right to deletion;
• delete relevant data where technically feasible under the following circumstances：
• when the relevant data is no longer needed to be retained for legitimate business purposes consistent with these Terms and all other applicable terms and policies;

If applicable laws or regulations require you to retain relevant data, the Developer must retain proof of the applicable legal or regulatory requirement or request and provide it upon Even Realities’ request.

Developers understand and agree that Even Realities will only record and retain users’ browsing, adding, and usage records relating to Plug-ins (“Plug-in Usage Records”), and will not collect, process, or store any other information generated by users in the course of using Plug-ins, including without limitation the specific use of Plug-in functions, content generated by users through Plug-ins, or other data generated through the use of Plug-ins (“Plug-in Content Data”). If Developers have any need to store or process data, Developers shall independently assess such storage needs and configure storage strategies based on the specific circumstances of the Plug-in.

4.4 Data Use and Sharing

Except as otherwise specifically provided by applicable laws and regulations, Developers may not use, transfer, or share users’ personal data without user authorization or consent. Developers must provide information about how and for what purposes the data will be used, clearly disclose the third parties with whom personal data will be shared, and obtain the user’s explicit consent before such sharing.

• Developers shall collect and process users’ personal data only for specific, explicit, and legitimate purposes, and any subsequent processing of personal data may not be inconsistent with the stated purposes. Without the user’s explicit consent, data collected for one purpose may not be used for other purposes not consented to by the user.
• Developers shall not secretly build user profiles based on collected data, nor shall they attempt, assist, or encourage others to identify anonymous users, or reconstruct user portraits, user profiles, or other information linkable to an individual based on data collected from APIs provided by Even Realities or data that Developers claim to have collected in an “anonymized,” “aggregated,” or other non-identifiable form.
• Data collected from APIs provided by Even Realities may not be used to build a contact database for a Developer’s own use or for sale / distribution to third parties, nor may Developers collect information about what other applications are installed on a user’s device for analytics or advertising / marketing purposes.

4.5 Transparency and User Control

• Accurate operation labels: any Plug-in operation that changes an external state (creation, modification, or deletion) shall be labeled as a write operation. Only where the Plug-in operation has no side effects and can be safely retried should it be labeled as a read-only operation. Destructive operations require clear labels and necessary restrictions (such as confirmation) so that the client can enforce safeguards, approvals, confirmations, or prompts before execution.
• Preventing data leakage: any operation that sends data beyond the current boundary (for example, posting a message, sending an email, or uploading a file) must be presented to the client as a write operation so that user confirmation may be required or the operation may be run in preview mode. This reduces accidental data leakage and keeps server behavior aligned with client-side security expectations.

4.6 Permission Requests

When collecting certain information or data, Developers may need to obtain permissions from user devices (including Even Realities Devices or APPs, as well as devices such as the user’s mobile phone). Where Developers need to obtain relevant device permissions, they shall:

• request permissions only when the Plug-in needs to obtain data or access resources, and not request permissions where there is no such need;
• unless the requested permission is necessary for the operation of the Plug-in (for example, a navigation Plug-in obtaining location information), refrain from requesting the permission when the Plug-in starts; and
• clearly and specifically explain to users, through the privacy policy, UI prompts, and similar means, the specific circumstances of the Plug-in’s permission request, including the content of the permission requested, the purpose, and the manner of the request (for example, requested at the time of inquiry / enabled by default / disabled by default).

To ensure transparency in permission acquisition and invocation when users use the Even Realities App, Even Realities may, when a Developer requests permissions, confirm the authorization with the user through pop-up windows or other means, or notify the user that relevant permissions are being used. Developers may not circumvent or undermine such settings of Even Realities in any manner.

4.7 Data Security Safeguards

In order to protect the security of user data, Developers shall adopt adequate security safeguards in accordance with applicable data protection laws, for example:

• where a separate account system is involved, use multifactor authentication, biometric authentication, or similar means to protect user account security, and avoid relying solely on account passwords for identity authentication;
• encrypt account passwords, health data, and other personal information during collection, transmission, and storage, and avoid storing users’ personal information in plaintext;
• conduct regular vulnerability scanning and penetration testing of information systems that process user data, so as to reduce the risk of data leakage; and
• develop sound disaster recovery plans to ensure the continuous availability, integrity, and rapid recovery capability of systems and services.

4.8 Use APIs to Obtain Data

Even Hub Developer Platform will make certain APIs available to authorized Developers to facilitate Developers’ obtaining certain user data from the Even Realities App or Devices. If a Developer obtains data through APIs, the relevant data processing activities shall be subject to the Data Processing Agreement between Even Realities and the Developer, which forms an integral part of this Agreement. If a Developer obtains data through APIs provided via Even Hub Developer Platform and the Developer’s processing activities involve transferring the relevant data to a region outside the jurisdiction where the data is currently stored, such processing activities will involve cross-border data transfers. Please refer to the specific provisions of the Data Processing Agreement for the relevant terms.

5. Intellectual Property

5.1 License Granted by Even Realities to Developers

Subject to your compliance with this Agreement and all other applicable terms and policies, Even Realities grants Developers a non-exclusive, non-sublicensable (except as expressly described below with respect to service providers), non-transferable, non-assignable, limited license to use and access Even Hub Developer Platform and to publish applications on the Even Hub Developer Platform in accordance with platform rules, solely within the scope permitted by this Agreement and all other applicable terms and policies. Unless expressly permitted by this Agreement or otherwise agreed separately between the Developer and Even Realities, Developers may not use, access, integrate, modify, translate, or otherwise exploit Even Hub Developer Platform, EVEN Devices and products, the Even Realities website, or any other platform, system, software, code, content, or materials of any form developed, operated, or owned by Even Realities, nor may they reverse engineer any of the foregoing or use them to create derivative products. To the maximum extent permitted by applicable law, Even Realities reserves all rights and interests not expressly granted under this Agreement, including the right to enforce any such rights.

5.2 License Granted by Developers to Even Realities

Developer Content: Developer grants Even Realities a non-exclusive, transferable, sublicensable, royalty-free, worldwide license to host, use, distribute, modify, run, reproduce, publicly perform or display, translate, and create derivative works from any information, data, and other content provided by Developer while using the Even Hub Developer Platform (collectively, “Developer Content”), for any commercial purpose related to the operation, provision, or improvement of the Even Hub Developer Platform or any other Even Realities Products or Devices. This license shall survive any termination of Developer’s use of the Even Hub Developer Platform. The license granted by Developer to Even Realities includes, but is not limited to, the right to:

• incorporate Developer Content into any part of Even Realities’ products;
• attribute the source of the content using Developer’s name, trademark, or logo;
• use Developer Content for promotional purposes; and
• analyze Developer Content (including for the purpose of ensuring Developer’s compliance with this Agreement and all other applicable terms and policies).

If Developer provides the foregoing Developer Content, Developer represents and warrants that such sharing complies with all applicable laws and regulations, including that Developer has obtained, maintained, and provided all applicable consents, permissions, and/or disclosures required under applicable laws and regulations to enable such sharing for the purposes set forth in this Agreement.

If Developer holds any rights in Developer Content prior to providing it to Even Realities, such provision shall not affect Developer’s pre-existing rights, provided that such rights do not conflict with any rights granted under this Agreement or any other applicable terms or policies, or with any access rights Developer grants to others by sharing such content through the Even Hub Developer Platform.

Data Generated by Developer’s Use of Even Realities App or Device: Any data generated by Developer’s use of the Even Realities App or Device shall be governed by the Even Realities Privacy Policy (APP & Device), and shall not be subject to the foregoing license regarding Developer Content.

Developer Plug-ins: Developer’s publication of a Plug-in on the Even Hub Developer Platform constitutes a grant to Even Realities of a non-exclusive, transferable, sublicensable, royalty-free, worldwide license to host, use, distribute, modify, run, reproduce, publicly perform or display, translate, and create derivative works from the plugin published by Developer on the Even Hub Developer Platform, for any commercial purpose related to the operation, provision, or improvement of the Even Hub Developer Platform or Even Realities’ products. The term of this license is not limited by the term of this Agreement, nor by Developer’s continued use of the Even Hub Developer Platform. Unless exceptional circumstances arise, this license shall remain in effect for the duration of the normal operation of the Even Hub Developer Platform. Specifically, the foregoing license includes, but is not limited to, the right to:

• reproduce, perform, display, and use your Plug-in for administrative and demonstration purposes in connection with the operation, improvement and marketing of the Even Hub and Even Hub Developer Platform;
• distribute your Plug-in through the Even Hub;
• perform review and audit on your Plug-in
• place content (including advertisements) around the Plug-in;
• analyze Developer’s Plug-in (including for the purpose of assessing compliance with these terms and all other applicable terms and policies); and
• use the Plug-in and the collaboration with Developer as a case study for publicity or promotion.

Developers’ Names, Trademarks, and Logos: Developers grant Even Realities a non-exclusive, transferable, sublicensable, royalty-free, worldwide license to use their names, trademarks, and logos in any media and in any format for distribution, marketing, and promotion in connection with their use of Even Realities products. Even if you stop using Even Hub Developer Platform, this license remains effective with respect to existing materials and examples.

Subject to the limited licenses expressly provided in this Agreement, nothing in this Agreement transfers or assigns to Even Realities any of your intellectual property rights in your Plug-ins or your trademarks or other technology.

As between Even Hub Developer Platform and the Developer, we are not bound by any terms or policies related to the Developer’s Plug-in or Developer Content.

Nothing in this Agreement shall be construed as a statement or agreement by us that we will not develop, or have not developed, applications, products, functions, or services that are similar to or competitive with the relevant application.

5.3 Third-Party Rights

• When developing and publishing Plug-ins on Even Hub Developer Platform, Developers shall comply with applicable intellectual property protection laws and regulations, including without limitation the following:
• Developers may not provide or promote in a Plug-in any content that infringes or otherwise violates the rights of any person or third party.
• Developers must obtain from all relevant rights holders (and represent and warrant that they have or have obtained) all rights necessary to (1) grant the licenses, rights, and permissions mentioned in this Agreement; (2) display, distribute, and make available all information, data, and other content in the Plug-in; and (3) operate the Plug-in. This includes fulfilling all licensing, reporting, and payment obligations owed to third parties.
• If a Plug-in published by a Developer contains content submitted or provided by users or other third parties, the Developer must implement appropriate notice-and-takedown procedures or otherwise comply with all applicable laws and regulations to respond to notices of infringement claims. In particular, without limiting compliance with such requirements, Developers in the United States must comply with all requirements of the Digital Millennium Copyright Act.

6. Security and Audit Terms

6.1 Plug-in Security and Compliance

Developers represent and warrant that all Plug-ins and related materials submitted, published, or distributed through Even Hub Developer Platform shall comply with this Agreement and all security requirements issued by the platform, and shall not contain any function, information, or content that violates applicable laws or regulations. Specifically:

Malware and vulnerabilities: Plug-ins may not contain or carry any virus, Trojan horse, backdoor, ransomware, spyware, worm, logic bomb, or any other malicious, suspicious, or harmful code, component, or program that may damage, interfere with, secretly intercept, or expropriate any system, data, or personal information. Developers must promptly remediate security vulnerabilities in their Plug-ins, especially vulnerabilities that have been publicly disclosed or otherwise become known, and may not submit or permit an Plug-in to be listed while knowingly leaving a high-risk vulnerability unaddressed.

Destructive functions: Plug-ins may not attempt to probe, scan, or test the weaknesses or risks of Even Hub Developer Platform, Even Realities Products or Services, or any other Even Realities information systems or networks, nor use the resulting information to harm cybersecurity or affect the normal operation of Even Realities’ business.

Resource abuse and mining: Plug-ins may not consume system resources without the express informed consent of both the user and Even Realities. In particular, embedding or invoking any form of cryptocurrency mining script, code, or functionality in an Plug-in is strictly prohibited, whether hidden or not.

Fraud, phishing, and cheating tools: Plug-ins may not possess any function or capability involving fraud, phishing, or undermining platform security, including without limitation the following:

• Phishing and fraud: Plug-ins may not impersonate official customer service, counterfeit well-known enterprises or government agencies, or induce users to provide sensitive information such as passwords or verification codes through false benefits (such as fake cashback-for-orders or high-value prize draws).
• Spam / fraudulent messages: Plug-ins may not be used to carry out or assist in spam distribution, false marketing, induced sharing, or any form of telecom or online fraud.
• Cheating tools and automated scripts: Plug-ins may not include or invoke any script, code, or Plug-in that attempts to interfere with, crack, or simulate the normal operation of this platform (for example, simulated keystrokes, virtual location, or automated bulk operations).
• Improper information and content: Plug-ins may not contain any harmful or unlawful content involving gore, violence, pornography, the promotion of terrorism or extremism, infringement of others’ lawful rights and interests, harm to the physical or mental health of minors, or any other content prohibited by applicable laws and regulations.
• Dynamic loading and code behavior: Plug-ins may not contain functions intended to change the behavior of the application itself or circumvent the Even Hub Developer Platform review mechanism (for example, hot code updates, or dynamically downloading and executing unverified scripts). Any mechanism for remotely delivered code may not be used to alter the core functions submitted for review or introduce security risks.

If any of the foregoing issues exists, Even Realities shall have the right, without notice to the Developer, to reject the publication of the Plug-in, remove the Plug-in, limit its traffic, or restrict or block user access to the relevant Plug-in, in order to safeguard users and platform security.

To ensure Plug-in security, Developers shall conduct security inspections and scans of published Plug-ins at least every six months and provide relevant security reports as requested by Even Realities.

In addition, Even Realities reserves the right to require you to provide source code for the integration, but solely for the purpose of Even Realities’ compliance or security review. For the legitimate commercial purposes of maintaining the stability of the Even Realities platform, products, and services, or for the purpose of complying with any legal obligations under applicable laws, Even Realities may, after the Publication Review is completed, conduct compliance or security reviews of a Plug-in. Developers shall, within a reasonable scope, cooperate with Even Realities in a timely manner in completing compliance or security reviews of the Plug-in and/or the infrastructure supporting the Plug-in. If Even Realities intends to conduct any other Plug-in review beyond the security and compliance reviews expressly provided for in this Agreement or any applicable terms or policies, Even Realities will provide at least seven (7) days’ prior notice to you.

Developers fully understand that they are the independent operators of their Plug-ins, and that any security or compliance reviews that Even Realities may conduct do not constitute any approval or guarantee of the security of a Developer’s Plug-in. Developers shall ensure Plug-in security through effective systems and processes. In particular, Developers must provide users, in their Plug-ins or through other publicly accessible means, with convenient and effective channels to report security vulnerabilities, unlawful content, or infringing content discovered in their Plug-ins. Developers shall designate specific personnel to receive and handle such reports, and shall verify and properly resolve user-reported defects or issues in a timely manner, including without limitation patching vulnerabilities and removing unlawful or infringing content. For content involving violations of this Agreement or platform rules, Developers shall promptly inform the reporting user of the outcome after handling the matter and synchronize relevant information with Even Realities as requested.

6.2 Requirements for the Use of APIs and Other Data Interfaces

When using APIs or other interfaces provided by Even Realities for obtaining or accessing data, Developers may not engage in any of the following acts that may harm the lawful rights and interests of Even Realities, users, or any other third party:

(a) copying, modifying, displaying, distributing, transferring, or sublicensing the API for use by a third party;

(b) interfering with, bypassing, or disabling any feature or functionality embedded in or included in the API, or otherwise accessing Even Realities’ APIs in any manner, including (i) disrupting, breaking through, or circumventing any technical processes, limits, or security measures related to the services, (ii) creating a security vulnerability for customers or users of the services, or (iii) testing the vulnerabilities of Even Realities’ systems or networks;

(c) accessing or using the API in order to replicate or compete with the services;

(d) accessing or using the API in violation of any law, regulation, or these developer terms;

(e) attempting to reverse engineer or otherwise derive the source code, trade secrets, or proprietary technology of the API or services;

(f) attempting to use the API in excess of any rate limit, or in a manner constituting excessive or abusive use;

(g) using any scraping, data harvesting, web crawling, or other data extraction method to extract data from the API;

(h) using the API to develop integrations that compete with or substantially replicate Even Realities’ services;

(i) without the end user’s prior written consent, or in violation of these developer terms, misleading end users or collecting, storing, transferring, selling, using, altering, or deleting any integration data;

(j) using, or assisting any third party in using, the API to circumvent any restrictions of Even Realities’ subscription plans;

(k) processing integration data to develop, improve, or train artificial intelligence or machine learning applications or models; or

(l) requesting from, or receiving from, users any end-user tokens, credentials, or other authentication information for any purpose other than Plug-in identity authentication.

6.3 Management of Third-Party Service Providers

If a Developer uses any product or service of a third-party service provider in the Plug-in it develops, the Developer shall truthfully fill in the information of such third-party service provider in the Plug-in review materials and ensure that the relevant materials are true, accurate, and complete. In the course of developing and operating its Plug-in, the Developer shall ensure that any data processing activities and conduct of such third-party service providers comply with this Agreement and all applicable laws and regulations, and shall implement effective management of third-party service providers, including without limitation entering into lawful and valid service agreements and clearly stipulating the third-party service providers’ data security and cybersecurity obligations.

6.4 Cooperation with Audits

Developers understand and agree that, in order to ensure the safe and stable operation of Even Hub Developer Platform and Even Realities products and applications, Even Realities may itself or through an entrusted third party conduct security and compliance audits of the materials submitted by Developers and the Plug-ins they publish. The primary purpose of such audits is to ensure that any activities conducted by Developers on Even Hub Developer Platform comply with this Agreement, other applicable terms, and applicable laws and regulations.

In principle, where an audit is planned, Even Realities will send written notice (such as by email) to the Developer ten (10) business days before the formal commencement of the audit and will ensure that the audit is carried out during normal business hours.

Developers shall cooperate with Even Realities in completing the audit, including but not limited to the following:

• providing the resources necessary to conduct the audit, including physical and remote access, and arranging responsible personnel to cooperate with inquiries;
• using commercially reasonable efforts to obtain the permissions and cooperation of third-party service providers so that we may audit the relevant IT systems, records, and personnel.
• If any non-compliance by a Developer is identified during the audit, the Developer shall correct the non-compliance within a reasonable time and cooperate with any follow-up audit or replay so as to ensure that all non-compliant circumstances have been rectified.

If the audit reveals any non-compliance by the Developer and such non-compliance increases the cost of our conducting the audit, the Developer shall bear the related reasonable fees and expenses.

If this Agreement terminates for any reason, our audit right under this Section shall survive for two (2) years after the later of the following two points in time:

• the date on which the Developer demonstrates that it has ceased processing all user data; or
• the date on which all user data processed by the Developer has been deleted or destroyed.

In particular, nothing in this Section shall limit any other rights or remedies that we may have under applicable laws and regulations, legal agreements, or policies.

7. Confidentiality Obligations

“Confidential Information” means information disclosed by one party (the “Disclosing Party”) to the other party (the “Receiving Party”) in connection with this Agreement that is not known to the public, has commercial value, and is protected by reasonable confidentiality measures, including without limitation technical information, business information, user data, operational data, API keys, interface specifications, and information expressly identified by the Disclosing Party as confidential. In particular, under this Agreement, any pre-release software, services, and/or hardware of Even products or devices (including related documents and materials) (“Pre-Release Materials”) provided by Even Realities to Developers and their representatives, and any information disclosed by Even Realities to you in connection with Even Realities’ activities, regardless of the manner of provision or the degree of confidentiality measures taken, shall constitute Confidential Information under this Agreement.

The foregoing Confidential Information does not include information that is already known to the public; was lawfully possessed by the Receiving Party before disclosure; is lawfully obtained from a third party entitled to disclose it; or is independently developed by the Receiving Party.

The Receiving Party agrees that it shall (a) use the Confidential Information solely for the purpose of performing this Agreement; (b) not disclose the Confidential Information to any third party, except employees or consultants who need to know such information for the performance of this Agreement and who are bound by confidentiality obligations no less stringent than those in this Agreement; and (c) take reasonable measures, no less protective than those used to protect its own information of a similar nature, to protect the integrity and security of the Confidential Information and prevent its theft, misuse, or disclosure.

If disclosure of Confidential Information is required by laws, regulations, or a competent authority, the Receiving Party shall, to the extent permitted by law, immediately notify the Disclosing Party and cooperate in taking protective measures, and shall disclose only the portion that is compulsorily required.

These confidentiality obligations shall remain effective for five (5) years after termination of this Agreement (and, with respect to trade secrets, until they cease to qualify as trade secrets). Upon the request of the Disclosing Party or upon termination of this Agreement, the Receiving Party shall, as instructed, return or destroy all Confidential Information and provide written certification thereof, except for copies that must be retained under applicable law.

8. Export Control Compliance Undertaking

The Developer represents and warrants that neither the Developer nor any entity or individual that directly or indirectly controls the Developer, or is under common control with the Developer:

• has been identified as a sanctions target by any international organization, country, or regional bloc, including without limitation being included in or deemed equivalent to inclusion in any sanctions list of any government or regional bloc, such as the Specially Designated Nationals and Blocked Persons List, the Denied Persons List, the Entity List, the Consolidated List of Persons, Groups and Entities Subject to EU Financial Sanctions, or the UK Consolidated List of Financial Sanctions Targets;
• does not conduct business in any country or region subject to a U.S. embargo or special sanctions measures; and; and
• is not a military end user as defined in 15 C.F.R. § 744.

For the purposes of this Section, “control” means the power of an entity or individual, directly or indirectly, to direct, possess, or influence the management policies of another entity, whether through ownership of voting securities, equity interests in registered capital, contract, or otherwise.

Unless expressly authorized by the laws of the applicable jurisdiction, the Developer may not use, export, or re-export to restricted countries or regions any data or information obtained from Even Realities under this Agreement. Specifically, this includes without limitation:

• restricted countries or regions: any country or region subject to a U.S. embargo or special sanctions measures;
• any person on the U.S. Department of the Treasury’s Specially Designated Nationals List, any person on the U.S. Department of Commerce’s Denied Persons List, or any person on any other restricted party list, and the Developer may not facilitate transactions with any such persons.

The Developer warrants that it will not use any Even Realities' Confidential Information, or any user data obtained from Even Realities, for any purpose prohibited by the United States or other applicable laws and regulations, including without limitation the development, design, manufacture, or production of nuclear weapons, chemical weapons, biological weapons, or any other military end use.

9. Suspension and Termination of the Agreement

This Agreement shall take effect on the date of signature by both parties and shall remain in force unless suspended or terminated earlier in accordance with this Agreement.

9.1 Suspension of the Agreement

If any of the following circumstances occurs with respect to a Developer, Even Realities shall have the right, with or without notice, to immediately suspend the Developer’s account or access to the platform (including without limitation suspending API access or removing applications):

• the Developer violates any provision of this Agreement and the platform reasonably believes that such violation may cause harm to the platform, users, or third parties;
• the developed Plug-in contains a security vulnerability, unlawful content, infringing content, or has given rise to user complaints, and time is required for verification or remediation;
• the Developer’s Plug-in or conduct gives rise to legal risks, regulatory investigations, or affects the reputation of Even Realities; or
• other circumstances in which a Developer violates this Agreement and Even Realities considers suspension of the Agreement necessary.

During the suspension period, the Developer shall cease the relevant activities and cooperate with the platform in addressing the issue. The platform has the right to determine whether to restore permissions based on the Developer’s remediation. If the Developer fails to complete remediation within a reasonable period or commits another violation, the platform may convert the suspension into termination of the Agreement.

9.2 Termination of the Agreement

Any relevant party shall have the right to terminate this Agreement under any of the following circumstances:

• this Agreement may be terminated at any time by written mutual agreement of both parties;
• either party may terminate this Agreement by giving the other party thirty (30) days’ prior written notice;
• if one party materially breaches this Agreement and fails to cure the breach within fifteen (15) days after receiving written notice from the non-breaching party, the non-breaching party shall have the right to terminate this Agreement immediately.

Either party may terminate this Agreement immediately by written notice to the other party upon the occurrence of any of the following circumstances:

• the other party violates the core provisions of this Agreement regarding security, confidentiality, intellectual property, or data protection;
• the other party applies for bankruptcy, is declared bankrupt, is dissolved, enters liquidation, or a similar circumstance occurs;
• the other party’s conduct causes material harm to the security of the Even Hub Developer Platform, user rights and interests, or the reputation of the platform;
• termination of the Agreement is required by laws, regulations, or regulatory authorities; or
• the other party ceases operations or any other circumstance occurs that makes continued performance of this Agreement impossible.

After termination of the Agreement, the Platform shall have the right to immediately remove all Plug-in submitted by the Developer, stop providing services related to the Even Hub Developer Platform, and delete or reclaim the Developer’s account and related data (except to the extent retention is otherwise required by laws or regulations).

Upon termination, the Developer shall immediately cease using the Platform’s APIs, documentation, Confidential Information, and any Platform resources, and shall return or destroy Confidential Information in accordance with the confidentiality provisions.

Termination of the Agreement shall not relieve any payment obligations or liabilities for breach that arose before termination. Any fees already paid shall not be refunded after termination.

Any license or right of use lawfully granted by either party before termination shall immediately cease to be effective upon termination.

9.3 Surviving Provisions

Any provisions of this Agreement which, by their nature, should remain effective after termination, including without limitation confidentiality obligations, intellectual property, disclaimers, dispute resolution, and payment obligations, shall survive termination of this Agreement.

10. Disclaimer

Developers acknowledge that they fully understand and expressly accept the risks of using Even Hub Developer Platform, and fully understand that Even Realities does not make any commitment regarding the stability or availability of Even Hub Developer Platform, nor does it provide any express or implied warranties or conditions of any kind, including without limitation implied warranties and conditions of merchantability, fitness for a particular purpose, and non-infringement.

Developers understand and agree that Even Realities will use reasonable efforts to provide security measures commensurate with the risks for Even Hub Developer Platform so as to ensure the security and normal operation of the relevant services under this Agreement. However, no security technology can eliminate all risks, and factors such as computer viruses, network communication failures, system maintenance, and force majeure events may cause interruption or suspension of the relevant services within a reasonable period of time. If Developers suffer losses as a result, they agree to waive any claim for liability against Even Realities.

Developers understand and agree that, unless otherwise expressly agreed by both parties, any sales activities conducted by Developers shall be undertaken independently by Developers at their own risk and consequence, and Even Realities shall bear no responsibility or consequence arising therefrom.

Developers understand that they are the sole developers and operators of the Plug-ins published under their accounts, and that Even Realities’ review of Developers’ Plug-ins under Section 3 or Section 6 of this Agreement does not constitute any substantive modification to the Plug-ins submitted by Developers for review. Developers shall independently assume responsibility for the accuracy, security, and completeness of the Plug-ins they publish, and shall ensure that Even Realities does not suffer any form of loss as a result of the Plug-ins published by Developers.

If Developers use any open-source software or services, they shall strictly comply with the authorization or licensing requirements of such open-source software or the relevant open-source community. Developers expressly acknowledge and agree that the software, services, interfaces, documentation, and related technologies provided through Even Hub Developer Platform are independent works separate from Developers’ Plug-ins (“Even Realities Products”), and Developers warrant that any open-source software used in their Plug-ins, regardless of whether its license contains “copyleft” or “reciprocal” provisions, shall not impose any obligation under any open-source license upon the platform software, including without limitation:

• requiring all or part of Even Realities software to be disclosed in source code form, licensed in a particular manner, or made available for reverse engineering;
• causing Even Realities to be deemed a derivative work subject to any open-source license; or
• restricting or affecting the platform’s independent exercise of its intellectual property rights or other rights in Even Realities.

If open-source software used in a Developer’s Plug-in causes Even Realities to face any third-party claim, regulatory investigation, lawsuit, or obligation under any open-source license (including without limitation an obligation to disclose the source code of platform software), the Developer shall bear full responsibility and compensate the platform for all losses suffered thereby (including without limitation damages, fines, attorneys’ fees, rights protection expenses, and loss of goodwill), and Even Realities shall have the right to immediately suspend or terminate this Agreement.

11. Limitation of Liability and Indemnification

To the maximum extent permitted by law, Developers understand and expressly agree that Even Realities and its licensors shall not be liable to Developers for any indirect, incidental, special, consequential, or punitive damages (including any loss of data) arising from Developers’ conduct.

To the maximum extent permitted by law, Developers agree to defend, indemnify, and hold harmless Even Realities, its respective directors, officers, employees, agents, and authorized providers from and against any third-party claims, legal actions, lawsuits, proceedings, and any losses, liabilities, damages, costs, and expenses (including reasonable attorneys’ fees) arising out of any of the following:

• the Developer’s violation of this Agreement when using Even Hub Developer Platform;
• the Developer’s application infringes or violates any intellectual property right or any other right of any other person; or
• the Plug-in published by the Developer violates applicable laws or regulations.

12. Miscellaneous

12.1 Entire Agreement

This Agreement (including all appendices and incorporated documents) constitutes the complete agreement between the parties regarding the subject matter hereof and supersedes all prior oral or written understandings, communications, or agreements relating thereto.

12.2 Governing Law and Dispute Resolution

Any dispute arising out of or in connection with this Agreement shall be submitted to and finally resolved by arbitration administered by an arbitration institution located in Hong Kong, in accordance with the arbitration rules then in effect, and conducted pursuant to the procedures governed by those rules. The arbitration award shall be final and binding upon both parties. If the foregoing arbitration provision is found to be unenforceable with respect to any dispute, both parties agree that such dispute shall be brought before the courts of Hong Kong, and each party waives right of defense relating to personal jurisdiction or venue convenience (including those applicable in connection with any arbitration or judicial proceedings).

12.3 Updates to the Agreement

Even Realities shall have the right to amend this Agreement from time to time in light of business development, changes in laws and regulations, or operational needs of the platform. The updated Agreement will be published on the Platform’s official website or the relevant pages of the Platform and will take effect from the date of publication. If a Developer continues to use the Platform, it shall be deemed to have agreed to be bound by the updated Agreement; if the Developer does not agree to the amended Agreement, it shall immediately stop using the Even Hub Developer Platform.

12.4 Independence

Developers and Even Realities are independent legal entities. Nothing in this Agreement shall be construed as any express or implied warranty or commitment by Even Realities regarding the performance, security, legality, suitability of the Developer’s Plug-ins, or the Developer’s conduct. Developers expressly acknowledge that they bear the risks arising from their use of Even Realities services and submission of Plug-ins.

12.5 Headings

The headings of the provisions of this Agreement are for convenience of reference only, have no legal interpretive effect, and shall not affect the understanding or interpretation of any provision of this Agreement.

12.6 No Waiver

The platform’s failure or delay in exercising any right or remedy under this Agreement shall not constitute a waiver of such right or remedy. Any single or partial exercise of any right or remedy shall not preclude any further exercise of such right or remedy or the exercise of any other right or remedy.

12.7 Language

If this Agreement is translated into multiple languages, in the event of any conflict or inconsistency among the different language versions, the English version shall prevail.