Terms of Service

Last Updated: January 11, 2025 Effective Date: January 11, 2025

Company Information

Legal Entity: CMG FRAMEWORKS SRL Registered Address: Drumul NISIPOASA, Nr. 46-52, Lot 1/2, Bl. C, Scara C7, Etaj P, Ap. 3, București, Romania Contact Phone: +40 772 125 155 Email: support@cmgworkflow.com Alternative Email: contact@cmgworkflow.com Legal/Compliance: contact@cmgworkflow.com

---

1. Acceptance of Terms

By accessing, registering for, or using the CRM Service (as defined below) provided by CMG FRAMEWORKS SRL ("Company," "we," "us," or "our"), you ("User," "you," or "your") agree to be bound by these Terms of Service ("Terms," "Agreement," or "ToS") and our Privacy Policy.

If you disagree with any part of these Terms, you may NOT access or use the Service.

1.1 Binding Agreement

These Terms constitute a legally binding agreement between:

• CMG FRAMEWORKS SRL - A Romanian limited liability company (SRL) registered in București, Romania
• You - The individual or legal entity accessing or using the Service

1.2 Additional Agreements

Your use of the Service is also governed by:

• Privacy Policy - /legal/privacy
• Data Processing Addendum (DPA) - Automatically incorporated for EU customers under GDPR
• Acceptable Use Policy - Incorporated by reference in Section 13

1.3 Capacity to Contract

By accepting these Terms, you represent and warrant that:

• ✅ You are at least 18 years of age
• ✅ You have the legal capacity to enter into binding contracts
• ✅ You are not prohibited from using the Service under Romanian or EU law
• ✅ If representing an organization, you have authority to bind that entity

1.4 Modifications to Terms

We reserve the right to modify these Terms at any time. Changes will be effective upon posting unless otherwise stated.

We will notify you of material changes via:

• Email notification - At least 30 days before effective date for material changes
• In-app notice - Prominent notification banner on dashboard
• Version update - "Last Updated" date at top of this document

Your options upon changes:

• ✅ Accept - Continue using the Service (constitutes acceptance)
• ✅ Reject - Cancel subscription and request data deletion before effective date
• ✅ Negotiate - Enterprise customers may negotiate custom terms

Continued use after effective date constitutes acceptance of modified Terms.

---

2. Service Description

2.1 Overview

CMG FRAMEWORKS SRL provides a cloud-based, multi-tenant CRM SaaS platform ("Service") designed for businesses to manage customer relationships through:

Core Features

• Lead Management - Kanban board with drag-and-drop status updates (new, talking_stage, qualified, lost)
• Client Management - Customer relationship tracking with activity timelines and business data
• WhatsApp Integration - Automated messaging via WhatsApp Business Cloud API
• AI-Powered Automation - Conversation handling and lead extraction using Google Gemini Enterprise API
• Team Collaboration - Multi-user access with role-based permissions (owner, admin, agent, viewer)
• Analytics & Reporting - Lead pipeline metrics, conversion rates, team performance tracking

2.2 Service Architecture

The Service operates as a multi-tenant SaaS platform where:

• ✅ Shared infrastructure - Multiple organizations share the same application and database
• ✅ Data isolation - Row-Level Security (RLS) enforces organization-level data separation
• ✅ Independent organizations - Each organization operates as a separate tenant with isolated data
• ✅ No cross-tenant access - Organizations cannot access each other's data (enforced at database level)

2.3 WhatsApp Business Integration

Our WhatsApp features require:

• WhatsApp Business Cloud API access (not consumer WhatsApp app)
• Meta Business Manager verified account
• Pre-approved message templates (Meta approval required, 2-24 hours)
• EU-based Business Solution Provider (BSP) for GDPR compliance
• Quality rating maintenance (Green status required to avoid messaging blocks)

Important: WhatsApp messaging is subject to Meta's policies and quality standards. We do NOT control Meta's approval process, quality ratings, or service availability.

2.4 AI Features Disclaimer

Our AI-powered features use Google Gemini Enterprise API to:

• Analyze WhatsApp conversations for customer intent
• Extract lead information (name, email, phone) from unstructured messages
• Generate suggested responses to customer inquiries (reviewed and approved by you)
• Summarize conversation history for context retention

Critical Disclaimers:

• ❌ AI-generated content is for informational purposes only - review before sending
• ❌ We do NOT guarantee accuracy of AI-generated responses or extracted data
• ❌ You are solely responsible for messages sent via AI automation
• ❌ AI may produce inaccurate, inappropriate, or biased content - review carefully
• ❌ We are NOT liable for consequences of AI-generated content

Data Protection: We use Gemini Enterprise API (NOT consumer version) - your data is NOT used to train AI models and complies with GDPR.

2.5 Service Availability

The Service is provided "as is" and "as available" without guaranteed uptime. We strive for:

• 🎯 99.9% uptime target - Best-effort availability commitment (NOT guaranteed)
• 🔔 Scheduled maintenance - Communicated 48 hours in advance when possible
• ⚡ Emergency maintenance - May occur without notice for security or critical issues
• 📊 Status page - Real-time service status (if available)

No SLA: This Agreement does NOT include Service Level Agreement (SLA) guarantees. Enterprise customers may negotiate custom SLA terms.

2.6 Service Modifications

We reserve the right to:

• ✅ Add new features - Enhance functionality at our discretion
• ✅ Modify existing features - Improve or change feature behavior
• ✅ Discontinue features - Remove features with 60 days notice (if materially affects core functionality)
• ✅ Change pricing - Adjust subscription prices with 30 days notice

Guaranteed features (will not be removed):

• ✅ Lead management Kanban board
• ✅ Client management database
• ✅ Multi-user team access
• ✅ Data export functionality

---

3. Account Registration and Security

3.1 Account Creation

To use the Service, you must:

1. Register for an account with accurate, current, and complete information
2. Verify your email address via confirmation link
3. Create an organization (or join an existing organization via invitation)
4. Accept these Terms and our Privacy Policy

Information required:

• Full name
• Email address (used as primary identifier)
• Password (minimum 8 characters, complexity requirements enforced)
• Organization name and details

Prohibited activities:

• ❌ False information - Providing inaccurate or fraudulent registration data
• ❌ Impersonation - Registering under another person's or entity's name
• ❌ Multiple accounts - Creating duplicate accounts to circumvent usage limits
• ❌ Automated registration - Using bots or scripts to create accounts

3.2 Account Security

Your responsibilities:

• ✅ Maintain confidentiality - Keep credentials secure and confidential
• ✅ Use strong passwords - Minimum 8 characters with mixed case, numbers, symbols
• ✅ Enable 2FA - Two-factor authentication strongly recommended
• ✅ Monitor activity - Review account activity regularly for suspicious actions
• ✅ Report breaches - Notify us immediately of unauthorized access at support@cmgworkflow.com

Our security measures:

• ✅ Encryption - AES-256 at rest, TLS 1.3 in transit
• ✅ Password hashing - Bcrypt with salt (we cannot retrieve your password)
• ✅ Session management - Automatic logout after 30 days of inactivity
• ✅ IP monitoring - Detection of unusual login patterns
• ✅ 2FA support - TOTP-based two-factor authentication

Account compromise: If you suspect unauthorized access:

1. Change password immediately via Account Settings
2. Revoke active sessions in Account Settings → Security
3. Contact support at support@cmgworkflow.com
4. Review activity logs for unauthorized actions

Our rights upon security breach:

• ✅ We may suspend your account if we detect suspicious activity
• ✅ We may require password reset if breach suspected
• ✅ We may require additional verification to restore access
• ✅ We will notify you of suspicious activity via email

3.3 Account Ownership

Individual accounts:

• The person who registers owns the account
• Account cannot be transferred without our prior written consent

Organization accounts:

• The organization entity owns the account and all data
• Individual users are members with assigned roles
• Ownership can be transferred to another member (owner permission required)

Multi-user organizations:

• Owner has full control (billing, member management, data deletion)
• Admins can manage members and settings (cannot delete organization)
• Agents can manage leads and clients (cannot modify settings)
• Viewers have read-only access

---

4. Subscription Terms and Billing

4.1 Subscription Plans

The Service is offered under various subscription plans:

Free Tier

• Cost: Free (no credit card required)
• Usage limits: Limited leads, clients, messages per month
• Features: Basic CRM functionality
• Support: Community support (email response within 5 business days)

Paid Tiers (Module-Based)

• Cost: Varies by selected modules (Leads, Clients, AI, WhatsApp)
• Billing cycle: Monthly or annual (annual saves 20%)
• Usage limits: Increased limits based on plan tier
• Features: Advanced functionality, integrations, automation
• Support: Priority email support (24-48 hour response)

Enterprise

• Cost: Custom pricing (contact sales)
• Billing cycle: Annual (negotiated)
• Usage limits: Custom limits or unlimited
• Features: Custom SLA, dedicated support, white-label options
• Support: Dedicated account manager, phone support

Current pricing: https://cmgworkflow.com/pricing (incorporated by reference)

4.2 Billing and Payment

Payment processing:

• All payments processed securely via Stripe (PCI DSS Level 1 certified)
• We do NOT store credit card numbers - all payment data handled by Stripe
• Accepted payment methods: Credit/debit cards, bank transfers (enterprise)

Billing cycle:

• Monthly plans - Billed on the same day each month (anniversary of subscription)
• Annual plans - Billed annually on anniversary date
• Prorated charges - Module additions prorated to next billing date

Invoices:

• Emailed to account owner after each successful payment
• Downloadable from Account Settings → Billing
• Include Romanian tax details (if applicable)

Failed payments:

• Retry schedule: Automatic retries at 3 days, 7 days, 14 days
• Grace period: 14 days to update payment method before suspension
• Account suspension: Service suspended after 14 days of non-payment
• Data retention: Data retained for 30 days after suspension (then deleted)

Currency:

• Prices listed in USD and EUR
• Romanian customers billed in EUR
• Prices exclude VAT (Romanian VAT 19% added for Romanian customers)

4.3 Price Changes

We reserve the right to change subscription prices at any time.

Notice period:

• 30 days notice for existing subscribers via email
• New prices apply on next billing cycle (not mid-cycle)
• Grandfathering - Existing annual subscribers locked at current price until renewal

Your options:

• ✅ Accept - Continue subscription at new price
• ✅ Downgrade - Switch to lower-tier plan before price change
• ✅ Cancel - Cancel subscription before next billing cycle

4.4 Cancellation and Refunds

You may cancel anytime:

• How: Account Settings → Subscription → Cancel Subscription
• Effect: Cancellation effective at end of current billing period
• Access: Full access maintained until end of billing period
• Data: Data retained for 30 days after cancellation (grace period for reactivation)

Refund policy:

• ❌ No refunds for monthly subscriptions (cancel to avoid future charges)
• ✅ Partial refunds for annual subscriptions (prorated unused portion, minus 20% processing fee)
• ✅ Full refunds within 14 days of first purchase (one-time, no questions asked)
• ✅ Service failures - Refunds for extended outages (>24 hours) at our discretion

Exception - No refunds for:

• ❌ Account suspension due to Terms violation
• ❌ Your decision to discontinue use
• ❌ Third-party service failures (WhatsApp, Google, Stripe)

Refund requests:

• Email support@cmgworkflow.com with subject "Refund Request"
• Include: Account email, reason, payment reference
• Response within 5 business days
• Refunds processed within 10 business days if approved

4.5 Taxes

Your responsibility: You are responsible for all taxes, duties, and assessments (except income taxes on our revenue).

Romanian customers:

• VAT 19% automatically added to invoices
• VAT exemption - Provide valid VAT number for inter-EU sales exemption

EU customers (non-Romania):

• Reverse charge - Provide valid VAT number for B2B reverse charge
• VAT charged - If no valid VAT number, Romanian VAT 19% applied

Non-EU customers:

• No VAT - Prices as shown (subject to local tax obligations in your country)

---

5. Data Ownership, Usage, and Protection

5.1 Your Data Ownership

You retain full ownership and all intellectual property rights to:

• ✅ Data you upload or create (leads, clients, conversations, notes)
• ✅ Content you generate (custom fields, templates, automation rules)
• ✅ Business information and trade secrets contained in your data

We do NOT claim ownership of your data.

5.2 License Grant to Us

You grant CMG FRAMEWORKS SRL a limited, non-exclusive, royalty-free, worldwide license to:

• Process, store, and transmit your data to provide the Service
• Use data to generate aggregated, anonymized analytics (no personally identifiable information)
• Display your data within the Service interface to you and your authorized users
• Backup your data for disaster recovery purposes

This license terminates when:

• ✅ You delete the data from your account
• ✅ Your account is closed and grace period expires (30 days)
• ✅ Backup retention period expires (90 days after deletion)

5.3 Multi-Tenant Data Isolation

Our commitment:

• ✅ Row-Level Security (RLS) enforces organization_id filtering at PostgreSQL database level
• ✅ Automatic isolation - Database automatically restricts queries to your organization
• ✅ No cross-tenant access - Other organizations cannot access your data (even if application code has bugs)
• ✅ JWT-based authentication - organization_id stored in JWT app_metadata (you cannot modify)

Your guarantee: We guarantee that your data is isolated from other organizations and inaccessible to them under any circumstances, subject to force majeure and security breaches beyond our reasonable control.

5.4 Data Processing Agreements

GDPR Compliance:

• A Data Processing Addendum (DPA) is automatically incorporated into this Agreement for all EU customers
• You are the data controller for end-user data processed through the Service
• We are the data processor acting on your behalf under your instructions
• We maintain Data Processing Agreements with all sub-processors (Supabase, Google, Meta, Stripe)

Sub-processors: Our current sub-processors are listed in our Privacy Policy Section 5. We will notify you of sub-processor changes with 30 days notice.

5.5 Data Export and Portability

Your right to export:

• ✅ Anytime export - Download your data at any time via Account Settings → Export Data
• ✅ Structured formats - JSON (machine-readable), CSV (spreadsheet-compatible)
• ✅ Complete data - All leads, clients, conversations, users, settings
• ✅ No restrictions - Export for migration, backup, compliance, or any reason

What we export:

• Leads (all fields, status history)
• Clients (all fields, activity timeline)
• Conversations (full message history with timestamps)
• Users (account details, roles)
• Organizations (settings, custom fields, templates)

After cancellation:

• 30-day grace period - Data remains accessible for export
• Export reminder - We email you 7 days before permanent deletion
• No retrieval after deletion - Data permanently deleted 30 days after cancellation

5.6 Data Retention and Deletion

Active accounts:

• Data retained indefinitely while subscription active

Cancelled accounts:

• 30 days grace period - Data accessible for export or reactivation
• Permanent deletion - Data deleted 30 days after cancellation
• Backup purge - Deleted data purged from backups after 90 days

Legal holds:

• Data retained if subject to legal proceedings, regulatory investigation, or Romanian tax law (7 years for financial records)

User-requested deletion (GDPR "Right to Erasure"):

• Email request to support@cmgworkflow.com with subject "Data Deletion Request"
• Verification - We verify account ownership before deletion
• 30-day completion - Data deleted within 30 days of verified request
• Exceptions - Data retained if legally required (tax records, litigation)

---

6. WhatsApp Business Integration

6.1 WhatsApp Business Cloud API Requirements

To use WhatsApp features, you must:

• ✅ Have a Meta Business Manager account (verified)
• ✅ Create a WhatsApp Business Account within Meta Business Manager
• ✅ Obtain a WhatsApp phone number (dedicated business number, NOT personal WhatsApp)
• ✅ Submit message templates to Meta for approval (2-24 hours approval time)
• ✅ Maintain Green quality rating (message block rate <1%)

Important: We do NOT control Meta's approval process, policies, or quality standards. WhatsApp access subject to Meta's discretion.

6.2 Message Templates

All outbound WhatsApp messages (except responses within 24-hour customer service window) MUST use pre-approved templates.

Template approval process:

1. Create template in our Template Manager
2. Submit to Meta for review (we submit via API)
3. Meta reviews (2-24 hours typical, up to 7 days possible)
4. Template approved, paused, or rejected
5. Use approved templates for automated messages

Reasons for rejection:

• ❌ Promotional content without opt-in
• ❌ Abusive, threatening, or illegal content
• ❌ Misleading or deceptive information
• ❌ Sensitive content (politics, religion, adult content)
• ❌ Grammar errors or formatting issues

We are NOT responsible for template rejections or delays. Template approval is Meta's sole discretion.

6.3 Quality Rating and Blocking

Meta assigns a quality rating to your WhatsApp Business Account based on customer feedback:

Quality tiers:

• Green (High) - Block rate <1% - No restrictions
• Yellow (Medium) - Block rate 1-2% - Warning issued, monitor closely
• Red (Low) - Block rate >2% - Messaging BLOCKED for variable period

Block rate sources:

• Customer blocks your number
• Customer reports as spam
• Low message delivery rate
• High bounce rate (invalid numbers)

Your responsibilities:

• ✅ Obtain consent before messaging customers (explicit opt-in)
• ✅ Send relevant messages - Only send messages customers expect
• ✅ Honor opt-outs - Stop messaging users who request it
• ✅ Maintain Green status - Monitor quality rating daily in Meta Business Manager

If your account is blocked:

• ❌ We cannot unblock your account - only Meta can
• ❌ We are NOT liable for revenue loss, customer loss, or damages from blocking
• ❌ No refunds for WhatsApp module subscription during block period
• ✅ You must appeal to Meta for unblocking (success not guaranteed)

6.4 WhatsApp Data Processing

Data shared with Meta:

• Phone numbers (yours and customers')
• Message content (text, media, interactive buttons)
• Message metadata (timestamps, delivery status, read receipts)

GDPR compliance:

• We use WhatsApp Business Cloud API (GDPR-compliant) with EU-based Business Solution Provider
• Meta has signed WhatsApp Business Data Processing Terms (DPA)
• Data transfers protected by Standard Contractual Clauses and EU-US Data Privacy Framework

Your obligations:

• ✅ Obtain consent from end-users before messaging via WhatsApp
• ✅ Provide privacy notice to end-users explaining WhatsApp data processing
• ✅ Honor data subject rights (access, deletion, etc.) for WhatsApp conversations

6.5 WhatsApp Costs

Conversation pricing model:

• Service conversations (customer initiates) - FREE within 24-hour window
• Marketing conversations (you initiate) - Paid per conversation
• Utility conversations (order updates, account notifications) - Paid per conversation

Pricing tiers by country:

• Rates vary by destination country (India cheapest, US/EU mid-range, some countries expensive)
• Exact pricing available at Meta's WhatsApp Pricing

Billing:

• Meta bills us monthly for WhatsApp usage
• We pass through costs to you at cost + 10% platform fee
• Billed separately from CRM subscription (usage-based)
• Invoiced monthly with usage breakdown

Cost control:

• Set monthly spending limits in Settings → WhatsApp Integration
• Automatic cutoff when limit reached (no overages without authorization)
• Real-time usage dashboard to monitor spend

---

7. AI and Automation

7.1 AI Technology

Our AI features use Google Gemini Enterprise API (not consumer version) to:

• Analyze WhatsApp conversations for customer intent and sentiment
• Extract structured lead information (name, email, phone, interest) from unstructured messages
• Generate suggested responses to customer inquiries (you review and approve before sending)
• Summarize conversation history for context retention (sliding window of last 10-15 messages)

Data protection:

• ✅ Your data is NOT used to train Google's AI models (Enterprise API guarantee)
• ✅ Data processing complies with GDPR via automatic Data Processing Addendum
• ✅ Human review is disabled by default for enterprise customers
• ✅ Data processed in EU data centers (Google Ireland Ltd.) where possible

7.2 AI Accuracy Disclaimer

NO ACCURACY GUARANTEE:

• ❌ We do NOT guarantee accuracy of AI-generated content, recommendations, or extracted data
• ❌ AI may produce inaccurate, incomplete, biased, or inappropriate outputs
• ❌ AI may hallucinate (generate plausible-sounding but false information)
• ❌ AI may misinterpret context or miss nuances in conversations

Your responsibilities:

• ✅ Review AI outputs before using them (especially before sending messages)
• ✅ Verify extracted data (check phone number formats, email validity, etc.)
• ✅ Supervise automation - Do not run fully automated messaging without oversight
• ✅ Correct errors - Fix inaccurate lead data or inappropriate AI responses

7.3 Automated Actions

Our Service supports various automated actions:

• WhatsApp welcome messages - Sent automatically to new leads from forms or conversations
• AI-generated responses - Suggested replies generated automatically (you approve before sending)
• Lead creation - Leads created automatically from WhatsApp conversations
• Status updates - Lead status can be auto-updated based on conversation triggers (if configured)

Control options:

• ✅ Disable automation - Turn off AI or automated messaging in Settings
• ✅ Review before send - Require manual approval for AI-generated messages
• ✅ Set rules - Configure when automation triggers and when human intervention required

Your liability: You are solely responsible for all actions taken via automation, including:

• ❌ Inappropriate messages sent to customers
• ❌ GDPR violations (e.g., messaging without consent)
• ❌ WhatsApp policy violations leading to account blocking
• ❌ Incorrect data created in your CRM

We are NOT liable for consequences of automated actions you configure or enable.

7.4 AI Limitations

AI features are NOT suitable for:

• ❌ Critical decisions - Do not rely solely on AI for business-critical decisions
• ❌ Legal or compliance advice - AI does not provide legal, financial, or regulatory guidance
• ❌ Medical or health information - AI is not qualified for health-related conversations
• ❌ Sensitive personal data - Avoid processing special categories of data via AI (race, religion, health, etc.)

If your use case involves sensitive or regulated data, consult legal counsel before using AI features.

---

8. Intellectual Property

8.1 Our Intellectual Property

All content, features, and functionality of the Service are owned by CMG FRAMEWORKS SRL and protected by:

• Romanian and international copyright laws
• Trademark laws (CMG FRAMEWORKS, CMG CRM, and related marks)
• Trade secret laws (proprietary algorithms, business methods)
• Database rights (EU Database Directive)

Our IP includes:

• Service source code and software
• User interface design and layout
• Logos, trademarks, and branding
• Documentation and user guides
• Algorithms and methodologies

Your restrictions:

• ❌ No copying - Do not copy, reproduce, or duplicate the Service
• ❌ No reverse engineering - Do not decompile, disassemble, or derive source code
• ❌ No modification - Do not create derivative works or modify the Service
• ❌ No trademark use - Do not use our trademarks without prior written consent

8.2 Your Intellectual Property

You retain all rights to your data and content. By using the Service, you do NOT transfer any intellectual property rights to us.

We do NOT claim ownership of:

• Your business data, trade secrets, or proprietary information
• Lead and client data you input into the CRM
• WhatsApp conversation content
• Custom fields, templates, or automation rules you create

8.3 Feedback and Suggestions

If you provide feedback, suggestions, or ideas for improvements ("Feedback"):

• ✅ We may use Feedback to improve the Service without obligation to you
• ✅ You grant us a perpetual, irrevocable, royalty-free license to use Feedback
• ✅ We have no obligation to implement Feedback or keep it confidential
• ❌ We will NOT pay for Feedback or share revenue from improvements

If you do NOT want us to use your ideas, do not submit Feedback.

8.4 DMCA Copyright Complaints

If you believe content in the Service infringes your copyright, submit a DMCA notice to:

Email: contact@cmgworkflow.com Subject: "DMCA Takedown Request" Address: Drumul NISIPOASA, Nr. 46-52, Lot 1/2, Bl. C, Scara C7, Etaj P, Ap. 3, București, Romania

Required information:

• Physical or electronic signature of copyright owner
• Description of copyrighted work claimed to be infringed
• Location of infringing material (URL or account details)
• Your contact information (address, phone, email)
• Statement of good faith belief that use is not authorized
• Statement under penalty of perjury that information is accurate

We will investigate and respond within 10 business days.

---

9. Warranty Disclaimers

9.1 "AS IS" AND "AS AVAILABLE" Disclaimer

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED.

To the fullest extent permitted by Romanian and EU law, we disclaim ALL warranties, including:

• ❌ Merchantability - We do not warrant Service is fit for commerce
• ❌ Fitness for particular purpose - We do not warrant Service meets your specific needs
• ❌ Non-infringement - We do not warrant Service does not infringe third-party rights
• ❌ Accuracy - We do not warrant AI outputs or data processing are accurate
• ❌ Reliability - We do not warrant uninterrupted or error-free operation
• ❌ Security - We do not warrant Service is completely secure from hacking or data breaches
• ❌ Compatibility - We do not warrant compatibility with all devices, browsers, or systems

9.2 Third-Party Services Disclaimer

The Service integrates with third-party services (WhatsApp, Google, Stripe) that we do NOT control.

We are NOT responsible for:

• ❌ WhatsApp account suspensions or quality rating issues
• ❌ Google API changes, deprecations, or service interruptions
• ❌ Stripe payment processing failures or disputes
• ❌ Third-party service pricing changes or policy violations
• ❌ Data breaches or security issues at third-party providers

Third-party terms apply: Your use of integrated services is subject to their respective Terms of Service and Privacy Policies:

• Meta WhatsApp Terms
• Google Terms
• Stripe Terms

9.3 Beta Features Disclaimer

We may release features labeled "Beta," "Experimental," or "Preview." These features:

• ❌ Are provided without warranty - May not function as expected
• ❌ Are not production-ready - Use at your own risk
• ❌ May be changed or removed - Without notice or refund
• ❌ May have limited support - Documentation and support may be incomplete

Do NOT use Beta features for critical business operations.

9.4 Romanian Law Exceptions

Romanian consumer protection laws may provide you with certain mandatory warranties that cannot be excluded. Where Romanian law applies and prohibits disclaimer of warranties:

• Implied warranties are limited to the minimum duration required by law
• Our liability is limited as set forth in Section 10

---

10. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY ROMANIAN AND EU LAW:

10.1 Exclusion of Certain Damages

CMG FRAMEWORKS SRL, its officers, directors, employees, agents, suppliers, and licensors SHALL NOT BE LIABLE FOR:

• ❌ Indirect damages - Lost profits, revenue, opportunities, goodwill
• ❌ Incidental damages - Costs of substitute services, downtime, data loss
• ❌ Consequential damages - Business interruption, lost customers, reputational harm
• ❌ Punitive damages - Damages intended to punish (unless mandatory under Romanian law)
• ❌ Special damages - Damages unique to your circumstances

Even if we were advised of the possibility of such damages.

10.2 Cap on Direct Damages

Our total aggregate liability to you for ALL claims arising from or related to the Service, whether in contract, tort, negligence, strict liability, or otherwise, SHALL NOT EXCEED:

The greater of:

• €100 EUR, or
• The amount you paid us in the 12 months preceding the claim

This cap applies:

• ✅ To all claims combined (not per claim)
• ✅ To both individual and class action claims
• ✅ Regardless of the number of claims or causes of action

10.3 Exclusions from Liability Cap

The liability limitations in Sections 10.1 and 10.2 DO NOT apply to:

• ✅ Death or personal injury caused by our negligence
• ✅ Fraud or fraudulent misrepresentation by us
• ✅ Gross negligence or willful misconduct by us
• ✅ Liabilities that cannot be excluded under Romanian law (e.g., mandatory consumer protection)

10.4 Force Majeure

We are NOT liable for delays, failures, or damages caused by events beyond our reasonable control, including:

• Natural disasters (earthquakes, floods, fires)
• War, terrorism, civil unrest, government actions
• Pandemics, epidemics, public health emergencies
• Internet or telecommunications failures
• Power outages, server failures, DDoS attacks
• Third-party service failures (AWS, Google, Meta, Stripe downtime)
• Labor disputes, strikes, lockouts

Effect of force majeure:

• Performance obligations suspended during force majeure event
• No liability for damages during force majeure event
• If force majeure continues >30 days, either party may terminate Agreement

10.5 Romanian Consumer Law

If you are a Romanian consumer (individual using Service for personal, non-commercial purposes), certain mandatory consumer protection laws may apply that prohibit limitation of liability for:

• Death or personal injury caused by our negligence
• Damages caused by defects we knowingly concealed
• Damages resulting from fraud or gross negligence

Where Romanian consumer law applies and conflicts with these limitations, Romanian law prevails to the extent required.

10.6 Basis of the Bargain

You acknowledge that these limitations of liability are fundamental elements of the bargain between you and CMG FRAMEWORKS SRL. The subscription prices reflect these limitations. Without these limitations, we would not offer the Service at current prices.

---

11. Indemnification

11.1 Your Indemnification Obligation

You agree to indemnify, defend, and hold harmless CMG FRAMEWORKS SRL, its officers, directors, employees, agents, licensors, and suppliers from and against ALL claims, liabilities, damages, losses, costs, expenses, and fees (including reasonable attorney fees) arising from or related to:

Your violations:

• ❌ Your breach of these Terms or our Acceptable Use Policy
• ❌ Your violation of any law, regulation, or third-party rights
• ❌ Your violation of GDPR or data protection laws (e.g., messaging without consent)
• ❌ Your infringement of third-party intellectual property rights

Your content and data:

• ❌ Your data uploaded to the Service (including defamatory, infringing, or illegal content)
• ❌ Messages you send via WhatsApp (spam, harassment, fraudulent content)
• ❌ AI-generated content you approve and send to customers

Your use of Service:

• ❌ Your misuse of the Service (hacking, unauthorized access, data scraping)
• ❌ Your authorized users' actions (employees, contractors, team members)
• ❌ Disputes between you and your customers arising from Service use

11.2 Indemnification Procedure

If we seek indemnification from you:

1. Notice - We will notify you promptly of any claim
2. Control - We may control defense and settlement (at your expense)
3. Cooperation - You must cooperate with our defense
4. No settlement - You may not settle claims without our prior written consent

11.3 Limitations on Indemnification

Your indemnification obligation does NOT apply to claims arising from:

• ✅ Our gross negligence or willful misconduct
• ✅ Defects in the Service we knowingly concealed
• ✅ Our breach of these Terms

---

12. Term and Termination

12.1 Agreement Term

This Agreement begins when you accept these Terms (by creating an account) and continues until:

• ✅ You terminate your account
• ✅ We terminate your account
• ✅ All subscriptions expire and are not renewed

12.2 Termination by You

You may terminate anytime:

• How: Account Settings → Subscription → Cancel Subscription
• Notice: No advance notice required
• Effect: Termination effective at end of current billing period
• Access: Full access maintained until end of billing period
• Refunds: Subject to Section 4.4 (generally no refunds for monthly plans)

12.3 Termination by Us

We may terminate or suspend your account immediately without notice if:

Terms violations:

• ❌ Breach of these Terms or Acceptable Use Policy
• ❌ Fraudulent activity (payment fraud, fake account, impersonation)
• ❌ Illegal use (spam, hacking, malware distribution, harassment)
• ❌ Excessive abuse of support or resources

Non-payment:

• ❌ Non-payment of subscription fees after 14-day grace period

Legal requirements:

• ❌ Law enforcement requests or court orders
• ❌ Violation of Romanian or EU laws

Discretionary termination:

• We may terminate at any time with 30 days notice without cause (e.g., discontinuing Service)

12.4 Effects of Termination

Upon termination or expiration:

Immediate effects:

• ✅ Your access to the Service is suspended immediately
• ✅ Your subscription stops billing (no future charges)
• ✅ Automated messaging and AI features disabled

Data retention:

• ✅ 30-day grace period - Data accessible for export or reactivation
• ✅ Export deadline - Download your data within 30 days (via support request)
• ✅ Permanent deletion - Data permanently deleted after 30 days
• ✅ Legal holds - Data retained if required by law (tax records, litigation)

Financial effects:

• ✅ No refunds - Except as provided in Section 4.4
• ✅ Outstanding fees due - You must pay all outstanding fees before termination

Survival: Sections that by their nature should survive termination remain in effect, including:

• Section 5 (Data Ownership)
• Section 8 (Intellectual Property)
• Section 9 (Warranty Disclaimers)
• Section 10 (Limitation of Liability)
• Section 11 (Indemnification)
• Section 15 (Dispute Resolution)

---

13. Acceptable Use Policy

13.1 Prohibited Uses

You agree NOT to use the Service for any of the following:

Illegal activities:

• ❌ Violating Romanian, EU, or international laws
• ❌ Distributing malware, viruses, or harmful code
• ❌ Hacking, unauthorized access, or security breaches
• ❌ Money laundering, fraud, or financial crimes

Abusive messaging:

• ❌ Sending spam or unsolicited commercial messages
• ❌ Harassing, threatening, or abusive communications
• ❌ Impersonating others or creating fake accounts
• ❌ Messaging without consent (GDPR violation)

Service abuse:

• ❌ Reverse engineering, decompiling, or extracting source code
• ❌ Scraping or harvesting data from the Service
• ❌ Circumventing usage limits or rate limiting
• ❌ Creating multiple accounts to abuse free tier

Harmful content:

• ❌ Child sexual abuse material (CSAM)
• ❌ Violent extremism or terrorism promotion
• ❌ Hate speech or incitement to violence
• ❌ Illegal drug sales or trafficking

Third-party harm:

• ❌ Infringing third-party intellectual property rights
• ❌ Violating third-party privacy or publicity rights
• ❌ Defaming, libeling, or slandering others

13.2 Enforcement

If we determine you violated the Acceptable Use Policy, we may:

• ✅ Issue a warning via email
• ✅ Suspend specific features (e.g., WhatsApp messaging)
• ✅ Suspend your entire account
• ✅ Terminate your account with or without refund
• ✅ Report to authorities (illegal activities)
• ✅ Seek legal remedies (damages, injunctions)

We are NOT obligated to monitor your use of the Service, but we reserve the right to investigate violations.

---

14. Privacy and Data Protection

14.1 Privacy Policy

Our Privacy Policy explains how we collect, use, process, and protect your personal data. By using the Service, you agree to our privacy practices.

14.2 GDPR Compliance

For EU customers, we comply with the General Data Protection Regulation (GDPR) and Romanian Data Protection Law 190/2018.

Your GDPR rights:

• ✅ Right of access - Request copy of your data
• ✅ Right to rectification - Correct inaccurate data
• ✅ Right to erasure - Delete your data ("right to be forgotten")
• ✅ Right to portability - Export your data
• ✅ Right to object - Object to processing based on legitimate interest
• ✅ Right to complain - Lodge complaint with ANSPDCP (Romanian data protection authority)

Exercise rights: Email support@cmgworkflow.com with your request. Response within 30 days.

Supervisory authority:

• ANSPDCP - Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
• Address: B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, București, Romania
• Phone: +40 21 252 5599
• Email: anspdcp@dataprotection.ro

14.3 Your Data Processing Obligations

If you use the Service to process personal data of EU individuals (your customers, leads, clients):

You are the data controller:

• ✅ You determine purposes and means of processing
• ✅ You must obtain valid consent from data subjects
• ✅ You must provide privacy notices to data subjects
• ✅ You must honor data subject rights (access, deletion, etc.)
• ✅ You must comply with GDPR and data protection laws

We are the data processor:

• ✅ We process data on your behalf under your instructions
• ✅ We maintain Data Processing Addendum (automatically incorporated)
• ✅ We implement appropriate security measures (RLS, encryption, etc.)
• ✅ We assist with data subject requests when possible

Your liability: You are solely liable for GDPR violations related to data you process, including:

• ❌ Messaging without consent (GDPR Art. 6 violation)
• ❌ Failing to honor data subject deletion requests
• ❌ Processing special categories of data without legal basis (GDPR Art. 9)
• ❌ Transferring data to non-EU countries without safeguards

We are NOT liable for your GDPR violations.

---

15. Dispute Resolution and Governing Law

15.1 Governing Law

These Terms shall be governed by and construed in accordance with the laws of Romania, without regard to conflict of law principles.

Romanian law applies to:

• Contract interpretation and enforcement
• Warranty and liability provisions
• Consumer protection rights
• Data protection obligations (Romanian Law 190/2018)

EU law also applies:

• GDPR (Regulation (EU) 2016/679)
• Consumer Rights Directive (2011/83/EU)
• E-Commerce Directive (2000/31/EC)

15.2 Jurisdiction and Venue

For Romanian residents:

• Disputes shall be resolved in the courts of București, Romania
• You may also bring claims in courts of your habitual residence (if different from București)

For non-Romanian EU residents:

• You may bring claims in courts of your country of residence
• We may bring claims in courts of București, Romania or your country of residence

For non-EU residents:

• Disputes shall be resolved exclusively in the courts of București, Romania
• You irrevocably submit to the jurisdiction of Romanian courts

15.3 Mandatory Arbitration (Non-Consumer Disputes)

If you are a business (not a consumer using Service for personal purposes):

Arbitration requirement:

• Disputes shall be resolved through binding arbitration in București, Romania
• Arbitration conducted under Romanian Arbitration Rules (Law 192/2006)
• Single arbitrator appointed by mutual agreement (or by Court of Arbitration if no agreement)
• Language: Romanian or English (as mutually agreed)
• Costs: Each party bears own legal fees; arbitration costs split equally

Exceptions to arbitration:

• ✅ Small claims - Disputes under €5,000 may be brought in small claims court
• ✅ Injunctions - Either party may seek emergency injunctive relief in court
• ✅ IP infringement - Intellectual property disputes may be brought in court

No class actions:

• Arbitration conducted individually only (no class arbitration)
• You waive right to participate in class actions or class arbitrations

15.4 Consumer Dispute Resolution (Romanian Consumers)

If you are a Romanian consumer:

You are NOT bound by mandatory arbitration. You may bring disputes in Romanian courts or use alternative dispute resolution mechanisms:

Online Dispute Resolution (ODR):

• EU Online Dispute Resolution platform: https://ec.europa.eu/consumers/odr
• For consumer disputes arising from online contracts

Romanian Consumer Protection Authority:

• ANPC - Autoritatea Națională pentru Protecția Consumatorilor
• Phone: +40 21 9551 (consumer hotline)
• Website: https://anpc.ro

Amicable resolution: Before initiating legal proceedings, we encourage you to contact us at support@cmgworkflow.com to attempt amicable resolution. We aim to resolve consumer complaints within 15 business days.

15.5 Equitable Relief

Notwithstanding arbitration provisions, either party may seek equitable relief (injunctions, specific performance) in court for:

• Intellectual property infringement
• Breach of confidentiality
• Urgent threats to Service security or integrity

---

16. General Provisions

16.1 Entire Agreement

These Terms, together with our Privacy Policy and any incorporated documents, constitute the entire agreement between you and CMG FRAMEWORKS SRL regarding the Service and supersede all prior or contemporaneous agreements, proposals, or communications.

Integrated documents:

• Privacy Policy
• Data Processing Addendum (incorporated by reference for EU customers)
• Acceptable Use Policy (Section 13)

16.2 Amendments

We may amend these Terms at any time by posting revised Terms on our website.

Material changes:

• Email notification 30 days before effective date
• Continued use after effective date constitutes acceptance

Non-material changes:

• Effective upon posting
• Check "Last Updated" date regularly

Enterprise customers:

• Material changes require mutual agreement for active contracts
• Amendment notice provided via dedicated account manager

16.3 Severability

If any provision of these Terms is found invalid, illegal, or unenforceable by a court of competent jurisdiction:

• The invalid provision shall be modified to the minimum extent necessary to make it enforceable
• If modification is not possible, the invalid provision shall be severed
• Remaining provisions continue in full force and effect

16.4 Waiver

Our failure to enforce any provision of these Terms shall NOT constitute a waiver of that provision or our right to enforce it in the future.

Waivers must be in writing:

• Verbal waivers are NOT binding
• Waivers signed by authorized representative only

No course of dealing:

• Our past practices do NOT waive our rights to enforce Terms strictly in the future

16.5 Assignment

You may NOT assign these Terms or your account to any third party without our prior written consent.

We may assign these Terms and your account to:

• ✅ A subsidiary or affiliate of CMG FRAMEWORKS SRL
• ✅ A successor in interest (merger, acquisition, asset sale)
• ✅ Any party with your prior written consent

Effect of unauthorized assignment:

• Assignment by you without consent is void
• We may terminate your account immediately

16.6 Notices

Notices to you:

• Sent via email to the address on your account
• Effective when sent (or 24 hours later if sent outside business hours)

Notices to us:

• Email: contact@cmgworkflow.com
• Mail: CMG FRAMEWORKS SRL, Drumul NISIPOASA, Nr. 46-52, Lot 1/2, Bl. C, Scara C7, Etaj P, Ap. 3, București, Romania
• Effective when received

Business hours: Monday-Friday, 9:00-17:00 EET (Romanian time), excluding Romanian public holidays

16.7 Language

These Terms are drafted in English. If translated into other languages, the English version controls in the event of conflict or ambiguity.

Romanian version available:

• Romanian translation available upon request (for Romanian consumers)
• Romanian law requires certain consumer terms be available in Romanian

16.8 Third-Party Beneficiaries

These Terms do NOT create any third-party beneficiary rights, except:

• Our officers, directors, employees, agents, suppliers, and licensors are intended beneficiaries of Sections 9, 10, and 11 (Disclaimers, Limitations, Indemnification)

16.9 Export Control

The Service may be subject to export control laws of Romania, the EU, and the United States.

You represent and warrant:

• ✅ You are NOT located in a country subject to US/EU embargo (e.g., Cuba, Iran, North Korea, Syria, Russia)
• ✅ You are NOT listed on any US/EU restricted parties list
• ✅ You will NOT use the Service for prohibited end-uses (nuclear weapons, missiles, chemical/biological weapons)

We may suspend access if we determine you violate export control laws.

16.10 Force Majeure

Neither party shall be liable for delays or failures caused by events beyond reasonable control (force majeure), including:

• Natural disasters, pandemics, war, terrorism
• Government actions, telecommunications failures
• Third-party service failures (AWS, Google, Meta outages)

Effect: Performance obligations suspended during force majeure. If >30 days, either party may terminate.

16.11 Relationship of Parties

You and CMG FRAMEWORKS SRL are independent contractors. These Terms do NOT create:

• ❌ Partnership, joint venture, or agency relationship
• ❌ Employment or employer-employee relationship
• ❌ Franchise or franchisor-franchisee relationship

Neither party has authority to bind the other to contracts or commitments.

---

17. Contact Information

For any questions, concerns, or notices regarding these Terms of Service:

General Inquiries: Email: support@cmgworkflow.com Phone: +40 772 125 155 Response time: 1-3 business days

Legal/Compliance Matters: Email: contact@cmgworkflow.com Response time: 5 business days

Billing Questions: Email: support@cmgworkflow.com (subject: "Billing Inquiry") Response time: 1-2 business days

Data Protection Officer (GDPR): Email: contact@cmgworkflow.com (subject: "GDPR Request") Response time: 30 days (as required by GDPR)

Mailing Address: CMG FRAMEWORKS SRL Drumul NISIPOASA, Nr. 46-52, Lot 1/2 Bl. C, Scara C7, Etaj P, Ap. 3 București, Romania

Business Hours: Monday-Friday, 9:00-17:00 EET (Eastern European Time) Excluding Romanian public holidays

---

Last Updated: January 11, 2025 Effective Date: January 11, 2025 Version: 2.0.0

By using CMG FRAMEWORKS SRL's CRM Service, you acknowledge that you have read, understood, and agree to be bound by these Terms of Service. If you do not agree, you must immediately discontinue use of the Service.