TERMS AND CONDITIONS FOR USE OF CUSTOMER PORTAL
THIS IS AN AGREEMENT BETWEEN:
(1) EXTRAORDINARY MANAGED SERVICES LIMITED whose principal place of business is at 6 The Clocktower Estate, Flassches Yard, Edinburgh, EH12 9LB, United Kingdom (registered office: Suite 2, Ground Floor, Orchard Brae House, 30 Queensferry Road, Edinburgh EH4 2HS, United Kingdom). Company registered in Scotland number SC214448) (“Supplier”) and
(2) The person contracting to use the Customer Portal Service (“Client”)
Unless expressly stated otherwise the following definitions shall apply to the terms used in this Agreement:
“Acceptable Use Policy” means the Client may not store Client Data that is in any manner illegal, fraudulent, abusive, malicious, deceptive or libellous;
“Agreement” means these Terms and Conditions;
“Applicable Law” means (a) UK law, European Union law or any laws of a Member State of the European Union in respect of which the parties are subject; and (b) any other applicable law in respect of which the parties and any Data Subject are subject;
“Authorised Representatives” has the meaning given to that term in Clause 4.8;
“Clause” means a clause of these Terms and Conditions;
“Client Data” means any of the Client’s data stored in the Customer Portal Service;
“Confidential Information” means all information passing from one Party to the other Party relating to the business of the disclosing Party, including but not limited to trade secrets, drawings, know-how, techniques, source and object code, business and marketing plans and projections, arrangements and agreements with third parties, customer information and customer information proprietary to customers, formulae, suppliers, concepts not reduced to material form, designs, plans and models but excludes information:
which is in or becomes part of the public domain other than through breach of this Agreement;
which the receiving Party can prove by contemporaneous written documentation was already known to it at the time of disclosure by the disclosing Party or its representatives; or
which the receiving Party acquires from a third party entitled to disclose it;
“Customer Portal Service” means those services provided by the Supplier to the Client under this Agreement as described in Clause 3;
“Data Protection Laws” means (a) to the extent the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom which relates to the protection of personal data including the DPA 2018; or (b) to the extent the EU GDPR applies, the law of the European Union or a member state of the European Union to which the Supplier or Client is subject, which relates to the protection of personal data;
“Downtime” means any period of time during which the Customer Portal Service are unavailable;
“DPA 2018” means the Data Protection Act 2018 (and regulations made thereunder);
“EEA” means the European Economic Area;
“EU GDPR” means the General Data Protection Regulation ((2016/679) as amended);
“Force Majeure” means anything outside the reasonable control of a Party, including but not limited to, acts of God, fire, storm, flood, earthquake, explosion, accident, acts of the public enemy, war, insurrection, sabotage, epidemic, quarantine restriction, labour dispute (whether involving its own workforce of a third party’s), labour shortage, power shortage, transportation embargo, failure or delay in transportation, default of suppliers, subcontractors or any third parties, where Supplier ceases to have access to the Internet for reasons not within its control or any act or omission (including laws, regulations, disapprovals or failures to approve) of any government or government agency;
“ICO” means the UK Information Commissioner’s Office;
“Intellectual Property” means all intellectual property rights relating to or owned by either Party anywhere in the world (including present and future intellectual property rights) including without limitation Confidential Information, business names, domain names, copyright, database rights, patents, trade or service marks, designs, software, software programmes and source code and all variations, modifications or enhancements to each of them together with any application or right to apply for registration of those rights;
“Party” means a party to this Agreement;
“Personnel” means any employees, agents or contractors of either Party;
“Support Ticket” means an electronic notification ticket created in the Customer Portal Service.
“Terms and Conditions” means the main body of this agreement.
“UK GDPR” has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the DPA 2018; and
2.1 In this Agreement, unless the context otherwise requires:
2.1.1 a reference to any document is a reference to that document as varied, novated or replaced from time to time;
2.1.2 the singular includes the plural and vice versa;
2.1.3 a reference to a gender includes all other genders;
2.1.4 any use of the word ‘including’ will not be limited by the words that follow;
2.1.5 a reference to a person or entity includes a natural person, a partnership, a corporation, trust, association, an unincorporated body, authority or other entity; and
2.1.6 a reference to a person includes that person’s legal personal representative, successors and permitted assigns.
2.2 Headings have been inserted for convenience only and shall not affect the interpretation of this Agreement.
3. PROVISION OF CUSTOMER PORTAL SERVICE
3.1 Supplier will provide Customer Portal Service to the Client in accordance with the terms of these Terms and Conditions;
3.2 The Customer Portal Service will be the provision by the Supplier to the Client of an on-line customer portal (“Customer Portal”) for communication between the Supplier and Client with regards to the ordering, provision, support, documentation, administration and billing (where those are applicable) of services that are provided by the Supplier to the Customer under separate contractual agreements (if any).
4. BASIS OF THE CUSTOMER PORTAL SERVICE
4.1 The Client shall in respect of its receipt of the Customer Portal Service and the performance of its obligations hereunder:
4.1.1 comply with the Acceptable Use Policy;
4.1.2 comply with all Applicable Law and regulations; and
4.1.3 provide Supplier with all necessary cooperation in relation to this Agreement including without limit investigation of security breaches, operational problems and suspected breaches of this Agreement.
4.2 The Client is responsible for the use of the Customer Portal Service by any of the Client’s Personnel, any person to who the Client has given access to the Customer Portal Service and any person who gains access to the Client Data or the Customer Portal Service as a result of the Client’s failure to use reasonable security precautions, even if such use was not authorised by the Client.
4.3 Other than as expressly set out herein, to the fullest extent permitted by law the Client accepts the Customer Portal Service to the Client by Supplier “as is” with any faults, or failings and without any representation, warranty or guarantee whatsoever, express or implied, including without limitation any implied warranty of accuracy, completeness, quality, continuity of service, connectivity and fitness for a particular purpose.
4.4 The Client acknowledges that the Customer Portal Service is not designed for or to be used to operate mass transport, energy or utility facilities, healthcare, or other mission critical application where human life or property may be at stake. The Client acknowledges that the Customer Portal Service are not designed for such purposes and that its failure in such cases could lead to death, personal injury, or severe property or environmental damage for which Supplier, to the extent permitted by law, is not responsible.
4.5 The Client acknowledges that there are risks inherent in Customer Portal Service provided over the internet that could result in the loss of Client Data, and the Client shall maintain adequate insurance cover in respect of any loss or damage to data stored on the Customer Portal Service.
4.6 The Client must provide, at its own cost, all telecommunications services, computers and other equipment or services necessary to enable it to have access to Customer Portal Service. The Client will comply with all security access requirements required by the Supplier.
4.7 The Client acknowledges that the nature of the Customer Portal Service may vary or be varied by Supplier from time to time.
4.8 The Client will register on the Supplier’s Customer Portal any persons who are authorised to instruct the Supplier in connection with the any services provided by the Supplier (“Authorised Representatives”). The Client must ensure that the Authorised Representatives are competent and qualified to provide instructions and to deal with the provision of the Customer Portal Service. The Client must procure that only Authorised Representatives are permitted to contact the Supplier and only via the Supplier’s Customer Portal. The Supplier shall not be liable for any instructions not received via the Supplier’s Customer Portal and/or received from any person who is not an Authorised Representative. Where Supplier considers it has received contradictory or inconsistent instructions from Authorised Representatives, Supplier (acting reasonably) may act upon such instructions as it deems fit at its sole discretion or refuse to act (with or without suspending the Customer Portal Service) until such instructions are clarified.
5.1 The Client acknowledges that Customer Portal Service may from time to time be inoperative or only partly operational as a consequence of mechanical breakdown, maintenance, hardware or software upgrades, telecommunication and Internet connectivity problems, interaction with third-party systems (including authentication issues), or other causes.
5.2 Supplier does not warrant that the Customer Portal Service or server will be continuously available 24 hours a day 365 days a year but will use its reasonable endeavours to keep Downtime to a minimum.
5.3 When the Customer Portal Service are disrupted due to circumstances that are within Supplier’s control then Supplier will use its reasonable commercial endeavours to rectify the problem as soon as is reasonably possible.
6. LIMITATION OF LIABILITY
6.1 Supplier gives no condition, warranty or undertaking and makes no representation to the Client about the suitability of, or fitness of Customer Portal Service for the Client’s purposes other than those conditions, warranties, undertakings or representations expressly set out in this Agreement.
6.2 With the exception of any rights which the Client may have under Applicable Law, all warranties, conditions and other terms implied by statute or common law are excluded from this Agreement to the fullest extent permitted by law.
6.3 Nothing in this Agreement excludes or limits the liability of Supplier for
6.3.1 death or personal injury caused by Supplier’s negligence;
6.3.2 breach of section 12 of the Sale of Goods Act 1979 or section 11B of the Supply of Goods and Services Act 1982;
6.3.3 fraudulent misrepresentation; or
6.3.4 any loss or damage which cannot be excluded or limited by law.
6.4 Subject to Clauses 6.2 and 6.3:
6.4.1 Supplier’s total liability in contract, tort or otherwise, arising in connection with the performance or contemplated performance of this Agreement shall be limited in any calendar month to the total value of fees paid (if any) to Supplier by the Client in terms of this Agreement during that calendar month in respect of the Customer Portal Service to which the liability relates;
6.4.2 Supplier shall not be liable to the Client or any third party for any indirect, special or consequential loss or damage, costs, expenses or other claims for consequential compensation whatsoever or howsoever caused which arise out of or in connection with this Agreement, or for loss of profit, loss of business, loss of data, depletion of goodwill or loss occurring in the normal course of business or otherwise;
6.4.3 Supplier shall not be liable for defects resulting from improper use of Customer Portal Service by the Client or by another third party;
6.4.4 Supplier shall not be liable for unauthorised access to Client Data or unauthorised use of the Customer Portal Service unless the unauthorised access or use results from Supplier’s failure to meet its own security obligations.
7. DATA PROTECTION
The terms “Controller”, “Data Subject”, “High Risk”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processing”, and “Supervisory Authority” shall have the same meaning as in the Data Protection Laws. “Client Personal Data” means any Personal Data which may be Processed by the Supplier on behalf of the Client pursuant to or in connection with this Agreement;
7.1 Processing of Client Personal Data.
7.1.1 Client is the Controller and will comply with all obligations applicable to a Controller pursuant to the Data Protection Laws and any other Applicable Law. Supplier shall only process Client Personal Data on the documented instructions of the Client, unless otherwise required by an Applicable Law to which Supplier is subject, in which case Supplier shall inform Client of that legal requirement before such Processing, unless that law prohibits such information on important grounds of public interest.
7.1.2 For the purpose of Clause 7.1.1, the Client instructs Supplier (and authorises Supplier to instruct each Subprocessor) toProcess Client Personal Data as is necessary to provide the Customer Portal Service. Client warrants and represents that it is and will at all relevant times remain duly authorised to give this instruction.
7.1.3 “GDPR Description of Processing of Personal Data” will be names of users, email addresses and telephone numbers. This description is required by Article 28(3) of the Data Protection Laws, and the Client warrants it is an accurate reflection of the Processing activities pursuant to this Agreement.
Supplier will ensure that all employees or contractors of the Supplier who have access to Client Personal Data are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
7.3 Client Personal Data.
7.3.1 The Client warrants that on the date of this Agreement, all Client Personal Data provided to the Supplier has been collected and Processed by the Client in accordance with all Applicable Law and the Client has ensured that there is and there will continue to be a lawful basis for the Supplier to Process such Personal Data.
7.4.1 Client authorises Supplier to appoint (and permit each Subprocessor to appoint) Subprocessors in accordance with this Agreement.
7.4.2 Where a Subprocessor is to be used to store Client Personal Data this will be it will be noted in an amended version of this Agreement.
7.4.3 With respect to each Authorised Subprocessor, Supplier shall: (i) ensure that the arrangement between Supplier and theAuthorised Subprocessor is governed by terms and conditions or a service agreement which offers no less protection for Client Personal Data as those terms set out in this Agreement and (ii) if that arrangement involves the transfer of Personal Data to a country outside of the EEA that has not been determined to ensure an adequate level of protection for Personal Data, at Supplier’s discretion: Supplier will either (a) ensure that an appropriate data transfer safeguard is in place in compliance with Chapter V of the Data Protection Laws, including certification with the privacy shield framework, or (b) where required to ensure compliance with Data Protection Laws, use commercially reasonable endeavours to procure that the Subprocessor enters into standard contractual clauses approved by the ICO or European Commission (as appropriate) directly with the relevant Client.
7.5 Data Subject Rights.
7.5.1 Client shall, in the first instance, comply with requests received from any Data Subjects to exercise their rights pursuant to Chapter III of the GDPR by itself accessing the Client Personal Data.
7.5.2 Subject to section 7.5.1 and taking into account the nature of the Processing, Supplier shall assist Client, at the Client’s cost, to comply with requests to exercise Data Subject rights under the Data Protection Laws by notifying the Client without undue delay if the Supplier receives a formal request directly from a Data Subject to exercise any of its rights under Chapter III of the Data Protection Laws in respect of Client Personal Data.
7.6 Personal Data Breach.
7.6.1 Supplier shall notify the Client without undue delay upon Supplier becoming aware of a Personal Data Breach affecting Client Personal Data, providing Client with information (as and when available) to assist the Client to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
7.6.2 Supplier shall, at the Client’s cost, co-operate with the Client and take such reasonable commercial steps as are reasonably instructed by the Client to assist in the investigation of each such Personal Data Breach.
7.7 High Risk Processing of Personal Data
The Customer Portal Service are not to be used for high risk Processing of Personal Data.
7.8 Deletion of Client Personal Data upon Termination.
Client shall delete all Client Personal Data held by Supplier upon termination of this Agreement. The Supplier may retain Client Personal Data to the extent required by Applicable Law (and for clarity, it is acknowledged that Supplier may retain all data with regards to the ordering, provision, support, documentation, administration and billing of any of Supplier’s services that are held in the Customer Portal Service).
7.9 Audit Rights
7.9.1 Supplier shall make available to Client on reasonable request a copy of the Supplier’s ISO 27001 certification; which the Client shall use to satisfy itself that the Customer Portal Service meets compliance with Article 28(3) of the Data Protection Laws.
7.9.2 Where a regulator requires the Client to inspect the Supplier, Supplier shall, at the Client’s costs, allow for audits by an auditor mandated by Client (subject to section 7.9.3 and to such auditor being subject to written confidentiality obligations in relation to such information), provided that: (i) Client shall give Supplier reasonable notice of any audit or inspection to be conducted; (ii) Client shall take reasonable steps to ensure (and shall procure that each of its mandated auditors) it minimises the disruption to the Supplier’ business in the course of such an audit and such audit shall be conducted during normal working hours;
7.9.3 Supplier may object in writing to an auditor mandated by the Client if the auditor is, in Supplier’s reasonable opinion, not suitably qualified or independent, a competitor of Supplier, or otherwise unsuitable. In the event of such an objection, the Client shall appoint another auditor or conduct the audit itself.
8.1 This Agreement will commence upon acceptance by the Client and will continue, unless terminated in accordance with its terms.
9. OWNERSHIP & SOFTWARE LICENSING
9.1 The Parties acknowledge that this Agreement does not have the effect of transferring the ownership of any Intellectual Property.
9.2 Any Intellectual Property owned or licensed by either Party, and required for the performance by the other Party of its obligations under this Agreement shall be licensed to that other Party on a non-exclusive, royalty-free, non-transferable basis for the sole purpose of fulfilling that Party’s obligations under this Agreement and for the period during which the use of that Intellectual Property by that Party pursuant to this Agreement is required.
9.3 The Client shall fully indemnify Supplier against all losses, costs, claims, demands, expenses and liabilities of any nature arising from or relating to any action or claim that the Client Data infringe any Intellectual Property Rights of any third party.
10. SUB-CONTRACTING, ASSIGNMENT AND NOVATION
10.1 Supplier may in its absolute discretion assign or novate any of its rights and obligations under this Agreement.
10.2 The Client acknowledges that Supplier may use services, equipment or software of third parties in the delivery of the Customer Portal Service.
10.3 The Client may not assign or novate any of its rights or obligations under this Agreement without the prior written consent of Supplier.
10.4 The Client may sub contract any of its obligations under this agreement to competent and appropriately qualified third parties. The Client will be responsible for any acts, or failures to act, of its subcontractors as if they were the Client’s acts or failures to act. The Client will procure that none of its sub contractors will bring any claims under or in relation to this Agreement against Supplier, and the Client will indemnify Supplier in respect of any losses, costs, liabilities or expenses (including the cost of any settlement) incurred by the Supplier in the event of a sub contractor bringing a claim against Supplier.
11.1 Each Party warrants that:
11.1.1 it has authority to enter and to perform its obligations under this Agreement; and
11.1.2 it has the ability to perform its obligations under this Agreement.
11.2 The Client warrants that:
11.2.1 the use by Supplier of any Client Data submitted by the Client to Supplier under this Agreement will not infringe the rights of any person or contravene any law;
11.2.2 at the time of entering into this Agreement it is not relying on any representation made by Supplier which has not been expressly set out in this Agreement.
12.1 The Client indemnifies and undertakes to keep indemnified Supplier against any losses, costs, liabilities or expenses (including the cost of any settlement) arising out of any claim, action, proceeding or demand that may be brought, made or prosecuted against Supplier by any person arising out of or as a consequence of an unlawful or negligent act or omission of Client in any way connected with this Agreement whether arising from any failure by the Client to comply with the terms of this Agreement or otherwise.
12.2 The indemnity extends to and includes all costs, damages and expenses reasonably incurred by Supplier in defending any such action, proceeding, claim or demands.
13.1 Supplier may suspend the Customer Portal Service without liability if:
13.1.1 Supplier reasonably believes that the Customer Portal Service are being used in breach of this Agreement;
13.1.2 the Client fails to cooperate with Supplier in accordance with Clause 4.1.3;
13.1.3 there is a Force Majeure event;
13.1.4 Supplier reasonably believes that the continued provision of the Customer Portal Service would be in breach of legislative or regulatory requirements;
13.2 Supplier shall notify the Client within twenty four (24) hour of such suspension, or as soon as reasonably practical.
14.1 Supplier may terminate this Agreement in whole or in part by notice to the Client in writing.
14.2 Notwithstanding that Supplier terminates this Agreement, this shall be without prejudice to the accrued rights and remedies of the parties prior to termination of this Agreement and any rights or remedies under this Agreement shall remain in force.
15. CONFIDENTIAL INFORMATION
15.1 Each Party may use the Confidential Information of a disclosing Party only for the purposes of this Agreement and must keep confidential all Confidential Information of each disclosing Party except to the extent (if any) the recipient of any Confidential Information is required by law to disclose the Confidential Information.
15.2 The parties’ obligations to keep information confidential will survive the termination of this Agreement.
15.3 The obligations of confidentiality under this Agreement do not extend to information that:
15.3.1 was rightfully in the possession of the receiving Party before any negotiations leading to this Agreement;
15.3.2 is, or after the day this Agreement is signed, becomes public knowledge (otherwise than as a result of a breach of this Agreement); or
15.3.3 is required by law to be disclosed.
16. FORCE MAJEURE
16.1 If a Party is wholly or partially precluded from complying with its obligations under this Agreement by Force Majeure, then that Party’s obligation to perform in accordance with this Agreement will be suspended for the duration of the Force Majeure.
16.2 As soon as practicable after an event of Force Majeure arises, the Party affected by Force Majeure must notify the other Party of the extent to which the notifying Party is unable to perform its obligations under this Agreement.
17.1 With the exception of a notice of termination of this Agreement by the Supplier, any notices given by either party must be via a Support Ticket in the Supplier’s Customer Portal.
17.2 The Client shall be responsible for ensuring that their contact details on the Supplier’s Customer Portal are up to date and that any submission by the Client to the Customer Portal is properly validated.
18. DISPUTE RESOLUTION
18.1 The parties will take all reasonable steps to negotiate in good faith and settle any dispute that may arise out of or relate to these Terms and Conditions, or any breach thereof. Prior to the commencement of any formal dispute resolution procedure any dispute shall be referred to the Managing Directors (or equivalent) of both parties for discussion and resolution within fourteen (14) working days
18.2 If the dispute or difference is not resolved as a result of such meetings then either Party may refer the dispute to the Expert (as defined in Clause 19.3 below) for determination provided always that no dispute as to the ownership of intellectual property rights may be referred to the Expert and neither Party shall be prevented from seeking injunctive relief in order to protect its intellectual property rights.
18.3 The Expert shall be such person as the parties may by mutual agreement appoint in such capacity or failing such agreement, such person as may be appointed (on the application of either of the parties) by the senior office bearer for the time being of the British Computer Society.
18.4 The decision of the Expert shall in all cases (in the absence of manifest or clerical error) be final and binding on the parties. The Expert shall act as expert and not as arbitrator.
18.5 The costs of the application to the Expert shall be borne by the parties as determined by the Expert.
18.6 Nothing in this Clause 18 shall restrict or prevent either Party from:
18.6.1 applying to the courts for an interim or injunctive or protective remedy pending resolution of any dispute; or
18.6.2 bringing proceedings to recover a debt in any country where the defender has assets.
The Client warrants and undertakes not to possess, use, import, export or resell (and shall not permit the possession, use, importation, exportation or resale of) the Customer Portal Service or any information provided by Supplier to the Client under this Agreement which would cause Supplier to breach any applicable export control laws, rules, or regulations of any jurisdiction (including without limitation those under UK law). Without limitation, the Client warrants and undertakes that it will not use the Customer Portal Service for the development, design, manufacture, production, stockpiling, or use of nuclear, chemical or biological weapons, weapons of mass destruction, or missiles; illegal gambling, terrorism, narcotics, trafficking, or arms trafficking; nor will you provide administrative access to or permit use of the Customer Portal Service by any persons (including any natural person, government or private entity or other form of body corporate) that is located in or is a national of any country that is embargoed or highly restricted under United Kingdom export laws, rules or regulations.
20. THIRD PARTY RIGHTS
Unless the right of enforcement is expressly granted, a person who is not party to this Agreement shall have no right under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Agreement.
21. SEVERABILITY AND WAIVER OF REMEDIES
21.1 If any Clause (or part of a Clause) of this Agreement should be found not to be valid, lawful or enforceable by a court having proper authority or if the law changes so that it becomes invalid, unlawful or unenforceable to any extent the Clause (or part affected) will be treated as having been deleted from the remaining terms of this Agreement which will continue to be valid. In addition, the parties will use reasonable efforts to replace the deleted Clause (or part) with a valid replacement provision which is as close as possible to the one that has been deleted.
21.2 If either Party delays or fails to exercise its rights under this Agreement it does not prevent that Party from exercising those rights at any time afterwards. In addition, if a Party waives its right on one occasion this does not mean that the Party has lost (or waived) these rights on a later occasion.
21.3 Supplier’s express rights and remedies under this Agreement are in addition to and are not exclusive of any other right or remedy available to Supplier at law.
The Supplier may make variations to the terms of this Agreement from time to time by publishing updated terms on its public website.
23. NO JOINT VENTURE OR PARTNERSHIP
This Agreement does not create a partnership or joint venture between the parties to it and except as expressly provided in this Agreement neither Party will enter into or have authority to enter into any engagement or make any representations or warranties on the other Party’s behalf, nor will they seek to otherwise bind or oblige the other Party in any way.
24. ENTIRE AGREEMENT
This Agreement constitutes the entire agreement between the parties with respect to the subject matter of this Agreement. This Agreement supersedes and extinguishes all previous drafts, agreements, arrangements and understandings between them, whether oral or written. The Client acknowledges that is has not relied on any statement, promise or representation made or given by or on behalf of Supplier which is not set out in this Agreement. Nothing in this Clause 24 operates to exclude any liability for fraud.
25. JURISDICTION AND GOVERNING LAW
The parties agree that this Agreement shall be subject to the Law of England and to the exclusive jurisdiction of the English Courts.