Terms and Conditions
Please read these Terms and Conditions carefully, which cover Expandi’s Master Subscription Agreement (MSA). All contracts that the Provider may enter into from time to time for the provision of the Subscription Services and related services shall be governed by these Terms and Conditions,. The Provider reserves the right to amend these Terms and Conditions from time to time.
Except to the extent expressly provided otherwise, in these Terms and Conditions:
"Account" means an account enabling a person to access and use the Subscription Services, including both administrator accounts and user accounts;
"Affiliate" means an entity that Controls, is Controlled by, or is under common Control with the relevant entity;
"Agreement" means a contract between the parties incorporating these Terms and Conditions and the Services Order Form, and any amendments to these agreed by the parties in writing from time to time;
"Business Day" means any weekday other than a bank or public holiday in England;
"Business Hours" means the hours of 09:00 to 17:30 GMT/BST on a Business Day;
"Subscription Fees" means the following amounts:
"Control" means the legal power to control (directly or indirectly) the management of an entity (and “Controlled” should be construed accordingly);
"Customer" means the entity identified as such in Section 1 of the Services Order Form;
"Agency Partner Customer" means the entity identified as a Expandi accredited Agency Partner or Reseller of subscription services produced by the Provider and as such in Section 1 of the Services Order Form;
"Customer Confidential Information" means:
"Customer Data" means all data (including without limitation Customer Personal Data), works and materials: uploaded to or stored on the Platform by the Customer; transmitted by the Platform at the instigation of the Customer; generated by the Platform as a result of the use of the Subscription Services by the Customer;
"Contact Personal Data" means Personal Data that is processed by the Provider or its Subprocessors (as the term is defined in the Data Processing Agreement attached hereto as Schedule 4) on behalf of the Customer in relation to the Agreement and shall include: Contact Data, full names of contacts, email addresses, job titles, telephone numbers, business postal addresses, social media profile account information and marketing campaign event details.
"Documentation" means the documentation for the Subscription Services produced by the Provider and attached at Schedule 5;
"Data Processing Agreement" means the agreement that sets out the obligations and rights of the parties in relation to Customer Personal Data processed under this Agreement, and which forms Schedule 4 attached hereto.
"Data Protection Laws" or "DPL" means all applicable data protection and privacy legislation in force from time to time in the UK including the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended or superseded from time to time, the EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws or regulations of any other country;
"Effective Date" the date on which Customer and Provider enter into a Services Order Form;
"EU Data Protection Laws" means the EU General Data Protection Regulation 2016/679 ("GDPR") and any other European Union legislation relating to personal data and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of personal data (including, without limitation, the privacy of electronic communications);
"Force Majeure Event" means an event, or a series of related events, that is outside the reasonable control of the party affected (including failures of the internet or any public telecommunications network, reasonably unavoidable: hacker attacks, denial of service attacks, virus or other reasonably unavoidable malicious software attacks or infections or power failures, industrial disputes affecting any third party, changes to the law, disasters, explosions, fires, floods, riots, terrorist attacks and wars);
"Identified Contacts" means contact details of individuals working for the Selected Companies that match the Target Roles;
"Subscription Services" means the hosted services, as specified in the Subscription Services Specification section 2 of the Services Order Form, which will be made available by the Provider to the Customer as a Subscription Service via the internet in accordance with these Terms and Conditions;
"Subscription Services Defect" means a defect, error or bug in the Platform having a material adverse effect on the appearance, operation, functionality or performance of the Subscription Services, but excluding any defect, error or bug caused by or arising as a result of:
"Subscription Services Specification" means the specification for the Platform and Subscription Services set out in Section 2 of the Services Order Form and in the Documentation;
"Intellectual Property Rights" means all intellectual property rights wherever in the world, whether registrable or unregistrable, registered or unregistered, including any application or right of application for such rights (and these “intellectual property rights” include copyright and related rights, database rights, source code, business names, trade names, trade marks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semi-conductor topography rights and rights in designs);
"Maintenance Services" means the general maintenance of the Platform and Subscription Services, and the application of Updates and Upgrades as defined within Schedule 2 of this agreement;
"Minimum Term" means, in respect of the Agreement, the period of 12 months beginning on the Effective Date;
"Permitted Purpose" means the access and use of the Platform in accordance with these Terms and Conditions of use;
"Personal Data" has the meaning given to it in the General Data Protection Regulation, Regulation (EU) 2016/679;
"Companies Data" means the data (including Personal Data) that has been obtained by the Provider from multiple third-party sources in respect of the company types that the Customer has included in its dashboard profile as those that it is interested in marketing to;
"Contact Data" means the data received by the Provider from the Contact Data Sources about the Identified Contacts, which will likely include: first name, surname, employer, job description and office contact information (when Personal Data, the Provider uses publicly available sources);
"Contact Data Sources" means the Provider’s third-party vendors and sources. Within a request to the Contact Data Sources, the Provider sets out the Selected Companies and Target Roles. Subsequently, the Contact Data sources supply the Provider with all contact data it holds of individuals working for the Selected Companies that match the Target Roles;
"Personal Data Breach" shall have the meaning ascribed to it in Article 4(12) of the GDPR;
"Platform" means the Expandi platform owned, operated and managed by the Provider and used by the Provider to provide the Subscription Services, including the application and database software for the Subscription Services, the system and server software used to provide the Subscription Services, and the computer hardware on which that application, database, system and server software is installed;
"Provider" means Expandi Limited, a company incorporated in England and Wales registration number 06971472, whose registered office is 38 Craven Street, London, England, WC2N 5NG, United Kingdom
"Provider Indemnity Event" has the meaning given to it in Clause 17.1;
"Selected Companies" means those companies which Customer identifies as companies to which they are interested in marketing, and in respect of which Customer supplies Provider with typical job roles and seniority levels that usually form part of the buying decision-making unit of those prospects;
"Services" means any services that the Provider provides to the Customer, or has an obligation to provide to the Customer, under these Terms and Conditions;
"Services Order Form" means an electronic order form signed by or on behalf of each party, in each case incorporating the Terms and Conditions as agreed in writing by the parties;
"Set Up Services" means the configuration, implementation and integration of the Subscription Services in accordance with Sections 2 and 3 of the Services Order Form;
"Support Services" means support in relation to the use of, and the identification and resolution of errors in, the Subscription Services, as contemplated herein and in Schedule 3 (Support SLA) but shall not include the provision of training services;
"Supported Web Browser" means the current release from time to time of Microsoft Internet Explorer, Mozilla Firefox, Google Chrome or Apple Safari, or any other web browser that the Provider agrees in writing shall be supported;
"Subscription Term" means the term of the Agreement, commencing in accordance with Clause 2.1 and ending in accordance with Clause 2.2;
"Target Roles" means the typical job roles and seniority levels that usually form part of the buying decision-making unit of the companies that Customer has identified to Expandi that it is interested in marketing to;
"Terms and Conditions" means the main body of these Terms and Conditions and the attached Schedules, including any amendments to that documentation agreed in writing by the parties from time to time;
"Update" means a hotfix, patch or minor version update to any Platform software; and
"Upgrade" means a major version upgrade of any Platform software.
"GDPR" means EU General Data Protection Regulation 2016/679.
2.1. The Agreement shall come into force upon the Effective Date.
2.2. The Agreement shall continue in force for the Initial Term, subject to earlier termination in accordance with the provisions of the Agreement.
2.3. Unless the parties expressly agree otherwise in writing, each Services Order Form shall create a distinct contract incorporating these Terms and Conditions.
3.1 The Provider shall provide the Set-Up Services to the Customer.
3.2 The Provider shall use reasonable endeavours to ensure that the Set-Up Services are provided in accordance with the timetable set out in Section 2 of the Services Order Form.
3.3 The Customer acknowledges that a delay in the Customer performing its obligations in the Agreement may result in a delay in the performance of the Set-Up Services; and subject to Clause 18.1 the Provider will not be liable to the Customer in respect of any failure to meet the Set-Up Services timetable to the extent that that failure arises out of a delay in the Customer performing its obligations under these Terms and Conditions.
3.4 Subject to any written agreement of the parties to the contrary, any Intellectual Property Rights that may arise out of the performance of the Set-Up Services by the Provider shall be the exclusive property of the Provider.
3.5 The Provider shall provide all services hereunder with reasonable skill and care using appropriately qualified and experienced individuals.
4.1 The Provider shall create an Account for the Customer and shall provide to the Customer login details for that Account on or promptly following the Effective Date.
4.2 The Provider hereby grants to the Customer a non-exclusive licence to use the Subscription Services by means of a Supported Web Browser for the internal business purposes of the Customer in accordance with the Documentation during the Subscription Term.
4.3 The licence granted by the Provider to the Customer under Clause 4.2 is subject to the following limitations:
4.4 Except to the extent expressly permitted in these Terms and Conditions or required by law on a non-excludable basis, the licence granted by the Provider to the Customer under Clause 4.2 is subject to the following prohibitions:
4.5 The Customer shall use reasonable endeavours, including reasonable security measures relating to Account access details, to ensure that no unauthorised person may gain access to the Subscription Services using an Account.
4.6 The Provider shall provide the Subscription Services to the Customer. The parties acknowledge and agree that Schedule 1 (Availability SLA) shall govern the availability of the Subscription Services.
4.7 The Customer must not knowingly use the Subscription Services in any way that causes, or is likely to cause, damage to the Subscription Services or Platform or impairment of the availability or accessibility of the Subscription Services.
4.8 The Customer must not use the Subscription Services:
4.9 For the avoidance of doubt, the Customer has no right to access the software code (including object code, intermediate code and source code) of the Platform, either during or after the Subscription Term.
4.10 The Provider may suspend the provision of the Subscription Services if any amount due to be paid by the Customer to the Provider under the Agreement (ie. monthly payment) or related to the Subscription Services (ie. Activation services such as digital advertising) is overdue, and the Provider has given to the Customer at least 30 days’ written notice, following the amount becoming overdue, of its intention to suspend the Subscription Services on this basis.
5.1 The Provider shall provide the Maintenance Services to the Customer during the Subscription Term.
5.2 The Provider shall provide the Maintenance Services in accordance with Schedule 2 (Maintenance SLA).
6.1 The Provider shall provide the Support Services to the Customer during the Subscription Term.
6.2 The Provider shall provide the Support Services with reasonable skill and care.
6.3 The Provider shall provide the Support Services in accordance with Schedule 3 (Support SLA).
7.1 Save to the extent that the parties have agreed otherwise in writing, the Customer must provide to the Provider, or procure for the Provider, such:
and as are reasonably necessary to enable the Provider to perform its obligations under the Agreement.
8.1 The Customer hereby grants to the Provider a non-exclusive, non-transferable, limited licence for the Subscription Term to copy, reproduce, store, distribute, export, adapt, edit and translate the data that the Customer has uploaded to the Platform to the extent necessary for the performance of the Provider’s obligations under the Agreement, together with the right to sub-license these rights to its hosting, connectivity and telecommunications service providers to the extent necessary for the performance of the Provider’s obligations under the Agreement.
For the avoidance of doubt, this Section 8.1 shall not, under any circumstance, a) grant the Provider any rights to the Customer’s Personal Data, which shall be processed exclusively in accordance with Section 14 and the Data Processing Agreement; or b) grant the Provider the right to use data uploaded to the Platform by the Customer for the purposes of providing services to other Provider customers.
8.2 The Customer warrants to the Provider that data that Customer uploads to the Platform will not infringe the Intellectual Property Rights or other legal rights of any person.
8.3 The Provider shall create a back-up copy of the Customer Data at least daily, and shall ensure that each such copy is sufficient to enable the Provider to restore the Subscription Services to the state they were in at the time the back-up was taken, and shall retain and securely store each such copy for a minimum period of 30 days.
9.1 You will not: use or launch any automated system, including, “robots,” “spiders,” or “offline readers,” that sends more request messages to our servers in a given period of time than a human can reasonably produce in the same period by using a conventional browser;
9.2 use the Subscription Service in any manner intended to: damage, disable, overburden, or impair any of our Platform or that is intended to interfere with any other party’s use of the Subscription Service;
9.3 attempt to gain unauthorised access to the Subscription Service;
9.4 access the Subscription Service other than through our interface;
9.5 use the Subscription Service for any purpose or in any manner that is unlawful or prohibited by this Agreement.
10.1 Nothing in these Terms and Conditions shall operate to assign or transfer any Intellectual Property Rights from the Provider to the Customer, or from the Customer to the Provider
11.1 The Customer shall pay the Charges to the Provider in accordance with these Terms and Conditions.
11.2 All amounts stated in or in relation to these Terms and Conditions are, unless the context requires otherwise, stated exclusive of any applicable value added taxes, which will be added to those amounts and payable by the Customer to the Provider.
12.1 The Provider shall issue either invoices for the Charges to the Customer on an annual in advance subscription basis, or arrange for direct debit payments to be scheduled on a monthly in advance basis. The method of payment is to be determined within the Customer Order Form.
12.2 The Customer must pay the Charges due to the Provider within the period of 30 days following the issue of an invoice in accordance with this Clause 12. The Provider will not grant the access until the payment is notified by the Provider’s bank or by the Customer with an attached copy of the payment.
12.3 The Customer must pay the Charges by direct electronic bank transfer or standing order bank transfer using such payment details as are notified by the Provider to the Customer from time to time.
12.4 The Provider reserves the right to suspend Customer access to the Subscription Services in accordance with Clause 4.10.
13.1 The Provider must:
13.2 This Clause 13 imposes no obligations upon the Provider with respect to Customer Confidential Information that:
13.3 The restrictions in this Clause 13 do not apply to the extent that any Customer Confidential Information is required to be disclosed by any compulsory legal process or regulation, by any judicial or governmental order, or pursuant to mandatory disclosure requirements relating to the listing of the stock of the Provider on any recognised stock exchange provided that, to the extent it is legally permitted to do so, the Provider gives the Customer as much written notice of any disclosure as possible and it takes into account the reasonable requests of the Customer in relation to the scope and or content of any disclosure.
13.4 The provisions of this Clause 13 shall continue in force indefinitely following the termination of the Agreement.
14.1.1 The provisions of this Clause 14 are in addition to any obligations of Provider or Customer in the Data Processing Agreement in place between them (with which Agreement Provider shall comply), which is attached hereto as Schedule 4.
14.1.2 In the case of conflict or ambiguity between any of the provisions of this Clause 14 and the provisions of the Data Processing Agreement, the provisions of the Data Processing Agreement will prevail.
14.1.3 The Customer warrants to the Provider that it has the legal right to disclose all Personal Data that it does in fact disclose to the Provider under or in connection with these Terms and Conditions, and that the processing of that Personal Data by the Provider for the Permitted Purpose in accordance with these Terms and Conditions will not breach any applicable data protection or data privacy laws (including the General Data Protection Regulation, Regulation (EU) 2016/679 and the Data Protection Act 2018).
14.1.4 The Provider warrants to the Customer that it has the legal right to disclose any Personal Data that it does in fact disclose to the Customer under or in connection with the Services it provides to the Customer, and that such disclosure will not breach any applicable data protection or data privacy laws (including the General Data Protection Regulation, Regulation (EU) 2016/679 and the Data Protection Act 2018).
14.2 The Provider warrants to the Customer that, in respect only of the processing of Personal Data by Provider (or its Subprocessors) as a data Processor on behalf of Customer:
14.3 The Provider shall notify the Customer as soon as practicable (and in any event no later than the timescales set out in the Data Processing Agreement) if:
14.4 The Provider shall ensure that access to the Customer Personal Data is limited to those Provider personnel who have a reasonable need to access the Customer Personal Data to enable the Provider to perform its duties under the Agreement and that such personnel are subject to an enforceable obligation of confidentiality or are under an appropriate statutory obligation of confidentiality; any access to the Customer Personal Data must be limited by the Provider to such part or parts of the Customer Personal Data as are strictly necessary.
14.5 The Provider will ensure that it and all of its Subprocessors and partners have all necessary and appropriate consents and notices in place to enable lawful transfer of any Customer Personal Data obtained by it (excluding such data which is supplied by the Customer in respect of which Customer shall be responsible for maintaining all such consents and notices for the purpose of transfer to and use by Provider) (whether directly or via its Subprocessors or partners) in the performance of the Services to the Customer for the duration and purposes of the Agreement so that the Customer may lawfully use, process and transfer such personal data as contemplated by this Agreement.
15.1 The Provider warrants to the Customer that:
15.2 The Provider warrants to the Customer that:
15.3 The Provider warrants to the Customer that the Subscription Services, when used by the Customer in accordance with these Terms and Conditions, will not breach any laws, statutes or regulations applicable under English law or the DPL.
15.4 The Provider warrants to the Customer that the Subscription Services, when used by the Customer in accordance with these Terms and Conditions, will not infringe the Intellectual Property Rights of any person in any jurisdiction and under any applicable law.
15.5 The Customer warrants to the Provider that it has the legal right and authority to enter into the Agreement and to perform its obligations under these Terms and Conditions.
15.6 All of the parties’ warranties and representations in respect of the subject matter of the Agreement are expressly set out in these Terms and Conditions. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of the Agreement will be implied into the Agreement or any related contract.
16.1 The Customer acknowledges that complex software is never wholly free from defects, errors and bugs; and subject to the other provisions of these Terms and Conditions, the Provider gives no warranty or representation that the Subscription Services will be wholly free from defects, errors and bugs.
16.2 The Customer acknowledges that complex software is never entirely free from security vulnerabilities; and subject to the other provisions of these Terms and Conditions, the Provider gives no warranty or representation that the Subscription Services will be entirely secure.
16.3 The Customer acknowledges that the Subscription Services are designed to be compatible only with that software and those systems specified as compatible in the Subscription Services Specification; and the Provider does not warrant or represent that the Subscription Services will be compatible with any other software or systems.
16.4 The Customer acknowledges that the Provider will not provide any legal, financial, accountancy or taxation advice under these Terms and Conditions or in relation to the Subscription Services; and, except to the extent expressly provided otherwise in these Terms and Conditions, the Provider does not warrant or represent that the Subscription Services or the use of the Subscription Services by the Customer will not give rise to any legal liability on the part of the Customer or any other person in this regard.
16.5 Notwithstanding the above, Provider warrants that it will exercise reasonable care and skill in the provision of the Services, including by maintaining controls consistent with good industry practice, and in material conformance with the Information Security Policy of Provider (as the same is set out in the Data Processing Agreement) for the purpose of ensuring the confidentiality, integrity and security of Customer Data.
17.1 Subject to clause 17.2, the Provider shall indemnify and shall keep indemnified the Customer against any and all liabilities, damages, losses, costs and expenses (including legal expenses and amounts reasonably paid in settlement of legal claims) suffered or incurred by the Customer and arising directly or indirectly as a result of any:
(i) breach, non-performance or negligent performance by the Provider of these Terms and Conditions;
(ii) claim made against the Customer for actual or alleged infringement of a third party’s intellectual property rights arising out of or in connection with its use (provided such use is in accordance with the Provider’s instructions and Documentation as shown in Schedule 5 of this agreement) of the Platform or the Subscription Services;
(iii) claim made against the Customer by a third party arising out of or in connection with the provision of the Services, to the extent that such claim arises out of the breach, negligent performance or failure or delay in performance of this Agreement by the Provider, its employees, agents or subcontractors;
each a “Provider Indemnity Event”
17.2 The Customer must:
17.3 The indemnity protection set out in this Clause 17 shall be subject to the limitations and exclusions of liability set out in the Agreement.
18.1 Nothing in these Terms and Conditions will:
18.2 Save as set out expressly in this Agreement, the limitations and exclusions of liability set out in this Clause 18 and elsewhere in these Terms and Conditions:
18.3 Neither party shall be liable to the other party in respect of any loss or corruption of any data, database or software; providing that this Clause 18.3 shall not protect the Provider unless the Provider has fully complied with its obligations under the Data Processing Agreement.
18.4 Neither party shall be liable to the other party in respect of any special, indirect or consequential loss or damage.
18.5 Subject to clause 18.1, the liability of the Provider to the Customer under the Agreement in respect of any event or series of related events shall not exceed the following:
(a) up to a maximum of: the total amount paid and payable by the Customer to the Provider under the agreement in the 12-month period preceding the commencement of the event or events; in respect of Providers breach, nonperformance or negligent performance of any obligation, in each case under: (A) the Data Processing Agreement; (B) Clause 13 (Confidentiality); (C) Clause 14 (Data Protection); or (D) indemnification under clause 17.1(ii);
18.6 Subject to Clause 18.1, 18.3 and 18.4, Customer’s total aggregate liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising out of or in connection with this Agreement shall not exceed the total amount paid and payable by the Customer to the Provider under the Agreement in the 12-month period preceding the commencement of the event or events.
18.7 For the duration of the Agreement, each party shall have and maintain in place professional indemnity insurance, cyber insurance together with any other insurance(s) required by law.
19.1 If a Force Majeure Event gives rise to a failure or delay in either party performing any obligation under the Agreement, that obligation will be suspended for the duration of the Force Majeure Event.
19.2 A party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that party performing any obligation under the Agreement, must:
19.3 A party whose performance of its obligations under the Agreement is affected by a Force Majeure Event (the “Affected Party”) must take reasonable steps to mitigate the effects of the Force Majeure Event.
19.4 If the Force Majeure Event prevents, hinders or delays the Affected Party’s performance of its obligations for a continuous period of more than 4 weeks, the party not affected by the Force Majeure Event may terminate this Agreement by giving 30 days written notice to the Affected Party. Any fees paid in respect of Services not rendered as a result of the occurrence of the Force Majeure Event shall be refunded to the Customer upon request.
20.1 Your subscription period will be specified in your Order. If you add products during the Subscription Term, the fees for these additional products will be pro-rated for the remaining subscription period specified in your Order.
20.2 The Customers subscription will auto-renew unless notice to terminate is served in writing to [email protected] no earlier than 90 days, but no later than 45 days before the expiry of the Subscription Term.
20.3 No Early Termination; No Refunds. Except for the review period permitted during the first year of the Subscription Term only, the Subscription Term will end on the expiration date and you cannot cancel it before its expiration. We do not provide refunds if you decide to stop using the subscription service without cause during your Subscription Term.
21.1 Upon the termination of the Agreement, Clauses 13, 14, 17, 18, 21, 24 and 25 and any clauses (including those set out in the Data Processing Agreement) which expressly or by implication is intended to have effect after termination shall survive and continue to have effect (in accordance with their express terms or otherwise indefinitely).
21.2 Except to the extent that these Terms and Conditions expressly provide otherwise, the termination of the Agreement shall not affect the accrued rights of either party.
21.3 Within 30 days following the termination of the Agreement for any reason:
22.1 Without prejudice to any Provider obligations arising in the Data Processing Agreement in place between them, the Provider may subcontract any of its obligations under the Agreement, providing that the Provider must give to the Customer, prior written notice of the appointment of a subcontractor, specifying the subcontracted obligations and identifying the subcontractor in question.
22.2 The Provider shall remain responsible and liable to the Customer for the performance of any subcontracted obligations.
22.3 Notwithstanding any other provision of these Terms and Conditions, the Customer acknowledges and agrees that the Provider may subcontract to any reputable third party hosting business the hosting of the Platform and the provision of services in relation to the support and maintenance of elements of the Platform.
23.1 Refer to the Data Processing Agreement for detail.
24.1 The Services Order Form, the main body of these Terms and Conditions, the Data Processing Agreement and the Schedules shall constitute the entire agreement between the parties in relation to the subject matter of the Agreement, and shall supersede all previous agreements, arrangements and understandings between the parties in respect of that subject matter.
24.2 The provisions of this Clause 24 are subject to Clause 18.1.
25.1 The Agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be governed by the laws of England and Wales and each Party irrevocably agrees that the courts of England and Wales shall have the exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with the Agreement or its subject matter or formation.
26.1 In these Terms and Conditions, a reference to a statute or statutory provision includes a reference to:
26.2 The Clause headings do not affect the interpretation of these Terms and Conditions.
26.3 References in these Terms and Conditions to “calendar months” are to the 12 named periods (January, February and so on) into which a year is divided.
26.4 In these Terms and Conditions, general words shall not be given a restrictive interpretation by reason of being preceded or followed by words indicating a particular class of acts, matters or things.
26.5 In the case of any conflict or ambiguity between any provisions contained in these Terms and Conditions and the Order Form, the provisions of these Terms and Conditions shall prevail.
26.6 Save as expressly set out otherwise, (including without limitation the Data Processing Agreement), in the case of any conflict or ambiguity between any provisions contained in the main body (being clauses 1-27) of these Terms and Conditions and a Schedule to these Terms and Conditions, the main body of these Terms and Conditions shall prevail.
27.1 Any notices under the Agreement will be in writing and given by hand or by pre-paid first-class post or other next working day delivery service to the address for each Party set out in the Order Form (with a copy by email to [email protected]).
27.2 Any notice shall be deemed to have been received:
27.2.1. if delivered by hand, at the time the notice is left at the proper address; and
27.2.2. if sent by pre-paid first-class post or other next working day delivery service, at 9.00 am on the second business day after posting.
27.3 Clauses 27.1 and 27.2 do not apply to the service of any proceedings or other documents in any legal action or, where applicable, any other method of dispute resolution.
27.4 No variation of the Agreement shall be effective unless it is in writing and signed by both Parties.
27.5 Save as expressly set out herein, neither Party will assign its rights or transfer its obligations under the Agreement without the prior written consent of the other Party (not to be unreasonably withheld or delayed).
27.6 A person who is not party to the Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of the Agreement.
27.7 A waiver of any right or remedy under the Agreement or by law is only effective if given in writing and will not be construed as a waiver of any subsequent right or remedy. A failure or delay by a Party to exercise any right or remedy provided under the Agreement or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under the Agreement or by law shall prevent or restrict the further exercise of that or any other right or remedy.
27.8 If any provision or part-provision of the Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of the Agreement.
SCHEDULE 1 (AVAILABILITY SLA)
1. Introduction to availability SLA
1.1 This Schedule 1 sets out the Provider’s availability and commitments relating to the Subscription Services.
1.2 In this Schedule 1, “uptime” means the percentage of time during a given period when the Subscription Services are available at the gateway between public internet and the network of the hosting services provider for the Subscription Services which shall be no less than 99.95%.
2. Availability
2.1 The Provider shall use all reasonable endeavours to ensure that it meets the uptime set out in paragraph 1.2 above for the Subscription Services during each calendar month.
3. Exceptions
3.1 Downtime caused directly or indirectly by any of the following shall not be considered when calculating whether the Provider has met the uptime guarantee given in Paragraph 2.1:
SCHEDULE 2 (MAINTENANCE SLA)
1. Introduction
1.1 This Schedule 2 sets out the service levels applicable to the Maintenance Services.
2. Scheduled Maintenance Services
2.1 The Provider shall where practicable give to the Customer at least 5 Business Days prior written notice of scheduled Maintenance Services that are likely to affect the availability of the Subscription Services or are likely to have a material negative impact upon the Subscription Services, without prejudice to the Provider’s other notice obligations under this Schedule 2.
2.2 The Provider shall provide all scheduled Maintenance Services outside Business Hours.
3. Updates
3.1 The Provider shall give to the Customer written notice of the application of any security Update to the Platform and at least 1 Business Day prior written notice of the application of any non-security Update to the Platform.
3.2 The Provider shall apply Updates to the Platform as follows:
other Updates shall be applied to the Platform in accordance with any timetable notified by the Provider to the Customer or agreed by the parties from time to time.
4. Upgrades
4.1 The Provider shall produce Upgrades from time to time during the Term
4.2 The Provider shall give to the Customer at least 5 Business Days’ prior written notice of the application of an Upgrade to the Platform.
4.3 The Provider shall apply each Upgrade to the Platform within any period notified by the Provider to the Customer or agreed by the parties in writing.
SCHEDULE 3 (SUPPORT SLA)
1. Introduction
1.1 This Schedule 3 sets out the service levels applicable to the Support Services.
2. Helpdesk
2.1 The Provider shall make available to the Customer a helpdesk for the duration of the Agreement. The helpdesk shall be available between 09:00-17:30 hours, Monday to Friday, excluding Bank Holidays and may be contacted by email on [email protected]. The helpdesk shall be provided and issues managed in accordance with the provisions of this Schedule 3.
3. Response and resolution
3.1 Issues raised through the Support Services shall be categorised as follows:
3.2 The Provider shall determine, acting reasonably, into which severity category an issue falls.
3.3 The Provider shall use all reasonable endeavours to respond to requests for Support Services promptly.
4. Provision of Support Services
4.1 The Support Services shall be provided remotely, save to the extent that the parties agree otherwise in writing.
SCHEDULE 4 (Data Processing Agreement, DPA)
1. OBJECT
2. EXPANDI LTD’S OBLIGATIONS
The parties agree, in relation to the data processing activities, the following:
2.1 That the data of the data subjects will be processed exclusively for the purposes inherent in the execution of the service.
2.2 That the type of personal data and the categories of data subjects to the processing will be limited only to those provided for in the service.
2.3 Expandi LTD shall process personal data only on documented instruction of the Data Controller.
3. ORGANIZATIONAL AND TECHNICAL MEASURES
3.1 Expandi LTD shall ensure that persons entitled to the processing of personal data have previously signed a confidentiality agreement (Non-disclosure agreement NDA).
3.2 Expandi LTD shall appoint, within the meaning of article 28, par. 2 of Regulation (EU 2016/679), another Data Processor, exclusively after explicit approval by the Data Controller.
3.3 Expandi LTD shall maintain the technical and organizational measures in order to ensure a level of security appropriate to the risk.
3.4 Customers reserve the right to verify and monitor the compliance status of the Data Processor with the information provided in the field of data protection, including through periodic audits by its personnel or external appointed personnel.
4. DATA SUBJECTS RIGHTS AND REQUESTS
4.1 Expandi LTD shall assist the Data Controller using appropriate technical and organizational measures, in order to comply with the obligations of the Data Controller to respond the requests for the exercise of the rights of the data subjects under Article 15 of the EU regulation 2016/679.
4.2 In the event that Expandi LTD has advanced requests from the data subject about the exercise of his or her rights relating to the personal data owned by Data Controller, for example and not exhaustively: rectification, cancellation and limitation, data portability, Expandi LTD will have to inform Data Controller, without delay, and in any case not beyond the terms of the law.
4.3 In the event that Data Controller is obligated to provide information on personal data to other Data Controllers or third parties, Expandi LTD shall be obliged to cooperate by providing all necessary information.
5. COMMUNICATION OF DATA TO THIRD PARTIES
5.1 Expandi LTD shall not disclose the data to third parties, to the public administration or to the judicial authority, without the prior authorization of Data Controller. In the event that European Union law or national law requires data communication and access to them, Expandi LTD shall communicate the data to the applicant and, subsequently, notify the event to the Data Controller, also communicating this legal obligation, unless the right prohibits such information for relevant reasons of public interest.
6. RESTITUTION OR ERASURE OF PERSONAL DATA
6.1 Unless different dispositions of law, Expandi LTD , depending on the choice of Data Controller, shall delete or return the personal data upon the due date or suspension of the services. Expandi LTD undertakes to delete existing copies, at the request of the Data Controller, unless the law of the European Union or Member States provides for the retention of data beyond the limit set by the Data Controller.
7. ASSISTANCE AND REGISTERS
7.1 Expandi LTD must maintain, and from time to time update, the register containing the names and contact details of Expandi LTD’s sub- suppliers.
7.2 Expandi LTD shall maintain a log of access to personal data by a public administration, judicial authority or third part audit.
7.3 Expandi LTD shall maintain a record of the violations involving personal data of the data subjects.
7.4 In addition, Expandi LTD shall fill in the register of processing activities, pursuant to article 24, taking care to inform, when requested, the Data Controller of the categories of processing activities carried out on behalf of the Data Controller, and of any subcontractors involved.
8. TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION
8.1 Expandi LTD will inform Data Controller of further notice and documents relating to the international transfer data mechanism in accordance with article 46 of GDPR.
9. EXPANDI LTD’S SUB-SUPPLIERS
9.1 The engagement of Expandi LTD’s sub – supplier, requires Data Controller’s explicit prior written approval by using Certified Mail, if possible, otherwise, by e-mail. Expandi LTD will notify Data Controller in advance and without undue delay of any changes to Expandi LTD’s sub – supplier in accordance with the previous and explicitly approved list.
9.2 Expandi LTD shall impose the same data protection obligations as set out in this DPA on any approved Expandi LTD’s sub – supplier.
9.3 In case of Expandi LTD, in accordance with art. 28, par. 4 European Regulation 679/2016, appoint a Expandi LTD’s sub – supplier, to the latter are imposed the same obligations in force between the controller and Expandi LTD.
9.4 Expandi LTD remains responsible for its sub – processors and liable for their acts and omissions as for its own acts and omissions and any references to Expandi LTD ’s obligations, acts and omissions in this DPA shall be construed as referring also to Expandi LTD ’s sub – processors.
10. PERSONAL DATA BREACH
10.1 Expandi LTD will inform Data Controller without undue delay of any suspected non-compliance with applicable Data Protection Laws or relevant contractual terms of this DPA or in case of serious disruptions to operations or any other irregularities in the processing of the Data Controller Personal Data. Expandi LTD will promptly investigate and rectify any non-compliance as soon as possible and upon Data Controller’s request, provide Data Controller with all information requested with regard to the suspected non-compliance.
10.2 Expandi LTD will notify Data Controller without undue delay (and in no event later than 24 hours) after becoming aware of a Personal Data Breach in respect of the Services. Expandi LTD will promptly investigate the Personal Data Breach and will provide Data Controller with reasonable assistance to satisfy any legal obligations (including obligations to notify Supervisory Authorities or Data Subjects).
10.3 To clarify, Expandi LTD will inform, at first Data Controller of any data breach, secondly Expandi LTD will inform Data Controller of any sub – Expandi LTD s’ data breach within 24 hours from the incident detection.
11. DURATION
11.1 This DPA will remain valid until the discontinuance of the Services. Expandi LTD will maintain maximum confidentiality on data and information concerning the Controller of which it became aware of the fulfilment of its obligations.
11.2 Expandi LTD, at the expiration of the Services, must interrupt each operation of Data processing or it must provide for their complete cancellation, in both cases it must release a written statement stating that at Expandi LTD does not own any copy. In the case of request of the Data Controller, Expandi LTD must indicate the technical methods and procedures used for the cancellation and destruction.
12. JURISDICTION AND MEDIATION
12.1 Contentious, enquire and litigations between Parties concerning the DPA must be established forward the Court of London
12.2 English Law governs this DPA.
Annex 1 - SECURITY MEASURES
Expandi LTD will maintain all technical and organizational security measures in accordance with GDPR Data Security Principles, for protecting Data Controller Personal Data against accidental loss, destruction, alteration, unauthorized disclosure or access, or unlawful destruction.
GDPR DATA SECURITY PRINCIPLES
In the field of processing activities, which are the object of this DPA, Controller provides that Expandi LTD observes these security measures during processing activities:
You can review the company privacy policy here.