0. Scope and Which Terms Apply

These Business Terms of Service (the “Business Terms”) are entered into between Dendrite Systems Inc. (d/b/a Strawberry) (“Strawberry,” “we,” or “us”) and the legal entity, organization, partnership, sole-trader business, freelance or professional practice, or other unincorporated business that accepts these Business Terms through an authorized representative (“Customer,” “you”). The Service is offered solely for use by businesses. Strawberry does not offer the Service to consumers or to individuals for personal, family, or household purposes.

Business Use. These Business Terms apply to all Business Use of the Service. “Business Use” means any use of the Service on behalf of, for the benefit of, or in connection with an employer, company, organization, partnership, sole-trader business, freelance or professional practice, or other legal entity, including use by any individual in the course of their employment, engagement, or professional activity.

No consumer use. The Service is intended only for Business Use. By accepting these Business Terms, the individual accepting represents and warrants that (a) they are at least 18 years old, (b) they are authorized to accept these Business Terms on behalf of, and to register the Account for, the Customer, and (c) they are not registering the Account for personal, family, or household use. The Service is not intended to be offered to, and shall not be used by, consumers within the meaning of Directive 2011/83/EU, the Swedish Konsumentköplagen (2022:260), Lag (2022:1041) om leverantörers ansvar för konsumenters skydd vid digitala tjänster, the California Consumer Legal Remedies Act, or equivalent consumer-protection legislation. If you are an individual seeking to use the Service for personal, family, or household purposes, you may not register an Account.

By clicking “I accept,” or by downloading, installing, or otherwise accessing or using the Service for Business Use, you agree to these Business Terms,

• our Privacy Policy,
• our Acceptable Use Policy,
• our Data Processing Agreement attached as Appendix 1 (the “DPA”) which includes
• our Subprocessor List:

(together, these “Terms”).

Strawberry's EU establishment for the purposes of the GDPR is Strawberry Browser AB (former Dendrite Systems AB), Organisationsnummer: 559563-5359, Kungsgatan 54, 111 35 Stockholm, Sweden.

Feature availability. Certain features described in these Business Terms (and in the Privacy Policy, DPA, and Acceptable Use Policy) may not be available in all versions of the Service or in all regions, and may be added, modified, restricted, or removed by Strawberry from time to time. Where a feature is not currently available, the corresponding provisions take effect only with respect to Customer and its Users where and when the feature is enabled.

1. Service Overview

Strawberry is a browser with built-in artificial-intelligence assistants that work alongside authorized users on any website (the “Service”). The Service can, among other things, research companies, find leads on other platforms, use your CRM, summarize meeting notes, draft follow-ups, and automate tasks across websites and connected third-party applications (“Connected Apps”).

Outputs and Actions. The Service may generate responses (“Outputs”) and take actions on Customer's behalf, including software manipulation, data retrieval and transmission, form submissions, communications with third parties, transactions, and interactions with websites and Connected Apps (“Actions”). The Service is designed with human oversight in mind: it completes tasks, but consequential decisions remain with the user. Customer is responsible for all Actions performed through its Account as set out in Section 3 and Section 10.

2. Authorized Users and Roles

Customer may permit its employees, contractors, and other authorized personnel (“Users”) to use the Service on Customer's behalf under these Business Terms. Customer is responsible for each User's compliance with these Terms and for all acts and omissions of its Users. Users must be at least 18 years old.

User roles and permission levels. The Service supports differentiated permission levels for Users (“Roles”) that govern access to features, administrative controls, billing and seat management, Connected Apps, audit logs, Activity Memory settings (where the feature is enabled), and other functionality. Strawberry determines from time to time the set of Roles that the Service makes available, and the default capabilities, restrictions, and naming associated with each Role. As of the date of these Business Terms, Strawberry makes available Roles labelled “Owner,” “Admin,” and “Member,” without limitation; Strawberry may add, modify, rename, consolidate, or remove Roles, change the capabilities associated with any Role, or introduce additional Roles (including more granular or usage-based tiers) at any time. Where the change would materially restrict Customer's existing administrative functionality, Strawberry will provide reasonable advance notice. Within the Roles made available by the Service, Customer is responsible for (a) designating Users to specific Roles, (b) applying any additional restrictions on Users' access or use that the Service permits Customer to configure, and (c) ensuring that Roles are assigned in a manner consistent with Customer's internal policies, applicable law (including data-protection law), and these Terms. Customer shall maintain at all times at least one User with the most senior administrative Role made available by the Service (currently labelled “Owner”), who shall be authorized to bind Customer in respect of the Account.

3. Accounts and Responsibility

Customer is responsible for (a) maintaining the confidentiality of its and its Users' login credentials; (b) all activity that occurs under the Account, including content published, messages sent, data accessed or modified, Actions taken (including Actions taken by the Service in response to content encountered through a session or through a Connected App), purchases and transactions; and (c) compliance with the terms and acceptable-use policies of any third-party website or Connected App the Service interacts with, including restrictions on automated or AI-driven access.

Customer shall promptly notify Strawberry at hello@strawberrybrowser.com if it believes the Account has been compromised or is subject to unauthorized access, or if suspicious behavior is observed (see Section 10).

4. Fees and Subscriptions

Customer shall pay all fees associated with its use of the Service. Unless otherwise specifically provided, fees are in U.S. Dollars, are non-refundable, and are exclusive of applicable taxes. Customer authorizes Strawberry (and our payment processors) to charge the payment method on file, including for recurring subscription renewals. Strawberry may change fees on 30 days' advance notice. Delinquent accounts may be suspended.

5. License to Use the Service

Subject to compliance with these Terms, Strawberry grants Customer a non-exclusive, non-transferable, non-sublicensable, revocable license, for the Subscription Term, for Customer and its Users to install and use one object-code copy of any downloadable application associated with the Service, and to access and use the Service for Customer's internal business purposes.

Except where applicable law prohibits such a restriction, Customer and its Users may not reproduce, distribute, publicly display or perform, or create derivative works of the Service; modify the Service; or interfere with or circumvent any feature of the Service, including any security or access-control mechanism.

Feedback. If Customer provides suggestions or feedback (“Feedback”), Customer grants Strawberry an unrestricted, perpetual, irrevocable, non-exclusive, fully-paid, royalty-free license to use the Feedback for any purpose, including to improve the Service.

6. Connected Apps and Third-Party Content

The Service may enable Customer to connect or export information to third-party applications and services (“Connected Apps”). By using these features, Customer authorizes Strawberry to access and transfer such information on Customer's behalf. Connected Apps are not under Strawberry's control, and, to the fullest extent permitted by law, Strawberry is not responsible for any Connected App's use of Customer's exported information.

Third-party content is untrusted. The Service routinely processes content from websites, emails, documents, and Connected Apps. Such content may contain instructions, hidden text, or other material intended to influence or manipulate the Service (“Adversarial Content”). Customer acknowledges that Strawberry does not control such content and, subject to Section 15, is not responsible for the consequences of the Service interacting with such content.

7. Customer Data and User Content

“User Content” means all content Customer and its Users submit, upload, or transmit to the Service, including messages, prompts, files, data, and any other works. Customer retains all rights in its User Content.

License grant. Customer grants Strawberry a worldwide, non-exclusive, royalty-free license to host, store, transfer, reproduce, and modify User Content solely as necessary to (i) provide, maintain, develop, and secure the Service, (ii) prevent or address technical or security issues, fraud, or abuse, (iii) comply with applicable law and enforce these Terms, and (iv) derive technical logs and diagnostic data. Strawberry shall not use Customer's User Content to train Strawberry's or any third party's generative AI models unless Customer expressly opts in in writing.

Storage. User Content is processed and stored both locally on the User's device and in Strawberry's cloud infrastructure. Strawberry is in the course of transitioning to primary cloud storage; the balance between local and cloud storage may shift during the term of these Business Terms. The technical and organizational measures applied to User Content are described in the DPA (Appendix B). Storage location and Sub-Processors are listed in the Subprocessor List referenced in the Privacy Policy and DPA.

7.1 Activity Memory (where enabled)

Availability. Activity Memory is an optional feature that may not be available in all versions of the Service. The provisions of this Section 7.1 take effect only with respect to Customer and Users where and when the feature is enabled by Strawberry and opted in to by the relevant User. Where Activity Memory is not available or not enabled, no Activity Memory data is captured or processed.

What Activity Memory is. Where enabled by a User, the Service may capture periodic screenshots of the User's screen and analyse on-screen content while the Service is active, in order to build a persistent log of User activity and provide continuity, personalization, and improved assistance. Activity Memory may therefore record content from applications and websites outside the Strawberry browser (including content shown on the User's display, in other browser tabs, or in other applications running on the User's device). Activity Memory does not record keystrokes and does not capture biometric identifiers.

Opt-in and opt-out. Where the feature is available, Activity Memory is disabled by default. Each User will be asked to explicitly opt in before Activity Memory is enabled on their device, and each User can disable (opt out of) Activity Memory at any time in account settings. Customer may also disable Activity Memory org-wide, or require Users to leave Activity Memory disabled, through available administrative controls.

Customer responsibility. Where Activity Memory is enabled by Customer or by a User, because Activity Memory captures screenshots and on-screen content, Customer is responsible for ensuring that its enablement and use complies with all applicable laws and Customer's own policies, including without limitation: (a) workplace- and employee-monitoring laws (including notice, consultation, and works-council requirements in the EU, and Swedish co-determination obligations under MBL where applicable); (b) confidentiality and trade-secret obligations owed to Customer's own customers, counterparties, and regulators; (c) data-protection obligations as Controller under the DPA, including lawful basis, Article 13–14 notices, and, where required, a Data Protection Impact Assessment under Article 35 GDPR; and (d) the Prohibited Inputs rules in Section 6 of the Acceptable Use Policy. Customer shall not enable or permit enablement of Activity Memory on any device used in a context where doing so would violate applicable law or a third party's rights.

7.2 Representations

Customer represents and warrants that it has all rights, licenses, and consents necessary to submit User Content to the Service and to direct the Service to process User Content as contemplated by these Terms, including for any personal data contained in User Content. Customer shall not submit Prohibited Inputs as defined in Section 6 of the Acceptable Use Policy.

8. Acceptable Use

Customer and its Users shall use the Service only in compliance with these Terms, including our Acceptable Use Policy, which is incorporated by reference. The AUP addresses prohibited uses, AI-Act restrictions, agentic-use standards, high-risk use limitations, prohibited inputs, and security-related conduct. Customer is responsible for its Users' compliance with the AUP. Violation of the AUP is a material breach.

9. Security; Compliance Certifications

Strawberry maintains a security program designed to protect the Service and the data processed through it. The technical and organizational measures applied to Personal Data processed on behalf of Customer are set out in Appendix B to the DPA.

SOC 2. Strawberry has been assessed under the AICPA Trust Services Criteria for Security (SOC 2 Type 1, report as of 13 May 2026, issued by Prescient Assurance LLC). The SOC 2 report is confidential and made available to Customers under non-disclosure agreement on request to security@strawberrybrowser.com. Customer acknowledges that a SOC 2 Type 1 report assesses the design of controls at a point in time only and does not provide assurance regarding the operating effectiveness of controls over a period. Strawberry's security commitments are designed to operate in conjunction with the customer-side controls set out in Appendix D to the DPA (“Customer Security Responsibilities”).

10. Agentic AI, Adversarial Content, and Customer Supervision Duty

Nature of the Service. The Service processes content Customer provides and content it encounters when interacting with websites, Connected Apps, or other sources on Customer's behalf. By design, the Service reads and acts upon instructions contained in such content. Although Strawberry implements commercially reasonable safeguards to reduce the risk of prompt injection and similar manipulation, such safeguards are not perfect and the risk of a successful attack is not zero. The Service is designed with human oversight in mind: it completes tasks, but consequential decisions remain with the user.

Customer acknowledgments and obligations. Customer acknowledges and agrees that:

• Outputs may be inaccurate, incomplete, misleading, or not reflective of recent events and must be independently evaluated before reliance, particularly in any context where reliance could cause financial, legal, medical, reputational, or other significant harm;
• Customer shall supervise Actions taken by the Service and, to the extent the Service offers approval flows, confirmation prompts, or restricted-action settings, shall enable and use them for sensitive operations (including sending messages or emails, making payments or transactions, sharing or publishing content, modifying security or privacy settings, or any irreversible actions);
• Current approval-flows. As of the date of these Terms, the Service provides approval-flows or confirmation prompts for certain sensitive Actions, including sending emails, most destructive file and account deletions, saving content to Activity Memory from incognito browsing (where the feature is enabled), and starting a new agent session. Strawberry is continuously working to extend approval-flows to additional Action categories, including payments, disconnections of connected accounts, bulk data exports, and submissions to external forms. Where the Service offers a mode that bypasses approval-flows (sometimes called “auto-run” or equivalent), Customer acknowledges that enabling such a mode increases the risk of unintended consequences from Adversarial Content and that Customer is solely responsible for Actions taken while such a mode is active. Strawberry may update the list of Actions covered by approval-flows from time to time. Customer is responsible for configuring the Service (including, where available, organization-wide controls) to require approval-flows for its Users.
• Customer shall not connect the Service to accounts, data sources, or Connected Apps where the consequence of a successful prompt injection, hallucination, or similar failure would be disproportionately harmful, including (without limitation) core banking or brokerage systems without approval flows, healthcare or patient-data systems, critical infrastructure systems, and systems containing Sensitive Data (as defined in the Privacy Policy));
• Customer shall promptly report suspicious behavior, unexpected Actions, or suspected prompt-injection events to security@strawberrybrowser.com;
• Customer shall not use the Service for regulated workloads (e.g., processing of data regulated under HIPAA or similar healthcare-data laws, PCI-DSS-regulated cardholder data, or other regulated data) unless a separate written agreement with Strawberry expressly permits such use.
• High-risk domains and AI Act Article 50. Customer shall not use the Service to provide advice, decisions, or recommendations in the following domains without review by a qualified professional in that domain prior to reliance: legal, healthcare, insurance, finance, employment, housing, academic testing, and media/journalism. As provider of the Service, Strawberry ensures that users of the Service are informed they are interacting with AI. As deployer of the Service, Customer is responsible, to the extent applicable to Customer, for informing third parties when they receive AI-generated content from Customer (including emails, messages, or other communications drafted by the Service and sent through Connected Apps), consistent with applicable law including Article 50(4) of the EU AI Act. Any consumer-facing chatbot or interactive AI agent Customer deploys using the Service must disclose to users that they are interacting with AI rather than a human, consistent with Article 50(1).

11. Modification of Terms

Strawberry may update these Business Terms from time to time. Material revisions will take effect 30 days after posting or notice to Customer, unless otherwise stated. If Customer does not agree to the revised Business Terms, Customer may terminate its subscription as its sole and exclusive remedy.

12. Trial

If Customer receives access to the Service on a free, trial, pilot, evaluation, alpha, beta, or early-access basis (a “Trial”), the Trial is permitted only for Customer's internal evaluation during the designated period. Strawberry provides no warranty, indemnity, or support for the Trial, and liability for the Trial shall not exceed US$50.

13. Term, Termination, and Effect

These Business Terms begin when Customer accepts them or first uses the Service for Business Use and continue for the Subscription Term selected by Customer. Either party may terminate for material breach not cured within 30 days of written notice. Strawberry may suspend the Service immediately for security, legal, or AUP-violation reasons. Upon termination, Customer's license rights end, each party shall cease use of the other's confidential information, and Sections 3, 5 (Feedback), 7, 9, 10, 13, 14, 15, 16, 17, and 18 shall survive. The DPA shall continue to apply with respect to any Personal Data retained during the deletion window.

14. Indemnification

Strawberry Indemnification. Subject to Section 14.3, Strawberry shall defend Customer against any third-party claim alleging that Customer's paid use of the Service in accordance with these Terms infringes such third party's intellectual property rights (an “IP Claim”), and shall indemnify Customer against any damages finally awarded or agreed in settlement by Strawberry with respect to such IP Claim.

Customer Indemnification. Customer shall defend and indemnify the Strawberry Entities from and against any third-party claim and related liabilities, damages, losses, and expenses (including reasonable attorneys' fees) arising out of or connected with: (1) Customer's or its Users' unauthorized use or misuse of the Service; (2) Customer's or its Users' violation of these Terms (including the AUP) or applicable law; (3) Customer's User Content; (4) Actions performed by the Service at Customer's direction or through Customer's Account, including Actions initiated in response to content encountered through Customer's use of the Service; (5) Customer's failure to supervise or configure the Service in accordance with Section 10 and Strawberry's documented security guidance; and (6) any claim by a third party whose personal data was processed through the Service based on Customer's instructions.

Procedure and Exclusions. The indemnified party shall promptly notify the indemnifying party of the claim, permit the indemnifying party to control the defense and settlement (provided that no settlement may admit liability or require payment by the indemnified party without its consent), and reasonably cooperate. Neither party shall have indemnification obligations for claims arising from the indemnified party's fraud, willful misconduct, violations of law, or breach of these Terms.

15. Disclaimers

THE SERVICE AND OUTPUTS ARE PROVIDED “AS IS” AND “AS AVAILABLE.” TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, STRAWBERRY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING ANY WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, QUIET ENJOYMENT, OR NON-INFRINGEMENT, AND ANY WARRANTY ARISING OUT OF COURSE OF DEALING OR USAGE. STRAWBERRY DOES NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, SECURE, OR FREE OF ERRORS, VIRUSES, OR OTHER HARMFUL COMPONENTS. CUSTOMER ACKNOWLEDGES THAT THE SERVICE RELIES ON ARTIFICIAL INTELLIGENCE AND PRODUCES PROBABILISTIC OUTPUTS THAT MAY NOT BE ACCURATE, COMPLETE, OR ERROR-FREE.

16. Limitation of Liability

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL EITHER PARTY BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING DAMAGES FOR LOSS OF PROFITS, REVENUE, BUSINESS, GOODWILL, OR DATA, ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STATUTE, OR OTHERWISE, AND REGARDLESS OF WHETHER THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING EXCLUSION SHALL NOT APPLY TO (A) A PARTY'S GROSS NEGLIGENCE OR WILLFUL MISCONDUCT, (B) A PARTY'S INDEMNIFICATION OBLIGATIONS UNDER SECTION 14, (C) A PARTY'S BREACH OF CONFIDENTIALITY, OR (D) CUSTOMER'S PAYMENT OBLIGATIONS.

EXCEPT FOR THE EXCLUSIONS IN THIS SECTION 16, EACH PARTY'S AGGREGATE LIABILITY ARISING OUT OF OR RELATED TO THESE TERMS SHALL NOT EXCEED THE FEES PAID OR PAYABLE BY CUSTOMER TO STRAWBERRY UNDER THESE TERMS IN THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE LIABILITY.

17. Dispute Resolution; Governing Law

These Business Terms are governed by the laws of the State of California, without regard to its conflict-of-laws rules. The parties submit to the exclusive jurisdiction of the state and federal courts located in San Francisco, California, for any dispute arising out of or relating to these Business Terms. For Customers established in the European Economic Area, the United Kingdom, or Switzerland, the courts of the Customer's jurisdiction of establishment shall have concurrent jurisdiction, and mandatory local law shall apply to the extent it provides greater protection.

18. Personal Data; Data Processing Agreement

The Parties acknowledge that, in the course of providing the Service, Strawberry processes Personal Data on Customer's behalf as data processor. The terms of such processing are governed by the Data Processing Agreement attached as Appendix 1 (the “DPA”), which forms an integral part of these Business Terms and is accepted by Customer upon acceptance of these Business Terms. Where Strawberry processes Personal Data as a data controller for its own administrative, billing, security, and compliance purposes, such processing is governed by Strawberry's Privacy Policy.

19. Miscellaneous

These Business Terms, together with the Privacy Policy, the AUP, and the DPA, constitute the entire agreement between Customer and Strawberry regarding the Service. Customer may not assign these Business Terms without Strawberry's prior written consent (except to an affiliate or in connection with a merger or sale of substantially all assets, on notice to Strawberry); Strawberry may assign these Business Terms. If any provision is held unenforceable, the remaining provisions remain in full force and effect. Order Forms or Enterprise Agreements executed by both parties shall prevail over these Business Terms to the extent of any conflict.

Contact: Dendrite Systems Inc., 28 Geary St. STE 650 #1826, San Francisco, CA 94108, USA; EU establishment: Strawberry Browser AB (former Dendrite Systems AB), Kungsgatan 54, 111 35 Stockholm, Sweden. Email: hello@strawberrybrowser.com.

APPENDIX 1 — Data Processing Agreement

The Data Processing Agreement between Customer (as Controller) and Dendrite Systems Inc. (as Processor), including Appendices A (Processing Details), B (Technical and Organizational Measures), C (Standard Contractual Clauses), and D (Customer Security Responsibilities), is delivered as a separate document and incorporated into these Business Terms by reference. The current version is available at our website.