Date: ____________________
1. DEFENCE UKRAINE OÜ, a private limited company registered in the Republic of Estonia, registry code 17265004, with its registered address at Veski tn 69, Tartu linn, Tartu maakond, 50409, Estonia (hereinafter the "Disclosing Party");
and
2. ________________________________________________________, a company registered in __________________________________________, registry/company number __________________________________________, with its registered address at ______________________________________________________________________________ (hereinafter the "Receiving Party");
each a "Party" and collectively the "Parties".
The Disclosing Party wishes to evaluate the Receiving Party as a potential provider of products and/or services (the "Purpose"). In the course of this evaluation, the Disclosing Party may disclose confidential and proprietary information to the Receiving Party. The Parties therefore agree as follows.
1.1 "Confidential Information" means all information, whether written, oral, electronic, or in any other form, disclosed by or on behalf of the Disclosing Party to the Receiving Party in connection with the Purpose, including but not limited to:
(a) business plans, strategies, financial data, pricing, and forecasts;
(b) technical information, designs, specifications, software, algorithms, know-how, ideas, concepts, methods, methodologies, processes, and inventions (whether or not patentable);
(c) customer and supplier lists, market intelligence, and operational data;
(d) the existence and terms of this Agreement and the discussions between the Parties.
1.2 "Confidential Information" does not include information that the Receiving Party can demonstrate:
(a) was already in the public domain at the time of disclosure, or subsequently enters the public domain through no fault of the Receiving Party;
(b) was already known to the Receiving Party prior to disclosure, without obligation of confidentiality;
(c) was independently developed by the Receiving Party without reference to the Confidential Information;
(d) was lawfully received from a third party without restriction on disclosure.
2.1 All information disclosed by the Disclosing Party to the Receiving Party in connection with the Purpose shall be treated as Confidential Information, regardless of whether it is marked, designated, or identified as confidential at the time of disclosure.
2.2 The Disclosing Party may, at its discretion, mark information as "Confidential" or provide written confirmation of oral disclosures, but the absence of any such marking or confirmation shall not affect the confidential nature of the information or the Receiving Party's obligations under this Agreement.
3.1 The Receiving Party shall:
(a) keep the Confidential Information strictly confidential and not disclose it to any third party without the prior written consent of the Disclosing Party;
(b) use the Confidential Information solely for the Purpose;
(c) limit access to the Confidential Information to its directors, officers, employees, advisors, and contractors who have a need to know for the Purpose and who are bound by confidentiality obligations no less restrictive than those contained herein (collectively, "Authorised Recipients");
(d) protect the Confidential Information with at least the same degree of care it uses to protect its own most sensitive confidential information, and in any event no less than a high standard of care appropriate to defence-related information.
3.2 Without limiting the generality of Clause 3.1(d), the Receiving Party shall implement and maintain appropriate technical and organisational security measures, including but not limited to:
(a) encryption of Confidential Information in transit and at rest using industry-standard protocols;
(b) access controls limiting access to Authorised Recipients on a need-to-know basis, including authentication and audit logging;
(c) secure storage of physical and electronic copies in controlled environments;
(d) prompt notification to the Disclosing Party (and in any event within forty-eight (48) hours) of any security incident that may affect the confidentiality of the Disclosing Party's information.
3.3 The Receiving Party shall not use any Confidential Information, or any data derived therefrom, for the purposes of training, developing, fine-tuning, or validating machine learning models, artificial intelligence systems, automated decision-making tools, or any form of algorithmic data processing, whether directly or through third-party services.
3.4 The Receiving Party shall be responsible for any breach of this Agreement by its Authorised Recipients.
4.1 If the Receiving Party is required by applicable law, regulation, or court order to disclose any Confidential Information, it shall, to the extent permitted by law:
(a) promptly notify the Disclosing Party in writing before such disclosure;
(b) cooperate with the Disclosing Party to seek a protective order or other appropriate remedy;
(c) disclose only that portion of the Confidential Information that is legally required.
5.1 No licence or right under any intellectual property right is granted or implied by the disclosure of Confidential Information under this Agreement. All Confidential Information remains the exclusive property of the Disclosing Party.
6.1 The Receiving Party shall not reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, structure, design, or trade secrets of any products, prototypes, samples, software, or technology provided as part of the Confidential Information, except to the extent that such restriction is expressly prohibited by applicable law.
7.1 Upon written request of the Disclosing Party, or upon termination of this Agreement, the Receiving Party shall within fourteen (14) calendar days:
(a) return or destroy all Confidential Information and any copies, summaries, or extracts thereof; and
(b) confirm in writing that it has complied with this obligation.
7.2 Notwithstanding the foregoing, the Receiving Party may retain copies of Confidential Information to the extent required by applicable law or its internal compliance policies, provided that such retained information remains subject to the confidentiality obligations of this Agreement.
8.1 This Agreement shall come into effect on the date first written above and shall remain in force for a period of two (2) years from the date of signature, unless terminated earlier by either Party upon thirty (30) days' prior written notice to the other Party.
8.2 The obligations of confidentiality under this Agreement shall survive termination for a period of five (5) years from the date of termination, provided however that with respect to any Confidential Information that constitutes a trade secret under applicable law, the obligations of confidentiality shall continue for as long as such information remains a trade secret.
9.1 The Confidential Information is provided "as is". The Disclosing Party makes no representation or warranty, express or implied, as to the accuracy, completeness, or fitness for purpose of any Confidential Information disclosed.
10.1 Nothing in this Agreement shall oblige either Party to enter into any further agreement or business relationship. Either Party may terminate discussions at any time without liability.
11.1 The Receiving Party acknowledges that any breach of this Agreement may cause serious harm to the Disclosing Party for which monetary damages may be an inadequate remedy. The Disclosing Party shall be entitled to seek preliminary legal protection and any other relief available under applicable law, without prejudice to any other rights or remedies.
11.2 Without limiting the generality of Clause 11.1, the Receiving Party agrees that in the event of a material breach of this Agreement, the Receiving Party shall be liable to pay the Disclosing Party a contractual penalty of EUR 50,000 (fifty thousand euros) per breach, which the Parties agree represents a genuine pre-estimate of the minimum loss likely to be suffered. Payment of such penalty shall not relieve the Receiving Party of its obligations under this Agreement nor limit the Disclosing Party's right to claim additional damages exceeding the penalty amount.
11.3 The Receiving Party shall indemnify and hold harmless the Disclosing Party from and against all losses, damages, costs, and expenses (including reasonable legal fees) arising out of or in connection with any breach of this Agreement by the Receiving Party or its Authorised Recipients.
11.4 In the event of a suspected breach, the Receiving Party shall, upon written request of the Disclosing Party, provide the Disclosing Party with reasonable access to relevant records to verify compliance with this Agreement, subject to reasonable notice and during normal business hours.
12.1 The Receiving Party acknowledges that Confidential Information disclosed under this Agreement may include information relating to defence, national security, dual-use technologies, or military applications. The Receiving Party shall handle such information with the heightened degree of care appropriate to its sensitive nature.
12.2 The Receiving Party acknowledges that unauthorised disclosure of defence-related information may constitute a criminal offence under applicable laws, including but not limited to the laws of the Republic of Estonia, the European Union, and any other relevant jurisdiction. The Receiving Party accepts full responsibility for ensuring that it and its Authorised Recipients comply with all applicable laws governing the handling, storage, and transmission of such information. For the avoidance of doubt, this Agreement does not grant access to formally classified information as defined under national security legislation; any such access shall require separate arrangements and appropriate security clearances.
12.3 The Receiving Party shall comply with all applicable export control and dual-use regulations, including Regulation (EU) 2021/821, and shall not export, re-export, or otherwise transfer any Confidential Information without prior written consent of the Disclosing Party where required by applicable law.
12.4 Nothing in this Agreement shall be construed as authorising the Receiving Party to share Confidential Information with any person, entity, or government subject to sanctions imposed by the European Union, the United States, or the United Nations. The Receiving Party warrants that it shall not, directly or indirectly, transfer or make available any Confidential Information to any sanctioned party or restricted jurisdiction.
13.1 For the purposes of this clause, "Key Personnel" means any director, officer, employee, or individual contractor of the Disclosing Party who had access to or was involved in the discussions, activities, or exchange of Confidential Information under this Agreement.
13.2 During the term of this Agreement and for a period of nine (9) months following its termination, the Receiving Party shall not, without the prior written consent of the Disclosing Party, directly or indirectly solicit, recruit, or hire any Key Personnel of the Disclosing Party.
13.3 This restriction shall not apply to general recruitment advertising not specifically targeted at the Disclosing Party's personnel, nor to any person who independently approaches the Receiving Party without solicitation.
14.1 To the extent that any Confidential Information includes personal data as defined under Regulation (EU) 2016/679 (the "GDPR"), the Receiving Party shall process such personal data in compliance with the GDPR and all applicable data protection laws.
14.2 The Receiving Party shall not transfer personal data received under this Agreement to any third country outside the European Economic Area unless adequate safeguards are in place in accordance with the GDPR.
14.3 In the event that the Receiving Party becomes aware of a personal data breach involving Confidential Information received from the Disclosing Party, it shall notify the Disclosing Party without undue delay and in any event within seventy-two (72) hours of becoming aware of the breach.
15.1 Governing Law. This Agreement shall be governed by and construed in accordance with the laws of the Republic of Estonia.
15.2 Dispute Resolution. Any dispute arising out of or in connection with this Agreement shall be resolved by the courts of the Republic of Estonia, with Tartu County Court as the court of first instance.
15.3 Entire Agreement. This Agreement constitutes the entire agreement between the Parties with respect to its subject matter and supersedes all prior discussions, negotiations, and agreements.
15.4 Amendments. No amendment to this Agreement shall be effective unless made in writing and signed by both Parties.
15.5 Assignment. The Receiving Party may not assign its rights or obligations under this Agreement without the prior written consent of the Disclosing Party.
15.6 Severability. If any provision of this Agreement is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.
15.7 Waiver. A failure or delay in exercising any right under this Agreement shall not constitute a waiver of that right.
15.8 Notices. All notices under this Agreement shall be in writing and delivered by email with confirmation of receipt, or by registered post, to the addresses set out above or as otherwise notified by a Party in writing.
DEFENCE UKRAINE OÜ
Name: Ivan Starodub
Title: Member of the Management Board
Signature: ________________________________________________
Date: _____________________________________________________
RECEIVING PARTY: ________________________________________
Name: ____________________________________________________
Title: _____________________________________________________
Signature: ________________________________________________
Date: _____________________________________________________