Terms & Conditions

Resilient Plc trading as Smartnumbers Terms & Conditions for the provision of Smartnumbers Services.

1. DEFINITIONS

1.1 In the Contract, unless the context otherwise requires, the following words and expressions shall have the following meanings:

Annex” or “Annexes” means the annexes to the Terms and Conditions.

API Charges” means the usage based charges that Customer may incur in the importing or exporting of files into the Services.

Applicable Law” means any of the following which are applicable to the provision or receipt of the Service:
a) any relevant statute, statutory instrument, bye-law, order, directive, treaty, decree or law (including any common law, judgment, demand, order or decision of any court, regulator or tribunal);
b) binding rule, policy, guidance or recommendation issued by any governmental, statutory or regulatory body; and/or
c) binding industry code of conduct or guideline.

Authorised Customer Contact” means the Customer contact identified as such in the Order Form.

Charges” means the charges payable by Customer to Supplier for the Services, comprising of the:
a) Connection Charges;
b) Subscription Charges; and
c) Usage Charges.

Confidential Information” means information (in any form) disclosed by a Party to the other Party including trade secrets, operations, processes, plans, intentions, services, product information, know-how, designs, market opportunities, transactions, business affairs and any information (whether or not included in the above examples) which is either labelled as confidential or that might reasonably be considered as such because of its nature and the manner of its disclosure, and which shall include the terms of the Contract, including pricing.

Connection Charges” means the one-off charge payable by Customer to Supplier for the set up of the Service as set out in the Order Form.

Contract” has the meaning given to it in section 2.2.

Customer Data” means any data (including Personal Data), documents, text, drawings, diagrams, images or sounds (together with any database made up of any of those), embodied in any medium, that are provided to Supplier by or on behalf of Customer, or which Supplier is required to generate, process, store or transmit pursuant to any Contract and including, for the avoidance of doubt, any recordings of telephone calls as part of the Services, which may include data regarding Users.

Customer” means the customer to whom the Service is being provided as set out in the Order Form.

Customer’s Site” means a site or premises that may be identified in the Order Form where Supplier may need access in order for Supplier to set-up, provide and manage the Service, and where the Customer is responsible to provide all necessary consents and permissions.

Data Protection Laws” means all applicable laws and regulations relating to the processing of Personal Data and privacy including: (i) the Data Protection Act 2018; (ii) the General Data Protection Regulation (EU) 2016/679 (“GDPR“); (iii) the GDPR as incorporated into UK law by the European Union (Withdrawal) Act 2018 and amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (“UK GDPR“); (iv) the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC); (v) the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426); and (vi) any statutory instrument, order, rule or regulation made under each of items (i) – (v), each as amended, replaced, extended, re-enacted or consolidated from time to time.

Extension Term” has the meaning given to it in section 12.1.

Force Majeure Event” means an event beyond a Party’s control, including:
(a) extreme abnormal weather conditions;
(b) nuclear, chemical or biological contamination;
(c) war, civil commotion or terrorist attack;
(d) interruption or failure of a utility service including electric power, gas, water or telecommunication services;
(e) acts of God, floods, earthquakes, or other natural disaster, epidemic or pandemic; or
(f) acts of local or central Government or other competent authorities.

Insolvency Event” means, in respect of either Party:
a) other than for the purposes of a bona fide reconstruction or amalgamation, such party passing a resolution for its winding up, or a court of competent jurisdiction making an order for it to be wound up or dissolved, or that party being otherwise dissolved;
b) the appointment of an administrator of, or the making of an administration order in relation to, either party, or the appointment of a receiver or administrative receiver of, or an encumbrancer taking possession of or selling, the whole or any part of the entity’s undertaking, assets, rights or revenue;
c) that party entering into an arrangement, compromise or composition in satisfaction of its debts with its creditors or any class of them, or taking steps to obtain a moratorium, or making an application to a court of competent jurisdiction for protection from its creditors;
d) that party being unable to pay its debts, or being capable of being deemed unable to pay its debts, within the meaning of section 123 of the Insolvency Act 1986; or
e) that party entering into any arrangement, compromise or composition in satisfaction of its debts with its creditors.

Minimum Term” means the minimum term that the Service shall be provided for as set out in the Order Form, commencing on the Service Start Date.

Order Form” has the meaning given to it in section 2.1.

Personal Data” means any information relating to an identified or identifiable natural person, which Supplier processes on Customer’s behalf in providing the Service under this Contract.

Regulatory Body” means those government departments and regulatory, statutory and other entities, committees and bodies which, whether under statute, rules, regulations, codes of practice or otherwise, are entitled by any Applicable Law or regulation to supervise, regulate, investigate or influence the matters dealt with in any Contract or any other of Customer’s affairs.

Renewal Period” means for the Service, the initial 12 month period following the Minimum Period of Service, and each subsequent 12 month period.

Standard Contractual Clauses” or “SCCs means, as applicable:

a) for transfers of Personal Data from the European Economic Area, the standard contractual clauses, including the provisions of “Module Two: Transfer controller to processor”, approved by the European Commission decision 2021/914 of 4 June 2021;

b) for transfers of Personal Data from the United Kingdom, either:

i) the standard contractual clauses for the transfer of Personal Data to processors established in third countries contained in the annex to European Commission decision 2010/87/EC of 5 February 2010 to the extent that those standard contractual clauses remain a valid transfer mechanism under the UK GDPR; or

ii) any standard contractual clauses adopted by the United Kingdom for the purposes of the UK GDPR in respect of transfers of Personal Data from the United Kingdom.

Security Policy” means Supplier’s security policy as may be updated by Supplier from time to time and made available to Customer upon request.

Service Description” means the description of the Service as set out in Annex 2.

Service Management Boundary” has the meaning given to it in section 4.4.

Service Start Date” means the date on which the Service will be available for use as notified to Customer by Supplier in accordance with section 4.2(d).

Service” has the meaning given to it in section 2.2.

SLAs” mean the service level arrangements for the Service as set out in Annex 2.

Storage Charges” means the usage based charges that Customer may incur in storing of audio and associated files with the Service.

Subscription Charges” means the recurring charge Customer pays to Supplier for use of the Service as set out in the relevant Order.

Supplier Equipment” means any equipment and related software owned by Supplier that Supplier may use to provide the Service at the Customer’s Site.

Supplier Representative” means the Supplier contact identified as such in the Order Form.

Supplier Support Desk” means the customer support desk provided by Supplier as referred to in the Service Description.

Supplier” means Resilient Plc trading as Smartnumbers (registered company number 01403177) whose registered office is at 25-27 Shaftesbury Avenue, London W1D 7EQ.

Supplier’s Price List” means the Supplier’s standard tariffs for the Usage Charges as may be amended from time to time in accordance with section 7.3.

Telephony Charges” means the usage based charges that Customer may incur making or receiving telephone calls using the Services.

Terms and Conditions” has the meaning given to it in section 2.1.

Transcription Charges” means the usage based charges that Customer may incur in the creation of transcripts from audio files that Customer may store in the Service.

Usage Charges” means the usage based charges payable at the rates set out in the Supplier’s Price List, comprising of the:
a) Telephony Charges;
b) Storage Charges;
c) Transcription Charges; and
d) API Charges.

User” means a person authorised by Customer to use the Service.

Welcome Pack” means the operational documents provided by Supplier confirming the Service Start Date in accordance with section 4.2.

2. CONTRACT STRUCTURE

2.1 These terms and conditions contain general terms relating to the provision of services by Supplier to Customer (the “Terms and Conditions”). Where Customer requires a service to be provided by Supplier, the Parties will agree and execute an order form (“Order Form”).

2.2 Each agreement of an Order Form operates as a separate contract between Customer and Supplier for the provision and use of the services as identified in that Order Form (collectively, the “Service”), and is made up of the following documents: (a) these Terms and Conditions; (b) the Annexes; and (c) the Order Form (which together are referred to as the “Contract”).

2.3 In the event of conflict between the terms making up each Contract, the following order of precedence shall apply where those items earlier in the list shall take precedence over those items later on: (a) the Order Form;(b) the Annexes; and (c) the sections of these Terms and Conditions.

2.4 Customer agrees that Supplier shall not be liable to provide the Service unless and until an Order Form has been agreed between the Parties in relation to the Service.

3. RELATIONSHIP AND GOVERNANCE

3.1 Each Party will cooperate with the other Party in good faith in the performance of its respective activities contemplated by the Contract through, among other things, making available, as reasonably requested by the other Party, such management decisions, information, resources, facilities, technology, approvals and acceptances in order that the provision of the Service under the Contract may be accomplished in a proper, timely and efficient manner. Except as expressly provided otherwise, where agreement, approval, acceptance or consent of either Party is required by any provision of the Contract, such action will not be unreasonably withheld or delayed.

3.2 The Parties shall meet or communicate as required to discuss the delivery and receipt of the Service, any proposals for change and any other issues relating to the Service, and may agree a more regular meeting commitment as required.

4. THE SERVICE

4.1 Supplier will provide Customer with the Service in accordance with the terms of the Contract.

4.2 Before the Service Start Date, Supplier will:
(a) request certain information from Customer in order for Supplier to commence with the set-up of the Service;
(b) provide Customer with contact details for the Supplier Support Desk;
(c) build and test the Service to ensure that it is configured correctly in accordance with the Service Description; and
(d) following completion of the activities in this section 4.2, send the Authorised Customer Contact a Welcome Pack which confirms the Service Start Date.

4.3 On and from the Service Start Date, Supplier:
(a) will provide the Service in accordance with the SLAs;
(b) may carry out maintenance from time to time and will use reasonable endeavours to inform Customer at least five (5) days before any planned maintenance affecting the Service, however Customer agrees that Supplier may provide less notice where emergency maintenance is required or where Supplier has not been provided with sufficient notice by a third party supplier;
(c) reserves the right to suspend the Service without notice if:
(i) Supplier reasonably believes the Service is being used by Customer in breach of these Terms and Conditions; or
(ii) Customer notifies Supplier that someone has gained unauthorised access to the Service.

4.4 Supplier will provide and manage the Service as set out in the Order and the Service Description (the “Service Management Boundary”), and Supplier is not responsible for the Service outside of the Service Management Boundary.

4.5 Where Supplier provides a call analysis service, that service is limited only to an indication of fraudulent activity based on the profile of the caller, and any further action to prevent a potential fraud will have to be taken by Customer.

4.6 Customer will not own any telephone numbers made available as part of the Service, and apart from any rights to number portability, all Customer rights to use telephone numbers will end on termination or expiry of the Service.

5. CUSTOMER’S OBLIGATIONS

5.1 Customer shall:
(a) appoint an Authorised Customer Contact, who shall have the authority to make decisions regarding the operation of the Service and to contractually bind Customer on all matters relating to the Service, however Supplier may also accept instructions from a person at Customer who Supplier reasonably believes is acting with Customer’s authority;
(b) provide access to Customer’s Site and data and other facilities as may reasonably be requested by Supplier and agreed with Customer in advance, in order for Supplier to set-up, provide and manage the Service, including for the purposes of installation and maintenance of Supplier Equipment (where necessary);
(c) co-operate fully in providing any information reasonably required, including, should Supplier require access to Customer’s Site for any purpose, including to install or maintain Supplier Equipment, information in relation to health and safety and the environment, without undue delay, and make sure the information provided is accurate and complete;
(d) obtain and maintain any equipment, associated services and network connections necessary to access and use the Service, and shall: (i) ensure that these meet the minimum requirements of the Service as set out in the Service Description; and (ii) pay any applicable third-party fees and charges incurred for these purposes;
(e) report any incidents from Users to the Supplier Support Desk using the reporting procedure as set out in the Service Description or as agreed in writing with the Supplier;
(f) co-operate fully in providing information to enable any fault to be diagnosed including carrying out any reasonable testing that Supplier requests of Customer;
(g) secure any underlying rights, licences, wayleaves and consents and comply with any regulatory requirements associated with Customer’s use of the Service;
(h) use the Service in accordance with Applicable Law, and the Acceptable Use Policy;
(i) notify Supplier if at the time of entering into the Contract, or at any point during the term of the Contract, Customer is a business with ten (10) or fewer employees; and
(j) be responsible for all acts and omissions of Users, as if they were the acts and omissions of Customer, and for ensuring that anyone who uses the Service does so in accordance with the Contract.

5.2 Supplier may provide Supplier Equipment to enable Supplier to provide the Service to Customer. Any Supplier Equipment shall be provided on a temporary basis, unless specifically documented in an Order Form as being sold to Customer. Upon expiration or termination of the Contract, or when Supplier Equipment is no longer needed to enable Supplier to provide the Service at a Customer Site, Supplier may direct Customer to either return the Supplier Equipment to Supplier or make the Supplier Equipment available for removal by Supplier. Customer shall ensure that the Supplier Equipment is in the same condition as originally installed, save for ordinary wear and tear, and Customer will be liable for repair charges or the then-current market value of any Supplier Equipment that is damaged or lost.

6. SECURITY

6.1 Supplier will comply with its Security Policy in providing the Service, however Supplier does not guarantee the Service against unauthorised or unlawful access or use.

6.2 Customer will be provided with passwords for accessing and using the Service, and is responsible for all activities and use of the Services under these passwords.

6.3 Customer shall:
(a) treat such passwords as confidential and must not reveal them to any third party;
(b) distribute, manage and maintain any profiles or passwords or other administration instructions relating the Service;
(c) promptly notify Supplier and/or otherwise arrange for access and passwords to be revoked of any User that no longer requires access to the Services, or is no longer an employee / authorised personnel of Customer;
(d) ensure the proper use and security of User passwords and inform Supplier if a User password has been become known to an unauthorised person;
(e) change User passwords regularly; and
(f) change User passwords or other administration information used in connection with the service if Supplier requests Customer to do so in order to ensure the security of the Service.

7. CHARGES AND PAYMENTS

7.1 The Order Form will set out all applicable Charges for the Service.

7.2 The Charges will be billed in the following way:
(a) Connection Charges will be billed upon the Service Start Date;
(b) the Subscription Charges will be applicable from the Service Start Date, and will be billed in accordance with the Billing Frequency specified in the Order Form; and
(c) the Telephony Charges, Storage Charges, Transcription Charges and API Charges are usage based Charges, and will be billed monthly in arrears.

7.3 Supplier reserves the right to revise:
(a) all Charges other than Telephony Charges on giving not less than three (3) months’ prior written notice, such revisions not to come into effect until the commencement of an Extension Term in accordance with section 12.1; and
(b) the Telephony Charges from time to time to reflect revisions to pricing made by its communication providers. Customer may request Supplier to provide reasonable and satisfactory evidence of any revision made by its communication providers.

7.4 Client shall pay the Charges within 30 days of date of invoice. If any invoice becomes overdue Supplier reserves the right to charge interest at 3% above the base rate of the Royal Bank of Scotland and suspend the Service if such invoice remains overdue for four (4) weeks.

8. PROPRIETARY PROTECTION

8.1 Subject to section 8.2, the intellectual property rights and/or other proprietary rights in the information (including hard copy and electronic, human-readable and otherwise) used or created by Supplier in providing the Service will be owned by Supplier or its licensors.

8.2 Supplier acknowledges that the Customer Data is Customer’s property and Customer retains all intellectual property rights and/or other proprietary rights which may, at any time, subsist in the Customer Data. To the extent that any intellectual property rights and/or other proprietary rights in any of the Customer Data vest in Supplier by operation of law, such intellectual property rights and/or other proprietary rights shall be assigned by Supplier to Customer by operation of this section 8.2 immediately upon the creation of such Customer Data.

8.3 Supplier shall:
(a) preserve, so far as possible, the security and integrity of the Customer Data and prevent any loss, disclosure, theft, manipulation or interception of the Customer Data; and
(b) make secure back-up copies of the Customer Data on a regular basis as agreed with Customer.

8.4 Supplier warrants that it is sufficiently authorised and/or licensed to provide the Services and to utilise the intellectual property comprised in the Services. Supplier shall and hereby indemnifies Customer for any losses, costs and damages in respect of any third party claim brought against it in this regard. This provision shall survive termination of the Contract. Customer will notify Supplier of any such claim and Supplier will take control over the defence.

9. REPRESENTATIONS AND WARRANTIES

9.1 Each Party warrants to the other that it has the full and sufficient right and authority to enter into the Contract and to grant the rights and licences granted herein.

9.2 Supplier warrants that the Service will be provided with reasonable care and skill and that it will be provided substantially in accordance with the Service Description.

9.3 Supplier does not warrant that any software will be entirely free from defects or that its operation will be entirely error free.

9.4 Apart from the terms set out in this section 9, no conditions, warranties or other terms shall apply to the Service or to anything else supplied under the Contract. In particular, the terms implied by sections 3 to 5 of the Supply of Goods and Services Act 1982 are, to the fullest extent permitted by law, excluded from these terms and conditions.

10. LIMITATION OF LIABILITY

10.1 Nothing under the Contract excludes or limits the liability of a Party: (a) for death or personal injury caused by its negligence; (b) for fraudulent misrepresentation or for any other fraudulent act or omission; and/or (c) for any other liability which may not lawfully be excluded or limited.

10.2 Other than as set out in section 10.1, in no event will either Party be liable, whether based on an action or claim in contract, tort (including negligence), under an indemnity, breach of statutory duty or otherwise arising out of, or in relation to, the Contract, for any: (a) loss of profits, sales and/or revenue; (b) loss of data; (c) loss of goodwill and/or reputation; (d) loss or waste of management or staff time; and/or (e) indirect, consequential or special loss (including where such loss is of the type specified in sections 10.1 (a) – (d)).

10.3 Subject to section 10.1 and 10.2, the total aggregate liability of Supplier to Customer whether based on an action or claim in contract, tort (including negligence), under an indemnity, breach of statutory duty or otherwise arising out of, or in relation to, the Contract shall be limited to an amount equal to 150% of all Charges payable by Customer under the Contract in the Contract Year in which the event giving rise to the claim occurred.

10.4 Supplier shall not be liable for any failure in the Service which arises because of any circumstances which Supplier cannot reasonably be expected to control. Customer’s payment obligations will be suspended for the period of any such circumstances which cause a default or delay in the performance of the obligations that Supplier has to Customer under the Contract.

11. DATA PROTECTION

11.1 All capitalised terms used in this section and not otherwise defined in this Contract shall have the meaning given to them in the Data Protection Laws.

11.2 Where Supplier obtains, processes and stores Personal Data provided by Customer, Supplier will do so in accordance with the Data Protection Laws and its Data Protection Policy. Customer undertakes to comply with Data Protection Laws at all times and shall have sole responsibility for the accuracy, quality and legality of such Personal Data and the means by which it is acquired.

11.3 For the purposes of the Data Protection Laws, Customer shall be a Controller and Supplier shall be a Processor in respect of any Customer Personal Data which Supplier Processes in performing the Service (including the Customer Data).

11.4 Customer agrees that the type of Personal Data Supplier will Process under the Contract and the duration, nature and purpose of the Processing, and the categories of Data Subjects, are as described in Annex 1.

11.5 Supplier will only Process the Personal Data in accordance with Customer’s written instructions, and shall immediately inform the Customer if instructions given by the Customer, in the reasonable opinion of the Supplier, infringe applicable Data Protection Laws.

11.6 Customer’s Personal Data may be stored electronically or otherwise (including in hard copy form). Supplier shall ensure that all personnel who have access to and/or Process such Personal Data are obliged to keep it secure and confidential. Supplier will ensure that Personal Data is only available to those who have a legitimate business need to access Personal Data, and who are bound by legally enforceable confidentiality obligations. Supplier shall provide periodic and mandatory data privacy and security training to its employees with access to Customer’s Personal Data to ensure that such employees are aware of and comply with the obligations in this section 11.

11.7 Supplier will not cause or permit any Personal Data processed by Supplier on behalf of Customer to be exported, processed or otherwise accessed outside the United Kingdom and/or the European Economic Area without the prior written permission of the Customer. Where that permission is given, the parties shall enter into the relevant SCCs or other appropriate safeguards, as required by Data Protection Laws.

11.8 Customer grants Supplier a general authorisation to appoint (a) other members of its group, as sub-processors and (b) additional third party data centre operators and/or outsourced support providers, as sub-processors, to support the provision of the Services. Supplier will maintain a list of sub-processors that the Customer can access, and notify Customer of the names of new and replacement sub-processors prior to them sub-processing any Personal Data. If Customer objects to any new or replacement sub-processor, Customer will notify Supplier of such objection in writing within five business days of the notification and Supplier will seek to resolve the matter in good faith. If the Parties are unable to resolve the matter within a reasonable period of time, which shall not exceed sixty (60) days, Customer may terminate the applicable Services (with respect only to those Services which cannot be provided by Supplier without the use of the objected-to new sub-processor) by providing written notice to Supplier.

11.9 Supplier shall ensure that any sub-processor Supplier engages in the provision of the Services is engaged on the basis of a written contract which imposes on such sub-processor terms equivalent to those imposed on Supplier in this section 11 (“Relevant Terms“). Supplier shall procure the performance by such sub-processor of the Relevant Terms and shall be directly liable to Customer for any breach by such sub-processor of any of the Relevant Terms.

11.10 Supplier will maintain and implement the appropriate technical and organisational measures designed to safeguard and ensure the adequate protection of Personal Data (“Security Measures”) including, as appropriate (i) encryption and pseudonymisation; (ii) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of Processing systems and services; (iii) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and (iv) a process for regularly testing, assessing and evaluating the effectiveness of those measures.

11.11 On an annual basis, Supplier will engage a qualified independent auditor to review and test Supplier’s Security Measures (“Security Assessments”). Supplier will promptly address and correct material vulnerabilities and security deficiencies discovered through Security Assessments. Upon request, Supplier will provide executive summary reports of such Security Assessments to Customer.

11.12 Without prejudice to its obligations under section 20 (Audits), the Supplier shall provide such co-operation as the Customer reasonably considers to be necessary to enable the Customer to audit and verify the Supplier’s compliance with this section 11 from time to time. Such co-operation may include helping the Customer to carry out risk assessments of the Supplier’s data Processing operations, in particular providing information about, and permitting the Customer to inspect, those operations. Customer agrees that such audit will be conducted:

(a) not more than once in any calendar year, commencing no earlier than one calendar year following the Service Start Date;

(b) with minimal interference or disruption to Supplier’s (or Supplier’s sub-processor’s) business activities;

(c) during Supplier’s regular business hours on business days;

(d) subject to the provision by Customer of a minimum of thirty (30) business days’ notice in writing to Supplier; and

(e) subject to Supplier’s (or the applicable sub-processor’s) security policies and confidentiality procedures.

Where on site audits of physical data centres are not permitted, Customer will work with Supplier (and its sub-processors if applicable) to reach a mutually agreeable resolution sufficient to provide information necessary for Customer and/or the Controller to comply with the applicable Data Protection Laws. Customer shall pay Supplier’s reasonable costs, charges and expenses for providing the assistance referred to in this section 11.12, unless the audit reveals that Supplier has materially failed to comply with the provisions in this section 11, in which case the Supplier shall bear its costs, charges and expenses for providing such assistance.

11.13 In line with its Security Policy, Supplier will notify Customer in the event of a Personal Data Breach affecting any Customer Data. Supplier will do so without undue delay after becoming aware of such Personal Data Breach. Such notice shall include reasonable details about the Personal Data Breach including details of a contact point where more information can be obtained, a description of the nature of the breach (including, where possible, categories and approximate number of data subjects and data records concerned), its likely consequences and the measures taken or proposed to be taken to mitigate its possible adverse effects. Where, and insofar as, it is not possible to provide all information at the same time, Supplier shall provide in the initial notification the information then available and shall provide further information as it becomes available without undue delay.  Supplier shall cooperate in good faith with and assist the Customer in any way necessary to enable the Customer to notify, where relevant, the competent data protection authority and the affected Data Subjects, taking into account the nature of processing and the information available to the Supplier. Notification(s) of Personal Data Breaches must be sent to Customer’s point of contact as notified by Customer to Supplier.

11.14 Supplier shall cooperate and provide Customer with such reasonable assistance as the Customer requires in relation to any complaints made by Data Subjects or investigations or enquiries made by any Regulatory Body relating to the Customer’s or the Supplier’s obligations under the Data Protection Laws.

11.15 In relation to Personal Data Processed by Supplier under this Contract, the Supplier shall co-operate with Customer to the extent reasonably necessary to enable the Customer to adequately discharge its responsibility as a Controller under the Data Protection Laws, including that the Supplier shall cooperate and provide the Customer with such reasonable assistance as the Customer requires in relation to preparation of data protection impact assessments to the extent required under the Data Protection Laws.

11.16 Supplier shall promptly notify Customer of any request made by a Data Subject under Data Protection Laws in relation to or in connection with Personal Data Processed by the Supplier on behalf of Customer, if required by the Customer, permit the Customer to handle such request and at all times cooperate with and assist the Customer (including by appropriate technical and organisational measures) to execute its obligations under the Data Protection Laws in relation to such Data Subject requests. If the Customer elects not to handle any Data Subject request received by the Supplier, the Supplier shall comply with such request. In all cases, the Supplier shall provide a copy to the Customer of all Personal Data which it does so disclose.

11.17 When Personal Data is no longer necessary for the purposes set forth in this Contract or promptly upon the expiration or termination of this Contract, whichever is earlier, Supplier will (i) return to Customer all the relevant Personal Data; and/or (ii) destroy all the relevant Personal Data in Supplier’s possession or control, as requested by the Customer. Supplier will provide a certification of destruction if requested.  If Applicable Law does not permit Supplier to comply with the return or destruction of Personal Data, Supplier agrees such retained Personal Data shall remain subject to the terms of this Contract and it shall return or destroy such Personal Data when permitted by Applicable Law.

11.18 The parties will discuss and agree in good faith any amendments to this Agreement or any further agreements required for purposes of compliance with Data Protection Laws.

12. TERM AND TERMINATION

12.1 Each Contract shall commence on the Effective Date and will continue in force until the end of the Minimum Term. From the end of the Minimum Term, the Contract shall automatically be extended for successive twelve (12) month periods (each an “Extension Term“) at the end of the Minimum Term and each Extension Term, unless and until a Party gives written notice to the other party to terminate, not later than thirty (30) days before the end of the Minimum Term or the relevant Extension Term, in which event the Contract will terminate at the end of that Minimum Term or Extension Term as the case may be.

12.2 Each Contract will not affect any accrued rights or liabilities which either Party may have by the time termination takes effect.

12.3 If Customer terminates the Service or any applicable Contract in accordance with section 12.1, Customer will pay Supplier:
(a) For any parts of the Service that were terminated during the first 12 months of the Service, Termination Charges equal to:

(i) 100 per cent for any remaining months of the first 12 months of the Minimum Term of Service:

(ii) 50 per cent of the Charges for the remaining months, other than the first 12 months of the Minimum Term of service

(iii) Any waived Connection Charges for the Service; and

(b) for any parts of the Service that were terminated after the first 12 months of the Minimum Term of Service or during an Extension Term, termination Charges equal to 50 per cent of the recurring Charges for any remaining months of the Minimum Term of Service or the Extension Term.

12.4 Either Party (the “non-defaulting party”) shall have the right to terminate any Contract upon written notice to the other Party (the “defaulting party”) in the event of a material breach of these terms and conditions that remains uncured 30 days after the non-defaulting party gives the defaulting party notice of such breach. For the avoidance of doubt, failure to pay the Charges due under section 7.4 will constitute a material breach.

12.5 Each Party shall have the right to terminate any Contract immediately if an Insolvency Event affecting the other Party has occurred.

12.6 Upon termination of a Contract (and, in relation to (i), at any time on written request), Supplier shall (i) deliver the Customer Data to Customer; (ii) on written request, erase all Customer Data from computer and communications systems and devices used by Supplier, including such systems and data storage services provided by third parties (in each case to the extent technically practicable) and confirm in writing that this has been done; and (iii) for up to 12 months after the expiry or termination of the Contract, provide access during normal working hours to Customer and/or its agents to such information relating to the Contract and relevant Services as remains in Supplier’s possession or control, including information necessary to demonstrate Supplier’s compliance with the Data Protection Laws.

13. CANCELLATION BEFORE THE START DATE

13.1 If Customer fails to provide all of the information necessary for Supplier to set-up the Service as may be requested in accordance with section 4.2(a), and Customer fails to provide such full and complete information following three (3) separate requests from Supplier in writing, Supplier shall be entitled to terminate the Contract before the Service Start Date.

13.2 If for any reason, including termination in accordance with section 13.1, the Contract is terminated before the Service Start Date, Customer will be liable for the Connection Charges and any other reasonable costs that Supplier has actually incurred in preparation for the Service to commence.

14. TRIAL SERVICES

14.1 In the event that the Service is made available to Customer as a Trial Service, these same Terms and Conditions shall apply, subject to (a) any separate arrangements made with respect to the Term of the Trial Service and (b) any other commercial arrangements agreed in respect of the Trial Service.

15. VARIATION

Supplier may make changes to the Service Description and / or Acceptable Use Policy from time to time upon notice to Customer. Changes which are either: (a) operational by nature; (b) represent enhancements to the Service; (c) purely for clarification; or (d) necessary to comply with any Applicable Law or regulatory requirement, will be effective immediately upon notice. Material changes will become effective thirty (30) days after the notice is given unless Customer notifies Supplier within that thirty (30) day period that that Customer does not agree with the change. The Parties shall then act reasonably and work together in good faith to reach a mutually agreeable solution. Except as set out above, the Contract may not be modified or amended except by the mutual written agreement of the authorised representatives of the Parties.

16. FORCE MAJEURE; EXCUSE

16.1 Neither Party will be liable for any delays or failures to perform due to a Force Majeure Event. If a default due to a Force Majeure Event shall continue for more than sixty (60) days, then either Party will be entitled to terminate any affected Contract by giving not less than thirty (30) days written notice to the other. Neither Party shall have any liability to the other in respect of the termination of an Agreement as a result of a Force Majeure Event save and except for Client’s payment obligations up to and including the effective date of termination of the Contract.

16.2 In the event of:
(a) a refusal or delay by a third party to supply a telecommunications service to Supplier; or
(b) the imposition of restrictions of a legal or regulatory nature which prevent Supplier from supplying the Service,
then provided that there is no alternative workaround available at reasonable cost to Supplier, Supplier will have no liability to Customer for failure to supply the Service.

16.3 Without limiting the foregoing, to the extent Customer fails to perform any of its responsibilities described in the Agreement, Supplier shall be excused from failure to perform any affected obligations under the Agreement and, in the event of delay, shall be entitled to a reasonable extension of time considering the particular circumstances, and a reasonable reimbursement of cost. Each Party will notify the other as promptly as practicable after becoming aware of the occurrence of any such condition.

17. DISPUTES

17.1 If a dispute arises between the Parties, the Parties will use their reasonable endeavours to settle the dispute in accordance with the following procedure:
(a) a dispute which has not been settled at an operational level by the Supplier Representative and the Authorised Customer Contact within seven (7) days of the matter being raised, may be escalated by either Party to the first level by written notice to the other Party;
(b) if the dispute is not resolved at the first level within seven (7) days of escalation either Party may refer the dispute to the second level.

17.2 The Parties’ representatives and the people to whom a dispute must be escalated at the first and second levels are as notified by either Party to the other, from time to time. The Parties agree that the representatives at the second level must be senior executives of the Parties.

17.3 Subject to section 17.4, if a dispute is not resolved following the procedures set out in section 17.1, the Parties may refer the dispute to a mediator:
(a) the mediator will be appointed by agreement of the Parties, and in the event of a failure to agree within three (3) days of a proposal by one Party, the mediator will be appointed by the Centre for Dispute Resolution (CEDR);
(b) within 14 days of the appointment of the mediator the Parties will meet with the mediator in order to agree the procedure to be adopted for the negotiations;
(c) all negotiations connected with the dispute will be conducted in confidence and without prejudice to the rights of the Parties in any further proceedings;
(d) if the Parties reach agreement on the resolution of the dispute, the agreement will be put in writing and once signed by the Parties will be binding on them; and
(e) if the Parties are not prepared to agree to the dispute being referred to a mediator or fail to reach agreement within 2 months of the mediator being appointed then either Party may exercise any remedy that it has under this Contract.

17.4 A Customer with no more than 10 employees may be able to take a dispute to adjudication under the CISAS dispute resolution scheme.

18. NOTICES

18.1 Notices given under the Contract must be in writing and may be delivered by email, hand or by courier, or sent by first class post to the following addresses:
(a) to Supplier at Supplier’s registered address or any alternative address which Supplier notifies to Customer; and
(b) to Customer at the Customer address as stated on the Order Form.

19. CONFIDENTIALITY

19.1 Except to the extent set out in this section 19, or where disclosure is expressly permitted by any Contract, each Party shall:
(a) treat the other Party’s Confidential Information as confidential; and
(b) not disclose the other Party’s confidential information to any other person without the owner’s prior written consent.

19.2 Section 19.1 shall not apply to the extent that:
(a) such information was in the possession of the Party making the disclosure, without obligation of confidentiality, prior to its disclosure;
(b) such information was obtained from a third party without obligation of confidentiality;
(c) such information was already in the public domain at the time of disclosure otherwise than through a breach of any Contract; or
(d) such information was independently developed without access to the other Party’s Confidential Information.

19.3 Supplier acknowledges that Customer’s Data is likely to contain price-sensitive information, trade secrets, commercial secrets or other Confidential Information belonging to Customer. Supplier undertakes to treat such information as confidential and undertake not to use, or to procure another to use, under any circumstances, such information to trade or exchange securities of any kind or to engage in other activities that may result in financial gains for Supplier or its affiliates as a result of the use of such information. Supplier acknowledges that Customer may be irreparably harmed by the breach of the terms of this section 19 by Supplier or its sub-contractors. Supplier agrees that monetary damages may not be a sufficient remedy for any breach of this section 19 by Supplier or for which Supplier is liable, and that the entity seeking a remedy shall be entitled to apply for, in addition to monetary damages, the remedies of injunction, specific performance and such equitable relief as a remedy for such breach.

20. AUDITS

20.1 Supplier shall allow Customer and any auditors of Customer or other advisers or an applicable Regulatory Body to access any of its premises (other than its data centres), its personnel and relevant records as may be reasonably required in order to satisfy or fulfil any legal or regulatory obligation or legally enforceable request by any Regulatory Body.

20.2 Subject to its confidentiality obligations, Supplier shall provide Customer (and Customer’s auditors and other advisers) with all reasonable co-operation, access and assistance in relation to each audit.

21. GENERAL

21.1 Assignment. Except for reason of a divestiture, Customer may not sub-licence or assign any of the rights or obligations which Customer has under the Contract.

21.2 Entire Agreement. The Contract sets forth the entire understanding between the Parties and supersedes, without limitation, all prior discussions, communications, representations and arrangements between them with respect to the subject matter of the Contract. Each Party acknowledges that it is entering into the Contract solely on the basis of the agreements and representations contained herein, and that it has not relied upon any representations, warranties, promises, or inducements of any kind, whether oral or written, and from any source.

21.3 Marketing. Supplier will not use Customer’s name, trade name, trademarks or service marks or those of its affiliates in any publication, advertisement, or promotional material without Customer’s prior written consent.

21.4 Severability. In the event of any provision in these Terms and Conditions being held to be void, voidable or unenforceable this shall not affect the validity or enforceability of any other section of these Terms and Conditions or of the remainder of these Terms and Conditions as a whole.

21.5 Third Party Rights. No term of the Contract is enforceable under the Contracts (Rights of Third Parties) Act 1999 by a person who is not a party to the Contract.

21.6 Governing Law and Jurisdiction. The construction, validity and performance of the Contract and all non-contractual obligations arising from or connected with the Contract shall be governed by the laws of England. Subject to section 17, each Party irrevocably agrees to submit to the exclusive jurisdiction of the courts of England over any claim or matter arising under or in connection with the Agreement, but Supplier is also entitled to apply to any court worldwide for injunctive or other remedies in order to protect or enforce its intellectual property rights.

ANNEX 1 – PERSONAL DATA

For the purposes of section 11.4 of the Terms and Conditions, the Parties set out below a description of the Personal Data being processed under the terms and conditions and further details required pursuant to the GDPR and UK GDPR.

TYPES OF PERSONAL DATA

The types of Customer Data Processed by Supplier or its sub-processors may include

  1. contact information such as first name, surname, gender, mobile phone number, employer, and email addresses;
  2. third party contact information such as first name, surname, mobile phone number, employer, and email addresses;
  3. recordings such as voicemails, voice recordings and text messages;
  4. correspondence, comments and opinions when the Customer contacts us directly by email, phone or when completing an online form;
  5. traffic data Supplier see as part of providing connectivity, such as phone numbers called, the time and duration of calls;
  6. credential information such as encrypted passwords, hints and similar security information;
  7. preferences for marketing communications, how its website is displayed and how the Customer uses the Service;
  8. information about how Customer accesses and use the Service;
  9. log files and information about the Customer’s devices​.

This list is not exhaustive as Customer may specify additional Personal Data that is processed.

THE NATURE OF PROCESSING

Supplier Processes any information that is generated by Customer’s use (or Customer’s employees’, agents’ or subcontractors’ use) of the Service. Given that recordings can be made and stored, any type of Personal Data could be captured or provided inadvertently by the User. Any access to the content of such communications by Supplier is strictly in accordance with Applicable Law.

PURPOSE OF PROCESSING

Supplier (and its subcontractors) may Process User Personal Data to provide the Service including: (i) the provision of the Services; (ii) account relationship management; (iii) sending bills; or (iv) Customer service.

Supplier (and Its subcontractors) may Process User Personal Data because it is in its legitimate interests as a business to use Customer’s information including: (i) improving and innovating Its Service; (ii) marketing and tailoring Its Service to Customer; (iii) research and analytics; or (iv) credit checks, fraud prevention and security.

Supplier (and its subcontractors) may Process User Personal Data to meet its legal and regulatory obligations which may include sharing the same with law enforcement agencies.

DURATION OF PROCESSING

Until the later of (i) expiry/termination of the Services or (ii) the date upon which Processing is no longer necessary for the purposes of either party performing its obligations under these terms and conditions (to the extent applicable).

CATEGORIES OF DATA SUBJECT

The Personal Data may concern the following categories of Data Subjects:

  1. Customer’s Users;
  2. third party participants in voice calls or text messages to and from Customer’s Users; and
  3. Customer’s employees, directors and contractors.

This list is not exhaustive as Customer may specify additional Personal Data that is processed.

ANNEX 2 – SERVICE DESCRIPTION

The Services and SLAs applicable to this Contract are set out in the “Smartnumbers Service Description” document, a copy of which is provided with this Contract and which may be updated, from time to time in accordance with the terms of the Contract.

End.

icon-arrow-right icon-cross