THE CLIENT’S ATTENTION IS DRAWN PARTICULARLY TO CLAUSES 13, 15.2, 17, AND TO SCHEDULE 2 PARAGRAPH 6, AND SCHEDULE 6 PARAGRAPH 2.
2 Contract start date
This Contract takes effect on the Effective Date and shall continue until terminated by either party in accordance with these Conditions or law.
3 Professional Services and Training
3.1 If the Services include Professional Services and/or Training, the Provider may begin to perform such Professional Services and/or Training at any time on or after the date for performance specified in the Order, or if no date is specified in the Order, on or after the Effective Date.
3.2 All dates specified in the Order or otherwise agreed between parties for the Provider’s performance of Professional Services and Training are non-binding estimates only.
3.3 In respect of any data migration services that are part of Professional Services, the Provider does not guarantee that all data will be successfully migrated. The Client acknowledges that the Provider shall not be liable if the Provider is unable to migrate all data requested by the Client.
4. Subscription start date and renewals
4.1 A paid subscription for Subscription Services shall start on the Subscription Start Date and, unless either party terminates the Contract earlier in accordance with these Conditions or law:
5. Rights of use and Authorised Users
5.1 Subject to the Client complying with these Conditions, the Provider grants the Client a non-exclusive, non-transferable, right during the Subscription Term to access and use, and to permit Authorised Entities and Authorised Users to access and use, the Services and Documentation solely for the Client’s and Authorised Entities’ internal business operations. The Client shall not authorise or permit any person other than Authorised Entities and Authorised Users to access and use the Services and Documentation.
5.2 If the Client permits Authorised Entities to access and use the Services and Documentation in accordance with Clause 5.1, the Client shall ensure that all communications with the Provider in relation to the Contract, Services and Documentation are made by the Client, and not by the relevant Authorised Entities.
5.3 The Client shall ensure:
(a) Authorised Entities and Authorised Users use the Services and Documentation in accordance with the Contract, and the Client shall be responsible for the acts and omissions of Authorised Entities and Authorised Users in relation to this Contract, the Services and the Documentation as if they were the Client’s acts or omissions;
(b) the Services are used only by Authorised Users who are adequately trained on use of the Services;
(c) the maximum number of Authorised Users the Client permits to access and use the Services and the Documentation shall not exceed the number of current User Subscriptions held by the Client at the relevant time;
(d) each Authorised User:
(i) shall have Login Credentials unique to them, which shall include a personal email address that is not shared with any other person;
(ii) uses only their own Login Credentials to gain access to and use the Services and Documentation, and not those of any other person;
(iii) changes their password for access to the Services and Documentation at least monthly and keeps it confidential; and
(e) each User Subscription is used only by the named person to whom it is assigned, except that the Client may reassign a User Subscription in its entirety to another individual Authorised User, provided the Client ensures the prior Authorised User does not access or use the Services or Documentation after assignment.
5.4 The Client shall maintain an up to date list of current Authorised Users and shall provide the list to the Provider within five Business Days after the Provider’s written request.
6. Additional User Subscriptions
6.1 During the Subscription Term, the Client may purchase additional User Subscriptions in accordance with the remainder of this Clause 6.1:
(a) the Provider is not obliged to agree to the Client’s request to purchase additional User Subscriptions but may, at its discretion, provide the Client with an order form for the number of requested additional User Subscriptions; and
(b) the Contract shall be deemed amended to reflect the additional User Subscriptions specified in the order form referred to at Clause 6.1(a) when the Client returns the order form signed on behalf of the Client to the Provider or when the Client has access to such additional User Subscriptions, whichever is earlier.
6.2 All additional User Subscriptions shall be subject to these Conditions.
6.3 The Provider may charge the Client for, and the Client shall pay for, additional User Subscriptions in respect of the period starting on the first day of the month when the Client returned the sign order form to the Provider in accordance with Clause 6.1(b).
6.4 During a Renewal Term, the Client may reduce the number of User Subscriptions with effect from the next Renewal Date by giving the Provider not less than 90 days’ prior written notice.
6.5 The Client may reduce the number of User Subscriptions at any time by giving the Provider not less than 90 days’ prior written notice provided that this does not result in the Client holding fewer User Subscriptions than the Client held at:
(a) the Subscription Start Date (if the reduction takes effect during the Initial Subscription Term); or
(b) the immediately preceding Renewal Date (if the reduction takes effect after the end of the Initial Subscription Term).
7.1 During the Subscription Term and for one year after termination of the Contract, the Client shall keep complete and accurate records of the Client’s and Authorised Users’ use of the Services and Documentation, and shall permit the Provider to inspect and take copies of such records to:
(a) verify that the Client’s use of the Services and Documentation is in accordance with the Contract; and
(b) establish the Login Credentials of each Authorised User,
7.2 The Provider shall conduct no more than one Audit per quarter at its own expense (save in the event such Audit reveals that the Client has breached the terms of this Contract), and shall provide the Client with reasonable prior notice of Audit.
7.3 The Provider shall conduct Audits in such a manner as not to interfere substantially with the Client’s normal conduct of business.
7.4 If an Audit reveals that Login Credentials have been provided to or used by any individual who is not an Authorised User, then without limiting the Provider’s rights or remedies under the Contract or law:
(a) the Client shall promptly disable such Login Credentials at the Provider’s request; and
(b) the Provider shall not be required to issue any new passwords to the relevant individual.
7.5 If an Audit reveals that the Client has underpaid Service Fees to the Provider:
(a) the Client shall pay the Provider an amount equal to such underpayment within 10 Business Days of receipt of written notice from the Provider requesting payment; and
(b) if the underpayment has arisen because the Client’s use of the Services exceeded the number of User Subscriptions held by the Client, the Provider may increase future Service Fees to reflect the excess usage.
8. Acceptable use
The Client shall comply with the acceptable use policy at Schedule 8, as updated by the Provider from time to time.
9. Service Fees and payment
9.1 The Client shall pay the Service Fees to the Provider in accordance with this Clause 9 and the Order.
9.2 The Client shall pay all Service Fees by direct debit or by such other reasonable means as the Provider requests in writing.
9.3 The Client shall pay Subscription Fees and all other Service Fees that are stated in the Order to the Provider monthly in advance, except for monthly Service Fees for the SMS Service, which the Client shall pay monthly in arrears.
9.4 Subscription Fees shall be calculated with effect from the Subscription Start Date. The Provider intends (but is not obliged) to invoice the Client for Subscription Fees on or around the last day of a calendar month.
9.5 If Service Fees are stated in the Order to be one-off costs, the Provider intends (but is not obliged) to invoice the Client for those Service Fees on or around the date the Provider issues an invoice for the first month’s Subscription Fees.
9.6 Direct debits will be collected on or around the Business Day that is closest to 14 days after the date of invoice. If the Provider requests payment to be made by means other than direct debit under Clause 9.2, the Client shall pay the relevant Service Fees within 14 days after the date of invoice.
9.7 Time for payment of the Service Fees by the Client shall be of the essence.
9.8 If the Provider has not received payment of Service Fees by the due date for payment:
(a) the Provider may, without liability to the Client, disable the Client’s passwords, accounts and access to all or part of the Services and Documentation, and the Provider shall be under no obligation to provide any of the Services or Documentation while any Service Fees remain unpaid; and
(b) interest shall accrue each day on the overdue amount at a rate equal to 4% a year above the Bank of England’s base rate from time to time, but at a rate equal to 4% a year for any period when that base rate is below 0%, from the due date for payment until the overdue amount is fully paid (whether before or after judgment).
9.9 All amounts and Service Fees stated or referred to in the Contract:
(a) shall be payable in pounds sterling;
(b) are non-cancellable and non-refundable; and
(c) are exclusive of VAT, which shall be payable in addition and at the same time as the relevant amount or Service Fees at the appropriate rate.
9.10 All amounts due from the Client to the Provider under the Contract shall be paid in full without any set-off, counterclaim, deduction or withholding (other than any deduction or withholding of tax as required by law).
9.11 The Provider may increase the Service Fees payable by the Client on or after 1 March each year by giving the Client not less than 30 days’ notice in writing to the Client’s billing email address to confirm the amount of such increase. In the event that the Provider does not provide such notice, the Service Fees shall increase automatically on or after 1 March each year in line with the percentage increase in the UK Retail Prices Index since the Service Fees were last set.
10. Service availability and changes
10.1 During the Subscription Term, the Provider shall use commercially reasonable endeavours to make the Services and Documentation available 24 hours a day, seven days a week, but the Client acknowledges that there may be Downtime for:
(a) planned maintenance;
(b) unscheduled maintenance; and/or
(c) a Force Majeure Event.
10.2 The Provider shall use commercially reasonable endeavours to give the Client notice of any Downtime in advance and to remedy any Downtime as soon as reasonably practicable.
10.3 The Provider may make changes to the features and/or functionality of the Services and to the Documentation from time to time. Where it is reasonably practicable to do so, the Provider shall endeavour to give the Client prior notice of material changes or material updates to the Services and Documentation via notifications on the Provider’s Website.
11. Client Data
11.1 The Client is solely responsible for the legality, reliability, integrity, accuracy and quality of the Client Data.
11.2 The Provider shall follow its archiving procedures for Client Data (as amended or updated from time to time).
11.3 The Provider may change or update its archiving procedures in its sole discretion from time to time.
11.4 The Provider excludes all liability for loss of data, but, if, despite such exclusion, the Provider becomes liable for any loss or damage to Client Data, the Client’s sole and exclusive remedy shall be for the Provider to use reasonable commercial endeavours to restore the lost or damaged Client Data from the latest copy of such Client Data maintained by the Provider. The Provider shall not be responsible for any loss, destruction, alteration or disclosure of Client Data caused by any third party.
11.5 The Client agrees that it is solely responsible for ensuring it has appropriately backed up and has copies of all Client Data maintained by the Provider, and is able to access such Client Data via an alternative means if necessary.
11.6 The Client agrees that during the provision of the Services, Client instructs Provider to delete Client Data in accordance with Provider’s Policies.
11.7 The Client warrants that it has all the necessary consents and authority to process, access and take copies of and retain copies of any Authorised Users’ and Authorised Entities’ data or information, and shall provide evidence of such consent(s) to Provider on request.
11.8 The Client indemnifies the Provider, its Affiliates, and their respective directors, officers, employees, agents and subcontractors against all Losses arising out of or in connection with any claim by a third party in relation to the Provider’s processing of Client Data in accordance with this Agreement, including any deletion of Client Data in accordance with Clause 11.6.
12. Intellectual Property Rights
12.1 All Intellectual Property Rights in Provider Items or that arise out of or in connection with the Services, remain vested in the Provider or its third party licensors (as applicable). Nothing in the Contract operates to assign any Intellectual Property Rights in Provider Items to the Client or Authorised Users.
12.2 All Intellectual Property Rights in Client Information remain vested in the Client, Authorised Entities or their respective third party licensors.
12.3 The Client grants the Provider a worldwide, non-exclusive, irrevocable, royalty-free, transferable, sub-licensable licence to use, copy, store, archive, modify, extract, display, distribute, transmit, transfer, make available, reutilise, download and create derivative works and data from any Client Information for the purposes of:
(a) providing the Services to the Client; and
(b) optimising, adjusting, aggregating, evaluating, analysing, reporting on and deriving insight from the Client Information to improve and develop the Services, and any other services, products or technology operated or which may be developed and operated by the Provider or an Affiliate of the Provider, provided that in doing so the Client complies with all applicable laws and the remainder of these Conditions and, in respect of the purposes set out this Clause 12.3, the Provider does not disclose any information that identifies or would reasonably be expected to identify to any party outside the Provider, or an Affiliate of the Provider, the Client, its brands or its customers, and in all cases notwithstanding Clause 18.1.
12.4 Nothing in Clause 12.3 affects the Provider’s obligations under the Data Processing Addendum.
THE CLIENT’S ATTENTION IS DRAWN PARTICULARLY TO THIS CLAUSE
13.1 The Provider shall:
(a) at the Provider’s expense, defend any claim brought against the Client alleging that the Client’s use of the Alto Service in accordance with the Contract infringes the copyright, database right, or trade mark rights of the third party (a “Provider IP Claim”); and
(b) indemnify the Client against:
(i) all damages and costs awarded against the Client in final judgment as a result of a Provider IP Claim; and
(ii) amounts paid by the Client in settlement of a Provider IP Claim, provided the Client obtained the Provider’s prior written approval of the settlement and the amount paid in settlement.
13.2 The Provider shall have no obligation to defend or indemnify the Client under Clause 13.1 to the extent the Provider IP Claim arises directly or indirectly from:
(a) any modification of the Alto Service (or any part) by any person unless the modification was made by the Provider or with the Provider’s express written approval;
(b) any Third Party Services;
(c) any Client Information;
(d) breach of the Contract by the Customer or any Authorised Entity’s or Authorised User’s failure to comply with the Contract;
(e) installation or use of the Services (or any part) otherwise than in accordance with the Contract and the Documentation; or
(f) installation or use of the Alto Service (or any part) in combination with any software, hardware or data that has not been supplied or expressly authorised by the Provider.
13.3 Clause 13.1 sets out the Provider’s entire liability to the Client and the Client’s sole and exclusive remedy with respect to any Provider IP Claim.
13.4 The Client indemnifies the Provider, its Affiliates, and their respective directors, officers, employees, agents and subcontractors against all losses, costs, claims and expenses suffered or incurred by any of them (“Losses”) arising out of or in connection with:
(a) the Client’s use of the Services other than in accordance with the Contract;
(b) any breach by the Client of applicable law or regulation (including any breach of the Data Protection Legislation);
(c) any allegation or claim brought by a third party alleging that the Provider’s use of Client Information in accordance with the Contract infringes that third party’s Intellectual Property Rights; and
(d) any allegation or claim by an Authorised Entity against the Provider in connection with the Services, Documentation, or Contract, or the Provider’s performance of them, including any allegation or claim of negligence.
13.5 The Client agrees that the Provider has the right to:
(a) enforce the indemnity under Clause 13.4 on behalf of the Provider’s Affiliates, and their directors, officers, employees, agents and subcontractors (“Provider Third Parties”); and
(b) recover Losses suffered or incurred by Provider Third Parties and for which the Client is liable under the indemnity, as if those Losses had been suffered or incurred by the Provider.
13.6 If by law or under applicable court procedures the Provider is not permitted or is unable to do any of the things referred to in Clause 13.5, the relevant Provider Third Party shall be entitled to enjoy the benefit of and enforce the indemnity under Clause 13.4, subject to and in accordance with the Contract and the Contracts (Rights of Third Parties) Act 1999.
13.7 If any third party makes a claim, or notifies an intention to make a claim, against either party (the “Indemnified Party”) which may reasonably be considered likely to give rise to a liability under the indemnities in this Clause 13 (each an “Indemnity Claim”), the Indemnified Party shall:
(a) as soon as reasonably practicable, give written notice of the Indemnity Claim to the other party (the “Indemnifying Party”), specifying the nature of the Indemnity Claim in reasonable detail;
(b) not make any admission of liability, agreement or compromise in relation to the Indemnity Claim without the prior written consent of the Indemnifying Party (such consent not to be unreasonably withheld, conditioned or delayed);
(c) give the Indemnifying Party and its professional advisers access at reasonable times and on reasonable prior notice to its premises and its officers, directors, employees, agents, representatives and advisers, and to any relevant records and documents within its power or control to enable the Indemnifying Party to examine them and take copies (at the Indemnifying Party’s expense) for the purpose of assessing and defending the Indemnity Claim; and
(d) at the Indemnifying Party’s expense, take such action as the Indemnifying Party may reasonably request to avoid, dispute, compromise or defend the Indemnity Claim.
13.8 Each Indemnified Party shall take reasonable steps to mitigate losses which it may incur as a result of a matter that may give rise to an Indemnity Claim under this Clause 13.
14. Provider obligations and disclaimers
14.1 The Provider shall perform the Services with reasonable skill and care.
14.2 The Client shall:
(a) provide the Provider with all information, cooperation and assistance the Provider reasonably requires for performance of the Professional Services and Training; and
(b) fulfil all tasks and responsibilities specified in the Order (if any).
14.3 The Provider does not warrant that:
(a) the Client’s use of the Services will be uninterrupted or error-free; or
(b) the Services, Documentation or any information obtained by the Client through use of the Services will meet the Client’s requirements or individual needs or be fit for the Client’s purpose, whether or not such requirements, needs or purposes have been communicated to the Provider.
14.4 The Provider is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Client acknowledges that the Services and Documentation may be subject to limitations, delays, and other problems inherent in the use of such communications networks and facilities.
14.5 The Provider is not responsible for and gives no warranty, promise or guarantee of any kind that the Services are or will be compatible with any other software, hardware, service or system used or operated by the Client, Authorised Entities or Authorised Users
15. Client obligations
15.1 The Client shall:
(a) provide the Provider with all necessary cooperation in relation to the Contract and all necessary access to such information as may be required by the Provider to provide the Services, including to Client Data, security access information and configuration services;
(b) comply with all applicable laws and regulations with respect to its activities under the Contract (including the Data Protection Legislation);
(c) comply with the Third Party Licences;
(d) carry out its obligations under the Contract in a timely and efficient manner;
(e) maintain in place throughout the Subscription Term a written agreement with any relevant Portal in respect of which the Data Feed Service is provided, enabling that Service to be provided;
(f) ensure that its network and systems comply with the relevant specifications provided to it by the Provider from time to time; and
(g) be solely responsible for procuring and maintaining its network connections and telecommunications links from its systems to the Provider’s data centres, and all problems, conditions, delays, delivery failures, and all other loss or damage arising from or relating to the Client’s network connections or telecommunications links or caused by the internet.
15.2 If the Provider’s performance of any of its obligations under the Contract is prevented or delayed by any act or omission by the Client or Authorised Entity or failure by the Client or Authorised Entity to perform any relevant obligation (each a “Client Default”):
(a) without limiting or affecting any other right or remedy available to it, the Provider may suspend performance of the Services until the Client remedies the Client Default;
(b) the Provider shall be relieved from liability for any failure or delay in the performance of the Provider’s obligations under the Contract resulting directly or indirectly from a Client Default; and
(c) the Client shall indemnify the Provider against all Losses incurred by the Provider in connection with the Client Default.
15.3 The Client warrants and undertakes that:
(a) it has all necessary power and authority to enter into, and perform its obligations under this Agreement and that it has taken and shall take all requisite corporate and other action to approve the execution, delivery, entering into and performance of this Agreement; and
(b) it is not and will not, and the Authorised Entities are not and will not, and its Ultimate Beneficial Owner(s), the Ultimate Beneficial Owner(s) of any Authorised Entity and all
Relevant Persons are not and will not, at any time during the Term, be subject to any Sanctions or appear on any Sanctions list.
16.1 The Client may terminate the Contract with effect from any Renewal Date, by giving the Provider not less than 90 days’ prior written notice to terminate.
16.2 The Provider may terminate the contract by giving the Client not less than 90 day’s prior written notice to terminate.
16.3 The Provider may terminate the Data Feed Service or the SMS Service immediately by giving notice, if the Provider is no longer able to provide the relevant Service as a result of circumstances outside of the reasonable control of the Provider.
16.4 The Provider may terminate the Contract, or any Service, with immediate effect by giving written notice to the Client if:
(a) the Client materially breaches the Contract (unless, in a case where the breach is capable of remedy, the Client remedies the breach within 30 days after receiving notice to do so);
(b) the Client fails to pay an amount due to the Provider on the due date for payment;
(c) in the Provider’s reasonable opinion, the Client’s financial position is such that the Client’s capability adequately to fulfil its obligations under the Contract is in jeopardy; or
(d) there is a Change of Control of the Client.
16.5 The Provider may suspend or terminate the Contract, or any Service with immediate effect by giving written notice to the Client if the Client, any of the Client’s Ultimate Beneficial Owner(s) or any Relevant Person is subject to any Sanctions or appear on any Sanctions List.
16.6 On termination of the Contract for any reason:
(a) the Client shall immediately cease all use of the Services and the Documentation;
(b) each party shall return and make no further use of any equipment, property, Documentation and all other items (and all copies of them) belonging to the other party;
(c) the Client agrees that, except as provided in the Data Processing Addendum, the Provider may destroy or otherwise dispose of any of the Client Data in its possession, unless the Provider receives, no later than 90 days after the effective date of termination of the Contract, a written request for the delivery to the Client of the then-most-recent copy of the Client Data in the Provider’s possession or control. The Provider shall use reasonable commercial endeavours to deliver the copy to the Client within 30 days of its receipt of such a written request, provided that the Client has, at that time, paid all fees and charges outstanding at or resulting from termination (whether or not due at the date of termination). The Client shall pay all reasonable expenses incurred by the Provider in returning or disposing of Client Data;
(d) any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the Contract, which existed at or before the date of termination shall not be affected or prejudiced; and
(e) the Surviving Provisions shall survive termination of the Contract.
17. Limitation of liability
THE CLIENT’S ATTENTION IS DRAWN PARTICULARLY TO THIS CLAUSE
17.1 Except as expressly and specifically provided otherwise in the Contract:
(a) the Client assumes sole responsibility for any Client Data hosted or processed using the Services and the Documentation. The Provider shall have no liability for any damage caused by errors or omissions in any information, instructions or scripts provided to the Provider by the Client or any Authorised Entity in connection with the Services, or any actions taken by the Provider at the Client’s direction;
(b) all warranties, representations, terms, conditions and all other terms of any kind whatsoever implied by law are, to the fullest extent permitted by applicable law, excluded from the Contract; and
(c) the Services and Documentation are provided to the Client on an “as is” basis.
17.2 Nothing in the Contract excludes or limits the liability of either party for:
(a) death or personal injury caused by that party’s negligence;
(b) fraud or fraudulent misrepresentation; or
(c) any other liability which cannot be excluded or limited by law.
17.3 Subject to Clause 17.1 and Clause 17.2:
(a) the Provider shall only be liable for direct losses arising out of or in connection with the Contract and shall not be liable for any indirect or consequential loss;
(b) the Provider shall not be liable for any loss of profit, loss of revenue, loss of business, loss of opportunity or contracts, business interruption, loss of use, loss of data or loss of goodwill;
(c) the Provider shall not be liable for any loss or damage suffered by the Client, Authorised Entities or Authorised Users in connection with any Third Party Service; and
(d) the Provider’s total aggregate liability arising out of or in connection with the Contract shall be limited to an amount equal to (i) the Subscription Fees paid by the Client under the Contract in respect of the calendar year in which the most recent claim arose or (ii) £1,000 (one thousand pounds), whichever is greater.
17.4 The exclusions and limitations of liability in this Clause 17 apply whether the liability in question arises in contract, tort (including negligence), breach of statutory duty or under any other theory.
18.1 Confidentiality. A party shall disclose information not in the public domain relating to the other
(a) the person to whom the disclosure is made needs the information for the disclosing party to carry out its obligations under a Contract, and does not itself disclose it;
(b) disclosure is to that party’s professional advisers, auditors, investors, potential investors, Affiliates or bankers, under conditions of confidentiality; or
(c) disclosure is required by the law, or a court or governmental or regulatory authority.
18.2 Matters beyond reasonable control. Neither party shall be liable for any delay or failure in performance of any of its obligations under the Contract resulting from a Force Majeure Event. However, if the Force Majeure Event continues to cause a party to need relief from the impact of its delay or failure for one month or longer, the other party may terminate the Contract immediately by giving notice to the affected party. A Force Majeure Event shall not relieve a party of its duty to pay the Service Fees as they fall due under this Contract and no refunds of Service Fees paid in advance shall be payable as a result of a Force Majeure Event.
(a) The Provider may at any time assign, subcontract (except as expressly provided otherwise in the Data Processing Addendum), or otherwise create an interest in any of its rights and obligations under a Contract without the consent of the Client.
(b) The Client may not assign, subcontract, or otherwise create any interest in any of its rights and obligations under a Contract without the prior written consent of the Provider.
18.4 Entire agreement. A Contract constitutes the entire agreement between the parties relating to its subject matter and supersedes and extinguishes any previous agreement or understanding (written or oral) between them relevant to that subject matter.
18.5 No reliance. Each party acknowledges that, in entering into a Contract, it does not rely on, and shall have no remedy in respect of, any promise, assurance, statement, warranty or undertaking that is not set out in the Contract.
18.6 Waiver. No failure or delay by a party to exercise any right or remedy provided under a Contract or by law shall constitute a waiver of that or any other right or remedy, nor shall it preclude or restrict the future exercise of that or any other right or remedy. No single or partial exercise of any right or remedy shall preclude or restrict the further exercise of that or any other right or remedy.
18.7 Rights and remedies. The rights and remedies provided under a Contract are in addition to, and not exclusive of, any rights or remedies provided by law.
18.8 Severance. If any provision or part-provision of a Contract is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision of part-provision under this Clause 18.8 shall not affect the validity or enforceability of the rest of this Contract.
(a) Subject to Clause 9.11, any notice given to either party under or in connection with this Contract shall be in writing and shall be delivered by:
(i) hand or by pre-paid first-class post or other next working day delivery service at its registered office (in the case of a company or limited liability partnership) or to the address on the Order (in the case of a sole trader or partnership); or
(ii) in the case of the Provider giving notice to the Client, to the Client’s billing email address and in the case of the Client giving notice to the Provider, to: firstname.lastname@example.org with a copy to email@example.com (which shall not constitute notice);
(b) A notice will be deemed to have been received:
(i) if delivered by hand, on signature of a delivery receipt; or
(ii) if sent by pre-paid or first-class post or other next working day delivery service, on the second Business Day after posting; or
(iii) if sent by email, on the same day the email is sent, if sent before 5pm on a Business Day, or if not, on the next Business Day after transmission.
(c) This Clause 18.9 does not apply to the service of any proceedings or other documents in any legal action or other method of dispute resolution.
18.10 Counterparts. This Contract may be executed in counterparts, each of which when executed shall constitute a duplicate original, but the counterparts shall together constitute the same agreement.
18.11 No partnership. Nothing in the Contract is intended to establish any partnership, appoint either party the agent of the other, or otherwise authorise either party to commit the other in any way whatsoever.
18.12 Third party rights. Except as expressly provided otherwise in these Conditions, a person who is not a party to the Contract shall have no rights to enforce any term of the Contract.
18.13 Governing law and jurisdiction. The construction, validity and performance of the Contract and all non-contractual obligations, disputes or claims arising from or connected with the Contract shall be governed by English law and the parties hereby irrevocably submit to the exclusive jurisdiction of the English courts to resolve any dispute between them in connection with the Contract and such disputes or claims.
19. Definitions and interpretation
19.1 The following definitions and rules of interpretation apply in this Agreement:
Affiliate means, in relation to a company, any Subsidiary or Holding Company of that company, and any Subsidiary of a Holding Company of that company, in each case from time to time;
Alto Service means the service, features and functionality of the Provider’s proprietary hosted software solution known as “Alto”, as amended or updated from time to time;
Audit is defined in Clause 7.1;
Authorised Entity means, in respect of a particularly Service, any branch, company, limited liability partnership or other entity who the Client and the Provider have agreed in writing may use the relevant Service;
Authorised Users means, in respect of a particular Service, those named employees, agents and independent contractors of the Client or of any Authorised Entity, who are authorised by the Client or by the relevant Authorised Entity in accordance with the Contract to use the particular Service;
Business Day means a day other than a Saturday, Sunday or public holiday in England;
Change of Control means, where the Client is a body corporate, a change in the identity of the person who has Control of the Client, where “Control” has the same meaning as given in Section 1124 Corporation Tax Act 2010;
Client means the person or firm purchasing Services from the Provider, as stated in the relevant Order;
Client Data means any data inputted into any of the Services by the Client, an Authorised Entity or an Authorised User or by the Provider on behalf of the Client, including any E-Signature Documents (if applicable), and any Client Personal Data (as defined in the Data Processing Addendum);
Client Default is defined in Clause 15.2;
Client Information means: Client Data; Files (including their contents); materials, data and information relating to and arising or derived from the Client’s or an Authorised Entity’s or Authorised User’s use of and interactions with Alto and the Services, the Files or the properties in the Files; property details; applicant, purchaser and vendor lead and transaction data; any materials, data or information provided to the Provider by the Client, an Authorised Entity or Authorised User; any materials, data and information derived from any of the foregoing; and in all cases including any Intellectual Property Rights subsisting therein;
Conditions means these terms and conditions and the Schedules to these terms and conditions, as amended from time to time in accordance with Clause 1.5;
Contract means the contract between the Client and the Provider for Services as described in Clause 1;
Controlling Interest means an interest in shares giving to the holder or holders control of the Client within the meaning of Section 1124 of the Corporation Tax Act 2010;
Data Feed Services means the data feed services described in Schedule 3;
Data Processing Addendum means the data processing addendum at Schedule 7;
Data Protection Legislation is defined in the Data Processing Addendum;
Documentation means documentation and materials made available by the Provider to the Client or Authorised Entities in connection with the Services;
Downtime means any time during which the Services are unavailable to the Client;
Effective Date means the date the order form for the Alto Service generated by the Provider and signed by or on behalf of the Client, is returned by the Client to the Provider;
E-Signature Document is defined in Schedule 6;
E-Signature Services means the e-signature service described in Schedule 6;
Files means electronic files containing the property information designated by the Provider (which, as of the date of the Contract, comprises the information set out in Schedule 4) and which are made available to the Provider by the Client in connection with the Data Feed Service;
Force Majeure Event means an Act of God; war; riot, civil commotion; strike, lockout or other labour disturbance (not including those involving the affected party’s employees); outbreak of epidemic or infectious disease, quarantine restrictions or restrictions against entry into any country where services or materials are being obtained or delivered, and any other circumstances beyond the reasonable control of the affected party;
Geo Data Terms means the end user licence terms for UK geographic data set out in Schedule 5, as may be updated from time to time;
Holding Company is defined in Section 1159(1) of the Companies Act 2006;
Indemnified Party is defined in Clause 13.7;
Indemnity Claim is defined in Clause 13.7;
Initial Subscription Term is defined in Clause 4.1;
Intellectual Property Rights means all intellectual property rights whether registered or unregistered and including all applications and rights to apply for and be granted any intellectual property right, and all renewals and extensions of, and rights to claim priority from, such rights and all similar forms of protection in any part of the world; ;
Login Credentials means user names, passwords, security credentials or authentication keys issued to the Client, an Authorised Entity or an Authorised User or created by the Client, an Authorised Entity or an Authorised User at the Provider’s invitation for access to the Services;
Losses is defined in Clause 13.4;
Order means the order form generated by or on behalf of the Provider, signed by or on behalf of the Client, and returned by the Client to the Provider;
PAF End User Terms means the end user licence terms for the Royal Mail’s Postal Address File service currently available at https://s3-eu-west-1.amazonaws.com/files.propertysoftwaregroup.com/documents/product/royalmail/2015 _Schedule_1.pdf, as may be updated from time to time;
Portals means the online property portals in respect of which the Client may request copies of property listing details to be made available in Files;
Professional Services means data migration services, set-up, installation, customisation and/or configuration services, and any professional services specified in the Order;
Provider means Vebra Solutions Limited, a company registered in England and Wales with registered number 04529917 and with its registered office at The Cooperage, 5 Copper Row, London SE1 2LH;
Provider IP Claim is defined in Clause 13.1;
Provider Items means: (a) Services; (b) software used by the Provider in the performance of the Services; (c) Documentation; (d) all other works, deliverables and materials provided or made available to the Client or an Authorised Entity by or on behalf of the Provider or its third party licensors; and (e) all modifications to and/or derivative works based on any of the foregoing, but excluding Client Data;
Provider Website(s) means: (a) the website located at https://www.altosoftware.co.uk/; and/or (b) any other website whose domain name is owned or controlled or powered by the Provider as the Provider may determine and via which Services are provided;
Relevant Person(s) means directors, officers, and employees of (a) the Client; (b) any of Client’s Affiliates; and/or (c) any Authorised Entity;
Renewal Date means the date of on which a subscription for the Services renews in accordance with Clause 4.1(b);
Renewal Term is defined in Clause 4.1(b);
Sanctions means any trade, economic or financial sanctions, embargoes or restrictive measures administered, maintained, enforced or imposed from time to time by a Sanctions Authority;
Sanctions Authority means the United Kingdom, the European Union, any member state of the European Union, the United States, the United Nations, or any other relevant jurisdiction, or any government or official institution or agency of any of the above;
Sanctions Checks means the Provider’s due diligence investigations and checks to verify that the Client, its Affiliates, Authorised Entities, all Relevant Persons, and Ultimate Beneficial Owners of the Client or of any Authorised Entity are not subject to Sanctions;
Sanctions List means the Consolidated List of Financial Sanctions Targets issued by Her Majesty’s Treasury, the “Specially Designated Nationals and Blocked Persons” list issued by the United States Office of Foreign Assets Control, or any similar list issued, maintained or made public by a Sanctions Authority;
Service Fees means the fees payable by the Client to the Provider in respect of the Services, as set out in the relevant Order, or as otherwise detailed in the Contract;
Services means the services specified in the relevant Order, which may include Alto Service, Data Feed Services, SMS Services, E-Signature Services, and/or Support Services, as applicable, and any Professional Services and/or Training that the Provider agrees to provide for the Client (whether specified in the relevant Order or not);
SMS Fees means the fees payable by the Client to the Provider in respect of the SMS Services, as set out in the relevant Order;
SMS Services means the SMS service described in Schedule 2;
Subscription Fees means the monthly fees for Subscription Services, as set out in the Order; Subscription Services means Services for which the Provider charges the Client a monthly subscription;
Subscription Start Date means the date on which the Provider confirms to the Client in writing that the Alto Service is activated and ready to be put into live use by the Client, or the date on which the Client first puts the Alto Service into live use, whichever is sooner;
Subscription Term means in relation to a Contract, the Initial Subscription Term and all Renewal Terms;
Subsidiary is defined in Section 1159(1) of the Companies Act 2006;
Surviving Provisions means Clauses 7, 9, 11, 12, 13, 15.2, 16.4, 17, 18 and 19, Paragraph 4.6 of Schedule 7, and (to the extent applicable to the relevant Service) Paragraph 6 of Schedule 2, Paragraph 6 of Schedule 3 and Paragraph 2 of Schedule 6;
Support Services means the support services described in Schedule 1;
Third Party Licences means the PAF End User Terms, Geo Data Terms, Google Terms and such other licences as the Provider may notify to the Client from time to time and as posted here https://www.altosoftware.co.uk/third-party-licences/;
Third Party Services means services, data, information, content, software, and other works provided, controlled or owned by a third party, including any that may be linked to, interact with or used by the Services;
Training means training in the use of the Services as described or specified in the Order.
Ultimate Beneficial Owner means, in relation to the Client or an Authorised Entity (a) if the Client or Authorised Entity is a company, any natural person(s) who directly or indirectly own(s) or control(s) 10% or more of the shares of the Client or Authorised Entity, or any natural person(s) who exercise(s) a Controlling Interest in the Client or Authorised Entity; (b) if the Client or Authorised Entity is a limited liability partnership, any member; (c) if the Client or Authorised Entity is a general or limited partnership, any partner;
User Subscriptions means the user subscriptions purchased by the Client which entitle Authorised Users to access and use the Services and the Documentation in accordance with the Contract;
VAT means value added tax or any equivalent tax chargeable in the UK or elsewhere;
Virus means any thing or device (including any software, code, file or programme) which may: (i) prevent, impair or otherwise adversely affect the operation of any computer software, hardware, network, telecommunications service, equipment or any other service or device; (ii) prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or (iii) adversely affect the user experience, including worms, Trojan horses, viruses and other similar things or devices.
(a) A reference to a statute or statutory provision is a reference to it as amended or re-enacted. A reference to a statute or statutory provision includes all subordinate legislation made under that statute or statutory provision;
(b) Any words following the terms “including”, “include”, “in particular”, “for example” or any similar expression shall be construed as illustrative and shall not limit the sense of the words, description, definition, phrase or term preceding those terms;
(c) A reference to “writing” or “written” includes fax but not email; and
(d) remedies are cumulative and do not affect a party’s other rights and remedies under the
Contract or law.
Before accessing Support, the Client may wish to explore the Provider’s Help Centre, which provides answers to common queries about the Services. Help Centre resources can be accessed at https://support.altosoftware.co.uk/
Support for the Services shall comprise a remote customer support desk. The Provider will use reasonable endeavours to make the customer support desk available 9.00am – 5.30pm on Business Days
(excluding 12 noon to 5.30pm on Christmas Eve). The Provider will endeavour, where it is reasonably practicable to do so, to give the Client prior notice if the customer support desk will be unavailable.
Accessing support and contacting the customer support desk can be done by submitting a query via the Help Centre within the Alto Service.
Any calls made by the Client to the Provider may be recorded for training and monitoring purposes. The Provider monitors and records its calls to ensure that it maintains the highest possible standards of service to its customers and regularly carries out surveys to encourage feedback from its customers.
The Provider shall respond to any telephone calls or emails by the method it deems most appropriate, which may be by telephone, email or remote dial-in.
Support does not include any on-site assistance and will only be provided remotely. The Client shall provide to the Provider, its employees, contractors, agents and all other persons duly authorised by the Provider with full, safe and uninterrupted access (including remote access) to the Client’s systems and facilities as may be reasonably required by the Provider for the purpose of providing support.
The Client shall:
Support does not include:
*These services may be provided by the Provider at its sole discretion, for an additional charge (rates available on request).
The Client may not modify any databases within the Alto Service and any such modification shall constitute an irremediable material breach, entitling the Provider to terminate the Contract immediately on notice to the Client.
THE CLIENT’S ATTENTION IS DRAWN PARTICULARLY TO PARAGRAPH 5 OF THIS SCHEDULE
1. If the Client elects to receive the SMS Services, and subject to payment by the Client of the SMS Service Fees, the Provider shall provide the Client with access to the SMS Services from within the Alto Service.
2. If technical and operational conditions allow, the Provider shall permit the Client access to the SMS Services within two Business Days after payment of the relevant SMS Fees.
3. The Provider shall:
(a) provide the Client with reasonable instructions on how to access the SMS Services. The Provider may change these instructions, the location of the SMS Service servers and methods of accessing the SMS Service servers at any time, and the Provider shall use reasonable endeavours to provide the Client with advance notice of any such changes;
(b) use reasonable endeavours to ensure successful delivery of messages sent by the Client using the SMS Service. The Client acknowledges that successful delivery of messages through the SMS Service depends on a range of factors outside of the control of the Provider, including internet service providers, telecommunications companies and network operators, and so the Provider cannot guarantee delivery of any messages sent by the Client using the SMS Service;
(c) not be liable for the content of any messages sent by the Client using the SMS Service;
(d) use reasonable endeavours to ensure uptime of the SMS Services, but shall not be liable for downtime caused by circumstances beyond the reasonable control of the Provider;
(e) reserve the right to carry out maintenance and technical alterations to equipment which may affect the availability to the Client of the SMS Service; and
(f) reserve the right to suspend or stop provision of the SMS Services at its discretion at any time, for any reason, without notice to the Client.
4. The Client acknowledges and agrees that:
(a) in order to use the SMS Service, the Client must obtain (as appropriate) email and access to the internet and pay any fees associated with such access. In addition, the Client shall provide at its own cost all hardware and other equipment necessary to make such a connection to the internet;
(b) to protect the integrity of the system and the SMS Services, the Client shall not send unlawful, obscene, abusive, harassing or threatening messages using the SMS Service. Unsolicited marketing (spamming) is strictly prohibited;
(c) the Client is responsible to the Provider for any use of the Client’s passwords by any third party. The Client shall pay for all messages sent using the SMS Service from the Client’s account, and it is therefore recommended that the Client keeps its password confidential;
(d) after the Client has entered into a Contract relating to SMS Services and has set up a direct debit mandate, the Provider shall send to the Client a password by email. This password serves as authentication of the Client’s identity to the Provider and the Provider shall not be required to perform any further authentication of the Client’s identity;
(e) all activities conducted using the Client’s SMS Service account may be traced to the Client and are deemed to have been performed by the Client and are legally binding for the Client;
(f) the Client shall be responsible for the content of any messages sent using the SMS Service. The Client shall use the SMS Service in accordance with all applicable laws and regulations (including the Direct Marketing Association’s Code of Practice from time to time) and network operator requirements and shall not use the SMS Service to transmit any content which is unlawful, offensive or which could in the Provider’s sole determination bring the Provider’s reputation or the reputation of the SMS Service into disrepute;
(g) the Provider takes complaints (whether from individuals, third parties, network operators, regulators (including the Information Commissioner’s Office, and any other public or enforcement authority) relating to the Client’s use of the SMS Service very seriously, and may suspend provision of the SMS Service if any such complaint is received; and
(h) it is advised to include its own contact details in messages sent using the SMS Service to ensure that any complaints are direct to the Client (and not to the network operator, the Provider or any third party), and the Provider reserves the right to remove telephone numbers from the SMS Service database in its sole discretion if a complaint is received with respect to that number.
5. The Client shall indemnify the Provider, its Affiliates, and their respective directors, officers, employees, agents and subcontractors against all Losses incurred by them arising out of or in connection with any use of the SMS Service by the Client or through the Client’s SMS Service account other than in accordance with the terms of the Contract and applicable law.
Data Feed Services
1. If the Client elects to receive the Data Feed Services, and subject to payment by the Client of the Data Feed Service Fees, the Provider shall enable the Client to make available Files to the selected Portals that maintain an agreement with the Provider for this purpose. The provision of Files to a Portal is dependent upon a contract between the Provider and the third party provider of the
specified Portal. The Client acknowledges that the Provider may therefore be unable to provide the Files to Portals requested by the Client if a contract with the third party provider is not in place. It is the Client’s responsibility to notify the third party provider of the specified Portal when the Client wishes to start using the Data Feed Services.
2. The Provider:
(a) may change the specification of the Files at any time without notice to the Client;
(b) does not commit to provide the Files to the Portals on any particular frequency;
(c) shall not be liable for the accuracy, completeness or fitness for a particular purpose of the content of any of the Files provided by the Client;
(d) reserves the right to suspend or stop providing the Files to any or all Portals at any time without notice to the Client; and
(e) may access and use the data contained in the Files for its own business purposes at its discretion, and the Client grants to the Provider a worldwide, non-exclusive, perpetual, irrevocable, transferable, sub-licensable right to the Files (and any Intellectual Property Rights in the Files) for this purpose.
3. The Client:
(a) warrants that it is authorised to allow the upload of the information contained in each File on to the Portals (including by having in place all necessary licences, authorisations and consents) and that it has in place a valid, enforceable, written agreement with each Portal provider before submitting Files to the Provider for transmission to the relevant Portal;
(b) shall not, nor shall the Client permit any third party to, copy, reproduce, redistribute, download, republish, transmit, display, adapt, alter, create derivative works from or otherwise extract or re-utilise any information made available on any Portal, whether for commercial gain or otherwise, without the prior written consent of the Provider;
(c) shall not, nor shall the Client permit any third party to, reference or link (whether directly or indirectly) to any website operated by the Provider or any of its Affiliates without the prior written consent of the Provider; and
(d) shall be solely responsible for the content of any Files.
4. The Provider reserves the right to charge the Client for any Files made available at a future date.
5. The Data Feed Service Fees are inclusive of one website feed. Additional Service Fees apply for any additional website feed. The Provider may review the fees payable for the Data Feed Service on an annual basis and may change such fees by giving notice to the Client.
6. The Client acknowledges that the Files may contain bugs, errors and other problems that may cause system failures. The Client acknowledges that the Files are provided on an “as is” basis without warranty of any kind (including as to accuracy, completeness and fitness for a particular purpose).
Unless otherwise agreed with the Client, the Provider shall enable the Client to supply the following property information to the Portals:
This specification for Files is under constant development and the Provider reserves the right to change the property information that may be supplied to the Portals at any time without notice to the Client.
Geo Data Terms
UK Geographic Data
End User Terms for GeoData
1.1. In this case:
The “GeoData” is made up from several sources:
a. Ordnance Survey data © Crown copyright and database right 2015
b. Royal Mail data © Royal Mail copyright and database right 2015
c. National Statistics data © Crown copyright and database right 2015
d. Allies Computing Ltd © copyright and database right 2015
e. Land and Property Services (LPS) © Crown copyright and database right 2015
1.2. “End Users” are the Companies or Organisations that purchase/use the GeoData within Allies Computing Ltd’s products and services.
2. Ownership and Copyright of the GeoData
2.1. Part of the GeoData contains the Office for National Statistics NSPD Open Data. The terms which apply to this data only are as follows:
2.2. At all times the copyright in the Open Data, in any format, belongs to the Crown, or have been licensed to the Crown. The following attribution statements apply to this licence which must be acknowledged when the Data is used:
2.2.1. Contains Ordnance Survey data © Crown copyright and database right 2010
2.2.2. Contains Royal Mail data © Royal Mail copyright and database right 2010
2.2.3. Contains National Statistics data © Crown copyright and database right 2010
2.3. Any sub-licences that we grant must include the same acknowledgment, and further sub-licences must do the same.
2.4. Part of the GeoData contains LPS Data. The terms which apply to this data only are as follows:
2.4.1. At all times the copyright in LPS Data, in any format, belongs to the Crown, or have been licensed to the Crown. The following attribution statements apply to this licence which must be acknowledged when the Data is used: Contains Land and Property Services data © Crown copyright and database right 2010
2.5. Other parts of the GeoData are provided by Allies Computing Ltd. This data may include:
2.6. The Office for National Statistics has licenced Allies Computing Ltd to resell the data within its products and services.
3. Transfer Restrictions
The GeoData is licensed only to you, the End User, and may not be transferred to anyone without the prior written consent of Allies Computing Ltd. In no event may you transfer, assign, rent, lease, sell or otherwise dispose of the GeoData on a temporary or permanent basis.
4. Restrictions on use
4.1. Access to and use of the GeoData indicates your acceptance of these terms and conditions. If you do not agree with them, you should promptly return the GeoData.
4.2. You must ensure that you do not use the GeoData in any way that suggests the Data Provider endorses you or your use of the GeoData.
4.3. You must ensure that you do not misrepresent the GeoData or its source.
4.4. End Users shall register with Allies Computing Ltd and state if the use of the GeoData is for 1) external website use or 2) internal use. The End User shall also declare all other facts that may affect the licence and pricing.
4.5. The GeoData may only be used for the End Users own purposes and the provision of services to other Third Parties is not permitted, unless expressly authorised by Allies Computing Ltd.
4.6. End Users who would like to offer this service to other Third Parties should inform Allies Computing Ltd.
4.7. End Users must comply with the relevant data protection provisions.
5. Additional Disclaimer for Office for National Statistics Data
5.1. The Office for National Statistics expressly excludes all warranties (expressed or implied) including, without limitation, implied warranties of merchantability and fitness for a particular purpose with respect to defects in the Data. No warranty is given by the Office for National Statistics as to the accuracy and/or comprehensiveness of the Data, or for the continued supply of the Data.
5.2. In no event shall the Office for National Statistics be liable for any loss of profit and/or any other commercial damage including without limitation special, incidental, consequential or other damages.
5.3. This Licence is covered by the laws of England and Wales.
THE CLIENT’S ATTENTION IS DRAWN PARTICULARLY TO PARAGRAPH 2 OF THIS SCHEDULE.
1. If the Client elects to receive the E-Signature Services, and subject to payment by the Client of the E-Signature Service Fees, the Provider shall provide the Client with access to the E-Signature Services .
2. The Client acknowledges that by using the E-Signature Services, it will be responsible for ensuring that any agreements intended to be executed using the E-Signature Services (“E-Signature Documents”) are valid and enforceable and comply with all relevant legal and regulatory requirements. The Client shall indemnify the Provider, its Affiliates, and their respective directors, officers, employees, agents and subcontractors against all liabilities, costs, expenses, damages and losses (including any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties and reasonable legal and other professional costs and expenses) suffered or incurred by them arising out of or in connection with:
(a) any claim by a third party arising out of or in connection with the E-Signature Documents;
(b) without limiting the generality of Paragraph 2.a above, any claim by any customer of the Client, or any party with whom that customer of the Client seeks to contract using the E-Signature Services, arising (whether in whole or part) out of or in connection with any agreement or relationship into which those parties enter, or intend to enter, using the E-Signature Services;
(c) any other claim made by a third party arising (whether in whole or in part) out of or in connection with the Client’s use of the E-Signature Services; and
(d) any assistance provided under Paragraph 5 below.
3. As soon as reasonably practicable following execution of an E-Signature Document, the Provider shall use reasonable endeavours to cause the applications to send a copy of the executed E-Signature Document to each of the parties with respect to whom the Client has provided a complete and accurate email address.
4. During the Term, the Provider shall, within 30 days after a reasonable request from the Client, provide the Client with a PDF copy of any E-Signature Document within the Provider’s possession or control by email attachment. The Provider shall not provide any such copy to any customer of the Client, unless otherwise permitted by this Agreement, required to do so by law, or approved in writing by the Client. If the Provider receives a request for a copy of any E-Signature Document from any third party, the Provider shall direct the third party to the Client.
5. During the Term, the Provider shall, at the Client’s expense, provide the Client with reasonable assistance with respect to any legal or other proceedings relating to the execution of any E-Signature Document. The Provider’s obligation under this Paragraph 5 shall be limited to providing reasonable information relating to the use of the E-Signature Services by the Client and the customers of the Client and providing the Client with a copy of the relevant E-Signature Document in the Provider’s possession or control. The Provider shall not be required to assist with or participate in any such proceedings if doing so would place the Provider in a position adverse to any former, current or potential customer, partner or supplier of the Provider or its Affiliates.
6. On termination of the relevant Contract for any reason, the provisions of Clause 16.4(c) shall apply with respect to the ESignature Documents.
Schedule 7 – Data Processing Addendum
1. Scope and definitions
1.1 This Data Processing Addendum (“DPA”) applies to the extent that the Provider processes personal data under or in connection with provision of the Services to Client.
1.2 For the purposes of this DPA, the following terms shall have the following meanings:
(a) “controller”, “processor”, “data subject”, “personal data” and “processing” (and “process”) shall have the meanings given in UK Data Protection Law;
(b) “Data Protection Legislation” means data protection and privacy laws and regulations applicable to the personal data in question, specifically, UK Data Protection Law;
(c) “Restricted Transfer” means: where the UK GDPR applies, a transfer of personal data from the United Kingdom to any other country which is not based on adequacy regulations pursuant to Section 17A of the United Kingdom Data Protection Act 2018; and
(d) “Standard Contractual Clauses” means: where the UK GDPR applies, the “International Data Transfer Addendum to the EU Commission Standard Contractual Clauses” issued by the Information Commissioner under s.119A(1) of the Data Protection Act 2018 (“UK Addendum”).
(e) “UK Data Protection Law” means: (i) the EU General Data Protection Regulation 2016/679 as saved into United Kingdom law by virtue of section 3 of the United Kingdom’s European Union (Withdrawal) Act 2018 (the “UK GDPR”); (ii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iii) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i) or (ii); in each case as may be amended or superseded from time to time;
2. Relationship of the parties (Provider as controller)
2.1 The parties agree that Provider and Client are separate and independent controllers of the following personal data: business contact information including names, addresses, job titles, telephone numbers, email addresses and bank account information (“Client Business Data”) for the purposes of account and client management including, but not limited to, contractual engagement, invoicing and billing and direct marketing. To the extent that Provider and Client are separate and independent controllers, they shall each comply with their own obligations under Data Protection Legislation.
3. Relationship of the parties (Provider as processor)
3.1 The parties agree that Client instructs Provider to process the personal data described in Annex I (“Client Personal Data”) on its behalf. In respect of such processing of Client Personal Data, Client shall be the controller and Provider shall be a processor. To the extent that Provider processes Client Personal Data as processor, the following shall apply:
3.1.1 Prohibited data: Client shall not disclose any special categories of Client Personal Data to Provider for processing.
3.1.2 Purpose limitation: Provider shall process the Client Personal Data as necessary to perform its Services under the relevant Order and for the purposes set out in Annex I, and strictly in accordance with the documented instructions of Client (the “Permitted Purpose”), except where otherwise required by law(s) that are not incompatible with Data Protection Legislation. In no event shall Provider process the Client Personal Data for its own purposes or those of any third party. Provider shall immediately inform Client if it becomes aware that such processing instructions infringe Data Protection Legislation, but without obligation to actively monitor Client’s compliance with Data Protection Legislation.
3.1.3 Restricted transfers: The parties agree that in the event that a transfer of Client Personal Data from Client to Provider is a Restricted Transfer, the parties shall agree to enter into the appropriate Standard Contractual Clauses, as applicable prior to any such Restricted Transfer.
3.1.4 Onward transfers: Provider shall not participate in (nor permit any subprocessor to participate in) any other Restricted Transfers of Client Personal Data (whether as an exporter or an importer of the Data) unless the Restricted Transfer is made in full compliance with Data Protection Legislation and pursuant to Standard Contractual Clauses implemented between the relevant exporter and importer of the Client Personal Data.
3.1.5 Confidentiality of processing: Provider shall ensure that any person that it authorises to process the Client Personal Data (including Provider’s staff, agents and subprocessors) (an “Authorised Person”) shall be subject to a strict duty of confidentiality (whether a contractual duty or a statutory duty), and shall not permit any person to process the Client Personal Data who is not under such a duty of confidentiality. Provider shall ensure that all Authorised Persons process the Client Personal Data only as necessary for the Permitted Purpose.
3.1.6 Security: Provider shall implement appropriate technical and organisational measures, which shall be updated from time to time, to protect the Client Personal Data from accidental or unlawful destruction, loss, alteration, or unauthorised disclosure or access (a “Security Incident”). Such measures shall include, as appropriate:
(b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
(c) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
3.1.7 Subprocessing: Client gives Provider a general authorisation to engage third party subprocessors to process Client Personal Data provided that (i) Provider posts details of such subprocessors on the Provider’s website or on written request and Client shall have the right to object to a subprocessor within 30 days of (a) Provider posting the details of such subprocessor on the website, or (b) receipt of a notification of such subprocessor via an alternative method (ii) Provider imposes data protection terms on any subprocessor it appoints that protect the Client Personal Data, in substance, to the same standard provided for by this DPA; and (iii) Provider remains fully liable for any breach of this DPA that is caused by an act, error or omission of its subprocessor. If Client objects to Provider’s appointment of a third party subprocessor on reasonable grounds relating to the protection of the Client Personal Data, then the parties shall negotiate in good faith to find a solution, and agree that any additional cost arising out of the outcome of such negotiation will be borne by the Client.
3.1.8 Cooperation and data subjects’ rights: Provider shall provide all reasonable and timely assistance to Client at Client’s expense to enable Client to respond to: (i) any request from a data subject to exercise any of its rights under Data Protection Legislation (including its rights of access, correction, objection, erasure and data portability, as applicable); and (ii) any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the Client Personal Data. In the event that any such request, correspondence, enquiry or complaint is made directly to Provider, Provider shall promptly inform Client providing full details of the same.
3.1.9 Data Protection Impact Assessment: Provider shall provide Client with all such reasonable and timely assistance as Client may require in order to enable it conduct a data protection impact assessment in accordance with Data Protection Legislation including, if necessary, to assist Client to consult with its relevant data protection authority.
3.1.10 Security incidents: Upon becoming aware of a Security Incident, Provider shall inform Client without undue delay and shall provide all such timely information and cooperation as Client may require in order for Client to fulfil its data breach reporting obligations under (and in accordance with the timescales required by) Data Protection Legislation. Provider shall further take all such measures and actions as are necessary to remedy or mitigate the effects of the Security Incident and shall keep Client informed of all developments in connection with the Security Incident.
3.1.11 Deletion or return of Client Personal Data: The parties agree that during the provision of the Services, Client instructs Provider to delete Client Personal Data in accordance with Provider’s policies. Upon termination or expiry of the Services, Provider shall (at Client’s election and cost) destroy or return to Client all Client Personal Data in its possession or control (including any Client Personal Data subcontracted to a third party for processing). This requirement shall not apply to the extent that Provider is required by any applicable law to retain some or all of the Client Personal Data, in which event Provider shall isolate and protect the Client Personal Data from any further processing except to the extent required by such law until deletion is possible.
3.1.12 Audit: Provider shall permit Client or its appointed third party auditors (at Client’s expense) to audit Provider’s compliance with this DPA, and shall make available Client all information, systems and staff necessary for Client or its third party auditors to conduct such audit. Provider acknowledges that Client or its third party auditors may enter its premises for the purposes of conducting this audit, provided that Client gives it reasonable prior notice of its intention to audit, conducts its audit during normal business hours, and takes all reasonable measures to prevent unnecessary disruption to Provider’s operations. Client will not exercise its audit rights more than once in any twelve (12) calendar month period, except (i) if and when required by instruction of a competent data protection authority; or (ii) Client believes a further audit is necessary due to a Security Incident suffered by Provider.
4. Authorised Entities:To the extent that Client enters into this DPA for the benefit of an Authorised Entity, and such Authorised Entity is the controller of the personal data processed by Provider pursuant to the Contract, the following terms shall apply:
4.1 Client warrants that it is authorised to represent the Authorised Entity and is entering into this DPA on the Authorised Entity’s behalf;
4.2 A reference in this DPA to ‘Client’ shall be construed as meaning:
4.2.1 Client, to the extent it is itself a controller of personal data processed by Provider pursuant to the Contract; and
4.2.2 each Authorised Entity that is a controller of personal data processed by Provider pursuant to the Contract (“Authorised Entity Data”) as such Authorised Entity is represented by the Client;
4.3 Any instructions, whether such instructions are set out in the Contract, the DPA or otherwise, from the Client to Provider in relation to Authorised Entity Data (“Instructions”) shall reflect the instructions of the relevant Authorised Entity and Provider shall be entitled to act on such Instructions as if they had been received directly from such Authorised Entity;
4.4 Client in entering into this DPA, acts on the instructions of the Authorised Entity and has the necessary authorisations and consents to make decisions in relation to the processing of any personal data of an Authorised Entity processed by the Provider pursuant to the Contract, including under the terms of this DPA;
4.5 Client shall procure that each Authorised Entity:
4.5.1 Complies with the obligations of the Client under this DPA as if the Authorised Entity were the Client; and
4.5.2 Exercises any audit right, right to receive information and rights to assistance under this DPA through the Client that is a party to the Contract and shall not itself exercise such rights.
4.6 Client indemnifies the Provider from and against all Losses suffered or incurred by the Provider with respect to the processing of any personal data for which an Authorised Entity is the controller, where such processing is carried out on and in accordance with the instructions of Client, including in accordance with its obligations under the Contract and provided that this indemnity shall not apply to Losses incurred by the Provider to the extent they arose as a direct result of the negligent act or omission or breach of the Contract by the Provider.
Annex I – Data Processing Description
Categories of data subjects:
Client and Authorised Entities’ customer data
Categories of personal data:
Any personal data provided to Provider for the performance of the Services under this Agreement
Sensitive data (if applicable) and applied restrictions or safeguards that fully take into consideration the nature of the data and the risks involved, such as for instance strict purpose limitation, access restrictions (including access only for staff having followed specialised training), keeping a record of access to the data, restrictions for onward transfers or additional security measures:
Nature of the processing:
For performance of the Services under this Contract.
Purpose(s) of the processing:
For performance of the Services under this Contract.
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period:
Subject to any terms within the Contract, the duration of the Contract and up to 90 days thereafter.
Schedule 8 – Acceptable Use Policy
1. The Client shall not access, store, distribute or transmit any Viruses, or any material during its use of the Services that:
(a) is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;
(b) facilitates illegal activity;
(c) depicts sexually explicit images;
(d) promotes unlawful violence;
(e) is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability; or
(f) is otherwise illegal or causes damage or injury to any person or property, and the Provider reserves the right, without liability to the Client or prejudice to its other rights, to disable the Client’s access to any material that breaches the provisions of this Clause 3.3.
2. The Client shall not:
(a) except as permitted by law or as necessary to access and use the Services in accordance with the Contract:
(i) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Alto Services or Documentation (as applicable) in any form or media or by any means; or
(ii) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Services; or
(b) access all or any part of the Services and Documentation to build a product or service which competes with the Services or the Documentation; or
(c) license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services or Documentation available to any third party except the Authorised Users; or
(d) attempt to obtain, or assist third parties in obtaining, access to the Services and/or Documentation, other than as expressly permitted under the Conditions.
3. The Client shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and the Documentation and, in the event of any unauthorised access or use, promptly notify the Provider.