These terms and conditions of service (the “Agreement”) constitute a legally binding contract among the parties (as defined below) and shall apply to all software services provided by Langdon Customs & Excise Solutions Limited. The Agreement is subject to change by Langdon Customs & Excise Solutions upon posting on Langdon’s website from time to time. The most current and controlling version of the Agreement is published at https://langdoncustoms.com/master-service-agreement/. Ancillary or other services performed by Langdon Customs & Excise Solutions are subject to and provided separately from this Agreement.
Definitions
Except to the extent expressly provided otherwise, in this Agreement:
“Account” means an account enabling a person to access and use the Hosted Services, including both administrator accounts and user accounts.
“Agreement” means this agreement including any Annexes, and any amendments to this Agreement from time to time.
“Annex” means any Annex as attached to the main body of this Agreement.
“Business Day” means any weekday other than a bank or public holiday in England.
“Business Hours” means the hours of 08:30 to 17:30 GMT/BST on a Business Day.
“Change of Control” is as defined in section 1124 of the Corporation Tax Act 2010, and the expression change of control shall be construed accordingly OR the beneficial ownership of more than 50% of the issued share capital of a company or the legal power to direct or cause the direction of the general management of the company, and controls, controlled and the expression change of control shall be construed accordingly.
“Charges” means the charges, costs and fees payable in respect of the provision of the Services being the following amounts:
• the amounts specified in Annex 2
• such amounts as may be agreed in writing by the parties from time to time
• amounts calculated by multiplying the Provider’s standard time-based charging rates (as notified by the Provider to the Client before the date of this Agreement) by the time spent by the Provider’s personnel performing the Support Services.
“Confidential Information” means any material, non-public information disclosed by one party (the “Discloser”) to the other party (the “Recipient”) that: (i) if disclosed in writing, is marked “confidential” or “proprietary” at the time of such disclosure; (ii) if disclosed orally, is identified as “confidential” or “proprietary” at the time of such disclosure; or (iii) if, under the circumstances, a person exercising reasonable business judgment would understand to be confidential or proprietary. Confidential Information includes, without limitation, (a) non-public information relating to the Discloser’s technology, customers, clients, business plans, product plans, promotional and marketing activities, pricing, financial information and other business affairs, (b) third-party information that the Discloser is obliged to keep confidential, and (c) the nature, content and existence of any discussions or negotiations between the parties.
“Client Confidential Information” means any information disclosed by the Client to the Provider during the Term or at any time before the termination of this Agreement (whether disclosed in writing, orally or otherwise) that at the time of disclosure:
• should have been reasonably understood by the Provider to be confidential; and
• the Client Data and associated outputs (extracts, reports and data transmissions).
“Client Data” means all data, works and materials: uploaded to or stored on the Platform by the Client; transmitted by the Platform at the instigation of the Client; supplied by the Client to the Provider for uploading to, transmission by or storage on the Platform; or generated by the Platform as a result of the use of the Hosted Services by the Client, and any data entered by the Client, or the Provider on the Client’s behalf for the purpose of using the Services or facilitating the Client’s use of the Services and any data generated by, or derived from the Client’s use of the Services, whether hosted or stored within the Services or elsewhere.
“Cybersecurity Requirements” means all laws, regulations, codes, guidance (from regulatory and advisory bodies, whether mandatory or not), international and national standards, and sanctions, applicable to either party, relating to security of network and information systems and security breach and incident reporting requirements, including the Data Protection Legislation, the Cybersecurity Directive ((EU) 2016/1148), Commission Implementing Regulation ((EU) 2018/151), the Network and Information Systems Regulations 2018 (SI 506/2018), all as amended or updated from time to time.
“Documentation” means the documentation for the Hosted Services produced by the Provider and delivered or made available by the Provider to the Client.
“Effective Date” means date of commencement of Services.
“Force Majeure Event” means an event, or a series of related events, that is outside the reasonable control of the party affected (including failures of the internet, cyber-attacks, or any public telecommunications network, hacker attacks, denial of service attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, explosions, fires, floods, riots, terrorist attacks, strikes, labour disputes, governmental acts or orders or restrictions, and wars).
“Good Industry Practice” means the exercise of that degree of skill, as would be expected from a company within the same industry.
“Incident” means any Vulnerability, Virus or security incident which:
• may affect the Software or the Services;
• may affect the Provider’s network and information systems, such that it could potentially affect the Client or the Software or the Services; or
• is reported to the Provider by the Client.
“Initial Subscription Term” means three (3) years and as set out in Article I.
“Known Vulnerability” means any Vulnerability that has either:
• been assigned a Common Vulnerabilities and Exposures (CVE) number; or
• been disclosed on the internet, or any public database, such that it would be revealed by reasonable searches conducted in accordance with Good Industry Practice.
“Hosted Services” means DMS Cloud, which will be made available by the Provider to the Client as a service via the internet in accordance with this Agreement.
“Hosted Services Defect” means a defect, error or bug in the Platform having an adverse effect or a material adverse effect on the operation, functionality, or performance of the Hosted Services, but excluding any defect, error or bug caused by or arising as a result of:
• any act or omission of the Client or any person authorised by the Client to use the Platform or Hosted Services;
• any use of the Platform or Hosted Services contrary to the Hosted Services Specification as well as the terms and conditions of this Agreement, whether by the Client or by any person authorised by the Client;
• a failure of the Client to perform or observe any of its obligations in this Agreement; and
• an incompatibility between the Platform or Hosted Services and any other system, network, application, program, hardware, or software not specified as compatible by the Provider.
“Hosted Services Specification” means the specification for the Platform and Hosted Services set out in Annex 1 (Hosted Services particulars).
“Intellectual Property Rights” means all intellectual property rights wherever in the world, whether registrable or unregistrable, registered or unregistered, including any application or right of application for such rights (and these “intellectual property rights” include copyright and related rights, database rights, confidential information, trade secrets, know-how, business names, trade names, trademarks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semiconductor topography rights and rights in designs), patents, rights to inventions, moral rights, business names and domain names, rights in get-up and trade dress, goodwill, rights in computer software, rights to use, and protect the confidentiality of, confidential information (including know-how) and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.
“Latent Vulnerability” means any instances of typical classes of Vulnerability, including without limitation buffer overflows, cross-site scripting (XSS) and Structure Query Language (SQL) injection.
“Mandatory Policies” means the Provider’s standard business policies required as set out in Annex 5, as amended by notification to the Provider from time to time.
“Maintenance Services” means, at the sole discretion of Provider, the general maintenance of the Platform and Hosted Services, and the application of Updates and Upgrades.
“Mitigate” means the taking of such reasonable steps that would be taken by a prudent supplier in accordance with Good Industry Practice to mitigate against the Incident in question, which may include (in the case of a Vulnerability) coding changes, but could also include specification changes (for example, removal of affected protocols or functionality in their entirety) provided these are approved by the Client in writing in advance, and the terms Mitigated and Mitigation shall be construed accordingly.
“Normal Business Hours” means 8.30 am to 5.30 pm local UK time, each Business Day.
“Personal Data” has the meaning given to it in the Data Protection Act 2018 and UK GDPR.
“Platform” means the platform managed by the Provider and used by the Provider to provide the Hosted Services, including the application and database software for the Hosted Services, the system and server software used to provide the Hosted Services.
“Professional Services” means specialised work beyond general “support services” e.g. development, consultancy, training, project management.
“Services” means any services that the Provider provides to the Client, or has an obligation to provide to the Client, under this Agreement, including without limitation the subscription services provided by the Provider to the Client under this Agreement via https://langdoncustoms.com/ or any other website notified to the Client by the Provider from time to time, as more particularly described in this Agreement and any relevant documentation provided by the Provider.
“Software” means the online software applications provided by the Provider as part of the Services.
“Statement of Work” means the document which provides the framework for the Services, Platform, objectives and deliverables pursuant to the terms of this Agreement.
“Support Services” means support in relation to the use of, and the identification and resolution of errors in, the Hosted Services, but shall not include the provision of training services, development.
“Supported Web Browser” means the current release from time to time of Microsoft Internet Explorer 11 and above / Microsoft Edge, Google Chrome, or any other web browser that the Provider agrees in writing shall be supported and which the Client shall acquire.
“Term” means the term of this Agreement, commencing in accordance with Article I of this Agreement.
“Update” means a hotfix, patch, or minor version update to any Platform software
“Upgrade” means a major version upgrade of any Platform software.
“Virus” means anything or device (including any software, code, file or program) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any program or data, including the reliability of any program or data (whether by re-arranging, altering or erasing the program or data in whole or part or otherwise); or adversely affect the user experience, including worms, Trojan horses, viruses and other similar things or devices.
“Vulnerability” means a weakness in the computational logic (for example, code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability, and the term Vulnerabilities shall be construed accordingly.
Article I. Term
This Agreement shall come into force upon the Effective Date.
This Agreement shall, unless otherwise terminated as provided in this Article I, commence on the Effective Date and shall continue for the Initial Subscription Term (3 years) and, thereafter, this Agreement shall be automatically renewed for successive periods of 12 months (each a Renewal Period). The Initial Subscription Term and Renewal Period shall constitute the Subscription Term. Notwithstanding the foregoing, Client and Provider may terminate this Agreement if:
• the Client notifies the Provider that it wishes to terminate the agreement, in writing, at least one hundred and eighty (180) days before the end of the Initial Subscription Term or any Renewal Period, in which case this Agreement shall terminate upon the expiry of the applicable Initial Subscription Term or Renewal Period;
• immediately in the event of a material breach of this Agreement or any such Statement of work by the other party that is not cured within thirty (30) days of written notice from the other party; or
• otherwise terminated in accordance with Articles XV and XVI.
Article II. Hosted Services
The Provider shall, during the Subscription Term, provide the Services (and make available the Hosting Services) as more particularly described in Annex 1 to the Client on and subject to the terms of this Agreement.
The Provider will, as part of the Services and at no additional cost to the Client, provide the Client with the Provider’s standard Client support services during Normal Business Hours in accordance with the Provider’s Support Services in effect at the time that the Services are provided. The Provider may amend the Support Services with no less than sixty (60) days’ notice in writing to the Client and shall ensure that any amendment to the Support Services does not adversely affect, reduce, or change the Support Services.
On the Effective Date, the Provider shall create an Account for the Client and shall provide to the Client login details for that Account on or promptly following the Effective Date.
The Provider hereby grants to the Client a non-exclusive, non-transferable, revocable licence to use the Hosted Services by means of a Supported Web Browser for the internal business purposes of the Client in accordance with terms and conditions of this Agreement during the Term. Any additional entities or Client(s) that require use on behalf of the Client, are subject to additional costs and charges. The Client assumes any and all liability associated with the additional entities and/or Client(s) which require use of the Platform utilised by Client and/or Hosted Services.
The licence granted by the Provider to the Client above is subject to the following limitations:
• the Hosted Services may only be used by the officers and employees of the Client
• Except to the extent expressly permitted in this Agreement or required by law on a non-excludable basis, the licence granted by the Provider to the Client above is subject to the following prohibitions:
• the Client must not sub-license its right to access and use the Hosted Services
• the Client must not permit any unauthorised person to access or use the Hosted Services
• the Client must not use the Hosted Services to provide services to third parties
• the Client must not republish or redistribute any content or material from the Hosted Services.
The Client shall use reasonable endeavours, including reasonable security measures relating to Account access details, to ensure that no unauthorised person may gain access to the Hosted Services using an Account.
The Provider shall use all reasonable endeavours to maintain the availability of the Hosted Services to the Client at the gateway between the public internet and the network of the hosting services provider for the Hosted Services but does not guarantee 100% availability.
For the avoidance of doubt, downtime caused directly or indirectly by any of the following shall not be considered a breach of this Agreement:
• a Force Majeure Event
• a fault or failure of the internet or any public telecommunications network
• a fault or failure of the Client’s computer systems, hardware or networks
• scheduled maintenance carried out in accordance with this Agreement
The Client must not use the Hosted Services in any way that causes, or may cause, damage to the Hosted Services or Platform or impairment of the availability or accessibility of the Hosted Services.
The Client must not use the Hosted Services:
• in any way that is unlawful, illegal, fraudulent, or harmful
• in connection with any unlawful, illegal, fraudulent, or harmful purpose or activity
For the avoidance of doubt, the Client has no right at any time to access the software code (including object code, intermediate code, and source code) of the Platform or Software.
The Provider may suspend the provision of the Hosted Services if any amount due to be paid by the Client to the Provider under this Agreement is overdue, and the Provider has given to the Client at least 30 days’ written notice, following the amount becoming overdue, of its intention to suspend the Hosted Services on this basis.
Article III. Maintenance Services
The Provider shall provide Maintenance Services to the Client during the Term.
The Provider shall, where practicable, give to the Client at least 10 Business Days’ prior written notice of scheduled Maintenance Services that are likely to affect the availability of the Hosted Services or are likely to have a material negative impact upon the Hosted Services, without prejudice to the Provider’s other notice obligations under this main body of this Agreement.
The Provider shall give to the Client at least 10 Business Days’ prior written notice of the application of an Upgrade to the Platform.
The Provider shall give to the Client written notice of the application of any security Update to the Platform and at least 10 Business Days’ prior written notice of the application of any non-security Update to the Platform.
The Provider shall provide the Maintenance Services in accordance with the standards of skill and care reasonably expected from a leading service provider in the Provider’s industry.
The Provider may suspend the provision of the Maintenance Services if any amount due to be paid by the Client to the Provider under this Agreement is overdue, and the Provider has given to the Client at least 14 days’ written notice, following the amount becoming overdue, of its intention to suspend the Maintenance Services on this basis.
Article IV. Support Services
The Provider shall provide the Support Services to the Client during the Term.
The Provider shall make available to the Client a helpdesk in accordance with the provisions of this Article IV of the Agreement.
The Provider shall provide the Support Services in accordance with the standards of skill and care reasonably expected from a leading service provider in the Provider’s industry.
The Client may use the helpdesk for the purposes of requesting and, where applicable, receiving the Support Services pursuant to this Agreement; and the Client must not use the helpdesk for any other purpose nor shall the helpdesk of the Provider be responsible to provide any other service.
The Provider shall respond promptly to all requests for Support Services made by the Client through the helpdesk in accordance with the SLAs within this Agreement.
The Provider may suspend the provision of the Support Services if any amount due to be paid by the Client to the Provider under this Agreement is overdue, and the Provider has given to the Client at least 14 days’ written notice, following the amount becoming overdue, of its intention to suspend the Support Services on this basis.
Article V. Client Data
The Client hereby grants to the Provider a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Client Data to the extent reasonably required for the performance of the Provider’s obligations and the exercise of the Provider’s rights under this Agreement, together with the right to sub-license these rights to its hosting, connectivity and telecommunications service providers to the extent reasonably required for the performance of the Provider’s obligations and the exercise of the Provider’s rights under this Agreement.
The Client warrants to the Provider that the Client Data will not infringe the Intellectual Property Rights, relevant privacy acts, or any other legal rights of any person.
The Client shall own all right, title and interest in and to all of the Client Data that is not personal data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of all such Client Data.
The Client shall create a back-up copy of the Client Data at intervals of no less than six (6) months, shall ensure that each such copy is sufficient to enable the Provider to restore the Hosted Services to the state they were in at the time the back-up was taken, and shall retain and securely store each such copy for a minimum period of 30 days.
Within the period of one Business Day following receipt of a written request from the Client, the Provider shall use all reasonable endeavours to restore to the Platform the Client Data stored in any back-up copy created and stored by the Client in accordance with the above. The Client acknowledges that this process will overwrite the Client Data stored on the Platform prior to the restoration.
Article VI. No Assignment of Intellectual Property Rights
Nothing in this Agreement shall operate to assign or transfer any Intellectual Property Rights from the Provider to the Client, or from the Client to the Provider. The Client acknowledges and agrees that as between Provider and the Client, all right, title and interest in and to the Hosted Services, Software, Platform, Professional Services (excluding any Client Data) and including all modifications and configurations, all Provider data, all output and all of Provider’s proprietary technology, including, without limitation, all software, products, processes, algorithms, user interfaces, know-how, techniques, designs and other tangible or intangible technical material or information made available to the Client by the Provider in providing the Services and all derivatives thereof are and shall remain the Provider’s or its licensors’. The Provider name, all Provider logos, and the product names associated with the Hosted Services, Software, Platform are trademarks of Provider or third parties, and no right or licence is granted to use them.
The Provider shall have a royalty-free, worldwide, transferable, sub-licensable, irrevocable, perpetual licence to use or incorporate into its products and services any suggestions, ideas, enhancement requests, feedback, recommendations or other information provided by Client or its Users relating to the features, functionality or operation of the Services, Software, Platform, or the Professional Services (“Feedback”). The Provider shall have no obligation to use Feedback, and Client shall have no obligation to provide Feedback.
Article VII. Charges
The Client shall pay the Charges to the Provider in accordance with this Agreement in consideration for the provision of the Services by the Provider.
If any Charge is based in whole or part upon the time spent by the Provider performing the Services, the Provider must obtain the Client’s written consent before performing Services that result in any estimate of time-based Charges given to the Client being exceeded or any budget for time-based Charges agreed by the parties being exceeded; and unless the Client agrees otherwise in writing, the Client shall not be liable to pay to the Provider any Charges in respect of Services performed in breach of this clause.
All amounts stated in or in relation to this Agreement are, unless the context requires otherwise, stated exclusive of any applicable value added taxes, which will be added to those amounts and be payable by the Client to the Provider.
Further, all amounts and Charges are exclusive of taxes and fees imposed by third parties. The Client assumes all liability which is a result of a subsequent change in any government regulation, legislation and/or law which requires an Upgrade to the Platform, Services or Software. The Client shall be responsible for the payment of all such costs and fees as required, as arising from or relating to the Services rendered hereunder. Further, Langdon CES reserves the right to pass through expenses for any fees and/or expenses (i.e. invoice additional amounts) and/or costs due to: onboarding of additional customers and/or clients and/or data on behalf of you; and a material change in Consumer Price Index (“CPI”). The Client assumes all liability for such additional fees and costs as noted in this section 7 which may require a System and/or Platform Upgrade.
At the end of the Initial Subscription Term or any extension thereafter, the Provider may elect to vary any element of the Charges by giving to the Client not less than 60 days’ written notice of the variation prior to the expiry of the Initial Subscription Term or any extension thereafter.
The Provider reserves the right to implement additional fees where necessary to account for the cost of development and implementation of system Upgrades where these are mandated by legislative, government, or regulatory industry changes.
Article VIII. Payments
The Provider shall issue invoices for the Charges to the Client for the period to which they relate. The Client must pay the Charges to the Provider within the period of thirty (30) days from the date of the invoice in accordance with this Article, provided that the Charges must in all cases be paid for the period to which they relate.
The Client must pay the Charges by bank transfer (using such payment details as are notified by the Provider to the Client).
If the Client does not pay any amount properly due to the Provider under this Agreement, the Provider may: notwithstanding the Late Payment of Commercial Debts (Interest) Act 1998, charge the Client interest on the overdue amount at the rate of 3% per annum above the Bank of England base rate from time to time (which interest will accrue daily until the date of actual payment and be compounded at the end of each calendar month).
Article IX. Confidentiality Obligations
Each party may be given access to Confidential Information from the other party in order to perform its obligations under this Agreement. A party’s Confidential Information shall not be deemed to include information that:
• is or becomes publicly known other than through any act or omission of the receiving party;
• was in the other party’s lawful possession before the disclosure;
• is lawfully disclosed to the receiving party by a third party without restriction on disclosure; or
• is independently developed by the receiving party, which independent development can be shown by written evidence.
Each party shall hold the other’s Confidential Information in confidence and not make the other’s Confidential Information available to any third party, or use the other’s Confidential Information for any purpose other than the implementation of this Agreement. Each party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this Agreement. A party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction, provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of such disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this Article 9, it takes into account the reasonable requests of the other party in relation to the content of such disclosure. Notwithstanding the above, the Provider may disclose the Client’s Confidential Information to the Provider’s officers, employees, professional advisers, insurers, agents and subcontractors who are bound by a written agreement or professional obligation to protect the confidentiality of the Client Confidential Information.
The Client acknowledges that details of the Services, and the results of any performance tests of the Services, constitute the Provider’s Confidential Information. The Provider acknowledges that the Client Data is the Confidential Information of the Client.
No party shall make, or permit any person to make, any public announcement concerning this Agreement without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including, without limitation, any relevant securities exchange), any court or other authority of competent jurisdiction.
The provisions of this Article 9 shall continue in force for a period of three (3) years following termination provided that the recipient’s obligations with respect to Confidential Information that constitutes a trade secret shall survive for the longer of such three (3) year period or for so long as such information constitutes a trade secret under applicable law, at the end of which period they will cease to have effect.
Article X. Data Protection
During the provision of Services under the Agreement, the parties may have access to or process personal data belonging to the other parties’ employees or contractors including without limitation business contact information (“The Licensee personal data”) which is necessary to maintain the business relationship and perform the Agreement and obligations contained within. The parties warrant that they shall each process the other parties’ personal data in compliance with applicable data protection laws, hold such information in confidence, maintain in place adequate technical and organisational measures to protect the processed personal data and process it only to the extent needed to fulfil and administer the Agreement and Services thereunder.
Each party shall notify the other party without delay of any breach of any applicable data protection laws or personal data being lost or compromised and cooperate with the other party around assistance on it.
Article XI. Warranties
The Provider warrants to the Client that:
• the Provider has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement.
• the Provider will comply with all applicable legal and regulatory requirements applying to the exercise of the Provider’s rights and the fulfilment of the Provider’s obligations under this Agreement.
• the Provider has or has access to all necessary know-how, expertise, and experience to perform its obligations under this Agreement.
The Provider shall use commercially reasonable efforts to ensure that:
• the Platform and Hosted Services will conform in all respects with the Hosted Services Specification.
• the Hosted Services will be free from Hosted Services Defects.
• the application of Updates and Upgrades to the Platform by the Provider will not introduce any Hosted Services Defects into the Hosted Services.
• the Platform will be free from viruses, worms, Trojan horses, ransomware, spyware, adware and other malicious software programs.
• the Platform will incorporate security features reflecting the requirements of good industry practice.
• the Services will be performed in accordance with reasonable skill and care and Good Industry Practice.
The Provider further acknowledges that:
• it has and will maintain all necessary licences, consents, and permissions required for the performance of its obligations under this Agreement;
• it will not knowingly do or omit to do anything which may cause the Client to lose any licence, authority, consent or permission on which it relies for the purposes of conducting its business;
• in relation to the Software and the Services, it shall maintain such accreditation(s) and certifications throughout the term of this Agreement;
• it shall take all reasonable steps not to introduce any Viruses or Known Vulnerabilities or Latent Vulnerabilities into the Client’s network and information systems via the Services or Software or otherwise;
• the information in Annex 1 on the security of its network and information systems is up to date and accurate and that it will update the Client immediately if there are any changes to such information;
• it shall at all times in accordance with Good Industry Practice implement, operate, maintain, and adhere to, appropriate policies to cover the issues specified in this Agreement, including an incident management process which shall enable the Provider, as a minimum, to discover and assess Incidents, and to prioritise those Incidents, sufficient to meet its reporting obligations under this Agreement; and
• Mitigate against all Incidents.
The Provider warrants to the Client that the Hosted Services, when used by the Client in accordance with this Agreement, will not knowingly breach any laws, statutes or regulations applicable under English law.
The Provider warrants to the Client that the Hosted Services, when used by the Client in accordance with this Agreement, will not knowingly infringe the Intellectual Property Rights of any person.
If the Provider reasonably determines, or any third party alleges, that the use of the Hosted Services by the Client in accordance with this Agreement infringes any person’s Intellectual Property Rights, the Provider may at its own cost and expense:
• modify the Hosted Services in such a way that they no longer infringe the relevant Intellectual Property Rights; and
• procure for the Client the right to use the Hosted Services in accordance with this Agreement.
The Client warrants to the Provider:
• it has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement;
• the Client will comply with all applicable legal and regulatory requirements applying to the Client’s submission of data and its obligations to obtain the necessary consents and acknowledgements regarding the processing of personal information;
• the Client shall maintain appropriate administrative, physical, and technical safeguards to protect the security and integrity of the submission of Client Data into the Platform and/or Hosted Services;
• to be responsible for obtaining and maintaining, at its own expense, all computer hardware, software, communication equipment and access lines necessary to access and use the Service, except for the Software which the Provider will make available for the Client’s use pursuant to the Agreement;
• to maintain the confidentiality of its login ID and password. The Client is responsible for all use of its accounts, whether or not such use was actually or expressly authorised by the Client;
• that it has all authorisations from HMRC necessary to use the Service, including without limitation that it is authorised by HMRC to operate a Customs Warehouse for SDWs and to defer payment of customs and excise charges;
• to inform the Provider immediately if any of the authorisations are revoked at any time during the Term of this Agreement; and
• to indemnify the Provider and keep the Provider at all times fully indemnified from and against all actions, proceedings, claims, demands, costs (including without prejudice to the generality of this provision the legal costs of the Provider on a solicitor and own client base) and other liabilities however arising directly or indirectly as a result of any breach or non-performance by the Client of any Client’s undertakings, covenants, warranties or obligations under these Conditions.
The Client warrants to Provider that Client:
• shall not use the Service or the Software other than for the Permitted Use nor use the Service or the Software for the purpose of operating a bureau service whether for third parties including without limitation for associated companies, unless authorised by the Provider;
• shall not print off copies of declarations submitted by the Client using the Service other than as reasonably necessary for the purpose of record-keeping;
• shall not (and shall not allow any third party to): reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code form or structure of the Hosted Services, Platform, or Software or access the Hosted Services, Platform or Software in order to build a competitive product or service or copy any ideas, features, functions or graphics of the Hosted Service, Platform and or Software. Except as expressly permitted in this Agreement, the Client shall not copy, license, sell, transfer, make available, lease, time-share, distribute, or assign this licence, the Software or Hosted Services to any third party;
• shall not merge or combine the whole or any part of the Software with any other software;
• shall not use the Hosted Services, Platform or Software to: (a) send, upload or otherwise transmit any Client Data that is unlawful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libellous, invasive of another’s privacy, hateful, or racially, ethnically or otherwise objectionable; (b) upload or otherwise transmit, display or distribute any Client Data that infringes any trademark, trade secret, copyright or other proprietary or intellectual property rights of any person; (c) upload or otherwise transmit any material that contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment; (d) interfere with or disrupt the Subscription Service or networks connected to the Subscription Service; or (e) violate any applicable law or regulation;
• covenants during the Subscription Term and for a period of one year after the expiration or termination for any reason of the Agreement, whether itself or together with any other person, firm or company in any capacity whatsoever, save as authorised hereunder, directly or indirectly not to solicit any person who is at that time or has at any time in the previous year been employed by the Provider in connection with the provision of the Service nor otherwise directly or indirectly induce or seek to induce any such person to leave his or her employment;
• will defend Provider against any claim, demand, suit or proceeding made or brought against Provider by a third party (i) alleging that the Client Data, or any use thereof, infringes the intellectual property rights or proprietary rights of others, or has caused harm to a third party, (ii) arising out of or attributable to the Client’s breach of the above (restrictions on Client), or (iii) arising out of or attributable to the Client’s misuse of the Hosted Services, Platform or Software (each, a “Claim Against Provider”), and will indemnify the Provider from any damages, reasonable attorney fees and costs finally awarded against the Provider as a result of, or for any amounts paid under a court-approved settlement of a Claim Against Provider.
All the parties’ warranties and representations in respect of the subject matter of this Agreement are expressly set out in this Agreement. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of this Agreement will be implied into this Agreement or any related contract.
Subject to the insurance amounts as noted within this Agreement, the Provider shall indemnify and hold harmless and defend the Client, the Authorised Users, its affiliates and subsidiaries and its and their officers, directors and employees against any and all liabilities, costs, expenses, damages and losses actually incurred (including but not limited to any direct suffered or incurred or paid by the Client) arising out of a third-party alleging that the Hosted Services, as provided by the Provider to the Client under this Agreement infringes any patent, copyright, or trademark or misappropriates any trade secret of any third party (each, an “Infringement Claim”). The Provider will indemnify the Client for all actual incurred damages, costs, reasonable attorneys’ fees finally awarded by a court of competent jurisdiction, or paid to a third party in accordance with a settlement agreement signed by the Provider, in connection with an Infringement Claim. In the event of any such Infringement Claim, the Provider, may, at its option: (i) obtain the right to permit the Client to continue using the Hosted Services, (ii) modify or replace the relevant portion(s) of the Hosted Services with a non-infringing alternative having substantially equivalent performance within a reasonable period of time, or (iii) terminate this Agreement as to the infringing Hosted Services and provide a pro rata refund of any prepaid, unused fees for such infringing Hosted Services. Notwithstanding the foregoing, the Provider will have no liability for any Infringement Claim of any kind to the extent that it results from: (1) modifications to the Service made by a party other than the Provider, (2) the combination of the Hosted Service with other products, processes or technologies (where the infringement would have been avoided but for such combination), or (3) the Client’s use of the Hosted Services other than in accordance with this Agreement. The indemnification obligations set forth in this section are the Provider’s sole and exclusive obligations, and the Client’s sole and exclusive remedies, with respect to infringement or misappropriation of third-party intellectual property rights of any kind.
If the Provider is required to indemnify the Client under this Agreement, the Client shall:
• notify the Provider in writing of any claim against it in respect of which it wishes to rely on the indemnity (a Claim);
• allow the Provider, at its own cost, to conduct all negotiations and proceedings and to settle the Claim, always provided that the Provider shall obtain the Client’s prior approval of any settlement terms, such approval not to be unreasonably withheld;
• provide the Provider with such reasonable assistance regarding the Claim as is required by the Provider, subject to reimbursement by the Provider of the Client’s costs so incurred; and
• not, without prior consultation with the Provider, make any admission relating to the Claim or attempt to settle it, provided that the Provider considers and defends any Claim diligently, using competent counsel and in such a way as not to bring the reputation of the Client into disrepute.
Article XII. Acknowledgements and Warranty Limitations
The Client acknowledges that complex software is never wholly free from defects, errors, and bugs; and subject to the other provisions of this Agreement, the Provider gives no warranty or representation that the Hosted Services will be wholly free from defects, errors, and bugs.
The Client acknowledges that complex software is never entirely free from security vulnerabilities; and subject to the other provisions of this Agreement, the Provider gives no warranty or representation that the Hosted Services will be entirely secure.
The Client acknowledges that the Hosted Services are designed to be compatible only with that software and those systems specified as compatible in the Hosted Services Specification; and the Provider does not warrant or represent that the Hosted Services will be compatible with any other software or systems.
The Client acknowledges that the Provider will not provide any legal, financial, accountancy or taxation advice under this Agreement or in relation to the Hosted Services; and, except to the extent expressly provided otherwise in this Agreement, the Provider does not warrant or represent that the Hosted Services or the use of the Hosted Services by the Client will not give rise to any legal and/or financial liability on the part of the Client or any other person.
EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH IN THIS AGREEMENT, THE PROVIDER AND ITS SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES RELATING TO THE HOSTED SERVICES, SOFTWARE, PLATFORM, PROFESSIONAL SERVICES OR OTHER SUBJECT MATTER OF THIS AGREEMENT, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF NON-INFRINGEMENT OF THIRD-PARTY RIGHTS, TITLE, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE PROVIDER MAKES NO WARRANTY REGARDING ANY NON-PROVIDER APPLICATION WITH WHICH THE SERVICE MAY INTEROPERATE.
Article XIII. Limitations and Exclusions of Liability
Nothing in this Agreement will:
• limit or exclude any liability for death or personal injury resulting from negligence.
• limit or exclude any liability for fraud or fraudulent misrepresentation.
• limit any liabilities in any way that is not permitted under applicable law.
• exclude any liabilities that may not be excluded under applicable law.
The limitations and exclusions of liability set out in this Article and elsewhere in this Agreement:
• are subject to Article I
• govern all liabilities arising under this Agreement or relating to the subject matter of this Agreement, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in this Agreement.
Except payment obligations, neither party shall be liable to the other party in respect of any losses arising out of a Force Majeure Event.
Neither party shall be liable to the other party in respect of any loss of profits or anticipated savings.
Neither party shall be liable to the other party in respect of any loss of revenue or income.
Neither party shall be liable to the other party in respect of any loss of use or production.
Neither party shall be liable to the other party in respect of any loss of business, contracts, or opportunities.
Neither party shall be liable to the other party in respect of any special, indirect, or consequential loss or damage.
Neither party shall be liable to the other party in respect of any loss or corruption of any data or software; providing that this Article shall not protect the Client unless the Client has fully complied with its obligations.
The aggregate liability of the Client to the Provider under this Agreement in respect of any event or series of related events shall not exceed the greater of:
• £2,000,000; or
• the total amount paid and payable by the Client to the Provider under this Agreement in the 12-month period preceding the commencement of the event or events.
Subject to the extent permitted by law and not to exceed the insurance amounts as noted herein, in no event shall the aggregate liability of Provider arising out of or related to this Agreement exceed the total amount paid by Client hereunder for the Service giving rise to the liability in the twelve (12) month period preceding the first incident out of which the liability arose, and to the extent such period does not exist, the contractual amount to be paid in the next available twelve (12) month period shall be utilised.
Article XIV. Force Majeure Event
If a Force Majeure Event gives rise to a failure or delay in either party performing any obligation under this Agreement (other than any obligation to make a payment), that obligation will be suspended for the duration of the Force Majeure Event.
A party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that party performing any obligation under this Agreement, must:
• promptly notify the other; and
• inform the other of the period for which it is estimated that such failure or delay will continue.
A party whose performance of its obligations under this Agreement is affected by a Force Majeure Event must take reasonable steps to mitigate the effects of the Force Majeure Event.
Article XV. Termination
The Charges and prices set out in this Agreement are fixed for the Initial Subscription Term which is three (3) years.
Without affecting any other right or remedy available to it, either party may terminate this Agreement with immediate effect by giving written notice to the other party if:
• the other party fails to pay any amount due under this Agreement on the due date for payment and remains in default not less than 14 days after being notified in writing to make such payment;
• the other party commits a material breach of any other term of this Agreement and (if such breach is remediable) fails to remedy that breach within a period of 30 days after being notified in writing to do so;
• the other party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986;
• the other party commences negotiations with all or any class of its creditors with a view to rescheduling any of its debts, or makes a proposal for or enters into any compromise or arrangement with its creditors other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
• the other party applies to court for, or obtains, a moratorium under Part A1 of the Insolvency Act 1986;
• a petition is filed, a notice is given, a resolution is passed, or an order is made, for or in connection with the winding up of that other party other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
• an application is made to court, or an order is made, for the appointment of an administrator, or if a notice of intention to appoint an administrator is given or if an administrator is appointed, over the other party (being a company, partnership or limited liability partnership);
• the holder of a qualifying floating charge over the assets of that other party (being a company or limited liability partnership) has become entitled to appoint or has appointed an administrative receiver;
• a person becomes entitled to appoint a receiver over the assets of the other party or a receiver is appointed over the assets of the other party;
• a creditor or encumbrancer of the other party attaches or takes possession of, or a distress, execution, sequestration or other such process is levied or enforced on or sued against, the whole or any part of the other party’s assets and such attachment or process is not discharged within 14 days;
• any event occurs, or proceeding is taken, with respect to the other party to which it is subject that has an effect equivalent or similar to any of the events mentioned above;
• the other party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business; or
• the other party’s financial position deteriorates so far as to reasonably justify the opinion that its ability to give effect to the terms of this Agreement is in jeopardy.
On termination of this Agreement for any reason:
• all licences granted under this Agreement shall terminate immediately on the date of the termination of this Agreement;
• for the avoidance of doubt, the Client shall be entitled to reasonable access to the Platform and historical data for a period of up to ninety (90) days from the date of the termination;
• the Client shall pay all outstanding amounts otherwise due and payable under this Agreement;
• subject to this section, each party shall return and make no further use of any property, Documentation and other items (and all copies of them) belonging to the other party;
• save as where the Client is in breach of this Agreement, the Provider shall provide all reasonable assistance and information requested by Client and shall co-operate reasonably with Client and any replacement provider of the Services to facilitate a smooth transition from the Provider; and
• any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the agreement which existed at or before the date of termination shall not be affected or prejudiced.
On termination of this Agreement for any reason, the Provider:
• other than as instructed by the Client, shall make no further use of the Client Data;
• at the written direction of the Client, the Provider and upon payment of the Provider’s applicable daily professional services daily fees, provide Client Data to the Client or make such Client Data available to the Client; and
• the Provider shall preserve all Client Data in its possession until it has received any such instructions.
Article XVI. Effects of Termination
Upon the termination of this Agreement, all the provisions of this Agreement shall cease to have effect and all amounts due to Provider shall be remitted immediately by Client.
Except to the extent that this Agreement expressly provides otherwise, the termination of this Agreement shall not affect the accrued rights of either party.
Article XVII. General
No breach of any provision of this Agreement shall be waived except with the express written consent of the party not in breach.
Each party shall maintain in full force and effect during the term of this Agreement the following insurance: (a) employer’s liability insurance with limits to conform with amounts required by applicable law; (b) general liability insurance with limits not less than two million (£2,000,000) per occurrence; and (c) Professional liability (Errors and Omissions) and Cyber Insurance each with limits not less than one million (£1,000,000) annual aggregate for all claims each policy year.
If any provision of this Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions of this Agreement will continue in effect. If any unlawful and/or unenforceable provision would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect (unless that would contradict the clear intention of the parties, in which case the entirety of the relevant provision will be deemed to be deleted).
This Agreement may not be varied except by a written document signed by or on behalf of each of the parties.
This Agreement shall be binding upon and for the benefit of Provider, the Client and their permitted successors and assigns. The Provider may assign this Agreement as part of a corporate reorganisation, consolidation, merger, or sale of all or substantially all of its assets. The Client may, with the prior written consent of the Provider, assign, transfer, charge, license or otherwise deal in or dispose of any contractual rights or obligations under this Agreement.
This Agreement is made for the benefit of the parties and is not intended to benefit any third party or be enforceable by any third party. The rights of the parties to terminate, rescind, or agree any amendment, waiver, variation, or settlement under or relating to this Agreement are not subject to the consent of any third party.
Subject to Article XIV, this Agreement together with the relevant Statement of Work(s), shall constitute the entire agreement between the parties in relation to the subject matter of this Agreement, and shall supersede all previous agreements, arrangements, and understandings between the parties in respect of that subject matter.
This Agreement shall be governed by and construed in accordance with English law.
The courts of England shall have exclusive jurisdiction to adjudicate any dispute arising under or in connection with this Agreement.
If there is an inconsistency between this Agreement, the Statement of Work and the Proposal, this Agreement shall prevail.
No failure or delay by a party to exercise any right or remedy provided under this Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.
Nothing in this Agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
This Agreement does not confer any rights on any person or party (other than the parties to this Agreement and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999.
This Agreement may be executed in any number of counterparts, each of which shall constitute a duplicate original, but all the counterparts shall together constitute the one agreement. No counterpart shall be effective until each party has provided or delivered to the other at least one executed counterpart.
Any notice required to be given under this Agreement shall be in writing and shall be delivered by hand or sent by pre-paid first-class post or recorded delivery post to the other party at its registered office and also to the address set out in this Agreement (as noted below), or such other address as may have been notified by that party for such purposes. A notice delivered by hand shall be deemed to have been received when delivered (or if delivery is not in business hours, at 9 am on the first business day following delivery). A correctly addressed notice sent by pre-paid first-class post or recorded delivery post shall be deemed to have been received at the time at which it would have been delivered in the normal course of post.
Provider: servicedesk@langdoncustoms.com
Article XVIII. Interpretation
In this Agreement, a reference to a statute or statutory provision includes a reference to:
• that statute or statutory provision as modified, consolidated and/or re-enacted from time to time
• any subordinate legislation made under that statute or statutory provision.
The Clause headings do not affect the interpretation of this Agreement.
References in this Agreement to “calendar months” are to the 12 named periods (January, February and so on) into which a year is divided.
In this Agreement, general words shall not be given a restrictive interpretation by reason of being preceded or followed by words indicating a particular class of acts, matters or things.
Annex 1 – Specification of Hosted Services for DMS Cloud
Hosted Solution:
The annual hosting charge consists of:
• Data storage capped at 600GB.
• 3rd-Party Licences
• Azure UK datacentres offer 99.999% uptime.
• T1 Connectivity
Business Continuity and Disaster Recovery:
• All Azure cloud-based servers and data are backed up and replicated locally.
• All virtual machines are backed up at machine level. All client data contained in each server is included within the back-up process.
Security:
• Physical site security at company locations with access control systems
• AES 256-bit Encryption
• Azure Gateway
• Enterprise Antivirus
• 24/7 Monitoring
• External regular Vulnerability and Penetration testing
Application:
• Using Microsoft Web Apps via SSL, the application will appear to run locally on Mac or Windows.
Application changes:
• Upgrade to Genero 3.1 (pre-requisite for CDS)
• Enable additional functionality:
• Auto download with wildcard functionality.
• Auto Backup functionality.
Archive:
• HMRC requires data to be stored securely for 7 years from the tax point date of the import or removal as part of an audit trail.
• We offer a service to maintain the data and software licence(s) for read-only access as part of the HMRC retention requirements upon the termination of the use of DMS Cloud at an annual charge of:
• Software renewal costs – 30%
• Hosting costs – 30%
• Should you opt not to use this service, upon written request we can provide a copy of your data on a suitable storage device within your hosting period. Data will be permanently deleted at the end of the hosting period.
• Any additional environments (TEST/UAT) charged based on time and materials, subject to L&M.
• Additional time and materials required by the Client for project management will be charged at £1200 per day.
File Transfer:
• Either sFTP with or without PGP encryption or WebApp for uploads, with IP Whitelisting as a requirement.
Professional Services:
• Setup new hosted environment and database.
• Configure file transfer via VPN, webapp or sFTP.
• Migrate data and database from current server to cloud.
Miscellaneous:
• The UK service desk is open from 0830 to 1730 GMT, excluding UK Public Holidays
• We endeavour to perform software maintenance out of hours.
• Scheduled maintenance windows for all client-facing servers are Saturday 21.00 to 05.00 Sunday
• Emergency maintenance will be communicated to formal contacts with as much notice as possible. It is the Client’s responsibility to ensure that the correct contact details are communicated and maintained.
Annex 2 – Financial Provisions
TBD in accordance with SOW and or Proposal
| Year 1 Product & Services | Amount | Unit Price | Standard Price |
| Consultancy | |||
| Project management | |||
| Implementation & Testing | |||
| Development | |||
| Training | |||
| Year 1 | |||
| DMS Cloud | |||
| Azure Cloud Operational Costs |
| Total | |
| SaaS Payments: |
Note: Years 2 and 3 will include CPI pricing along with licence and hosting as indicated in the applicable Statement of Work. Payment 30 days in arrears on receipt of a valid VAT invoice to be invoiced on a monthly basis.
| Description: | Payment condition: |
| Additional Professional Services | £1,200 day rate |
| Third Party Software | On installation – with licence annually thereafter. |
| Additional Environments License & Maintenance | On installation and annually thereafter. |
Pricing does not include out-of-scope matters such as but not limited to: recommendations for other Langdon products not explicitly listed in scope; resolution of existing production issues; implementation of any prior custom solutions; and delivery of additional training sessions, communication drafts, resource or reference guides.
Annex 3 – SLA Agreement – Service Levels
The Provider will ensure best efforts to meet the Service Levels as noted below. The Provider will not be responsible for failure to meet Service Levels due to Client default, such as providing inadequate information as may be requested by the Provider; or negligent acts by the Client which are the direct result of a system failure. (Service Levels apply during core business hours only)
| Type | Priority | Description | Initial Response | Resolution |
| Incident | S1 | System Down | 1 Hour | 1 Day |
| S2 | Significant Impact | 2 Hours | 1 Day | |
| S3 | Moderate Impact | 3 Hours | 5 Days | |
| S4 | Minimal Impact | 5 Hours | 10 Days |
| Problem | 5 Hours | 20 Days |
| Service Request | 5 Hours | 15 Days |
| Change Request (Standard) | 1 Day | 5 Days |
| Change Request (Emergency) | 1 Hour | 2 Days |
Annex 4 – Security of systems and facilities
Langdon Customs & Excise Solutions Ltd understands the information security needs and expectations of its interested parties both within the organisation and from external parties including, amongst others, customers, clients, suppliers, partners, investors, shareholders (if applicable), regulatory and governmental departments and employees. The Company is committed to providing the highest quality of service and we expect all members of the Company to act with professionalism. This includes maintaining information security standards and procedures. Information security is everyone’s responsibility.
The Company has recognised that the disciplines of confidentiality, integrity and availability of information in Information Security Management are integral parts of its management function and views these as their primary responsibility and fundamental to best business practice.
The Company develops procedures and best practices to an Information System Management System (ISMS) which meets the requirements of International Standards ISO27001: 2022 including the statement of applicability which assists the company in maintaining high technical standards and a commitment to excellence in all management and administration tasks.
To this end the company has produced this Information Security Policy aligned to the requirements of ISO/IEC 27001:2022
The Company’s policies therefore are to:
• carry out all work to high standards and to always meet or exceed the requirements of the contract and any relevant statutory regulation.
• respond promptly and effectively to the Client’s requests for assistance.
• be professional and courteous in all our dealings with Clients and suppliers.
• continually seek ways to improve the company’s products/services, work processes and Information System Management System.
• identify and comply with all applicable statutory/legal requirements that relate to environmental aspects with a view to being carbon neutral and the prevention of pollution in relation to any of the Company’s work activities.
• enhance the Company’s Security performance.
• work closely with employees, Clients, business partners and suppliers in seeking to establish appropriate information security standards;
• instruct all members of staff in the needs and responsibilities of Information Security Management;
• constantly strive to meet, and where possible exceed, its Client’s expectations;
• implement continual improvement initiatives, including risk assessment and risk treatment strategies, while making best use of its management resources to better meet information security requirements.
• commit to provide safe and healthy working conditions for the prevention of work-related injury/or ill health that is appropriate to the purpose, the size and context of the Company.
Annex 5 – Mandatory Policies
The Client expects the Provider to meet the following Mandatory Policies which must be in accordance with Good Industry Practice:
GDPR
Corporate and Social Responsibility
Privacy
Modern Slavery Policy