Terms and Conditions for Supply of Services

Application and entire agreement

1. These Terms and Conditions apply to the provision of the services detailed in our quotation, (Services)by Infosec Cloud Ltd. a company registered in England and Wales under number 06035236 whose registered office is at Unit 6, Elmwood, Chineham Business Park, Basingstoke, Hampshire, RG24 8WG (we or us) to the person buying the services (you).

2. You are deemed to have accepted these Terms and Conditions when you accept our quotation or from the date of any performance of the Services (whichever happens earlier) and these Terms and Conditions and our quotation (the Contract) are the entire agreement between us.

3. These Conditions apply to the Contract to the exclusion of any other terms that you try to impose or incorporate, or which are implied by trade, custom, practice or course of dealing.

Interpretation

4. A "business day" means any day other than a Saturday, Sunday or bank holiday in England and Wales.

5. The headings in these Terms and Conditions are for convenience only and do not affect their interpretation.

6.  Words imparting the singular number shall include the plural and vice-versa. 

Services

7. We warrant that we will use reasonable care and skill in our performance of the Services which will comply with the quotation, including any specification in all material respects. We can make any changes to the Services which are necessary to comply with any applicable law or safety requirement, and we will notify you if this is necessary.

8. We will use our reasonable endeavours to complete the performance of the Services within the time agreed or as set out in the quotation; however, time shall not be of the essence in the performance of our obligations.

9. All of these Terms and Conditions apply to the supply of any goods as well as Services unless we specify otherwise.

Your obligations

10.  You must obtain any permissions, consents, licences or otherwise that we need and must give us access to any and all relevant information, materials, properties and any other matters which we need to provide the Services.

a.  In regards the provision of the SATT, GDPR and MPAS services, the only requirement is for “relevant information” is; end users email addresses.

11.  If you do not comply with clause 10, we can terminate the Services.

12.  We are not liable for any delay or failure to provide theServices if this is caused by your failure to comply with the provisions of this section (Your obligations).

Fees

13.  The fees (Fees) and the terms of payment for the Services are set out in the quotation.  The service term is a minimum of 12 months from confirmed date of order.

14.  In addition to the Fees, we can recover from you a) reasonable incidental expenses including, but not limited to, travelling expenses, hotel costs, subsistence and any associated expenses, if agreed in writing in advance.

b) the cost of services provided by third parties and required by us for the performance of the Services, and c) the cost of any materials required for the provision of the Services.

a. SATT, GDPR and MPAS do not incur incidental expenses (a)third party expenses (b) or additional materials expenses (c).

15.  You must pay us for any additional services provided by us that are not specified in the quotation in accordance with our then current, applicable daily rate in effect at the time of performance or such other rate as may be agreed in writing between us. The provisions of clause 14 also apply to these additional services.

a. The only additional services incurring a cost are for additional policies on the MPAS service and are clearly defined at the quotation stage.

16.  The Fees are exclusive of any applicable VAT and other taxes or levies which are imposed or charged by any competent authority.

Cancellation and amendment

17.  We can withdraw, cancel or amend a quotation if it has not been accepted by you, or if the Services have not started, within a period of 14 days from the date of the quotation, (unless the quotation has been withdrawn).

18.  Either we or you can cancel an order for any reason prior to your acceptance (or rejection) of the quotation.

19.  If you want to amend any details of the Services, you must tell us in writing as soon as possible. We will use reasonable endeavours to make any required changes and additional costs will be included in the Fees and invoiced to you.

20.  If, due to circumstances beyond our control, including those set out in the clause below (Circumstances beyond a party's control), we have to make any change in the Services or how they are provided, we will notify you immediately. We will use reasonable endeavours to keep any such changes to a minimum.

Payment

21.  We will invoice you for payment of the Fees in accordance with the terms of payment we have agreed on receipt of a Purchase Order or Purchase Confirmation

22.  Infosec Cloud standard payment terms are that you must pay the Fees due within21 days of the date of our invoice or otherwise in accordance with any credit terms agreed between us.

23.  Without limiting any other right or remedy we have for statutory interest, if you do not pay within the period set out above, we will charge you interest at the rate of 2% per annum above the base lending rate of the Bank of England from time to time on the amount outstanding until payment is received in full.

24.  All payments due under these Terms and Conditions must be made in full without any deduction or withholding except as required by law and neither of us can assert any credit, set- off or counterclaim against the other in order to justify withholding payment of any such amount in whole or in part.

25.  If you do not pay within the period set out above, we can suspend any further provision of the Services and cancel any future services which have been ordered by, or otherwise arranged with, you.

26.  Receipts for payment will be issued by us only at your request.

27.  All payments must be made in BritishPounds unless otherwise agreed in writing between us.

Renewal

28.  This agreement shall be renewable at the end of the current term for a successive twelve

(12)month term unless either party gives written notice of its intention not to renew three (3) months before expiration of the current term.

Sub-Contracting and assignment

29.  Subject to clause 45, we can at any time assign, transfer, charge, subcontract or deal in any other manner with all or any of our rights under these Terms and Conditions and can subcontract or delegate in any manner any or all of our obligations to any third party.

a. In regards the service provision of SATT, GDPR and MPAS, this condition is void as it is not required.

30.  You must not, without our prior written consent, assign, transfer, charge, subcontract or deal in any other manner with all or any of your rights or obligations under theseTerms and Conditions.

a. In regards the service provision of SATT, GDPR and MPAS, this condition is void as it is not required.

Termination

31.  We can terminate the provision of the Services immediately if you:

a.  commit a material breach of your obligations under theseTerms and Conditions; or

b.  fail to make pay any amount due under the Contract on the due date for payment;

32.  Either party can terminate the provision of the Services immediately if they:

a. are or become or, in our reasonable opinion, are about to become, the subject of a bankruptcy order or take advantage of any other statutory provision for the relief of insolvent debtor; or

b. enter into a voluntary arrangement under Part 1 of theInsolvency Act 1986, or any other scheme or arrangement is made with its creditors; or

c. convene any meeting of a creditors, enter into voluntary or compulsory liquidation, have a receiver, manager, administrator or administrative receiver appointed in respect of the assets or undertakings or any part of them, any documents are filed with the court for the appointment of an administrator in respect of the individual or organisation, notice of intention to appoint an administrator is given by the organisation or any directors or by a qualifying floating charge holder (as defined in para. 14 ofSchedule B1 of the Insolvency Act 1986), a resolution is passed, or petition presented to any court for the winding up or for the granting of an administration order in respect of the individual or organisation, or any proceedings are commenced relating to the insolvency or possible insolvency.

Intellectual property

33.  We reserve all copyright and any other intellectual property rights which may subsist in any goods supplied in connection with the provision of the Services. We reserve the right to take any appropriate action to restrain or prevent the infringement of such intellectual property rights.

34.  All services, and content thereof, provided, if not tampered with, are the responsibility of Infosec Cloud and therefore solely our liability responsibility in the event of a    3rd party claim.

Liability and indemnity

35.  Our liability under these Terms and Conditions, and in breach of statutory duty, and in tort or misrepresentation or otherwise, shall be limited as set out in this clause.  Any limitation of liability does not apply to any breaches of clauses 40-47 and for any breach or loss of the Customer’s personal data whether by the Service Provider or any of its employees, agents or sub-contractors.

36.  The total amount of our liability is limited to the total amount of Fees payable by you under the Contract.

37. We are not liable (whether caused by our employees, agents or otherwise) in connection with our provision of the Services or the performance of any of our other obligations under theseTerms and Conditions or the quotation for:

a.  any indirect, special or consequential loss, damage, costs, or expenses or;

b.any loss of profits; loss of anticipated profits; loss of business; loss of data; loss of reputation or goodwill; business interruption; or, other third party claims; or

c. any failure to perform any of our obligations if such delay or failure is due to any cause beyond our reasonable control; or

d. any losses caused directly or indirectly by any failure or your breach in relation to your obligations; or

e. any losses arising directly or indirectly from the choice of Services and how they will meet your requirements or your use of the Services or any goods supplied in connection with the Services.

38.  You must indemnify us against all damages, costs, claims and expenses suffered by us arising from any loss or damage to any equipment(including that belonging to third parties) caused by you or your agents or employees up to the amount of Fees paid by you in the contract year in which the right of indemnification accrues.

a. In regards the service provision of SATT, GDPR and MPAS, this condition is void as equipment is not required.

39.  Nothing in these Terms and Conditions shall limit or exclude our liability for death or personal injury caused by our negligence, or for any fraudulent misrepresentation, or for any other matters for which it would be unlawful to exclude or limit liability.

Data Protection

40.  When supplying the Services to the Customer, the ServiceProvider may gain access to and/or acquire the ability to transfer, store or process personal data of employees of the Customer.

41.  The parties agree that where such processing of personal data takes place, the Customer shall be the 'data controller' and the ServiceProvider shall be the 'data processor' as defined in the General DataProtection Regulation (GDPR) as maybe amended, extended and/or re- enacted from time to time.

a. In regards the service provision of SATT, GDPR and MPAS, Infosec Cloud only require the e-mail addresses of the Customer. These are used to communicate our training, education and/or compliance services and data is stored in our Tier 3 Hosting Centre in the UK.

42.  For the avoidance of doubt, 'Personal Data','Processing', 'Data Controller', 'Data Processor' and 'Data Subject' shall have the same meaning as in the GDPR.

43. The Service Provider shall only Process Personal Data to the extent reasonably required to enable it to supply the Services as mentioned in these terms and conditions or as requested by and agreed with the Customer, shall not retain any Personal Data longer than necessary for the Processing and refrain from Processing any Personal Data for its own or for any third party's purposes.

44.  The Service Provider shall not disclose Personal Data to any third parties other than employees, directors, agents, sub-contractors or advisors on a strict need-to-know basis and only under the same (or more extensive) conditions as set out in these terms and conditions or to the extent required by applicable legislation and/or regulations.

45.  Prior to sub-contracting the processing of any personal data, the Service Provider shall seek approval from the Customer.

46.  The Service Provider shall implement and maintain technical and organisational security measures as are required to protectPersonal Data Processed by the Service Provider on behalf of the Customer.

47.  Further information about the Service Provider's approach to data protection are specified inits Data Protection Policy, which can be found https://www.infosec-cloud.com/gdpr-statement. For any enquiries or complaints regarding data privacy, you can contact our Data Protection Officer at the following e-mail address: dpo@infosec-cloud.com.

Circumstances beyond a party's control

48.  Neither of us is liable for any failure or delay in performing our obligations where such failure or delay results from any cause that is beyond the reasonable control of that party. Such causes include, but are not limited to: power failure,Internet Service Provider failure, industrial action, civil unrest, fire, flood, storms, earthquakes, acts of terrorism, acts of war, governmental action or any other event that is beyond the control of the party in question.If the delay continues for a period of 90 days, either of us may terminate or cancel the Services to be carried out under these Terms and Conditions.

Communications

49.  All notices under these Terms and Conditions must be in writing and signed by, or on behalf of, the party giving notice (or a duly authorised officer of that party).

50.  Notices shall be deemed to have been duly given:

a. when delivered, if delivered by courier or other messenger(including registered mail) during the normal business hours of the recipient;

b. when sent, if transmitted by fax or email and a successful transmission report or return receipt is generated;

c.  on the fifth business day following mailing, if mailed by national ordinary mail; or

d.  on the tenth business day following mailing, if mailed by airmail. 

51.  All notices under these Terms and Conditions must be addressed to the most recent address, email address or fax number notified to the other party.

No waiver

52.  No delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy nor stop further exercise of any other right, or remedy.

Severance

53.  If one or more of these Terms and Conditions is found to be unlawful, invalid or otherwise unenforceable, that / those provisions will be deemed severed from the remainder of these Terms and Conditions (which will remain valid and enforceable).

Compliance with Laws

54.  The parties agree that during their dealings they will comply with all relevant laws and regulations, including the Modern Slavery Act 2015 and the Bribery Act 2010.

Law and jurisdiction

55.  This Agreement shall be governed by and interpreted according to the law of England and Wales and all disputes arising under theAgreement (including non-contractual disputes or claims) shall be subject to the exclusive jurisdiction of the English and Welsh courts.

Last updated: 29/10/2019