1. Definitions and interpretation
1.1 In this agreement:
the ‘Supplier’ shall mean Commify UK Limited (trading as Esendex) a company registered in England and Wales with registration number 04217280 whose registered office address is at 20 Wollaton Street, Nottingham NG 1 5FW; and
the ‘Customer’ means the entity purchasing business communication services from the Supplier.
1.2 The Customer agrees that if it purchases any business communication services from the Supplier, the Customer shall be legally bound by the terms of this Agreement.
1.3 The definitions and rules of interpretation set out in Schedule 1 shall apply to our Agreement.
1.4 In our Agreement:
1.4.1 each Order entered into by the Customer and the Supplier shall form a separate agreement, incorporating these Terms and Conditions together with the Data Protection Addendum and the Policies (our Agreement);
1.4.2 in the event of any conflict in respect of the provisions of our Agreement the following order of priority shall prevail (in descending order of priority):
- (a) the Order;
- (b) Data Protection Addendum;
- (c) the Policies; and
- the Terms and Conditions; and
1.4.3 subject to the order of priority between documents in clause 1.4.2, later versions of documents shall prevail over earlier ones if there is any conflict or inconsistency between them.
1.5 Any obligation of the Supplier under our Agreement to comply or ensure compliance by any person or the Services with any law shall be limited to compliance only with laws as generally applicable to businesses and to providers of software as a service and communications solutions. Such obligations shall not be construed to create any obligation on the Supplier (or anyone acting on its behalf) or any part of the Services to comply with any laws or regulations which apply solely to specific commercial or other activities (such as insurance, legal advice or banking or other professional services) or which apply solely to a specific commercial or noncommercial sector (or part thereof) (such as the public, legal, accountancy, actuarial, insurance, banking or financial service sectors).
2. Rights of Use
2.1 Upon Order Acceptance and subject to the terms of our Agreement, the Supplier grants the Customer a non-exclusive, non-transferable, personal right to use each Subscribed Service during the Subscribed Service Period for the Permitted Purpose.
2.2 The Customer shall:
2.2.1 ensure that only Authorised Users use the Subscribed Services and that such use is at all times in accordance with our Agreement;
2.2.2 ensure that Authorised Users are, at all times whilst they have access to the Subscribed Services, the employees or contractors of the Customer or the Authorised Affiliates;
2.2.3 keep a list of all Authorised Users;
2.2.4 ensure Authorised User accounts cannot be shared or used by more than one individual at the same time;p>
2.2.5 be liable for the acts and omissions of the Authorised Users and the Authorised Affiliates as if they were its own;
2.2.6 only provide Authorised Users with access to the Services via the access method provided by the Supplier and shall not provide access to (or permit access by) anyone other than an Authorised User; and
2.2.7 procure that each Authorised User (and each Authorised Affiliate) is aware of, and complies with, the obligations and restrictions imposed on the Customer under our Agreement, including all obligations and restrictions relating to the Supplier’s Confidential Information.
2.3 The Customer warrants and represents that it, and all Authorised Users and all others acting on its or their behalf (including systems administrators) shall ensure:
2.3.1 their password for any Subscribed Services is unique and not reused in any other context; and
2.3.2 their password or access details for any Subscribed Service are kept confidential and not shared with any third party.
2.4 The Customer shall (and shall ensure all Authorised Affiliates and Authorised Users shall) at all times comply with the Acceptable Use Policy and all other provisions of our Agreement.
2.5 The Customer acknowledges that use of the Subscribed Services is at all times subject to the Customer’s compliance with our Agreement and the requirements identified in our Agreement.
3. Testing and Support
3.1 If applicable, the Supplier shall notify the Customer when a Subscribed Service (or an element of a Subscribed Service) is ready to be tested and the Supplier shall give the Customer instructions on how to complete such testing and the time frame within which such testing must be completed. Unless otherwise agreed in a Statement of Work, the Customer shall have 5 Business Days to complete such testing and report any fault(s) that the Customer finds to the Supplier (Testing Period);
3.2 If the Customer:
3.2.1 does not report any fault(s) to the Supplier within the Testing Period referred to in clause 3.1, the Customer will be deemed to have accepted the Subscribed Service; and
3.2.2 does report any fault(s) to the Supplier within the Testing Period, the Customer shall provide the Supplier with all information about the fault(s) to enable the Supplier to take remedial action and, provided that the Customer gives the Supplier enough information, the Supplier shall endeavour to fix any fault(s) within a reasonable time (and in any event within 30 days). Once the Supplier has fixed identified faults or if the Supplier cannot locate and verify any such fault(s), the Supplier shall notify the Customer and the Customer shall carry out testing of the Subscribed Service within 5 Business Days unless otherwise agreed by the parties.
3.3 If the Customer fails to test the relevant Subscribe Service in accordance with clauses 3.1 and 3.2, the Customer acknowledges that:
3.3.1 if the Subscribed Services can be provided notwithstanding the failure of the Customer to test the Subscribed Service, the Subscribed Service Period will commence and the Charges will become payable;
3.3.2 the availability of such Subscribed Service may be delayed and the Supplier shall have no liability in relation to such delay; and
3.3.3 any additional work carried out by the Supplier which is due to the Customer’s failure to comply with clause 3.1, clause 3.2 or clause 7 shall incur charges in accordance with the Supplier’s applicable rate card.
3.4 Support Services shall be available during the Support Hours for each Subscribed Service to the Customer for the duration of the respective Subscribed Service Period.
3.5 The Supplier will use reasonable endeavours to notify the Customer in advance of scheduled maintenance but the Customer acknowledges that it may receive no advance notification for downtime caused by Force Majeure or for other emergency maintenance.
4. Changes to services and terms
4.1 The Supplier may update the documents referred to in clause 1.4.2 or other documents referred to in any part of our Agreement (excluding in each case the Order) from time to time and shall make such updated documents available at www.esendex.com.
4.2 In the event that the Customer reasonably believes that any Update materially impacts it negatively in any manner it may by notice elect to terminate our Agreement in respect of all impacted Subscribed Services on not less than 10 Business Days prior written notice and notifies the Supplier at the time of exercising such right of the negative impact which has caused it to exercise this right.
4.3 The Customer acknowledges that the Supplier shall be entitled to modify the features and functionality of the Services. the Supplier shall use reasonable endeavours to ensure that any such modification does not materially adversely affect the use of the relevant Subscribed Service(s) by the Supplier’s customers generally.
4.4 The Supplier may replace virtual mobile numbers from time to time on provision of at least 90 days’ prior written notice.
5. Fees and Credit(s)
5.1 The Subscription Fee and any other charges (including expenses) expressly agreed between the parties in writing shall be paid by the Customer at the rates and in the manner described in the Order.
5.2 The Customer acknowledges that if a Minimum Monthly Volume is set out in an Order, the respective Fees have been calculated in accordance with such Minimum Monthly Volume. If the volume of Transactions completed in any month by the Customer falls below the Minimum Monthly Volume, the Supplier shall be entitled to charge the Customer such higher per Transaction Fees as would be payable in relation to such lower volume and invoice the Customer for any shortfall.
5.3 If an Order sets out a minimum monthly charge (Minimum Monthly Charge), such Minimum Monthly Charge will be payable each month of the Subscribed Service Period irrespective of whether Transaction volumes would have incurred Fees amounting to the Minimum Monthly Charge. If Transaction volumes exceed the Minimum Monthly Charge, such additional Fees shall be payable in addition to the Minimum Monthly Charge.
5.4 SMS message fees are charged on a per SMS basis. Each SMS is a set of systemized textual and numeric characers (text) of up to 160 characters when using the GSM alphabet. Some symbols constitute more than one character (as more particularly set out at https://support.esendex.co.uk/sms/long-message-can-send/). If message text exceeds 160 characters, it shall be charged as more than 1 SMS. If the GSM alphabet is not used, the character limit for 1 SMS shall be less than 160 characters.
5.5 Fees shall be incurred for each Transaction submitted whether or not such Transaction is received by the intended recipient of a Transaction.
5.6 The Supplier may charge a monthly administration Fee of £25/€25 if the Customer requires special billing arrangements or usage of an invoicing or procurement portal.
5.7 In the event the Customer’s account is compromised or the subject of a security breach, the Customer shall be liable for the Fees incurred for all Transactions submitted unless the Customer can demonstrate that such compromise or security breach was the fault or responsibility of the Supplier.
5.8 Unless as otherwise set out in an Order, Fees shall be paid by direct debit within 14 days of the date of an invoice.
5.9 The Fees are exclusive of VAT which shall be payable by the Customer at the rate and in the manner prescribed by law.
5.10 The Supplier shall have the right to charge interest on overdue invoices at the rate of 4% per year above the base rate of the Bank of England, calculated from the date when payment of the invoice becomes due for payment up to and including the date of actual payment whether before or after judgment.
5.11 The Supplier may increase the Fees at any time to reflect an increase in the Supplier’s costs. The Supplier shall provide 30 days prior notice of any increase in Fees to post-pay Customers (being those Customers paying the Fees by invoice following use of the Services).
5.12 To the extent our Agreement terminates or expires (other than due to termination by the Customer under clause 16.2) the Customer shall not be entitled to any refund or discount of Fees paid for any parts of any month during which the Services cease to be provided.
5.13 Any Transaction credit purchased or Transaction balance added by a Customer shall be non-refundable and shall expire 12 months after the date purchased by the Customer unless otherwise set out in an Order.
5.14 It is the Customer’s responsibility to ensure it has sufficient Transaction credit or balance and the Supplier accepts no liability in the event the Customer has insufficient Transaction credit or balance to meet the Customer’s requirements.
6.1 Subject to the remainder of this clause 6, the Supplier warrants that:
6.1.1 each Subscribed Service shall operate materially in accordance with its Description when used in accordance with our Agreement during the relevant Subscribed Service Period; and
6.2 it will provide each of the Services with reasonable care and skill.
6.2 The Customer acknowledges that clause 6.1 does not apply to Trial Services or to Support Services provided in connection with the same. Without prejudice to the Supplier’s obligations under our Agreement in respect of Protected Data, Trial Services and Support Services provided in connection with the same are provided ‘as is’ and without warranty to the maximum extent permitted by law.
6.3 The Services may be subject to delays, interruptions, errors or other problems resulting from use of the internet or public electronic communications networks used by the parties or third parties. The Customer acknowledges that such risks are inherent in communications services and that the Supplier shall have no liability for any such delays, interruptions, errors or other problems.
6.4 The warranties in clause 6.1 are subject to the limitations set out in clause 13 and shall not apply to the extent that any error in the Services arises as a result of:
6.4.1 the acts or omissions of the recipient of any Transaction;
6.4.2 use of any Services with other software or services or on equipment with which it is incompatible (unless the Supplier recommended or required the use of that other software or service or equipment);
6.4.3 any act by any third party (including hacking or the introduction of any virus or malicious code);
6.4.4 any modification of Services (other than that undertaken by the Supplier or at its direction); or
6.4.3 any breach of our Agreement by the Customer (or by any Authorised Affiliate or Authorised User).
6.5 The Customer acknowledges that the Supplier has no liability or obligation (howsoever arising whether under contract, tort, in negligence or otherwise) in relation to:
6.5.1 the content of Transactions;
6.5.2 the Subscribed Services being free of minor errors or defects; or
6.5.3 the Subscribed Services being compatible with any other software or service or with any hardware or equipment except to the extent expressly referred to as compatible in the Order.
6.6 Other than as set out in this clause 6, and subject to clause 13.2, all warranties, conditions, terms, undertakings or obligations whether express or implied and including any implied terms relating to quality, fitness for any particular purpose or ability to achieve a particular result are excluded to the fullest extent allowed by applicable law.
7. Customer’s responsibilities
7.1 The Customer shall (and shall ensure all Authorised Affiliates and Authorised Users shall) at all times comply with all applicable laws, rules and regulations relating to the use or receipt of the Services, including laws relating to privacy, data protection and use of systems and communications.
7.2 The Customer shall at all times comply with the Policies and all other provisions of our Agreement.
7.3 The Customer shall:
7.3.1 co-operate with the Supplier in all matters relating to the Services;
7.3.2 provide, for the Supplier and its agents, subcontractors, consultants and employees, in a timely manner and at no charge, access to the Customer’s premises and other facilities as reasonably required by the Supplier or any of them;
7.3.3 provide, in a timely manner, such information as the Supplier may reasonably require in order to provide the Services, and ensure that such information is accurate in all material respects;
7.3.4 provide accurate Customer representative and contact details (including email addresses) to the Supplier and ensure any changes are notified to the Supplier promptly;
7.3.5 provide the Customer Data in the format set out in a Statement of Work or otherwise agreed in writing between the parties;
7.3.6 provide the Supplier with at least 5 Business Days prior notice of any physical or connectivity changes the Customer is undertaking which may affect the Subscribed Services;
7.3.7 provide the Supplier with information if requested by a Network Operator and/or Regulator relating to a Customer’s use of the Subscribed Services; and
7.3.8 ensure the Customer’s systems are subject to security controls, in accordance with good industry practice, to ensure the security and integrity of access to the Services and the Supplier’s platform.
7.4 The Customer shall defend, indemnify and hold harmless the Supplier against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation any fines or other penalties imposed on the Supplier (or any of the Supplier’s Affiliates) by a Network Operator, court costs and reasonable legal fees) arising out of or in connection with the Customer’s breach of this Agreement or the Policies or any claim by a third party in connection with the content of a Transaction, provided that:
7.4.1 the Customer is given prompt notice of any such claim;
7.4.2 the Supplier provides reasonable co-operation to the Customer in the defence and settlement of such claim, at the Customer’s expense; and
7.4.3 the Customer is given sole authority to defend or settle the claim.
7.5 Clauses 7.1 to 7.4 (inclusive) shall survive termination or expiry of our Agreement.
8. Intellectual property
8.1 All Intellectual Property Rights in and to the Services belong to and shall remain vested in the Supplier or the relevant third party owner. To the extent that the Customer, any of its Affiliates or any person acting on its or their behalf acquires any Intellectual Property Rights in the Services, the Customer shall assign or procure the assignment of such Intellectual Property Rights with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to the Supplier or such third party as the Supplier may elect. The Customer shall execute all such documents and do such things as the Supplier may consider necessary to give effect to this clause 8.1.
8.2 The Customer may be able to store or transmit Customer Data using one or more Subscribed Service and the Subscribed Services may interact with Customer Systems. The Customer hereby grants a royalty-free, non-transferable, non-exclusive licence for the Supplier (and each of its direct and indirect sub-contractors) to use, copy and otherwise utilise the Customer Data and Customer Systems to the extent necessary to perform or provide the Services or to exercise or perform the Supplier’s rights, remedies and obligations under our Agreement.
8.3 Except for the rights expressly granted in our Agreement, the Customer, any Customer Affiliate and their direct and indirect sub-contractors, shall not acquire in any way any title, rights of ownership, or Intellectual Property Rights of whatever nature in the Services and no Intellectual Property Rights of either party are transferred or licensed as a result of our Agreement.
8.4 The Supplier shall indemnify the Customer for any losses, damages, liability, costs and expenses (including professional fees) incurred by it as a result of any action, demand or claim that the Customer’s use of or access to the Services infringes the Intellectual Property Rights of any third party (an IPR Claim) provided that the Customer:
8.4.1 notifies the Supplier in writing as soon as reasonably practicable;
8.4.2 does not make any admission of liability or agree any settlement or compromise of the IPR Claim without the prior written consent of the Supplier (such consent not to be unreasonably withheld or delayed); and
8.4.3 lets the Supplier at its request and own expense have the conduct of or settle all negotiations and litigation arising from the IPR Claim.
8.5 If any IPR Claim is made or is reasonably likely to be made, the Supplier may at its option:
8.5.1 procure for the Customer the right to continue receiving the relevant Services; or
8.5.2 re-perform the infringing part of the Services so as to avoid the infringement or alleged infringement, provided the Services remain in conformance to the Description.
8.6 In the event of any IPR Claim the Supplier may elect to terminate our Agreement immediately by written notice and promptly refund to the Customer on a pro-rata basis for any unused proportion of Fees paid in advance.
8.7 The Supplier shall have no liability or obligation under this clause 8 in respect of any IPR Claim which arises in whole or in part from:
8.7.1 any modification of the Services (or any part) without the Supplier’s express written approval;
8.7.2 any Customer Data;
8.7.3 any breach of our Agreement by the Customer;
8.7.4 installation or use of the Subscribed Services (or any part) otherwise than in accordance with our Agreement; or
8.7.5 installation or use of the Subscribed Services (or any part) in combination with any software, hardware or data that has not been supplied or expressly authorised by the Supplier.
8.8 This clause 8 shall survive the termination or expiry of our Agreement.
9. Customer Systems and Customer Data
9.1 Customer Data shall at all times remain the property of the Customer.
9.2 Except to the extent the Supplier has direct obligations under data protection laws, the Customer acknowledges that the Supplier has no control over any Customer Data hosted as part of the provision of the Subscribed Services and may not actively monitor the content of the Customer Data. The Customer shall ensure (and is exclusively responsible for) the accuracy, quality, integrity and legality of the Customer Data and that its use (including use in connection with the Subscribed Service) complies with all applicable laws and Intellectual Property Rights.
9.3 The Supplier makes use of automated fraud detection on receipt of the Customer Data to protect end-users from fraudulent or otherwise deceptive conduct. The Supplier may audit Customer Data in relation to all Trial Services and in relation to the Subscribed Services not being Trial Services in the case of any atypical activity.
9.4 If the Supplier becomes aware that any Customer Data may not comply with the Acceptable Use Policy or any other part of our Agreement the Supplier shall have the right to permanently delete or otherwise remove or suspend access to any Customer Data which is suspected of being in breach of any of the foregoing from the Services and/or disclose Customer Data to law enforcement authorities (in each case without the need to consult the Customer). Where reasonably practicable and lawful the Supplier shall notify the Customer before taking such action.
9.5 Multi-factor authentication (MFA) is enabled on the Supplier’s platform. If the Customer elects to disable MFA on the Customer’s account:
9.5.1 the Customer shall be liable for any and all losses incurred by the Supplier; and
9.5.2 the Supplier shall have no liability whatsoever for any loss suffered by the Customer
to the extent such losses would not have been incurred had MFA been enabled.
10. Confidentiality and security of Customer Data
10.1 The Supplier shall maintain the confidentiality of the Customer Data and shall not without the prior written consent of the Customer or in accordance with our Agreement, disclose or copy the Customer Data other than as necessary for the performance of the Services or its express rights and obligations under our Agreement.
10.1 The Supplier:
10.2.1 undertakes to disclose the Customer Data only to those of its officers, employees, agents, contractors and direct and indirect sub-contractors to whom, and to the extent to which, such disclosure is necessary for the purposes contemplated under our Agreement or as otherwise reasonably necessary for the provision or receipt of the Services, and
10.2.2 shall be responsible to the Customer for any acts or omissions of any of the persons referred to in clause 10.2.1 in respect of the confidentiality and security of the Customer Data as if they were the Supplier’s own.
10.3 The provisions of this clause 10 shall not apply to information which:
10.3.1 is or comes into the public domain through no fault of the Supplier, its officers, employees, agents or contractors;
10.3.2 is lawfully received by the Supplier from a third party free of any obligation of confidence at the time of its disclosure;
10.3.3 is independently developed by the Supplier (or any of its Affiliates or any person acting on its or their behalf), without access to or use of such information; or
10.3.4 is required by law, by court or governmental or regulatory order to be disclosed, provided that clauses 10.3.1 to 10.3.3 (inclusive) shall not apply to Protected Data.
10.4 This clause 10 shall survive the termination or expiry of our Agreement for a period of five years.
10.5 To the extent any Customer Data is Protected Data, the Supplier shall ensure that such Customer Data may be disclosed or used only to the extent such disclosure or use does not conflict with any of the Supplier’s obligations under Schedule 3. Clauses 10.1 to 10.4 (inclusive) are subject to this clause 10.5.
10.6 If the Customer receives payment related Services from the Supplier, the Supplier will handle cardholder data in accordance with the Supplier’s PCI charter at https://www.esendex.co.uk/pci-charter/.
11. Supplier’s Confidential Information
11.1 The Customer shall maintain the confidentiality of the Supplier’s Confidential Information and shall not disclose, use, exploit, copy or modify the Supplier’s Confidential Information (or permit others to do so) other than as necessary for the performance of its express rights and obligations under our Agreement.
11.2 The Customer undertakes to:
11.2.1 disclose the Supplier’s Confidential Information only to those of its officers, employees, agents and contractors to whom, and to the extent to which, such disclosure is necessary for the purposes contemplated under our Agreement;
11.2.2 procure that such persons are made aware of and agree in writing to observe the obligations in this clause 11; and
11.2.3 be responsible for the acts and omissions of those third parties referred to in this clause 11.2 as if they were the Customer’s own acts or omissions.
11.3 The provisions of this clause 11 shall not apply to information which:
11.3.1 is or comes into the public domain through no fault of the Customer, its officers, employees, agents or contractors;
11.3.2 is lawfully received by the Customer from a third party free of any obligation of confidence at the time of its disclosure;
11.3.3 is independently developed by the Customer, without access to or use of such information; or
11.3.4 is required by law, by court or governmental or regulatory order to be disclosed provided that the Customer, where possible, notifies the Supplier at the earliest opportunity before making any disclosure.
11.4 This clause 11 shall survive the termination or expiry of our Agreement for a period of five years
12. Monitoring compliance
13. Limitation of liability
13.1 The extent of each party’s liability under or in connection with our Agreement (regardless of whether such liability arises in tort, contract or in any other way and whether or not caused by negligence or misrepresentation or under any indemnity) shall be as set out in this clause 13.
13.2 Notwithstanding any other provision of our Agreement, neither party’s liability shall be limited in any way in respect of the following:
13.2.1 death or personal injury caused by negligence;
13.2.2 fraud or fraudulent misrepresentation;
13.3.3 any other losses which cannot be excluded or limited by applicable law; or
13.3.4 the Customer’s liability shall not be limited in any way in respect of any claim under the indemnity in clause 7.4 in respect of any liability incurred by the Supplier in relation to a fine or other penalty imposed on it by a Network Operator.
13.3 Subject to clause 13.2, the total aggregate liability of each party howsoever arising under or in connection with our Agreement shall not exceed the lesser of:
13.3.1 an amount equal to three times the Fees for all Services paid to the Supplier in the 12-month period immediately preceding the first incident giving rise to any claim under our Agreement; or
13.4 Subject to clause 13.2, neither party shall be liable for consequential, indirect or special losses.
13.5 Subject to clause 13.2, neither party shall be liable for any of the following (whether direct or indirect):
13.5.1 loss of profit;
13.5.2 destruction, loss of use or corruption of data;
13.5.3 loss of opportunity;
13.5.4 loss of savings, discount or rebate (whether actual or anticipated); and/or
13.5.5 harm to reputation or loss of goodwill.
13.6 To the maximum extent permitted by law, the Supplier shall not be liable (under any legal theory, including negligence) for any breach, delay or default in the performance of our Agreement to the extent the same (or the circumstances giving rise to the same) arises or was contributed to by any Relief Event.
13.7 This clause 13 shall survive the termination or expiry of our Agreement.
14.1 The Supplier may suspend access to the Subscribed Services on reasonable notice if:
14.1.1 the Supplier suspects that there has been any misuse of the Subscribed Services or breach of our Agreement;
14.1.2 a Network Operator or Regulator requires it;
14.1.3 the Customer significantly exceeds its usual volumes of Transactions and has not provided the Supplier with prior notice; or
14.1.4 the Customer fails to pay any sums due to the Supplier by the due date for payment.
14.2 Where the reason for the suspension is suspected misuse of the Services or breach of our Agreement, without prejudice to its rights under clause 16, the Supplier will take steps to investigate the issue and may restore or continue to suspend access at its discretion.
14.3 In relation to suspensions under clause 14.1.4, access to the Services will be restored promptly after the Supplier receives payment in full and cleared funds.
14.4 Fees shall remain payable during any period of suspension notwithstanding that the Customer or Authorised Affiliates may not have access to the Services.
15.1 Subject to clause 15.2, on expiry of each Subscribed Service Period, the Subscribed Services shall continue and automatically renew for further consecutive periods of the same duration as the initial Subscribed Service Period (each a Renewal). This clause 15.1 shall not apply in respect of Trial Services (which shall not renew unless otherwise expressly stated in the Order).
15.2 If either party does not wish for the Subscribed Services to renew it may cause the Subscribed Service to expire by notice provided such notice is served at least 28 days’ prior to the next Renewal commencing. If notice is not served within the timeframes set out in this clause 15.2, the Subscribed Service shall renew in accordance with clause 15.1.
16. Term and termination
16.1 Our Agreement shall come into force on Order Acceptance and, unless terminated earlier in accordance with its terms, shall continue for the duration of all Subscribed Service Periods.
16.2 Either party may terminate our Agreement immediately at any time by giving notice in writing to the other party if:
16.2.1 the other party commits a material breach of our Agreement and such breach is not remediable;
16.2.3 the other party commits a material breach of our Agreement which is not remedied within 20 Business Days of receiving written notice of such breach; or
16.2.3 the other party has failed to pay any amount due under our Agreement on the due date and such amount remains unpaid within 20 Business Days after the other party has received notification that the payment is overdue; or
16.2.4 the other party:
- (a) stops carrying on all or a significant part of its business, or indicates in any way that it intends to do so;
- (b) is unable to pay its debts either within the meaning of section 123 of the Insolvency Act 1986 or if the non-defaulting party reasonably believes that to be the case;
- (c) becomes the subject of a company voluntary arrangement under the Insolvency Act 1986
- (d) has a receiver, manager, administrator or administrative receiver appointed over all or any part of its undertaking, assets or income;
- (e) has a resolution passed for its winding up;
- (f) has a petition presented to any court for its winding up or an application is made for an administration order, or any winding-up or administration order is made against it;
- (g) is subject to any procedure for the taking control of its goods that is not withdrawn or discharged within seven days of that procedure being commenced;
- (h) has a freezing order made against it; or
- (i) is subject to any events or circumstances analogous to those in clauses 16.2.4(a) to 16.2.4(h) in any jurisdiction.
16.3 The Supplier may terminate or suspend the provision of Trial Services (and all related Support Services) at any time with or without notice.
16.4 Any breach by the Customer of clause 7 or clause 9 shall be deemed a material breach of our Agreement.
17. Consequences of termination
17.1 Immediately on termination or expiry of our Agreement (for any reason), the rights granted by the Supplier under our Agreement shall terminate and the Customer shall (and shall procure that each Authorised Affiliate shall):
17.1.1 stop using the Services; and
17.1.2 pay all Fees due and payable.
17.2 Termination or expiry of our Agreement shall not affect any accrued rights and liabilities of either party at any time up to the date of termination or expiry and shall not affect any provision of our Agreement that is expressly or by implication intended to continue beyond termination.
18. Freedom of Information
18.1 ‘Information’ and ‘Request for Information’ shall have the meanings set out in the Freedom of Information Act 2000 (‘FIA 2000’) or the Environmental Information Regulations 2004, SI 2004/3391 (‘EI Regs 2004’) as relevant.
18.2 The Supplier acknowledges that the Customer may be subject to the requirements of the FIA 2000 and the EI Regs 2004 and shall promptly and fully assist and cooperate with the Customer to enable the Customer to comply with its obligations in respect of those requirements.
18.3 Where the Supplier receives a Request for Information it shall:
18.3.1 inform the Customer of its receipt as soon as reasonably practicable of its receipt; and
18.3.2 provide a copy of the Request for Information to Customer, together with all other information as Supplier considers reasonably relevant to the request within 10 working days of receipt of the Request for Information by Supplier.
18.4 The Supplier shall not respond directly to a Request for Information unless expressly authorised to do so by the Customer in writing.
18.5 While the Customer may, if practicable and appropriate, consult with the Supplier in relation to whether any information relating to the Supplier or this Agreement should be disclosed as part of a Request for Information, the Customer shall ultimately be responsible for determining in its absolute discretion whether any Information will be disclosed and whether any exemptions apply to the disclosure of the Information.
19.1 Our Agreement constitutes the entire agreement between the parties and supersedes all previous agreements, understandings and arrangements between them in respect of its subject matter, whether in writing or oral.
19.2 Each party acknowledges that it has not entered into our Agreement in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in our Agreement.
19.3 Any notice given by a party under our Agreement shall be in writing and sent to the address or email address set out in an Order or notified by a party to the other party.
19.4 Clause 19.3 does not apply to notices given in legal proceedings.
19.5 No variation of our Agreement shall be valid or effective unless it is:
19.5.1 an Update made in accordance with our Agreement; or
19.5.2 made in writing, refers to our Agreement and is duly signed or executed by, or on behalf of, each party.
19.6 Except as expressly provided in our Agreement, the Supplier may at any time assign, sub-contract, sub-licence (including by multi-tier), transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of its rights or obligations under our Agreement.
19.7 Except as expressly permitted by our Agreement, the Customer shall not assign, transfer, sub-contract, sub-licence, mortgage, charge, declare a trust of or deal in any other manner with any or all of its rights or obligations under our Agreement (including the licence rights granted), in whole or in part, without the Supplier’s prior written consent.
19.8 The parties are independent and are not partners or principal and agent and our Agreement does not establish any joint venture, trust, fiduciary or other relationship between them, other than the contractual relationship expressly provided for in it. Neither party shall have, nor shall represent that it has, any authority to make any commitments on the other party’s behalf.
19.9 If any provision of our Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of our Agreement shall not be affected.
19.10 If any provision of our Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it was deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.
19.11 No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under our Agreement shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.
19.12 No single or partial exercise of any right, power or remedy provided by law or under our Agreement shall prevent any future exercise of it or the exercise of any other right, power or remedy.
19.13 A waiver of any term, provision, condition or breach of our Agreement shall only be effective if given in writing and signed by the waiving party, and then only in the instance and for the purpose for which it is given.
19.14 A person who is not a party to our Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of its provisions.
19.15 Our Agreement and any dispute or claim arising out of, or in connection with, it, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales.
19.16 The parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, our Agreement, its subject matter or formation (including non-contractual disputes or claims).
Definitions and Interpretation
1In our Agreement:
Affiliate: means, in respect of any entity, any entity that directly or indirectly controls, is controlled by or is under common control with that entity within the meaning set out in section 1124 of the Corporation Tax Act 2010;
Authorised Affiliates means, in respect of the relevant Subscribed Service, the Affiliates of the Customer (if any) identified in the Order as Authorised Affiliates in respect of that Subscribed Service;
Authorised Users means, in respect of the relevant Subscribed Service, the users authorised by the Customer to use that Subscribed Service in accordance with the terms of our Agreement;
Business Day means a day other than a Saturday, Sunday or bank or public holiday in England;
Customer has the meaning given in the relevant Order;
Customer Data means all data (in any form) that is provided to the Supplier or uploaded or hosted on any part of any Subscribed Service by the Customer or contained in a Transaction;
Customer Systems means all software and systems used by or on behalf of the Customer or the Customer’s Affiliates in connection with the provision or receipt any of the Services or that the Services otherwise, link, inter-operate or interface with or utilise (in each case whether directly or indirectly);
Data Protection Addendum means the data protection addendum identifying certain respective rights and obligations of the parties’ in respect of personal data and privacy under our Agreement (as Updated from time to time), set out at Schedule 3;
Description means the description of the relevant Subscribed Service which as at Order Acceptance is the latest version available at www.esendex.co.uk and as set out in any Statement of Work;
Fees means the Subscription Fees together with any other amounts payable to the Supplier under our Agreement;
Force Majeure means an event or sequence of events beyond a party’s reasonable control preventing or delaying it from performing its obligations under our Agreement (provided that an inability to pay is not Force Majeure), including any matters relating to transfer of data over public communications networks and any delays or problems associated with any such networks or with the internet;
Intellectual Property Rights means any and all copyright, rights in inventions, patents, know-how, trade secrets, trade marks and trade names, service marks, design rights, rights in get-up, database rights and rights in data, domain names and all similar rights and, in each case whether registered or not;
Minimum Monthly Volume means the agreed minimum number of Transactions in any month as set out in the Order;
Network Operator means any telecommunications network operator;
Order means the electronic or physical form (including its schedules, annexes and appendices (if any)) ordering the Subscribed Services and containing the Special Terms entered into by or on behalf of the Customer and Supplier, incorporating these Terms and Conditions and our Agreement (and as varied by the parties by agreement in writing from time to time);
Order Acceptance means the effective date of the relevant Order;
Permitted Purpose means use solely for the Customer’s internal business operations and, in respect of each Subscribed Services, also for the internal business of operations of the Authorised Affiliates identified in respect of that Subscribed Service on the Order, in accordance with our Agreement. Permitted Purpose expressly excludes any of the following to the maximum extent permitted by law:
- (a) copying, reproducing, distributing, redistributing, transmitting, modifying, adapting, editing, abstracting, selling, licensing, leasing, renting, assigning, transferring, disclosing (in each case whether or not for charge) or in any way commercially exploiting any part of any Subscribed Service;
- (b) permitting any use of any Subscribed Service in any manner by any third party (including permitting use in connection with any timesharing or service bureau, outsourced or similar service to third parties or making any Subscribed Service (or any part) available to any third party or allowing or permitting a third party to do any of the foregoing (other than to the Authorised Affiliates for the Permitted Purpose));
- (c) combining, merging or otherwise permitting any Subscribed Service (or any part of it or any Application) to become incorporated in any other program or service, or arranging or creating derivative works based on it (in whole or in part); or
- (d) attempting to reverse engineer, observe, study or test the functioning of or decompile the Services (or any part),
except as expressly permitted under our Agreement.
Policies means each of the following:
- (a) the Supplier’s policy on acceptable use of the Services (as Updated from time to time), which as at Order Acceptance is the latest version available at the Acceptable Use Policy;
- (b) the Supplier’s policy on information security and in relation to the Services (as Updated from time to time), which as at Order Acceptance is the latest version available at the Information Security Policy;
Regulator means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority;
Relief Event means:
- (a) any breach of our Agreement by the Customer; or
- (b) any Force Majeure;
Retail Prices Index or RPI means the All Items Retail Prices Index as published by the UK Office for National Statistics;
Service Commencement Date means the date on which the Supplier commences provision of the services as set out in an Order;
Services means the Subscribed Services and the Support Services;
Special Terms means the additional terms set out in an Order;
Statement of Work means the statement of work setting out the detailed specification of the Subscribed Service;
Subscribed Service Period means in respect of each Subscribed Service, the duration during which such services are to be provided as initially set out in the Order, and including Renewals, commencing on the Service Commencement Date;
Subscribed Services means each service to which the Customer has subscribed as set out in the Order (and Subscribed Service shall refer to each respective service separately)
Subscription Fee means, in respect of each Subscribed Service, the fees payable by the Customer in consideration of that Subscribed Service as set out in the Order;
Supplier’s Confidential Information means all information (whether in oral, written or electronic form) relating to the Supplier’s business which may reasonably be considered to be confidential in nature including information relating to the Supplier’s technology, know-how, Intellectual Property Rights, information security controls, processes and policies, assets, finances, strategy, products and customers. All information relating to technical or operational specifications or data relating to each Subscribed Service shall be part of the Supplier’s Confidential Information;
Support Hours means 0900 to 1730 Monday to Friday (excluding bank holidays);
Support Services means, in respect of the relevant Subscribed Service, the support services provided by the Supplier to the Customer as set out in Schedule 2;
Terms and Conditions means the terms and conditions set out in the clauses and other provisions of this document (including the schedules);
Transaction means any SMS, RCS, MMS, email, voice or other format message sent or received; (ii) any voicemail received: (iii) any voice call made or received; (iv) any GSM or GPS device detection; and (v) any other form of communication accessed or engaged in, using the Service;
Trial Service means any Subscribed Service identified as being provided on a trial basis (for the duration of the period during which it is provided on such basis);
Update has the meaning given in clause 4.1, and Updated shall be construed accordingly; and
VATmeans United Kingdom value added tax, any other tax imposed in substitution for it and any equivalent or similar tax imposed outside the United Kingdom.
2In our Agreement, unless otherwise stated:
2.1 the table of contents, background section and the clause, paragraph, schedule or other headings in our Agreement are included for convenience only and shall have no effect on interpretation;
2.2 the Supplier and the Customer are together the parties and each a party, and a reference to a ‘party’ includes that party’s successors and permitted assigns;
2.3 words in the singular include the plural and vice versa;
2.4 any words that follow ‘include’, ‘includes’, ‘including’, ‘in particular’ or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding those words;
2.5 a reference to ‘writing’ or ‘written’ includes any method of reproducing words in a legible and non-transitory form (including email); and
2.6 a reference to specific legislation is a reference to that legislation as amended, extended, re-enacted or consolidated from time to time and a reference to legislation includes all subordinate legislation made as at the date of our Agreement under that legislation.
1 If the Customer requires any Support Services the Customer shall contact the Supplier’s support team as follows:
|Territory||Telephone||Website and Chat|
|UKemail@example.com||0345 356 5759||https://support.esendex.co.uk/contact/|
|Irelandfirstname.lastname@example.org||01 631 9410||https://support.esendex.ie/contact/|
|Spainemail@example.com||900 800 470||https://support.esendex.es/contacto/|
|Francefirstname.lastname@example.org||0800 940 236||https://support.esendex.fr/contactez-nous/|
|Australiaemail@example.com||1300 764 946||https://support.esendex.com.au/contact/|
|Germanyfirstname.lastname@example.org||+49 (0)351 8503 3399||https://support.esendex.de/kontakt/|
2 The Supplier shall respond to all queries within 4 working hours of receipt.
3 When reporting an issue, the Customer should provide the Supplier with the following information to ensure a swift resolution:
3.1 the Customer’s company name;
3.2 the customer number or EX reference for the Customer;
3.3 the Customer’s username; and
3.4 a full problem description and details of any error messages with examples including recipient telephone numbers.
4 In the majority of instances the Supplier’s support team can resolve issues. However, there may be times that issues need escalation either internally or externally, and at this time the Supplier’s support team remains the point of contact and will work with our other teams (internal and external) to provide a solution.
5 Issue resolution may necessitate a work around before a permanent solution can be implemented. A workaround may include a logical change in the Supplier’s systems, where a permanent solution may include a version release, patch or physical change
Third party or Supplier Escalation
6 If an issue is identified as a third party or Network Operator problem, this will be escalated within 1 working day of identification. Regular updates will be provided and the Supplier’s support team and the Supplier will work with these parties to resolve the issue.
Data Protection Addendum
1.1 In this Data Protection Addendum defined terms shall have the same meaning, and the same rules of interpretation shall apply as in the remainder of our Agreement. In addition in this Data Protection Addendum the following definitions have the meanings given below:
Applicable Law means applicable laws of the European Union (EU), the European Economic Area (EEA) or any of the EU or EEA’s member states from time to time together with applicable laws in the United Kingdom from time to time;
Appropriate Safeguards means such legally enforceable mechanism(s) for Transfers of Personal Data as may be permitted under Data Protection Laws from time to time;
Controller has the meaning given to that term in Data Protection Laws;
Data Protection Laws means all Applicable Laws relating to the processing, privacy and/or use of Personal Data, as applicable to either party or the Services, including the following laws to the extent applicable in the circumstances:
(a) The GDPR;
(b) The Data Protection Act 2018
(c) any laws which implement any such laws; and
(d) any laws which replace, extend, re-enact, consolidate or amend any of the foregoing (including where applicable, the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of the European Union (Withdrawal) Act 2018 as modified by applicable domestic law from time to time);
Data Protection Losses means all liabilities, including all:
(a) costs (including legal costs), claims, demands, actions, settlements, interest, charges, procedures, expenses, losses and damages (including relating to material or non-material damage); and
(b) to the extent permitted by Applicable Law:
(i) administrative fines, penalties, sanctions, liabilities or other remedies imposed by a Supervisory Authority;
(ii) compensation which is ordered by a Supervisory Authority to be paid to a Data Subject; and
(iii) the reasonable costs of compliance with investigations by a Supervisory Authority;
Data Subject has the meaning given to that term in Data Protection Laws;
Data Subject Request means a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;
GDPR means the General Data Protection Regulation, Regulation (EU) 2016/679;
Personal Data has the meaning given to that term in Data Protection Laws;
Personal Data Breach means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Protected Data;
Processing has the meanings given to that term in Data Protection Laws (and related terms such as process have corresponding meanings);
Processing Instructions has the meaning given to that term in paragraph 3.1.1;
Processor has the meaning given to that term in Data Protection Laws;
Protected Data means Personal Data in the Customer Data;
Restricted Transfer means a transfer of Protected Data from the Customer to the Supplier which would be prohibited by Data Protection Laws in the absence of the Customer and Supplier entering into the Standard Contractual Clauses.
Standard Contractual Clauses means the standard contractual clauses adopted by the European Commission as an appropriate safeguard to comply with the GDPR restricted transfer rules;
Sub-Processor means another Processor engaged by the Supplier for carrying out processing activities in respect of the Protected Data on behalf of the Customer;
Supervisory Authority means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws;
Terms and Conditions means the latest version of the Supplier’s terms and conditions, as Updated from time to time;
Transfer bears the same meaning as the word ‘transfer’ in Article 44 of the GDPR (or the extent wider the definition of ‘transfer’ in equivalent provisions of UK Data Protection Laws). Related expressions such as Transfers and Transferring shall be construed accordingly; and
UK Data Protection Laws means Data Protection Laws that form part of the law of England and Wales, Scotland and/or Northern Ireland from time to time.
2 Processor and Controller
2.1The parties agree that, for the Protected Data, the Customer shall be the Controller and the Supplier shall be the Processor. Nothing in this Agreement relieves the Customer of any responsibilities or liabilities under any Data Protection Laws.
2.2The Supplier shall process Protected Data in compliance with:
2.2.1 the obligations under Data Protection Laws in respect of the performance of its and their obligations under our Agreement; and
2.2.2 the terms of our Agreement.
2.3 The Customer shall ensure that it, its Affiliates and each Authorised User shall at all times comply with:
2.3.1 all Data Protection Laws in connection with the processing of Protected Data, the use of the Services (and each part) and the exercise and performance of its respective rights and obligations under our Agreement, including maintaining all relevant regulatory registrations and notifications as required under Data Protection Laws; and
2.3.2 the terms of our Agreement.
2.4 The Customer warrants, represents and undertakes, that at all times:
2.4.1 all Protected Data (if processed in accordance with our Agreement) shall comply in all respects, including in terms of its collection, storage and processing, with Data Protection Laws;
2.4.2 all Protected Data shall comply with clause 9.2 of the Terms and Conditions;
2.4.3 fair processing and other information notices have been provided to the Data Subjects of the Protected Data (and all necessary consents from such Data Subjects obtained and at all times maintained) to the extent required by Data Protection Laws in connection with all processing activities in respect of the Protected Data which may be undertaken by the Supplier and its Sub-Processors in accordance with our Agreement;
2.4.4 the Protected Data is accurate and up to date;
2.4.5 it shall maintain complete and accurate backups of all Protected Data provided to the Supplier (or anyone acting on its behalf) so as to be able to immediately recover and reconstitute such Protected Data in the event of loss, damage or corruption of such Protected Data by the Supplier or any other person; and
2.4.6 all instructions given by it to the Supplier in respect of Personal Data shall at all times be in accordance with Data Protection Laws.
3Instructions and details of processing
3.1Insofar as the Supplier processes Protected Data on behalf of the Customer, the Supplier:
3.1.1 unless required to do otherwise by Applicable Law, shall (and shall take steps to ensure each person acting under its authority shall) process the Protected Data only on and in accordance with the Customer’s documented instructions as set out in this paragraph 3.1 and paragraphs 3.3 and 3.4, as Updated from time to time (Processing Instructions);
3.1.2 if Applicable Law requires it to process Protected Data other than in accordance with the Processing Instructions, shall notify the Customer of any such requirement before processing the Protected Data (unless Applicable Law prohibits such information on important grounds of public interest); and
3.1.2 shall promptly inform the Customer if the Supplier becomes aware of a Processing Instruction that, in the Supplier’s opinion, infringes Data Protection Laws, and to the maximum extent permitted by mandatory law, the Supplier shall have no liability howsoever arising (whether in contract, tort (including negligence) or otherwise) for any losses, costs, expenses or liabilities (including any Data Protection Losses) arising from or in connection with any processing in accordance with the Customer’s Processing Instructions following the Customer’s receipt of that information.
3.3The Customer acknowledges and agrees that the execution of any computer command to process (including deletion of) any Protected Data made in the use of any of the Subscribed Services by an Authorised User will be a Processing Instruction. The Customer shall ensure that Authorised Users do not execute any such command unless authorised by the Customer (and by all other relevant Controller(s)) and acknowledge that if any Protected Data is deleted pursuant to any such command the Supplier is under no obligation to seek to restore it.
3.4Subject to the Order, the processing of the Protected Data by the Supplier under our Agreement shall be for the subject-matter, duration, nature and purposes and involve the types of Personal Data and categories of Data Subjects set out in Annex 1.
4 Technical and organisational measure
4.1 Taking into account the nature of the processing, the Supplier shall implement and maintain appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Protected Data and against accidental loss or destruction of, or damage to, Protected Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the Protected Data to be protected, having regard to the state of technological development.
5 Using staff and other processors
5.1 The Customer hereby gives the Processor a general authorisation to appoint the Sub-Processors listed on the Supplier’s webpage at www.esendex.co.uk/subprocessors (Website). The Supplier can update the Website from time to time and will inform the Customer by email of any update, provided that the Customer registers an email address on the Website. The Customer shall have the opportunity to object to any addition or replacement by notification in writing to the Supplier, within 20 days of a change being made. In the event of an objection, the Supplier is entitled to terminate this Agreement if the Services become impossible without the addition or replacement of the relevant sub-processor.
5.2 The Supplier shall:
5.2.1 prior to the relevant Sub-Processor carrying out any processing activities in respect of the Protected Data, appoint each Sub-Processor under a written contract containing materially the same obligations as under paragraphs 2 to 12 (inclusive) that is enforceable by the Supplier (including those relating to sufficient guarantees to implement appropriate technical and organisational measures);
5.2.2 ensure each such Sub-Processor complies with all such obligations; and
5.2.3 remain fully liable for all the acts and omissions of each Sub-Processor as if they were its own.
5.3 The Supplier shall ensure that all persons authorised by it (or by any Sub-Processor) to process Protected Data are subject to a binding written contractual obligation to keep the Protected Data confidential (except where disclosure is required in accordance with Applicable Law, in which case the Supplier shall, where practicable and not prohibited by Applicable Law, notify the Customer of any such requirement before such disclosure).
6 Assistance with compliance and Data Subject rights
6.1 The Supplier shall refer all Data Subject Requests it receives to the Customer without undue delay.
6.2 The Supplier shall provide such reasonable assistance as the Customer reasonably requires (taking into account the nature of processing and the information available to the Supplier) to the Customer in ensuring compliance with the Customer’s obligations under Data Protection Laws with respect to:
6.2.1 security of processing;
6.2.2 data protection impact assessments (as such term is defined in Data Protection Laws);
6.2.3 prior consultation with a Supervisory Authority regarding high risk processing; and
6.2.4 notifications to the Supervisory Authority and/or communications to Data Subjects by the Customer in response to any Personal Data Breach.
7 International data transfers
7.1 Where the transfer of Protected Data from the Customer to the Supplier amounts to a Restricted Transfer, the Standard Contractual Clauses shall apply to this Data Protection Addendum. In the event of any conflict or inconsistency between the terms of this Data Protection Addendum and the Standard Contractual Clauses, the Standard Contractual Clauses shall apply.
7.2 The Supplier shall not Transfer any Protected Data to any country outside of the UK or EEA unless:
7.2.1 such Transfer is solely for the purpose set out in Annex 1;
7.2.2 an adequacy decision has been made in relation to the relevant country or Appropriate Safeguards are in place;
7.2.3 the Data Subject has enforceable rights and effective legal remedies; and
7.2.4 such Transfer is in accordance with Data Protection Laws and our Agreement and the provisions of our Agreement shall constitute the Customer’s instructions with respect to Transfers in accordance with paragraph 3.1.1.
8 Information and audit
8.1 The Supplier shall maintain, in accordance with Data Protection Laws binding on the Supplier, written records of all categories of processing activities carried out on behalf of the Customer.
8.2 The Supplier shall, on request by the Customer, in accordance with Data Protection Laws, make available to the Customer such information as is reasonably necessary to demonstrate the Supplier’s compliance with its obligations under this Data Protection Addendum and Article 28 of the GDPR (and under any Data Protection Laws equivalent to that Article 28), and allow for audits, including inspections, by the Customer (or another auditor mandated by the Customer) for this purpose provided:
8.2.1 such audit, inspection or information request is reasonable, limited to information in the Supplier’s (or any Sub-Processor’s) possession or control and is subject to the Customer giving the Supplier reasonable prior notice of such audit, inspection or information request;
8.2.2 the Customer pays the Supplier’s reasonable costs in allowing any audit or inspection (unless such audit or inspection is required by a Supervisory Authority or due to a breach by the Supplier of this Data Protection Addendum);
8.2.3 the parties (each acting reasonably and consent not to be unreasonably withheld or delayed) shall agree the timing, scope and duration of the audit, inspection or information release together with any specific policies or other steps with which the Customer or third party auditor shall comply (including to protect the security and confidentiality of other customers, to ensure the Supplier is not placed in breach of any other arrangement with any other customer and so as to comply with the remainder of this paragraph 8.2);
8.2.4 the Customer’s rights under this paragraph 8.2 may only be exercised once in any consecutive 12 month period, unless otherwise required by a Supervisory Authority or if the Customer (acting reasonably) believes the Supplier is in breach of this Data Protection Addendum;
8.2.5 the Customer shall promptly report any non-compliance identified by the audit, inspection or release of information to the Supplier;
8.2.6 the Customer shall ensure that all information obtained or generated by the Customer or its auditor(s) in connection with such information requests, inspections and audits is kept strictly confidential (save for disclosure required by Applicable Law);
8.2.7 the Customer shall ensure that any such audit or inspection is undertaken during normal business hours, with minimal disruption to the businesses of the Supplier and each Sub-Processor; and
8.2.8 the Customer shall ensure that each person acting on its behalf in connection with such audit or inspection (including the personnel of any third party auditor) shall not by any act or omission cause or contribute to any damage, destruction, loss or corruption of or to any systems, equipment or data in the control or possession of the Supplier or any Sub-Processor whilst conducting any such audit or inspection.
9 Breach notification
9.1 In respect of any Personal Data Breach involving Protected Data, the Supplier shall, without undue delay:
9.1.1 notify the Customer of the Personal Data Breach; and
9.1.2 provide the Customer with details of the Personal Data Breach.
10 Deletion of Protected Data and copies
Following the end of the provision of the Services (or part) relating to the processing of Protected Data the Supplier shall dispose of Protected Data in accordance with its obligations under this Agreement. the Supplier shall have no liability (howsoever arising, including in negligence) for any deletion or destruction of any such Protected Data undertaken in accordance with our Agreement.
11 Compensation and claims
11.1 Subject to clause 13 of the Terms and Conditions, the Supplier shall be liable for Data Protection Losses (howsoever arising, whether in contract, tort (including negligence) or otherwise) under or in connection with our Agreement:
11.1.1 only to the extent caused by the processing of Protected Data under our Agreement and directly resulting from the Supplier’s breach of our Agreement; and
11.1.2 in no circumstances to the extent that any Data Protection Losses (or the circumstances giving rise to them) are contributed to or caused by any breach of our Agreement by the Customer (including in accordance with paragraph 3.1.3(b)).
11.2 If a party receives a compensation claim from a person relating to processing of Protected Data in connection with our Agreement or the Services, it shall promptly provide the other party with notice and full details of such claim. The party with conduct of the action shall:
11.2.1 make no admission of liability nor agree to any settlement or compromise of the relevant claim without the prior written consent of the other party (which shall not be unreasonably withheld or delayed); and
11.2.2 consult fully with the other party in relation to any such action but the terms of any settlement or compromise of the claim will be exclusively the decision of the party that is responsible under our Agreement for paying the compensation.
11.3 This paragraph 11 is intended to apply to the allocation of liability for Data Protection Losses as between the parties, including with respect to compensation to Data Subjects, notwithstanding any provisions under Data Protection Laws to the contrary, except:
11.3.1 to the extent not permitted by Applicable Law (including Data Protection Laws); and
11.3.2 that it does not affect the liability of either party to any Data Subject.
This Data Protection Addendum shall survive termination (for any reason) or expiry of our Agreement and continue until no Protected Data remains in the possession or control of the Supplier or any Sub-Processor, except that paragraphs 10 to 12 (inclusive) shall continue indefinitely
Annex 1 Data Processing Details
Subject-matter of processing:
Sending business communications
Duration of the processing:
Until the earlier of final termination or final expiry of our Agreement, except as otherwise expressly stated in our Agreement
Nature and purpose of the processing:
Processing in accordance with the rights and obligations of the parties under our Agreement;
Processing as reasonably required to provide the Services;
Processing as initiated, requested or instructed by Authorised Users in connection with their use of the Services, or by the Customer, in each case in a manner consistent with our Agreement; and/or
In relation to each Subscribed Service, otherwise in accordance with the nature and purpose identified in its Order;
Type of Personal Data:
Mobile Number; and
as further described in an Order.
Categories of Data Subjects:
Customers and/or employees of the Customer