Terms and Conditions
Please read these Terms and Conditions carefully. All contracts that the Provider may enter into from time to time for the provision of the Hosted Services and related services shall be governed by these Terms and Conditions
1.1 In these Terms and Conditions, except to the extent expressly provided otherwise:
"Access Credentials" means the usernames, passwords and other credentials enabling access to the Hosted Services, including both access credentials for the User Interface and access credentials for the API;
"Agreement" means a contract between the parties incorporating these Terms and Conditions, and any amendments to that contract from time to time;
"API" means the application programming interface for the Hosted Services defined by the Provider and made available by the Provider to the Client;
"Application" means the website, iOS and/or Android ordering applications which are provided by Order Tiger on behalf of the Branded Company whose branding is being displayed and that is made available by the Provider through the Google Play Store and the Apple App Store;
"Branded Company" means the Application provided by Order Tiger on behalf of the Branded Company;
"Business Day" means any weekday other than a bank or public holiday in England;
"Business Hours" means the hours of 09:00 to 17:00 [GMT/BST] on a Business Day;
"Charges" means the following amounts:
(a) the amounts specified in Section 3 of the Services Order Form;
(b) such amounts as may be agreed in writing by the parties from time to time; and
(c) amounts calculated by multiplying the Provider's standard time-based charging rates (as notified by the Provider to the Client before the date of the Agreement) by the time spent by the Provider's personnel performing the Support Services (rounded down by the Provider to the nearest quarter hour);
"Client" means the person or entity identified as such in Section 1 of the Services Order Form;
"Client Confidential Information" means:
(a) any information disclosed by or on behalf of the Client to the Provider at any time before the termination of the Agreement (whether disclosed in writing, orally or otherwise) that at the time of disclosure:
(i) was marked as "confidential"; or
(ii) should have been reasonably understood by the Provider to be confidential; and
(b) the Client Data;
"Client Data" means all data, works and materials: uploaded to or stored on the Platform by the Client; transmitted by the Platform at the instigation of the Client; supplied by the Client to the Provider for uploading to, transmission by or storage on the Platform; or generated by the Platform as a result of the use of the Hosted Services by the Client (but excluding analytics data relating to the use of the Platform and server log files);
"Client Personal Data" means any Personal Data that is processed by the Provider on behalf of the Client in relation to the Agreement;
"Data Protection Laws" means the EU GDPR and the UK GDPR and all other applicable laws relating to the processing of Personal Data;
"Documentation" means the documentation for the Hosted Services produced by the Provider and delivered or made available by the Provider to the Client;
"Effective Date" means the date upon which the parties execute a hard-copy Services Order Form; or, following the Client completing and submitting the online Services Order Form published by the Provider on the Provider's website or PandaDoc, the date upon which the Provider sends to the Client an order confirmation;
"EU GDPR" means the General Data Protection Regulation (Regulation (EU) 2016/679) and all other EU laws regulating the processing of Personal Data, as such laws may be updated, amended and superseded from time to time;
"Force Majeure Event" means an event, or a series of related events, that is outside the reasonable control of the party affected (including failures of the internet or any public telecommunications network, hacker attacks, denial of service attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, epidemics, pandemics, explosions, fires, floods, riots, terrorist attacks and wars;
"Hosted Services" means Order Tiger, as specified in the Hosted Services Specification, which will be made available by the Provider to the Client as a service via the internet in accordance with these Terms and Conditions;
"Hosted Services Defect" means a defect, error or bug in the Platform having an adverse effect on the appearance, operation, functionality or performance of the Hosted Services, but excluding any defect, error or bug caused by or arising as a result of:
(a) any act or omission of the Client or any person authorised by the Client to use the Platform or Hosted Services;
(b) any use of the Platform or Hosted Services contrary to the Documentation, whether by the Client or by any person authorised by the Client;
(c) a failure of the Client to perform or observe any of its obligations in the Agreement; and/or
(d) an incompatibility between the Platform or Hosted Services and any other system, network, application, program, hardware or software not specified as compatible in the Hosted Services Specification;
"Hosted Services Specification" means the specification for the Platform and Hosted Services set out in Section 2 of the Services Order Form and in the Documentation;
"Intellectual Property Rights" means all intellectual property rights wherever in the world, whether registrable or un-registrable, registered or unregistered, including any application or right of application for such rights (and these "intellectual property rights" include copyright and related rights, database rights, confidential information, trade secrets, know-how, business names, trade names, trade marks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semi-conductor topography rights and rights in designs);
"Personal Data" means personal data under any of the Data Protection Laws;
"Platform" means the platform managed by the Provider and used by the Provider to provide the Hosted Services, including the application and database software for the Hosted Services, the system and server software used to provide the Hosted Services, and the computer hardware on which that application, database, system and server software is installed;
"Provider" means Order Tiger Limited, a company incorporated in England and Wales (registration number 10186001) having its registered office at 691 High Road, N12 0DA, London, United Kingdom;
"Services" means any services that the Provider provides to the Client, or has an obligation to provide to the Client, under these Terms and Conditions;
"Services Order Form" means an online order form published by the Provider and completed and submitted by the Client, or a hard-copy order form signed or otherwise agreed by or on behalf of each party, in each case incorporating these Terms and Conditions by reference;
"Support Services" means support in relation to the use of, and the identification and resolution of errors in, the Hosted Services, but shall not include the provision of training services;
"Supported Web Browser" means the current release from time to time of Microsoft Edge, Mozilla Firefox, Google Chrome or Apple Safari, or any other web browser that the Provider agrees in writing shall be supported;
"Term" means the term of the Agreement, commencing in accordance with Clause 2.1 and ending in accordance with Clause 2.2;
"Terms and Conditions" means all the documentation containing the provisions of the Agreement, namely the Services Order Form, the main body of these Terms and Conditions and the Schedules, including any amendments to that documentation from time to time;
"UK GDPR" means the EU GDPR as transposed into UK law (including by the Data Protection Act 2018 and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019) and all other UK laws regulating the processing of Personal Data, as such laws may be updated, amended and superseded from time to time; and
"User Interface" means the interface for the Hosted Services designed to allow the Client to access and use the Hosted Services.
2.1 The Agreement shall come into force upon the Effective Date.
2.2 The Agreement shall continue in force indefinitely, subject to termination in accordance with Clause 17 or any other provision of these Terms and Conditions.
2.3 Unless the parties expressly agree otherwise in writing, each Services Order Form shall create a distinct contract under these Terms and Conditions.
3. Hosted Services
3.1 The Provider shall provide, or shall ensure that the Platform will provide, to the Client within the 30 days of the Effective Date the Access Credentials necessary to enable the Client to access and use the Hosted Services.
3.2 The Provider hereby grants to the Client a non-exclusive licence to use the Hosted Services by means of the Application, User Interface and the API for the internal business purposes of the Client in accordance with the Documentation during the Term.
3.3 The licence granted by the Provider to the Client under Clause 3.2 is subject to the following limitations:
(a) the User Interface may only be used through a Supported Web Browser or the mobile app;
(b) the User Interface may only be used by the officers, employees, agents and subcontractors of the Client;
(c) the API may only be used by an User Interface, Application or Applications approved by the Provider in writing and controlled by the Client.
3.4 Except to the extent expressly permitted in these Terms and Conditions or required by law on a non-excludable basis, the licence granted by the Provider to the Client under Clause 3.2 is subject to the following prohibitions:
(a) the Client must not sub-license its right to access and use the Hosted Services;
(b) the Client must not permit any unauthorised person or application to access or use the Hosted Services;
(c) the Client must not use the Hosted Services to provide services to third parties;
(d) the Client must not republish or redistribute any content or material from the Hosted Services;
(e) the Client must not make any alteration to the Platform, except as permitted by the Documentation; and
(f) the Client must not conduct or request that any other person conduct any load testing or penetration testing on the Platform or Hosted Services without the prior written consent of the Provider.
3.5 The Client shall implement and maintain reasonable security measures relating to the Access Credentials to ensure that no unauthorised person or application may gain access to the Hosted Services by means of the Access Credentials.
3.6 The Provider shall use reasonable endeavours to maintain the availability of the Hosted Services to the Client at the gateway between the public internet and the network of the hosting services provider for the Hosted Services, but does not guarantee 100% availability.
3.7 For the avoidance of doubt, downtime caused directly or indirectly by any of the following shall not be considered a breach of the Agreement:
(a) a Force Majeure Event;
(b) a fault or failure of the internet or any public telecommunications network;
(c) a fault or failure of the Client's computer systems or networks;
(d) any breach by the Client of the Agreement; or
(e) scheduled maintenance carried out in accordance with the Agreement.
3.8 The Client must comply with Schedule 1 (Acceptable Use Policy), and must ensure that all persons using the Hosted Services with the authority of the Client or by means of the Access Credentials comply with Schedule 1 (Acceptable Use Policy).
3.9 The Client must not use the Hosted Services in any way that causes, or may cause, damage to the Hosted Services or Platform or impairment of the availability or accessibility of the Hosted Services.
3.10 The Client must not use the Hosted Services in any way that uses excessive Platform resources and as a result is liable to cause a material degradation in the services provided by the Provider to its other clients using the Platform; and the Client acknowledges that the Provider may use reasonable technical measures to limit the use of Platform resources by the Client for the purpose of assuring services to its clients generally.
3.11 The Client must not use the Hosted Services:
(a) in any way that is unlawful, illegal, fraudulent or harmful; or
(b) in connection with any unlawful, illegal, fraudulent or harmful purpose or activity.
3.12 For the avoidance of doubt, the Client has no right to access the software code (including object code, intermediate code and source code) of the Platform, either during or after the Term.
3.13 The Provider may suspend the provision of the Hosted Services if any amount due to be paid by the Client to the Provider under the Agreement is overdue, and the Provider has given to the Client at least 30 days' written notice, following the amount becoming overdue, of its intention to suspend the Hosted Services on this basis.
4. Scheduled maintenance
4.1 The Provider may from time to time suspend the Hosted Services for the purposes of scheduled maintenance to the Platform.
4.2 The Provider shall where practicable give to the Client at least 3 Business Days prior written notice of scheduled maintenance that will, or is likely to, affect the availability of the Hosted Services or have a material negative impact upon the Hosted Services.
4.3 The Provider shall ensure that all scheduled maintenance is carried out outside Business Hours.
- Support Services
5.1 The Provider shall provide the Support Services to the Client during the Term.
5.2 The Provider shall make available to the Client a helpdesk.
5.3 The Provider shall provide the Support Services with reasonable skill and care.
5.4 The Client may use the helpdesk for the purposes of requesting and, where applicable, receiving the Support Services; and the Client must not use the helpdesk for any other purpose.
5.5 The Provider shall respond promptly to all requests for Support Services made by the Client through the helpdesk.
5.6 The Provider may suspend the provision of the Support Services if any amount due to be paid by the Client to the Provider under the Agreement is overdue, and the Provider has given to the Client at least 30 days' written notice, following the amount becoming overdue, of its intention to suspend the Support Services on this basis.
6. Client Data
6.1 The Client hereby grants to the Provider a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Client Data to the extent reasonably required for the performance of the Provider's obligations and the exercise of the Provider's rights under the Agreement. The Client also grants to the Provider the right to sub-license these rights to its hosting, connectivity and telecommunications service providers, subject to any express restrictions elsewhere in the Agreement.
6.2 The Client warrants to the Provider that the the Client Data when used by the Provider in accordance with the Agreement will not infringe the Intellectual Property Rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.
6.3 The Provider shall create a back-up copy of the Client Data at least daily, shall ensure that each such copy is sufficient to enable the Provider to restore the Hosted Services to the state they were in at the time the back-up was taken, and shall retain and securely store each such copy for a minimum period of 30 days.
6.4 Within the period of 1 Business Day following receipt of a written request from the Client, the Provider shall use all reasonable endeavours to restore to the Platform the Client Data stored in any back-up copy created and stored by the Provider in accordance with Clause 6.3. The Client acknowledges that this process will overwrite the Client Data stored on the Platform prior to the restoration.
7.1 The parties acknowledge and agree that the use of the Application, the parties' respective rights and obligations in relation to the Application and any liabilities of either party arising out of the use of the Application shall be subject to separate terms and conditions, and accordingly these Terms and Conditions shall not govern any such use, rights, obligations or liabilities.
8. No assignment of Intellectual Property Rights
8.1 Nothing in these Terms and Conditions shall operate to assign or transfer any Intellectual Property Rights from the Provider to the Client, or from the Client to the Provider.
9.1 The Client shall pay the Charges to the Provider in accordance with these Terms and Conditions.
9.2 If the Charges are based in whole or part upon the time spent by the Provider performing the Services, the Provider must obtain the Client's written consent before performing Services that result in any estimate of time-based Charges given to the Client being exceeded or any budget for time-based Charges agreed by the parties being exceeded; and unless the Client agrees otherwise in writing, the Client shall not be liable to pay to the Provider any Charges in respect of Services performed in breach of this Clause 9.2.
9.3 All amounts stated in or in relation to these Terms and Conditions are, unless the context requires otherwise, stated exclusive of any applicable value added taxes, which will be added to those amounts and payable by the Client to the Provider.
9.4 The Provider may elect to vary any element of the Charges by giving to the Client not less than 30 days' written notice of the variation expiring on, providing that no such variation shall constitute a percentage increase in [the relevant element of the Charges that exceeds 2% over the percentage increase, since the date of the most recent variation of the relevant element of the Charges under this Clause 9.4, in the Retail Prices Index (all items) published by the UK Office for National Statistics.
10.1 The Provider shall issue invoices for the Charges to the Client in advance of the period to which they relate
10.2 The Client must pay the Charges to the Provider within the period of 30 days following the issue of an invoice in accordance with this Clause 10.
10.3 The Client must pay the Charges by debit card, credit card, direct debit or bank transfer (using such payment details as are notified by the Provider to the Client from time to time).
10.4 If the Client does not pay any amount properly due to the Provider under these Terms and Conditions, the Provider may:
claim statutory compensation from the Client pursuant to the Late Payment of Commercial Debts (Interest) Act 1998.
11. Provider's confidentiality obligations
11.1 The Provider must:
(a) keep the Client Confidential Information strictly confidential;
(b) not disclose the Client Confidential Information to any person without the Client's prior written consent, and then only under conditions of confidentiality approved in writing by the Client;
(c) use the same degree of care to protect the confidentiality of the Client Confidential Information as the Provider uses to protect the Provider's own confidential information of a similar nature, being at least a reasonable degree of care;
(d) act in good faith at all times in relation to the Client Confidential Information;
11.2 Notwithstanding Clause 11.1, the Provider may disclose the Client Confidential Information to the Provider's officers, employees, professional advisers, insurers, agents and subcontractors] who have a need to access the Client Confidential Information for the performance of their work with respect to the Agreement and who are bound by a written agreement or professional obligation to protect the confidentiality of the Client Confidential Information.
11.3 This Clause 11 imposes no obligations upon the Provider with respect to Client Confidential Information that:
(a) is known to the Provider before disclosure under these Terms and Conditions and is not subject to any other obligation of confidentiality;
(b) is or becomes publicly known through no act or default of the Provider; or
(c) is obtained by the Provider from a third party in circumstances where the Provider has no reason to believe that there has been a breach of an obligation of confidentiality.
11.4 The restrictions in this Clause 11 do not apply to the extent that any Client Confidential Information is required to be disclosed by any law or regulation, by any judicial or governmental order or request, or pursuant to disclosure requirements relating to the listing of the stock of the Provider on any recognised stock exchange.
11.5 The provisions of this Clause 11 shall continue in force indefinitely for a period of 5 years following the termination of the Agreement, at the end of which period they will cease to have effect.
12. Data protection
12.1 Each party shall comply with the Data Protection Laws with respect to the processing of the Client Personal Data.
12.2 The Client warrants to the Provider that it has the legal right to disclose all Personal Data that it does in fact disclose to the Provider under or in connection with the Agreement.
12.3 The Client shall only supply to the Provider, and the Provider shall only process, in each case under or in relation to the Agreement:
(a) the Personal Data of data subjects falling within the categories specified in Section 1 of Schedule 2 (Data processing information)(or such other categories as may be agreed by the parties in writing); and
(b) Personal Data of the types specified in Section 2 of Schedule 2 (Data processing information) (or such other types as may be agreed by the parties in writing).
12.4 The Provider shall only process the Client Personal Data for the purposes specified in Section 3 of Schedule 2 (Data processing information).
12.5 The Provider shall only process the Client Personal Data during the Term and for not more than 30 days following the end of the Term, subject to the other provisions of this Clause 12.
12.6 The Provider shall only process the Client Personal Data on the documented instructions of the Client (including with regard to transfers of the Client Personal Data to a third country under the Data Protection Laws), as set out in these Terms and Conditions or any other document agreed by the parties in writing.
12.7 The Client hereby authorises the Provider to make the following transfers of Client Personal Data:
(a) the Provider may transfer the Client Personal Data internally to its own employees, offices and facilities in jurisdiction(s), providing that such transfers must be protected by appropriate safeguards;
(b) the Provider may transfer the Client Personal Data to its third party processors in the jurisdictions identified in Section 5 of Schedule 2 (Data processing information) and may permit its third party processors to make such transfers, providing that such transfers must be protected by any appropriate safeguards identified therein; and
(c) the Provider may transfer the Client Personal Data to a country, a territory or sector to the extent that the competent data protection authorities have decided that the country, territory or sector ensures an adequate level of protection for Personal Data.
12.8 The Provider shall promptly inform the Client if, in the opinion of the Provider, an instruction of the Client relating to the processing of the Client Personal Data infringes the Data Protection Laws.
12.9 Notwithstanding any other provision of the Agreement, the Provider may process the Client Personal Data if and to the extent that the Provider is required to do so by applicable law. In such a case, the Provider shall inform the Client of the legal requirement before processing, unless that law prohibits such information on important grounds of public interest.
12.10 The Provider shall ensure that persons authorised to process the Client Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
12.11 The Provider and the Client shall each implement appropriate technical and organisational measures to ensure an appropriate level of security for the Client Personal Data, including those measures specified in Section 4 of Schedule 2 (Data processing information).
12.12 The Provider must not engage any third party to process the Client Personal Data without the prior specific or general written authorisation of the Client. In the case of a general written authorisation, the Provider shall inform the Client at least 14 days in advance of any intended changes concerning the addition or replacement of any third party processor, and if the Client objects to any such changes before their implementation, then the Provider must not implement the changes. The Provider shall ensure that each third party processor is subject to the same legal obligations as those imposed on the Provider by this Clause 12.
12.13 As at the Effective Date, the Provider is hereby authorised by the Client to engage, as sub-processors with respect to Client Personal Data, the third parties identified in Section 5 of Schedule 2 (Data processing information).
12.14 The Provider shall, insofar as possible and taking into account the nature of the processing, take appropriate technical and organisational measures to assist the Client with the fulfilment of the Client's obligation to respond to requests exercising a data subject's rights under the Data Protection Laws.
12.15 The Provider shall assist the Client in ensuring compliance with the obligations relating to the security of processing of personal data, the notification of personal data breaches to the supervisory authority, the communication of personal data breaches to the data subject, data protection impact assessments and prior consultation in relation to high-risk processing under the Data Protection Laws. The Provider may charge the Client [at its standard time-based charging rates] for any work performed by the Provider at the request of the Client pursuant to this Clause 12.15.
12.16 The Provider must notify the Client of any Personal Data breach affecting the Client Personal Data without undue delay and, in any case, not later than 72 hours after the Provider becomes aware of the breach.
12.17 The Provider shall make available to the Client all information necessary to demonstrate the compliance of the Provider with its obligations under this Clause 12 and the Data Protection Laws. The Provider may charge the Client at its standard time-based charging rates for any work performed by the Provider at the request of the Client pursuant to this Clause 12.17, providing that no such charges shall be levied with respect to the completion by the Provider (at the reasonable request of the Client, not more than once per calendar year) of the standard information security questionnaire of the Client.
12.18 The Provider shall allow for and contribute to audits, including inspections, conducted by the Client or another auditor mandated by the Client in respect of the compliance of the Provider's processing of Client Personal Data with the Data Protection Laws and this Clause 12. The Provider may charge the Client at its standard time-based charging rates for any work performed by the Provider at the request of the Client pursuant to this Clause 12.18, providing that no such charges shall be levied where the request to perform the work arises out of any breach by the Provider of the Agreement or any security breach affecting the systems of the Provider.
12.19If any changes or prospective changes to the Data Protection Laws result or will result in one or both parties not complying with the Data Protection Laws in relation to processing of Personal Data carried out under the Agreement, then the parties shall use their best endeavours promptly to agree such variations to the Agreement as may be necessary to remedy such non-compliance.
13.1 The Provider warrants to the Client that:
(a) the Provider has the legal right and authority to enter into the Agreement and to perform its obligations under these Terms and Conditions;
(b) the Provider will comply with all applicable legal and regulatory requirements applying to the exercise of the Provider's rights and the fulfilment of the Provider's obligations under these Terms and Conditions; and
(c) the Provider has or has access to all necessary know-how, expertise and experience to perform its obligations under these Terms and Conditions.
13.2 The Provider warrants to the Client that:
(a) the Platform and Hosted Services will conform in all respects with the Hosted Services Specification;
(b) the Hosted Services will be free from Hosted Services Defects;
(c) the Platform will be free from viruses, worms, Trojan horses, ransomware, spyware, adware and other malicious software programs; and
(d) the Platform will incorporate security features reflecting the requirements of good industry practice.
13.3 The Provider warrants to the Client that the Hosted Services, when used by the Client in accordance with these Terms and Conditions, will not breach any laws, statutes or regulations applicable under English law.
13.4 The Provider warrants to the Client that the Hosted Services, when used by the Client in accordance with these Terms and Conditions, will not infringe the Intellectual Property Rights of any person in any jurisdiction and under any applicable law.
13.5 If the Provider reasonably determines, or any third party alleges, that the use of the Hosted Services by the Client in accordance with these Terms and Conditions infringes any person's Intellectual Property Rights, the Provider may at its own cost and expense:
(a) modify the Hosted Services in such a way that they no longer infringe the relevant Intellectual Property Rights; or
(b) procure for the Client the right to use the Hosted Services in accordance with these Terms and Conditions.
13.6 The Client warrants to the Provider that it has the legal right and authority to enter into the Agreement and to perform its obligations under these Terms and Conditions.
13.7 All of the parties' warranties and representations in respect of the subject matter of the Agreement are expressly set out in these Terms and Conditions. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of the Agreement will be implied into the Agreement or any related contract.
14. Acknowledgements and warranty limitations
14.1 The Client acknowledges that complex software is never wholly free from defects, errors and bugs; and subject to the other provisions of these Terms and Conditions, the Provider gives no warranty or representation that the Hosted Services will be wholly free from defects, errors and bugs.
14.2 The Client acknowledges that complex software is never entirely free from security vulnerabilities; and subject to the other provisions of these Terms and Conditions, the Provider gives no warranty or representation that the Hosted Services will be entirely secure.
14.3 The Client acknowledges that the Hosted Services are designed to be compatible only with that software and those systems specified as compatible in the Hosted Services Specification; and the Provider does not warrant or represent that the Hosted Services will be compatible with any other software or systems.
14.4 The Client acknowledges that the Provider will not provide any legal, financial, accountancy or taxation advice under these Terms and Conditions or in relation to the Hosted Services; and, except to the extent expressly provided otherwise in these Terms and Conditions, the Provider does not warrant or represent that the Hosted Services or the use of the Hosted Services by the Client will not give rise to any legal liability on the part of the Client or any other person.
15. Limitations and exclusions of liability
15.1 Nothing in these Terms and Conditions will:
(a) limit or exclude any liability for death or personal injury resulting from negligence;
(b) limit or exclude any liability for fraud or fraudulent misrepresentation;
(c) limit any liabilities in any way that is not permitted under applicable law; or
(d) exclude any liabilities that may not be excluded under applicable law.
15.2 The limitations and exclusions of liability set out in this Clause 15 and elsewhere in these Terms and Conditions:
(a) are subject to Clause 15.1; and
(b) govern all liabilities arising under these Terms and Conditions or relating to the subject matter of these Terms and Conditions, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in these Terms and Conditions.
15.3 Neither party shall be liable to the other party in respect of any losses arising out of a Force Majeure Event.
15.4 Neither party shall be liable to the other party in respect of any loss of profits or anticipated savings.
15.5 Neither party shall be liable to the other party in respect of any loss of revenue or income.
15.6 Neither party shall be liable to the other party in respect of any loss of use or production.
15.7 Neither party shall be liable to the other party in respect of any loss or corruption of any data, database or software; providing that this Clause 15.7 shall not protect the Provider unless the Provider has fully complied with its obligations under Clause 6.3 and Clause 6.4.
15.9 Neither party shall be liable to the other party in respect of any special, indirect or consequential loss or damage.
15.10 The liability of the Provider to the Client under the Agreement in respect of any event or series of related events shall not exceed the greater of:
(a) £1000; and
(b) the total amount paid and payable by the Client to the Provider under the Agreement in the 12 month period preceding the commencement of the event or events.
15.11 The aggregate liability of the Provider to the Client under the Agreement shall not exceed the greater of:
(a) £1000; and
(b) the total amount paid and payable by the Client to the Provider under the Agreement.
16. Force Majeure Event
16.1 If a Force Majeure Event gives rise to a failure or delay in either party performing any obligation under the Agreement, that obligation will be suspended for the duration of the Force Majeure Event.
16.2 A party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that party performing any obligation under the Agreement, must:
(a) promptly notify the other; and
(b) inform the other of the period for which it is estimated that such failure or delay will continue.
16.3 A party whose performance of its obligations under the Agreement is affected by a Force Majeure Event must take reasonable steps to mitigate the effects of the Force Majeure Event.
17.1 Either party may terminate the Agreement by giving to the other party at least 30 days' written notice of termination.
17.2 Either party may terminate the Agreement immediately by giving written notice of termination to the other party if the other party commits a material breach of these Terms and Conditions.
17.3 Subject to applicable law, either party may terminate the Agreement immediately by giving written notice of termination to the other party if:
(a) the other party:
(i) is dissolved;
(ii) ceases to conduct all (or substantially all) of its business;
(iii) is or becomes unable to pay its debts as they fall due;
(iv) is or becomes insolvent or is declared insolvent; or
(v) convenes a meeting or makes or proposes to make any arrangement or composition with its creditors;
(b) an administrator, administrative receiver, liquidator, receiver, trustee, manager or similar is appointed over any of the assets of the other party;
(c) an order is made for the winding up of the other party, or the other party passes a resolution for its winding up (other than for the purpose of a solvent company reorganisation where the resulting entity will assume all the obligations of the other party under the Agreement); or
(d) if that other party is an individual:
(i) that other party dies;
(ii) as a result of illness or incapacity, that other party becomes incapable of managing his or her own affairs; or
18.1 Upon the termination of the Agreement, all of the provisions of these Terms and Conditions shall cease to have effect, save that the following provisions of these Terms and Conditions shall survive and continue to have effect (in accordance with their express terms or otherwise indefinitely): Clauses 1, 3.12, 7, 10.2, 10.4, 11, 12, 15, 18, 21 and 22.
18.2 Except to the extent expressly provided otherwise in these Terms and Conditions, the termination of the Agreement shall not affect the accrued rights of either party.
18.3 Within 30 days following the termination of the Agreement for any reason:
(a) the Client must pay to the Provider any Charges in respect of Services provided to the Client before the termination of the Agreement; and
(b) the Provider must refund to the Client any Charges paid by the Client to the Provider in respect of Services that were to be provided to the Client after the termination of the Agreement,
without prejudice to the parties' other legal rights.
19.1 Any notice from one party to the other party under these Terms and Conditions must be given by one of the following methods (using the relevant contact details set out in Section 4 of the Services Order Form and Clause 19.2):
(a) delivered personally or sent by courier, in which case the notice shall be deemed to be received upon delivery; or
(b) sent by recorded signed-for post, in which case the notice shall be deemed to be received 2 Business Days following posting,
providing that, if the stated time of deemed receipt is not within Business Hours, then the time of deemed receipt shall be when Business Hours next begin after the stated time.
19.2 The Provider's contact details for notices under this Clause 19 are as follows: Email: firstname.lastname@example.org Phone: 0800 538 5265
19.3 The addressee and contact details set out in Section 4 of the Services Order Form and Clause 19.2 may be updated from time to time by a party giving notice of the update to the other party in accordance with this Clause 19.
20.1 Subject to any express restrictions elsewhere in these Terms and Conditions, the Provider may subcontract any of its obligations under the Agreement.
20.2 The Provider shall remain responsible to the Client for the performance of any subcontracted obligations.
20.3 Notwithstanding the provisions of this Clause 20 but subject to any other provision of these Terms and Conditions, the Client acknowledges and agrees that the Provider may subcontract to any reputable third party hosting business the hosting of the Platform and the provision of services in relation to the support and maintenance of elements of the Platform.
21.1 No breach of any provision of the Agreement shall be waived except with the express written consent of the party not in breach.
21.2 If any provision of the Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions of the Agreement will continue in effect. If any unlawful and/or unenforceable provision would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect (unless that would contradict the clear intention of the parties, in which case the entirety of the relevant provision will be deemed to be deleted).
21.3 The Agreement may not be varied except by a written document signed by or on behalf of each of the parties.
21.4 The Client hereby agrees that the Provider may assign the Provider's contractual rights and obligations under the Agreement to any successor to all or a substantial part of the business of the Provider from time to time. Save to the extent expressly permitted by applicable law, the Client must not without the prior written consent of the Provider assign, transfer or otherwise deal with any of the Client's contractual rights or obligations under the Agreement.
21.5 The Agreement is made for the benefit of the parties, and is not intended to benefit any third party or be enforceable by any third party. The rights of the parties to terminate, rescind, or agree any amendment, waiver, variation or settlement under or relating to the Agreement are not subject to the consent of any third party.
21.6 Subject to Clause 15.1, a Services Order Form, together with these Terms and Conditions and any Schedules, shall constitute the entire agreement between the parties in relation to the subject matter of that Services Order Form, and shall supersede all previous agreements, arrangements and understandings between the parties in respect of that subject matter.
21.7 The Agreement shall be governed by and construed in accordance with English law.
21.8 The courts of England shall have exclusive jurisdiction to adjudicate any dispute arising under or in connection with the Agreement.
22.1 In these Terms and Conditions, a reference to a statute or statutory provision includes a reference to:
(a) that statute or statutory provision as modified, consolidated and/or re-enacted from time to time; and
(b) any subordinate legislation made under that statute or statutory provision.
22.2 The Clause headings do not affect the interpretation of these Terms and Conditions.
22.3 References in these Terms and Conditions to "calendar months" are to the 12 named periods (January, February and so on) into which a year is divided.
22.4 In these Terms and Conditions, general words shall not be given a restrictive interpretation by reason of being preceded or followed by words indicating a particular class of acts, matters or things.
Schedule 1 (Acceptable Use Policy)
1.1 This acceptable use policy (the "Policy") sets out the rules governing:
(a) the use of the Application, User Interface, and/or API (the "Services"); and
(b) the transmission, storage and processing of content by you, or by any person on your behalf, using the Services ("Content").
1.2 References in this Policy to "you" are to any client for the Services and any individual user of the Services (and "your" should be construed accordingly); and references in this Policy to "us" are to identify provider (and "we" and "our" should be construed accordingly).
1.3 By using the Services, you agree to the rules set out in this Policy.
1.4 We will ask for your express agreement to the terms of this Policy before you use the Services.
2. General usage rules
2.1 You must not use the Services in any way that causes, or may cause, damage to the Services or impairment of the availability or accessibility of the Services.
2.2 You must not use the Services:
(a) in any way that is unlawful, illegal, fraudulent, deceptive or harmful; or
(b) in connection with any unlawful, illegal, fraudulent, deceptive or harmful purpose or activity.
2.3 You must ensure that all Content complies with the provisions of this Policy.
3. Unlawful Content
3.1 Content must not be illegal or unlawful, must not infringe any person's legal rights, and must not be capable of giving rise to legal action against any person (in each case in any jurisdiction and under any applicable law).
3.2 Content, and the use of Content by us in any manner licensed or otherwise authorised by you, must not:
(a) be libellous or maliciously false;
(b) be obscene or indecent;
(c) infringe any copyright, moral right, database right, trade mark right, design right, right in passing off, or other intellectual property right;
(d) infringe any right of confidence, right of privacy or right under data protection legislation;
(e) constitute negligent advice or contain any negligent statement;
(f) constitute an incitement to commit a crime, instructions for the commission of a crime or the promotion of criminal activity;
(g) be in contempt of any court, or in breach of any court order;
(h) constitute a breach of racial or religious hatred or discrimination legislation;
(i) be blasphemous;
(j) constitute a breach of official secrets legislation; or
(k) constitute a breach of any contractual obligation owed to any person.
3.3 You must ensure that Content is not and has never been the subject of any threatened or actual legal proceedings or other similar complaint.
4. Graphic material
4.1 Content must be appropriate for all persons who have access to or are likely to access the Content in question.
4.2 Content must not depict violence in an explicit, graphic or gratuitous manner.
4.3 Content must not be pornographic or sexually explicit.
5.1 Content must not be untrue, false, inaccurate or misleading.
5.2 Statements of fact contained in Content and relating to persons (legal or natural) must be true; and statements of opinion contained in Content and relating to persons (legal or natural) must be reasonable, be honestly held and indicate the basis of the opinion.
6. Negligent advice
6.1 Content must not consist of or contain any legal, financial, investment, taxation, accountancy, medical or other professional advice, and you must not use the Services to provide any legal, financial, investment, taxation, accountancy, medical or other professional advisory services.
6.2 Content must not consist of or contain any advice, instructions or other information that may be acted upon and could, if acted upon, cause death, illness or personal injury, damage to property, or any other loss or damage.
7.1 Content must be appropriate, civil and tasteful, and accord with generally accepted standards of etiquette and behaviour on the internet.
7.2 Content must not be offensive, deceptive, threatening, abusive, harassing, menacing, hateful, discriminatory or inflammatory.
7.3 Content must not be liable to cause annoyance, inconvenience or needless anxiety.
7.4 You must not use the Services to send any hostile communication or any communication intended to insult, including such communications directed at a particular person or group of people.
7.5 You must not use the Services for the purpose of deliberately upsetting or offending others.
7.6 You must not unnecessarily flood the Services with material relating to a particular subject or subject area, whether alone or in conjunction with others.
7.7 You must ensure that Content does not duplicate other content available through the Services.
7.8 You must ensure that Content is appropriately categorised.
7.9 You should use appropriate and informative titles for all Content.
7.10 You must at all times be courteous and polite to other users of the Services.
8. Marketing and spam
8.1 Content must not constitute or contain spam, and you must not use the Services to store or transmit spam - which for these purposes shall include all unlawful marketing communications and unsolicited commercial communications.
8.2 You must not send any spam to any person using any email address or other contact details made available through the Services or that you find using the Services.
8.3 You must not use the Services to promote, host or operate any Ponzi schemes, pyramid schemes, matrix programs, "get rich quick" schemes or similar letters, schemes or programs.
8.4 You must not use the Services in any way which is liable to result in the blacklisting of any of our IP addresses.
9. Regulated businesses
9.1 You must not use the Services for any purpose relating to gambling, gaming, betting, lotteries, sweepstakes, prize competitions or any gambling-related activity.
9.2 You must not use the Services for any purpose relating to the offering for sale, sale or distribution of drugs.
9.3 You must not use the Services for any purpose relating to the offering for sale, sale or distribution of knives, guns or other weapons.
10.1 You acknowledge that we do not actively monitor the Content or the use of the Services.
11. Data mining
1.1 You must not conduct any systematic or automated data scraping, data mining, data extraction or data harvesting, or other systematic or automated data collection activity, by means of or in relation to the Services.
12.1 You must not link to any material using or by means of the Services that would, if it were made available through the Services, breach the provisions of this Policy.
13. Harmful software
13.1 The Content must not contain or consist of, and you must not promote, distribute or execute by means of the Services, any viruses, worms, spyware, adware or other harmful or malicious software, programs, routines, applications or technologies.
13.2 The Content must not contain or consist of, and you must not promote, distribute or execute by means of the Services, any software, programs, routines, applications or technologies that will or may have a material negative effect upon the performance of a computer or introduce material security risks to a computer.
Schedule 2 (Data processing information)
1. Categories of data subject
The personal data collected and processed related to:
▪ potential customers
▪ internet users
2. Types of Personal Data
The categories of personal data processed are:
▪ personally identifiable information (e.g. name, surname, email, phone number, home address)
▪ login, password
▪ location data
▪ ip address
▪ cookie ID
▪ statistical or other usage data observed on the internet (e.g. via analytics, services etc.)
▪ customer history
3. Purposes of processing
The Processor shall carry out the following processing activities on behalf of the Controller:
Each processor and, where applicable, the processor’s representative shall maintain a record of all categories of processing activities carried out on behalf of a controller, containing:
▪ the name and contact details of the processor or processors and of each controller on behalf of which the processor is acting, and, where applicable, of the controller’s or the processor’s representative, and the data protection officer;
▪ the categories of processing carried out on behalf of each controller;
▪ where applicable, transfers of personal data to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1), the documentation of suitable safeguards;
▪ where possible, a general description of the technical and organisational security measures referred to in Article 32(1).
4. Security measures for Personal Data
- The Processor undertakes to adopt all the necessary technical and organisational security measures and to provide the Controller with a document whereby all such measures are described in detail, also in specific reference to the present agreement. Such measures are subject to the Controller's scrutiny and to its prior approval. Upon the Controller's approval, such security measures, documented as above, will become an integral and substantial part of this agreement and are hereby incorporated by reference. Insofar as an inspection/audit by the Controller shows the necessity for amendments, such amendments shall be implemented by mutual agreement.
- The Processor warrants that it has taken all the security measures in accordance with Article 28 Paragraph 3 Point c, and Article 32 GDPR in particular in conjunction with Article 5 Paragraph 1, and Paragraph 2 GDPR. Such measures shall guarantee data security and a protection level adequate to the level of risk concerning confidentiality, integrity, availability, and resilience of the systems. According to Article 32, par. 1 GDPR the following must be taken into account when assessing the appropriateness of the security measures adopted: whether or not the measures can be reasonable considered to be state-of-the-art, the implementation costs, the nature, scope and purposes of processing as well as the likelihood of data breaches and the severity of risks to the rights and freedoms of natural persons.
- The technical and organisational measures are subject to technical and technological progress and development. Hence, the Processor may adopt alternative adequate measures which are up to date with the changed technological environment. When doing so, the processing security level may not be reduced. Substantial chang
5. Sub-processors of Personal Data
(1) The Controller authorises the Processor to outsource part of the processing activities to sub-processors. The sub-processors shall, as legally required, be subject to the same contractual obligations resulting from this agreement, pursuant to art. 28 par. 4 GDPR.
|1||Company sub-processor||Address/country||Outsourced processing activity|
|2||Amazon Web Services, Inc.||410 Terry Avenue North, Seattle, WA 98109-5210, USA||Hosting/Cloud service provider|
|3||Stripe Payments Europe, Ltd||1 Grand Canal Street Lower, Dublin, Ireland||Payment processing|
|4||Google LLC||1600 Amphitheatre Parkway Mountain View, CA 94043, USA||Google Analytics: track source of app installs and web traffic. Track events/user engagement. Firebase: Crash reporting|
|5||OneSignal||2850 S Delaware St Suite 201, San Mateo, CA 94403, USA||Google Analytics: track source of app installs and web traffic. Track events/user engagement. Firebase: Crash reporting|
|6||Click Labs, Inc.||4830 West Kennedy Blvd, Suitte 600, Tampa, Florida, 33609, USA||Delivery fleet tracking and management|
|7||Facebook, Inc.||1 Hacker Way#15, Menlo, CA, USA||Advertising|
(2) At the date of the Effective Date, the parties mutually acknowledge and agree that the Processor currently commissions the following sub-processors on the condition of a contractual agreement in accordance with Article 28 paragraph 4 GDPR:
(3) It is understood between the parties that the communication of personal data to any sub-processor shall only take place after all conditions set out in paragraph (1) for the appointment of sub-processors have been met.
(4) The Processor must maintain and keep updated a list of sub-processors. The Controller shall be notified of any change to such list without undue delay, giving the Controller the option to object. In case of objection, the Processor retains the right to terminate the contract in place with the Controller without notice.
(5) The Processor shall bear full responsibility and liability for the activities of its sub-processors vis a vis the Controller.
(6) Should a sub-processor provide its services outside the EU/EEA, the Processor shall ensure compliance with the rules regarding data transfer abroad, as described under sec. 6 below.
6. Data Transfer Abroad
(1) The Processor undertakes not to transfer any personal data abroad (i.e. outside the EEA territory) without the prior written authorisation of the Data Controller. Any data transfer abroad, and processing activities thereof, will be carried out in strict compliance with the Controller's documented and specific instructions.
(2) At the Effective Date, the Controller acknowledges that it has been informed that the following data processing activities, carried out by the Processor on its behalf, will take place outside of the EEA. Such processing activities, which are hereby specifically authorised by the Controller, will take place in the states listed below and in strict compliance to the legal bases for data transfer set forth in articles. 45 and ss. GDPR, as applicable to each processing activity.
|1||Company||Data processing activity||Legal basis for transfer|
|2||USA||Delivery fleet tracking & management||Adequacy decision|
|3||USA||Push notification||Adequacy decision|
|4||USA||Hosting/cloud service provider||Adequacy decision|
|5||USA||Payment processing||Adequacy decision|
|6||USA||Web and app analytics||Adequacy decision|
7. Personal Data
The Processor shall, at the choice of the Controller, delete or return all of the Client Personal Data to the Controller after the provision of services relating to the processing, and shall delete existing copies save to the extent that applicable law requires storage of the relevant Personal Data.