1.1 In these Terms and Conditions of Business:
“Ad Hoc Work” means services requested by the Customer and performed or agreed to be performed by Riverbank for the Customer on an additional ad hoc basis in accordance with an Order Form(s) and/or Proposal Document(s) and including additional support and technical services regarding the threat of malware and any unauthorised access to the Equipment and Supported Services;
“Agreement” means any agreement between the Customer and Riverbank for the provision of services and/or computer hardware and/or software as set out in an Order Form together with one or more Proposal Document(s) from time to time and these Terms and Conditions of Business, and as evidenced by agreement in writing and signed by both of the Parties or authorised by electronic means as may be proposed by Riverbank and agreed by the Customer. For these purposes where a Customer is being supplied with any Infrastructure Services the Agreement between Riverbank and the Customer in respect of those Infrastructure Services shall be a separate agreement from any agreement for Specified Services or Ad Hoc Work, and where a Customer is being supplied with Ad Hoc Work the Agreement between Riverbank and the Customer in respect of that Ad Hoc Work shall be a separate agreement from any Agreement for Specified Services or Infrastructure Services;
“Appropriate Safeguards” means such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time; “Business Day” means a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business;
“Charges” means (a) in the case of any Agreement, the charges specified or referred to therein; and (b) in the case of Ad Hoc Work, charges calculated by reference to the Rates; “Consumer Prices Index” means the index of that name published by the Office for National Statistics or any replacement to that index; “Control” means the power of a person to secure that the affairs of Riverbank are conducted in accordance with the wishes of that person; (a) By means of the holding of shares, or the possession of voting power, in or relation to Riverbank; or (b) As a result of any powers conferred by the articles of association or any other document regulating Riverbank and a Change of Control occurs if a person who controls Riverbank ceases to do so or if another person acquires Control of Riverbank.“Customer” means the Party identified as such in any Agreement;
“Customer’s Representative” means the representative appointed by the Customer pursuant to clause 11 below;
“Data Protection Laws” means: (a) the Directive 95/46/EC (Data Protection Directive) and/or Data Protection Act 1998 or the GDPR; and (b) any laws that replace, extend, re-enact, consolidate or amend any of the foregoing; “Dedicated Equipment” means any equipment dedicated to the use of the Customer by Riverbank and whether exclusively or in conjunction with other customers and not intended to be purchased by or in the physical possession of the Customer; “Effective Date” means the date of the most recent acceptance of an Order Form in relation to the Services by the Customer;
“Engagement” means the engagement or employment of a person employed or engaged by Riverbank by the Customer or any of the Customer’s group companies at any time during the provisions of the Services whether on a permanent or temporary basis, whether under a contract of service or for services, under an agency, licence, franchise or partnership agreement, or any other engagement, and whether directly or through any organisation or a limited company (excluding Riverbank) of which the person employed or engaged by Riverbank becomes an officer, employee, consultant or partner; “Equipment” means items of hardware (with associated software) requested by the Customer for purchase and provided or agreed to be provided by Riverbank to the Customer on an ad hoc basis in accordance with an Order Form;
“Force Majeure Event” means an event beyond the reasonable control of Riverbank including, but not limited to strikes, lock-outs or other industrial disputes, failure of a utility service or transport network, an act of God, war, riot, civil commotion, malicious damage, including viruses, worms, spyware, Trojans or other threats introduced, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant of machinery, fire, flood, storm, or default of suppliers or subcontractors, and any defect, error, fault or deficiency in the Supported Systems or the Supported Products;
“GDPR” means the General Data Protection Regulation (EU) 2016/679
“Help Desk Support” means support via Riverbank’s help desk, upon request of the Customer by telephone, e-mail or web form, as more particularly described at Clause 2 below; “Infrastructure Services” means any of the IT support services supplied by Riverbank from time to time which involve a material investment by Riverbank in infrastructure dedicated to the Customer’s use and which have been designated by Riverbank as such services;
“Intellectual Property Rights”; means patents, rights to inventions, copyright and related rights, trade marks, business names and domain names, rights in get-up, goodwill and the right to sue for passing off, rights in designs, database rights, rights to use, and protect the confidentiality of, confidential information (including know-how), and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world;
“Loaned Equipment” means those items of hardware to be provided by Riverbank to the Customer on loan;
“Order Form” means an order form sent by Riverbank to the Customer setting out the Services to be supplied;
“Parties” means both Riverbank and the Customer and “Party” means either Riverbank or the Customer;
“Personal Data” has the meaning set out in the Data Protection Act 1998; “Proposal Document” means a proposal document sent by Riverbank to the Customer describing the Services to be supplied;
“Protected Data” means Personal Data received from or on behalf of the Customer in connection with the performance of Riverbank’s obligations under this Agreement;
“Rates” means Riverbank’s daily and hourly charge rates prevailing from time to time, and available on request from Riverbank;
“Remuneration” includes base salary or fees, car allowances or company car, guaranteed bonus and commission earnings, allowances, inducement payments and all other payments and taxable (and, where applicable, non-taxable) emoluments payable to or receivable by such person employed or engaged by Riverbank during the provision of the Services to the Customer, for services rendered to or on behalf of the Customer;
“Riverbank” means Riverbank I.T. Management Ltd, a company registered in England and Wales with company number 03487143;
“Service Level Agreement” means an agreement between Riverbank and the Customer in which Riverbank commits to meet specified service times and as expressly set out or referred to in any Proposal Document(s);
“Services” means the Infrastructure Services, the Specified Services or the Ad Hoc Work being provided by Riverbank to the Customer under an Agreement together with any other technical support services being provided by Riverbank to the Customer which for the avoidance of doubt excludes technical support services in connection with unauthorised system access, the threat of malware, including but not limited to viruses, worms, spyware, Trojans or other threats and the loss or unauthorised alteration of company data;
“Specified Services” means the range of IT support services from time to time provided by Riverbank and specified as such by Riverbank, being those which do not require material hardware investment by Riverbank;
“Start Date” the date specified as such in the Proposal Document(s) or as otherwise agreed in writing between the Parties within 3 months of the Effective Date;
“Sub-Processor” means any agent, subcontractor or other third party (excluding its employees) engaged by Riverbank for carrying out any processing activities on behalf of the Customer in respect of the Protected Data.
“Support Hours” means 8am to 6pm (London time) on Business Days unless the Proposal Document(s) specify a 24/7 support service in which case the hours and days are as stated in that Proposal Document(s);
“Supported Location” means the location at which the Supported Systems are located as identified in the Proposal Document(s), or such other location as may be agreed in writing by the Parties;
“Supported Products” means those items of hardware and software as set out in the Proposal Document(s) or otherwise agreed to be added (less any agreed deletions) by the Parties;
“Supported Systems” means the computer and information technology systems belonging to or dedicated to the use of the Customer to be supported by Riverbank through the provision of the Services and as set out in the Proposal Document(s);
“Supported Users”; means the persons working from the Supported Location and/or using Supported Products in the course of the Customer’s business.
1.2 “Controller”, “Data Subject”, “Personal Data”, “Processor” and “processing” shall have the respective meanings given to them in applicable Data Protection Laws from time to time (and related expressions, including process, processed, processing, and processes shall be construed accordingly) and international organisation and “Personal Data Breach” shall have the respective meanings given to them in the GDPR.
2. Provision of Services and Equipment
2.1 Any and all provisions of Services, Dedicated Equipment, Equipment and/or Loaned Equipment made by Riverbank to the Customer shall be in accordance with these Terms and Conditions of Business.
2.2 Riverbank shall use its reasonable endeavours to provide the Services to the Customer with reasonable skill and care in relation to the Supported Systems as from the Start Date and in accordance with the Agreement. Riverbank further agrees to use reasonable skill and care in the selection of third party sub-contractors for the Services.
2.3 Riverbank shall use its reasonable endeavours to meet any service times in relation to the Services as specified in the Order Form(s), Proposal Document(s) and/or the welcome pack of materials sent to the Customer on or shortly after the Effective Date. However, such service times shall be estimates only and shall not be of the essence for performance of the Services unless a Service Level Agreement has been agreed in which case such agreed service times and levels shall apply as stated therein.
2.4 Riverbank shall use its reasonable endeavours to provide any Dedicated Equipment, Equipment and/or Loaned Equipment to the Customer where agreed and as set out in the relevant Customer Order Form(s) and the Proposal Document(s).
2.5 Riverbank shall deliver any Equipment and/or Loaned Equipment to the location set out in the Order Form(s) or such other location as the Parties may agree. Any dates quoted for delivery are approximate only and time shall not be of the essence in relation to such delivery dates.
2.6 The risk in any Equipment and/or Loaned Equipment (but not in any Dedicated Equipment) shall pass to the Customer on completion of delivery. Title to the Equipment shall not pass to the Customer until Riverbank has received payment in full for the Equipment.
2.7 If, before title to the Equipment passes to the Customer, the Customer becomes subject to any of the termination events listed in clause 8 then, without limiting any other right or remedy Riverbank may have Riverbank may require the Customer to deliver up all such Equipment, and if the Customer fails to do so, Riverbank may at any time enter any premises of the Customer or of any third party where the Equipment is stored in order to recover it.
2.8 If the Customer contacts Riverbank’s help desk by telephone during the Support Hours or by e-mail at any time, Riverbank shall provide (during the Support Hours) the Services set out in the Order Form(s) and the Proposal Document(s). The amount of Help Desk Support mentioned in this Clause 2 includes all time spent by Riverbank working on the Customer’s technical problems in the course of Help Desk Support, and is not limited to time devoted to communication with the Customer.
2.9 Nothing in the Agreement shall oblige Riverbank to do anything which in its reasonable opinion may infringe the Intellectual Property Rights of any third party
3. Charges and Payment
3.1 Where Riverbank is providing Services (but not Ad Hoc Work), Loaned Equipment and/or Dedicated Equipment to the Customer under an Agreement, then the applicable fees set out in the Proposal Document(s) shall be invoiced by Riverbank monthly in advance.
3.2 Where Riverbank is providing to the Customer Ad Hoc Work and/or Equipment, charges will be made (including time spent in the provision of telephone advice, remote access support and support at the Supported Location) in accordance with the Rates and/or the Proposal Document(s).
3.3 The Customer shall reimburse Riverbank for all travel, subsistence or other expenses incurred by Riverbank in connection with the provision of any Services, Dedicated Equipment, Loaned Equipment and/or Equipment including, without limitation, those expenses incurred in complying with Customer requests.
3.4 Riverbank is not obliged to carry out any work except as specifically set out in the Agreement, but if it does so, such work shall be subject to the terms of the Agreement, and the Customer will pay for that work at the Rates.
3.5 Riverbank may invoice the charges referred to at clauses 3.2 and 3.3 above at any time or times after the Effective Date.
3.6 All charges payable under the Agreement are quoted exclusive of value added tax, sales tax or similar taxes which shall be paid at the rate and in the manner from time to time prescribed by law.
3.7 The Customer shall pay the amount of each invoice issued pursuant to the Agreement within 30 days of the date of issue thereof, by either cheque, direct bank transfer or direct debit, and time for payment shall be of the essence of this Agreement.
3.8 If any amount payable by the Customer under any term of the Agreement is not paid in accordance with this Agreement then, without prejudice to its other rights and remedies, Riverbank may charge interest on the amount outstanding (as well after as before any judgment), from the due date for payment of that amount to the actual date of payment (both dates inclusive), at the rate prescribed from time to time by the Late Payment of Commercial Debts (Interest) Act 1998.
3.9 Riverbank reserves the right to increase the charges payable hereunder annually and/or the Rates with any such increase capable of taking effect on the next 1 January only. Riverbank shall provide the Customer with no less than 30 days’ written notice of such an increase and any such increase will be limited to either an additional 5% of the amount invoiced monthly to the Customer or an increase in accordance with the Consumer Prices Index, whichever is the higher.
3.10 Riverbank reserves the right to increase its charges and fees for any of the Services in line with increases in the number of, or changes to, the Customer’s Supported Users, Supported Products, Supported System and/or Supported Location and as further set out in the Proposal Document(s).
4. Equipment and Equipment Warranties
4.1 Riverbank shall use its reasonable endeavours to source any Equipment, Loaned Equipment and/or Dedicated Equipment from reputable third parties.
4.2 Riverbank warrants that it will pass good title to any Equipment supplied to the Customer.
4.3 Riverbank undertakes to hold on trust for the benefit of the Customer, in relation to the Equipment (and Dedicated Equipment used in relation to the Infrastructure Services exclusively for the Customer) the following:
4.3.1 all manufacturer’s warranties; and
4.3.2 all statutory warranties implied under the Sale of Goods Act 1979.
4.4 Because of the nature of the Supported Products, no representation or warranty is given that it can rectify or accommodate any defect or deficiency in or problem with the Supported Products or that its liaison with the manufacturers, maintainers or suppliers of the Supported Products will result in the resolution of the Customer’s problems or the correction of any defect or deficiency.
5. Limitation of Liability
5.1 The following provisions set out Riverbank’s entire liability (including any liability for the acts and omissions of its employee’s agents and sub-contractors) to the Customer in respect of:
5.1.1 any breach of its contractual obligations under the Agreement; and
5.1.2 any representation, statement, breach of statutory duty or tortious act or omission including negligence (but excluding any of the same made fraudulently) arising under or in connection with the Agreement
AND THE CUSTOMER’S ATTENTION IS IN PARTICULAR DRAWN TO THE PROVISIONS OF THIS CLAUSE 5
5.2 Any act or omission on the part of Riverbank or its employees, agents or sub-contractors falling within clause 5.1 above shall for the purposes of this clause 5 be known as an “Event of Default”.
5.3 Nothing in the Agreement shall limit or exclude Riverbank’s liability to the Customer for:
5.3.1 death or personal injury resulting from its own or that of its employees’ agents’ or sub- contractors’ (as applicable) negligence;
5.3.2 fraud or fraudulent misrepresentation; or
5.3.3 damage suffered by the Customer as a result of any breach of Riverbank’s obligations implied by, as applicable, section 12 of the Sale of Goods Act 1979, section 2 of the Supply of Goods and Services Act 1982 or section 8 of the Supply of Goods (Implied Terms Act) 1973.
5.4 Subject to clause 5.3 above and clause 5.5 below, Riverbank shall not be liable to the Customer in respect of any Event of Default for loss of profits, anticipated savings, goodwill or any type of special indirect or consequential loss (including loss or damage suffered by the Customer as a result of an action brought by a third party) even if such loss was reasonably foreseeable or Riverbank had been advised of the possibility of the Customer incurring the same.
5.5 Clause 5.4 above shall not exclude the following types of loss or damage which shall be regarded as direct: additional, operational and/or administrative costs or expenses arising from the Event of Default and any regulatory losses, fines, expenses or other losses arising from a breach by Riverbank of any laws. However, Riverbank’s liability for such direct losses shall be limited in accordance with the remaining provisions or this clause 5.
5.6 Where Riverbank’s liability under clause 5.5 above extends to a Customer’s loss of data or damage to data Riverbank shall only be liable to the extent that the Customer backed-up its data in accordance with clause 6.1.5. 5.7 Subject to the remaining provisions of this clause 5, Riverbank accepts liability to the Customer in accordance with clause 5.5 in respect of damage to the tangible property of the Customer resulting from the negligence of Riverbank or its employees, agents or sub-contractors up to the sum of £5million.
5.8 Subject to the remaining provisions of this clause 5, Riverbank’s entire liability in accordance with clause 5.5 in respect of any other Event of Default shall be limited to damages of an amount not exceeding £50,000.
5.9 If a number of Events of Default give rise substantially to the same loss then they shall be regarded as giving rise to only one claim under this agreement.
5.10 Except in the case of an Event of Default arising under clause 5.3 above Riverbank shall have no liability to the Customer in respect of any Event of Default unless the customer shall have served notice of the same upon Riverbank within 12 months of the date it became aware of the circumstances giving rise to the Event of Default or the date when it ought reasonably to have become so aware.
5.11 The Customer hereby agrees to afford Riverbank not less than 30 days in which to remedy any Event of Default hereunder, following written notification thereof by the Customer and Riverbank hereby agrees that it shall use its reasonable endeavours to remedy such Event of Default within that 30-day period.
5.12 Nothing in this clause shall confer any right or remedy upon the Customer to which it would not otherwise be legally entitled.
5.13 All of Riverbank’s liabilities and obligations under the Agreement are subject to the Customer having complied with its obligations under the Agreement.
5.14 The express warranties and undertakings given by Riverbank in the Agreement are in lieu of all other warranties, conditions, terms, undertakings and obligations, whether express or implied by statute, common law, custom, trade usage, course of dealing or otherwise, all of which are excluded to the fullest extent permitted by law. No term in the Agreement attempts to exclude liability for fraud.
5.15 The Customer warrants that it has not been induced to enter into the Agreement by any representation or by any warranty, whether oral or in writing, except those specifically contained in the Agreement as warranties, and waives all claims for breach of any warranty and all claims for any misrepresentation, (whether negligent or otherwise, unless made fraudulently) which is not specifically contained in the Agreement as a warranty.
6. Customer Obligations
6.1 The Customer shall:
6.1.1 before the Start Date, set up all communications and other arrangements necessary to allow Riverbank to have remote access to the Supported Systems and maintain those arrangements so as to enable Riverbank to perform the Services;
6.1.2 provide Riverbank, free of charge, with access to the Customer’s premises and with access to all information, materials, documentation, resources and facilities including, without limitation, computer, communications (including internet services), office facilities and Customer personnel, reasonably requested by it to enable it to provide the Services. The Customer shall take reasonable steps to ensure that its staff, contractors and other suppliers co-operate fully with Riverbank and cause no delay. Where Riverbank needs the Customer to provide information or take a decision the Customer shall do so promptly and so as not to delay the work in hand;
6.1.3 use, provide and install if necessary, a broadband internet connection at the Supported Location with sufficient speed for use in the Customer’s business as recommended by Riverbank;
6.1.4 keep Riverbank informed of any changes to the Supported System, the Customer’s business, the number of Supported Users, the number of Supported Products and the Support Location(s);
6.1.5 unless Riverbank are providing back-up services to the Customer, back up its data regularly and correctly and in accordance with Riverbank’s instructions and advice;
6.1.6 indemnify Riverbank against all losses, damages and expenses incurred or suffered by it in connection with any and all claims made in respect of any injury, death or loss suffered by employees and consultants of Riverbank whilst on Customer premises where the same arise wholly or partly as a result of the Customers negligence, provided always that where such injury, death or loss arises only partly as a result of such negligence, then such indemnity shall operate proportionately;
6.1.7 use all reasonable endeavours to comply with manufacturers’ warranty conditions in respect all equipment (except in relation to Dedicated Equipment used in relation to the Infrastructure Services) within the Supported Systems;
6.1.8 take good care of, and insure the replacement value of, all Loaned Equipment in its possession.
6.1.9 shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction or damage of company data (including personal and confidential information which could result in exposure to risk of non-compliance with legal obligation of confidentiality, data protection and privacy and ensure the Customer and its employees does not intentionally or recklessly introduce any form of malware, spyware, virus or other malicious software or code to the communications equipment or systems.
6.2 If Riverbank’s performance is required (either as part of its obligations under the Agreement, or outside of the agreement) due to:
6.2.1 infection by malware, ransomware, virus, other cyber-attack, or any other security breach where caused by Customer negligence (whether malicious or otherwise) and/or
6.2.2 damage to hardware or software where caused by Customer negligence (whether malicious or otherwise) and/or
6.2.3 infection by malware, ransomware, virus, other cyber-attack, or any other security breach, where the Customer has not taken previous advice provided by Riverbank on how to mitigate the risk of said events occurring and/or
6.2.4 the Customer deliberately disabling, bypassing, or otherwise undermining security controls. This includes but is not limited to proxy servers, antivirus, anti-Malware, anti-ransomware, and firewalls and/or
6.2.5 the Customer not following recognised best practices for maintaining IT security and a backup strategy as advised by Riverbank. This includes but is not limited to password policies, user permissions, and sharing
6.2.6 Riverbank shall not be liable for any costs or losses sustained or incurred by the Customer arising directly or indirectly from the Customer’s failure to perform or delay in performing any of its obligations as set out in this clause 6.2; and
6.2.7 the Customer shall be charged a labour cost for any work requested caused by the Customer’s failure to perform or delay in performing any of its obligations as set out in this clause 6.2. The labour charge will be for the total amount of time spent by Riverbank at the current standard engineer hourly rate, the total amount of which shall be paid by the Customer on demand
6.2.8 the Customer shall reimburse Riverbank on demand for any costs or losses sustained or incurred by Riverbank arising directly or indirectly for any work requested by the Customer that has been caused by the Customer’s failure to perform or delay in performing any of its obligations as set out in this clause 6.2;
6.3 Riverbank shall not be liable for any costs or losses sustained or incurred by the Customer arising directly or indirectly from infection by malware, ransomware, virus, other cyber-attack, or any other security breach, however caused.
6.4 If Riverbank’s performance of any of its obligations under the Agreement is prevented or delayed by any act or omission by the Customer, or failure by the Customer to perform any relevant obligation:
6.4.1 Riverbank shall not be liable for any costs or losses sustained or incurred by the Customer arising directly or indirectly from the Customer’s failure or delay to perform any of its obligations as set out in this clause 6; and
6.4.2 the Customer shall reimburse Riverbank on written demand for any costs or losses sustained or incurred by Riverbank arising directly or indirectly from the Customer’s default.
7. Proprietary Rights
7.1 The Intellectual Property Rights in all software, documentation and other materials prepared by Riverbank in the course of rendering, or arising out of or in connection with, the Services, Equipment or Loaned Equipment shall be owned by Riverbank.
7.2 The Customer acknowledges that, in respect of any third party Intellectual Property Rights, the Customer’s use of any such Intellectual Property Rights is conditional upon Riverbank obtaining a licence for the Customer either direct from the relevant licensor for the Customer or on such terms as will entitle Riverbank to license such rights to the Customer. By entering into this Agreement the Customer agrees that it shall comply with the terms of all such licences and that it shall not contravene any third party Intellectual Property Rights.
7.3 The Customer shall indemnify Riverbank against all liabilities, costs, expenses, damages and losses (including any direct or consequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs (calculated on a full indemnity bases) and all other reasonable professional costs and expenses suffered or incurred by Riverbank arising out of or in connection with the Customer’s breach of any of Riverbank’s Intellectual Property Rights or of any third party Intellectual Property Rights.
7.4 All data and information created by the Customer remains the exclusive property of the Customer and shall not be used by Riverbank for any purpose other than provision of the Services, Equipment, Loaned Equipment and/or Dedicated Hardware.
8. Duration and Termination
8.1 An Agreement for Services shall continue indefinitely until terminated in accordance with the provisions below.
8.2 Where the Agreement is for Infrastructure Services, the Agreement shall be terminable on three months’ written notice from either Party with such notice to take effect either on the third, or any subsequent, anniversary of the Effective Date.
8.3 Where the Agreement is for Specified Services the Agreement shall be terminable on three months’ written notice from either Party with such notice to take effect either on the first, or any subsequent, anniversary of the Effective Date.
8.4 Without limiting any of its other rights or remedies, Riverbank may, at its option, suspend performance of or terminate the Agreement, or any other Agreement between Riverbank and the Customer, immediately on giving notice in writing to the Customer if:
8.4.1 the Customer fails to pay any amount due under the terms of the Agreement on the due date for payment and fails to pay all sums outstanding within 7 days after the giving of written notice that that amount has not been paid; or
8.4.2 the Customer commits a material breach of any term of the Agreement (apart from that set out at 8.4.1 above) and (in the case of a breach which is not persistent and which is capable of being remedied) fails to remedy that breach within 7 days after the giving of written notice by Riverbank to remedy the breach; or
8.4.3 the Customer defaults on any other Agreement made between Riverbank and the Customer where such default allows Riverbank to terminate that Agreement in accordance with the terms therein; or
8.4.4 the Customer has a receiver or administrative receiver appointed over it or over any part of its undertaking or assets, or passes a resolution for winding-up (except for the purpose of a bona fide scheme of solvent amalgamation or reconstruction), or if a court of competent jurisdiction makes an order to that effect, or if it becomes subject to an administration order, or enters into any voluntary arrangement with its creditors, or if any similar process to any of the above is begun, or if the Customer ceases or threatens to cease to carry on business, or if Riverbank reasonably believes that the Customer is about to become subject to any of these circumstances.
8.5 The Customer may, at its option, terminate the Agreement, or any other Agreement between the Customer and Riverbank, immediately on giving notice in writing to Riverbank if:
8.5.1 Riverbank commits a material breach of any term of the Agreement and (in the case of a breach which is not persistent and which is capable of being remedied) fails to remedy that breach within 7 days after the giving of written notice by the Customer to remedy the breach; or
8.5.2 Riverbank defaults on any other Agreement made between the Customer and Riverbank where such default allows the Customer to terminate that Agreement in accordance with the terms therein.
8.6 Within 30 days of termination the Customer shall:
8.6.1 pay Riverbank for all work done before termination and for all expenses incurred in connection with any work done or to be done for the Customer, subject to clause 8.8; and
8.6.2 return all Loaned Equipment to Riverbank in good and proper working order, and if the Customer fails to do so, Riverbank may at any time enter any premises of the Customer or of any third party where the Loaned Equipment is stored in order to do so.
8.7 Following termination Riverbank shall make available or, at the customer’s election, transfer all information and data it holds concerning the Customer’s computer systems to such alternative service provider as may be nominated in writing by the Customer within 14 days of termination. However, Riverbank shall be under no obligation to effect such nominated transfer until all sums owed to Riverbank have been paid in full, and the Customer has paid in advance all fees and expenses to be incurred by Riverbank in effecting such transfer and until all Loaned Equipment has been returned to Riverbank in accordance with clause 8.6.2.
8.8 Where no such nomination is made by the Customer in accordance with clause 8.8, or where the Customer fails to pay any sums due, or return Loaned Equipment, to Riverbank in accordance with clause 8.6, all such data and information shall be made available for three months following termination for the Customer’s collection but Riverbank shall be under no obligation to deliver such data and information to the Customer.
8.9 Following the end of the period referred to at clause 8.8, Riverbank may delete all and any information and data that it holds concerning the Customer and/or its computer systems.
9. Solicitation of Employee
9.1 The Customer agrees that it shall:
9.1.1 notify Riverbank immediately of any offer of Engagement that it makes to anyone who is employed or engaged by Riverbank;
9.1.2 notify Riverbank immediately that its offer of Engagement to such person employed or engaged by Riverbank has been accepted and to provide details of the Remuneration to Riverbank; and 9.1.3 pay Riverbank’s fee in accordance with clauses 9.2, 9.3 and 3.7.
9.2 The fee payable to Riverbank by the Customer on acceptance of an Engagement shall be 20% of the gross Remuneration applicable during the first 12 months of the Engagement. VAT will be charged in addition of this fee where applicable.
9.3 In the event that the Engagement is for a fixed term of less than 12 months the fee will apply pro-rata.
10. Data Protection Act
10.1 The parties agree that the Customer is a Controller and that the Supplier is a Processor for the purposes of processing Protected Data pursuant to this Agreement. The Customer shall at all times comply with all Data Protection Laws in connection with the processing of Protected Data. The Customer shall ensure all instructions given by it to Riverbank in respect of Protected Data (including the terms of this Agreement) shall at all times be in accordance with Data Protection Laws.
10.3 Riverbank shall process Protected Data in compliance with the obligations placed on it under Data Protection Laws and the terms of this Agreement.
10.4 Clauses 10.5.2, 10.8, 10.9, 10.12 and 10.13 shall apply from when the GDPR applies on 25 May 2018, but not earlier.
10.5 Riverbank shall:
10.5.1 only process (and shall ensure Riverbank’s personnel only process) the Protected Data in accordance with Schedule 1 and this Agreement (and not otherwise unless alternative processing instructions are agreed between the parties in writing) except where otherwise required by applicable law; and
10.5.2 without prejudice to clause 10.1, if Riverbank believes that any instruction received by it from the Customer is likely to infringe the Data Protection Laws it shall promptly inform the Customer and be entitled to cease to provide the relevant Services until the parties have agreed appropriate amended instructions which are not infringing.
10.7 Taking into account the state of technical development and the nature of processing, Riverbank shall implement and maintain the technical and organisational measures set out in Schedule 1 to protect the Protected Data against accidental, unauthorised or unlawful destruction, loss, alteration, disclosure or access.
10.8 Riverbank shall:
10.8.1 not permit any processing of Protected Data by any agent, subcontractor or other third party (except its or its Sub-Processors’ own employees in the course of their employment that are subject to an enforceable obligation of confidence with regards to the Protected Data) without the written authorisation of the Customer (not to be unreasonably withheld or delayed);
10.8.2 prior to the relevant Sub-Processor carrying out any processing activities in respect of the Protected Data, appoint each SubProcessor under a written contract containing materially the same obligations as under this clause 10 that is enforceable by the Supplier and ensure each such Sub-Processor complies with all such obligations;
10.8.3 remain liable to the Customer under this Agreement for all the acts and omissions of each Sub-Processor as if they were its own; and
10.8.4 ensure that all persons authorised by Riverbank or any Sub-Processor to process Protected Data are subject to a binding written contractual obligation to keep the Protected Data confidential. 10.9 The Customer authorises the appointment of Riverbank’s Sub-Processors (as set out in Schedule 1).
10.11 The Customer agrees that Riverbank may transfer Protected Data to countries outside the European Economic Area (EEA) provided all transfers by Riverbank of Protected Data to any countries outside the EEA (and any onward transfer) shall (to the extent required under Data Protection Laws) be effected by way of Appropriate Safeguards and in accordance with Data Protection Laws.
10.12 Riverbank shall, in accordance with Data Protection Laws, make available to the Customer such information that is in its possession or control as is necessary to demonstrate Riverbank’s compliance with the obligations placed on it under this clause 10 and to demonstrate compliance with the obligations on each party imposed by Article 28 of the GDPR (and under any equivalent Data Protection Laws equivalent to that Article 28), and allow for and contribute to audits, including inspections, by the Customer (or another auditor mandated by the Customer) for this purpose (subject to a maximum of one (1) audit request in any 12 month period under this clause 10.12).
10.13 Riverbank shall notify the Customer without undue delay and in writing on becoming aware of any Personal Data Breach in respect of any Protected Data.
10.14 At the end of the provision of the Services relating to the processing of Protected Data, at the Customer’s cost and the Customer’s option, Riverbank shall either return all of the Protected Data to the Customer or securely dispose of the Protected Data (and thereafter promptly delete all existing copies of it) except to the extent that any applicable law requires Riverbank to store such Protected Data. This clause 10 shall survive termination or expiry of this Agreement.
On the Effective Date, each Party shall appoint a person who shall act as its representative for the purposes of the Agreement, who will be responsible for providing any information which may be required by the other Party to perform its obligations hereunder. The Customer’s appointee will be responsible for meeting Riverbank’s appointee and any other Riverbank personnel visiting the Supported Location and for providing to Riverbank any assistance reasonably required by it in performing its obligations under the Agreement. Each Party shall promptly notify the other of the name, telephone number, and e-mail address of its appointee and of any change in the identity or the contact details of that appointee in accordance with clause 18.
12.1 Each Party undertakes that it shall not at any time disclose to any person any confidential information concerning the business, affairs, customers, clients or suppliers of the other Party except as permitted by clause 12.3 and that no Party shall use any other Party’s confidential information for any purpose other than to perform its obligations under this Agreement.
12.2 Riverbank will establish and maintain such security measures and procedures as are reasonably practicable to provide for the safe custody of the Customer’s confidential information which is in Riverbank’s possession, and to prevent unauthorised access to that information.
12.3 Each Party may disclose the other party’s confidential information:
12.3.1 to its own employees, officers, representatives or advisers who need to know such information for the purposes of carrying out the Party’s obligations under the Agreement. Each Party shall procure that its own employees, officers, representatives or advisers to whom it discloses the other Party’s confidential information comply with this clause 12;
12.3.2 as may be required by law, a court of competent jurisdiction or any governmental or regulatory authority; or
12.3.3 in accordance with the prior written consent of the other Party.
12.4 This clause 12 shall survive termination of the Agreement.
13. Force Majeure
Riverbank shall not be liable to the Customer as a result of any delay or failure to perform its obligations under the Agreement as a result of a Force Majeure Event and, in those such circumstances, the Customer shall grant a reasonable extension of time for the performance of such obligations.
No variation of any material term of the Agreement shall be effective unless it is made in accordance with clause 3.9 or 3.10 or is agreed in writing and signed by both Riverbank and the Customer or otherwise agreed in accordance with such electronic means as Riverbank shall propose and the Customer shall accept. Riverbank may also vary any non-material term of this Agreement on 3 months’ notice in writing to the Customer. Only variations to the Agreement made in accordance with this clause shall be effective.
15. Waiver of Remedies
No forbearance or delay by either party in enforcing its rights will prejudice or restrict those rights. No waiver of any right will operate as a waiver of any subsequent breach. No right, power or remedy conferred by the Agreement or by the law on, or reserved to, either Party is exclusive of any other right, power or remedy available to either party, and each of those rights, powers and remedies is cumulative
16. Entire Agreement
The Agreement supersedes all prior agreements, arrangements and understandings between the parties in respect of its subject matter, and constitutes the entire agreement between them relating to the subject matter of the Agreement.
17.1 The Customer may not assign, transfer, sub-contract, mortgage, charge or deal in any other manner with all or any of its rights or obligations under the Agreement, whether in whole or in part, without first obtaining Riverbank’s written consent.
17.2 Riverbank may assign and transfer all or any of its rights and obligations under the Agreement to any person to which it transfers all or any of its business to which the Agreement relates.
18.1 Subject to clause 18.2 below, all notices to be given under the Agreement for the Services must be in writing, and sent for the attention of the representative appointed under clause 11, and sent to the address of the receiving Party as set out in the Agreement or any other address in England which the receiving Party may have designated by notice given in accordance with the provisions of this Clause. Any notice may be delivered personally, or by first class pre-paid letter, or by email, and will be deemed to have been served: if by hand, when delivered; if by first class post, 48 hours after posting; and if by email, within 24 hours of sending, provided the receiving Party’s email address is correct and current and provided no automatic error message is received in response.
18.2 Any notice of termination to be given under clause 8 of the Agreement shall be sent not just to the Party’s representative in accordance with the above, but also for the attention of any director or principal contact as set out in the Proposal Document(s), A notice of termination shall only be delivered by hand or by first class post.
The headings to these General Terms of Business are for ease of reference only, and do not affect the interpretation or construction hereof.
20. Partnership and Staff
20.1 Nothing in the Agreement creates, evidences or implies any partnership or joint venture between the Parties, or the relationship of principal and agent.
20.2 Riverbank has the discretion to allocate such staff as it from time to time sees fit to fulfil its obligations under clause 2 above
21.1 If any provision or part-provision of the Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or partprovision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of the Agreement.
21.2 If any provision or part-provision of the Agreement is invalid, illegal or unenforceable, the parties shall negotiate in good faith to amend such provision so that, as amended, it is legal, valid and enforceable, and, to the greatest extent possible, achieves the intended commercial result of the original provision.
22 Third party rights
A person who is not a party to the Agreement shall not have any rights to enforce its terms.
23. Governing Law and Jurisdiction
23.1 The Agreement, and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non contractual disputes or claims), shall be governed by, and construed in accordance with the law of England and Wales.
23.2 Each Party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with the Agreement or its subject matter or formation (including non-contractual disputes or claims).
Schedule 1 Data protection
Part 1 Data processing details Processing of the Protected Data by Riverbank under this Agreement shall be for the subject-matter, duration, nature and purposes and involve the types of personal data and categories of Data Subjects set out in this Schedule 1, Part 1.
1. Subject-matter of processing: Personal data of staff employed by the Customer
2. Duration of the processing: For the duration of this Agreement and 2 years post termination.
3. Nature and purpose of the processing: For the purposes of providing the Services to the Customer.
4. Type of Personal Data: Firstname, lastname, job title, type of user, telephone number, company name, department name, company address, email address, cookies, IP addresses, Service Tickets logged and actions taken, projects logged and actions taken, feedback on tickets and projects, financial details required for performing contract.
5. Categories of Data Subjects: No special category data is collected or processed by Riverbank IT Management Ltd.
6. Specific processing instructions (if applicable): None
7. Sub-Processors: Third parties are used as Cloud sub-processors by Riverbank for the provision of certain services, as defined in the Cloud Sub-Processors List document All of the organisations are either (i) UK or EEA based with appropriate contractual obligations or safeguards around GDPR in place, or (ii) Non-EEA based but either part of the US-EU Privacy Shield or with EU Model Contract Clauses in place to assure Appropriate safeguards. Further details on these organisations can be given on request. Riverbank will not change to alternative organisations without informing the Customer, who will have an option to terminate the contract if the alternative is not suitable. Riverbank may also pass Personal Data on to our approved suppliers if required in order to fulfil agreed contractual obligations (for example to purchase an item on your behalf that is being shipped to you, we will need to pass your name, address, and contact details to the Supplier). Riverbank commit to only using suppliers who can demonstrate appropriate contractual obligations or safeguards around GDPR.
Part 2 Technical and organisational security measures
1. Riverbank shall implement and maintain the following technical and organisational security measures to protect the Protected Data:
1.1 [In accordance with the Data Protection Legislation, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of the Protected Data to be carried out under or in connection with this Agreement, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons and the risks that are presented by the processing, especially from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the Protected Data transmitted, stored or otherwise processed, Riverbank shall implement appropriate technical and organisational security measures appropriate to the risk, including as appropriate those matters mentioned in Articles 32(a) to 32(d) (inclusive) of the GDPR.