Master Service Agreement (MSA)
1.1 In this Agreement the following terms shall have the following meanings:
“Provider” means Technology Within Limited;
“Customer” means the entity which is party to the Site Agreement (and the Customer’s Affiliate(s));
“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity.
“Authorised End User” means an individual authorised by the Provider or the Customer to use or access the Systems;
“Customer Provided Equipment” means any equipment at the Site provided and used by the Customer in order to use the Services or Systems;
“Equipment” means the equipment described in the EQUIPMENT & SITE FEES section on the Site Agreement. For the avoidance of doubt this includes all hardware on which the Systems are or will be installed and may include routers, servers, switches, telephones and related cabling;
“Incident” means a failure of the Systems, Equipment or Services to operate in accordance with their published specification;
“Incident Report” means a notification of an Incident which is raised to the Provider by the Customer;
"Intellectual Property Rights" means all vested, contingent and future intellectual property rights including but not limited to copyright, trademarks, design rights, trade names, patents, know-how, trade secrets, database rights or any similar right exercisable in any part of the world including any application for the registration of any patents or registered designs or similar registrable rights in any part of the world;
"Licence" means the licence granted by the Provider in accordance with clause 2;
“Personal Data” means all such “personal data”, as defined in Article 4 of the UK GDPR, as is, or is to be, processed by the Data Processor on behalf of the Data Controller, as described in Appendix 1 of Schedule 1
"Program Documentation" means the user instructions, operating manuals and all relevant documentation supplied by the Provider to enable the proper operation and functionality of the Systems and Equipment;
"Service Fee" means the fees for the provision of the Services as specified in the EQUIPMENT & SITE FEES section of the Site Agreement;
“Service Provider” means any third party from whom the Provider procures services in order to provide the Services under this Agreement;
“Services” means any services provided by the Provider under this Agreement and can include but is not limited to support, telephony provision and internet provision as set out in the SERVICES PROVIDED section of the Site Agreement;
"Site" means the premises specified by the Customer where the Provider is to install and/or deliver the Systems and the Equipment as set out in the SITE DETAILS section of the Site Agreement;
“SLA” means Service Level Agreement available at https://www.technologywithin.com/SLA;
“Site Agreement” means the agreement between the Provider and the Customer setting out the Services and Equipment to be provided by the Provider to the Site;
“Start Date” means the actual date from which Services are provided, as set out in the SERVICES PROVIDED section of the Site Agreement (unless otherwise agreed in writing by both parties);
"Systems" means any software installed on the Equipment to allow the Provider to provide the Services;
“Working Days” means Monday to Friday, 8.30-17.30 excluding bank and public holidays in the United Kingdom;
1.2 In this Agreement
1.2.1 Reference to clauses are to clauses of this Agreement
1.2.2 References to the singular include the plural and vice versa, and references to one gender include all other genders.
1.2.3 Any phrase introduced by the expressions “includes”, “including” or “in particular” or any similar expression shall be construed as illustrative and shall not limit the sense of the words preceding those terms.
1.2.4 Any reference to a statute, statutory provision or subordinate legislation (together “legislation”) shall (except where the context otherwise requires) (i) be deemed to include any bye-laws, licences, statutory instruments, rules, regulations, orders, notices, directions, consents or permissions made under that legislation and (ii) shall be construed as referring to any legislation which replaces, re-enacts, amends or consolidates such legislation (with or without modification) at any time.
1.2.5 Unless specifically provided to the contrary all notices under this Agreement shall be in writing.
1.2.6 Reference to times are to London times.
1.2.7 Any references to an “hour” means an hour in a day and any reference to a “day” means a period of 24 hours running from midnight to midnight.
1.2.8 A schedule is a schedule to this Agreement.
2 GRANT OF LICENCE
2.1 The Provider grants to the Customer a non-exclusive licence to use the Systems at the Site on the express terms of this Agreement (and not further or otherwise).
2.2 Title to the Systems shall remain with the Provider and not pass to the Customer.
3 PAYMENT AND FEES
3.1 All fees payable by the Customer shall be payable to the Provider in the currency stated in the Site Agreement by bank transfer in immediately available funds (without any set-off, deductions or withholding whatsoever) no later than 30 days after the date of invoice.
3.2 Service Fees shall be payable from the Start Date for that Service specified in the SERVICES PROVIDED section of the Site Agreement except where any Start Date is delayed at the Customer’s request (where such delay is possible) or by virtue of the Customer’s act, neglect or failure to fulfil its obligations hereunder, in which case the Service Fee for that Service shall be payable from the Anticipated Start Date for that Service specified in the SERVICES PROVIDED section of the Site Agreement.
3.3 The Provider shall have the right to charge interest on overdue invoices at the rate of 4% per annum above the base rate of Barclays Bank plc in force from the date when payment becomes due from day to day until the date of payment.
3.4 If the Provider has not received payment within 21 days after the due date, and without prejudice to any other rights and remedies of the Provider, the Provider may, without liability to the Customer, disable the Customer’s password, account and access to all or part of the Services and the Provider shall be under no obligation to provide any or all of the Services while the invoice(s) concerned remain unpaid.
3.5 The Provider reserves the right at any time to require the Customer to pay a deposit, or issue an irrevocable letter of credit or other form of security acceptable to the Provider if the Customer’s financial circumstances or payment history makes such a requirement necessary in the reasonable opinion of the Provider.
3.6 Any additional costs or expenses for additional services which are not covered by the terms of this Agreement will be charged at the Provider’s then current rates, including travel and accommodation expenses where relevant.
3.7 The Provider shall be entitled to increase the Service Fee payable at the start of each new period upon 120 days’ prior notice to the Customer. In addition, the Provider shall have the right at any time to increase the Service Fee to reflect any increase in charges to the Provide from any Service Provider.
To the extent that any part of the Systems or the Equipment has not been delivered at the date of this Agreement, the Provider shall install and/or deliver the Systems and the Equipment at the Site at the date(s) set out in the SERVICES PROVIDED section of the Site Agreement (or such later date(s) as may be agreed).
5.1 This Agreement shall commence on the Start Date and shall continue for the term set out in the SERVICES PROVIDED section of the Site Agreement (“Base Period”) and shall continue indefinitely thereafter until terminated in accordance with the provisions hereof.
5.2 Any additional Equipment or Services supplied during the Base Period or any subsequent period may be subject to a different term as agreed in writing by both parties at the time of order. Such Services may have a minimum period as described in the SERVICES PROVIDED section of the Site Agreement.
6 SUPPORT AND MAINTENANCE SERVICES
6.1 The Provider will provide advice by telephone or e-mail on the use of the Systems to the Customer or any client, agent or appointed representative of the Customer working to a timescale in accordance with the SLA.
6.2 The Provider will use its reasonable endeavours to provide the Services, Systems and Equipment by the Start Date and in accordance with the service levels set out in the SLA but all dates are estimates and except as set out in any service guarantee provisions, the Provider has no liability for failure to meet any date.
6.3 The Provider will provide Systems maintenance, which will be limited to the correction of errors in the Systems, procedural documents and other basic information supplied with the Systems, working to a timescale in accordance with the SLA.
6.4 Errors discovered by the Customer must be reported by a designated representative of the Customer either by telephone or email to the helpdesk of the Provider and must include all required supplemental documentation.
6.5 For the avoidance of doubt System maintenance services shall not include the diagnosis and rectification of any fault arising from:
6.5.1 The improper use, operation or neglect of either the Systems or the Equipment;
6.5.2 The modification of the Systems or its merger (in whole or in part) with any other software unless otherwise agreed by the Provider in writing;
6.5.3 The use of the Systems on equipment other than the Equipment;
6.5.4 The failure by the Customer to implement recommendations in respect of the solutions previously advised by the Provider;
6.5.5 Any repair, adjustment, alteration or modification of the Systems or Equipment by any person other than the Provider without the Provider's prior written consent;
6.5.6 Any breach by the Customer of its obligations under this Agreement;
6.5.7 The Customer's failure to install and use on the Equipment in substitution for the previous release any new release of the Systems within 90 days of receipt of the same;
6.5.8 The use of the Systems or Equipment for a purpose for which it was not designed;
6.5.9 Damage caused by an Act of God, failures of electrical power, power surges, computer viruses or other reasons beyond the Provider’s control;
6.5.10 Cabling, wiring or any other Customer Provided Equipment;
6.5.11 Any device on the Customer’s LAN infrastructure not supplied by the Provider; or
6.5.12 A failure attributable to the use of public telecommunications links.
6.6 The Provider may on the request of the Customer provide support notwithstanding that the fault results from any circumstances described in clause 6.5 or that the support requested is not covered by the terms of this Agreement. The Provider shall in such circumstances be entitled to charge for such service at the Provider's rates from time to time for work undertaken on a time and materials basis or fixed quote at the discretion of the Provider.
6.7 Without prejudice to clause 6.5, the Provider shall be entitled to levy reasonable charges if support is provided in circumstances where any reasonably skilled and competent data processing operator would have judged the Customer's request to have been unnecessary.
6.8 The Provider reserves the right to terminate software support for the Systems on 12 months’ written notice. In the event that support is terminated for one or more of the Systems, this Agreement will automatically terminate as to such System(s) and a pro rata proportion of any prepaid charges will be refunded subject to deduction of any amounts owing to the Provider.
6.9 Where it is felt appropriate by the Provider and where pre-approved by the Customer, the Provider will make reasonable endeavours to contact third party companies contracted to the Customer to keep the Systems in full working order. This may include broadband or telephony companies, third party hardware manufacturers or software companies. The Customer will either provide appropriate contact information for such companies to the Provider or communicate directly with such companies following the advice of the Provider.
6.10 At times the Systems may fail to deliver essential services as a result of problems caused by third party companies as detailed in clause 6.9 above. In this case, the Provider will not be held responsible for any failure to meet the fix times specified in the SLA when a fix is dependent on actions taken by such third parties. In such a situation, the Provider will use reasonable endeavours to circumvent these companies and restore services, for example via the use of backup communication lines if available.
6.11 Support and maintenance services are subject to a fair use policy. The Provider may have to curb the usage of the support service should the Customer become a persistently high user whereby it can be shown that the causes of the usage are configuration changes initiated by the Customer. At this point the Provider will engage with the Customer to ascertain the reason for persistent high usage and work on solutions that will allow the usage to return to a more reasonable level. In cases of sustained high usage due to configuration changes initiated by the Customer then the Provider reserves the right to notify the Customer that the work will become chargeable at the hourly rate applicable at the time.
7 SYSTEM MONITORING
The Provider will make reasonable endeavours to monitor the operation of the Systems using remote technologies and alert the Customer should any fault be detected to the normal operation in accordance with the SLA. At this point the Provider will endeavour to support the Systems as set out in clause 6.
8 CUSTOMER'S UNDERTAKINGS
8.1 Except to the extent permitted to the Customer as a lawful user of the Systems (and to the extent permitted by law), the Customer undertakes not, without the prior written consent of the Provider, to:
8.1.1 make copies of the Systems, in whole or part;
8.1.2 access all or any part of the Services in order to build or improve a product or service which competes commercially with the Services;
8.1.3 copy, adapt, modify or translate the Program Documentation;
8.1.4 translate, disassemble, decompile, reverse engineer, adapt, vary or modify the Systems. Notwithstanding this clause 8.1.4, in the case of reverse analysis where permitted by applicable law, the Customer may incidentally decompile the Systems only if it is essential to do so in order to achieve interoperability of the Systems with another software program or hardware ("Permitted Purpose") and provided the information obtained by the Customer during such decompilation is only used for the Permitted Purpose and is not disclosed or communicated to any third party without the Provider's prior written consent and is not used to create any software which is substantially similar to the expression of the Systems nor used in any manner which would be restricted by copyright;
8.1.5 delete, vary or obscure any copyright or other proprietary notices on or in the Systems; or
8.1.6 rent, lease, sub-license, assign, transfer or distribute the Systems except for the purpose for which it is intended.
8.2 The Customer undertakes during the continuance of this Agreement that it shall:
8.2.1 provide the Provider with (i) all necessary co-operation in relation to this Agreement; and (ii) all necessary access to such information as may be required by the Provider in order to provide the Services, including but not limited to Customer Data, security access information and configuration services;
8.2.2 keep the Systems and all copies under the Customer's effective control and maintain adequate security measures to protect the Systems from access or use by any unauthorised person;
8.2.3 ensure that, prior to the use of the Systems by its employees or agents, all such parties are notified of the terms of this Agreement;
8.2.4 ensure that the Authorised End Users use the Services accordance with the terms and conditions of this Agreement and the Customer shall be responsible for any Authorised End User’s breach of this Agreement;
8.2.5 maintain an accurate and up-to-date record of all copies of the Systems and shall produce such record to the Provider on request from time to time;
8.2.6 if it is revealed that any password has been provided to any individual who is not an Authorised End User, then without prejudice to the Provider’s other rights, promptly disable such passwords and the Provider shall not issue any new passwords to any such individual;
8.2.6 prepare the Site and provide a suitable place, conditions, connection points and electricity for the Equipment at the Site in accordance with the Provider’s reasonable instructions, if any;
8.2.7 ensure that its network and systems comply with the relevant specifications provided by the Provider from time to time;
8.2.8 be, to the extent permitted by law and except as otherwise expressly provided in this Agreement, solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to the Provider’s data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet;
8.2.9 obtain all necessary consents, including for example, consents for any necessary alterations to buildings, permission to cross other people’s land or permission to put Equipment on their property; and
8.2.10 without affecting its other obligations under this Agreement, comply with all applicable laws and regulations with respect to its activities under this Agreement.
8.3 The Customer is responsible for the Equipment and agrees to take reasonable steps to ensure nobody (other than someone authorised by the Provider) adds to, modifies or in any way interferes with it. The Customer will be liable to the Provider for any loss or damage to the Equipment, except where such loss or damage is due to fair wear and tear or is caused by the Provider, or anyone acting on the Provider’s behalf.
8.4 The Customer shall use the Services, Systems and Equipment strictly in accordance with the Program Documentation.
8.5 The Customer shall not itself or knowingly permit any one else including any Authorised End User to use the Provider’s network or Services, Systems or Equipment to do any of the following:
8.5.1 publish, post, distribute or disseminate defamatory, infringing, obscene, indecent or other unlawful material or information;
8.5.2 threaten, harass, stalk, abuse, disrupt or otherwise violate the rights (including rights of privacy and publicity) of others;
8.5.3 engage in illegal or unlawful activities through the Provider’s network;
8.5.4 knowingly make available or upload files that contain software or other material, data or information not owned by or licensed to the Customer, or any Authorised End Users (as appropriate);
8.5.5 knowingly make available or upload files that contain a virus or corrupt data;
8.5.6 falsify the true ownership of software or other material or information contained in a file that the Customer, or any Authorised End User makes available via the Provider’s network;
8.5.7 “spam” or otherwise deliberately abuse any part of the Provider’s network; or
8.5.8 obtain access, through whatever means, to notified restricted areas of the Provider’s network.
8.6 If the Customer becomes aware that any Authorised End User is using the Provider’s network to perform any of the activities listed in Clause 8.5 it shall enforce the applicable terms in its agreement with its user(s) and shall use best endeavours to stop such user. In the event that the Provider becomes aware that an Authorised End User is performing any of the activities listed in Clause 8.5, the Provider shall bring the breach to the attention of the Customer in writing. If the Provider has not received, within one (1) Working Day of dispatch of such a message, a satisfactory response from the Customer detailing the actions that have been taken to stop an Authorised End User performing in this way, which actions may include restricting the access of the Authorised End User to the Provider’s network or disconnecting the Authorised End User from the Provider’s network, then the Provider shall have the right to restrict the access of and/or disconnect the Authorised End User(s) in question, and if necessary the entire Services, from the Provider’s network. If the Provider exercises its rights to disconnect an Authorised End User it will notify the Customer as soon as reasonably practicable in the circumstances.
9 ACCESS AND SITE REGULATIONS
9.1 The Customer agrees to take reasonable steps to provide access to the Site and to ensure that the Authorised End Users provide the Provider with access to their site including for the purpose of installation and use of the Equipment at the Site and/or at the Authorised End User’s site.
9.2 The Provider agrees to observe the Customer’s and the Authorised End Users’ reasonable site safety and security requirements of which they have been made aware of in writing.
9.3 The Customer agrees to ensure that the Authorised End Users provide a suitable and safe working environment for the Provider at the Site and/or the Authorised End User’s site. The Customer agrees to indemnify the Provider against all loss, damages, liabilities, costs and expenses arising or incurred in respect of any actions, claims or legal proceedings which are brought or threatened against the Provider if the Customer is in breach of this sub-clause. The limitation of liability provisions of this Agreement do not apply to this indemnity.
9.4 It is the responsibility of the Customer or Authorised End User to carry out any making good or decorator’s work required but the Provider accepts responsibility for any property damage caused by the Provider’s negligence subject to the limitation of liability provisions of this Agreement.
10 INTELLECTUAL PROPERTY RIGHTS
The Systems and all Intellectual Property Rights of whatever nature in the Systems are and shall remain the property of the Provider and the Customer agrees to immediately notify the Provider if it becomes aware of any infringement or any unauthorised use of the Systems by any person and the Customer expressly agrees not to claim or allow any Authorised End User to claim any Intellectual Property Rights in respect of the Systems.
11 INTELLECTUAL PROPERTY INDEMNITY
11.1 The Provider agrees to indemnify the Customer against all actions, claims, proceedings, damages, costs and expenses arising from any actual infringement of Intellectual Property Rights arising from the Customer's use of the Systems anywhere in the world provided such use is in accordance with the terms of this Agreement and that the Customer promptly notifies the Provider in writing of any such allegation.
11.2 At the Provider's request and expense, the Customer shall permit the Provider to conduct all negotiations and litigation with third parties. The Customer shall give all reasonable assistance and the Provider shall pay the Customer's costs and expenses so incurred.
11.3 The Provider may, at its expense, modify or replace the Systems to avoid any alleged or actual infringement provided that any modification or replacement must not materially affect the performance of the Systems. If the Provider is unable to modify or replace the Systems, then the Customer shall return the Systems which are the subject of the Intellectual Property Rights claim and the Provider shall refund to the Customer the corresponding portion of the Service Fee, as normally depreciated, whereupon this Agreement shall immediately terminate in respect only of those Systems.
11.4 This indemnity shall not apply to infringements arising from the combination of the Systems with other items not supplied by the Provider.
12.1 The Customer shall defend, indemnify and hold harmless the Provider against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer’s use of the Services.
12.2 The Provider shall defend the Customer, its officers, directors and employees against any claim that the Services infringe any United Kingdom patent effective, copyright, trade mark, database right or right of confidentiality, and shall indemnify the Customer for any amounts awarded against the Customer in judgment or settlement of such claims, provided that:
(a) the Provider is given prompt notice of any such claim;
(b) the Provider is given sole authority to defend or settle the claim; and
(c) the Customer provides reasonable co-operation to the Provider in the defence and settlement of such claim, at the Provider’s expense.
12.3 In the defence or settlement of any claim, the Provider may procure the right for the Customer to continue using the Services, replace or modify the Services so that they become non-infringing or, if such remedies are not reasonably available, terminate this Agreement on fourteen days’ notice to the Customer (or such shorter notice permissible in accordance with the outcome of the claim) without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.
12.4 In no event shall the Provider, its employees, agents and sub-contractors be liable to the Customer to the extent that the alleged infringement is based on:
(a) a modification of the Services by anyone other than the Provider;
(b) the Customer’s use of the Services in a manner contrary to the instructions given to the Customer by the Provider; or
(c) the Customer’s use of the Services after notice of the alleged or actual infringement from the Provider or any appropriate authority.
12.5 The foregoing state the Customer’s sole and exclusive rights and remedies, and the Provider’s (including the Provider’s employees’, agents’ and sub-contractors’) entire obligations and liability for infringement of any patent, copyright, trade mark, database right or right of confidentiality.
13.1 Subject to the limitations and exclusions of liability set out below the Provider warrants that for the term of this Agreement ("the Warranty Period") the Systems will perform in accordance with the Specification and the Program Documentation will provide adequate instructions to allow the Customer to use the Systems.
13.2 The Provider warrants that it shall use and adopt only good quality materials, techniques and standards in performing its obligations under this Agreement, with the standards of care, skill and diligence required of good computing practice.
13.3 The Provider warrants that it takes appropriate steps to maintain electronic security in line with industry standard practise, including but not limited to anti-virus protection, intrusion detection and third party security audits.
13.4 If within the Warranty Period the Provider receives written notice from the Customer of any breach of the warranties given in this clause 13 then the Provider shall at its own expense and working to a timescale in accordance with the SLA endeavour to remedy the defect in question.
13.5 The Provider shall not be liable under the warranties given in clause 13.1 above (i) if the Systems fail to conform to any such warranty because of any corruption, abuse or incorrect use of the Systems (including use of the Systems with equipment or other software with which it is incompatible) or because of any unauthorised variation or modification to the Systems including but not limited to the matters referred to in clause 6.5 above or (ii) where such breach is the result of the Customer taking any steps to prevent the Provider from exercising its obligations under clause 6.
13.6 All other guarantees, representations and warranties of any kind, whether express or implied, including, without limitation, the implied warranties of satisfactory quality, merchantability and fitness for a particular purpose or ability to achieve a particular result are hereby excluded, so far as such exclusion or disclaimer is permitted under the applicable law.
13.7 The Provider does not warrant that the operation of the Systems will be uninterrupted or error free and the Customer acknowledges and agrees that the existence of such errors shall not constitute a breach of this Agreement.
14 LIMITATION OF LIABILITY
14.1 Subject to clause 14.3, in no event shall the Provider be liable for any damages, including loss of business, loss of opportunity, loss of data, loss of profits or for any other indirect or consequential loss or damage whatsoever that is an indirect or secondary consequence of any act or omission of the Provider whether such damages were reasonably foreseeable or actually foreseen.
14.2 Subject to clause 14.3, the total liability of the Provider to the Customer under this Agreement shall not exceed such amount as may be recovered by the Provider from its insurers.
14.3 Nothing in this Agreement shall exclude or limit the liability of the Provider for fraudulent misrepresentation or for death or personal injury resulting from the negligence of the Provider or its employees or agents.
14.4 The Customer shall be liable to the Provider for all liabilities, claims and costs arising from the acts and omissions of any third parties (including Authorised End Users) using the Services, Systems and Equipment through the Customer, or relating to the Customer’s use of the Services, Systems and Equipment, except where such liabilities, claims and costs arise from the Provider’s negligence or breach of this Agreement.
14.5 The Customer agrees to indemnify, defend and hold harmless the Provider against all liabilities, claims, losses and costs (including reasonable and properly incurred legal costs) arising in connection with the Customer’s use of the Services, Systems and Equipment, by the Authorised End Users or any third party using the Services, Systems and Equipment through the Customer, except where such claims arise from the Provider’s negligence or breach of this Agreement.
15.1 Either party receiving information ("the Recipient") from the other marked "confidential" or which may reasonably be supposed to be confidential, including, without limitation, information contained in the Systems, the specification and other information supplied by the Customer or Provider, shall not without the other's prior written consent use such information except for the purposes of this Agreement or disclose such information to any person other than to their own employees or agents who have a need to know.
15.2 Clause 15.1 shall not apply to information that is lawfully known to the Recipient at the time of disclosure or which is already public knowledge or becomes so at a future date (otherwise than as a result of a breach of this clause) or which is ordered to be disclosed to a regulatory body or a court of competent jurisdiction.
15.3 The Recipient shall ensure that any person referred to in clause 15.1 is bound by similar confidentiality terms to those in this clause 15.
15.4 The confidentiality terms in this clause 15 shall remain in full force and effect after the termination of this Agreement.
16 DATA PROTECTION
16.1 The parties agree to process Personal Data under this Agreement in accordance with the provisions of Schedule 1 of this Agreement.
17.1 If either party commits a material breach or persistent breaches of this Agreement, and in the case of a breach which is capable of being remedied, fails to remedy the breach within 14 days of written notice from the other party to do so, then that other party may terminate this Agreement forthwith on giving written notice to the other party.
17.2 Either party may terminate this Agreement immediately in the event that the other party holds any meeting with or proposes to enter into or has proposed to it any arrangement or composition with its creditors (including any voluntary arrangement as described in the Insolvency Act 1986); has a receiver or other administrator take possession of or appointed over or has any distress, execution or other process levied or enforced (and not discharged within 7 days) upon the whole or substantially all of its assets; ceases or threatens to cease to carry on business or becomes unable to pay its debts within the meaning of Section 123 of the Insolvency Act 1986.
17.3 The Provider may immediately terminate or suspend all or any part of this Agreement or the Services if:
17.3.1 Ofcom determine, or the Provider reasonably considers, that use of the Services, Systems or Equipment by the Customer or any Authorised End User (i) does not constitute appropriate use (ii) is in breach or may be in breach of the Code of Practice for Ofcom or any other relevant statutory or regulatory act, regulation, code or similar (iii) is fraudulent or illegal or may be fraudulent or illegal; or
17.3.2 Ofcom or any other authority of competent jurisdiction revokes the Provider’s or Service Provider’s authorisation as Public Electronics Communication Network under the Communications Act and as a result the Provider can no longer legally comply with its material obligations under this Agreement.
17.4 Either party may terminate this Agreement by giving at least 90 days' prior written notice to the other (or such shorter notice as corresponds to the actual Base Period), such notice to expire no earlier than the end of the base period.
17.5 Upon termination of this Agreement the Customer shall discontinue use of the Systems and Services and return any copies of the Systems and any Equipment which is not the property of the Customer to the Provider or, if requested by the Provider, shall destroy the same, provided that the Customer may extract and store any Customer data upon a separate media. The Customer must also permit the Provider or any Service Provider to enter the Site during any Working Day for the purpose of removing all or any of the Equipment which is not the property of the Customer.
17.6 Any termination of this Agreement (howsoever occasioned) shall not affect any accrued rights or liabilities of either party nor shall it affect the coming into force or the continuance in force of any provision in this Agreement which is expressly or by implication intended to come into or continue in force on or after such termination.
17.7 Where the Provider is entitled to terminate this Agreement, the Provider shall be entitled to continue to provide the Services to any person or entity making use of the Services or any facility of the Services at the time the Provider’s right of termination arises. The Customer shall provide any permission or authorisation required to enable the Provider to continue the uninterrupted provision of the Services and the Provider shall be entitled to contract directly with and receive payment directly from such users including any fees due by the Customer to the Provider under the terms of this Agreement.
17.8 In the event of the Customer terminating their Services prior to the end of the Base Period, the Customer agrees to pay any remaining charges from the date of cancellation to the date the Base Period finishes. The Provider reserves the right to levy a fee for the remaining period. For example, should three months remain on the Base Period and the Services ceases prior to this final date, the Provider reserves the right to levy a single fee for three months.
17.9 In the event of termination, at the Customer’s request where it is feasible and where porting arrangements are in place, the Provider will allow the export to another provider of the Customer’s telephony numbers. All numbers successfully ported will be subject to a reasonable porting charge.
18 FORCE MAJEURE
Neither party shall be liable to the other party for any delay or failure to perform any of its obligations under this Agreement if the delay or failure results from events or circumstances outside its reasonable control, and the party shall be entitled to a reasonable extension of its obligations after notifying the other party in writing of the nature and extent of such events. If such circumstances continue for a continuous period of more than 28 days, either party may terminate this Agreement by written notice to the other party.
19.1 This Agreement is personal to the Customer and may not be assigned without the prior approval of the Provider. This Agreement is freely assignable by the Provider.
19.2 The Customer shall not, without the prior written consent of the Provider, assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this Agreement.
Failure or neglect by either party to exercise any of its rights or remedies under this Agreement will not be construed as a waiver of that party’s rights nor in any way affect the validity of the whole or part of this Agreement nor prejudice that party’s right to take subsequent action.
The Customer will not during the term of this Agreement or in the period of 12 months thereafter directly or indirectly seek to employ or engage any member or any person who was in the preceding 12 months a member of the Provider’s staff, without express written permission from the Provider.
22 THIRD PARTY PROVIDERS
If any provision of this Agreement is held invalid, illegal or unenforceable for any reason by any court of competent jurisdiction such provision shall be severed and the remainder of the provisions hereof shall continue in full force and effect as if this Agreement had been agreed with the invalid illegal or unenforceable provision eliminated.
Any notice to be given by either party to the other may be sent by either email to the most recent email address, or by recorded delivery to the most recent address notified to the other party, and if sent by email shall unless the contrary is proved be deemed to be received on the day it was sent or if sent by recorded delivery shall be deemed to be served when signed for.
25 ENTIRE AGREEMENT
25.1 This Agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.
25.2 Each party acknowledges that in entering into this Agreement it does not rely on, and shall have no remedies in respect of, any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in this Agreement.
25.3 Each party agrees that it shall have no claim for innocent or negligent misrepresentation or negligent misstatement based on any statement in this Agreement.
25.4 Nothing in this clause shall limit or exclude any liability for fraud.
No variation of this Agreement shall be effective unless it is in writing and signed by both parties.
- NO PARTNERSHIP OR AGENCY
Nothing in this Agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
28 GOVERNING LAW AND JURISDICTION
This Agreement shall be governed by and construed in accordance with English law and the parties submit to the exclusive jurisdiction of the courts of England.
SCHEDULE 1 DATA PROTECTION
- Definitions and Interpretation
- In this Agreement, unless the context otherwise requires, the following expressions have the following meanings:
“Data Controller”, “Data Processor”, “processing”, and “data subject”
shall have the meanings given to the terms “controller”, “processor”, “processing”, and “data subject” respectively in Article 4 of the UK GDPR;
means the UK’s supervisory authority, the Information Commissioner’s Office;
means any sub-contractor that the Provider uses in the provision of the Services at the date of this Agreement;
means all such “personal data”, as defined in Article 4 of the UK GDPR, as is, or is to be, processed by the Data Processor on behalf of the Data Controller, as described in Appendix 1;
means a sub-processor appointed by the Data Processor to process the Personal Data;
means an agreement between the Data Processor and a Sub-Processor governing the Personal Data processing carried out by the Sub-Processor, as described in Clause 9; and
means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018.
1.2 Unless the context otherwise requires, each reference in this Schedule to:
1.2.1 “writing”, and any cognate expression, includes a reference to any communication effected by electronic or facsimile transmission or similar means;
1.2.2 a statute or a provision of a statute is a reference to that statute or provision as amended or re-enacted at the relevant time;
1.2.3 a Schedule is a schedule to this Agreement; and
1.2.4 a Clause or paragraph is a reference to a Clause of this Schedule
1.2.5 a "Party" or the "Parties" refer to the parties to this Agreement.
1.3 Words imparting the singular number shall include the plural and vice versa.
1.4 References to any gender shall include all other genders.
1.5 References to persons shall include corporations.
- Scope and Application of this Schedule
2.1 For the purpose of this Agreement, the Customer is the Data Controller and the Provider is the Data Processor.
2.2 The provisions of this Schedule shall apply to the processing of the Personal Data described in Appendix 1 below, carried out for the Data Controller by the Data Processor, and to all Personal Data held or accessed by the Data Processor in relation to all such processing whether such Personal Data is held at the date of this Agreement or received afterwards.
2.4 The provisions of this Schedule shall continue in full force and effect for so long as the Data Processor is processing Personal Data on behalf of the Data Controller, and thereafter as provided in Clause 8.
- Provision of the Services and Processing Personal Data
The Data Processor is only to carry out the Services, and only to process the Personal Data received from the Data Controller:
3.1 for the purposes of those Services and not for any other purpose;
3.2 to the extent and in such a manner as is necessary for those purposes; and
3.3 strictly in accordance with the express written authorisation and instructions of the Data Controller (which may be specific instructions or instructions of a general nature or as otherwise notified by the Data Controller to the Data Processor).
- Data Protection Compliance
4.1 All instructions given by the Data Controller to the Data Processor shall be made in writing and shall at all times be in compliance with the UK GDPR and other applicable laws. The Data Processor shall act only on such written instructions from the Data Controller unless the Data Processor is required by law to do otherwise.
4.2 The Data Processor shall promptly comply with any request from the Data Controller requiring the Data Processor to amend, transfer, delete, or otherwise dispose of the Personal Data.
4.3 The Data Processor shall transfer all Personal Data to the Data Controller on the Data Controller’s request in the formats, at the times, and in compliance with the Data Controller’s written instructions.
4.4 Both Parties shall comply at all times with the UK GDPR and other applicable laws and shall not perform their obligations under this Schedule or any other agreement or arrangement between themselves in such way as to cause either Party to breach any of its applicable obligations under the UK GDPR.
4.5 The Data Processor agrees to comply with any reasonable measures required by the Data Controller to ensure that its obligations under this Schedule are satisfactorily performed in accordance with the UK GDPR.
4.6 The Data Processor shall provide all reasonable assistance to the Data Controller in complying with its obligations under the UK GDPR with respect to the security of processing, the notification of personal data breaches, the conduct of data protection impact assessments, and in dealings with the ICO.
4.7 When processing the Personal Data on behalf of the Data Controller, the Data Processor shall:
4.7.1 not process the Personal Data outside the UK or European Economic Area (all EU member states, plus Iceland, Liechtenstein, and Norway) (“EEA”) without the prior written consent of the Data Controller and, where the Data Controller consents to such a transfer to a country that is outside of the UK or EEA, to comply with the obligations of Data Processors under the provisions applicable to transfers of Personal Data to third countries set out in Chapter 5 of the UK GDPR by providing an adequate level of protection to any Personal Data that is transferred;
4.7.2 not transfer any of the Personal Data to any third party without the written consent of the Data Controller and, in the event of such consent, the Personal Data shall be transferred strictly subject to the terms of a suitable agreement, as set out in Clause 8;
4.7.3 process the Personal Data only to the extent, and in such manner, as is necessary in order to comply with its obligations to the Data Controller or as may be required by law (in which case, the Data Processor shall inform the Data Controller of the legal requirement in question before processing the Personal Data for that purpose unless prohibited from doing so by law);
4.7.4 implement appropriate technical and organisational measures and take all steps necessary to protect the Personal Data against unauthorised or unlawful processing, accidental loss, destruction, damage, alteration, or disclosure. The Data Processor shall inform the Data Controller in advance of any changes to such measures;
4.7.5 if so requested by the Data Controller (and within the timescales required by the Data Controller) supply further details of the technical and organisational systems in place to safeguard the security of the Personal Data held and to prevent unauthorised access;
4.7.6 keep detailed records of all processing activities carried out on the Personal Data in accordance with the requirements of Article 30(2) of the UK GDPR;
4.7.7 make available to the Data Controller any and all such information as is reasonably required and necessary to demonstrate the Data Processor’s compliance with the UK GDPR;
4.7.8 on reasonable prior notice, submit to audits and inspections and provide the Data Controller with any information reasonably required in order to assess and verify compliance with the provisions of this Schedule and both Parties’ compliance with the requirements of the UK GDPR. The requirement to give notice will not apply if the Data Controller believes that the Data Processor is in breach of any of its obligations under this Schedule or under the law; and
4.7.9 inform the Data Controller immediately if it is asked to do anything that infringes the UK GDPR or any other applicable data protection legislation.
- Data Subject Access, Complaints, and Breaches
5.1 The Data Processor shall assist the Data Controller in complying with its obligations under the UK GDPR. In particular, the following shall apply to data subject access requests, complaints, and data breaches.
5.2 The Data Processor shall notify the Data Controller without undue delay if it receives:
5.2.1 a subject access request from a data subject; or
5.2.2 any other complaint or request relating to the processing of the Personal Data.
5.3 The Data Processor shall cooperate fully with the Data Controller and assist as required in relation to any subject access request, complaint, or other request, including by:
5.3.1 providing the Data Controller with full details of the complaint or request;
5.3.2 providing the necessary information and assistance in order to comply with a subject access request;
5.3.3 providing the Data Controller with any Personal Data it holds in relation to a data subject (within the timescales required by the Data Controller); and
5.3.4 providing the Data Controller with any other information requested by the Data Controller.
5.4 The Data Processor shall notify the Data Controller immediately if it becomes aware of any form of Personal Data breach, including any unauthorised or unlawful processing, loss of, damage to, or destruction of any of the Personal Data.
- Intellectual Property Rights
All copyright, database rights, and other intellectual property rights subsisting in the Personal Data (including but not limited to any updates, amendments, or adaptations to the Personal Data made by either the Data Controller or the Data Processor) shall belong to the Data Controller or to any other applicable third party from whom the Data Controller has obtained the Personal Data under licence (including, but not limited to, data subjects, where applicable). The Data Processor is licensed to use such Personal Data under such rights only for the purposes of the Services, and in accordance with this Schedule.
7.1 The Data Processor shall ensure that all personnel who are to access and/or process any of the Personal Data are contractually obliged to keep the Personal Data confidential.
7.2 The obligations set out in in this Clause 7 shall continue for a period of six years after the cessation of the provision of Services by the Data Processor to the Data Controller.
7.3 Nothing in this Schedule shall prevent either Party from complying with any requirement to disclose Personal Data where such disclosure is required by law. In such cases, the Party required to disclose shall notify the other Party of the disclosure requirements prior to disclosure, unless such notification is prohibited by law.
- Appointment of Sub-Processors
8.1 In the event that the Data Processor appoints a Sub-Processor, the Data Processor shall:
8.1.1 enter into a Sub-Processing Agreement with the Sub-Processor which shall impose upon the Sub-Processor the same or substantially the same obligations as are imposed upon the Data Processor by this Agreement; and
8.1.2 ensure that the Sub-Processor complies fully with its obligations under the Sub-Processing Agreement and the UK GDPR.
8.2 In the event that a Sub-Processor fails to meet its obligations under any Sub-Processing Agreement, the Data Processor shall remain fully liable to the Data Controller for failing to meet its obligations under this Schedule.
- Deletion and/or Disposal of Personal Data
9.1 The Data Processor shall, at the written request of the Data Controller, delete (or otherwise dispose of) the Personal Data or return it to the Data Controller in the format(s) reasonably requested by the Data Controller within a reasonable time after the earlier of the following:
9.1.1 the end of the provision of the Services; or
9.1.2 the processing of that Personal Data by the Data Processor is no longer required for the performance of the Data Processor’s obligations under this Schedule or the Agreement.
9.2 Following the deletion, disposal, or return of the Personal Data under sub-Clause 9.1, the Data Processor shall delete (or otherwise dispose of) all further copies of the Personal Data that it holds, unless retention of such copies is required by law, in which case the Data Processor shall inform the Data Controller of such requirement(s) in writing.
Type of Personal Data
Category of Data Subject
Nature of Processing Carried Out
Purpose(s) of Processing
Duration of Processing
Login details & password
Storage and other Processing necessary to provide, maintain and improve the Services.
To provide the services under the Master Agreement
Term of the Agreement
Login details & password
Customers, Visitors, Consultants
Storage and other Processing necessary to provide, maintain and improve the Services.
To provide the services under the Master Agreement
Term of the Agreement
Storage and other Processing necessary to provide, maintain and improve the Services.
To provide the services under the Master Agreement
Term of the Agreement