1.1 In this Agreement, the following words shall have the following meanings:
“Additional Services” any Implementation Services or other ‘optional extras’ explicitly set out or referred to in the Order Form (which may include set-up, configuration, training, new DBS checks, migration, consultancy or integration services);
“Administrative Users” individuals who have been authorised by Customer to have certain Customer administrative privileges to the Service;
"Credentially API" has the meaning given to it in clause 9.8 (integrations);
"Credentially API Documentation" the Company's documentation relating to the Credentially API (which is available from the Company following written request), as such documentation is updated by the Company from time to time;
“Agreement” these Terms and Conditions, the Order Form, DPA, SLA, and Privacy Policy together. This Agreement is formed (and becomes legally binding) when the parties complete and sign the Order Form;
“Authorised Users” the Administrative Users and End Users. The total number of Authorised Users shall be subject to the limits set out in the Order Form;
“Company” the ‘company’ named in the Order Form;
“Confidential Information” any and all non-public information in whatsoever form relating to the Company or the Customer, or to the business, prospective business, finances, technical processes, computer software (both source code and object code), Intellectual Property Rights or finances of the Company or the Customer (as the case may be);
“Consequential Loss" pure economic loss; indirect loss; consequential loss; special loss; losses incurred by any End User, client of Customer, or other third party; losses arising from business interruption; loss of profits, business revenue, goodwill or anticipated savings; costs of procuring substitute goods, services or product(s); or wasted management or staff time;
“Customer Data” all information, materials and data (which may include personal data) that the Customer or the Authorised Users: (a) provide to the Company; and/or (b) upload to or store (or request that the Company uploads to or stores) within the Service, including any such data published or made available through the Credentially API. Customer Data excludes any data which is owned or created by, or on behalf of: (a) the Company and/or its third party licensors; or (b) end users who have also registered with the Company directly (or with another Company customer) (whose data the Company will use in accordance with the Company’s contract with such user or customer, as applicable);
“Customer” the ‘customer’ named in the Order Form;
“Data Protection Legislation” all applicable data protection and privacy laws and guidance including Regulation (EU) 2016/679 (the "General Data Protection Regulation" or "GDPR"), Directive (EU) 2016/680 (“the Law Enforcement Directive”, or “LED”), and the Privacy and Electronic Communications (EC Directive) Regulations, Data Protection Act 2018 and any guidance or codes of practice issued by any data protection regulator from time to time;
“DPA” the DPA as amended from time to time published at https://www.credentially.io/terms-policies/dpa;
“End Users” any individual (excluding any Administrative User) who has been authorised by the Customer to access the Service;
“Feedback” feedback, innovations or suggestions created by Authorised Users or the Customer regarding the attributes, performance or features of the Service;
“Fees” the licence fees (including any fees for extra licences), and any fees for Additional Services or other products or services set out or referred to in the Order Form (as may vary in accordance with the Order Form, or be increased in accordance with clauses 6.2, 6.5 and 6.6);
“Force Majeure” anything outside the reasonable control of a party, including any acts of God, fire, storm, flood, earthquake, explosion, accident, acts of the public enemy, war, rebellion, insurrection, sabotage, act of terrorism, epidemic, pandemic, quarantine restriction, labour dispute, labour shortage, strike, power shortage or failure, networks or telecommunications (including the Internet) being unavailable to Company, server crashes, deletion corruption loss or removal of data by a third party, transportation embargo, failure or delay in transportation, any act or omission (including any change in applicable laws, or any disapprovals or failures to approve) of any government or government agency;
“Implementation Services” any standard implementation services set out in the Order Form including any implementation services specified in the Order Form as being provided by the Company for any 'optional extras';
“Initial Term” the initial term set out in the Order Form;
“Intellectual Property Rights” all copyrights, rights in software and code, patents, utility models, trade marks, service marks, registered designs, moral rights, design rights (whether registered or unregistered), technical information, know-how, database rights, business or trade names and logos, know-how, proprietary and confidential information rights and all other intellectual property and similar proprietary rights (and all applications and rights to apply for registration or protection of any of the foregoing, and any extensions or renewals) as may exist at any time anywhere in the world;“Order Form” the Credentially Software as a Service Agreement order form referring to these Terms and Conditions completed and signed by the Parties for the Service;
“Privacy Policy” the privacy policy published at www.credentially.io/terms-policies/privacy-policy as amended from time to time;
“Renewal Term” has the meaning set out in clause 5.1;
“Service” the Company’s software product(s) set out in the Order Form which are made available to the Customer by means of a managed (hosted) service in accordance with the terms of this Agreement (and including any computer software programmes, Credentially API) in each case, all Updates ;
“SLA” the Credentially Software as a Service ‘Service Level Agreement’ (which, after the Initial Term, may be amended from time to time by the Company by providing the updated version to the Customer, or as published on the Company’s website from time to time);
“Start Date” the ‘start date’ set out in the Order Form;
"Suitability" means lawfulness, reliability, integrity, accuracy, quality, fitness for purpose, completeness, availability, reliability and suitability;
“Support and Maintenance” the support and maintenance services specified in the SLA (and “Maintenance” shall be construed accordingly);
“Term” the Initial Term and any Renewal Term(s);
“Terms and Conditions” these Credentially Software as a Service Agreement terms and conditions (which may be amended at any time: (a) if required for legal reasons or change in applicable law or guidance; or (b) after the Initial Term, for any reason by the Company, in each of cases (a) and (b) by the Company publishing an updated version at www.credentially.io/terms-policies/terms-and-conditions, or providing the updated version to the Customer);
"Third Party Services" has the meaning set out in clause 9.5;
“Updates” any: (a) developments, configurations, modifications to the Service or underlying software; (b) Releases and Patches (as defined in the SLA); and (c) new or updated versions, applications services, interfaces and other integrations, or tools (including any computer software programmes) made available by the Company as part of the Service.
1.2. Interpretation: Any phrase introduced by the terms ‘including’, ‘include’, ‘in particular’, ‘for example’, 'such as', or any similar expression shall be construed as illustrative and shall not limit the sense of the words or phrase preceding those terms. The rights and remedies provided in this Agreement are (unless otherwise expressly provided under this Agreement) cumulative and not exclusive of any other rights, and/or remedies. References to: (a) ‘applicable law’ means to any law, regulation, governmental order, or court order applicable to this Agreement or either party in any relevant jurisdiction; (b) any specific laws shall be to those laws as amended, updated or re-enacted from time to time; (c) the terms ‘loss’ and ‘losses’ include any losses, costs (including reasonable legal costs), damages, liabilities, charges, fines, penalties, and expenses; and (d) ‘writing’ or ‘written’ includes emails.
2.1 The Company agrees to use commercially reasonable efforts to make the Service available to the Customer, in accordance with the availability service level set out in the SLA (except during Maintenance) from the Start Date for the Term.
2.2 The Company shall: (a) provide the Implementation Services : in accordance with the warranty set out in clause 9.2(b); and (b) use commercially reasonable efforts to make available any other Additional Services whilst the Service is available, provided that any Additional Services which are, or use, any Third Party Services shall be provided in accordance with clauses 9.5 to 9.8 inclusive (third party services). From the go-live of the Service (being when Administrative Users first have access to the Service), the Company shall, subject to the payment of the Fees, provide Support and Maintenance in accordance with the SLA.
2.3 Where the Order Form permits the Customer to order ‘extra user licences’ or any ‘optional extras’ (“Extras”) in respect of the Service, the Customer may (except if otherwise indicated as payable in the Order Form) from time to time order such Extras by emailing the Company contact indicated in the Order in advance (specifying the Extras required in sufficient detail), and paying to the Company any applicable one-off and recurring fees for such Extras.
2.4 Except as explicitly set out or referred to in an Order Form, all other professional services (including any other set-up, configuration, training, migration, consultancy and integration services) are outside the scope of this Agreement. The parties may agree that the Company will provide such professional services under a separate Order Form and/or agreement.
3.1 Subject to the terms of this Agreement and the Customer’s payment of the Fees, the Company grants the Customer a non-exclusive, revocable, and non-transferable licence to permit Authorised Users to use the Service from the Start Date during the Term solely for, in respect of: (a) Administrative Users, the Customer’s internal business operations as part of the Customer’s website/desktop architecture, to manage End Users and to scan the Customer’s own networks and systems; and (b) End Users, onboarding to the Service and managing their own personal compliance through the Service. Where open source software is used as part of the Service, such software use by the Customer will be subject to the terms of the open source licences. Authorised Users shall only be entitled to access the Credentially API (which forms part of the Service) solely for the purposes of integrating mutually agreed Customer Licensed Products (as defined in clause 9.8 (integrations)) with the Service, and making calls on the Credentially API to interact with the Customer Licensed Products in accordance with clause 9.8 (integrations).
3.1 The Customer has no right to obtain source code for the software contained within the Service. The Customer shall not (and shall not permit the Authorised Users or any third party to) disassemble, decompile (except as set out in the rest of this clause 3.2), reverse engineer, copy, modify, adapt, maintain, translate, commercially exploit, or create derivative works of the Service or the software comprised within the Service. To the extent that the Customer is granted the right by law to decompile such software in order to obtain information necessary to render the Service interoperable with other software (and upon written request by the Customer identifying relevant details of the Service with which interoperability is sought and the nature of the information needed), the Company will provide access to the Credentially API, or other relevant code or information (in accordance with the provisions of clause 9.8). The Company has the right to impose reasonable conditions (including the imposition of a reasonable fee) for providing such access and information.
3.3 The Customer shall not (and shall and not permit the Authorised Users or any third party to): (a) lease, loan, rent, resell, assign, licence, sub-licence, distribute, transfer, or directly or indirectly permit third parties (other than Authorised Users) to access (or use on behalf of a third party) the Service; (b)use the Service to: (i) build a competitive product or service, or copy its features; (ii) provide any service which is the same as or similar to the Service; or (iii) provide ancillary services (or any hosted or bureau service) related to the Service; (c) circumvent or bypass any technological protection measures in the Service; (d) remove any proprietary marks or copyright notices from the Service; or (e) use the Service: (i) in a way that (or to provide or upload content that) is prohibited by applicable law, violates any rights of the Company or any third party (or which is offensive, abusive, indecent, obscene, dishonest, threatening, defamatory, fraudulent or otherwise improper), or which could impair a third party’s use of the Service; (ii) to gain unauthorised access to or disrupt any service, device, data, account or network (or attempt to do the same); or (iii) to spam or distribute viruses or any malware. The Customer shall not do (or omit to do) anything which damages or could reasonably be expected to damage the Service or the Company's (or its licensors') business or reputation. The Customer shall not use the Service, or any results, data or content from it: (a) in any publicly distributed ledger; or (b) to directly or indirectly train any artificial intelligence tool or machine learning algorithm.
4.1 All Intellectual Property Rights and interest in, title to and ownership of, the Service (save any Customer Data, Customer Intellectual Property Rights or third party owned item within the Service), and all other data and materials provided by the Company or through the Service under this Agreement, belong to and shall remain with the Company and/or its licensors or subcontractors. No interest or ownership in the Service, the Company Intellectual Property Rights or otherwise is transferred to the Customer under this Agreement.
4.2 The Customer shall retain sole ownership of all rights, title and interest in and to Customer Data and Customer’s pre-existing (or independently developed) Intellectual Property Rights and shall be solely responsible for ensuring and verifying the Suitability of the Customer Data. The Customer grants the Company a non-exclusive licence to use, copy, modify and incorporate in the Service, Customer Data, Customer Intellectual Property Rights and any third party owned item from the Start Date for the Term for the purposes of this Agreement.
4.3 If ownership does not automatically vest in accordance with clauses 4.1 or 4.2, the parties shall promptly enter into (or procure the entering into by any relevant third party) such documentation as is reasonably required to vest ownership of Intellectual Property Rights in accordance with clauses 4.1 or 4.2.
4.4 The Customer grants the Company a non-exclusive, non-transferable, revocable licence to display the Customer’s name, logo and trademarks, as designated and/or amended by the Customer from time to time and as required in the creation of correspondence, documentation and website front ends or otherwise any ‘white labelling’ in the provision of the Service.
4.5 The Customer hereby assigns all rights, title and interest in any Feedback to the Company. If for any reason such assignment is ineffective, the Customer shall grant the Company a non-exclusive, perpetual, transferable, irrevocable, royalty-free, worldwide right and licence to use, reproduce, disclose, sub-licence, distribute, modify and exploit such Feedback without restriction during and after the Term for the duration of such rights.
4.6 The Company shall take and maintain reasonable technical precautions to protect the Service from improper or unauthorised use, distribution or copying.
4.7 The Customer acknowledges and agrees that the Company shall (except where prohibited by any applicable law) be entitled to: (a) collect, access, modify, distribute, audit, reproduce, delete or remove any Customer Data, and non-identifying and/or anonymised information (that is not personal data) relating to the Customer, the Authorised Users, and/or the use of the Service freely and in perpetuity to the extent necessary to: (i) protect the Customer; (ii) provide, protect, monitor, maintain, support and improve the Service, Support and Maintenance and Additional Services; (iii) protect the integrity of any data held by Company; and/or (iv) ensure Company’s, its licensors', and Customer’s compliance with this Agreement and/or any applicable laws (including to assist law enforcement or other regulators); (b) disclose such data and information to enforce this Agreement, or to protect the Company’s (or Company’s customers rights); and (c) use cookies on the Service.
5.1 This Agreement shall commence on the Start Date and continue for the Initial Term (unless terminated earlier in accordance with this Agreement). At the expiry of the Initial Term, this Agreement will automatically renew for successive 12 month periods (or for such other renewal periods as may be agreed in the Order Form) (each a “Renewal Term”) and continue until terminated in accordance with this Agreement. Either party may terminate the Agreement either at the end of: (a) the Initial Term; or (b) any Renewal Term by giving the other at least 90 days’ notice in writing prior to the end of the Initial Term or then current Renewal Term (as applicable).
6.1 The Company shall invoice the Customer for the Fees in accordance with the Order Form (on or after the dates the Fees may be expressed as payable). All invoices shall be issued in the currency stated in the Order Form. All Fees exclude any value added tax, general sales tax, other sales and withholding taxes (and any customs, handling, import and/or export duties) which, where they are applicable, shall be paid by the Customer in addition to the Fees. The Customer must pay the Company’s invoices (without deduction) no later than 30 days after the date of the invoice (or within such other period as may be specified in the Order Form) (“Due Date”). If the Customer believes that any invoice is incorrect, it must (acting in good faith) notify the Company in writing within 30 days of the invoice date.
6.2 Subject to clauses 6.5 and 6.6, the Fees remain fixed for the Initial Term of the Agreement. After the Initial Term, the Company may (on written notice to the Customer) at the end of the Initial Term and on each subsequent anniversary of the Start Date increase all or any of the Fees by no more than 2% above the change to the annual UK Retail Price Index in the preceding 12 months.
6.3 The Customer undertakes that all details provided by (or on behalf of) it or the Authorised Users for the purpose of obtaining the Service will be correct and that any credit card details used are its own and that there are sufficient funds or credit facilities to cover the Fees.
6.4 Where payment of any Fee is not received within 30 days of the Due Date, the Company may, without liability to the Customer: (a) charge interest on overdue Fees at the applicable statutory rate; (b) suspend provision of the Service, Additional Services or Support and Maintenance (including disabling the Customer’s password, account and access to all or part of the Service), and the Company shall be under no obligation to provide any or all of the Service while the invoice(s) concerned remains unpaid). The Company shall be entitled to recover from the Customer any costs and reasonable legal fees it incurs in recovering overdue payments.
6.5 In the event that the cost of third party products or services increases, the Company may (on written notice to the Customer) increase the relevant Fees accordingly.
6.6 The user numbers and other restrictions and limits on use are as set out in the Order Form (and, in respect of the Credentially API, in the Credentially API Documentation) (together “Usage Limits”). The Usage Limits are applicable as a maximum aggregate number of the relevant variable (for example, the maximum total number of all Authorised Users (whether Administrative Users or End Users), or the maximum number of calls on the Credentially API). The Company shall have the right to monitor Customer’s use and user number. Should actual use exceed the Usage Limits then the Company shall be entitled to: (a) suspend the Service or Credentially API during any excessive use; and (b) charge the Customer for all use in excess of the Usage Limits (for example, for additional users, the Customer must pay the applicable extra fee set out in the Order Form for all usage above the Usage Limits). The Customer shall not be entitled to any reduction in the Usage Limits or the Fees in any circumstances (including where actual usage is below the Usage Limit).
7.1 Each party (“Recipient”) may use the Confidential Information provided by the disclosing party (“Discloser”) only for the purposes of this Agreement. The Receiver must keep confidential all Confidential Information of the Discloser.
7.2 The Recipient may disclose the Discloser’s Confidential Information to those of its employees, contractors, advisors and agents (“Personnel”) who have a need to know the Confidential Information for the purposes of or in connection with this Agreement but only if the Personnel are bound by confidentiality undertakings at least as onerous as those set out in this Agreement (and the Receiver shall remain liable to the Disclosure for the Personnel’s acts, omissions, and compliance with this clause 7).
7.3 The Recipient agrees to destroy or return all documents and other materials containing Confidential Information within 30 days of termination or expiry of this Agreement.
7.4 The obligations of confidentiality under this Agreement do not extend to information that: (a) was rightfully in the possession of the receiving party before the negotiations leading to this Agreement; (b) is, or after the Start Date, becomes public knowledge (otherwise than as a result of a breach of this Agreement); (c) is lawfully disclosed to the receiving party by a third party without restriction on disclosure; (d) is required by law to be disclosed (provided that, where lawfully permitted, the Recipient promptly (and prior to disclosure), consults with and cooperates with the other party in respect of any legitimate means of preventing or limiting disclosure); or (e) is independently developed by the receiving party (provided that such independent development can be shown by written evidence).
8.1 Each party undertakes to comply with its obligations under the Data Protection Legislation.
8.2 The parties shall comply with their respective obligations set out in the DPA, and the Company confirms that it will only process personal data in accordance with the instructions of the Customer, as set out in the DPA. In the event of any conflict between this clause 8 of this Agreement and the terms of the DPA, the terms of the DPA shall prevail.
8.3 To the extent that personal data is processed when the Customer provides information to the Company during registration, or when Authorised Users use the Service, the parties acknowledge that, in accordance with the DPA: (a) the Company is a data processor and the Customer is a data controller and the parties shall comply with their respective statutory data protection obligations; and (b) such personal data shall be collected and processed by the Company in accordance with the DPA.
8.4 The Customer shall ensure that: (a) the personal data, which it supplies or discloses to the Company (“Customer Personal Data”), has been obtained fairly and lawfully; (b) it will obtain any necessary approvals from persons whose data is being processed (or otherwise has a legitimate basis for the processing taking place under this Agreement), to ensure that the Company can process the Customer Personal Data for the purposes of this Agreement; and (c) it has in place all necessary registrations with authorities to permit the Company to transfer personal data to third parties pursuant to its obligations under this Agreement.
9.1 Each party warrants and represents that: (a) it has full authority to enter into this Agreement and to grant the rights and perform the obligations specified in this Agreement; (b) the execution and performance of its obligations under this Agreement do not violate or conflict with the terms of any other agreement to which it is a party; and (c) it shall comply with all applicable laws.
9.2 The Company warrants to the Customer that: (a) it has the right to licence the Service; (b) the Implementation Services shall be performed with reasonable skill and care and in a professional manner in accordance with good industry practice; (c) use of the Service will not infringe the Intellectual Property Rights of any third party. The foregoing warranties shall not cover: (i) deficiencies or damages relating to any third party components not furnished by the Company; (ii) any external links; or (iii) any connectivity or availability issues with third party products or services.
9.3 It is the Customer’s responsibility to ensure that the Service is suitable for its business purposes, and to make reasonable efforts to understand the Service and to implement any working practice changes required to make successful use of the Service. Therefore, no warranty is made regarding the results of usage of the Service or that the Service will meet the Customer’s requirements, and the Customer assumes responsibility for: results obtained from the use of the Service by the Customer, and conclusions drawn from such use. No warranty is made that the Service will operate uninterrupted or bug- or error-free. From go-live of the Service, for the remainder of the Term, bugs and errors shall be addressed in accordance with the SLA.
9.4 The Customer acknowledges that the Service should not be used for high-risk applications or situations where: (a) failure of the Service could lead to the death or serious bodily injury of any person, or to severe physical or environmental damage; or (b) where precise locations or features on maps are essential to the Customer, for example, use of the Service by the emergency services.
9.5 The Customer acknowledges that certain Additional Services use third party products or services ("Third Party Services", the third party providing them being a "Third Party"). The restrictions, limitations and disclaimers applicable to the Service (which are set out in clauses 3, 4, 9.3, 9.4 and 9.6) shall apply equally to the Third Party Services and any data and other content provided or made available through such Third Party Services. The Customer agrees that Third Party Services: (a) may from time to time be modified by the Third Party (which may include the modification or removal of certain functionality, features and processes); (b) may from time to time be suspended by the Third Party (for security purposes or other reasonable cause); (c) shall not be available outside of the duration of the Company's contract for the relevant Third Party Services; (d) must only be used by the Customer and its users in compliance with applicable laws and for the purposes they are intended (a description of such purposes is available from the Company following written request).
9.6 The Third Party Services (and all third-party data, content and information provided by the Company through or via the Service (“Third Party Data”), for example, third party criminal records checks and digital ID-related data) are provided “as is” and “as available”. The Company provides no warranties (express or implied) in relation to Third Party Data or Third Party Services (or its or their Suitability, or their being up-to-date, or that any results will be fair or unbiased) (except that, where the Company is granted a warranty from the Third Party which the Company is reasonably able to pass through in full to the Customer, such warranty shall apply; to the extent permitted by the relevant Third Party, the Company shall provide details of such warranties (if any) following Customer’s request), and the Company shall have no liability whatsoever to the Customer for its use or reliance upon any Third Party Data, Third Party Services or related results. The Customer shall be responsible for making its own enquiries to ensure the Suitability of the Third Party Data and its results, and shall be solely responsible for all of its decisions made, and actions taken (or not taken) on the basis of, or relating to, such Third Party Data.
9.7 In respect of any digital ID service or digital ID verification ("DID"), the Customer: (a) shall ensure that it does not use DID as the only method for identity verification, and it shall also verify the relevant person's identity in person (or through another suitable method); and (b) shall not use DID as the basis on which it makes its decision on whether or not a person is suitable for work; and (c) acknowledges that: (i) it is the Customer's responsibility to ensure it selects identity documents (and related documents) which are acceptable to the Customer; (ii) any verification of the relevant information is undertaken at the point that the relevant source identity document or other information is first submitted (and it is not updated or re-verified); and (iii) any biometric template received through DID must be deleted within three years of the initial purpose being satisfied (or the last interaction with the user, whichever occurs first).
9.8 Where the Company makes available any application programming interface to the Customer as part of the Service, or the Company otherwise provides any integration or interfaces (all such application programming interfaces, and other integration and interfaces, in each case as updated from time to time, being together the "Credentially API", which shall form part of the Service) between the Service and any third party products and/or services used by the Customer or the Authorised Users (“Customer Licensed Products”), the Customer shall: (a) use the Credentially API on a reasonable, good faith, and fair usage basis and in accordance with the usage thresholds, refresh frequency, and other restrictions and provisions set out in the Credentially API Documentation, and the Customer must not in any event use the Credentially API in an excessive or abusive manner (in each case as reasonably determined by the Company); (b) promptly provide the Company with all necessary access keys, log-in and other credentials, all Customer Licensed Product user set-up, and all other information and assistance reasonably requested by the Company in respect of the Credentially API and its implementation and ongoing maintenance, including as specified in the Credentially API Documentation; (c) be solely responsible for the operation, content, and use of Customer Licenced Products; and (d) procure all necessary interfaces from the Customer Licensed Products, agreements, consents, licences, and cooperation (including from the relevant third party) to allow the Company to integrate with (and lawfully use all data received through or from) the Customer Licenced Products. The Customer shall be solely responsible for all data passed through the Credentially API, and the Customer shall ensure the Suitability of such data and that it is kept up to date. Any change required to the Customer Licensed Products (or Customer systems) in order to enable integration using the Credentially API (including as such Credentially API is updated by the Company from time to time) shall be made by the Customer at its sole cost and expense.
9.9 The Customer warrants that it rightfully owns the necessary rights, copyrights and ancillary copyrights and permits required for it to fulfil its obligations and exercise its rights under this Agreement.
9.10 The Customer warrants and represents that it shall ensure that its network and systems comply with the Company's relevant minimum specification, as may be provided to Customer and updated by the Company from time to time, and that the Customer is solely responsible for: (a) procuring and maintaining its network connections and telecommunications links required to use the Service (including links from the Customer’s systems to the Company’s data centres); and (b) all problems, conditions, delays, delivery failures and all other losses arising from or relating to the Customer’s network connections or telecommunications links or caused by the Internet.
9.11 The Customer shall comply with its obligations in the SLA.
9.12 The Customer shall, and shall procure Authorised Users (to the extent that the Company may reasonably require to perform the Company’s obligations and exercise its rights under this Agreement): (a) permit the Company’s staff to have access to the Customer’s systems, environments, and property; (b) provide the Company with prompt cooperation, assistance, and information; (c) make available to the Company the Customer’s relevant information, telecommunications, and other facilities; and (d) provide access, information and appropriate configuration to the Company, including Customer Data.
9.13 The Customer acknowledges that the Company’s ability to perform its obligations under this Agreement may depend on the Customer performing its obligations in a timely manner. Where the Company’s performance of its obligations under this Agreement is delayed or prevented by reason of an act, omission or breach of this Agreement by the Customer or by the Authorised Users, then the Company shall be under no obligation to perform (and shall be entitled to a reasonable extension of time in respect of), its obligations under this Agreement.
9.14 Except as expressly stated in this Agreement, all warranties and conditions, whether express or implied by statute, common law, practice, or otherwise (including those concerning merchantability, quality and fitness for purpose), are hereby excluded to the fullest extent permitted by law.
10.1 Nothing in this Agreement excludes or limits either party’s liability for: (a) death or personal injury caused by its negligent act or omission or willful misconduct; (b) fraud or fraudulent misrepresentation; or (c) any other liability which cannot be excluded or limited by applicable law.
10.2 Neither party shall be liable for any Consequential Loss however arising under or in connection with this Agreement, whether in tort (including negligence or breach of statutory duty), contract, misrepresentation or otherwise, even if the party was advised of the possibility of such damages.
10.3 The Company shall have no liability for any losses caused by: (a) errors or omissions in any Customer Data or other information, materials, instructions or scripts provided to the Company by or on behalf of the Customer or the Authorised Users in connection with this Agreement; (b) any actions taken by the Company at the Customer’s direction; (c) modifications to or unauthorised use of the Service or any Third Party Services by the Customer or the Authorised Users.
10.4 Subject to clause 10.1, and where such liability is not excluded under this Agreement, the total liability of the Company in aggregate howsoever arising (whether in contract, tort (including negligence and breach of statutory duty) or otherwise) under or in connection with this Agreement, or based upon any claim for indemnity or contribution under or in connection with this Agreement, shall not exceed:
(a) (in respect of any breaches of clause 8 (Data Protection), the DPA, or the Data Protection Legislation): the higher of (i) £100,000; and (ii) the total aggregate Fees (excluding all taxes) paid or payable to the Company during the Initial Term; and
(b) (in respect of all other breaches, causes of action, losses, liabilities, claims, and otherwise) the total aggregate Fees (excluding all taxes) paid or payable to the Company during the Initial Term.
10.5 The Customer shall be liable for any breaches of this Agreement caused by the acts, omissions or negligence of any Authorised Users as if such acts, omissions or negligence had been committed by the Customer itself.
10.6 The Customer shall not raise any claim under this Agreement more than 6 years after the discovery of the circumstances giving rise to a claim.
10.7 The parties acknowledge and agree that in entering into this Agreement, each has recourse to its own skill and judgement and has not relied on any representation made by the other, their employees or agents.
11.1 The Company, at its own expense, shall: (a) defend, or at its option, settle any claim or suit brought against the Customer by a third party that the Service infringes the Intellectual Property Rights of that third party (“Claim”); and (b) pay any final damages and costs awarded against the Customer in respect of such Claim, provided that: (i) the Customer notifies the Company promptly in writing of the Claim; (ii) the Customer makes no admission of liability, and the Company is given sole control of the defence and/or settlement of the Claim; and (iii) the Customer fully cooperates and provides all reasonable assistance to the Company in the defence or settlement of the Claim.
11.2 If all or any part of the Service becomes, or in the opinion of the Company may become, the subject of a Claim, the Company at its own expense and sole discretion may: (a) procure for the Customer the right to continue to use the Service or the affected part thereof; (b) replace the Service or affected part with another suitable non-infringing service; or (c) modify the Service or affected part to make the same non-infringing. This clause 11.2 states the Company’s entire liability to the Customer in respect of the Company’s infringement of the Intellectual Property Rights of any third party.
11.3 The Company shall have no obligations under clauses 11.1 or 11.2 to the extent that a claim has arisen as a result of the Customer’s or Authorised Users’ (or a third party’s (where acting on behalf of the Customer)): (a) combination, operation or use of the Service or any Third Party Services with other services, equipment, or software not provided or expressly specified by the Company; (b) use of the Service or any Third Party Services in any manner inconsistent with this Agreement; (c) modification of the Service without Company’s specific consent; (d) Customer Data; or (e) negligence or willful misconduct.
11.4 The Customer shall defend, indemnify and hold the Company and its employees, suppliers and agents harmless from and against any losses arising from any claim relating to or resulting directly or indirectly from: (a) any actual or suspected infringement or breach by the Customer of any Intellectual Property Rights with respect to the Customer’s use of the Service or any Third Party Services outside the scope of this Agreement; (b) any access to or use of the Service or any Third Party Services by an Authorised User or third party; and (c) use by the Company of any Customer Data or other Customer or Authorised User provided item; or (d) any breach of this Agreement by an Authorised User causing losses equivalent to £1,000 or more to Company.
11.5 Subject to clauses 10, and 11.1 to 11.4 inclusive, each party shall defend, indemnify and hold the other party, and its employees, suppliers or agents harmless from and against any losses arising from any claim relating to or resulting directly or indirectly from: (a) breaches of the Data Protection Legislation by the indemnifying party; and (b) (where the Company is the indemnified party) the Company processing data on behalf of and in accordance with the instructions of the Customer.
12.1 The Customer shall (and shall procure that the Authorised Users shall) maintain reasonable, up-to-date security measures covering, without limitation, confidentiality, authenticity and integrity to ensure that the access to the Service and any Third Party Services is limited as set out in this Agreement.
12.2 The Customer shall (and shall procure that the and Authorised Users shall): (a) treat any identification, password, username, Credentially API key, other software keys, and other security devices for use of the Service (“Logins”) with due diligence and care and take all necessary steps to ensure that they are kept confidential, secure and are used properly and are not disclosed to unauthorised persons; and (b) ensure that each Login is only used by the user to which it has been assigned. The Customer is responsible for any and all activities that occur under the Customer’s and Authorised Users’ accounts and via their passwords. The Customer will immediately notify the Company if the Customer becomes aware of any unauthorised use of the Customer’s or any Authorised User’s account, the Logins, the Service, or any other breach of security. Customer shall ensure that it only grants administrative privileges to suitably qualified employees, agents, officers and individual contractors employed or engaged directly by Customer (and not to third parties). The Customer takes sole responsibility for its (and its users’) allocation and naming (and any changes, reallocation or renaming) (“User Allocation”) of Customer’s users’ roles (including to or from Administrative User roles). The Customer shall be liable for, and shall indemnify and hold the Company harmless against any losses arising as a result of or in connection with User Allocation. The Company shall have no liability for any loss or damage arising from the Customer’s failure to comply with this clause 12.
12.3 The Company may suspend the Service, or access to the Service (or part thereof), at any time if, in the Company’s sole reasonable discretion, the integrity or security of the Service is in danger of being compromised, including by acts of the Customer or Authorised Users. The Company shall (except where immediate action is required to preserve any data, property, or the Service) give the Customer 24 hours’ written notice before suspending access to the Service, giving specific details of its reasons.
13.1 The Company may immediately on notice to the Customer terminate this Agreement (or part of it), or suspend the Service (and/or the Additional Services or Support and Maintenance) (or any part of them) if: (a) the Customer has (or is reasonably suspected to have) used or permitted the use of the Service other than in accordance with this Agreement; or (b) the Company is prohibited under applicable law or guidance, or is otherwise prevented by the government, regulators, legislators or court, from providing the Service.
13.2 Either party shall be entitled to terminate this Agreement on written notice to the other party if the other party: (a) passes a resolution for winding up or goes into voluntary or involuntary liquidation (otherwise than for the purpose of a solvent reconstruction or amalgamation) or has a receiver or administrator or similar person appointed or is unable to pay its debts within the meaning of s268 Insolvency Act 1986, is dissolved, has a liquidator, receiver, administrator, administrative receiver, manager, trustee, or similar officer appointed over any of its assets, or ceases or threatens to cease to carry on business, or if any event occurs which is analogous to any of the foregoing in another jurisdiction; or (b) commits a material breach of any term of this Agreement which, if capable of remedy, is not remedied within 5 business days (being Monday to Friday, excluding public holidays in England) of receipt of a written notice specifying the breach and requiring it to be remedied.
13.3 Upon termination or expiry of this Agreement: (a) the Company shall immediately cease providing the Service to the Customer and all rights and licences granted by the Company under this Agreement shall terminate; (b) the Customer shall promptly return to the Company all documentation and other property belonging to the Company; (c) the Customer shall (except where the Agreement has terminated as a result of the Company’s material breach) promptly pay the Company all unpaid Fees for the remainder of the Initial Term (or Renewal Term, as applicable), and no Fees already paid shall be refunded if the Agreement is terminated prior to the end of the Initial Term (or Renewal Term, as applicable); and (d) the Company shall within 30 days of termination or expiry, delete (in accordance with the terms of the DPA), or (following receipt of a written request from the Customer within 15 days of termination or expiry) return all Customer Data stored in the Service in its then current format (and by a Company standard method) to the Customer. If the Customer requires any Customer Data to be returned in or by a different format or method, the Company reserves the right to charge for this additional service on a time and materials basis.
13.4 Termination of this Agreement for whatever reason shall not affect the accrued rights of the parties. All clauses which expressly or by their nature should continue after termination or expiry shall, for the avoidance of doubt, survive the expiry or termination of this Agreement and shall remain in force and effect.
14.1 Relationship: Nothing in this Agreement shall render either party a partner or an agent of the other, and neither party shall purport to undertake any obligation on the other party’s behalf, nor pledge or purport to pledge the other party’s credit.
14.2 Third Parties: No provision of this Agreement or of any document connected with the Service shall be enforceable by a third party (whether any Authorised User or otherwise) under the Contracts (Rights of Third Parties) Act 1999, any similar legislation in any applicable jurisdiction, or otherwise.
14.3 Assignment: Except as otherwise set out in this Agreement, no party may assign, subcontract or transfer its rights or obligations under this Agreement without the prior written consent of the other party, such consent not to be unreasonably withheld. The Company shall be entitled to assign the Agreement to: (a) any company in the Company’s group of companies; or (b) any entity that purchases the shares or assets of the Company as the result of a merger, takeover or similar event.
14.4 Force Majeure: If a party is wholly or partially prevented by a Force Majeure from complying with its obligations under this Agreement, then that party’s obligation to perform in accordance with this Agreement will be suspended. As soon as practicable after an event of Force Majeure arises, the party affected by Force Majeure must notify the other party of the extent to which the notifying party is unable to perform its obligations under this Agreement. If the Force Majeure event lasts for more than 28 days the unaffected party may terminate this Agreement on notice with immediate effect without penalty.
14.5 Severance and no waiver: Should a provision of this Agreement be invalid or become invalid then the legal effect of the other provisions shall be unaffected. A valid provision is deemed to have been agreed which comes closest to what the parties intended commercially and shall replace the invalid provision. No delay, neglect or forbearance by either party in enforcing its rights under this Agreement shall waive or prejudice those rights.
14.6 Hosting and other suppliers: The Customer acknowledges that, in order to provide the Service and Additional Services in accordance with this Agreement, the Company uses a third party hosting provider and other third party suppliers, contractors and subcontractors.
14.7 Entire agreement: This Agreement constitutes the whole agreement and understanding between the parties and supersedes all prior agreements, representations, negotiations and discussions between the parties relating to its subject matter. The Customer agrees it has no remedy in respect of any untrue statement or representation made to it upon which it relied in entering into this Agreement and its only remedies can be for breach of contract (unless the statement was made fraudulently).
14.8 Precedence: In the event of any conflict or inconsistency between the Terms and Conditions, Order Form, DPA, Privacy Policy and SLA, the Order Form shall prevail followed by the DPA, the Terms and Conditions, the Privacy Policy and then the SLA.
14.9 Changes and notices: Amendments to, and notices to be sent under this Agreement, shall be in writing and shall be deemed to have been duly given if sent by registered post or (provided that no automated notice of technical non-delivery is received from the email server) email to a party at the address or email address given for that party in the Order Form (or as otherwise notified in writing by that party). Notwithstanding the aforesaid, the Company may change or modify the terms of this Agreement upon giving the Customer at least 30 days’ notice via email (“Relevant Period”). If the Customer objects to any such change or modification, it shall notify the Company within 5 days of such notice, and use its best endeavours to discuss and agree a way forward with the Company within the Relevant Period. If the parties do not come to an agreement by 5 days before the end of the Relevant Period, then either: (a) where the Company informs the Customer that it cannot continue on the unmodified terms, then the Customer shall be entitled to terminate this Agreement by providing the Company with 5 days’ written notice prior to the end of the Relevant Period; or (b) where the Company informs the Customer that it can continue on the unmodified terms, then such unmodified terms will continue to apply but the Customer shall not be entitled to any further updates or new features of the Service. All changes shall be deemed to have been accepted by the Customer unless (a) or (b) of the preceding sentence apply.
14.10 Publicity: Neither party shall make any public statement, press release or other announcement relating to the terms or existence of this Agreement, or the business relationship of the parties, without the prior written consent of the other party. Notwithstanding the preceding sentence, the Company may use the Customer’s name and trademarks (logo only) to list the Customer as a client of the Company on its website and in other marketing materials and information.
14.11 Law and jurisdiction: This Agreement and any (contractual or non-contractual) disputes connected to it shall be governed by the laws of England and Wales. The courts of England shall have exclusive jurisdiction for the settlement of all disputes arising under or in connection with this Agreement.
