SMUGG.ME INC.

TERMS OF USE & PRIVACY POLICY

Effective Date: February 24, 2026

PART I — TERMS OF USE

1. ACCEPTANCE OF TERMS

These Terms govern access to and use of the Smugg.me Inc. platform, website, applications, and related services (“Services”).

By creating an account or using the Services, you agree to be legally bound by this Agreement.

If you do not agree, do not use the Services.

2. ELIGIBILITY

You must:

  • Be at least 18 years old

  • Have legal capacity to contract

  • Comply with all applicable laws

We may request age or identity verification.

3. USER ACCOUNTS

You are responsible for:

  • Maintaining account confidentiality

  • All activity under your account

  • Providing accurate information

Accounts may be suspended or terminated for violations.

4. ACCEPTABLE USE

You agree not to:

  • Violate Canadian law

  • Infringe intellectual property

  • Engage in harassment, hate, fraud, or abuse

  • Send unsolicited commercial messages contrary to CASL

  • Circumvent payment systems

  • Collect personal data without consent

Illegal content, including child exploitation material, is strictly prohibited and reported to authorities.

5. PAID FEATURES

Paid services may include:

  • Memberships

  • Direct messaging

  • Locked content

  • Other premium features

Unless required by law:

  • Payments are non-refundable

  • Prices may change prospectively

  • Access may be revoked for violations

6. ELECTRONIC COMMUNICATIONS

You consent to receive:

  • Transactional communications

  • Platform notices

  • Creator messages

  • Promotional communications (with express consent)

You may withdraw promotional consent at any time.

7. LIMITATION OF LIABILITY

To the maximum extent permitted by law, Smugg.me Inc. is not liable for:

  • Indirect or consequential damages

  • Creator conduct

  • Platform interruptions

  • Unauthorized access beyond reasonable safeguards

Nothing limits liability where prohibited by Canadian law.

8. GOVERNING LAW

This Agreement is governed by:

  • The laws of Canada

  • The laws of Ontario

Québec residents benefit from mandatory protections under Québec law, including consumer and civil law provisions.

PART II — PRIVACY POLICY

9. SCOPE & LEGAL BASIS

This Privacy Policy complies with:

  • The Personal Information Protection and Electronic Documents Act (PIPEDA)

  • Applicable provincial laws

  • Québec Law 25

  • Canada’s Anti-Spam Legislation

We collect personal information only for identified and legitimate purposes.

10. INFORMATION WE COLLECT

We may collect:

Information You Provide

  • Name

  • Email

  • Phone number

  • Payment details

  • Account profile information

  • Communications

Automatically Collected

  • IP address

  • Device identifiers

  • Usage data

  • Cookies

Verification Information

Where legally required, identity verification information.

11. PURPOSES OF COLLECTION

We collect personal information to:

  • Operate and improve Services

  • Process payments

  • Prevent fraud

  • Enforce Terms

  • Comply with law

  • Communicate with users

We do not sell personal information.

12. CONSENT

Consent may be:

  • Express (e.g., checkboxes)

  • Implied (where permitted by law)

You may withdraw consent at any time, subject to legal or contractual restrictions.

Withdrawal may limit platform functionality.

13. CASL COMPLIANCE

Commercial electronic messages:

  • Are sent only with required consent

  • Clearly identify Smugg.me Inc.

  • Include an unsubscribe mechanism

Transactional messages do not require unsubscribe functionality.

14. DATA STORAGE & CROSS-BORDER TRANSFERS

Data may be processed in Canada or other jurisdictions.

Where data is transferred outside Canada, we implement contractual safeguards and security controls appropriate to the sensitivity of the information.

15. DATA RETENTION

We retain personal information only as long as necessary to:

  • Fulfill identified purposes

  • Meet legal requirements

  • Resolve disputes

  • Enforce agreements

When no longer required, information is securely deleted or anonymized.

16. ACCOUNTABILITY & GOVERNANCE

Smugg.me Inc. maintains structured internal governance practices to ensure ongoing privacy compliance, including:

  • Documented data handling policies

  • Internal access controls based on role necessity

  • Periodic review of safeguards

  • Contractual data protection obligations for service providers

  • Logging and monitoring of access to sensitive systems

  • Risk assessment procedures for new technologies or features

  • Vendor due diligence and security review processes

Personal information handling practices are reviewed and updated as required to comply with evolving legal standards, including Québec Law 25 modernization requirements.

17. LAW 25 — ENHANCED COMPLIANCE SAFEGUARDS

To mitigate administrative penalties and ensure compliance:

  • Privacy impact assessments are conducted for projects involving sensitive personal information or cross-border transfers.

  • Access to personal information is limited to authorized personnel.

  • Sensitive information is protected using encryption and secure storage mechanisms.

  • Contractual agreements with processors include confidentiality and safeguard obligations.

  • Data minimization principles are applied.

  • Default privacy settings are designed to provide high levels of protection.

These measures are intended to demonstrate accountability and due diligence in accordance with Québec’s private sector privacy law.

18. BREACH RESPONSE & NOTIFICATION

In the event of a confidentiality incident involving personal information:

  1. We will assess whether there is a real risk of significant harm.

  2. Where required by law, we will notify affected individuals without undue delay.

  3. We will notify applicable regulatory authorities in accordance with statutory obligations.

  4. We will maintain records of all confidentiality incidents as required by law.

  5. We will implement corrective measures to reduce the likelihood of recurrence.

Notification will include, where applicable:

  • Description of the incident

  • Nature of affected information

  • Steps taken to mitigate harm

  • Recommended protective actions

This framework is designed to align with Canadian federal and Québec breach reporting standards.

19. YOUR RIGHTS

Under PIPEDA and Québec law, you may:

  • Request access to personal information

  • Request correction

  • Request deletion where permitted

  • Withdraw consent

  • File a complaint with applicable regulators

Requests may be submitted to:

support@smugg.me
Subject Line: Privacy Request

We will respond within legally required timelines.

20. COOKIES

We use cookies and similar technologies to:

  • Maintain session integrity

  • Improve functionality

  • Detect fraud

  • Analyze usage

You may disable cookies through browser settings.

21. CHILDREN

Services are not directed to individuals under 18. We do not knowingly collect data from minors.

22. CHANGES TO THIS AGREEMENT

We may update this Agreement periodically.

Material changes will be communicated via:

  • Email

  • Platform notice

  • Updated effective date

Continued use constitutes acceptance.

CONTACT INFORMATION

For all legal, privacy, or support inquiries:

support@smugg.me