API INFORMATION EXCHANGE AND USAGE AGREEMENT

Book and Go LTD, represented by Director Anton Veldanov, acting on the basis of Charter, hereinafter referred to as the "Owner", of the one part, and

_____________, represented by _______________, acting on the basis of [Charter/Power of Attorney], hereinafter referred to as the "Partner", of the other part, jointly referred to as the "Parties", have entered into this Agreement as follows:

1. TERMS AND DEFINITIONS

1.1. API (Application Programming Interface) – a programmatic interface provided by the Owner that enables the Partner to perform software integration between its System and the Owner's Service in accordance with the documentation, accessible at: https://api.bookandgo.world/.

1.2. API Key – a unique string of characters assigned to the Partner for identification, authentication, and authorization of API requests.

1.3. Owner's Service – the hotel booking system owned and operated by the Owner, accessible at: https://bookandgo.world.

1.4. Partner's System – software, website, or application used by the Partner to facilitate hotel bookings.

1.5. Data – information regarding hotels, including availability, rates, policies, restrictions, and booking status (inventory status). Data format shall be defined in the technical documentation (XML/JSON).

1.6. Documentation – includes, but is not limited to programmer guides, CDs, manuals, materials, and information appropriate or necessary for use in connection with the API.

2. SUBJECT MATTER OF THE AGREEMENT

2.1. The Owner grants the Partner a limited, revocable, non-exclusive license to use the API for the purpose of integrating the Partner's System.

2.2. Integration Purpose: Automation of search, booking, confirmation, and management processes for hotel reservations available through the Owner's Service.

2.3. This Agreement governs the use of the programmatic interface (API) and does not constitute a commercial concession (franchise) agreement.

3. RIGHTS AND OBLIGATIONS OF THE OWNER

3.1. Provide the Partner with a unique API Key within ten (10) business days following execution of this Agreement and the Partner's fulfillment of applicable security requirements.

3.2. Ensure round-the-clock API accessibility (SLA), excluding scheduled maintenance windows (for which the Owner shall provide at least twenty-four (24) hours' prior notice) and downtime resulting from force majeure events. Target uptime: 99%.

3.3. Modify the API to enhance functionality. Where modifications render a prior API version non-functional, the Owner shall notify the Partner at least thirty (30) calendar days in advance and provide updated Documentation.

3.4. Suspend or restrict the Partner's API access in the event of: technical malfunctions attributable to the Partner; excessive server load caused by the Partner (e.g., DDoS attacks, infinite request loops); or material breach of this Agreement.

4. RIGHTS AND OBLIGATIONS OF THE PARTNER

4.1. Use the API solely in manners described in the Documentation and exclusively for the purposes specified in Section 2.2.

4.2. Ensure secure storage of the API Key under conditions preventing unauthorized third-party access. The Partner assumes full liability for all actions performed using its API Key.

4.3. Comply with agreed request rate limits (to be determined individually):

Synchronous requests: no more than [__] per minute.

Status update requests (pushing updates): [__] per hour.

4.4. Ensure proper handling of Data received from the Owner:

Do not cache pricing or availability Data beyond the permitted Time-To-Live (TTL), unless otherwise specified in the Documentation.

Refrain from scraping or parsing Data to construct a competing hotel database.

4.5. Provide technical support to its end users. The Owner is responsible for API operability; the Partner is responsible for the functionality of its own website/application.

4.6. Data Protection (GDPR): The Partner undertakes to process customer personal data (full name, phone number, passport details) in compliance with applicable legislation. When transmitting personal data via the API, the Partner warrants that it has obtained the data subjects' prior consent for such transmission.

5. INTELLECTUAL PROPERTY AND CONFIDENTIALITY

5.1. All rights to the API, technical Documentation, and aggregated hotel Data are and shall remain the exclusive property of the Owner.

5.2. The Partner is prohibited from: sublicensing API access to third parties; selling or monetizing access to the API; or using the API for purposes directly competitive with the Owner's business.

5.3. The Parties undertake to maintain confidentiality regarding non-public information obtained through integration, including pricing structures, commission terms (if applicable), and internal API architecture (endpoints, security schemas), for a period of three (3) years following termination of this Agreement.

6. ONBOARDING AND TECHNICAL INTEGRATION PROCEDURE

6.1. To initiate cooperation, the Partner shall submit a technical questionnaire to the Owner (format to be provided by the Owner).

6.2. Testing Phase (Sandbox):

6.2.1. The Owner shall provide access to a sandbox environment for API testing.

6.2.2. The Partner shall perform a series of test bookings, confirmations, and cancellations.

6.2.3. Upon successful testing, the Parties shall execute a Certificate of Readiness for Production Deployment.

6.3. Transition to production environment shall occur following successful completion of testing and provision by the Partner of demo access to its operational interface for quality assurance purposes.

7. FINANCIAL TERMS AND PAYMENT PROCEDURE

7.1. Access to the API is provided free of charge.

7.2. Compensation for completed bookings shall be governed by a separate Cooperation Agreement.

8. LIABILITY AND FORCE MAJEURE

8.1. In the event of API unavailability attributable to the Owner (downtime exceeding twenty-four (24) consecutive hours), a penalty of EUR 3,000 shall apply for each hour beyond the SLA threshold.

8.2. The Partner shall be liable to the Owner for damages arising from incorrect data transmission (e.g., confirmation sent for non-existent booking, duplicate records) caused by defects in the Partner's software.

8.3. The Owner shall not be liable for: indirect or consequential damages incurred by the Partner (including loss of profit); or service disruptions caused by third parties (hosting providers, DDoS attacks, etc.).

9. TERM AND TERMINATION

9.1. This Agreement becomes effective upon execution of the Cooperation Agreement and shall remain in force indefinitely.

9.2. Either Party may terminate the Cooperation Agreement unilaterally by providing thirty (30) calendar days' prior written notice to the other Party.

9.3. Upon termination, the Owner shall revoke the Partner's API Keys within twenty-four (24) hours of receiving notice of termination. The Partner shall promptly delete all cached Data obtained via the API from its systems.