VENDOR – Mutual Non-Disclosure Agreement (NDA)

NON-DISCLOSURE AGREEMENT (NDA)

Effective Date: Date of Electronic Acceptance
Last Updated: July 19, 2025

1. PARTIES AND ELECTRONIC ACCEPTANCE

This Non-Disclosure Agreement (“Agreement” or “NDA”) is entered into between:

DISCLOSING PARTY:
MICRO DIGITAL ELECTRONICS CORP S.R.L.
Registration Number: 50047468
Address: Splaiul Unirii nr. 16, office 705, Bucharest, Sector 4, Romania
(“Company,” “Disclosing Party,” “we,” “us,” or “our”)

RECEIVING PARTY:
The individual or entity accessing confidential information through the VENDOR project platform
(“Receiving Party,” “Recipient,” “you,” or “your”)

ELECTRONIC ACCEPTANCE:
By checking the box “I agree to the terms of this Non-Disclosure Agreement” and proceeding to access confidential information, you acknowledge that:

You have read and understood this entire Agreement
You have full legal authority to enter into this binding contract
You accept all terms and conditions without modification
This electronic acceptance creates a legally binding agreement equivalent to a written signature
You consent to electronic contract formation under applicable law

LEGAL EFFECT: This electronic acceptance constitutes your digital signature and creates immediate legal obligations under Romanian law, EU regulations, and international contract law.

2. BACKGROUND AND PURPOSE

2.1 Project Context

The VENDOR energy project involves highly sensitive and proprietary information including:

Advanced energy technologies and innovations
Investment structures and financial models
Strategic partnerships and business relationships
Market analyses and competitive intelligence
Technical specifications and intellectual property
Regulatory strategies and compliance frameworks

2.2 Access Requirements

Access to confidential information is restricted to verified investors who have:

Successfully completed KYC (Know Your Customer) verification
Passed AML (Anti-Money Laundering) screening
Provided satisfactory identity documentation
Demonstrated legitimate investment capacity and intent
Agreed to enhanced data processing for due diligence purposes

2.3 Business Justification

Protection of confidential information is essential for:

Maintaining competitive advantages in energy markets
Protecting investor interests and investment opportunities
Ensuring regulatory compliance and market integrity
Safeguarding intellectual property and trade secrets
Preventing market manipulation and insider trading

3. ENHANCED DATA PROCESSING CONSENT

3.1 KYC/AML Data Processing

By accepting this NDA, you provide explicit consent for processing of enhanced personal data including:

Individual Investors:

Full legal name and all known aliases
Date and place of birth
Nationality and citizenship status
Government-issued identification documents (passport, ID card, driver’s license)
Proof of address and residential history
Financial statements and source of funds documentation
Employment history and professional credentials
Tax identification numbers and tax residency status
Politically Exposed Person (PEP) status and screening results
Sanctions list screening and ongoing monitoring
Biometric data if required for enhanced verification

Corporate Investors:

Complete corporate structure and beneficial ownership
Director and officer identification and verification
Corporate registration documents and licenses
Financial statements and audited accounts
Source of corporate funds and transaction history
Ultimate beneficial owner (UBO) identification
Corporate sanctions and compliance screening
Authorized representative identification and powers
Board resolutions and investment authorization documents

3.2 Legal Basis for Enhanced Processing

Enhanced data processing is based on:

Explicit Consent (GDPR Article 6(1)(a)) – Your voluntary agreement to enhanced verification
Legal Obligation (GDPR Article 6(1)(c)) – AML/CTF compliance requirements
Legitimate Interest (GDPR Article 6(1)(f)) – Investor verification and due diligence
Contract Performance (GDPR Article 6(1)(b)) – Necessary for investment relationship

3.3 Special Categories of Personal Data

Where applicable, we may process:

Biometric data for identity verification (with explicit consent)
Data revealing political opinions (PEP status)
Data related to criminal convictions and offenses (sanctions screening)

Legal basis: Explicit consent and substantial public interest under GDPR Article 9.

3.4 Data Retention for KYC/AML

Enhanced personal data will be retained for:

Active Relationship: Duration of business relationship plus 7 years
Legal Compliance: As required by AML legislation (minimum 5 years post-transaction)
Sanctions Monitoring: Ongoing monitoring during relationship and 10 years thereafter
Audit Requirements: Available for regulatory inspection as legally required

4. DEFINITION OF CONFIDENTIAL INFORMATION

4.1 Confidential Information Includes

All information disclosed by the Company, whether oral, written, electronic, visual, or in any other form, including but not limited to:

Technical Information:

Energy generation technologies and methodologies
Proprietary algorithms and software systems
Technical specifications and performance data
Research and development findings
Engineering designs and blueprints
Testing results and validation data
Manufacturing processes and techniques

Business Information:

Business plans and strategic initiatives
Financial projections and investment models
Market analyses and competitive intelligence
Customer lists and supplier relationships
Pricing strategies and cost structures
Marketing plans and go-to-market strategies
Operational procedures and best practices

Financial Information:

Investment structures and terms
Financial statements and accounting records
Funding sources and capital structure
Revenue projections and profitability analyses
Cost analyses and budget information
Valuation methodologies and fair value assessments
Due diligence findings and reports

Legal and Regulatory Information:

Legal strategies and regulatory approaches
Compliance procedures and risk assessments
Intellectual property portfolios and strategies
Contract terms and negotiation positions
Regulatory submissions and communications
Legal opinions and advice received

Personal and Organizational Information:

Employee information and organizational structure
Board compositions and governance structures
Consultant and advisor relationships
Personal information of key personnel
Internal communications and correspondence
Meeting minutes and decision records

4.2 Information Marked or Identified as Confidential

Information shall be considered confidential if:

Explicitly marked as “Confidential,” “Proprietary,” or similar designation
Disclosed in circumstances indicating confidential nature
Reasonably understood to be confidential given its nature
Disclosed in secure or restricted access environments
Subject to access controls or authentication requirements

4.3 Exclusions from Confidential Information

Information is not considered confidential if it:

Is or becomes publicly available through no breach of this Agreement
Was rightfully known prior to disclosure with evidence of prior knowledge
Is rightfully received from third parties without confidentiality obligations
Is independently developed without use of or reference to Confidential Information
Is required to be disclosed by law or court order (with notice to Disclosing Party)

5. OBLIGATIONS OF RECEIVING PARTY

5.1 Non-Disclosure Obligations

The Receiving Party shall:

Maintain absolute confidentiality of all Confidential Information
Not disclose Confidential Information to any third party without prior written consent
Not use Confidential Information for any purpose other than evaluating investment opportunities
Take all reasonable precautions to prevent unauthorized disclosure
Limit access to Confidential Information on a strict need-to-know basis
Ensure all authorized recipients sign equivalent confidentiality agreements

5.2 Standard of Care

The Receiving Party shall protect Confidential Information with the same degree of care used to protect their own confidential information, but in no event less than reasonable care, including:

Implementing appropriate physical security measures
Using secure electronic storage and transmission methods
Restricting access to authorized personnel only
Monitoring and auditing access to Confidential Information
Training personnel on confidentiality requirements
Implementing incident response procedures for potential breaches

5.3 Prohibited Uses

The Receiving Party shall not:

Use Confidential Information to compete with the Company
Reverse engineer or attempt to discover underlying technologies
File patent applications based on Confidential Information
Share Confidential Information on social media or public platforms
Discuss Confidential Information in public or unsecured environments
Store Confidential Information on personal or unsecured devices
Forward or redistribute Confidential Information via email or messaging

5.4 Return and Destruction

Upon request or termination of discussions, the Receiving Party shall:

Return all Confidential Information in any form
Destroy all copies, notes, and derivative materials
Delete all electronic files and clear computer memory
Provide written certification of compliance within 5 business days
Ensure compliance by all authorized recipients
Submit to verification audits if requested

6. MAXIMUM LEGAL PROTECTION AND REMEDIES

6.1 Irreparable Harm Recognition

The Receiving Party acknowledges and agrees that:

Any breach of this Agreement would cause irreparable harm to the Company
Monetary damages would be inadequate to compensate for such harm
The Company is entitled to immediate injunctive relief without posting bond
The Company may seek any and all available legal and equitable remedies
Violations may constitute trade secret misappropriation under applicable law

6.2 Injunctive Relief

In the event of any breach or threatened breach, the Company shall be entitled to:

Immediate Temporary Restraining Orders without notice or hearing
Preliminary and Permanent Injunctions to prevent further disclosure
Asset Freezing Orders to prevent dissipation of assets
Computer and Device Seizure Orders to prevent further misuse
Expedited Discovery to identify scope of breach and recipients
Emergency Relief from courts in any competent jurisdiction

6.3 Monetary Damages and Liquidated Compensation

The Receiving Party shall be liable for:

6.3.1 Direct Damages

The Receiving Party shall be liable for all actual damages, including:

(a) All financial losses suffered by the Company as a direct result of the breach;

(b) Lost profits, contracts, and business opportunities;

(d) Investigation, forensic analysis, and risk assessment expenses;

(e) Legal fees and court costs on a full indemnity basis, to the extent permitted by applicable law.

Liquidated Damages: Without limiting other remedies, the Receiving Party agrees to pay liquidated damages of:

€100,000 for each proven instance of unauthorized disclosure of confidential information or documents to third parties, representing a fair pre-estimate of potential loss.
€50,000 per day for each day that the violation continues after the Receiving Party has been formally notified in writing, reflecting the escalating risk and harm caused by ongoing breaches.
€250,000 for any public disclosure, including publication on social media, news outlets, or other public platforms, which could cause reputational or commercial harm.
€500,000 for any disclosure to competitors, hostile entities, or parties with conflicting interests, given the direct impact on the Company’s market position and intellectual property rights.
€1,000,000 for any disclosure or action that leads to the loss of competitive advantage, patentability, or strategic contracts, as such harm may cause irreversible damage to the Company’s valuation and future opportunities.

These amounts represent genuine and fair pre-estimates of potential loss, including reputational and market value damage, and are expressly agreed by the Parties to constitute reasonable compensation under Article 1538 Codul Civil and §340 BGB.

6.4 Additional Financial Consequences

The Receiving Party may also be liable for:

Disgorgement of Profits – All profits made from unauthorized use
Constructive Trust – Hold benefits derived from breach in trust for Company
Accounting for Gains – Full financial accounting of benefits received
Interest and Penalties – Commercial interest rates plus penalty interest
Currency Fluctuation – All damages calculated in Euros with currency adjustment

6.5 Criminal Referrals

The Company reserves the right to refer violations to:

Romanian Criminal Authorities for trade secret theft
EU Law Enforcement for cross-border economic crimes
International Authorities through mutual legal assistance treaties
Regulatory Bodies for market manipulation or securities violations
Tax Authorities for unreported income from unauthorized use

7. INTELLECTUAL PROPERTY PROTECTION

7.1 No Rights Granted

This Agreement does not grant the Receiving Party:

Any rights to Company intellectual property
Licenses to use patents, trademarks, or copyrights
Rights to file intellectual property applications
Authority to sublicense or transfer any rights
Claims to inventions or improvements

7.2 Feedback and Improvements

Any feedback, suggestions, or improvements provided by the Receiving Party:

Become the exclusive property of the Company
May be used without compensation or attribution
Are deemed to be assigned to the Company upon creation
Do not create any ongoing obligations to the Receiving Party
May be protected by intellectual property rights

7.3 Work Product

Any work product created using Confidential Information:

Belongs exclusively to the Company
Must be disclosed and assigned to the Company
Cannot be used for any other purpose
Must be delivered with all related materials
Is subject to additional confidentiality obligations

8. ENFORCEMENT AND JURISDICTION

8.1 Romanian Law and Jurisdiction

This Agreement is governed by:

Romanian Law as the primary governing law
EU Regulations where applicable
International Treaties for cross-border enforcement
Romanian Courts with exclusive jurisdiction in Bucharest

8.2 International Enforcement

The Company may seek enforcement in any jurisdiction where:

The Receiving Party resides or conducts business
Confidential Information has been disclosed or misused
Assets of the Receiving Party are located
Violations have occurred or continue to occur

8.3 Service of Process

The Receiving Party consents to:

Service of process via email to registered addresses
Service through local counsel in any relevant jurisdiction
Expedited service procedures for emergency relief
Electronic service for all court proceedings

8.4 Attorneys’ Fees and Costs

The prevailing party in any dispute shall be entitled to:

Full reimbursement of attorneys’ fees and costs
Expert witness fees and litigation expenses
Court costs and filing fees
Investigation and discovery costs
Appeal costs and post-judgment collection expenses

9. COMPLIANCE AND MONITORING

9.1 Ongoing Monitoring

The Company reserves the right to:

Monitor compliance with this Agreement
Conduct periodic audits of information handling
Request compliance certifications
Implement technical monitoring measures
Investigate suspected violations

9.2 Cooperation Requirements

The Receiving Party shall:

Cooperate fully with compliance monitoring
Provide access for audit purposes
Respond promptly to compliance inquiries
Implement requested security measures
Report suspected violations by third parties

9.3 Third Party Compliance

The Receiving Party is responsible for:

Ensuring compliance by employees and agents
Obtaining equivalent agreements from authorized recipients
Monitoring third party compliance
Reporting third party violations immediately
Taking corrective action for third party breaches

10. TERM AND TERMINATION

10.1 Term

This Agreement:

Becomes effective upon electronic acceptance
Continues indefinitely until terminated
Survives termination of any other agreements
Remains binding on successors and assigns
Cannot be unilaterally terminated by Receiving Party

10.2 Survival

The following provisions survive termination:

All confidentiality obligations (indefinitely)
Return and destruction requirements
Liability and damages provisions
Intellectual property protections
Enforcement and jurisdiction clauses

10.3 Effect of Termination

Upon termination:

Confidentiality obligations continue indefinitely
All Confidential Information must be returned or destroyed
All derived materials must be destroyed
Access to Company systems must cease immediately
Certification of compliance must be provided

11. ADDITIONAL PROTECTIONS

11.1 No Waiver

No waiver of any provision unless in writing and signed
Waiver of one breach does not waive future breaches
Delay in enforcement does not constitute waiver
All rights and remedies are cumulative
Company may enforce any provision at any time

11.2 Severability

Invalid provisions do not affect validity of remainder
Courts may modify provisions to make them enforceable
Essential terms cannot be severed without voiding Agreement
Substitute provisions should achieve similar protection
Agreement continues in effect with enforceable provisions

11.3 Assignment

Company may freely assign this Agreement
Receiving Party cannot assign without written consent
Agreement binds successors and assigns
Assignment does not relieve original party of obligations
Notice of assignment not required for validity

11.4 Force Majeure

No excuse for confidentiality violations due to force majeure
Confidentiality obligations are absolute
Technical failures do not excuse breaches
Security incidents require immediate notification
Enhanced precautions required during force majeure events

12. SPECIFIC INVESTMENT CONTEXT PROVISIONS

12.1 Securities Law Compliance

The Receiving Party acknowledges:

Confidential Information may constitute material non-public information
Trading in Company securities while possessing such information is prohibited
Insider trading laws apply to disclosed information
Tipping others is strictly prohibited
Securities violations may result in criminal prosecution

12.2 Market Manipulation Prevention

The Receiving Party shall not:

Use Confidential Information to manipulate energy markets
Share information that could affect commodity prices
Engage in front-running or similar practices
Coordinate trading activities based on Confidential Information
Participate in market manipulation schemes

12.3 Investment Documentation

This NDA does not constitute an investment agreement
No investment rights are created by information disclosure
Separate agreements required for actual investments
Due diligence disclosure does not guarantee investment opportunity
Investment terms subject to separate negotiation

13. NOTIFICATION AND CONTACT REQUIREMENTS

13.1 Breach Notification

Any suspected or actual breach must be reported immediately to: Email: vp@vendor.energy
Subject: “URGENT: NDA BREACH NOTIFICATION”
Required Information:

Description of the breach or suspected breach
Persons who may have received Confidential Information
Actions taken to mitigate the breach
Timeline of events and circumstances

13.2 Legal Notices

All legal notices must be sent to: MICRO DIGITAL ELECTRONICS CORP S.R.L.
Attention: Legal Department – Vitaly Peretyachenko
Email: vp@vendor.energy
Address: Splaiul Unirii nr. 16, office 705, Bucharest, Sector 4, Romania

13.3 Emergency Contact

For urgent matters outside business hours:

Mark emails as “URGENT LEGAL MATTER”
Include mobile contact information for immediate response
Provide detailed description of urgency
Confirm receipt within 24 hours

14. ACKNOWLEDGMENT AND ACCEPTANCE

BY CHECKING THE ACCEPTANCE BOX AND PROCEEDING, YOU ACKNOWLEDGE:

✓ You have read and understood this entire Agreement
✓ You have full authority to enter into this binding contract
✓ You understand the serious legal consequences of any violation
✓ You agree to the enhanced data processing for KYC/AML purposes
✓ You consent to the jurisdiction and governing law provisions
✓ You understand that electronic acceptance creates binding obligations
✓ You agree to the liquidated damages and remedy provisions
✓ You acknowledge the potential for criminal prosecution for violations

ELECTRONIC SIGNATURE CONFIRMATION: □ I agree to the terms of this Non-Disclosure Agreement and consent to enhanced data processing for KYC/AML verification purposes

Date of Acceptance: [Automatically recorded upon submission]
IP Address: [Automatically recorded for verification]
Timestamp: [Automatically recorded with time zone]
User Identification: [From KYC verification process]

This Non-Disclosure Agreement contains maximum legal protections and severe penalties for violations. Any breach may result in immediate legal action, substantial financial penalties, and criminal prosecution.