NutriAI Creator Agreement

This Creator Agreement (“Agreement”) is entered into between the Creator named in the applicable Order Form (“Creator,” “you”) and Health on Purpose Ltd, a company registered in the United Kingdom (“NutriAI,” “we,” “us,” or “our”).

This Agreement, together with the Order Form that references it, governs your engagement with NutriAI to create, manage, and distribute your content via our platform and services (collectively, the “Services”). By executing the Order Form, you indicate your acceptance to be bound by this Agreement.

1. Ownership and Content License

1.1. Ownership of Your Content. You retain full ownership of all original content you provide to NutriAI for use on the Services, including but not limited to recipes, meal plans, text, videos, images, and other materials (collectively, “Contributions”). We do not claim any ownership rights over your Contributions.


1.2. Contribution License. By providing your Contributions to us, you automatically grant, and you represent and warrant that you have the right to grant, to us an unrestricted, unlimited, irrevocable, perpetual, non-exclusive, transferable, royalty-free, fully-paid, worldwide right, and license to host, use, copy, reproduce, disclose, sell, resell, publish, broadcast, retitle, archive, store, cache, publicly perform, publicly display, reformat, translate, transmit, excerpt (in whole or in part), and distribute such Contributions (including, without limitation, your image, name, and voice) for any purpose, including commercial, advertising, or otherwise, and to prepare derivative works of, or incorporate into other works, such Contributions, and to grant and authorize sublicenses of the foregoing. The use and distribution may occur in any media formats and through any media channels.


1.3. Marketing License. The license granted in Section 1.2 includes our right to use your name, company name, trademarks, and logos that you provide in connection with the marketing, promotion, and distribution of the Services. This includes identifying you as a Creator on our corporate website and in our marketing materials.

1.4. Moral Rights. You waive all moral rights in your Contributions, and you warrant that moral rights have not otherwise been asserted in your Contributions.


1.5. NutriAI-Generated Materials. You acknowledge that NutriAI may, in its sole discretion, create intellectual property for you in connection with the Services, such as new logos, branding, or other creative assets (“NAI-Generated Materials”). NutriAI shall be the sole and exclusive owner of all rights, title, and interest in and to all NAI-Generated Materials. NutriAI grants you a limited, non-exclusive, non-transferable, revocable license to use the NAI-Generated Materials solely in connection with your use of the Services during the Term of this Agreement. This license shall immediately terminate upon the termination of this Agreement.

2. Your Responsibilities and Representations

By entering into this Agreement, you represent and warrant that: (a) Your Contributions are original to you, or you have all necessary licenses, rights, consents, and permissions to authorize us to use your Contributions as described in this Agreement; (b) The use of your Contributions on the Services does not and will not infringe the proprietary rights of any third party; (c) Your Contributions are not false, inaccurate, or misleading and are factually accurate and legally compliant; (d) Your Contributions do not violate any law, regulation, or rule, and are not obscene, defamatory, harassing, or otherwise objectionable as determined by us in our sole discretion; (e) You will not use the Services for any illegal or unauthorized purpose.

3. Acceptable Use Policy

You may not use the Services for any purpose other than that for which we make them available. You agree not to: (a) Systematically retrieve data or other content from the Services to create a collection, compilation, database, or directory without written permission from us. (b) Trick, defraud, or mislead us or other users. (c) Circumvent, disable, or otherwise interfere with security-related features of the Services. (d) Disparage, tarnish, or otherwise harm, in our opinion, us and/or the Services. (e) Use any information obtained from the Services to harass, abuse, or harm another person. (f) Upload or transmit viruses, Trojan horses, or other harmful material.

4. Data Protection and Privacy

4.1. Roles of the Parties. For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection laws, you acknowledge that with respect to the personal data of your subscribers, you are the Data Controller, and NutriAI is the Data Processor. You are solely responsible for compliance with all applicable data protection laws.

4.2. NutriAI's Obligations. As a Data Processor, we will process personal data on your behalf only for the purpose of providing the Services and in accordance with your lawful instructions.

4.3. Data Processing Addendum (DPA). The processing of personal data on your behalf is governed by the NutriAI Data Processing Addendum, which is attached as Annex 1 to this Agreement and is incorporated herein by reference.

5. Term and Termination

5.1. Term. This Agreement shall commence on the Effective Date specified in the Order Form and remain in full force and effect until terminated by either party.

5.2. Termination. Termination rights, including notice periods, shall be as set forth in the applicable Order Form. If not specified in the Order Form, either party may terminate this Agreement by providing the other party with sixty (60) days' written notice.

5.3. Effect of Termination. Upon termination, your right to use the Services as a Creator will cease. We will cease to offer or sell new subscriptions to your Contributions. The Contribution License (Section 1.2) shall survive termination to allow NutriAI to fulfill its obligations to your then-existing subscribers for the remainder of their current paid subscription periods and for archival, legal, and operational purposes thereafter.

6. Disclaimer of Warranties

THE SERVICES ARE PROVIDED ON AN AS-IS AND AS-AVAILABLE BASIS. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SERVICES AND YOUR USE THEREOF.

7. Limitations of Liability

N NO EVENT WILL WE OR OUR DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, SPECIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFIT, LOST REVENUE, OR LOSS OF DATA, ARISING FROM YOUR USE OF THE SERVICES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

8. Indemnification

You agree to defend, indemnify, and hold us harmless from and against any loss, damage, liability, claim, or demand, including reasonable attorneys’ fees and expenses, made by any third party due to or arising out of: (1) your Contributions; (2) your use of the Services; (3) your breach of this Agreement; or (4) your violation of the rights of a third party.

9. Miscellaneous

9.1. Governing Law. This Agreement shall be governed by and construed in accordance with the laws of England and Wales.

9.2. Entire Agreement. This Agreement, the applicable Order Form, and Annex 1 constitute the entire agreement between you and NutriAI concerning the subject matter hereof and supersede all prior agreements.

9.3. No Partnership. Nothing in this Agreement shall be deemed to create a partnership, joint venture, agency, or employment relationship between the Parties.

9.4. Assignment. We may assign any or all of our rights and obligations to others at any time. You may not assign this Agreement without our prior written consent.

9.5. Severability. If any provision of this Agreement is determined to be unlawful, void, or unenforceable, that provision is deemed severable and does not affect the validity and enforceability of any remaining provisions.

Annex 1: Data Processing Addendum (DPA)

This Data Processing Addendum (“DPA”) forms part of the Creator Agreement and is entered into between NutriAI (as “Processor”) and the Creator (as “Controller”).

1. Definitions For the purpose of this DPA, the terms “Personal Data”, "Processing", “Data Subject”, "Controller", and "Processor" shall have the meanings given to them in the GDPR.

2. Processing of Personal Data 2.1. Processor shall only process Personal Data on behalf of and in accordance with Controller’s documented lawful instructions for the following purposes: (i) processing in accordance with the Agreement and applicable Order Form(s); and (ii) processing initiated by end-users in their use of the Services. 2.2. The details of the data processing activities are described in Appendix 1 to this DPA.

3. Processor’s Obligations Processor agrees to: (a) Implement and maintain appropriate technical and organizational measures to ensure a level of security appropriate to the risk, as described in Appendix 2. (b) Ensure that its personnel authorized to process Personal Data have committed themselves to confidentiality. (c) Provide reasonable assistance to the Controller in responding to Data Subject rights requests. (d) Notify the Controller without undue delay upon becoming aware of a Personal Data Breach. (e) Upon request, make available to the Controller all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR and allow for and contribute to audits.

4. Sub-processing 4.1. Controller provides a general written authorization for Processor to engage third-party sub-processors to process Personal Data. Processor shall ensure that such sub-processors are bound by data protection obligations no less protective than those in this DPA. 4.2. Processor shall maintain a list of its current sub-processors, provided in Appendix 3, and shall inform Controller of any intended changes concerning the addition or replacement of other sub-processors, thereby giving the Controller the opportunity to object to such changes.

5. Data Transfers Processor shall not transfer Personal Data to a country outside the UK or European Economic Area (EEA) without an adequate level of protection, unless it has put in place appropriate safeguards, such as the Standard Contractual Clauses (SCCs), to ensure the protection of Personal Data.

6. Deletion of Data Upon termination of the Agreement, Processor shall, at the choice of the Controller, delete or return all the Personal Data to the Controller after the end of the provision of services relating to processing, and delete existing copies unless Union or Member State law requires storage of the personal data.

Appendix 1 to the DPA: Details of Processing

  • Subject-Matter and Duration of Processing: To provide the Services as described in the Agreement for the duration of the Agreement.

  • Nature and Purpose of Processing: To host and manage a platform that allows Creators to distribute nutrition plans and content to their subscribers, and to manage subscriber data, payments, and analytics on behalf of the Creator.

  • Types of Personal Data: Name, email address, payment information, subscription status, usage data, device information, IP address, and any personal data contained within user-generated content or communications.

  • Categories of Data Subjects: End-users and subscribers of the Creator who access the content via the NutriAI platform.

Appendix 2 to the DPA: Technical and Organizational Security Measures

NutriAI shall implement and maintain the following measures:


  1. Data Encryption: All Personal Data is encrypted in transit using TLS 1.2+ and at rest using industry-standard encryption protocols (e.g., AES-256).

  2. Access Control: Access to Personal Data is restricted to authorized personnel on a need-to-know basis, using role-based access controls and strong authentication methods.

  3. System Security: Regular security assessments, vulnerability scanning, and patching are performed to protect systems from threats.

  4. Breach Detection and Response: Monitoring systems are in place to detect and alert on suspicious activity. A documented incident response plan is maintained to address security incidents promptly.

  5. Data Resilience: Regular data backups are performed to ensure data can be restored in case of loss or corruption.


Appendix 3 to the DPA: List of Sub-processors

As of the Effective Date, NutriAI uses the following sub-processors:

  • Stripe, Inc. (Payment Processing) - USA

  • Amazon Web Services, Inc. (Cloud Hosting) - Ireland/USA

  • Google LLC (Analytics and Cloud Services) - USA

  • Twilio Inc. (Transactional Email) - USA



This list may be updated from time to time in accordance with Section 4.2 of this DPA.


Company Name: Health on Purpose Ltd

Company Registration Number: 13645010

Place of Registration: England and Wales

Registered Office Address:

86-90 Paul Street,

London,

England,

United Kingdom,

EC2A 4NE

© 2025 Health On Purpose Ltd | All rights reserved.