Mumin Hadith API - Dashboard

PREAMBLE AND SCOPE OF AGREEMENT

This Terms of Service Agreement (hereinafter referred to as the "Agreement", "Terms", "ToS", or "Contract") constitutes a legally binding contract between Mumin Hadith API, a digital service platform operated under the laws of the Republic of Uzbekistan (hereinafter referred to as "Provider", "we", "us", "our", "Company", "Service Provider", or "Licensor"), and any individual, legal entity, corporation, partnership, limited liability company, or other organizational form (hereinafter referred to as "User", "you", "your", "Licensee", "Client", or "Subscriber") who accesses, uses, or interacts with the Mumin Hadith Application Programming Interface and associated services (hereinafter collectively referred to as the "Service", "API", "Platform", or "System").

This Agreement governs all aspects of the relationship between Provider and User, including but not limited to: service access and usage rights; intellectual property licensing; payment obligations and financial transactions; service availability and technical support; data collection, processing, and privacy; termination procedures and post-termination obligations; limitation of liability and indemnification; dispute resolution mechanisms; and all other matters relating to or arising from User's access to or use of the Service.

ARTICLE 1: DEFINITIONS AND INTERPRETATION

1.1 Defined Terms

For purposes of this Agreement, the following terms shall have the meanings ascribed to them below. These definitions shall apply throughout this Agreement unless the context clearly requires otherwise:

"Account" means the unique user profile, credential set, and associated data storage allocation created upon User's registration with the Service, including but not limited to: username or email identifier, encrypted authentication credentials, API key storage, credit balance ledger, transaction history, usage logs, configuration settings, and all metadata associated with User's identity and service utilization.

"Agreement Effective Date" means the date and time (recorded in Coordinated Universal Time - UTC) at which User completes the acceptance mechanism described in Article 2.2, thereby forming a binding contract between User and Provider. This timestamp serves as the commencement point for all contractual obligations, warranty periods, and limitation periods specified herein.

"API Key" or "Authentication Token" means a unique, cryptographically generated alphanumeric string issued by Provider to User upon successful account creation and initial credit purchase, which serves as User's exclusive credential for authenticating requests to the Service. API Keys are non-transferable, non-sharable, and remain the confidential property of User subject to the security obligations specified in Article 4.

"Arbitration" or "Arbitral Proceedings" means the binding alternative dispute resolution mechanism specified in Article 16 of this Agreement, conducted in accordance with the UNCITRAL Arbitration Rules (2013 version, as may be amended), wherein disputes are resolved by one or more neutral arbitrators rather than through litigation in courts of law.

"Chargeback" means any dispute, reversal, refund claim, or payment contestation initiated by User (or by User's financial institution on User's behalf) with User's payment card issuer, payment processor, financial institution, or payment gateway, seeking to reverse a completed transaction for Services already rendered. For purposes of this Agreement, chargebacks are distinguished from legitimate fraud claims involving unauthorized account access by third parties.

"Content" or "Data" means all hadith texts, translations, commentary, metadata, chain of narration (isnad), authenticity classifications, book and chapter organization, search indices, and any other information, materials, or intellectual property accessible through the Service, whether in text, JSON, XML, or any other format.

"Credits" or "API Credits" means the prepaid unit of value purchased by User and stored in User's Account, where one (1) Credit entitles User to make one (1) authenticated API request to any Service endpoint. Credits represent a license to use the Service and do not constitute currency, stored value, or any form of negotiable instrument.

"Device Fingerprint" or "Digital Fingerprint" means the unique identifier generated by Provider's systems through collection and algorithmic processing of User's device characteristics, including but not limited to: IP address, user agent string, browser type and version, operating system, screen resolution, timezone, language preferences, installed fonts, canvas fingerprinting data, WebGL renderer information, and other technical attributes that collectively create a probabilistic identifier for User's device.

"Dispute" means any controversy, claim, disagreement, or conflict arising out of or relating to this Agreement, its formation, interpretation, performance, breach, termination, or validity, or any aspect of the relationship between User and Provider, including but not limited to: contractual claims, tort claims, statutory claims, equitable claims, and claims based on common law principles.

"Documentation" means all technical documentation, API reference guides, integration tutorials, code examples, best practices, usage guidelines, and other instructional materials provided by Provider through the Service website, developer portal, or other official channels.

"Dormant Account" means an Account that has met the criteria specified in Article 6.1 for prolonged inactivity without any qualifying activity to reset the inactivity timer, thereby subjecting the Account to the maintenance fees or closure procedures described in Article 6.

"Effective Date" - see "Agreement Effective Date"

"Force Majeure Event" means any event, circumstance, or cause beyond Provider's reasonable control that prevents, hinders, or delays Provider's performance of its obligations under this Agreement, including but not limited to: acts of God; natural disasters (earthquakes, floods, hurricanes, tornadoes, tsunamis); fire; explosion; war, invasion, hostilities, terrorist acts; civil unrest, riots, rebellion, revolution; government action, embargo, sanctions; epidemic, pandemic, quarantine; labor disputes, strikes; failure of telecommunications infrastructure; failure of third-party hosting or cloud services; cyberattacks, distributed denial of service attacks; power failures or grid instability; and any other similar events of the nature described above.

"Fraudulent Activity" means any conduct by User that Provider reasonably determines to constitute: (a) initiating chargebacks for services properly rendered; (b) creating multiple accounts to circumvent usage limits or evade bans; (c) providing false information during registration; (d) sharing or reselling API Keys without authorization; (e) systematic data extraction in violation of Article 7.2(a); (f) exploiting system vulnerabilities for unauthorized benefit; (g) using stolen payment methods; or (h) any other deceptive practice intended to obtain unauthorized benefits or cause harm to Provider or other Users.

"GDPR" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation), as may be amended or superseded.

"Inactive Account" means an Account that has not experienced any Qualifying Activity (as defined in Article 6.1(b)) within the preceding three hundred sixty-five (365) consecutive calendar days.

"Intellectual Property Rights" means all intellectual property rights of any kind, whether registered or unregistered, including but not limited to: copyrights, trademarks, service marks, trade names, patents, trade secrets, database rights, sui generis database rights, moral rights, and all applications for and renewals or extensions of such rights, anywhere in the world.

"Liabilities" means all claims, demands, losses, damages, judgments, settlements, costs, expenses (including reasonable attorneys' fees and court costs), penalties, fines, and other monetary obligations of any kind.

"Payment Method" means any financial instrument, cryptocurrency wallet, payment service, or transaction mechanism accepted by Provider for purchase of Credits, including but not limited to: credit cards, debit cards, cryptocurrency transfers (USDT TRC-20, USDC, Bitcoin), payment gateway services (Stripe, PayPal), wire transfers, or other methods as Provider may designate from time to time.

"Personal Data" or "Personal Information" means any information relating to an identified or identifiable natural person, including but not limited to: name, email address, IP address, device identifiers, location data, transaction history, and usage patterns. The scope of Personal Data is interpreted consistently with applicable data protection laws including GDPR and Uzbekistan Law on Personal Data.

"Prohibited Uses" means the activities and behaviors specifically prohibited under Article 7.2 of this Agreement.

"Rate Limit" or "Usage Limit" means the maximum number of API requests permitted within a specified time period, as determined by Provider and communicated through the Documentation or User dashboard. Rate Limits may be calculated on various bases including: per API Key, per IP address, per time interval (second, minute, hour, day), or per Account age tier.

"Service" means the Mumin Hadith Application Programming Interface, including all endpoints, functions, features, Documentation, dashboards, support systems, and all related services provided by Provider through the domain api.muminhadith.com or any successor domains, whether accessed via HTTP/HTTPS protocol, SDKs, client libraries, or any other technical means.

"Terms" - see "Agreement"

"Transaction Record" means the comprehensive log of each payment transaction maintained by Provider, including: transaction unique identifier, timestamp (UTC), amount paid, currency, Credits purchased, Payment Method used, payment processor transaction ID, User's IP address at time of transaction, device fingerprint, Terms version accepted, and any other metadata relevant to establishing proof of service delivery.

"User" or "you" includes, where context permits, User's employees, contractors, agents, representatives, successors, and assigns.

"Writing" or "Written" includes email communication, in-app notifications, dashboard messages, and any other durable medium of communication that creates a retrievable record.

1.2 Interpretation Rules

In the interpretation and construction of this Agreement, unless the context clearly requires otherwise:

(a) Headings and Captions: Article and section headings, captions, and the table of contents are inserted for convenience and reference only and shall not affect the interpretation or construction of this Agreement.

(b) Singular and Plural: Words denoting the singular include the plural and vice versa. Words denoting natural persons include legal entities (corporations, partnerships, trusts, etc.) and vice versa.

(c) Gender Neutrality: References to any gender include all genders, and words importing gender shall be construed as gender-neutral.

(d) "Including" is Non-Exhaustive: The words "include", "includes", "including", "such as", and similar terms shall be deemed to be followed by the phrase "without limitation" and shall not be construed to limit any general statement preceding them.

(e) Statute References: References to any statute, regulation, or legal provision include all amendments, modifications, re-enactments, consolidations, and replacements thereof, and any subordinate legislation made under such statute or regulation.

(f) Conflict Resolution: In the event of conflict between different provisions of this Agreement, the more specific provision shall prevail over the more general provision. In the event of irreconcilable conflict, the provision that most protects Provider's interests shall prevail, subject to mandatory law.

(g) Currency: All monetary amounts are denominated in United States Dollars (USD) unless explicitly stated otherwise.

(h) Time Periods: References to "days" mean calendar days unless specified as "business days". Time periods calculated from a certain date exclude the starting date and include the ending date. When a time period expires on a weekend or public holiday in the Republic of Uzbekistan, it extends to the next business day.

(i) References to Articles and Sections: References to "Articles", "Sections", or numbered provisions refer to provisions within this Agreement unless otherwise specified.

(j) Binding Nature: The terms "shall", "will", and "must" denote mandatory obligations. The terms "may" and "can" denote permissive rights or optional actions.

ARTICLE 2: AGREEMENT FORMATION AND ACCEPTANCE

2.1 Offer and Acceptance

This Agreement constitutes Provider's offer to license access to the Service to User under the terms and conditions specified herein. User's acceptance of this offer, and the resulting formation of a binding contract, occurs through the acceptance mechanism described in Section 2.2 below.

Provider reserves the unilateral right to refuse service to any prospective User, to reject any account registration application, or to decline to enter into this Agreement with any party, for any reason or no reason, with or without explanation, in Provider's sole and absolute discretion. No binding contract is formed until Provider affirmatively accepts User's acceptance through the mechanisms described herein, typically by issuing API credentials and granting access to the Service.

2.2 Mechanism of Acceptance

User manifests acceptance of this Agreement, thereby forming a binding contract with Provider, through any one or more of the following actions:

(a) Explicit Acceptance During Registration: By completing the account registration process on the Service website or application, including checking the checkbox or clicking the button labeled "I Accept the Terms of Service" (or substantially similar language), User explicitly manifests assent to be bound by this Agreement in its entirety.

(b) Payment Submission: By submitting payment for Credits or completing any financial transaction with Provider, User acknowledges that such payment constitutes acceptance of this Agreement and represents User's intent to be contractually bound to its terms, irrespective of whether User has separately clicked an acceptance button.

(c) Service Usage: By accessing any API endpoint, making any API request, using any API Key, or otherwise utilizing the Service in any manner, User manifests acceptance of this Agreement through conduct. Continued use after any modification of Terms (as provided in Article 19) constitutes acceptance of the modified Terms.

(d) Account Activity: By logging into the User dashboard, modifying Account settings, viewing documentation, or engaging in any other Account-related activity, User reaffirms acceptance of this Agreement.

2.3 Electronic Acceptance and Digital Signature Equivalence

User acknowledges and agrees that:

(a) This Agreement is an electronic contract formed through electronic means, and User's electronic acceptance (as described in Section 2.2) constitutes a legally binding signature equivalent to a handwritten signature under applicable electronic commerce laws, including but not limited to the UNCITRAL Model Law on Electronic Commerce and Uzbekistan Law on Electronic Digital Signature.

(b) User expressly waives any rights or requirements under any statute, regulation, rule, ordinance, or other law requiring an original (non-electronic) signature or requiring delivery or retention of non-electronic records.

(c) User consents to the electronic formation, delivery, storage, and retention of this Agreement and agrees that this electronic format shall constitute the definitive and authoritative version of this Agreement.

2.4 Recorded Acceptance Metadata

At the moment of acceptance (as defined in Section 2.2), Provider's systems automatically collect and permanently record the following Acceptance Metadata:

(a) Temporal Data: Precise timestamp of acceptance event (recorded in UTC to millisecond precision), including date, hour, minute, and second;

(b) Network Data: User's public IP address (IPv4 or IPv6), autonomous system number (ASN), Internet service provider information, and estimated geographic location (country, region, city) derived from IP geolocation databases;

(c) Device Data: Complete device fingerprint as defined in Article 1.1, including user agent string, browser type and version, operating system and version, screen resolution and color depth, timezone offset, installed plugins, WebGL renderer, canvas fingerprint hash, and audio context fingerprint;

(d) Document Version: The specific version number of this Agreement that User accepted (e.g., "Version 3.0"), including the Last Modified date displayed at the time of acceptance;

(e) Acceptance Method: The specific mechanism through which acceptance occurred (e.g., "registration checkbox", "payment submission", "first API call"), including details such as button clicked, form submitted, or endpoint accessed;

(f) Account Identifiers: User's email address, assigned Account ID, and any other identifiers associated with User's Account at time of acceptance.

This Acceptance Metadata serves multiple critical functions:

(i) It constitutes evidence that User knowingly and voluntarily entered into this Agreement, thereby negating any subsequent claim of non-acceptance, lack of awareness, or absence of intent to be bound;

(ii) It establishes the specific version of Terms that govern User's Account, which is essential in cases where Terms have been modified over time;

(iii) It facilitates fraud detection and prevention by enabling Provider to detect patterns of abuse such as mass account creation from the same device or network;

(iv) It provides evidentiary material for dispute resolution, payment disputes, chargeback contestation, and potential legal proceedings.

Provider shall retain Acceptance Metadata for the duration of User's Account lifecycle plus a minimum of seven (7) years thereafter for legal, regulatory, and evidentiary purposes, notwithstanding any Account deletion or data minimization requests, except where prohibited by mandatory law.

2.5 Legal Capacity and Authority

By accepting this Agreement, User represents, warrants, and covenants that:

(a) Age Requirement: User is at least thirteen (13) years of age if located outside the European Union, or at least sixteen (16) years of age if located within the European Union, or has reached the age of majority in User's jurisdiction, whichever is greater. Users below the age of majority in their jurisdiction represent that they have obtained verifiable parental or legal guardian consent to enter into this Agreement.

(b) Legal Capacity: User possesses the full legal capacity and authority to enter into contracts under the laws applicable to User. User is not subject to any legal disability, restriction, or incapacity that would prevent User from being bound by this Agreement.

(c) Entity Authority: If User is accepting this Agreement on behalf of a legal entity (corporation, partnership, LLC, etc.), User represents that User is duly authorized by such entity to bind the entity to this Agreement, and that the entity is validly existing and in good standing under the laws of its jurisdiction of incorporation or organization.

(d) No Conflicts: User's entry into and performance of this Agreement does not violate any other agreement to which User is a party, any court order or judgment, any applicable law or regulation, or any fiduciary or other duty owed to any third party.

(e) Sanctions Compliance: User is not, and is not acting on behalf of, any person or entity that is: (i) subject to economic sanctions imposed by the United States, European Union, United Nations, or Republic of Uzbekistan; (ii) located in, resident of, or organized under the laws of any jurisdiction subject to comprehensive economic sanctions; or (iii) listed on any sanctions-related list of designated persons maintained by sanctioning authorities.

Provider may, in its sole discretion, require User to provide documentary evidence of any representation made in this Section 2.5, including but not limited to: government-issued identification, proof of parental consent, corporate formation documents, authorizing resolutions, or sanctions compliance certificates. Failure to provide requested documentation within fifteen (15) days of request shall constitute grounds for immediate Account suspension or termination.

2.6 Modification of Acceptance

Once accepted, this Agreement may only be modified in accordance with Article 19 (Modifications to Terms) or through a separately executed written amendment signed by both User and an authorized representative of Provider. No course of dealing, course of performance, usage of trade, or oral representation shall modify this Agreement.

ARTICLE 3: GRANT OF LICENSE AND SCOPE OF USE

3.1 License Grant

Subject to User's full compliance with all terms, conditions, and obligations set forth in this Agreement, including but not limited to payment obligations and usage restrictions, Provider hereby grants to User a limited, non-exclusive, non-transferable, non-sublicensable, revocable license to access and use the Service during the Term (as defined in Article 18.1) for User's lawful business, personal, educational, or research purposes, strictly in accordance with this Agreement and the Documentation.

This license is conditional upon:

(a) User maintaining a positive Credit balance in User's Account sufficient to pay for requested API calls;

(b) User's continued compliance with all provisions of this Agreement, including payment obligations, usage restrictions, and prohibited uses;

(d) User not being in material breach of any provision of this Agreement;

(e) User's Account remaining in good standing and not being subject to suspension, termination, or restriction.

Any use of the Service beyond the scope of this license grant, or any use following revocation or expiration of the license, constitutes unauthorized access and infringement of Provider's rights, potentially subjecting User to civil liability and, where applicable, criminal penalties.

3.2 License Restrictions and Reservations of Rights

The license granted in Section 3.1 is subject to the following express limitations and restrictions:

(a) Non-Transferability: User may not assign, transfer, sublicense, rent, lease, lend, sell, redistribute, or otherwise convey any rights under this license to any third party without Provider's prior written consent. Any purported transfer in violation of this restriction shall be void ab initio.

(b) Non-Exclusivity: This license is non-exclusive. Provider retains the right to grant similar licenses to any number of other users and to use, exploit, modify, and license the Service and Content in any manner Provider deems appropriate.

(c) Revocability: Provider may revoke this license at any time, with or without cause, with or without notice, in accordance with the termination provisions of Article 18. Revocation may occur automatically upon Material Breach (as defined in Article 18.2).

(d) Residual Rights: All rights not expressly granted to User in this Agreement are reserved by Provider. User acquires no ownership interest in the Service, the Content, the underlying software, databases, or any Intellectual Property Rights therein. User's rights are strictly limited to the license granted herein.

(e) No Modification of Service: User shall not modify, alter, reverse engineer, decompile, disassemble, or create derivative works based on the Service, except to the extent such restriction is prohibited by applicable mandatory law.

(f) No Circumvention: User shall not bypass, disable, circumvent, or interfere with any security, access control, digital rights management, authentication, or usage measurement mechanisms implemented in or associated with the Service.

3.3 Intellectual Property Ownership

User acknowledges and agrees that:

(a) Provider's Ownership: Provider (or its licensors, as applicable) owns and retains all right, title, and interest in and to the Service, including without limitation: (i) all software, code, algorithms, and protocols; (ii) all databases, data compilations, and data structures; (iii) all Content, including hadith texts, translations, and metadata; (iv) all trademarks, trade names, logos, and branding; (v) all Documentation and technical materials; (vi) all Intellectual Property Rights in any of the foregoing; and (vii) all modifications, enhancements, derivative works, and improvements to any of the foregoing.

(b) No Transfer of Ownership: Nothing in this Agreement conveys to User any ownership interest in the Service or Content. User's rights are limited strictly to the license granted in Section 3.1. This Agreement is a license agreement, not a sale or transfer of property.

(c) Feedback and Suggestions: If User provides Provider with any feedback, suggestions, ideas, enhancement requests, bug reports, or other input regarding the Service ("Feedback"), User hereby assigns to Provider all right, title, and interest in such Feedback, and Provider shall be free to use, implement, disclose, and exploit such Feedback in any manner without any obligation of confidentiality, attribution, or compensation to User.

(d) User Content: To the extent User transmits, uploads, or submits any content, data, or materials to the Service (excluding API requests for retrieving Content, which do not constitute User uploads), User retains ownership of such User-submitted content but grants Provider a worldwide, non-exclusive, royalty-free, sublicensable, transferable license to use, reproduce, process, and store such content solely as necessary to provide the Service.

3.4 Third-Party Content and Materials

The Service may contain or display Content that originates from third-party sources, including:

(a) Hadith texts compiled by classical Islamic scholars and transmitted through chains of narration spanning centuries;

(b) English translations of hadith texts produced by recognized translators such as Dr. Muhammad Muhsin Khan, Abdul Hamid Siddiqui, Imam Nawawi, and others;

(c) Commentary, authentication rulings, and scholarly apparatus from various Islamic scholars and hadith authentication experts;

(d) Metadata derived from various hadith collection editions and databases.

Provider makes no representation or warranty regarding the accuracy, authenticity, completeness, reliability, or suitability of any third-party Content. User acknowledges that Provider is not the author or originator of hadith texts, which are historical religious texts predating Provider's existence by many centuries. Provider's role is limited to aggregating, organizing, digitizing, and providing API access to such historical materials.

All third-party Content is provided "as-is" and User assumes all risks associated with reliance upon such Content. See Article 12 for full disclaimer of warranties.

ARTICLE 4: ACCOUNT REGISTRATION, SECURITY, AND RESPONSIBILITIES

4.1 Account Registration Requirements

To use the Service, User must create an Account by providing the following Mandatory Registration Information:

(a) A valid and currently operational email address that User actively monitors and to which User has exclusive access;

(b) A secure password meeting Provider's minimum security requirements (minimum 8 characters, including uppercase, lowercase, and numeric characters);

(c) Acceptance of this Agreement (version 3.0) and the Privacy Policy (current version) through the mechanism described in Article 2.2;

(d) Any additional information reasonably requested by Provider for identity verification, fraud prevention, or regulatory compliance purposes.

User represents and warrants that all Registration Information provided is true, accurate, current, and complete at the time of submission. User covenants to promptly update Registration Information to maintain its accuracy and completeness throughout the duration of User's Account.

4.2 Account Security Obligations

User acknowledges that the security of User's Account is dependent upon User's implementation of appropriate security measures. Accordingly, User agrees to:

(a) Password Security: (i) Maintain the confidentiality of User's password; (ii) not disclose the password to any third party; (iii) not use the password for any other online service or account; (iv) change the password immediately upon any suspicion of unauthorized disclosure or compromise; and (v) not use easily guessable passwords such as dictionary words, personal information, or sequential characters.

(b) API Key Security: (i) Treat API Keys with the same level of security as passwords; (ii) never embed API Keys directly in client-side code (HTML, JavaScript, mobile apps) that could be viewed or extracted by end users; (iii) never commit API Keys to public version control repositories (GitHub, GitLab, etc.); (iv) store API Keys in secure environment variables or encrypted configuration files; (v) implement API Key rotation procedures; (vi) never share API Keys with any third party unless authorized in writing by Provider; and (vii) immediately regenerate API Keys if compromise is suspected.

(c) Access Control: (i) Not share Account credentials with employees, contractors, or other personnel unless specifically authorized by a multi-user plan (if available); (ii) implement appropriate access control measures to prevent unauthorized access to systems containing API Keys; and (iii) conduct regular security audits of systems accessing the Service.

(d) Monitoring and Notification: (i) Monitor Account activity regularly through the User dashboard; (ii) promptly investigate any suspicious activity or unusual usage patterns; and (iii) immediately notify Provider of any actual or suspected unauthorized access, security breach, API Key compromise, or other security incident by emailing security@mumin.ink with "SECURITY INCIDENT" in the subject line.

4.3 Account Responsibility and Liability

User is fully responsible and liable for all activities conducted through User's Account, API Keys, or authentication credentials, regardless of whether such activities were authorized by User.

(a) Authorized Use: All use of the Service by User, User's employees, contractors, agents, or other authorized personnel;

(b) Unauthorized Use: All use of the Service by unauthorized third parties who gain access to User's Account or API Keys through User's failure to implement adequate security measures, through User's negligent disclosure of credentials, or through any other means not constituting a direct security breach of Provider's systems;

(c) Financial Liability: All charges, fees, or Credits consumed through User's Account, including charges resulting from unauthorized use, up until the moment User notifies Provider of the security compromise and Provider implements remedial measures;

(d) Third-Party Claims: Any claims, demands, or Liabilities asserted by third parties arising from use of User's Account, whether by User or by unauthorized parties who gained access through User's security failures.

User's liability under this Section 4.3 is absolute and strict, requiring no proof of fault, negligence, or intentional misconduct by User. The only exception is unauthorized use that results solely and directly from a demonstrable security breach of Provider's systems, where User has fully complied with all security obligations herein.

4.4 Identity Verification and Know-Your-Customer (KYC)

Provider reserves the right, at any time and in its sole discretion, to require User to undergo identity verification procedures, which may include:

(a) Submission of government-issued photographic identification (passport, driver's license, national ID card);

(b) Submission of proof of address (utility bill, bank statement, government correspondence dated within 90 days);

(d) Completion of third-party identity verification services (Jumio, Onfido, etc.);

(e) Provision of additional documentation establishing User's legitimate business purpose for using the Service;

(f) Completion of anti-money laundering (AML) and sanctions screening procedures;

(g) Provision of corporate formation documents, tax identification numbers, or beneficial ownership information if User is a legal entity.

Identity verification may be required:

(i) Upon initial registration if User's registration triggers fraud detection algorithms;

(ii) Upon User's purchase of Credits exceeding certain monetary thresholds;

(iii) If User's usage patterns raise suspicions of Prohibited Uses or Fraudulent Activity;

(iv) To comply with applicable laws, regulations, court orders, or law enforcement requests;

(v) Following a security incident or suspected Account compromise;

(vi) At random intervals as part of ongoing compliance procedures.

If User fails to complete requested identity verification within fifteen (15) calendar days of request, or if verification reveals that User provided false information during registration, Provider may immediately suspend or terminate User's Account and forfeit all remaining Credits without refund or other compensation.

All information submitted during identity verification is subject to Provider's Privacy Policy and shall be processed in accordance with Article 17 of this Agreement.

4.5 Prohibited Account Activities

User shall not, and shall not permit any third party to:

(a) Create multiple Accounts for the same individual or entity without Provider's express written consent, except where Provider explicitly offers multi-account functionality;

(b) Create Accounts using false, misleading, or fraudulent information;

(c) Create Accounts using temporary or disposable email services, unless such services are used legitimately for privacy purposes and User responds promptly to verification requests;

(d) Purchase an Account from, or sell User's Account to, any third party;

(e) Use another User's Account without authorization;

(f) Create Accounts for the purpose of circumventing usage limits, evading suspensions or bans, or engaging in any form of ban evasion;

(g) Use automated account creation tools, bots, or scripts to create Accounts in bulk;

(h) Impersonate any person or entity, or falsely state or misrepresent an affiliation with any person or entity;

(i) Use an Account to engage in any activity prohibited under Article 7.2.

Violation of this Section 4.5 constitutes Material Breach and grounds for immediate Account termination without refund, in addition to potential civil and criminal liability.

ARTICLE 5: PAYMENT TERMS, BILLING, AND FINANCIAL OBLIGATIONS

5.1 Service Fee Structure and Pricing Model

The Service operates exclusively on a prepaid, pay-as-you-go basis. There are no subscriptions, no automatic renewals, no recurring charges, and no post-paid billing arrangements. User purchases Credits in advance, and each API request deducts one (1) Credit from User's Account balance at the time the request is processed.

As of the Effective Date of this Agreement, the Standard Pricing Rate is One Thousand Credits for One United States Dollar (1,000 Credits = US$1.00), which equates to One Tenth of One Cent per API Request ($0.001 per request).

Provider expressly reserves the absolute and unilateral right to modify, adjust, increase, or decrease the Standard Pricing Rate at any time, for any reason or no reason, with or without prior notice to User, subject to the protections afforded to Purchased Credits as described in Section 5.2.

5.2 Treatment of Purchased Credits Upon Price Changes

Notwithstanding Provider's right to change pricing at any time pursuant to Section 5.1, the following protections apply to Credits that User has already purchased prior to any price change:

(a) Grandfathered Value: All Credits purchased by User prior to a price increase shall retain their original value and functionality. A price increase shall not diminish the purchasing power of pre-existing Credits, devalue them, or alter the 1:1 ratio of Credits to API requests.

(b) No Retroactive Application: Price increases apply only to new Credit purchases made after the price change effective date. Provider shall not retroactively charge User additional amounts for Credits previously purchased at lower rates.

(c) No Refund for Price Decreases: Conversely, if Provider decreases prices, User is not entitled to any refund, credit adjustment, or compensation for Credits purchased at the previous higher rate. Price decreases similarly apply only to future purchases.

(d) Communication of Price Changes: Provider will make commercially reasonable efforts to provide advance notice of material price increases (defined as increases exceeding 20% of the current rate) through one or more of the following methods: (i) email to User's registered email address; (ii) prominent notice displayed on the User dashboard; (iii) notice published on the Service website; or (iv) notice included in Provider's regular communications. However, failure to provide advance notice does not invalidate a price change, and User's continued purchase of Credits after a price change constitutes acceptance of the new pricing.

(e) Price Lock Not Guaranteed: This Agreement does not guarantee any fixed pricing for any duration. User acknowledges that pricing for digital services is subject to change based on market conditions, operational costs, currency fluctuations, and business considerations.

5.3 Minimum Purchase Requirements

Provider may impose minimum purchase requirements from time to time. As of the Effective Date, the minimum Credit purchase is Five United States Dollars ($5.00), equivalent to Five Thousand (5,000) Credits. Provider may modify this minimum at any time in its sole discretion.

There is no maximum purchase limit unless otherwise specified by Provider or imposed by payment processor limitations.

5.4 Accepted Payment Methods

Provider currently accepts payments via the following Payment Methods:

(a) Cryptocurrency: Tether (USDT) on TRC-20 network, USD Coin (USDC), Bitcoin (BTC), and other cryptocurrencies as designated on the Service payment page;

(b) Payment Cards: Credit cards and debit cards (Visa, Mastercard, American Express, Discover) processed through Stripe, Inc. or other designated payment processors;

(c) Additional Methods: Other payment methods as Provider may designate from time to time through the payment interface.

Provider reserves the right to add, modify, or discontinue any Payment Method at any time without notice. Provider may impose different minimum purchase amounts, processing fees, or restrictions based on Payment Method selected.

Provider Does Not Store Payment Information: Provider does not collect, process, or store User's payment card numbers, card verification values (CVV), bank account information, or cryptocurrency private keys. All payment processing is handled by third-party payment processors operating under their own terms of service and privacy policies. User's provision of payment information to such processors is subject to such processors' terms and policies, not this Agreement.

5.5 Payment Processing and Credit Issuance

Upon User's submission of payment:

(a) Authorization and Verification: Payment is first authorized and verified by the payment processor. This may include fraud checks, card verification, cryptocurrency transaction confirmation, or other security measures implemented by the processor.

(b) Credit Issuance: Upon successful payment authorization and Provider's receipt of payment confirmation from the processor, Credits are immediately and automatically issued to User's Account. The quantity of Credits issued is calculated based on the amount paid and the then-current pricing rate.

(c) Transaction Record Creation: Provider simultaneously creates a Transaction Record (as defined in Article 1.1) containing all relevant transaction metadata, which serves as proof that service has been delivered.

(d) Delivery Constitutes Performance: For purposes of determining whether Provider has performed its obligations and delivered the service to User, the issuance of Credits to User's Account constitutes complete and irrevocable delivery of digital services. Upon Credit issuance, Provider's performance obligation is fully satisfied, and User has received the complete benefit of the transaction.

(e) No Delivery Delay Claims: User acknowledges that Credit issuance is typically instantaneous (within seconds or minutes of payment confirmation) and waives any claims related to delayed delivery, provided Credits are issued within twenty-four (24) hours of payment confirmation.

5.6 ABSOLUTE PROHIBITION ON REFUNDS

ALL SALES ARE FINAL. ALL TRANSACTIONS ARE NON-REFUNDABLE. THERE ARE NO REFUNDS UNDER ANY CIRCUMSTANCES.

This Section 5.6 constitutes User's express, knowing, and voluntary waiver of any right to a refund or credit for any reason whatsoever. By accepting this Agreement and by completing any payment transaction, User specifically and unequivocally acknowledges and agrees that:

(a) Nature of Digital Goods: The Service constitutes a digital good that is delivered instantaneously upon payment. Unlike physical goods that can be returned, digital services that have been delivered cannot be "returned" or "undelivered." Credits issued to User's Account represent access to a digital service that has been irrevocably granted.

(b) Service Delivered Upon Credit Issuance: The moment Credits are issued to User's Account, the service has been fully and completely delivered. The issuance of Credits constitutes delivery of the digital service that User purchased. Provider's performance obligation is thereby fully satisfied.

(c) Comprehensive and Unconditional No-Refund Policy: User shall not be entitled to any refund, chargeback, credit adjustment, reversal, or return under any circumstances, including but not limited to the following:

(i) Change of Mind: User's subsequent regret, change of mind, buyer's remorse, or decision that User no longer wants or needs the Service;

(ii) Unused Credits: User's failure to use purchased Credits, regardless of reason. Credits remain valid indefinitely (subject to Account inactivity provisions in Article 6) but are never refundable merely because they remain unused;

(iii) Service Dissatisfaction: User's dissatisfaction with the Service, including dissatisfaction with Content quality, accuracy, completeness, API performance, response times, or any other aspect of service quality;

(iv) Service Availability Issues: Service downtime, interruptions, outages, maintenance periods, degraded performance, or unavailability, whether scheduled or unscheduled, brief or prolonged;

(v) Feature Changes: Provider's modification, addition, removal, or discontinuation of any Service features or functionality;

(vi) Technical Incompatibility: User's inability to integrate with the Service due to technical limitations, incompatibility with User's systems, lack of technical expertise, or any other technical reason;

(vii) Misunderstanding: User's misunderstanding of how the Service works, what the Service provides, pricing structure, rate limits, or any other Service aspect, even if such misunderstanding was reasonable;

(viii) Third-Party Issues: Issues with User's payment processor, User's bank or financial institution, User's internet connectivity, or any other third-party service that impacts User's ability to use the Service;

(ix) Force Majeure Events: Service unavailability due to Force Majeure Events (as defined in Article 1.1 and detailed in Article 13.6);

(x) Account Termination or Suspension: Termination or suspension of User's Account for any reason, including but not limited to User's breach of this Agreement, Prohibited Uses, or Provider's voluntary cessation of business operations;

(xi) Legal or Regulatory Compliance: Provider's compliance with court orders, subpoenas, law enforcement requests, or regulatory requirements that necessitate Account restrictions or Service limitations;

(xii) Error in Purchase: User's accidental purchase of incorrect Credit amount, duplicate purchases, or purchases made in error;

(xiii) Financial Hardship: User's subsequent financial difficulties, inability to afford continued use, business failure, or personal economic circumstances;

(xiv) Competitive Services: User's discovery of alternative services, competing APIs, or better pricing from other providers;

(xv) Any Other Reason: Any and all other reasons, circumstances, or justifications not specifically enumerated above.

The foregoing list is illustrative and non-exhaustive. User unconditionally waives all refund rights and agrees that no circumstance, event, or reason shall entitle User to a refund.

(d) Waiver of Statutory and Common Law Refund Rights: To the maximum extent permitted by applicable law, User waives any rights to refunds, cancellations, or rescission that may exist under statutory consumer protection laws, distance selling regulations, cooling-off period provisions, or common law principles of contract rescission. User acknowledges that User is waiving potentially valuable legal rights by agreeing to this no-refund policy.

(e) No Implied Refund Rights: No statement, representation, or conduct by Provider or its employees, contractors, or agents shall create any implied right to a refund. All refund rights are exclusively governed by this Section 5.6, which categorically prohibits refunds.

(f) Inapplicability to Mandatory Law Refund Rights: Notwithstanding the absolute nature of this no-refund policy, User retains any refund rights that exist under mandatory laws of User's jurisdiction that cannot be waived by contract. For example, certain European Union consumer protection directives may grant limited refund rights that cannot be contractually waived. However, User acknowledges that such mandatory law exceptions are narrow and that User bears the burden of establishing entitlement to such exception.

(g) Exception for Material Terms Modification: The sole exception to this no-refund policy is described in Article 19.4, whereby User may request a refund of unused Credits within thirty (30) days of notification of a material adverse modification to this Agreement, provided User has not used any Credits since receiving such notification and User terminates User's Account in connection with the refund request. This exception is narrow and subject to strict procedural requirements as specified in Article 19.4.

5.7 Chargebacks Constitute Fraudulent Conduct

User expressly acknowledges and agrees that initiating a chargeback or payment dispute for any transaction where Provider has delivered the service (i.e., issued Credits to User's Account) constitutes theft of services, fraud, and a material breach of this Agreement.

A "chargeback" for purposes of this Agreement includes any of the following:

(a) A payment reversal initiated by User with User's payment card issuer, bank, or financial institution;

(b) A payment dispute filed with User's payment processor or gateway (e.g., PayPal dispute, Stripe dispute);

(d) Any other mechanism by which User seeks to reverse, cancel, or obtain a refund for a completed payment transaction.

Legitimate Unauthorized Transaction Exception: The foregoing does not apply to chargebacks initiated due to genuinely unauthorized transactions where User's payment credentials were stolen and used by a third party without User's knowledge or authorization. In such cases, User must:

(i) Report the unauthorized transaction to Provider within forty-eight (48) hours of discovering it by emailing security@mumin.ink;

(ii) Provide Provider with documentation supporting the claim of unauthorized use, including police reports, fraud affidavits, or other evidence reasonably requested by Provider;

(iii) Cooperate fully with Provider's investigation, including providing additional documentation and answering questions;

(iv) Not use the Account or any Credits obtained through the disputed transaction during the investigation period.

If Provider determines, in its reasonable discretion based on the evidence provided, that the transaction was genuinely unauthorized, Provider will work with User and the payment processor to resolve the matter fairly. However, if Provider's investigation reveals evidence suggesting the transaction was authorized by User, the chargeback shall be treated as fraudulent conduct under this Section 5.7.

Consequences of Fraudulent Chargebacks: If User initiates a chargeback that Provider reasonably determines to be fraudulent (i.e., for services that were properly delivered), Provider shall take the following actions:

(a) Immediate Account Termination: User's Account shall be immediately and permanently terminated. All API Keys shall be revoked instantly, and User shall be prohibited from accessing the Service. User shall not be permitted to create any new Accounts in the future.

(b) Forfeiture of Remaining Credits: Any and all Credits remaining in User's Account at the time of chargeback initiation shall be immediately forfeited and become null and void. User shall have no claim to such Credits or their value.

(c) Chargeback Contestation: Provider shall contest the chargeback with the payment processor or card issuer by submitting comprehensive evidence of service delivery, including but not limited to:

(i) Transaction Records showing payment date, amount, and transaction ID;

(ii) Acceptance Metadata proving User's acceptance of this Agreement and its no-refund policy;

(iii) API usage logs demonstrating User's use of the Service after purchasing Credits;

(iv) Timestamps and IP addresses of User's Account activity and API requests;

(v) This Agreement, including this Section 5.7, which User explicitly accepted;

(vi) Any communications between User and Provider;

(vii) Device fingerprints and other fraud detection data;

(viii) Any other evidence relevant to establishing service delivery and User's bad faith.

Provider's evidence package is typically comprehensive and detailed, resulting in a high chargeback defense success rate. Users should be aware that payment processors and card issuers generally rule in favor of merchants when clear evidence of service delivery and customer agreement to no-refund terms is presented.

(d) Legal Action for Damages: Provider expressly reserves the right to pursue civil legal action against User to recover:

(i) The amount of the chargeback;

(ii) Any chargeback fees or penalties imposed on Provider by payment processors (typically $15-$100 per chargeback);

(iii) Costs incurred in contesting the chargeback, including staff time and administrative expenses;

(iv) Attorneys' fees and legal costs if Provider retains counsel;

(v) Any additional damages Provider suffers as a result of the fraudulent chargeback;

(vi) Punitive or exemplary damages, where permitted by applicable law.

(e) Fraud Database Reporting: Provider may report User's information (name, email, IP address, payment details) to fraud prevention databases and services (e.g., Ethoca, Verifi, Kount, Sift) to alert other merchants and payment processors about User's fraudulent conduct. This may impair User's ability to conduct transactions with other online services.

(f) Criminal Referral: In cases involving high-value chargebacks, repeated chargeback fraud, or other aggravating factors, Provider may refer the matter to law enforcement authorities for potential criminal prosecution. Chargeback fraud may constitute criminal theft, fraud, or computer fraud under various jurisdictions' laws.

(g) Credit Bureau Reporting: If Provider obtains a judgment against User in civil proceedings, such judgment may be reported to credit bureaus, negatively impacting User's credit score and creditworthiness.

User's Acknowledgment: By accepting this Agreement, User specifically acknowledges that:

(i) User has read and understood this Section 5.7 in its entirety;

(ii) User understands that chargebacks for delivered services constitute fraud;

(iii) User agrees not to initiate chargebacks except in cases of genuinely unauthorized transactions;

(iv) User understands the severe consequences that will result from fraudulent chargebacks;

(v) User has no excuse of ignorance or misunderstanding of the no-refund and no-chargeback policies.

5.8 Transaction Record Retention and Evidentiary Value

Provider maintains comprehensive Transaction Records (as defined in Article 1.1) for each payment transaction. These records serve multiple critical purposes:

(a) Proof of Service Delivery: Transaction Records constitute evidence that Provider delivered the service to User (by issuing Credits) and that User received the benefit of the transaction. This evidence is used to defend against chargebacks, payment disputes, and legal claims.

(b) Tax and Accounting Compliance: Transaction Records are retained for tax reporting, financial auditing, and regulatory compliance purposes.

(c) Fraud Detection and Analysis: Transaction Records are analyzed to detect patterns of fraudulent behavior, abuse, or suspicious activity.

(d) Legal Proceedings: Transaction Records may be produced as evidence in arbitration proceedings, court proceedings, or administrative proceedings relating to disputes with User.

Transaction Records are retained for a minimum of seven (7) years from the transaction date, which exceeds most jurisdictions' statutes of limitations for contract claims and aligns with typical tax authority audit periods. User consents to such retention and acknowledges that Provider may be legally required to retain records for such duration.

Transaction Records are stored securely and access is restricted to authorized personnel. See Article 17 (Privacy and Data Protection) for additional information.

5.9 Taxes and Withholding

(a) Exclusive of Taxes: All prices and fees specified in this Agreement are exclusive of any taxes, levies, duties, or similar governmental assessments (collectively "Taxes"). User is solely responsible for all Taxes associated with User's purchase and use of the Service, except for taxes based on Provider's net income.

(b) User's Obligation: User shall pay all applicable Taxes arising from or relating to User's purchase of Credits or use of the Service. Such Taxes may include, without limitation: (i) sales tax; (ii) use tax; (iii) value-added tax (VAT); (iv) goods and services tax (GST); (v) withholding tax; (vi) consumption tax; or (vii) any other similar tax imposed by any jurisdiction.

(c) VAT for EU Users: Users located in European Union member states may be subject to VAT on their purchases. Provider may collect VAT at the applicable rate based on User's location. Users with valid VAT registration numbers may request zero-rating by providing their VAT number, subject to verification through the EU VAT Information Exchange System (VIES).

(d) Tax Exemption Claims: If User claims exemption from any Tax, User must provide Provider with valid tax exemption certificates or documentation reasonably satisfactory to Provider before the transaction. Provider is not obligated to honor exemption claims made after payment is processed.

(e) Withholding Obligations: If User is required by law to withhold any amount from payment to Provider (e.g., pursuant to withholding tax requirements), User shall: (i) increase the payment to Provider so that Provider receives the full amount due before withholding; (ii) timely remit the withheld amount to the appropriate tax authority; and (iii) promptly provide Provider with official receipts or other documentation evidencing the withholding and remittance.

(f) Tax Cooperation: User agrees to provide Provider with any information, documentation, or certifications reasonably requested by Provider to comply with applicable tax laws or to enable Provider to claim tax benefits or exemptions.

ARTICLE 6: ACCOUNT INACTIVITY, DORMANCY, AND CLOSURE

6.1 Definitions and Inactivity Thresholds

(a) "Inactive Account" Defined: An Account is deemed "Inactive" when User has not performed any Qualifying Activity (as defined below) for three hundred sixty-five (365) consecutive calendar days.

(b) "Qualifying Activity" Defined: For purposes of preventing Account inactivity, the following actions constitute "Qualifying Activity" that resets the inactivity timer to zero:

(i) Making any authenticated API request to any Service endpoint;

(ii) Logging into the User dashboard through the Service website or application;

(iii) Modifying any Account settings, including password changes, email address updates, or notification preferences;

(iv) Purchasing Credits;

(v) Communicating with Provider's support team via email or support ticket system;

(vi) Performing API key regeneration or rotation;

(vii) Any other action requiring authentication and interaction with Provider's systems that Provider reasonably determines constitutes active use.

The following actions do NOT constitute Qualifying Activity:

(i) Merely receiving emails from Provider (User must affirmatively interact with the Account);

(ii) Having a positive Credit balance (unused Credits alone do not constitute activity);

(iii) Third parties accessing User's Account or API Keys without User's authorization or knowledge.

(c) "Dormant Account" Defined: An Account becomes "Dormant" on the three hundred sixty-sixth (366th) consecutive day of inactivity, at which point the Account becomes subject to the Dormant Account Maintenance Fee as described in Section 6.4.

6.2 Inactivity Warning Notifications

When User's Account approaches the inactivity threshold, Provider shall send warning notifications to User's registered email address as follows:

(a) First Warning: Sent on Day 335 of consecutive inactivity (thirty (30) days before Dormancy), with subject line "ACCOUNT INACTIVITY WARNING: 30 Days Until Dormancy" or substantially similar language;

(b) Final Warning: Sent on Day 358 of consecutive inactivity (seven (7) days before Dormancy), with subject line "URGENT: ACCOUNT BECOMING DORMANT IN 7 DAYS" or substantially similar language.

Each warning notification shall include:

(i) Clear statement that the Account is approaching Dormancy;

(ii) Number of days remaining until Dormancy;

(iii) Explanation of consequences of Dormancy, including Maintenance Fees;

(iv) Instructions for preventing Dormancy by performing Qualifying Activity;

(v) Direct link to the User dashboard where User can log in to reset the inactivity timer;

(vi) Provider's contact information for questions or assistance.

User's Responsibility Regarding Email Monitoring: User acknowledges and agrees that:

(i) It is User's sole responsibility to maintain a valid, currently operational email address in User's Account settings;

(ii) It is User's sole responsibility to monitor User's email inbox (including spam/junk folders) for communications from Provider;

(iii) Provider has no obligation to send notifications through any channel other than email to User's registered email address;

(iv) Provider makes commercially reasonable efforts to deliver email notifications but cannot guarantee delivery due to factors outside Provider's control (spam filters, email provider issues, etc.);

(v) Failure to receive email notifications, whether due to User's email provider, User's spam filter settings, User's failure to check email, or any other reason, does NOT excuse User's Account from becoming Dormant or from accruing Maintenance Fees;

(vi) Provider's sending of email notifications (as evidenced by Provider's email server logs) constitutes sufficient notice, regardless of whether User actually reads or receives such emails.

Provider may, in its discretion, send additional reminder notifications through other channels (in-dashboard notifications, SMS if phone number provided, etc.) but is not obligated to do so. Provision of warnings through alternative channels does not create any obligation or expectation of such notifications in the future.

6.3 Prevention of Dormancy

User may prevent Account Dormancy at any time prior to Day 366 by simply performing any Qualifying Activity as defined in Section 6.1(b). Upon any Qualifying Activity:

(a) The inactivity timer immediately resets to zero;

(b) The Account is no longer on track toward Dormancy;

(d) User has a new 365-day period before the Account would again approach inactivity.

The simplest methods to prevent Dormancy are:

(i) Making a single API request (which consumes one (1) Credit but resets the timer);

(ii) Logging into the User dashboard, even if only to view Account status.

Provider encourages Users who anticipate extended periods of non-use but wish to preserve their Accounts and Credits to set a recurring calendar reminder to log in at least once every 300-330 days.

6.4 Dormant Account Maintenance Fee

(a) Fee Assessment Trigger: An Account that has been Inactive for 365 consecutive days becomes Dormant on Day 366, at which point the Account becomes subject to a recurring Monthly Dormant Account Maintenance Fee.

(b) Fee Amount: The Monthly Dormant Account Maintenance Fee is Five United States Dollars (US$5.00) per calendar month, which is equivalent to Five Thousand (5,000) Credits at current pricing.

(c) Fee Deduction Mechanism: The Maintenance Fee is automatically deducted from User's Credit balance on the first (1st) day of each calendar month while the Account remains Dormant. The first fee assessment occurs on the first day of the month following the month in which the Account became Dormant.

Example: If User's Account becomes Dormant on March 15, the first Maintenance Fee is assessed on April 1. If the Account remains Dormant, subsequent fees are assessed on May 1, June 1, and so forth.

(d) Deduction Priority: Maintenance Fees are deducted before any other potential Credit usage. If User makes an API request in a Dormant Account, the Maintenance Fee for that month (if not yet deducted) is deducted first, then the API request consumes an additional Credit.

(e) Insufficient Balance: If User's Credit balance is insufficient to pay the full Maintenance Fee when it comes due:

(i) All remaining Credits are immediately forfeited and the balance is reduced to zero;

(ii) No partial-month credit or prorated refund is provided;

(iii) The Account is immediately flagged for closure pursuant to Section 6.5(a);

(iv) Provider shall send Account Closure Notice to User's email address (though failure to receive such notice does not affect the closure).

(f) Fee Continuation: Maintenance Fees continue to accrue monthly until one of the following occurs:

(i) User performs Qualifying Activity, thereby removing the Account from Dormant status (see Section 6.6);

(ii) User's Credit balance is depleted as described in subsection (e) above;

(iii) User's Account is closed pursuant to Section 6.5;

(iv) User voluntarily closes the Account;

(v) Provider terminates the Account for other reasons.

(g) Exemption for Low Balance Accounts: Accounts with a Credit balance below the equivalent of Ten United States Dollars (US$10.00) or Ten Thousand (10,000) Credits at the time Dormancy would otherwise commence are exempt from Maintenance Fees. Instead, such low-balance Accounts are subject to immediate closure under Section 6.5(b).

Rationale: This exemption exists because assessing fees on very low balances is administratively inefficient and would rapidly deplete the Account anyway.

(h) No Fee Refund: Maintenance Fees, once assessed and deducted, are non-refundable under any circumstances, consistent with the general no-refund policy in Article 5.6. This applies even if User subsequently reactivates the Account or disagrees with the fee assessment.

6.5 Account Closure Due to Inactivity

User's Account shall be automatically closed (i.e., permanently disabled, with all data subject to deletion) under the following circumstances:

(a) Depletion of Balance by Maintenance Fees: If Maintenance Fees deplete User's Credit balance to zero (0) or below, the Account shall be automatically closed within thirty (30) days of balance depletion. Provider shall send an Account Closure Notice via email, though failure to receive such notice does not prevent or invalidate the closure.

(b) Low Balance at Dormancy Threshold: If User's Credit balance is less than US$10.00 (or equivalent in Credits) at the moment the Account would otherwise become Dormant (Day 366 of inactivity), the Account shall be automatically closed within thirty (30) days, rather than becoming subject to Maintenance Fees.

Example: User has 8,000 Credits (US$8.00 equivalent) and has been inactive for 365 days. On Day 366, rather than assessing a Maintenance Fee that would nearly deplete the Account, Provider simply closes the Account within 30 days.

(c) Extended Dormancy with Maintenance Fee Payments: If an Account remains Dormant and continues paying Maintenance Fees for eighteen (18) consecutive months, Provider may, in its discretion, send a Final Notice offering User the option to either reactivate the Account or permanently close it. If User does not respond within thirty (30) days of such notice, Provider may close the Account.

Effect of Closure: Upon Account closure due to inactivity:

(i) API Key Revocation: All API Keys associated with the Account are immediately and permanently revoked. Any attempted API requests using such keys shall return authentication errors.

(ii) Credit Forfeiture: All remaining Credits, if any, are permanently forfeited. User has no claim to the value of forfeited Credits and is not entitled to any refund, credit, or other compensation.

(iii) Data Handling: User's Personal Data is handled in accordance with Provider's Privacy Policy and Article 17 of this Agreement. Account closure typically triggers data minimization procedures whereby Personal Data is anonymized or deleted (subject to retention requirements for Transaction Records and other legally required data).

(iv) Reactivation Window: User may request Account reactivation within ninety (90) days of closure by contacting Provider at support@mumin.ink. Reactivation is subject to Provider's approval in its sole discretion and may require identity re-verification. Beyond the 90-day window, reactivation is generally not possible, and User must create a new Account.

6.6 Reactivation of Dormant Accounts

A Dormant Account that has not yet been closed may be reactivated at any time by User performing any Qualifying Activity as defined in Section 6.1(b). Upon reactivation:

(a) The Account status immediately changes from "Dormant" to "Active";

(b) The inactivity timer resets to zero, giving User a new 365-day period;

(d) Any Maintenance Fees already paid are not refunded;

(e) The Account functions normally with full access to all purchased Credits (minus any Maintenance Fees already deducted).

Partial Month Fee Credit: If User reactivates an Account on any day other than the 1st of the month, User is not charged a prorated Maintenance Fee for that partial month. Maintenance Fees are only assessed on the 1st day of each full month of Dormancy.

Example: User's Account is Dormant. Maintenance Fee was deducted on June 1. User reactivates the Account on June 15 by logging into the dashboard. No fee is assessed for the June 1-15 period. If User remains active, no July 1 fee is assessed either. If User becomes inactive again and hits Dormancy again, a new fee cycle begins.

6.7 Rationale for Inactivity Policy

This inactivity policy serves multiple legitimate business purposes:

(a) Infrastructure Cost Recovery: Dormant Accounts consume database storage, backup resources, and infrastructure capacity without generating any corresponding revenue or providing any value to User. The Maintenance Fee helps offset these costs.

(b) Resource Optimization: Closing abandoned Accounts allows Provider to optimize database performance, reduce storage requirements, and allocate resources to active Users who derive value from the Service.

(c) Security and Data Minimization: Inactive Accounts represent security risks (orphaned credentials that may be compromised) and data minimization obligations under privacy regulations like GDPR encourage deletion of data no longer needed for active service provision.

(d) Fraud Prevention: Long-dormant Accounts are sometimes reactivated by fraudsters who have gained unauthorized access. Closing such Accounts reduces this risk.

(e) Customer Communication: The inactivity policy creates touchpoints for Provider to communicate with Users who may have forgotten about their Accounts, allowing them to use their Credits or consciously decide to close their Accounts.

User acknowledges that this policy is commercially reasonable and industry-standard practice for pay-as-you-go services with prepaid balances.

ARTICLE 7: PERMITTED AND PROHIBITED USES

7.1 Permitted Uses

Subject to compliance with all terms of this Agreement, User is permitted to use the Service for the following purposes:

(a) Religious and Educational Purposes: Accessing hadith texts, translations, and related Islamic scholarly content for personal religious study, education, research, teaching, or spiritual development;

(b) Application Development: Retrieving hadith Content via the API to integrate into User's own applications, including but not limited to: mobile apps (iOS, Android), web applications, desktop software, browser extensions, voice assistants, chatbots, and other software platforms;

(c) Content Display: Displaying hadith texts and translations to end users through User's applications, websites, or other platforms, including commercial applications provided that User complies with the restrictions in Section 7.2;

(d) Research and Analysis: Conducting academic research, linguistic analysis, textual analysis, or statistical analysis of hadith collections, including but not limited to: machine learning training, natural language processing, sentiment analysis, or scholarly research projects;

(e) Nonprofit and Community Projects: Using the Service for nonprofit religious organizations, Islamic community centers, educational institutions, mosque websites, or other community-oriented projects that provide public benefit;

(f) Commercial Applications: Developing and operating commercial applications that incorporate hadith Content, subject to the restrictions in Section 7.2(d) regarding competing services. Examples include Islamic apps with subscription models, apps with advertising, or apps with in-app purchases.

7.2 Prohibited Uses

User shall NOT use the Service, directly or indirectly, for any of the following purposes or in any of the following manners:

(a) Database Replication and Systematic Extraction:

(i) Systematically downloading, extracting, scraping, or retrieving substantial portions of the hadith database with the intent or effect of replicating, mirroring, or recreating Provider's database;

(ii) Using automated tools, bots, scripts, crawlers, spiders, or any other automated means to systematically access or download Content in bulk quantities;

(iii) Implementing scrapers that iterate through hadith IDs sequentially or otherwise attempt to enumerate and download the entire database;

(iv) Making API requests at high volume with the primary purpose of data extraction rather than legitimate application functionality serving end users;

(v) Aggregating substantial portions of Content for the purpose of creating a competing database, whether such competing database is offered commercially, made available for free, or used internally;

(vi) Reverse engineering the database structure, schema, or organization for the purpose of replication;

(vii) Caching or storing substantial portions of Content beyond what is reasonably necessary for User's application to function (reasonable caching of frequently accessed Content for performance optimization is permitted, but wholesale database mirroring is prohibited).

Clarification: Accessing Content through normal application usage patterns (e.g., retrieving specific hadiths in response to user searches or browsing) is permitted. What is prohibited is systematic bulk extraction that goes beyond normal application needs.

(b) Service Abuse and Resource Exploitation:

(i) Intentionally or recklessly consuming excessive Service resources, including making unnecessary or redundant API requests, intentionally triggering computationally expensive operations, or engaging in any conduct designed to degrade Service performance;

(ii) Launching denial-of-service attacks, distributed denial-of-service (DDoS) attacks, or any other attacks intended to disrupt, disable, overload, or impair the Service;

(iii) Probing, scanning, or testing the vulnerability of the Service or any Provider system or network without prior written authorization;

(iv) Circumventing, bypassing, disabling, damaging, or otherwise interfering with any security features, access controls, rate limits, usage measurement systems, authentication mechanisms, or other protective measures implemented in or associated with the Service;

(v) Attempting to gain unauthorized access to Provider's systems, servers, databases, networks, or any other component of the Service infrastructure;

(vi) Exploiting any bug, vulnerability, glitch, or unintended feature of the Service to obtain unauthorized benefits, circumvent limitations, or cause harm;

(vii) Using multiple API Keys, creating multiple Accounts, or employing IP address rotation, proxy services, VPNs, or other techniques for the purpose of circumventing rate limits or other usage restrictions;

(viii) Engaging in any conduct that imposes an unreasonable or disproportionately large load on Provider's infrastructure.

(c) Sharing, Resale, and Unauthorized Distribution:

(i) Sharing User's API Key with any third party, whether through direct transmission, public posting, embedding in publicly distributed code, committing to public repositories, or any other means of disclosure;

(ii) Reselling, sublicensing, renting, leasing, or otherwise commercially redistributing access to the Service without Provider's express prior written consent;

(iii) Creating "wrapper" services that provide third parties with access to the Service through User's API Key, whether offered for free or for a fee;

(iv) Operating the Service as a multi-tenant platform where multiple end users share User's single API Key;

(v) Providing User's API Key to contractors, consultants, or service providers unless such parties are working directly on User's authorized application and are bound by confidentiality obligations no less protective than those in this Agreement.

Exception for Authorized Team Access: If Provider offers multi-user or team account features, User may share access credentials among team members in accordance with the specific terms governing such features.

(d) Competitive and Conflicting Uses:

(i) Using the Service to develop, operate, or support a competing hadith API service or database product that is offered to third parties, whether commercially or non-commercially;

(ii) Using Content retrieved from the Service as the primary or substantial data source for a competing Islamic content platform, Islamic knowledge database, or hadith collection service;

(iii) Benchmarking the Service for the purpose of developing competing services, except for legitimate evaluation for User's own internal decision-making purposes;

(iv) Reverse engineering the Service to understand its functionality, algorithms, or implementation for the purpose of creating a competing offering.

Clarification: User may develop applications that happen to compete with other applications that also use Provider's Service. What is prohibited is using Provider's Service to create a competing API or database service that substitutes for Provider's Service.

(j) Artificial Intelligence and Machine Learning Training:

(i) Using Content retrieved from the Service for the purpose of training, fine-tuning, or calibrating large language models (LLMs), artificial intelligence systems, or machine learning algorithms, without Provider's express prior written consent;

(ii) Using the Service to generate datasets for the purpose of training competing AI services.

Provider considers any such unauthorized AI training to be a material misappropriation of Service resources and religious content integrity.

(e) Illegal Activities and Unlawful Content:

(i) Using the Service for any purpose that violates any applicable law, statute, ordinance, regulation, or treaty, whether local, national, or international;

(ii) Using the Service to facilitate, promote, or engage in: fraud, theft, money laundering, terrorist financing, human trafficking, drug trafficking, weapons trafficking, child exploitation, or any other criminal activity;

(iii) Using the Service to distribute, promote, or facilitate distribution of: illegal drugs or controlled substances, illegal weapons or explosive devices, counterfeit goods, stolen goods, malware or computer viruses, or any other contraband;

(iv) Using the Service in any manner that infringes, misappropriates, or violates any third party's intellectual property rights, privacy rights, publicity rights, or other proprietary rights;

(v) Using the Service to collect, harvest, or aggregate personal information about individuals without their consent or in violation of applicable privacy laws;

(vi) Using the Service to stalk, harass, threaten, intimidate, or harm any person or to engage in any form of hate speech, discrimination, or violence based on race, ethnicity, national origin, religion, gender, sexual orientation, disability, or any other protected characteristic.

(f) Harmful Content Distribution:

(i) Using the Service to create, distribute, or promote content that: advocates violence, terrorism, or extremism; promotes self-harm or suicide; depicts graphic violence or gore; contains sexually explicit material involving minors; constitutes hate speech or incitement to violence; or promotes dangerous conspiracy theories with potential for real-world harm;

(ii) Misrepresenting, distorting, or taking out of context Content retrieved from the Service in a manner that materially alters its meaning or promotes misunderstanding of Islamic teachings;

(iii) Using Content in a manner that is disrespectful to Islamic traditions, prophetic teachings, or religious sensibilities of Muslims;

(iv) Combining Content with non-Islamic religious texts or content in a manner that creates confusion, misattribution, or doctrinal mixing.

(g) Spam, Abuse, and Deceptive Practices:

(i) Using the Service to send spam, unsolicited commercial messages, or any other form of unwanted bulk communication;

(ii) Using the Service to operate bots, fake accounts, or automated systems that engage in deceptive practices on social media platforms, forums, or other online communities;

(iii) Using the Service to manipulate, deceive, or defraud any person or entity;

(iv) Using the Service to create phishing websites, fraudulent applications, or other mechanisms designed to steal credentials, financial information, or personal data;

(v) Impersonating any person, entity, or organization, or falsely claiming affiliation with any person, entity, or organization.

(h) Interference with Other Users:

(i) Interfering with or disrupting other Users' use and enjoyment of the Service;

(ii) Attempting to gain unauthorized access to other Users' Accounts, API Keys, or data;

(iii) Using the Service in any manner that could damage, disable, overburden, or impair the Service for other Users.

(i) Prohibited Monitoring and Surveillance:

(i) Using the Service to develop or operate surveillance systems, tracking systems, or monitoring tools that violate individuals' privacy or applicable surveillance laws;

(ii) Using the Service to collect or process personal data for purposes of stalking, harassment, or unauthorized monitoring of individuals.

7.3 Consequences of Prohibited Uses

Engagement in any Prohibited Use as described in Section 7.2 constitutes Material Breach of this Agreement and shall result in one or more of the following consequences, as determined by Provider in its sole discretion:

(a) Warning Notice: For minor or first-time violations, Provider may issue a written warning to User's email address, identifying the violation and requiring cessation of the prohibited conduct within a specified cure period (typically 24-72 hours);

(b) Temporary Suspension: Provider may temporarily suspend User's Account and revoke API access for a specified period (typically 7-30 days) while investigating the violation or requiring User to implement corrective measures;

(c) Permanent Termination: Provider may immediately and permanently terminate User's Account, revoke all API Keys, and ban User from creating future Accounts, without any refund of unused Credits;

(d) Credit Forfeiture: All remaining Credits may be forfeited as liquidated damages for breach;

(e) Legal Action: Provider may pursue civil legal action to enjoin User's prohibited conduct, recover damages, obtain restitution, and recover attorneys' fees;

(f) Law Enforcement Referral: For violations involving illegal activity, Provider may report User to appropriate law enforcement authorities and cooperate fully with any investigation or prosecution;

(g) Fraud Database Reporting: Provider may report User's information to fraud prevention services and databases to alert other service providers;

(h) Intellectual Property Enforcement: For violations involving intellectual property infringement, Provider may issue DMCA takedown notices, file copyright infringement claims, or pursue other intellectual property remedies.

User acknowledges that the foregoing list is non-exclusive and that Provider may pursue any other legal or equitable remedies available under applicable law.

ARTICLE 8: RATE LIMITS AND USAGE RESTRICTIONS

8.1 Implementation of Rate Limits

To ensure fair resource allocation among all Users and to protect Service infrastructure from abuse, Provider implements rate limits that restrict the number of API requests User may make within specified time periods. Rate limits are strictly enforced through automated systems and are NON-NEGOTIABLE except through custom enterprise agreements negotiated separately in writing.

8.2 Types of Rate Limits

Provider implements multiple categories of rate limits, which operate independently and cumulatively:

(a) Per-API-Key Rate Limits: Limits applied based on the specific API Key making the request. As of the Effective Date: Maximum of one hundred (100) requests per minute per API Key.

(b) Per-IP-Address Rate Limits: Limits applied based on the originating IP address of the request. As of the Effective Date: Maximum of one thousand (1,000) requests per hour per IP address.

(c) Daily Request Limits (Account Age-Based): Limits applied based on the age of User's Account, designed to prevent fraud and abuse by new accounts:

| Account Age | Daily Request Limit | |-------------|---------------------| | Days 0-7 (Week 1) | 500 requests/day | | Days 8-30 (Weeks 2-4) | 2,000 requests/day | | Days 31+ (Month 2+) | 10,000 requests/day |

These daily limits apply regardless of User's Credit balance and cannot be circumvented by purchasing additional Credits.

(d) Burst Limits: Short-term limits on rapid-fire requests to prevent abuse: Maximum of ten (10) requests per second per API Key.

User's actual allowed request rate at any given moment is the MINIMUM of all applicable limits. For example, even if User's API Key limit allows 100 requests/minute, User cannot make more than 500 requests in a single day if User's Account is only 3 days old.

8.3 Rate Limit Modifications

Provider reserves the unilateral right to modify, increase, decrease, add, or remove rate limits at any time without advance notice. Rate limit changes may be implemented:

(a) Globally across all Users;

(b) For specific Account tiers or pricing plans (if implemented in the future);

(c) On a per-Account basis for Users demonstrating trustworthy usage patterns (increases) or abusive patterns (decreases);

(d) Temporarily in response to infrastructure issues, security threats, or unusual traffic patterns.

Changes to rate limits do not constitute modification of this Agreement requiring notice under Article 19.

8.4 Rate Limit Enforcement and Consequences

When User exceeds a rate limit, the following enforcement mechanisms apply:

(a) HTTP 429 Response: API requests exceeding rate limits receive an HTTP 429 "Too Many Requests" response with headers indicating:

The rate limit that was exceeded;
The time period applicable to the limit;
The time at which the limit resets (UTC timestamp);
Recommended retry-after delay.

(b) Request Rejection: Requests exceeding rate limits are rejected and NOT processed. No Credit is deducted for rejected requests.

(c) Temporary Throttling: Repeated rate limit violations may trigger additional temporary throttling, reducing User's effective rate limit for a cooldown period (typically 1-24 hours).

(d) Account Suspension: Systematic attempts to circumvent or overwhelm rate limits (e.g., through IP rotation, multiple API Keys, distributed requests) may result in Account suspension or termination pursuant to Article 7.3.

8.5 Graduated Limits Rationale

The graduated daily limits based on Account age serve critical anti-fraud purposes:

(a) Chargeback Window Protection: Payment processors typically allow chargebacks within 60-180 days of transaction. Graduated limits prevent fraudsters from purchasing Credits, immediately extracting the entire database, and then initiating chargebacks.

(b) Trust Building: Accounts that remain active and in good standing over time demonstrate legitimacy and earn higher limits as a reward for trustworthy usage.

(c) Resource Protection: New accounts represent the highest fraud risk, so limiting their immediate access protects infrastructure for legitimate long-term Users.

(d) Abuse Detection Window: Lower initial limits provide a window during which Provider can detect abusive patterns before significant damage occurs.

User acknowledges that these graduated limits are commercially reasonable and necessary for Service security and sustainability.

ARTICLE 9: FRAUD DETECTION, MONITORING, AND SECURITY MEASURES

9.1 Provider's Monitoring Rights and Obligations

Provider has both the right and the obligation to monitor Service usage for security, fraud prevention, abuse detection, and quality assurance purposes. User expressly acknowledges and consents to such monitoring. Specifically, Provider continuously monitors, logs, analyzes, and retains the following categories of data:

(a) Request Metadata: For each API request, Provider logs: timestamp (UTC, millisecond precision); originating IP address; API Key used; endpoint accessed; HTTP method; response status code; response time; payload size; user agent string; referer header; and any error messages.

(b) Usage Patterns: Provider analyzes request patterns to detect: sequential hadith ID enumeration (scraper pattern); abnormally high request rates; unusual temporal patterns (e.g., requests occurring at perfectly regular intervals indicating bot behavior); access to rarely-used endpoints; geographic anomalies; and other statistically unusual behaviors.

(c) Device and Network Data: Provider collects and analyzes: IP address geolocation and ASN; IP reputation scores from third-party threat intelligence feeds; device fingerprints; TLS/SSL handshake parameters; and network path characteristics.

(d) Authentication Events: Provider logs all authentication attempts, successful logins, failed logins, password changes, API Key generation/regeneration events, and session management activities.

(e) Financial Transaction Patterns: Provider analyzes payment patterns, including: purchase amounts and frequencies; payment method patterns; velocity of Credit consumption; and correlation between payment timing and usage spikes.

9.2 Automated Fraud Detection Systems

Provider employs automated fraud detection algorithms and machine learning models that continuously analyze the data described in Section 9.1 to identify potential Fraudulent Activity or Prohibited Uses. These systems may automatically trigger the following actions without human review:

(a) Fraud Flags: Marking an Account as potentially fraudulent, which may result in additional scrutiny, manual review requirements, or restrictions on future purchases;

(b) Rate Limiting: Imposing stricter rate limits on Accounts exhibiting suspicious patterns;

(c) CAPTCHA Challenges: Requiring User to complete CAPTCHA challenges before processing requests, to distinguish human users from bots;

(d) Payment Method Restrictions: Declining certain payment methods or requiring alternative payment methods for Accounts flagged as high-risk;

(e) Temporary Holds: Placing temporary holds on newly purchased Credits (preventing immediate use) for high-risk transactions, typically 24-72 hours;

(f) Automatic Suspension: Immediately suspending Accounts that exhibit patterns strongly indicative of abuse, pending manual review.

User acknowledges that automated systems may occasionally produce false positives. If User believes User's Account has been erroneously flagged or restricted, User may contact support@mumin.ink to request manual review. Provider will make commercially reasonable efforts to review such requests promptly but is not obligated to provide detailed explanations of its fraud detection methodologies, as such disclosure could enable circumvention.

9.3 Device Fingerprinting Technology

Provider employs device fingerprinting technology to generate unique identifiers for each device accessing the Service. Device fingerprinting involves collecting and algorithmically processing the following data points:

(a) IP address and network characteristics; (b) User agent string (browser, OS, version); (c) HTTP headers (Accept-Language, Accept-Encoding, etc.); (d) Screen resolution, color depth, pixel ratio; (e) Timezone and system time offset; (f) Installed fonts (via CSS font enumeration); (g) Canvas fingerprint (unique hash generated from HTML5 Canvas rendering); (h) WebGL fingerprint (GPU and graphics driver information); (i) Audio context fingerprint (unique characteristics of audio processing); (j) Browser plugins and extensions (where detectable); (k) Hardware concurrency (CPU cores); (l) Device memory; (m) Touch support and multi-touch capabilities; (n) Battery status API data (where available); (o) Network connection type and estimated bandwidth.

The collected data points are processed through a hashing algorithm to generate a probabilistically unique device fingerprint. This fingerprint enables Provider to:

(i) Detect when multiple Accounts are created or accessed from the same device (indicative of multi-accounting or ban evasion);

(ii) Link seemingly unrelated Accounts operated by the same individual or entity;

(iii) Identify suspicious access patterns, such as a single device accessing hundreds of different Accounts;

(iv) Detect when User's Account is accessed from a new, previously unseen device (potential Account compromise);

(v) Enhance security by implementing device-based authentication factors.

User Consent and Acknowledgment: By accepting this Agreement and using the Service, User expressly consents to device fingerprinting and acknowledges that:

(i) Device fingerprinting is a critical security and fraud prevention measure;

(ii) Device fingerprints may be retained indefinitely for security purposes;

(iii) Device fingerprint data may be shared with fraud prevention services or law enforcement where legally required;

(iv) Provider's use of device fingerprinting complies with applicable privacy laws, including GDPR (as device fingerprinting is necessary for Provider's legitimate interests in security and fraud prevention under GDPR Article 6(1)(f)).

9.4 Honeypot Endpoints and Trap Mechanisms

Provider may deploy "honeypot" endpoints—API endpoints that are not documented, not publicly disclosed, and serve no legitimate user purpose—for the purpose of detecting automated scrapers, bots, and abusive access patterns.

Accessing honeypot endpoints constitutes strong evidence that User is engaging in systematic scraping or is using automated tools that blindly enumerate all possible API endpoints. Access to honeypot endpoints may result in:

(a) Immediate Account suspension; (b) Permanent Account termination; (c) IP address blacklisting; (d) Reporting to abuse prevention databases.

User is hereby put on notice that honeypot endpoints exist and that accessing undocumented endpoints constitutes violation of this Agreement.

9.5 Third-Party Fraud Prevention Services

Provider may share User data with third-party fraud prevention and abuse detection services, including but not limited to: Stripe Radar (for payment fraud detection); MaxMind (for IP geolocation and fraud scoring); Sift (for fraud detection); Cloudflare (for DDoS protection and bot detection); and similar services.

Such sharing is conducted pursuant to Provider's Privacy Policy and is limited to data necessary for fraud prevention purposes. User consents to such sharing by accepting this Agreement.

9.6 Security Incident Response

If Provider detects evidence of Account compromise, unauthorized access, credential theft, or other security incidents affecting User's Account, Provider may:

(a) Immediately revoke User's API Keys and require regeneration of new keys; (b) Force password reset and require User to establish a new password; (c) Suspend the Account pending User verification of identity; (d) Notify User via email of the suspected security incident; (e) Request that User complete enhanced verification procedures; (f) Implement additional security measures such as two-factor authentication requirements.

Provider is not liable for any losses, damages, or disruptions resulting from security incident response measures, even if such measures are later determined to have been triggered by false positives or non-malicious activity.

ARTICLE 10: DATA COLLECTION, PROCESSING, AND PRIVACY

10.1 Incorporation of Privacy Policy

Provider's Privacy Policy, current version 1.0 or as subsequently amended, is hereby incorporated by reference into this Agreement. The Privacy Policy governs Provider's collection, use, disclosure, retention, and protection of User's Personal Data. In the event of conflict between this Agreement and the Privacy Policy regarding privacy matters, the Privacy Policy shall prevail.

User may access the current Privacy Policy at /legal/privacy or by requesting a copy from privacy@mumin.ink.

10.2 Categories of Data Collected

Provider collects and processes the following categories of data:

(a) Account Registration Data: Email address; password (stored in hashed and salted form); registration timestamp; IP address at registration; device fingerprint at registration; acceptance metadata; geographic location derived from IP address.

(b) Financial Transaction Data: Payment method type; payment processor transaction IDs; purchase amounts; currency; Credits purchased; transaction timestamps; billing country; IP address at transaction time; device fingerprint at transaction time; VAT/tax information if applicable.

Note: Provider does NOT collect or store full payment card numbers, card CVV codes, bank account numbers, or cryptocurrency private keys. Such data is collected and stored solely by third-party payment processors.

(c) Service Usage Data: API request logs (as described in Article 9.1(a)); endpoints accessed; request frequency and timing; total Credits consumed; Credit balance history; error logs; rate limit violations.

(d) Technical and Device Data: IP addresses; device fingerprints (as described in Article 9.3); user agent strings; browser type and version; operating system; screen resolution; timezone; language preferences; referring URLs.

(e) Communication Data: Emails sent to and from User; support ticket contents; chat transcripts; any other communications between User and Provider.

(f) Inference Data: Fraud risk scores; abuse likelihood assessments; Account trust levels; behavioral patterns; usage predictions.

10.3 Purposes of Data Processing

Provider processes User data for the following purposes:

(a) Service Provision: To create and maintain User's Account; authenticate User; process API requests; manage Credit balances; provide customer support.

(b) Billing and Payment: To process payments; issue receipts; manage refund requests (where applicable under Article 5); comply with tax and accounting obligations.

(c) Security and Fraud Prevention: To detect and prevent fraud; identify security threats; prevent abuse and Prohibited Uses; protect Provider's infrastructure and other Users.

(d) Analytics and Improvement: To analyze Service usage patterns; identify performance issues; optimize infrastructure; develop new features; improve user experience.

(e) Communications: To send transactional emails (purchase confirmations, password resets, security alerts, inactivity warnings); respond to support inquiries; send service updates and announcements.

(f) Legal Compliance: To comply with applicable laws and regulations; respond to lawful government requests; enforce this Agreement; defend against legal claims.

10.4 Legal Basis for Processing (GDPR)

For Users located in the European Union, Provider's legal bases for processing Personal Data are:

(a) Contractual Necessity (GDPR Article 6(1)(b)): Processing necessary to perform this Agreement and provide the Service to User.

(b) Legitimate Interests (GDPR Article 6(1)(f)): Processing necessary for Provider's legitimate interests in: preventing fraud and abuse; ensuring security; improving the Service; direct marketing (subject to opt-out); and defending legal claims. Provider has conducted a balancing test and determined these interests are not overridden by User's rights and interests.

(c) Legal Obligation (GDPR Article 6(1)(c)): Processing necessary to comply with legal obligations, including tax laws, anti-money laundering regulations, and lawful government requests.

(d) Consent (GDPR Article 6(1)(a)): Where applicable, processing based on User's explicit consent, which may be withdrawn at any time.

10.5 Data Retention Periods

Provider retains different categories of data for different periods based on legal requirements and business needs:

(a) Request Logs and Usage Data: Retained for ninety (90) days from the request date, after which logs are either deleted or anonymized (removal of IP addresses, User IDs, and other identifiers) for long-term analytics.

(b) Account Data: Retained for the duration of User's active Account. Upon Account closure or deletion, Personal Data is deleted within ninety (90) days, subject to retention exceptions below.

(c) Financial Transaction Records: Retained for seven (7) years from the transaction date to comply with tax laws, accounting standards, and statutes of limitations for financial disputes.

(d) Fraud and Security Evidence: For Accounts terminated for fraud, abuse, or security violations, Provider may retain relevant evidence indefinitely for legal defense, fraud prevention, and reporting to authorities or fraud databases.

(e) Communications: Support tickets and email communications retained for two (2) years from the last communication date for quality assurance and dispute resolution purposes.

10.6 Rights Under GDPR and Data Protection Laws

Users located in jurisdictions with data protection rights (EU, UK, California, etc.) may have the following rights:

(a) Right of Access: User may request a copy of all Personal Data Provider holds about User. Provider will respond within thirty (30) days with a complete data export in machine-readable format (JSON or CSV).

(b) Right to Rectification: User may request correction of inaccurate or incomplete Personal Data. Most Account data can be updated directly by User through the dashboard.

(c) Right to Erasure ("Right to be Forgotten"): User may request deletion of Personal Data. Provider will comply within thirty (30) days, subject to the following exceptions:

(i) Transaction Records must be retained for seven years for legal compliance; (ii) Fraud evidence may be retained indefinitely for legal defense; (iii) Anonymized data used for analytics is not subject to deletion as it is no longer Personal Data.

(d) Right to Data Portability: User may request Personal Data in a structured, commonly used, machine-readable format for transfer to another controller.

(e) Right to Restriction of Processing: User may request limitation of processing in certain circumstances, such as when contesting data accuracy or objecting to processing.

(f) Right to Object: User may object to processing based on legitimate interests or for direct marketing purposes. Provider will cease such processing unless compelling legitimate grounds override User's interests.

(g) Right to Withdraw Consent: Where processing is based on consent, User may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

(h) Right to Lodge Complaint: User may lodge a complaint with a supervisory authority (e.g., national Data Protection Authority in EU member states) if User believes Provider's processing violates applicable law.

To exercise any of these rights, User should email privacy@mumin.ink with "DATA RIGHTS REQUEST" in the subject line, include User's Account email address, and specify the right User wishes to exercise. Provider will verify User's identity before fulfilling requests.

10.7 International Data Transfers

Provider's infrastructure is located in [specify location]. For Users located outside this jurisdiction, Personal Data is transferred internationally. Such transfers are conducted:

(a) To jurisdictions with adequate data protection (as determined by relevant authorities);

(b) Pursuant to Standard Contractual Clauses approved by the European Commission (for transfers from EU);

(d) As necessary for performance of this Agreement.

User consents to such international transfers by accepting this Agreement.

10.8 Data Security Measures

Provider implements industry-standard technical and organizational security measures, including:

(a) Encryption of data in transit (TLS 1.2 or higher); (b) Encryption of sensitive data at rest; (c) Password hashing using bcrypt or comparable algorithms; (d) Role-based access controls limiting employee access to User data; (e) Regular security audits and penetration testing; (f) Intrusion detection and prevention systems; (g) Firewall protection and network segmentation; (h) Regular backups with encrypted storage; (i) Incident response procedures; (j) Employee training on data protection and security.

However, no security measures are perfect or impenetrable. See Article 12 for disclaimer regarding data security.

ARTICLE 11: SERVICE AVAILABILITY AND PERFORMANCE

11.1 "AS-IS" Service Provision

THE SERVICE IS PROVIDED STRICTLY ON AN "AS IS" AND "AS AVAILABLE" BASIS, WITHOUT WARRANTIES, REPRESENTATIONS, OR CONDITIONS OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE.

User acknowledges and agrees that Provider makes absolutely no promises, guarantees, warranties, or representations regarding:

(a) Uptime: Provider does NOT guarantee 100% uptime, continuous availability, or any specific level of availability. The Service may be unavailable at any time, for any duration, for any reason or no reason.

(b) Performance: Provider does NOT guarantee any specific response times, request processing speed, throughput, bandwidth, or performance metrics.

(d) Content Accuracy: Provider does NOT guarantee that Content is accurate, complete, current, reliable, authentic, or suitable for any particular purpose.

(e) Compatibility: Provider does NOT guarantee that the Service will be compatible with User's systems, software, platforms, or use cases.

(f) Data Integrity: Provider does NOT guarantee data integrity, preservation, or protection against data loss.

(g) Security: Provider does NOT guarantee that the Service is free from security vulnerabilities, will not be subject to attacks, or that User's data will not be compromised.

11.2 Permissible Service Interruptions

Service may be unavailable, interrupted, degraded, or otherwise impaired due to any of the following, without limitation:

(a) Scheduled Maintenance: Provider may perform scheduled maintenance, upgrades, patches, or modifications to the Service at any time, with or without advance notice. Provider will make commercially reasonable efforts to schedule major maintenance during off-peak hours (typically nights/weekends UTC) but is not obligated to do so.

(b) Emergency Maintenance: Provider may perform emergency maintenance without any advance notice to address critical security vulnerabilities, severe bugs, infrastructure failures, or security incidents.

(c) Infrastructure Failures: Hardware failures, server crashes, database failures, network outages, power failures, cooling system failures, or other infrastructure issues.

(d) Third-Party Dependencies: Failures, outages, or performance degradation of third-party services upon which Provider depends, including but not limited to: cloud hosting providers (AWS, Google Cloud, etc.); content delivery networks (CDN); DNS services; payment processors; email delivery services.

(e) Network and Internet Issues: Internet backbone failures, routing issues, DNS failures, DDoS attacks, network congestion, ISP problems, submarine cable cuts, or other network-related issues beyond Provider's control.

(f) Cyber Attacks: Distributed denial-of-service (DDoS) attacks, hacking attempts, malware infections, ransomware attacks, or other cyber threats targeting Provider's infrastructure.

(g) Force Majeure Events: Acts of God, natural disasters, wars, terrorism, civil unrest, government actions, pandemics, or other events specified in Article 15.5.

(h) Capacity Limitations: Service degradation during periods of unexpectedly high traffic or usage that exceeds Provider's current infrastructure capacity.

(i) Software Bugs and Defects: Errors, bugs, glitches, or defects in Service software, whether discovered during normal operation or introduced through updates.

11.3 No Liability for Service Interruptions

PROVIDER IS NOT LIABLE FOR ANY LOSSES, DAMAGES, COSTS, EXPENSES, OR OTHER CONSEQUENCES ARISING FROM SERVICE INTERRUPTIONS, REGARDLESS OF CAUSE.

This express disclaimer of liability extends to, without limitation:

(a) Lost revenue, profits, or business opportunities;

(b) Business interruption or inability to conduct business;

(d) Data loss or corruption;

(e) Costs of substitute or replacement services;

(f) Reputational harm or damage to goodwill;

(g) Third-party claims against User (e.g., User's customers complaining about User's app being unavailable due to Provider's Service interruption);

(h) Wasted time, resources, or development efforts.

User specifically waives any right to claim damages, refunds, credits, or other compensation based on Service availability issues. The exclusive remedy for Service interruptions is Service restoration when feasible, without any compensation.

11.4 No Service Level Agreement (SLA)

Provider does NOT offer any Service Level Agreement, uptime guarantee, availability commitment, or performance guarantee. This Agreement specifically and intentionally excludes any SLA terms.

If User requires guaranteed uptime or performance commitments, User must negotiate a separate enterprise agreement with Provider, which would supersede this Agreement's provisions regarding availability.

11.5 Right to Modify or Discontinue Service

Provider reserves the absolute and unilateral right to:

(a) Modify, update, alter, or change any aspect of the Service, including features, functionality, API endpoints, data formats, authentication methods, or technical implementation;

(b) Add new features or capabilities;

(d) Temporarily or permanently discontinue the Service entirely;

All such modifications may be implemented at any time, with or without advance notice, without any liability to User, and without any obligation to provide refunds or compensation.

User's continued use of the Service after any such modification constitutes acceptance of the modifications.

ARTICLE 12: DISCLAIMER OF WARRANTIES

12.1 Comprehensive Warranty Disclaimer

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PROVIDER EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO:

(a) Implied Warranty of Merchantability: Provider makes no warranty that the Service is of merchantable quality or fit for commercial purposes.

(b) Implied Warranty of Fitness for a Particular Purpose: Provider makes no warranty that the Service is suitable or adequate for User's specific intended purpose, use case, or application.

(c) Implied Warranty of Title and Non-Infringement: While Provider represents that it has the right to license the Service, Provider makes no warranty that User's use of the Service will not infringe third-party rights.

(d) Warranties of Accuracy or Reliability: Provider makes no warranty that Content is accurate, reliable, authentic, complete, current, or error-free.

(e) Warranties of Uninterrupted or Error-Free Service: Provider makes no warranty that the Service will operate without interruption, errors, bugs, or security vulnerabilities.

(f) Warranties of Security: Provider makes no warranty that the Service or User's data will be secure, protected from unauthorized access, or free from security breaches.

(g) Warranties of Compatibility: Provider makes no warranty that the Service will be compatible with User's hardware, software, systems, platforms, or use cases.

(h) Warranties of Availability: Provider makes no warranty regarding Service uptime, availability, or accessibility at any particular time.

(i) Warranties Regarding Third-Party Content: Provider makes no warranty regarding the accuracy, legality, reliability, or appropriateness of third-party Content, including hadith texts sourced from classical collections.

(j) Any Other Warranties: All other warranties, whether express, implied, statutory, or arising from course of dealing, usage of trade, or course of performance, are expressly disclaimed and excluded.

12.2 No Warranty on Hadith Content

PROVIDER SPECIFICALLY DISCLAIMS ALL WARRANTIES REGARDING THE RELIGIOUS, SCHOLARLY, OR SPIRITUAL CONTENT PROVIDED THROUGH THE SERVICE.

User acknowledges and agrees that:

(a) Historical Nature: Hadith texts are historical religious materials compiled by classical Islamic scholars over many centuries. Provider is not the author or originator of these texts.

(b) Translation Variability: Hadith translations provided through the Service are produced by various translators and scholars. Translation involves interpretation, and different translators may render the same Arabic text differently. Provider makes no representation that any particular translation is the most accurate, authoritative, or appropriate.

(c) Authentication Disputes: While hadith collections provided through the Service (such as Sahih al-Bukhari) are generally recognized as authentic by mainstream Islamic scholarship, there exist scholarly debates and differences of opinion regarding hadith authentication, chain of narration analysis, and interpretation.

(d) No Religious Advice: Provider does not provide religious guidance, Islamic legal rulings (fatawa), spiritual counseling, or personal religious advice. The Service merely provides access to historical texts.

(e) Consult Qualified Scholars: For matters of religious importance, Islamic jurisprudence, personal religious questions, or application of hadith to specific situations, User must consult qualified Islamic scholars, imams, or religious authorities in User's community.

(f) Independent Verification: User is responsible for independently verifying any information obtained from the Service that User intends to rely upon for religious practice, teaching, or scholarly work.

(g) Contextual Understanding: Hadith texts must be understood within their proper historical, linguistic, and jurisprudential context. Provider's Service does not provide comprehensive context, commentary, or scholarly apparatus necessary for deep understanding.

12.3 "AS-IS" Acknowledgment

User expressly acknowledges and confirms that:

(a) User is acquiring access to the Service "AS-IS" with all faults, defects, errors, and limitations;

(b) User has not relied upon any representation, statement, warranty, or promise made by Provider beyond what is expressly stated in this Article 12;

(d) User is solely responsible for determining whether the Service is suitable for User's purposes;

(e) Provider has made no promises or guarantees beyond those explicitly stated in this Agreement.

12.4 Limitations on Disclaimer

Nothing in this Article 12 excludes or limits any warranty, condition, or right that cannot be excluded or limited under applicable mandatory law. For example, certain consumer protection laws in some jurisdictions may provide minimum warranty rights that cannot be waived by contract. If such laws apply to User, those minimum rights are preserved notwithstanding this disclaimer.

However, User acknowledges that such mandatory law protections are narrow exceptions and that the broad disclaimers set forth in this Article 12 apply to the maximum extent permitted by law.

ARTICLE 13: LIMITATION OF LIABILITY AND DAMAGES CAP

13.1 Maximum Aggregate Liability Cap

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, PROVIDER'S TOTAL CUMULATIVE LIABILITY TO USER FOR ALL CLAIMS, DEMANDS, ACTIONS, OR CAUSES OF ACTION OF ANY KIND ARISING OUT OF OR RELATED TO THIS AGREEMENT OR USER'S USE OF THE SERVICE, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, STATUTORY LIABILITY, OR ANY OTHER LEGAL THEORY, SHALL NOT EXCEED THE GREATER OF:

(a) TEN UNITED STATES DOLLARS (US$10.00); OR

(b) THE TOTAL AMOUNT USER PAID TO PROVIDER IN THE THIRTY (30) CALENDAR DAYS IMMEDIATELY PRECEDING THE DATE THE CLAIM AROSE.

Clarifying Examples:

If User has paid $100 in total lifetime but only $20 in the last 30 days before a claim, Provider's maximum liability is $20.
If User has paid $5 in the last 30 days, Provider's maximum liability is $10 (the greater of $10 or $5).
If User has paid $0 in the last 30 days (using only previously purchased Credits), Provider's maximum liability is $10.

This cap applies collectively and cumulatively to all claims. If User asserts multiple claims, the cap applies to the sum total of all such claims, not to each claim individually.

13.2 Exclusion of Consequential and Indirect Damages

IN NO EVENT SHALL PROVIDER BE LIABLE TO USER FOR ANY:

(a) Indirect Damages: Damages that arise indirectly from the breach or wrong, rather than as a direct and immediate result.

(b) Incidental Damages: Damages incidental to or consequential upon Provider's breach, including costs of cover or other collateral expenses.

(c) Consequential Damages: Damages that flow from special circumstances of User's situation, including but not limited to: lost profits or revenue; lost business opportunities; loss of anticipated savings; loss of business, contracts, or goodwill; reputational damage; loss of data or information; costs of procuring substitute services; business interruption losses.

(d) Special Damages: Damages arising from special circumstances not generally encountered by other users.

(e) Exemplary, Punitive, or Multiplied Damages: Any form of damages intended to punish or make an example, or any statutory provision that multiplies compensatory damages.

This exclusion applies EVEN IF Provider has been advised of the possibility of such damages, and regardless of whether the claim is based on contract, tort (including negligence), strict liability, statute, or any other legal theory.

The only damages for which Provider may potentially be liable (subject to the cap in Section 13.1) are direct, actual, proven compensatory damages that do not fall within the excluded categories above.

13.3 Essential Nature of Limitations

User expressly acknowledges and agrees that:

(a) The limitations and exclusions in this Article 13 are ESSENTIAL ELEMENTS of the bargain between User and Provider;

(b) Provider would not provide the Service at the current pricing (or at all) without these limitations;

(c) The limitations reflect a fair and reasonable allocation of risk between the parties given the nature of the Service (digital, prepaid, low-cost);

(d) User has had the opportunity to obtain insurance or other risk mitigation for damages excluded under this Article;

(e) If any limitation or exclusion in this Article 13 is found invalid or unenforceable by a court or arbitrator, such finding does not affect the validity of other limitations, and the invalid limitation shall be modified to the maximum extent permitted by law.

13.4 Limitation Application Across Multiple Claims

If User asserts multiple claims arising from the same facts or related circumstances (e.g., breach of contract + negligence + fraud, all relating to the same underlying Service issue), such claims shall be treated as a single unified claim for purposes of the liability cap in Section 13.1.

User may not circumvent the liability cap by bringing multiple separate lawsuits, arbitrations, or proceedings. All related claims must be brought in a single proceeding, and the liability cap applies to the aggregate recovery across all such related claims.

13.5 No Liability for Third-Party Actions or Claims

Provider is not liable for:

(a) Actions, errors, omissions, or misconduct of third parties, including payment processors, hosting providers, CDN services, internet service providers, or any other third-party service providers;

(b) Third-party claims asserted against User by User's customers, end users, partners, or any other parties arising from User's use of the Service;

(c) Losses resulting from User's failure to implement adequate security measures, User's disclosure of credentials, or User's negligent or wrongful conduct;

(d) Content provided by third parties, including historical hadith texts compiled by classical scholars;

(e) User's misunderstanding, misuse, or misapplication of the Service or Content.

13.6 Force Majeure—No Liability for Events Beyond Control

Provider is not liable for any failure or delay in performing obligations under this Agreement to the extent such failure or delay is caused by a Force Majeure Event as defined in Article 1.1.

Force Majeure Events include but are not limited to: acts of God; natural disasters (earthquakes, floods, hurricanes, tornadoes, fires, tsunamis, volcanic eruptions); severe weather; epidemics or pandemics; war, invasion, acts of foreign enemies; terrorism; civil war, rebellion, revolution, insurrection; government action, laws, or regulations; embargo, sanctions, export controls; strikes or labor disputes; telecommunications infrastructure failures; internet backbone failures; power grid failures; failures of third-party service providers; cyberattacks or DDoS attacks; and any other event beyond Provider's reasonable control.

Upon occurrence of a Force Majeure Event, Provider's performance obligations are suspended for the duration of the event. Provider will make commercially reasonable efforts to resume performance as soon as practicable after the Force Majeure Event ends, but User waives any right to damages, refunds, or compensation arising from Force Majeure Events.

13.7 Limitations Survival and Enforceability

The limitations in this Article 13 survive:

(a) Expiration or termination of this Agreement;

(b) Any breach of this Agreement by either party;

(d) Provider's discontinuation of the Service.

These limitations remain enforceable indefinitely with respect to any claims arising during the period when this Agreement was in effect.

13.8 Jurisdictional Variations

Some jurisdictions do not allow exclusion or limitation of certain categories of damages (e.g., consumer protection laws in certain countries/states prohibit exclusion of liability for personal injury, fraud, or gross negligence).

To the extent any portion of this Article 13 is found unenforceable in a particular jurisdiction:

(a) The unenforceable portion shall be severed;

(b) The remaining limitations shall remain in full force;

(c) The unenforceable limitation shall be interpreted as narrowly as possible consistent with applicable law to preserve maximum limitation of liability.

Provider specifically disclaims liability to the maximum extent permitted by the law applicable to User.

ARTICLE 14: INDEMNIFICATION

14.1 User's Indemnification Obligation

User shall indemnify, defend, and hold harmless Provider, its affiliates, subsidiaries, parent companies, officers, directors, employees, agents, contractors, licensors, service providers, and assigns (collectively, the "Indemnified Parties") from and against any and all Liabilities, including but not limited to claims, demands, lawsuits, arbitrations, government investigations, settlements, judgments, damages, losses, costs, and expenses (including reasonable attorneys' fees and legal costs) arising out of, related to, or in connection with:

(a) User's Use of Service: Any and all uses of the Service by User, including uses by User's employees, contractors, agents, or other persons accessing the Service through User's Account or API Keys.

(b) User's Breach: Any breach or alleged breach by User of any provision of this Agreement, including but not limited to breaches of usage restrictions, payment obligations, or security requirements.

(c) User's Violation of Law: User's violation of any applicable law, regulation, ordinance, or the rights of any third party, including intellectual property rights, privacy rights, publicity rights, or contractual rights.

(d) User Content: Any content, data, or materials submitted, uploaded, or transmitted by User through the Service (excluding Content provided by Provider through the API).

(e) User's Applications: Claims arising from User's applications, websites, or services that incorporate or rely upon the Service, including claims by User's end users or customers.

(f) Negligence or Misconduct: User's negligent acts, errors, omissions, or willful misconduct.

(g) Third-Party Claims: Claims asserted by third parties (including User's customers, end users, business partners, or any other parties) arising from User's use of the Service or any representations, warranties, or commitments User made to such third parties regarding the Service.

(h) Data Privacy Violations: Claims arising from User's collection, use, disclosure, or processing of Personal Data in violation of applicable privacy laws.

(i) Security Failures: Claims arising from User's failure to implement adequate security measures protecting User's API Keys, credentials, or systems.

14.2 Defense and Settlement Rights

Upon Provider's notice to User of a claim for which User owes indemnification:

(a) User's Duty to Defend: User shall promptly assume the defense of such claim using counsel reasonably acceptable to Provider. User shall keep Provider informed of the progress of defense and provide Provider with copies of all relevant pleadings, correspondence, and filings.

(b) Provider's Right to Participate: Provider may, at Provider's option and expense, participate in the defense through counsel of Provider's choice. User shall cooperate fully with Provider and such counsel.

(c) No Settlement Without Consent: User shall not settle any claim, admit liability, or make any statement that could bind or prejudice Indemnified Parties without Provider's prior written consent, which may be withheld in Provider's sole discretion. Any settlement without such consent does not bind Provider and does not release User from indemnification obligations.

(d) Provider's Right to Assume Defense: If User fails to promptly assume defense of a claim, Provider may (but is not obligated to) assume defense at User's expense, and User shall reimburse Provider for all costs incurred in such defense, including attorneys' fees.

14.3 Cooperation and Documentation

User shall:

(a) Cooperate fully with Provider in defense of any claim, including providing documents, information, testimony, and access to witnesses;

(b) Not make any public statements regarding the claim without Provider's prior written approval;

(c) Provide Provider with prompt notice of any claim, demand, or lawsuit for which indemnification may be owed (though failure to provide prompt notice does not relieve User's indemnification obligation unless Provider is materially prejudiced by the delay);

(d) Maintain adequate insurance coverage to satisfy potential indemnification obligations.

14.4 Survival of Indemnification

User's indemnification obligations survive:

(a) Termination or expiration of this Agreement;

(b) Closure of User's Account;

(d) Any other event that would otherwise terminate this Agreement.

Indemnification obligations remain enforceable indefinitely with respect to claims arising from events occurring while this Agreement was in effect.

14.5 Types of Costs Covered

User's indemnification obligation extends to all types of Liabilities, including but not limited to:

(a) Attorneys' fees (including both defense counsel and any separate counsel Provider retains);

(b) Court costs, filing fees, and other litigation expenses;

(d) Investigation costs;

(e) Settlement amounts or judgments;

(f) Costs of compliance with court orders or regulatory requirements arising from the claim;

(g) Reputational damage mitigation costs;

(h) Any other costs or expenses reasonably incurred in connection with the claim.

ARTICLE 15: DISPUTE RESOLUTION AND ARBITRATION

15.1 Governing Law

This Agreement shall be governed by, construed, and enforced in accordance with the substantive laws of the Republic of Uzbekistan, without regard to its conflict of laws principles that would require application of the laws of any other jurisdiction.

Mandatory Law Exception: Notwithstanding the foregoing choice of law, nothing in this Agreement excludes, limits, or waives User's rights under mandatory provisions of User's local law that cannot be waived by contract, including but not limited to: consumer protection laws, data protection regulations (such as GDPR for EU residents), and other mandatory legal protections.

In the event of conflict between Uzbekistan law and User's mandatory local law, the mandatory local law prevails solely to the extent of the conflict and solely with respect to rights that cannot be waived by contract.

15.2 Agreement to Arbitrate All Disputes

USER AND PROVIDER MUTUALLY AGREE THAT ANY AND ALL DISPUTES, CLAIMS, OR CONTROVERSIES ARISING OUT OF OR RELATING TO THIS AGREEMENT, USER'S USE OF THE SERVICE, OR THE RELATIONSHIP BETWEEN USER AND PROVIDER (WHETHER BASED IN CONTRACT, TORT, STATUTE, FRAUD, MISREPRESENTATION, OR ANY OTHER LEGAL THEORY, AND WHETHER THE CLAIMS ARISE DURING OR AFTER THE TERMINATION OF THIS AGREEMENT) SHALL BE RESOLVED EXCLUSIVELY THROUGH FINAL AND BINDING ARBITRATION, RATHER THAN IN COURT.

This arbitration agreement applies to all claims, including but not limited to:

(a) Contract interpretation or breach claims;

(b) Tort claims (negligence, fraud, misrepresentation, etc.);

(d) Claims regarding payment, refunds, or Credits;

(e) Claims regarding Service availability, performance, or quality;

(f) Claims regarding data privacy or security;

(g) Claims regarding Account termination or suspension;

(h) Claims regarding intellectual property (subject to exception in Section 15.8);

(i) Any and all other claims, regardless of legal theory.

15.3 Arbitration Rules and Procedures

Arbitration shall be conducted in accordance with the following:

(a) Arbitration Rules: The UNCITRAL Arbitration Rules (2013 version, as may be subsequently amended), except as modified by this Agreement.

(b) Number of Arbitrators: One (1) arbitrator, unless the parties mutually agree to three arbitrators.

(c) Arbitrator Selection: The parties shall attempt to agree on an arbitrator within thirty (30) days. If the parties cannot agree, the arbitrator shall be appointed pursuant to the UNCITRAL Arbitration Rules.

(d) Arbitrator Qualifications: The arbitrator must: (i) be fluent in English or Russian; (ii) have at least ten (10) years of experience in commercial arbitration; (iii) have expertise in international commercial law and technology contracts; and (iv) be neutral and independent.

(e) Seat/Location of Arbitration: The legal seat of arbitration shall be Tashkent, Uzbekistan. However, the arbitration may be conducted online via video conference, document exchange, and electronic communications, which is strongly encouraged for cost efficiency.

(f) Language: The arbitration shall be conducted in English or Russian, as mutually agreed by the parties. If the parties cannot agree, the arbitrator shall select the language.

(g) Confidentiality: The arbitration proceedings, including all submissions, hearings, and the award, shall be confidential. Neither party shall disclose the existence, content, or results of the arbitration without the other party's prior written consent, except: (i) to legal and financial advisors under confidentiality obligations; (ii) as required by law or court order; (iii) to enforce the arbitral award; or (iv) as permitted by the UNCITRAL Rules.

(h) Discovery: Discovery shall be limited to what is reasonable and necessary for the issues in dispute, as determined by the arbitrator. The arbitrator may order production of documents and electronic discovery but shall avoid the expansive discovery typical in U.S. litigation.

(i) Evidence and Hearings: The arbitrator shall determine the admissibility, relevance, and weight of evidence. Hearings may be conducted in-person, by video conference, or by written submission, as the arbitrator determines appropriate.

(j) Award: The arbitrator shall issue a written award with findings of fact and conclusions of law. The award is final and binding on both parties and is enforceable in any court of competent jurisdiction.

(k) Standard of Review: There is no appeal from the arbitral award except as provided in the New York Convention or applicable arbitration law (which allows challenges only for very limited grounds such as corruption or excess of jurisdiction).

15.4 Arbitration Costs and Fees

(a) Filing Fees: Provider and User shall each pay one-half (50%) of the arbitration filing fees and administrative costs charged by the arbitration administrator.

(b) Arbitrator Fees: Provider and User shall each pay one-half (50%) of the arbitrator's fees and expenses.

(c) Attorney's Fees: Each party shall bear its own attorneys' fees and costs, except:

(i) The arbitrator may award attorneys' fees to the prevailing party if authorized by applicable law or if a party acted in bad faith, filed frivolous claims, or otherwise abused the arbitration process.

(ii) If User is a consumer in a jurisdiction where Consumer law requires Provider to pay certain arbitration costs, such mandatory law provisions shall apply.

(d) Fee Waiver for Low-Value Claims: For claims valued at US$10,000 or less, if User demonstrates financial hardship, Provider may in its sole discretion waive or reduce User's share of arbitration costs.

15.5 Class Action Waiver—Individual Disputes Only

USER AND PROVIDER MUTUALLY AGREE THAT EACH MAY BRING CLAIMS AGAINST THE OTHER ONLY IN AN INDIVIDUAL CAPACITY AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS, REPRESENTATIVE, OR COLLECTIVE PROCEEDING.

Specifically:

(a) No Class Arbitrations: There shall be no class arbitrations, consolidated arbitrations, or representative arbitrations. Each User must arbitrate claims individually.

(b) No Class Actions in Court: To the extent any claim is permitted to proceed in court (pursuant to exceptions in Section 15.8), there shall be no class actions, consolidated actions, or representative actions.

(c) No Consolidation: The arbitrator may not consolidate more than one person's claims or parties without mutual written consent of all affected parties.

(d) Severability of Class Waiver: If the class action waiver is found unenforceable as to a particular claim or request for relief, such claim or relief shall be severed and proceeded in court, while arbitrable claims proceed in arbitration.

(e) Waiver of Rights: User expressly waives any right to bring or participate in class actions, representative actions, collective actions, or consolidated proceedings of any kind.

15.6 Small Claims Court Exception

Notwithstanding the agreement to arbitrate, either party may bring an individual action in small claims court if the claim meets the jurisdictional requirements of such court and proceeds only on an individual (non-class, non-representative) basis. Once a small claims court action is filed, the parties may not subsequently demand arbitration of that claim.

15.7 Informal Dispute Resolution Prerequisite

Before initiating arbitration or small claims court action, the party asserting a claim must first attempt to resolve the dispute informally by providing written notice to the other party describing: (a) the nature of the claim; (b) the factual basis for the claim; (c) the relief sought; and (d) User's Account email address (for claims by User) or contact information (for claims by Provider).

Notice Addresses:

Claims by User against Provider: legal@mumin.ink, subject line "FORMAL DISPUTE NOTICE"
Claims by Provider against User: User's registered email address

The parties shall then negotiate in good faith for sixty (60) days to resolve the dispute. If the dispute is not resolved within 60 days, either party may initiate arbitration.

Failure to comply with this informal dispute resolution prerequisite may result in dismissal of the arbitration demand without prejudice, requiring the claiming party to restart the process.

15.8 Exceptions to Arbitration—Equitable Relief

Either party may seek the following forms of relief in any court of competent jurisdiction without being required to arbitrate:

(a) Injunctive Relief: Preliminary or permanent injunctions to prevent infringement of intellectual property rights, misappropriation of trade secrets, or ongoing breaches of confidentiality obligations.

(b) Specific Performance: Orders requiring specific performance of obligations that cannot be adequately remedied by monetary damages.

Such court actions may proceed simultaneously with arbitration of other issues. The existence of such court proceedings does not waive the agreement to arbitrate other claims.

15.9 Waiver of Jury Trial

TO THE MAXIMUM EXTENT PERMITTED BY LAW, USER AND PROVIDER EACH WAIVE ANY RIGHT TO TRIAL BY JURY FOR ANY DISPUTE THAT, NOTWITHSTANDING THE ARBITRATION AGREEMENT, PROCEEDS IN COURT.

15.10 Enforceability Under the New York Convention

This arbitration agreement is governed by the Convention on the Recognition and Enforcement of Foreign Arbitral Awards (commonly known as the "New York Convention"), to which both the Republic of Uzbekistan and over 160 other countries are signatories.

Arbitral awards issued pursuant to this Agreement are enforceable in all New York Convention signatory countries, providing User with an internationally enforceable remedy if Provider fails to comply with an award, and providing Provider with an internationally enforceable remedy if User fails to comply with an award.

15.11 Severability of Arbitration Provisions

If any portion of this Article 15 is found illegal, invalid, or unenforceable, such portion shall be severed, and the remainder of this Article shall remain in full force and effect. If the class action waiver (Section 15.5) is found unenforceable, any class claims shall be litigated in court, while individual claims shall be arbitrated.

If the entire arbitration agreement is found unenforceable, disputes shall be resolved in the courts of Tashkent, Uzbekistan, subject to Section 15.12.

15.12 Exclusive Jurisdiction (If Arbitration Unenforceable)

If, and only if, the arbitration agreement in this Article 15 is found wholly unenforceable, then the parties consent to the exclusive jurisdiction of the courts located in Tashkent, Uzbekistan for resolution of any disputes. User waives any objection to jurisdiction or venue in such courts.

ARTICLE 16: TERM AND TERMINATION

16.1 Term of Agreement

This Agreement commences on the Agreement Effective Date (as defined in Article 2.2) and continues in effect unless and until terminated in accordance with the provisions of this Article 16.

16.2 Termination by User

User may terminate this Agreement and close User's Account at any time, for any reason or no reason, through one of the following mechanisms:

(a) Emailing a termination request to support@mumin.ink with "ACCOUNT CLOSURE REQUEST" in the subject line, providing User's Account email address and confirming User's intent to close the Account;

(b) Using the Account deletion feature in the User dashboard, if available; or

Upon User's termination:

(i) All API Keys are immediately revoked;

(ii) All unused Credits are permanently forfeited (no refunds);

(iii) User's Personal Data is handled per Article 10.5 and the Privacy Policy;

(iv) User remains liable for all obligations incurred prior to termination.

16.3 Termination by Provider for Material Breach

Provider may immediately terminate this Agreement and User's Account, without advance notice and without refund of unused Credits, if User commits Material Breach of this Agreement.

"Material Breach" includes but is not limited to:

(a) Any Prohibited Use as described in Article 7.2;

(b) Any Fraudulent Activity as defined in Article 1.1;

(d) Failure to pay amounts owed to Provider;

(e) Providing false information during registration or identity verification;

(f) Sharing or reselling API Keys without authorization;

(g) Violation of usage restrictions or rate limits in a systematic or intentional manner;

(h) Breach of security obligations resulting in Account compromise;

(i) Use of the Service in a manner that causes harm to Provider or other Users;

(j) Violation of any other material provision of this Agreement.

Provider's determination of Material Breach shall be made in good faith based on available evidence and shall be final and binding.

16.4 Termination by Provider Without Cause

Provider may terminate this Agreement and discontinue the Service, in whole or in part, at any time, with or without cause, by providing User with thirty (30) days' advance written notice to User's registered email address.

In this circumstance only, User may request a refund of unused Credits by emailing refunds@mumin.ink within the 30-day notice period. Such refund requests will be processed on a case-by-case basis at Provider's discretion.

16.5 Suspension Pending Investigation

Provider may temporarily suspend User's Account and API access, without prior notice, if Provider reasonably suspects:

(a) Fraudulent Activity or Prohibited Uses;

(b) Account compromise or unauthorized access;

(d) Potential violations of law or this Agreement requiring investigation.

During suspension:

(i) User cannot make API requests;

(ii) Credits are not consumed (frozen);

(iii) User cannot purchase additional Credits;

(iv) Provider investigates the situation.

After investigation, Provider shall either:

Lift the suspension and restore full access; or
Terminate the Account pursuant to Section 16.3.

Suspensions typically last 1-14 days depending on investigation complexity. User may contact support@mumin.ink for status updates.

16.6 Effect of Termination

Upon termination of this Agreement for any reason:

(a) Immediate Effects:

(i) All licenses granted to User under Article 3 immediately terminate;

(ii) All API Keys are immediately revoked and become non-functional;

(iii) User must immediately cease all use of the Service;

(iv) User must immediately cease displaying any Content obtained from the Service (subject to subsection (b) below);

(v) All unused Credits are forfeited and become null and void (subject to exception in Section 16.4).

(b) Content Retention Rights:

User may continue to display Content that User already retrieved from the API prior to termination, subject to the following conditions:

(i) Such continued display must comply with all usage restrictions in Article 7;

(ii) User must provide proper attribution to the original hadith sources;

(iii) User may not make any new API requests to retrieve additional Content;

(iv) If termination was due to Material Breach involving Content misuse, Provider may demand cessation of all Content display.

(c) Data Handling:

User's Personal Data is handled pursuant to Article 10 and the Privacy Policy. Generally:

(i) Account data is anonymized or deleted within 90 days;

(ii) Transaction Records are retained for 7 years;

(iii) Fraud evidence may be retained indefinitely.

(d) Payment Obligations:

Termination does not relieve User of payment obligations incurred prior to termination, including:

(i) Unpaid fees or charges;

(ii) Costs incurred in collecting unpaid amounts;

(iii) Damages owed for breaches occurring before termination.

16.7 Survival of Provisions

The following provisions survive termination or expiration of this Agreement indefinitely:

(a) Article 3.3 (Intellectual Property Ownership);

(b) Article 5.6 (No Refunds);

(d) Article 5.8 (Transaction Records);

(e) Article 10 (Data and Privacy) - to extent necessary to fulfill retention obligations;

(f) Article 12 (Disclaimer of Warranties);

(g) Article 13 (Limitation of Liability);

(h) Article 14 (Indemnification);

(i) Article 15 (Dispute Resolution);

(j) This Article 16.7 (Survival);

(k) Article 17 (Miscellaneous Provisions);

(l) Any other provision that by its nature should survive.

ARTICLE 17: MISCELLANEOUS PROVISIONS

17.1 Entire Agreement

This Agreement, together with the Privacy Policy expressly incorporated by reference, constitutes the entire agreement and understanding between User and Provider relating to the subject matter hereof and supersedes all prior or contemporaneous agreements, understandings, negotiations, representations, warranties, and communications, whether written or oral, relating to such subject matter.

No amendment, modification, or waiver of any provision of this Agreement shall be effective unless in writing and signed by both User and an authorized representative of Provider. Any pre-printed terms on User's purchase orders, invoices, or other documents are expressly rejected and shall have no effect.

17.2 Severability

If any provision of this Agreement is held by a court of competent jurisdiction or arbitrator to be invalid, illegal, void, or unenforceable for any reason, such provision shall be modified to the minimum extent necessary to make it enforceable while preserving its intent, or if such modification is not possible, the provision shall be severed from this Agreement.

The invalidity or unenforceability of any provision shall not affect the validity or enforceability of any other provision of this Agreement, and the remaining provisions shall continue in full force and effect.

If the severability of a particular provision would substantially frustrate the purpose or economic benefit of this Agreement to either party, that party may elect to terminate this Agreement upon written notice to the other party.

17.3 Waiver

No waiver by Provider of any breach of this Agreement by User, whether express or implied, shall constitute a waiver of any other breach or subsequent breach of the same or any other provision.

Provider's failure to enforce any right or provision of this Agreement shall not be deemed a waiver of such right or provision or prevent Provider from enforcing such right or provision in the future.

Any waiver must be in writing and signed by an authorized representative of Provider to be effective.

17.4 Assignment

(a) User Assignment Prohibited: User may not assign, transfer, delegate, or sublicense this Agreement or any rights or obligations hereunder, whether voluntarily, involuntarily, by operation of law, merger, acquisition, change of control, or otherwise, without Provider's prior written consent, which Provider may grant or withhold in its sole discretion.

Any attempted assignment in violation of this provision is void ab initio and of no force or effect.

(b) Provider Assignment Permitted: Provider may freely assign or transfer this Agreement, in whole or in part, without User's consent, to:

(i) Any affiliate, subsidiary, or parent company;

(ii) Any successor entity in the event of merger, acquisition, asset sale, or corporate reorganization;

(iii) Any third party acquiring all or substantially all of Provider's business or assets relating to the Service.

Upon such assignment, the assignee assumes all of Provider's rights and obligations hereunder.

(c) Notice of Assignment: Provider will make commercially reasonable efforts to notify User of any assignment but is not legally required to do so.

17.5 Relationship of Parties

This Agreement does not create any partnership, joint venture, employment, agency, franchise, or fiduciary relationship between User and Provider.

User has no authority to bind Provider or make commitments on Provider's behalf. User is an independent contractor, not an employee, agent, partner, or joint venturer of Provider.

17.6 Third-Party Beneficiaries

This Agreement is for the sole benefit of User and Provider and is not intended to confer any rights or remedies upon any third party.

No third party (including User's customers, end users, employees, contractors, or any other person) is a third-party beneficiary of this Agreement or has any right to enforce any provision hereof, except for the Indemnified Parties as defined in Article 14.1 who are express third-party beneficiaries of the indemnification provisions.

17.7 Force Majeure

Neither party shall be liable for any failure or delay in performing its obligations under this Agreement (except for payment obligations, which are not excused by Force Majeure) to the extent such failure or delay is caused by a Force Majeure Event as defined in Article 1.1.

The party affected by the Force Majeure Event shall:

(a) Promptly notify the other party of the Force Majeure Event and its expected duration;

(b) Use commercially reasonable efforts to mitigate the effects of the Force Majeure Event;

If a Force Majeure Event continues for more than ninety (90) consecutive days, either party may terminate this Agreement by written notice to the other party, without liability except for obligations accrued prior to termination.

17.8 Notices

All notices required or permitted under this Agreement shall be in writing and delivered via one of the following methods:

(a) To User:

(i) Email to User's registered email address on file with Provider; or

(ii) Prominent posting on User's dashboard; or

(iii) In-app notification.

Email notices to User are deemed effective twenty-four (24) hours after transmission, regardless of whether User actually reads the email or whether the email is delivered successfully (provided Provider's email server logs show the email was sent without immediate bounce-back errors).

(b) To Provider:

Physical Address (for legal notices): Mumin Hadith API (MuminHadith.com) Yunusabad District, 14, 2nd Flowery Street Tashkent, 100000 Republic of Uzbekistan

Email (for general notices): support@mumin.ink

Email (for legal/dispute notices): legal@mumin.ink

Notices to Provider are deemed effective upon actual receipt by Provider.

17.9 Language

This Agreement is executed in the English language. Any translation into other languages is provided for convenience only. In the event of any conflict, ambiguity, or inconsistency between the English version and any translation, the English version shall prevail and control.

17.10 Headings

The article and section headings in this Agreement are for convenience and reference only and shall not affect the interpretation or construction of any provision hereof.

17.11 Interpretation Against Drafter

The parties acknowledge that this Agreement is the result of arm's-length negotiation and that both parties have had the opportunity to review and negotiate its terms. Accordingly, this Agreement shall not be construed more strictly against either party as the "drafter" of the Agreement.

17.12 Counterparts and Electronic Signatures

This Agreement may be executed in one or more counterparts, each of which shall be deemed an original and all of which together shall constitute one and the same instrument.

Electronic signatures, digital signatures, and acceptance through electronic means (as described in Article 2) shall have the same legal effect as handwritten signatures.

17.13 No Implied Rights

No rights or licenses are granted to User except as expressly set forth in this Agreement. All rights not expressly granted herein are reserved by Provider.

17.14 Statute of Limitations

To the extent permitted by applicable law, any claim or cause of action arising out of or related to this Agreement or the Service must be filed within one (1) year after the claim or cause of action arose, or such claim or cause of action shall be forever barred.

This shortened limitations period applies notwithstanding any longer limitations period that might otherwise apply under statute.

17.15 Government Users (U.S. Federal Acquisition)

If User is a U.S. federal government entity or using the Service on behalf of the U.S. federal government:

The Service constitutes "Commercial Computer Software" and "Commercial Computer Software Documentation" as defined in FAR 12.212 and DFARS 227.7202. Use, reproduction, and disclosure are subject to the terms of this Agreement.

17.16 Export Controls and Sanctions Compliance

User represents and warrants that User is not located in, and will not access or use the Service from, any jurisdiction subject to comprehensive economic sanctions imposed by the United States, European Union, United Nations, or Republic of Uzbekistan.

User represents and warrants that User is NOT a "Specially Designated National" (SDN) or otherwise listed on any prohibited party list maintained by OFAC (U.S. Office of Foreign Assets Control), the European Union, or similar international bodies.

User shall comply with all applicable export control laws and regulations, including but not limited to U.S. Export Administration Regulations (EAR) and sanctions administered by OFAC.

User shall not use the Service to develop, support, or facilitate development of nuclear weapons, chemical weapons, biological weapons, missiles, or other weapons of mass destruction.

17.17 Amendment and Modification

See Article 19 for provisions governing modification of this Agreement.

17.18 Contact Information

For questions, concerns, or communications regarding this Agreement:

General Support: support@mumin.ink

Privacy Matters: privacy@mumin.ink

Legal/Compliance: legal@mumin.ink

Security Incidents: security@mumin.ink

Payment/Billing: billing@mumin.ink

Physical Address: Mumin Hadith API Yunusabad District, 14, 2nd Flowery Street Tashkent, 100000 [Republic of Uzbekistan]

ARTICLE 18: SPECIFIC ACKNOWLEDGMENTS AND CONFIRMATIONS

User hereby specifically acknowledges, confirms, and agrees to the following critical provisions:

18.1 No Refund Acknowledgment

User acknowledges that User has read and understood Article 5.6 (Absolute Prohibition on Refunds) and agrees that:

(a) ALL sales are final;

(b) Credits are non-refundable under any circumstances (except the narrow exception in Article 19.4);

(d) User waives all refund rights to the maximum extent permitted by law.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.2 Chargeback Fraud Acknowledgment

User acknowledges that User has read and understood Article 5.7 (Chargebacks Constitute Fraudulent Conduct) and agrees that:

(a) Filing chargebacks for delivered services constitutes fraud;

(b) Provider will contest all chargebacks with full documentation;

(d) User agrees not to initiate chargebacks except in cases of genuinely unauthorized transactions.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.3 Inactivity Fee Acknowledgment

User acknowledges that User has read and understood Article 6 (Account Inactivity Policy) and agrees that:

(a) Accounts inactive for 365 days become subject to $5/month maintenance fees;

(b) Provider will send warning emails, but failure to receive them does not excuse fees;

(d) Accounts with balances below $10 will be closed instead of charged fees;

(e) All maintenance fees are non-refundable.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.4 Arbitration and Class Waiver Acknowledgment

User acknowledges that User has read and understood Article 15 (Dispute Resolution and Arbitration) and agrees that:

(a) All disputes must be resolved through binding arbitration in Uzbekistan;

(b) User waives the right to sue in court (except for narrow exceptions in Section 15.8);

(d) User waives the right to bring or participate in class actions, representative actions, or consolidated proceedings;

(e) Arbitration awards are final and enforceable internationally under the New York Convention.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.5 Limitation of Liability Acknowledgment

User acknowledges that User has read and understood Article 13 (Limitation of Liability) and agrees that:

(a) Provider's maximum liability is capped at the greater of $10 or the amount User paid in the last 30 days;

(b) Provider is not liable for indirect, consequential, incidental, special, or punitive damages;

(d) User assumes all risks associated with using the Service.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.6 "AS-IS" Service Acknowledgment

User acknowledges that User has read and understood Article 11 (Service Availability) and Article 12 (Disclaimer of Warranties) and agrees that:

(a) The Service is provided "AS-IS" without any warranties;

(b) Provider does not guarantee uptime, availability, performance, or reliability;

(d) User must verify important information independently and consult qualified scholars for religious guidance;

(e) User assumes all risks of using the Service.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.7 Monitoring and Fraud Detection Acknowledgment

User acknowledges that User has read and understood Article 9 (Fraud Detection) and agrees that:

(a) Provider monitors all Service usage for fraud, abuse, and security purposes;

(b) Provider collects IP addresses, device fingerprints, usage patterns, and other data for fraud prevention;

(d) Device fingerprinting is necessary for security and User consents to it;

(e) Provider may share data with fraud prevention services and law enforcement.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.8 Prohibited Uses Acknowledgment

User acknowledges that User has read and understood Article 7 (Permitted and Prohibited Uses) and agrees that:

(a) User will not engage in database scraping, systematic extraction, or bulk downloading;

(b) User will not share, resell, or redistribute API Keys without authorization;

(d) User will not circumvent rate limits or security measures;

(e) Violations may result in immediate Account termination without refund.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

18.9 Entire Agreement Understanding

User acknowledges that:

(a) User has read this entire Agreement in its entirety before accepting;

(b) User has had the opportunity to ask questions and seek clarification;

(d) User has not relied on any representations or promises outside of this written Agreement;

(e) This Agreement, together with the Privacy Policy, constitutes the entire agreement between User and Provider.

User's Initials (Electronic Acknowledgment): [Acknowledged by acceptance of this Agreement]

ARTICLE 19: MODIFICATIONS TO TERMS

19.1 Right to Modify

Provider reserves the unilateral right to modify, amend, revise, update, or replace any provision of this Agreement at any time, for any reason, in Provider's sole discretion.

Modifications may be made to:

(a) Comply with legal, regulatory, or compliance requirements;

(b) Reflect changes in business practices or Service functionality;

(d) Clarify ambiguous provisions;

(e) Improve user experience;

(f) For any other reason Provider deems appropriate.

19.2 Notification of Modifications

Provider will notify User of material modifications through one or more of the following methods:

(a) Email to User's registered email address;

(b) Prominent notice on the Service website;

(d) Notice in regular Service communications.

"Material Modification" includes changes that:

(i) Substantially increase User's financial obligations;

(ii) Significantly reduce Provider's obligations or User's rights;

(iii) Materially alter dispute resolution procedures;

(iv) Modify pricing by more than 20%;

(v) Change fundamental Service functionality.

Non-material modifications (e.g., clarifications, formatting changes, minor wording improvements) may be made without notice.

19.3 Effective Date of Modifications

Modified Terms become effective:

(a) For Existing Users: Thirty (30) days after notification of material modifications, or immediately upon notification for non-material modifications.

(b) For New Registrations: Immediately upon acceptance for all new Users registering after the modification.

The "Last Modified" date at the top of this Agreement indicates when the most recent modifications became effective.

19.4 User's Options Upon Modification

If User objects to a material modification, User has the following options:

(a) Option 1—Terminate and Request Refund:

User may terminate the Agreement and request a refund of unused Credits by:

(i) Sending written notice to refunds@mumin.ink within thirty (30) days of receiving notification of the modification;

(ii) Including "TERMS MODIFICATION REFUND REQUEST" in the subject line;

(iii) Specifying the modification(s) User objects to;

(iv) Confirming User has not used any Credits since receiving notice of the modification;

(v) Agreeing to immediate Account closure upon refund processing.

Provider will process such refund requests on a case-by-case basis within thirty (30) business days. This is the ONLY circumstance under which refunds may be granted.

(b) Option 2—Continue Using Service:

If User continues to use the Service after the effective date of modifications, such continued use constitutes User's acceptance of and agreement to be bound by the modified Terms.

User's failure to affirmatively terminate within the 30-day window shall be deemed acceptance of the modifications.

19.5 Version Tracking

Provider maintains version history of this Agreement. User may request previous versions by emailing legal@mumin.ink.

User's Account is bound by the version of this Agreement that was in effect at the time User accepted it, subject to subsequent modifications made in accordance with this Article 19.

ARTICLE 20: ADDITIONAL DISCLAIMERS

20.1 Educational and Informational Purposes Only

The Service provides access to hadith collections for educational, informational, research, and religious study purposes. The Service is NOT:

(a) A substitute for consulting qualified Islamic scholars, imams, or religious authorities;

(b) A source of religious legal rulings (fatawa) or personalized religious guidance;

(d) A comprehensive Islamic education or substitute for traditional Islamic learning;

(e) An authoritative or definitive source for all hadith-related questions.

User acknowledges that understanding hadith requires proper methodology, knowledge of Arabic language and classical Islamic sciences, understanding of chains of narration (isnad), and awareness of scholarly differences of opinion—expertise that the Service itself does not provide.

20.2 Not Professional Advice

Nothing in the Service or Content constitutes legal, financial, medical, psychological, or other professional advice. User should not rely on Content for any professional decision-making without consulting appropriate licensed professionals.

20.3 Third-Party Links and Services

The Service may contain links to third-party websites, services, or resources. Provider does not endorse, control, or assume responsibility for any third-party content, products, services, or practices.

User accesses third-party links at User's own risk. Provider is not liable for any harm or damages arising from User's interaction with third-party websites or services.

20.4 User Responsibility for Compliance

User is solely responsible for ensuring that User's use of the Service complies with all applicable laws, regulations, industry standards, and contractual obligations in User's jurisdiction and in jurisdictions where User's applications are used.

This includes but is not limited to:

(a) Data protection and privacy laws (GDPR, CCPA, etc.);

(b) Consumer protection laws;

(d) Content moderation and platform policies if User redistributes Content;

(e) Intellectual property laws;

(f) Religious or cultural sensitivities in User's target markets.

Provider makes no representation that the Service is appropriate or legal for use in any particular jurisdiction.

20.5 User-Generated Content Disclaimer

If the Service allows User to submit, upload, or transmit any content (excluding API requests, which do not constitute uploads), Provider:

(a) Does not endorse such User content;

(b) Is not responsible for User content;

(d) May remove User content at any time without notice if it violates this Agreement or applicable law.

20.6 Age Restriction

The Service is intended for Users who are at least thirteen (13) years old (or sixteen (16) years old if located in the European Union). Users under the age of majority in their jurisdiction must have parental or guardian consent.

Provider does not knowingly collect Personal Data from children under the applicable age thresholds. If Provider learns it has inadvertently collected data from underage users, such data will be deleted promptly.

ARTICLE 21: FINAL PROVISIONS

21.1 Precedence

In the event of conflict between different provisions of this Agreement, the following order of precedence applies:

Article 18 (Specific Acknowledgments)
Article 5 (Payment Terms)
Article 13 (Limitation of Liability)
Article 15 (Dispute Resolution)
Article 12 (Disclaimer of Warranties)
All other provisions

21.2 Construction Principles

This Agreement shall be construed:

(a) As a whole, giving effect to all provisions where possible;

(b) To avoid absurd or commercially unreasonable results;

(d) In accordance with the principles of good faith and fair dealing, except where expressly stated otherwise;

(e) Consistent with the purposes and intent reflected in the preamble and individual provisions.

21.3 Exhibits and Schedules

If Provider subsequently adds exhibits, schedules, or appendices to this Agreement (e.g., pricing schedules, service level descriptions), such documents are incorporated by reference and form part of this Agreement.

21.4 Time Periods and Calculations

All time periods referenced in this Agreement (e.g., "30 days", "90 days") are calendar days unless specified as "business days."

When calculating time periods:

(a) Exclude the day of the triggering event;

(b) Include the final day;

All timestamps are in UTC unless otherwise specified.

21.5 Currency and Exchange Rates

All monetary amounts in this Agreement are in United States Dollars (USD).

If Provider accepts payment in other currencies, conversion shall be performed using exchange rates determined by Provider's payment processor at the time of transaction. Provider is not responsible for currency fluctuations or exchange rate variations.

21.6 Acknowledgment of Electronic Agreement

User acknowledges that:

(a) This is an electronic agreement formed through electronic acceptance;

(b) User's electronic acceptance has the same legal effect as a handwritten signature;

(d) User has the ability to download, print, and retain a copy of this Agreement.

21.7 Questions and Interpretation

If User has questions about any provision of this Agreement, User should email legal@mumin.ink BEFORE accepting the Agreement.

Provider's failure to respond to interpretation questions does not create ambiguity or favor User's interpretation.

ACCEPTANCE CERTIFICATION

By completing account registration, clicking "I Accept," submitting payment, or using the Service in any manner, User certifies and confirms that:

✓ User has read this ENTIRE Agreement in full;

✓ User understands all provisions, including the no-refund policy, arbitration agreement, limitation of liability, and all other material terms;

✓ User has had the opportunity to ask questions or seek legal counsel before accepting;

✓ User agrees to be legally bound by this Agreement;

✓ User acknowledges this Agreement is enforceable against User in accordance with its terms;

✓ User's acceptance is knowing, voluntary, and made with full understanding of the legal consequences.

END OF TERMS OF SERVICE AGREEMENT

QUICK REFERENCE SUMMARY (Non-Binding)

This summary is provided for convenience only and is not legally binding. In case of conflict, the full Agreement above controls.

Key Terms:

❌ NO REFUNDS - All sales final (Article 5.6)
❌ Chargebacks = Fraud - Will be contested, account terminated (Article 5.7)
💵 Pricing: $0.001/request ($1 per 1,000 credits)
⏰ Inactivity: 365 days → $5/month fee (Article 6)
📊 Daily Limits: 500 (week 1), 2,000 (weeks 2-4), 10,000 (month 2+)
⚖️ Disputes: Binding arbitration in Uzbekistan, NO class actions (Article 15)
💰 Max Liability: Greater of $10 or last 30 days' payments (Article 13)
🔒 Monitoring: Full fraud detection, device fingerprinting (Article 9)
📜 Service: "AS-IS", no guarantees of uptime or accuracy (Articles 11-12)
🔄 Terms Changes: 30 days notice for material changes (Article 19)

Version: 3.0
Effective: January 13, 2026
Governing Law: Uzbekistan
Contact: legal@mumin.ink