Full Colour

TERMS & CONDITIONS

INTERPRETATION

The definitions and rules of interpretation in this clause apply in this Agreement.

Agreement: these General Terms and Conditions, the Schedules and any documents referred to within.

Authorised Contacts: the authorised contacts for each Party named in the Order Form, including each Party’s Managing Director, Account Manager and Service Manager.

Background Materials: any Intellectual Property Rights owned by the Supplier prior to entering into this Agreement, required in the delivery of the Managed Services.

Business Day: a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business.

Client: the name of the client as set out in the Order Form.

Client Data: any information that is provided by the Client to the Supplier as part of the Client's use of the Managed Services, including any information derived from such information.

Client Equipment: any equipment located or to be located on a Client Site but controlled or to be controlled exclusively by the Supplier as part of the Managed Services.

Client Operating Environment: the Client’s computing environment (consisting of hardware and software) that is to be used by the Client in connection with its use of the Managed Services and which interfaces with the Supplier’s System in order for the Client to receive the Managed Services, but excluding the Client Equipment.

Client Site: any premises used by the Client at which it receives the Managed Services.

Concurrent Users & Concurrent User Licenses: licensing is on the basis of ‘concurrent usage’ i.e. the maximum number of users of the system at any one time.

Confidential Information: all confidential information (however recorded or preserved) disclosed by a Party or its employees, officers, representatives, advisers or subcontractors involved in the provision or receipt of the Managed Services (together, its “Representatives”) to the other Party and that Party's Representatives in connection with this Agreement which information is either labelled as such or should reasonably be considered as confidential because of its nature and the manner of its disclosure.

Consumer Prices Index: the Consumer Prices Index (CPI) (all items) (United Kingdom).

Database: the database provided by the Supplier in conjunction with the Supplier Software.

Defect: an error in the Supplier Software that causes it to fail to operate substantially in accordance with the relevant operating manuals, user instruction manuals, technical literature and all other related materials in human-readable or machine-readable forms supplied by the Supplier.

Extended Term: shall have the meaning given to it in clause 17 of this Agreement.

Fees: the fees payable by the Client to the Supplier in consideration for the Managed Services in the amounts outlined in the Order Form.

Go-Live Date: the date on which the delivery of the Managed Services shall commence as outlined in the Order Form.

Good Industry Practice: the standards that fall within the upper quartile of a skilled and experienced provider of business-critical managed services similar or identical to the Managed Services, having regard to factors such as the nature and size of the Parties, the term, the pricing structure and any other relevant factors.

 

Hardware: all physical telecommunications, networking and computer equipment (including switches, routers, cables, servers, racks, cabinets and peripheral accessories) provided and used by the Supplier to deliver the Managed Services to the Client.

Incident Reporting Procedure: the procedure set out in paragraph 11 of the Order Form.

Initial Term: the Initial Term set out in the Order Form.

Intellectual Property Rights: any and all intellectual property rights of any nature, whether registered, registerable or otherwise, including patents, utility models, trademarks, registered designs and domain names, applications for any of the foregoing, trade or business names, goodwill, copyright and rights in the nature of copyright, design rights, rights in databases, moral rights, know-how and any other intellectual property rights that subsist in computer software, computer programs, websites, documents, information, techniques, business methods, drawings, logos, instruction manuals, lists and procedures and particulars of Clients, marketing methods and procedures and advertising literature, including the "look and feel" of any websites, and in each case all rights and forms of protection of a similar nature or having equivalent or similar effect to any of these that may subsist anywhere in the world, in each case for their full term, together with any future rights and renewals or extensions.

 

Law: (i) any applicable statute or subordinate legislation or regulation; (ii) any applicable judgment of a relevant court of law which is a binding precedent in England and Wales; which is in force in England and Wales.

Maintenance Release: release of the Software that corrects faults, adds functionality, improves security or otherwise amends or upgrades the Software, but which does not constitute a New Version.

Managed Services: the installation of the Supplier Software and the services delivered via the Supplier’s System and as described in each Order Form including any support arrangements and Online Services as applicable, to be performed by the Supplier in accordance with this Agreement.

New Version: any new version of the Supplier Software which from time to time is publicly marketed and offered for purchase by the Supplier in the course of its normal business, being a version which contains such significant differences from the previous versions as to be generally accepted in the marketplace as constituting a new product.

 

Normal Business Hours: 9.00 am to 5.30 pm local UK time on Business Days.

Order Form: the order form which describes the type of subscription, the support offering and the payment details. The Order Form shall form part of the terms of this Agreement and shall be sent under separate cover.

Partner Admin Link: enables the Supplier, when delivering the Managed Services, to identify and recognise partners such as Microsoft who drive Client success.

Software: any software licensed to the Client by the Supplier and installed by the Supplier for use by the Client or used by the Supplier to provide the Managed Services to the Client whether owned by the Client (“Client Software”) or by the Supplier (“Supplier Software”) or Third-Party Software (as defined below).

Supplier: CLEO Systems 24 Ltd incorporated and registered in England and Wales with company number 07818176 whose registered office is at Kingston House, The Long Barrow, Orbital Park, Ashford, TN24 0GP.

Supplier Support Team: the individuals appointed by the Supplier from time to time who shall serve as the Client's primary contacts for the Client's activities under this Agreement.

Supplier's System: the system to be used by the Supplier in performing the Managed Services, including the Hardware, the Software, the Client Equipment and communications links between the Hardware and the Client Equipment and the Client Operating Environment.

Third Party Software: any code or software programs written or provided by Microsoft® or other third parties which are used by the Client.

1.1. A reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time.

 1.2. A reference to a statute or statutory provision shall include all subordinate legislation made from time to time under that statute or statutory provision.

 1.3. A reference to a Party shall be reference to either the Client or the Supplier and reference to the Parties shall be to both collectively.

 1.4. A reference to writing or written includes e-mail. 1.5. Unless stated otherwise, References to clauses and schedules are to the clauses and schedules of this Agreement.

 1.6. In the event of any conflict or inconsistency between the Order Form and the clause of this Agreement (including any changes to the schedules or additions or variations to the schedules), the following order of precedence shall apply (in decreasing order) to the extent of such conflict or inconsistency:

1.6.1. the Order Form (as set out under separate cover);

 1.6.2. the clauses of this Agreement.

2. LICENCE

2.1. In consideration of the set-up Fee paid by the Client to the Supplier, the Supplier grants to the Client a non-exclusive licence for the Term to install the Supplier Software on the Client Software and use it in accordance with this Agreement.

 2.2. The Supplier will provide the Client with all Maintenance Releases relating to the Supplier Software generally made available to its customers. The Supplier warrants that no Maintenance Release will adversely affect the then existing facilities or functions of the Supplier Software. The Client shall install all Maintenance Releases as soon as reasonably practicable after receipt, and any Maintenance Release stated as “Critical” shall be installed by the Client within the time reasonably specified by the Suppler. A release management process will be agreed and implemented together by the Supplier and Client project teams.

 2.3. The Supplier shall ensure that support is available:

 2.3.1. by telephone and online portal during the hours of 08:00 and 18:00 on a Business Day; and

2.3.2. by way of a limited ‘on call’ service outside the hours set out in clause

2.3.1, to provide assistance to the Client in respect of the following:

2.3.2.1. remedying Defects in the Supplier Software; and

 2.3.2.2. providing advice on the installation and use of the Supplier Software.

2.4. The Supplier shall use reasonable endeavours to correct Defects in the Supplier Software notified to it by the Client in a timely manner appropriate to the seriousness of the circumstances in accordance with the Incident Reporting Procedure.

2.5. The Supplier shall use reasonable efforts to ensure the accurate migration of any data, but gives no warranties as to the completeness or accuracy of such migration. The Client shall be responsible for checking the accuracy and completeness of the migrated data and shall promptly give sufficient details to the Supplier of any inaccuracies or omissions in order to permit the Supplier to correct them. If such data includes personal data, the Supplier shall return all copies of such personal data to the Client on completion of the data migration process.

2.6. The Supplier shall offer to provide a web-based training to each end user within 14 days of the receipt of the set-up cost and training fees stated in the Order Form. Any additional training required by the Client shall be provided by the Supplier at the Supplier's standard rates then in force.

 2.7. The Supplier shall provide an application programming interface (“API”) for short messaging service (“SMS”) upon receipt of the interface API set-up fee stated in the Order Form. The Client shall pay a fee for each SMS message as stated in the Order Form.

 

3. TERMS OF THE LICENCE

3.1. In relation to scope of use of the Supplier Software under this Agreement:

 3.1.1. use of the Supplier Software shall be restricted use by the licensed ‘concurrent users’ for the processing of the Client’s data for the normal business purposes of the Client (which shall not include allowing the use of the Supplier Software by, or for the benefit of, any person other than an employee of the Client);

3.1.2. the Client may not use the Supplier Software other than as specified in this Agreement without the prior written consent of the Supplier, and the Client acknowledges that additional fees may be payable on any change of use approved by the Supplier;

3.1.3. the Client may make backup copies of the Supplier Software (but not the remote services) as is reasonably required for the purposes only of re-installing the same for the use of the Supplier Software in accordance with this licence. The Client shall record the number and location of all copies of the Supplier Software and prevent unauthorised copying;

3.1.4. except as expressly stated in this clause 3, the Client has no right (and shall not permit any other third party) to copy, adapt, reverse engineer, decompile, disassemble, modify, adapt or make error corrections to the Supplier Software in whole or in part but shall request the Supplier to carry out such action at a reasonable commercial fee;

 3.1.5. the Database shall be deemed to be incorporated within the Supplier Software for the purposes of this licence (except where expressly provided to the contrary) and no use of the Database other than in conjunction with the use of the Supplier Software is permitted; and

3.1.6. the Client shall indemnify and hold the Supplier harmless against any loss or damage which it may suffer or incur as a result of the Client’s breach of the access and use of the Database howsoever arising.

3.2. The Client may not use any such information provided by the Supplier or obtained by the Client during any development, integration, installation or variation of the Supplier Software under clause

3.1.3 to create any software whose expression is substantially similar to that of the Supplier Software nor use such information in any manner which would be restricted by any copyright subsisting in it.

3.3. Upon the Client requesting the Supplier Software from the Supplier and upon payment of the Fee by the Client to the Supplier, the Supplier shall deliver the latest version of the Supplier Software electronically to the Client at the internet protocol address for the Client provided by it to the Supplier.

3.4. Where required, to support clinical safety, the Client will inform the Supplier of any post-deployment issues it experiences relating to the Supplier Software or national datasets.

3.5. The Client shall procure that its hardware and software, network connectivity and permitted access to the third-party software specified in the Order Form is maintained with updates as they become available, including Maintenance Releases. The Client shall at no time delay implementation of Maintenance Releases and shall be at all times within two versions of the New Version of the Supplier Software.

3.6. The Client shall not:

3.6.1. sub-license, assign or novate the benefit or burden of this licence in whole or in part; save in pursuance of a genuine corporate reconstruction, transaction or amalgamation which does not affect the ability of the Client to perform its obligations under this Agreement.

3.6.2. allow the Supplier Software to become the subject of any charge, lien or encumbrance; and

3.6.3. deal in any other manner with any or all of its rights and obligations under this agreement.

3.7. The Supplier may at any time sub-license, assign, novate, charge or deal in any other manner with any or all of its rights and obligations under this licence, provided it gives written notice to the Client.

3.8. Notwithstanding clause 15 (Confidentiality) of these General Terms and Conditions, if the Supplier assigns any or all of its rights under this Agreement it may disclose to a proposed assignee any information in its possession that relates to this Agreement or its subject matter in the negotiations relating to it and about the Client which is reasonably necessary to disclose for the purposes of the proposed assignment, provided that no disclosure pursuant to this clause 3.8 shall be made until notice of the identity of the proposed assignee has been given to the Client.

3.9. The Client shall:

3.9.1. ensure that the number of persons using the Supplier Software does not exceed the number of concurrent users for which licences have been acquired;

3.9.2. ensure that the Supplier Software is installed on designated equipment only, being compliant to the specification laid out in the technical requirements set out in the Order Form;

3.9.3. Ensure an order for a further block of at least 10 licenses (NB the minimum order quantity is 10 concurrent licenses) is made to the Supplier once the number of users of the Client reaches the maximum number of concurrent licences;

3.9.4. keep a complete and accurate record of persons using the Supplier Software, and produce such record to the Supplier on request from time to time;

3.9.5. notify the Supplier as soon as it becomes aware of any unauthorised use of the Supplier Software by any person;

 3.9.6. pay for broadening the scope of the licences granted under this licence to cover any unauthorised use, an amount equal to the fees which the Supplier would have levied (in accordance with its normal commercial terms then current) had it licensed any such unauthorised use on the date when such use commenced together with interest at the rate provided for in clause 9.4 of the General Terms and Conditions, from such date to the date of payment;

 3.9.7. ensure that the Client’s patient management solution software provides the required patient-related data (including signalling matters of importance) to identify specific pieces of information that might be relevant to the patient’s consultation with the prescribing clinician; and

3.9.8. provide the Supplier with its organisational data services code.

3.10. The Client shall permit the Supplier to inspect and have access to any Client Site (and to the computer equipment located there) at or on which the Supplier Software is being kept or used, and have access to any records kept in connection with this licence, for the purposes of ensuring that the Client is complying with the terms of this licence, provided that the Supplier provides reasonable advance notice to the Client of such inspections, which shall take place at reasonable times.

 

4. SERVICE PROVISION

4.1. In consideration for payment of the Fees as and when they fall due, the Supplier will provide the Managed Services with all due care, skill and ability as from the Go-Live Date and for the duration of the Initial Term and any Extended Term. The Supplier hereby grants to the Client a non-exclusive, revocable, non-transferable right, without the right to grant sublicences, to use the Managed Services for the duration of this Agreement and solely for the Client's internal business operations.

4.2. The Supplier shall provide the Managed Services in accordance with the terms of this Agreement and the Order Form.

4.3. The Supplier does not and cannot control the flow of data to or from its network and other portions of the internet. Such flow depends in large part on the performance of internet services provided or controlled by third parties. At times, actions or omissions of such third parties can impair or disrupt connections to the internet (or portions thereof). Whilst the Supplier will use reasonable efforts to take all actions it deems appropriate to remedy and avoid such events, the Supplier cannot guarantee that such events will not occur. Accordingly, the Supplier is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Client acknowledges that the Managed Services may be subject to limitations, delays and other problems inherent in the use of such communications facilities.

 4.4. The Client confirms that the Supplier may employ sub-contractors without seeking the prior consent of the Client (and any such sub-contractors shall be treated as the Supplier’s employees for and therefore bound by the Supplier’s obligations under and for the purposes of this Agreement). Notwithstanding the foregoing, the Supplier shall at all times be responsible for and liable in respect of the performance of all obligations under this Agreement, whether such obligations are performed by the Supplier itself, or any sub-contractor engaged by the Supplier.

4.5. The Client shall not knowingly store, distribute or transmit any material through the Managed Services that:

 4.5.1. is unlawful, harmful, threatening, defamatory, obscene, harassing or racially or ethnically offensive;

4.5.2. facilitates illegal activity; 

4.5.3. depicts sexually explicit images; and/or

4.5.4. promotes unlawful violence, discrimination based on race, gender, age, disability, sexual orientation, religion and belief, gender reassignment, or any other illegal activities, and the Supplier reserves the right, without liability or prejudice to its other rights to the Client, to disable the Client's access to any material that breaches the provisions of this clause

 4.5. 4.6. The Client shall not:

4.6.1. except as may be allowed by any applicable law which is incapable of exclusion by agreement between the Parties and except to the extent expressly permitted under this Agreement:

4.6.1.1. attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Supplier Software in any form or media or by any means; or

4.6.1.2. attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Supplier Software; or

 4.6.2. access all or any part of the Managed Services in order to build a product or service which competes with the Managed Services; or

 4.6.3. use the Managed Services to provide services to third parties; or

4.6.4. subject to clause 25.2, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Managed Services available to any third party except those authorised to access under the Order Form, or

4.6.5. attempt to obtain, or assist third parties in obtaining, access to the Managed Services and/or Documentation, other than as provided under this clause 2; or

4.6.6. introduce, or permit the introduction of, any virus or other vulnerability into the Supplier's network and information systems.

4.7. The Client shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Managed Services in the event of any such unauthorised access or use, promptly notify the Supplier.

 4.8. The Client shall remain responsible for the use of the Managed Services under its control, including any use by third parties that Client has authorised to use the Managed Services.

4.9. The Client must take reasonable measures to ensure it does not jeopardise services supplied to third parties on the same shared access infrastructure as notified to the Client by the Supplier in writing. This includes informing the Supplier promptly in the case of a denial-of-service attack or distributed denial-of-service attack. In the event of any such incident, the Supplier will work with the Client to alleviate the situation as quickly as possible. The Parties shall discuss and agree appropriate action (including suspending the Managed Services).

 4.10. The Client shall not provide the Managed Services to any third party unless otherwise indicated in the Order Form. Nothing in this Agreement shall prevent Client from allowing Client Contractors to act as service users.

 4.11. The Supplier reserves the right to:

4.11.1. modify the Supplier's System, its network, system configurations or routing configuration; and

4.11.2. amend the Software, to maintain compliance with the current NHS Digital Spine requirements. Such amendments may require changes, at the Client’s expense, to the Client System; and

 4.11.3. modify or replace any Hardware or Software in its network or in equipment used to deliver any Managed Service over its network, provided that this has no adverse effect on the Supplier's obligations or performance under this Agreement and its provision of the Managed Services. If such changes will have an adverse effect, the Supplier shall notify the Client and the Parties shall follow the change control process.

4.12. The Managed Services shall not include the following which shall be deemed to be additional services for which the Supplier shall be entitled to charge for at its then prevailing rates:

4.12.1. the release and maintenance of new Versions, which may be provided by the Supplier subject to payment of reasonable additional fees;

4.12.2. any error correction required to the Software as a result of any changes made to any other software or hardware platforms used by the Client or a third party;

4.12.3. any error correction required as a result of the Client's breach of its obligations in this Agreement.

4.13. The Client acknowledges that provision of the Managed Services may be affected if Partner Admin Link is removed.

 

5. INCIDENT REPORTING PROCESS

5.1. The Client shall report incidents to the Supplier in accordance with the Incident Reporting Procedure.

5.2. Incident reports shall only be accepted from individuals named as part of the Authorised Contacts or as otherwise agreed in writing with the Supplier from time to time.

5.3. The Supplier shall provide a set of user accounts to the Client prior to the Go-Live Date to allow the Authorised Contacts to access the Managed Services for the purpose of logging incidents.

5.4. Incidents that are not reported to the Supplier in accordance with the Incident Reporting Procedure shall be informally investigated by the Supplier to gather more information about the incident before the incident reporting process begins.

6. CLIENT DATA

6.1. The Supplier shall promptly notify the Client in writing of any loss or damage to the Client Data. In the event of any loss or damage to Client Data, the Client’s sole and exclusive remedy against the Supplier shall be for the Supplier to use reasonable commercial reasonable endeavours to restore the lost or damaged Client Data from the latest backup of such Client Data. Subject to clause 4.4, the Supplier shall not be responsible for any loss, destruction, alteration or unauthorised disclosure of Client Data caused by any third party.

6.2. The Parties shall at all times comply with their relevant obligations under Schedule 1 (Data Protection Principles).

 6.3. An exit plan will be drafted and agreed prior to go-live. This will include the conditions for the Supplier to provide data to the Client in an exportable format and for the destruction of Client data held by the Supplier.

7. SUPPLIER’S OBLIGATIONS

7.1. The Supplier warrants that the Managed Services will be performed with all reasonable skill and care and that it will be provided in accordance with the terms and conditions of this Agreement and the Order Form.

 7.2. The warranty in clause 7.1 shall not apply to the extent of any non-conformance that is caused by use of the Managed Services contrary to the Supplier's instructions or modification or alteration of the Managed Services by any party other than the Supplier or the Supplier's duly authorised contractors or agents.

7.3. If the Managed Services do not conform with the warranty in clause 7.1, the Supplier shall, at its expense, use commercially reasonable endeavours to correct any such non-conformance promptly, or provide the Client with an alternative means of accomplishing the desired performance. Such correction or substitution constitutes the Client’s sole and exclusive remedy for any breach of the undertaking set out in clause 7.1.

7.4. Notwithstanding the foregoing, the Supplier does not warrant that:

 7.4.1. the Client's use of the Managed Services will be uninterrupted or error-free; or

7.4.2. the Managed Services and/or information obtained by the Client through the Managed Services will meet the Client’s requirements.

 7.5. This Agreement shall not prevent the Supplier from entering into similar agreements with third parties, or from commissioning, engaging, independently developing, using, selling or licensing materials, products or services that are similar to those provided under this Agreement.

 7.6. The Supplier shall:

7.6.1. staff the Supplier’s support desk with a team of skilled individuals;

7.6.2. be a bona fide licensed user of all Third Party Software and of the Supplier Software;

7.6.3. use commercially reasonable endeavours to follow the instructions of the Client and will remain courteous during any communications with Client personnel;

7.6.4. provide the Client with all necessary co-operation in relation to this Agreement;

 7.6.5. comply with all applicable laws and regulations with respect to its activities under this Agreement; and

7.6.6. carry out all other Supplier responsibilities set out in this Agreement or in any of the Schedules in a timely and efficient manner.

7.7. The Supplier shall be under no obligation to provide the Managed Services to the Client in the following circumstances where there has been unauthorised use of the Managed Services by the Client or use otherwise than in accordance with this Agreement.

7.8. For the avoidance of doubt the following shall be outside the scope of Managed Services and be subject to the payment of additional Fees:

 7.8.1. training in the use of any upgrades;

7.8.2. correcting any errors caused by use of the Managed Services contrary to the Supplier's instructions or modification or alteration of the Managed Services by any party other than the Supplier or the Supplier's duly authorised contractors or agent; and

7.8.3. providing the Managed Services to the Client where such support has been unnecessary if the Client had implemented update(s) and upgrade(s) supplied or offered to the Client pursuant to the call for technical support.

8. SECURITY

8.1. The Supplier shall ensure that appropriate safety and security systems and procedures are maintained and enforced to prevent unauthorised access or damage to any and all Managed Services, the Supplier's System and related networks or resources and the Client Data, in accordance with Good Industry Practice.

8.2. The Client shall install all Maintenance Releases with security updates without delay and any Maintenance Release stated as “Critical” shall be installed by the Client within the time reasonably specified by the Suppler.

8.3. The Supplier may require the Client to cease to use the Software until a Critical update has been installed.

 8.4. The Client shall have no claim against the Supplier for loss or damages resulting from a security breach if the Client has failed to take the appropriate action required by the Supplier within the specified time.

8.5. Each Party shall promptly inform the other if it suspects or uncovers any breach of security and shall use all commercially reasonable endeavours to promptly remedy such breach.

 

9. CLIENT'S OBLIGATIONS

9.1. To the extent that the Supplier requires access to the Client Operating Environment to perform the Managed Services, the Client shall use all reasonable endeavours to provide such access during Normal Business Hours and to provide a suitable work environment to enable the Supplier to perform such Managed Services subject to the Supplier complying with such internal policies and procedures of the Client (including those relating to security and health and safety) as may be notified to the Supplier in writing from time to time.

 9.2. The client shall ensure that access to CLEO applications is restricted to its trusted organisational network. If users access this network remotely, the customer shall enforce Multi-Factor Authentication (MFA) as per the 'NHS England: Multi-Factor Authentication (MFA) Policy' prior to accessing CLEO applications.

9.3. The Client shall:

9.3.1. use the Managed Services only for lawful purposes and in accordance with this Agreement and comply with all applicable laws and regulation with respect to its activities under the Agreement;

9.3.2. fully virus-check all data supplied to the Supplier pursuant to this Agreement, including all Client Data;

9.3.3. make the Client Operating Environment and Client Equipment, required to provide the Managed Services, accessible to the Supplier Support Team, enable logons or passwords required for the Supplier Support Team staff; and provide appropriate hardware interface, software and access authorisation to enable remote diagnosis, should such capability be required;

 9.3.4. provide the Supplier with all necessary co-operation and provide all information and make available all resources as reasonably requested by Supplier in the execution of its obligations under this Agreement including but not to Client Data, security access information and configuration services;

 9.3.5. follow the instructions of Supplier Support Team and remain courteous during any communications with Supplier personnel;

9.3.6. gather all relevant information it knows to be relevant prior to requesting assistance including detailed fault description, and procedures required to replicate a problem if possible. Any additional information which may help in the diagnosis of a fault should be included such as network configuration details;

9.3.7. agree that if, in the course of performing the Managed Services, it is necessary or desirable for the Supplier to access or use any Client Owned Equipment, Client Software or Client Data (or which is in the possession of the Client) then it shall where it is able to under the terms of its existing licences grant to Supplier a non-exclusive, royalty free licence, during the term of the Agreement to use the same solely for the purpose of delivering the Managed Services;

 9.3.8. carry out all other Client responsibilities set out in this Agreement or in any of the Schedules in a timely and efficient manner. In the event of any delays in the Client's provision of such assistance as agreed by the Parties, the Supplier may adjust any timetable or delivery schedule set out in this Agreement and/or the Order Form as reasonably necessary;

 9.3.9. obtain and shall maintain all necessary licences, consents, and permissions necessary for the Supplier, its contractors and agents to perform their obligations under this Agreement, including without limitation the Managed Services;

9.3.10. ensure that its network and systems comply with the relevant specifications provided by the Supplier from time to time and to ensure prompt updating in accordance with new versions, ensuring that the system in use by Client staff is no more than two versions behind the most current; and

 9.3.11. be, to the extent permitted by law and except as otherwise expressly provided in this Agreement, solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to the Supplier's data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Client's network connections or telecommunications links or caused by the internet.

 

10. WARRANTIES

10.1. Both Parties warrants that they:

 10.1.1. have the full capacity and authority to enter into and perform this Agreement and that this Agreement is executed by a duly authorised representative;

 10.1.2. will comply with and use the Managed Services in accordance with the terms of this Agreement and all applicable laws, and shall not do any act that shall infringe the rights of any third party including the publishing or transmission of any materials contrary to relevant laws;

10.2. The Client warrants that:

10.2.1. it owns or has obtained valid licences, consents, permissions and rights to use, and where necessary to licence to the Supplier, any materials reasonably necessary for the fulfilment of all its obligations under this Agreement, including any third-party licences and consents in respect of any Client Software; and

 10.2.2. the Supplier's use in the provision of the Managed Services or otherwise in connection with this Agreement of any of the Client’s materials, including any Hardware or Client Software supplied by the Client to the Supplier for use in the provision of the Managed Services or otherwise in connection with this Agreement, shall not cause the Supplier to infringe the rights, including any Intellectual Property Rights, of any third party.

10.3. The Supplier agrees and undertakes that:

 10.3.1. it has, and shall require its staff shall have, and shall maintain throughout the Term, all appropriate licences and registrations with the relevant bodies to fulfil its obligations under this Agreement;

10.3.2. it has all rights, consents, authorisations, licences and accreditations required to provide the Managed Services and shall maintain such consents, authorisations, licences and accreditations throughout the Term;

10.3.3. it has and shall maintain a properly documented system of quality controls and processes covering all aspects of its obligations under this Agreement and/or under Law and shall at all times comply with such quality controls and processes;

10.3.4. it shall not make any significant changes to its system of quality controls and processes in relation to the Managed Services which materially impact the Client without notifying the Client in writing at least five (5) Business Days in advance of such change (such notice to include the details of the consequences which follow such change being implemented);

10.3.5. where any act of the Supplier requires the notification to and/or approval by any regulatory or other competent body in accordance with any Law, the Supplier shall comply fully with such notification and/or approval requirements;

 10.3.6. receipt of the Managed Services by or on behalf of the Client and use of the deliverables or of any other item or information supplied or made available to the Client as part of the Managed Services will not infringe any third party rights, to include without limitation any Intellectual Property Rights;

 10.3.7. it will provide the Managed Services using reasonable skill and care and in accordance with generally accepted Good Industry Practice and shall fulfil all requirements of this Agreement using appropriately skilled, trained and experienced staff and contractors;

10.3.8. unless advised otherwise, or is the responsibility of the Client, it has and/or shall procure all resources, equipment, consumables and other items and facilities required to provide the Managed Services;

10.3.9. it shall comply with all relevant health and safety processes, requirements safeguards, controls, and training obligations in accordance with its own operational procedures and the Law, and any notices or instructions given to the Supplier by any competent body, as relevant to the provision of the Managed Services;

10.3.10. without prejudice to any specific notification requirements set out in this Agreement, it will promptly notify the Client of any health and safety hazard which has arisen, or the Supplier is aware may arise, in connection with the performance of the Managed Services and take such steps as are reasonably necessary to ensure the health and safety of persons likely to be affected by such hazards;

10.3.11. any equipment it uses in the provision of the Managed Services shall comply with all relevant Law, be fit for its intended purpose and maintained appropriately and shall remain the Supplier’s risk and responsibility at all times;

10.3.12. it shall follow Good Industry Practice to ensure as far as practicable that any information and communications technology systems and/or related hardware and/or software it uses are free from corrupt data, viruses, worms and any other computer programs or code which might cause harm or disruption to the Client's information and communications technology systems;

10.3.13. it shall: (i) comply with all relevant Law and guidance and shall use Good Industry Practice to ensure that there is no slavery or human trafficking in its supply chains; and (ii) notify the Client immediately if it becomes aware of any actual or suspected incidents of slavery or human trafficking in its supply chains;

 10.3.14. it shall at all times conduct its business in a manner that is consistent with any anti-slavery Law and shall provide to the Client any reports or other information that the Client may request as evidence of the Supplier’s compliance with this Clause

10.3.14 and/or as may be reasonably requested or otherwise reasonably required by the Client in accordance with its anti-slavery policy;

10.3.15. it has the right and authority to enter into this Agreement and that it considers that it has the capability and capacity to fulfil its obligations under this Agreement;

 10.3.16. it is a properly constituted entity and it is fully empowered by the terms of its constitutional documents to enter into and to carry out its obligations under this Agreement and the documents referred to in this Agreement;

 10.3.17. all necessary actions to authorise the execution of and performance of its obligations under this Agreement have been taken before such execution;

 10.3.18. there are no pending or threatened actions or proceedings before any court or administrative agency of which it is aware which would materially adversely affect the financial condition, business or operations of the Supplier;

10.3.19. there are no material agreements existing to which the Supplier is a party which prevent the Supplier from entering into or complying with this Agreement;

10.3.20. it has and will continue to have the capacity, funding and cash flow to meet all its obligations under this Agreement; and

10.3.21. it has satisfied itself as to the nature and extent of the risks assumed by it under this Agreement and has gathered all information necessary to perform its obligations under this Agreement and all other obligations assumed by it.

 

11. CHARGES AND PAYMENT

11.1. The Client shall pay the Fees for the Managed Services as set out in the Order Form. In the event of a conflict between an official ‘CLEO Systems quote’ and the Order Form, the Fees listed in the Order Form shall prevail.

 11.2. The Client shall issue a Purchase Order to the Supplier in respect of any Services to be supplied to the Client under this Agreement.

 11.3. All Fees and other sums due from the Client under this Agreement will be payable by the Client within 30 days from receipt of invoice by such reasonable and accessible method of delivery of invoices as the Client may reasonably require, the date being confirmed by an automatic email receipt from the Supplier’s sending machine. All amounts and Fees stated or referred to in this Agreement are exclusive of value added tax, which shall be added to the Supplier's invoice(s) at the appropriate rate.

11.4. Not used

 11.5. The Supplier shall be entitled to suspend its delivery of the Managed Services to the Client in the event that any Fees remain unpaid 60 days after receipt of invoice.

 11.6. The Fees shall be reviewed annually and any increase shall take effect on 1 April of each year of the Initial Term and any Extended Term (the “Relevant Date”). The increase (if any) shall be in direct proportion to and no more than the percentage increase of the UK government’s published CPI rate. The Fees shall not be less than in the preceding year.

12. CHANGE CONTROL

12.1. If either Party wishes to change the scope of the Managed Services, it shall submit details of the requested change to the other in writing. Any variation to the Managed Services shall be agreed in accordance with clause 24.2.

13. PROPRIETARY RIGHTS

13.1. The Client acknowledges and agrees that the Supplier and/or its licensors own all intellectual property rights in the Supplier Software and the Managed Services. Except as expressly stated herein, this Agreement does not grant the Client any rights to, under or in, any patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the Supplier Software or the Managed Services.

 13.2. The Supplier shall retain exclusive ownership of all Intellectual Property Rights in

13.2.1. all of its Background Materials; and

13.2.2. ideas, concepts, techniques and know-how discovered, in the Software and created or developed by the Supplier during the performance of the Managed Services that are of general application and that are not based on or derived from the Client’s business or Confidential Information (“General IP”, together with the Background Materials, the “Supplier Intellectual Property”). The Supplier grants to the Client a non-exclusive, irrevocable, worldwide royalty free and non-transferable licence to use the Supplier Intellectual Property for the duration of this Agreement and solely for the Client's internal business operations in relation to this Agreement.

 13.3. The Client acknowledges that the Supplier owns all Intellectual Property Rights or has the right to grant licences in the Client Data. The Supplier hereby grants to the Client a non-exclusive, worldwide, perpetual, royalty free licence to use, reproduce, distribute, modify, adapt, create derivative works from, grant sublicenses in (with the consent of the Client, not to be unreasonably withheld), make publicly available any Intellectual Property Rights in the Client Data solely in connection with the Supplier’s delivery of the Managed Services.

 13.4. The Supplier confirms that it has all the rights in relation to the Managed Services that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this Agreement.

14. INDEMNITY

14.1. The Client shall defend, indemnify and hold harmless the Supplier from and against all claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with:

 14.1.1. the Client’s use of the Managed Services; or

 14.1.2. the Supplier’s use or possession of the Client Data in connection with the provision of the Managed Services including for the infringement of any third-party intellectual property rights;

14.1.3. any modification, alteration, replacement, or combination with any other data, code, documents or other software by the Client, which alters the Supplier Intellectual Property or Managed Services where such alterations infringe the Intellectual Property Rights of a third-party; or

 14.1.4. resulting from any breach by the Client of the Client’s obligations under clause 2.2 or clause 8, this indemnity applies whether or not legal proceedings are instituted and, if such proceedings are instituted, irrespective of the means, manner or nature of any settlement, compromise or determination.

 14.2. The Supplier shall defend the Client, its officers, directors and employees against any third party claim that the Client’s use of the Managed Services in accordance with this Agreement infringes any patent effective as of the Effective Date, or any copyright, trade mark, database right or right of confidentiality within the United Kingdom, and shall indemnify the Client for any amounts awarded against the Client in judgment or settlement of such claims, provided that

: 14.2.1. the Supplier is given notice of any such claim as soon as is reasonably practicable; and

14.2.2. the Client provides reasonable co-operation to the Supplier in the defence and settlement of such claim, at the Supplier’s expense; and

 14.2.3. the Client uses all reasonable endeavours to mitigate any loss, damage, expense or cost claimed under this clause 14.2; and

14.2.4. the Supplier is given sole authority to defend or settle the claim provided that no such settlement imposes any obligations or restrictions on the Client.

 14.3. In the defence or settlement of any claim, the Supplier may procure the right for the Client to continue using the Managed Services, replace or modify the Managed Services so that they become non-infringing (provided the functionality of the Managed Services to the Client is not materially affected or such modification does not increase the Fees in any way) or, if such remedies are not reasonably available, terminate this Agreement on 5 business days' notice to the Client without any additional liability or obligation to pay liquidated damages or other additional costs to the Client. 14.4. In no event shall the Supplier, its employees, agents or sub-contractors be liable to the Client to the extent that the alleged infringement is based on:

14.4.1. a modification of the Managed Services by anyone other than the Supplier; or

 14.4.2. the Client’s use of the Managed Services in a manner contrary to the instructions and any training given to the Client by the Supplier; or

 14.4.3. the Client’s use of the Managed Services after notice of any alleged or actual infringement from the Supplier or any appropriate authority.

 14.5. The foregoing states and constitutes the Client’s sole and exclusive rights and remedies, and the Suppliers (including the Supplier’s employees', agents' and sub-contractors') entire obligations and liability, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.

15. CONFIDENTIALITY

15.1. The term "Confidential Information" does not include any information that:

 15.1.1. is or becomes generally available to the public (other than as a result of its disclosure by the receiving Party or its Representatives in breach of this clause 15);

15.1.2. was available to the receiving Party on a non-confidential basis before disclosure by the disclosing Party;

 15.1.3. was, is or becomes available to the receiving Party on a non-confidential basis from a person who, to the receiving Party's knowledge, is not bound by a confidentiality Agreement with the disclosing Party or otherwise prohibited from disclosing the information to the receiving Party;

 15.1.4. was known to the receiving Party before the information was disclosed to it by the disclosing Party;

15.1.5. the Parties agree in writing is not confidential or may be disclosed; or

 15.1.6. is developed by or for the receiving Party independently of the information disclosed by the disclosing Party.

15.2. Each Party shall keep the other Party's Confidential Information confidential and shall not:

 15.2.1. use such Confidential Information except for the purpose of exercising or performing its rights and obligations under this Agreement (“Permitted Purpose”); or

15.2.2. disclose such Confidential Information in whole or in part to any third party, except as expressly permitted by this clause

 15. 15.3. Each Party shall take all reasonable steps to ensure that the other's Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this Agreement.

 15.4. The Client acknowledges that the Supplier's Confidential Information includes any designs, plans, software or other materials created by the Supplier in connection with the Managed Services and the Client agrees not to make use of any such material for any purpose other than receipt of the Managed Services from the Supplier.

15.5. The Supplier acknowledges that the Client Data is the Confidential Information of the Client.

 15.6. A Party may disclose the other Party's Confidential Information to those of its Representatives who need to know such Confidential Information for the Permitted Purpose, provided that:

 15.6.1. it informs such Representatives of the confidential nature of the Confidential Information before disclosure; and

15.6.2. at all times, it is responsible for such Representatives' compliance with the confidentiality obligations set out in this clause

15. 15.7. Each party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction, provided that, to the extent it is legally permitted to do so, it gives the other Party as much notice of such disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this clause

 15.7, it takes into account the reasonable requests of the other Party in relation to the content of such disclosure.

15.8. Notwithstanding the provisions of this clause 15 where a Freedom of Information Act 2000 (“FOIA”) or Codes of Practice on Access to Government Information or on the Discharge of Public Authorities’ Functions or on the Management of Records (“Codes of Practice”) or the Environmental Information Regulations 2004 (“Environmental Regulations”) requires a party to disclose Confidential Information it shall not disclose such information without first informing the other party of any information intended to be disclosed in respect of the other party or the terms or conduct under this Agreement, and giving the other party sufficient opportunity to object to or agree to the disclosure, or agree the extent of such disclosure and any conditions to be imposed in respect of such disclosure, provided that the other party does not cause the disclosing party to be in breach of FOIA requests or Codes of Practice or Environmental Regulations.

15.9. Each Party reserves all rights in its Confidential Information. No rights or obligations in respect of a Party's Confidential Information other than those expressly stated in this Agreement are granted to the other Party, or to be implied from this Agreement. 15.10. The provisions of this clause 15 shall continue to apply for three (3) years after termination of this Agreement and without limit in time in respect of Confidential Information which comprises Personal Data or which relates to national security; and Data Protection but the party may destroyed such Confidential Information at any time following the expiry or termination of this Agreement.

 

16. LIMITATION OF LIABILITY

16.1. This clause 16 sets out the entire financial liability of each Party (including any liability for the acts or omissions of its employees, agents and subcontractors) in respect of:

16.1.1. any breach of this Agreement; and

16.1.2. any representation, misrepresentation (whether innocent or negligent), statement or tortious act or omission (including negligence) arising under or in connection with this Agreement.

 16.2. Except as expressly and specifically provided in this Agreement:

16.2.1. the Client assumes sole responsibility for results obtained from the use of the Managed Services, and for conclusions drawn from such use. The Supplier shall have no liability for any damage caused by errors or omissions in any information, instructions or scripts provided to the Supplier by the Client in connection with the Managed Services, or any actions taken by the Supplier at the Client's direction; and

 16.2.2. all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this Agreement; and

 16.2.3. the Managed Services are provided to the Client on an ‘as is’ basis.

16.3. Nothing in this Agreement excludes or limits either Party’s liability for:

 16.3.1. death or personal injury caused by negligence;

16.3.2. fraud or fraudulent misrepresentation; or

 16.3.3. any other liability which cannot lawfully be excluded or limited.

16.4. Subject to clauses

16.2 and

 16.3:

16.4.1. neither Party shall be liable to the other in contract, tort (including for negligence or breach of statutory duty), misrepresentation (whether innocent or negligent), restitution or otherwise for any loss of profits, loss of business, depletion of goodwill or similar losses, or pure economic loss, or for any indirect or consequential loss, costs, damages, charges or expenses however arising; and

16.4.2. each Party’s total aggregate liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising out of or in connection with the performance or contemplated performance of this Agreement shall be limited to one hundred percent (125%) of the Fees paid for the Managed Services during the twelve (12) months preceding the date on which the claim arose (and in the first 12 months of this Agreement, 125% of the Fee stated in the Order Form) provided that the total liability does not exceed £1,000,000 (1 million GBP) per claim or if greater the Fee paid in the Initial Term..

17. TERM AND TERMINATION

17.1. This Agreement shall, unless terminated earlier in accordance with this clause 17, automatically be extended for successive twelve (12) month periods (“Extended Term”) at the end of the Initial Term and at the end of each Extended Term, unless either Party gives written notice to the other Party, not later than ninety (90) days before the end of the Initial Term or the relevant Extended Term, to terminate this Agreement at the end of the Initial Term or the relevant Extended Term, as the case may be.

17.2. Without prejudice to any rights that the Parties have accrued under this Agreement or any of their respective remedies, obligations or liabilities, either Party may terminate this Agreement with immediate effect by giving written notice to the other Party if:

17.2.1. the other Party commits a material breach of any material term of this Agreement (including, without limitation breach of any payment obligations) and (if such breach is remediable) fails to remedy that breach within a period of thirty (30) days after being notified by the other Party to do so;

17.2.2. the other Party breaches any of the terms of clause 13, clause 15 or clause 19; 17.2.3. the other Party repeatedly breaches any of the terms of this Agreement in such a manner as to reasonably justify the opinion that its conduct is inconsistent with it having the intention or ability to give effect to the terms of this Agreement;

17.2.4. the other Party suspends, or threatens to suspend, payment of its debts, or is unable to pay its debts as they fall due or admits inability to pay its debts, or is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986; or

17.2.5. the other Party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business. 17.3. Termination of this Agreement, for any reason, shall not affect the accrued rights, remedies, obligations or liabilities of the Parties existing at termination, including the right to claim damages in respect of any breach of the Agreement which existed at or before the date of termination shall not be affected or prejudiced. 17.4. On termination of this Agreement for any reason:

 17.4.1. the Supplier shall immediately cease provision of the Managed Services;

 17.4.2. the Client shall pay all outstanding sums owing to the Supplier up to and including the date of termination; and

 17.4.3. all licences granted under this Agreement shall immediately terminate and the Client shall immediately cease all use of the Managed Services;

 17.4.4. each Party shall use return and make no further use of any equipment, property, materials and other items (and all copies of them) belonging to the other Party.

17.5. If a Party is required by any law, regulation, or government or regulatory body (“Regulatory Requirement”) to retain any documents or materials which it would otherwise be obliged to return or destroy, it shall notify the other Party in writing of such retention, giving details of the documents or materials that it must retain. This clause

 17.5 shall continue to apply to any such retained documents and materials for as long as any such requirement continues in force, subject to any disclosure mandated by any Regulatory Requirement.

 

18. DISPUTE RESOLUTION

18.1. Disputes shall be referred to the Client's Service Manager and the Supplier’s Systems Service Manager (together the “Service Managers”) who shall meet for the purpose of endeavouring to resolve such dispute. During the course of the negotiation all reasonable requests made by one Party to the other for information will be honoured in order for each Party to be kept informed. The specific format for such discussions will be left to the discretion of the Service Managers.

18.2. Any dispute that is not resolved by the Service Managers in accordance with the procedures described in clause 18.1 shall be escalated to the Parties' respective Account Managers, who will discuss the problem and negotiate in good faith to resolve the dispute. The specific format for such discussions and negotiations will be left to the discretion of the two managers. If the dispute is not resolved within 15 days from the date of referral of the dispute to the Account Managers, then the Dispute shall be referred to the Managing Directors of the Parties and dealt with in accordance with clause 18.3 below.

18.3. Any dispute that is not resolved in accordance with the procedures described in clause 18.2 shall be escalated to the Managing Directors of the Supplier and the Client who will discuss the problem and negotiate in good faith to resolve the dispute. The specific format for such discussions and negotiations will be left to the discretion of the two Managing Directors. If the dispute is not resolved within 15 days from the date of referral of the dispute to the Managing Director of the Supplier, then the dispute shall be dealt with in accordance with 18.4 below.

18.4. The Parties will attempt to settle it by mediation in accordance with the Centre for Dispute Resolution (“CEDR”) Model Mediation Procedure. 18.5. No further proceedings for the resolution of any dispute may be commenced until 42 days after the initiation of the mediation in accordance with clause 18.4.

19. STAFF TRANSFER AND NON-SOLICITATION

19.1. It is not intended that any staff be transferred from the Supplier to the Client or from the Client to the Supplier pursuant to this Agreement or that any ‘relevant transfer’ occur for the purposes of the Transfer of Undertakings (Protection of Employment) Regulations 2006.

19.2. Neither Party shall solicit the other Party’s staff or contractors who have been employed or engaged in the Managed Services or the performance of this Agreement during the lifetime of this Agreement and for a period of 9 months thereafter. For the purposes of this clause 19.2, ‘solicit’ means the soliciting of such person with a view to engaging such person as an employee, director, sub-contractor or independent contractor.

19.3. In the event that either Party is in breach of clause 19.2 above then the Party in breach shall pay to the other Party by way of liquidated damages an amount equal to 50% per cent of the gross annual budgeted fee income (as at the time of the breach or when such person was last in the service of the relevant Party) of the person so employed or engaged. This provision shall be without prejudice to either Party’s ability to seek injunctive relief.

19.4. The Parties hereby acknowledge and agree that the formula specified in clause 19.3 above is a reasonable estimate of the loss which would be incurred by the loss of the person so employed or engaged.

 

20. FORCE MAJEURE

20.1. The Supplier shall have no liability to the Client under this Agreement and the Client shall have no obligation to pay the Fees if the Supplier is prevented from, or delayed in, performing its obligations under this Agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control except to the extent that the Supplier could reasonably have avoided such circumstances by fulfilling its obligations in accordance with the terms of this Agreement or otherwise exercising the level of diligence that could reasonably have been expected of it (having exercised Good Industry Practice), including strikes, lock-outs or other industrial disputes (excluding any industrial disputes involving the workforce of the Supplier), act of God, pandemic, war, riot, civil commotion, compliance with any law or regulation, fire, flood or storm (each a “Force Majeure Event”), provided that:

20.1.1. the Client is notified of such an event and its expected duration; and

20.1.2. the Supplier uses all reasonable endeavours to mitigate, overcome or minimise the effects of the Force Majeure Event concerned;

20.1.3. and that if the period of delay or non-performance continues for four (4) weeks or more, the Party not affected may terminate this Agreement by giving fourteen (14) days' written notice to the other Party.

 

21. ANTI-BRIBERY AND MODERN SLAVERY

21.1. The Parties shall:

21.1.1. comply with all applicable laws, regulations and sanctions relating to anti-bribery, anticorruption and modern slavery including the Bribery Act 2010 and the Modern Slavery Act 2015; and

21.1.2. promptly report to the other Party any request or demand for any undue financial or other advantage of any kind received in connection with the performance of this Agreement.

22. WAIVER

22.1. No failure or delay by a Party to exercise any right or remedy provided under this Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it preclude or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall preclude or restrict the further exercise of that or any other right or remedy.

23. SEVERANCE

23.1. If any court or competent authority finds that any provision of this Agreement (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision shall, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Agreement shall not be affected.

23.2. If any invalid, unenforceable or illegal provision of this Agreement would be valid, enforceable and legal if some part of it were deleted, the Parties shall negotiate in good faith to amend such provision such that, as amended, it is legal, valid and enforceable, and, to the greatest extent possible, achieves the Parties' original commercial intention.

 

24. ENTIRE AGREEMENT AND VARIATION

24.1. This Agreement and the documents referred to within (including but not to the Order Form) constitute the entire Agreement between the Parties and supersedes all previous discussions, correspondence, negotiations, arrangements, understandings and agreements between them relating to its subject matter.

24.2. No alteration to or variation of this Agreement shall take effect unless and until the same is in writing and signed on behalf of each of the Parties by a duly authorised representative.

25. ASSIGNMENT

25.1. The Supplier may at any time assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this Agreement. The Supplier will provide appropriate notification to the Client in this case.

25.2. The Client shall not, without the prior written notification of the Supplier, assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this Agreement, provided that the system continues to be used only for the purpose for which it was accredited and is allowed under this Agreement.

26. NO PARTNERSHIP OR AGENCY

26.1. Nothing in this Agreement is intended to, or shall be deemed to, establish any partnership or joint venture between any of the Parties, constitute any Party the agent of another Party, nor authorise any Party to make or enter into any commitments for or on behalf of any other Party.

27. THIRD-PARTY RIGHTS

27.1. This Agreement does not confer any rights on any person or party (other than the Parties to this Agreement and, where applicable, their successors and permitted assigns) to enforce any term of this Agreement pursuant to the Contracts (Rights of Third Parties) Act 1999.

27.2. The rights of the Parties to terminate, rescind or agree any variation, waiver or settlement under this Agreement are not subject to the consent of any other person.

28. PUBLICITY

28.1. Both Parties shall make all reasonable efforts to have any marketing communication involving the other Party (“Approving Party”), including customer lists, advertisements, direct mail, or press releases, approved in advance by the Approving Party.

28.2. The Approving Party shall not unreasonably deny or delay such approval. Any such materials will be reviewed by the Approving Party within 14 days of receipt. If the Approving Party does not respond to a request for approval within 14 days of receipt, the Approving Party will be deemed to have approved the relevant materials.

29. NOTICES

29.1. Any notice or other communication required to be given to a Party under or in connection with this Agreement shall be in writing and shall be delivered by email or sent by pre-paid first class post or other next working day delivery service, at its registered office (if a company), to the address listed in the Order Form or such other addresses for notices agreed between the Parties in writing from time to time.

29.2. Any notice or communication shall be deemed to have been received if delivered by hand, on signature of a delivery receipt, or otherwise electronic delivery receipt for an email.

29.3. This clause 29 does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution. For the purposes of this clause 29, "writing" shall not include e-mail.

30. GOVERNING LAW AND JURISDICTION

30.1. This Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be exclusively governed by and construed in accordance with the laws of England and Wales.

30.2. The Parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim that arises out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims).

31. COUNTERPARTS

31.1. This Agreement shall be executed in a number of counterparts, each of which shall be deemed an original, but all of which together shall constitute one and the same instrument. This Agreement may be signed by wet ink or by electronic signature and delivered by e-mailed portable document format file or other means of electronic transmission and shall be deemed to have the same legal effect as delivery of an original signed copy of this Agreement.

Schedule 1 – Data Protection Principles

DEFINITIONS

Applicable Laws: (for so long as and to the extent that they apply to the Supplier) the law of the European Union, the law of any member state of the European Union and/or Domestic UK Law.

Controller, Processor, Data Subject, Personal Data, Personal Data Breach, processing and appropriate technical and organisational measures are as defined in the Data Protection Legislation.

Data Protection Legislation: the UK Data Protection Legislation and any other European Union legislation relating to personal data and all other legislation and regulatory requirements in force from time to time which apply to a Party relating to the use of Personal Data (including, without limitation, the privacy of electronic communications) and the guidance and codes of practice issued by the relevant data protection or supervisory authority and applicable to a Party.

Domestic UK Law: the UK Data Protection Legislation and any other law that applies in the UK.

UK Data Protection Legislation: all applicable data protection and privacy legislation in force from time to time in the UK including UK GDPR; the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.

UK GDPR: as defined in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018.

2. DATA PROTECTION

2.1. Both Parties will comply with all applicable requirements of the Data Protection Legislation. This clause 2 is in addition to, and does not relieve, remove or replace, a Party's obligations or rights under the Data Protection Legislation.

2.2. The Parties acknowledge that for the purposes of the Data Protection Legislation, the Client is the Controller, the Supplier is the Processor and any Supplier employee engaged for the purposes of this Agreement is a sub-processor. Annex 1 sets out the scope, nature and purpose of processing by the Supplier, the duration of the processing and the types of Personal Data and categories of Data Subject.

2.3. Without prejudice to the generality of clause 2.1, the Client will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to the Supplier and/or lawful collection of the Personal Data by the Supplier on behalf of the Client for the duration and purposes of this Agreement.

2.4. Without prejudice to the generality of clause 2.1, the Supplier shall, in relation to any Personal Data processed in connection with the performance by the Supplier of its obligations under this Agreement:

2.4.1. process that Personal Data only on the documented written instructions of the Client which are set out in Annex 1 unless the Supplier is required by Applicable Laws to otherwise process that Personal Data. Where the Supplier is relying on Applicable Laws as the basis for processing Personal Data, the Supplier shall promptly notify the Client of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Supplier from so notifying the Client;

2.4.2. ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the Client, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it);

2.4.3. ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential; and

2.4.4. not transfer any Personal Data outside of the UK unless the prior written consent of the Client has been obtained and the following conditions are fulfilled:

2.4.4.1. the Client or the Supplier has provided appropriate safeguards in relation to the transfer;

2.4.4.2. the Data Subject has enforceable rights and effective legal remedies;

2.4.4.3. the Supplier complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred; and

2.4.4.4. the Supplier complies with reasonable instructions notified to it in advance by the Client with respect to the processing of the Personal Data;

2.4.5. assist the Client in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;

2.4.6. notify the Client without undue delay on becoming aware of a Personal Data Breach;

2.4.7. at the written direction of the Client, delete or return Personal Data and copies thereof to the Client on termination of the agreement unless required by Applicable Law to store the Personal Data; and

2.4.8. maintain complete and accurate records and information to demonstrate its compliance with this clause 2.4 and allow for audits by the Client or the Client's designated auditor and immediately inform the Client if, in the opinion of the Supplier, an instruction infringes the Data Protection Legislation.

2.5. The Supplier shall notify the Client of the appointment of any third-party processor of Personal Data under this agreement as soon as practicably possible. The Supplier confirms that it will enter with the third-party processor into a written agreement incorporating terms which are substantially similar to those set out in this clause 2 and in either case which the Supplier confirms reflects and will continue to reflect the requirements of the Data Protection Legislation. As between the Client and the Supplier, the Supplier shall remain fully liable for all acts or omissions of any third-party processor appointed by it pursuant to this clause 2.5.

 2.6. Either Party may, at any time on not less than 30 days’ notice, revise this Schedule 1 by replacing it with any applicable controller to processor standard clauses or similar terms forming part of an applicable certification scheme (which shall apply when replaced by attachment to this agreement).