- 07 Mar 2023
- 53 Minutes to read
- DarkLight
Terms of Service
- Updated on 07 Mar 2023
- 53 Minutes to read
- DarkLight
CUSTOMER WISHES TO ACCESS THE NEXUDUS PLATFORM. THESE PLATFORM TERMS OF
SERVICE (THE “TERMS OF SERVICE”) GOVERN AND CONDITION THE NATURE AND SCOPE
OF THE SERVICES TO BE PROVIDED BY NEXUDUS TO CUSTOMER.
PLEASE READ THESE TERMS OF SERVICE CAREFULLY. BY PURCHASING A SUBSCRIPTION
FOR ACCESSING OR OTHERWISE USING THE NEXUDUS PLATFORM AND/OR REGISTERING
ON THE NEXUDUS PLATFORM, YOU REPRESENT THAT (1) YOU HAVE READ, UNDERSTAND,
AND AGREE TO BE BOUND BY THESE TERMS OF SERVICE; (2) YOU ARE OF LEGAL AGE TO
FORM A BINDING CONTRACT WITH NEXUDUS LIMITED; AND (3) YOU HAVE THE AUTHORITY
TO ENTER INTO AN AGREEMENT PERSONALLY OR ON BEHALF OF THE LEGAL ENTITY YOU
HAVE NAMED AS THE USER, AND TO BIND THAT LEGAL ENTITY TO THESE TERMS OF
SERVICE.
WE MAY UPDATE THESE TERMS OF SERVICE FROM TIME TO TIME. YOUR CONTINUED USE
OF THE NEXUDUS PLATFORM AFTER SUCH UPDATES CONSTITUTES YOUR ACCEPTANCE
OF SUCH UPDATES. IN THE EVENT ANY UPDATE TO THESE TERMS OF SERVICE HAS A
MATERIAL IMPACT ON YOUR RIGHTS AND/OR OBLIGATIONS, WE WILL NOTIFY YOU VIA
EMAIL.
THE TERM “CUSTOMER” REFERS TO THE INDIVIDUAL OR LEGAL ENTITY, AS APPLICABLE,
IDENTIFIED AS THE USER WHEN YOU PURCHASED A SUBSCRIPTION OR REGISTER ON THE
NEXUDUS PLATFORM. IF YOU DO NOT AGREE TO BE BOUND BY THESE TERMS OF
SERVICE, YOU MAY NOT ACCESS OR USE THE SERVICES.
1. INTERPRETATION
1.1. The following definitions apply to these Terms of Service:
(a) “Access Protocols”: means the user log-in credentials to enable Authorised Users to access the Nexudus Platform.
(b) “Affiliate”: means any entity that directly or indirectly controls, is controlled by, or is under common control with another entity.
(c) “Authorised Users”: means those Customer Personnel who are authorised by Customer to access the Nexudus Platform.
(d) “Business Day”: means any day which is not a Saturday, Sunday or public holiday in the United Kingdom and on which the banks are open for business in London.
(e) “Customer”: means the person or entity purchasing a Subscription, as specified in a Subscription Confirmation.
(f) “Documentation”: means the documentation published by Nexudus at www.help.nexudus.com that describes the Nexudus Technology and its use, operation, features, functionality and capabilities.
(g) “Effective Date”: means the date on which Customer’s Subscription begins, as specified in a Subscription Confirmation.
(h) “Fees”: means any or all of the fees and charges charged to Customer for the use of the Nexudus Platform, as calculated by reference to the information available at https://help.nexudus.com/docs/nexudus-pricing.
(i) “Initial Term”: means the period of one (1) month starting on the Effective Date, or any other period as specified in a Subscription Confirmation.
(j) “Input Data”: means any data, media, information or other content that is inputted by or on behalf of Customer (including by Authorised Users) to the Nexudus Platform.
(k) “Intellectual Property Rights”: means all copyright and related rights, patents, rights to inventions, utility models trademarks, service marks, trade, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, moral rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world.
(l) “Losses”: means all losses, liabilities, damages, costs, claims, charges, demands, actions, proceedings and expenses (including legal and professional fees and disbursements and costs of investigation, litigation, settlement, judgment, interest and penalties).
(m) “Nexudus Data”: means any data, media, information or other content that is accessible via the Nexudus Technology (excluding any Input Data and Output Data).
(n) “Nexudus Platform”: means Nexudus’ web-based software-as-a-service white-label platform to manage your coworking and flex workspace owned, operated and/or licensed by Nexudus, which may be used by Customer to structure, label, process, share and analyse Input Data, together with any Nexudus Data comprised therein or accessed thereby.
(o) “Nexudus Technology”: means the Nexudus Platform, and any website and application or software used to access the Nexudus Platform, together with any and all technology and software owned or used by Nexudus, including any associated algorithms, machine learning models, data analysis models, application programming interfaces (APIs), dedicated servers and virtual environments, processes, materials, tools, and business methods relating thereto, including, in each case any and all: (a) updates thereto; (b) documentation relating thereto; (c) Intellectual Property Rights therein or thereto; and (d) any benchmarking, analytics or technical data relating to the performance or operation thereof.
(p) “Nexudus”: means Nexudus Ltd, a company incorporated and registered in England with company number 09772435 whose registered office is at Office 4, 21 Knightsbridge, London SW1X 7LY, England.
(q) “Output Data”: means any content generated by the Nexudus Platform in course of the ordinary operation thereof, including the results of analysing the Input Data using the Nexudus Technology.
(r) “Personal Data”: means any information that relates to an identified or identifiable individual.
(s) “Personnel”: means a Party’s employees, agents, consultants or contractors.
(t) “Renewal Term”: means each subsequent period of one (1)-month following the expiry of the Initial Term, or any other period as specified in a Subscription Confirmation.
(u) “Service Level Agreement”: means the service levels specified in a Subscription Confirmation, or if there are none, the Service Level Agreement set out in Annex 1 (Service Levels) to these Terms of Service, and “Service Levels” means the levels of performance of the Nexudus Platform set out therein.
(v) “Subscription” means a subscription purchased by Customer to access and use the Nexudus Platform, as specified in a Subscription Confirmation.
(w) “Subscription Confirmation”: means the confirmation sent to Customer via email confirming the purchase of a Subscription.
(x) “Subscription Product”: means the specific product granting access to certain functionalities of the Nexudus Platform, as specified in a Subscription Confirmation.
(y) “Term”: means the Trial Period (if any), any Initial Term and any Renewal Term(s).
(z) “Third-Party Content”: means any and all content, data, media, information, software (including all Intellectual Property Rights relating thereto or subsisting therein) that is owned by and/or licensed from a third-party, including any datasets made available through the Nexudus Technology which is licensed on an open source basis.
(aa) “Trial Period”: means the period of twenty one (21) days, or any other period agreed between the parties in writing, starting on the date of activation of Customer’s account.
1.2. References to “Clauses” in these Terms of Service are references to the clauses of these Terms of Service and references to “Paragraphs” are to the paragraphs of the Annexes to these Terms of Service.
1.3. A “person” includes a natural person, corporate or unincorporated body.
1.4. Any reference to these Terms of Service terminating shall, where the context requires, include a reference to these Terms of Service terminating by expiry of the Term.
1.5. Unless the context otherwise requires, words in the singular include the plural, and words in the plural include the singular, and references to one gender are references to the other genders.
1.6. A reference to a statute of statutory provision is a reference to it as it is in force for the time being, taking account of any amendment, extension, or re-enactment and includes any subordinate legislation for the time being in force made under it.
1.7. The words “include” and “including” (or similar) shall be construed as illustrative only and shall not limit the sense of the description, definition, phrase or term(s) that comes before the relevant term.
1.8. Any reference to an English legal term for any action, remedy, method or judicial proceedings legal document, legal status, court, official, or any other legal concept shall, in respect of any other jurisdiction than England be deemed to include the legal term which most nearly approximates in that jurisdiction to the English legal term.
1.9. Any reference to the “Parties” means Nexudus and Customer and “Party” shall mean one of them.
2. TRIAL PERIOD AND TERM
2.1. Unless terminated earlier pursuant to the terms of Clause 17, this Agreement shall:
(a) commence on the day it is accepted by Customer as part of the activation of Customer’s account;
(b) continue for the Trial Period (if any) and thereafter for the Initial Term, unless Customer gives written notice to Nexudus before the end of the Trial Period to terminate the Subscription at the end of the Trial Period; and
(c) automatically renew for further successive Renewal Terms at the end of the Initial Term and at the end of each Renewal Term, unless either Party gives written notice to the other Party not later than thirty (30) days before the end of the Initial Term or a Renewal Term to terminate the Subscription at the end of the Initial Term or that Renewal Term.
2.2. Customer will not incur any Fees if it gives written notice to Nexudus prior to expiry of the Trial Period to terminate the Subscription pursuant to Clause 2.1(b).
2.3. For the avoidance of doubt, if Customer fails to give written notice to Nexudus prior to expiry of the Trial Period to terminate the Subscription pursuant to Clause 2.1(b), then the Initial Term will commence automatically at the end of the Trial Period and Customer shall only be entitled to terminate the Subscription pursuant to Clause 17.
3. LICENSING OF NEXUDUS PLATFORM AND OTHER NEXUDUS TECHNOLOGY
3.1. Subject to Customer’s and its Authorised Users’ continuing compliance with these Terms of Service (including payment of all Fees due and payable in accordance with Clause 10 and the restrictions set out in Clause 4), Nexudus hereby grants Customer a limited, personal, non-exclusive, non-transferable right for its Authorised Users to access and use the features and functions of the Nexudus Technology during the Term as part of Customer’s internal business operations.
3.2. The licence granted in Clause 3.1 is subject to any limitations applicable to the Subscription Product purchased by Customer.
3.3. Customer is solely responsible for all activities that Authorised Users undertake on the Nexudus Technology. Customer shall immediately notify Nexudus of any unauthorised use of any Authorised User’s Access Protocols. Nexudus will not be liable for any Losses arising from Customer’s failure to ensure each Authorised User maintains the confidentiality of its Access Protocols.
3.4. In relation to the Authorised Users, Customer undertakes that:
(a) it shall ensure that:
(i) only Authorised Users access the Nexudus Platform; and
(ii) each Authorised User maintains the confidentiality of the Access Protocols; and
(b) it will not allow or suffer any Access Protocols allocated to an Authorised User to be used by more than one individual Authorised User; and
(c) it shall immediately notify Nexudus if any Authorised User ceases to be employed or otherwise engaged by Customer.
3.5. Nexudus may from time to time make commercially reasonable updates to the Nexudus Technology and the way it operates. If any such change is likely to have a material impact on Customer and its use of the Nexudus Technology, Nexudus will use commercially reasonable efforts to inform Customer in advance of such changes taking effect.
4. RESTRICTIONS
4.1. Customer shall not, nor shall it instruct or permit, procure, enable or request any third-party (including its Authorised Users and other Personnel) to, take any action designed or intended to:
(a) use the Nexudus Technology (or any part thereof) in any manner or for any purpose that is inconsistent with these Terms of Service;
(b) use the Nexudus Technology (or any part thereof) in any manner or for any purpose that is inconsistent with Nexudus’ Acceptable Use Policy available at https://help.nexudus.com/docs/acceptable-use-policy;
(c) provide or otherwise make the Nexudus Technology (or any part thereof) available to any third parties other than to Authorised Users;
(d) use the Nexudus Technology (or any part thereof) to:
(i) create, market or distribute any product or service that is competitive with the Nexudus Platform or any other part of the Nexudus Technology; or
(ii) act as a service bureau on behalf of, or otherwise provide processing or services support to, any third-party;
(e) introduce to the Nexudus Technology any ‘back door’, ‘drop dead device’, ‘time bomb’, ‘Trojan horse’, ‘virus’, or ‘worm’ (as such terms are commonly understood in the software industry) or any other equivalent code, software routine or instructions designed or intended to disrupt, disable, harm or otherwise impede in any manner the operation of the Nexudus Technology or any device or system owned or controlled by Nexudus or any third-party, or which otherwise may damage or destroy any data or file;
(f) modify, copy, resell, rent, lease, sub-licence, load, merge, adapt or translate the Nexudus Technology (or any part thereof);
(g) contest, challenge or otherwise make any claim or take any action adverse to Nexudus’ ownership of, or interest in, the Nexudus Technology (or any part thereof);
(h) re-use, disseminate, copy or otherwise use the Nexudus Technology (or any part thereof) in a way that infringes, misappropriates, or violates any Intellectual Property Rights or other right of Nexudus or any third-party; or
(i) remove, alter, obscure Nexudus’ trade mark, copyright notice or any other proprietary notice from the Nexudus Technology (or any part thereof).
(j) interfere with the proper working of the Nexudus Technology;
(k) circumvent, disable, or interfere with security-related features of the Nexudus Technology or features that prevent or restrict use, access to, or copying the Nexudus Technology, or that enforce limitations on use of the Nexudus Technology;
(l) impose (or which may impose, in Nexudus’ sole discretion) an unreasonable or disproportionately large load on the Nexudus Technology; or
(m) reverse-engineer, decompile, unbundle, disassemble, or create derivative works based on the Nexudus Technology (or any part thereof) unless, and to the limited extent that, applicable laws of Customer’s jurisdiction require Nexudus to give Customer the right to do so to obtain information necessary to render the Nexudus Technology interoperable with other software; provided, however, that Customer must first request such information from Nexudus, and Nexudus may (in its sole discretion) either provide such information to Customer or impose reasonable conditions on such use of the source code for the Nexudus Technology to ensure that Nexudus and its licensors’ proprietary rights in the source code for the Nexudus Technology are protected.
5. CUSTOMER DEPENDENCIES
5.1. In order to permit Nexudus to provide Authorised Users with access to the Nexudus Technology in accordance with the terms of these Terms of Service, Customer shall ensure that:
(a) all Authorised Users have installed, and access the Nexudus Technology via, a supported version of the internet browsers and operating systems that are listed in the Documentation as supported by Nexudus from time to time;
(b) it has an internet connection with adequate bandwidth for Authorised Users to access and use the Nexudus Technology;
(c) it shall maintain connectivity to the extent necessary to prevent network performance degradation;
(d) it shall implement and maintain effective security policies and procedures to prevent unauthorised disclosure of Access Protocols and unauthorised access to the Nexudus Technology;
(e) it shall obtain or procure all authorisations, instructions and/or permissions as may be necessary for Nexudus to provide Authorised Users with access to the Nexudus Technology;
(f) it shall make available to Nexudus its employees and other staff members (in such number and with such level of seniority) as may be reasonably required in the circumstances to address any issue with the implementation, provision or cessation of access to the Nexudus Technology; and
(g) it shall ensure that Customer has appropriate licences in place to use any third-party libraries, modules and/or plug-ins used by Customer in connection with the Nexudus Platform (including in respect of Google Maps, Google ReCAPTCHA, AddEvent and FullCalendar.io).
5.2. Nexudus shall be relieved from any failure to comply with its obligations to provide Authorised Users with access to the Nexudus Technology if and to the extent that Nexudus can demonstrate that such failure was caused by Customer’s failure to meet any obligation or dependency on Customer outlined in Clause 5.1.
6. SUPPORT SERVICES AND SERVICE LEVELS
6.1. Nexudus will use commercially reasonable efforts to provide technical support to Customer as detailed in the Service Levels.
6.2. Nexudus will use commercially reasonable efforts to provide access to the Nexudus Platform in a manner that meets or exceeds the Service Levels.
7. OWNERSHIP OF NEXUDUS TECHNOLOGY
7.1. As between the Parties, Nexudus retains sole ownership of all right, title and interest, including all Intellectual Property Rights, in and to the Nexudus Technology (subject only to any Input Data or Output Data comprised therein).
7.2. Customer will not acquire any right, title or interest in or to the Nexudus Technology (subject only to the limited licence granted under Clause 3.1) and Nexudus reserves all rights therein and thereto not expressly granted in these Terms of Service.
8. OWNERSHIP AND LICENSING OF INPUT DATA
8.1. As between the Parties, Customer retains sole ownership of all right, title and interest, including all Intellectual Property Rights, in and to the Input Data.
8.2. Nexudus will not acquire any right, title or interest in or to the Input Data (subject only to the limited licences granted under Clause 8.3) and Customer reserves all rights therein and thereto not expressly granted in these Terms of Service.
8.3. Customer hereby grants to Nexudus:
(a) a non-exclusive, worldwide, royalty-free, irrevocable during the Term, licence to use the Input Data for the purpose of delivering access to Customer to the Nexudus Technology as contemplated under these Terms of Service; and
(b) a non-exclusive, sublicensable, transferable, perpetual, irrevocable, worldwide licence to use the Input Data in an aggregated form for the purpose of enabling Nexudus to monitor, analyse and improve the performance of the Nexudus Technology (including for the purposes of improving the algorithms and machine learning models made available through the Nexudus Platform).
9. OWNERSHIP AND LICENSING OF OUTPUT DATA
9.1. As between the Parties, all Intellectual Property Rights in and to the Output Data shall vest in Customer upon their creation absolutely.
9.2. Nexudus will not acquire any right, title or interest in or to the Output Data (subject only to the limited licences granted under Clause 9.3) and Customer reserves all rights therein and thereto not expressly granted in these Terms of Service.
9.3. Customer hereby grants to Nexudus:
(a) a non-exclusive, worldwide, royalty-free, irrevocable during the Term, licence to use the Output Data for the purpose of delivering access to Customer to the Nexudus Technology as contemplated under these Terms of Service; and
(b) a non-exclusive, sublicensable, transferable, perpetual, irrevocable, worldwide licence to use the Output Data in an aggregated form for the purpose of enabling Nexudus to monitor, analyse and improve the performance of the Nexudus Technology (including for the purposes of improving the algorithms and machine learning models made available through the Nexudus Platform).
10. FEES
10.1. Customer hereby agrees to pay the applicable Fees for access to the Nexudus Platform. Customer acknowledges and agrees that the applicable Fees will vary depending on Customer’s use of the Nexudus Platform, as further detailed at https://help.nexudus.com/docs/nexudus-pricing.
10.2. By purchasing a Subscription and providing us with payment card details at checkout, Customer authorises Nexudus (acting by its payment processor) to charge the relevant payment method for the full amount of Fees automatically at the start of the Initial Term and again at the beginning of any Renewal Term(s).
10.3. All Fees are exclusive of applicable value-add tax or other sales taxes, which will be billed to Customer as an additional charge at the rate that is in force from time to time.
10.4. Nexudus may adjust the Fees charged at any time. If that happens, Nexudus will notify Customer of such changes via email at least thirty (30) days before such changes come into effect, and Customer will have the opportunity to cancel its Subscription before such changes come into effect.
10.5. In addition to any other rights or remedies available to Nexudus, if Customer fails to pay any sums within ten (10) days of the due date:
(a) any portion of any sums that is not paid when due and payable will accrue interest equal to five percent (5%) per annum above the base lending rate from time to time of Barclays Bank, accruing on a daily basis and being compounded quarterly, from the time the indebtedness arose, with interest on all overdue interest accruing at the same rate and calculated and payable in the same manner until fully paid, whether before or after judgment; and
(b) Nexudus may immediately suspend Customer’s access to the Nexudus Platform and/or any and all other parts of its services until payment of the sums is made by Customer in full.
11. NEXUDUS’ WARRANTIES AND INDEMNITIES
11.1. Subject to Clause 15, Clause 19.1 and Annex 1 (Service Levels), Nexudus warrants that during the Term, the Nexudus Technology will:
(a) materially conform to the then-current Documentation when used in accordance therewith and the terms of these Terms of Service; and
(b) be delivered and maintained with reasonable skill and care.
11.2. The warranty set forth in Clause 11.1 shall not apply:
(a) in the event that Customer or any third-party has breached any of the restrictions outlined in Clause 4; or
(b) to any defects or issues arising as a result of any use of the Nexudus Technology in combination with other products, hardware, equipment, software, or data (including Third-Party Content) not expressly authorised by Nexudus to be used with the Nexudus Technology.
11.3. Subject to Annex 1 (Service Levels), Nexudus’ sole liability, and Customer’s sole remedy, for breach of the warranty in Clause 11.1 shall be Nexudus’ use of commercially reasonable efforts to remedy defects covered by such warranty within thirty (30) days of receipt of notice of such defect or, at Nexudus’ option, a refund of the sums paid by Customer for the defective element of the Nexudus Technology on a pro-rated basis.
11.4. Each Party warrants and represents on an ongoing basis that it has, and undertakes that it shall continue to have for the duration of these Terms of Service, the requisite power, capacity and authority to enter into these Terms of Service and to carry out the obligations under these Terms of Service.
11.5. Subject to Clauses 11.6 and 11.7, Nexudus shall indemnify Customer from and against Losses incurred by Customer as a result of amounts awarded in judgment or settlement of any third-party claim or proceeding against Customer that Customer’s use of the Nexudus Technology, within the scope of the rights of use granted to Customer under these Terms of Service, infringes the Intellectual Property Rights of a third-party.
11.6. Customer shall notify Nexudus in full, accurate and complete detail in writing promptly after it becomes aware of any event or any allegation, claim, demand, proceeding or other action, which it believes may give rise to a claim for indemnification under Clause 11.5 (an “Indemnified Claim”). Customer shall:
(a) allow Nexudus sole authority to control the defence and settlement of any Indemnified Claim;
(b) provide Nexudus with all reasonable cooperation in the defence of any Indemnified Claim; and
(c) not settle or compromise any Indemnified Claim or make any admission of liability without the express prior written consent of Nexudus.
11.7. Notwithstanding Clause 11.5 or any provision of these Terms of Service to the contrary, Nexudus shall have no liability whatsoever to Customer in respect of any Indemnified Claim based on or arising directly or indirectly as a result of:
(a) Customer exceeding the scope of any right, licence or consent to use the Nexudus Technology under these Terms of Service;
(b) any use of the Nexudus Technology not in accordance with these Terms of Service or the Documentation;
(c) a breach by Customer or any third-party of any of the restrictions outlined in Clause 4;
(d) any use of the Nexudus Technology in combination with other products, hardware, equipment, software or data not expressly authorised by Nexudus to be used with the Nexudus Technology; or
(e) any modification of the Nexudus Technology by any person other than Nexudus or its expressly authorised agents or any third-party that performs any element of the services described in these Terms of Service for or on behalf of Nexudus.
12. CUSTOMER’S WARRANTIES AND INDEMNITIES
12.1. Nexudus shall not be responsible for any loss, destruction, alteration or disclosure of Input Data caused by any third-party. Customer will be responsible for maintaining back-up copies of all Input Data residing in or relying in any way on the Nexudus Technology.
12.2. Customer warrants and represents on an ongoing basis that, throughout the Term:
(a) it shall have the necessary rights, power, consents and authority to transmit Input Data to Nexudus under, and in the fashion described in, these Terms of Service; and
(b) it has lawfully collected, and has a lawful basis for sharing with Nexudus as contemplated under these Terms of Service, any Personal Data included in Input Data or Output Data.
12.3. Customer will indemnify, defend and hold Nexudus and its officers, directors, employees and agents harmless from and against any and all Losses arising from or in connection with, Customer’s breach of the warranty, representation and/or undertaking given in Clause 12.2.
13. DISCLAIMER AND LIMITATION OF LIABILITY
13.1. Except as expressly and specifically provided in these Terms of Service, Customer acknowledges and agrees that the Nexudus Technology is expressly provided on an ‘as is’ and ‘as available’ basis, and Nexudus disclaims all terms, warranties and conditions (whether express or implied) relating to the subject matter hereof.
13.2. Nothing in these Terms of Service limits or excludes liability of Customer to pay Nexudus any sums due under these Terms of Service.
13.3. Nothing in these Terms of Service limits or excludes the liability of either Party for:
(a) death or personal injury caused by its negligence;
(b) fraud or fraudulent misrepresentation;
(c) any indemnification obligation; or
(d) any other act, omission, or liability which may not be limited or excluded by applicable law.
13.4. Subject to Clauses 13.2 and 13.3, neither Party shall in any circumstances be liable to the other Party whether in contract, tort (including for negligence), breach of statutory duty (howsoever arising), misrepresentation (whether innocent or negligent), restitution or otherwise, for:
(a) any loss (whether direct or indirect) of profits, business, business opportunities, revenue, turnover, reputation or goodwill;
(b) any loss or corruption of data or information (whether direct or indirect);
(c) any loss (whether direct or indirect) of anticipated savings or wasted expenditure (including management time);
(d) any loss or liability (whether direct or indirect) under or in relation to any other contract; or
(e) any loss or liability (whether direct or indirect) arising as a result of a Party’s, or any third-party’s use of, or reliance upon, the Output Data.
13.5. Subject to the remainder of this Clause 13, each Party’s total aggregate liability (whether in contract, tort (including negligence or breach of statutory duty), misrepresentation (whether innocent or negligent), restitution or otherwise) arising in connection with the performance or contemplated performance of these Terms of Service shall under no circumstances exceed one hundred per cent (100%) of all Fees paid or payable by Customer pursuant to and in accordance with these Terms of Service in the six (6) months preceding the rise of the relevant claim.
14. DATA PROTECTION
14.1. Solely to the extent that any Input Data or Output Data constitutes Personal Data, the Parties shall comply with their respective obligations set forth in Annex 2 (Data Processing Addendum) to these Terms of Service.
14.2. In the case of any inconsistency, conflict or ambiguity between any of the provisions of these Terms of Service and Annex 2 (Data Processing Addendum), the provisions of Annex 2 (Data Processing Addendum) shall prevail in preference to these Terms of Service.
15. THIRD-PARTY CONTENT
15.1. Certain elements of the Nexudus Platform may permit or enable Customer and/or its Authorised Users to search for, find, store, manage, access or use Third-Party Content.
15.2. Customer acknowledges that Nexudus does not warrant, represent, endorse, support or guarantee the completeness, truthfulness, accuracy, reliability, performance, fitness for purpose or any other attributes of any Third-Party Content, nor shall Nexudus be responsible for reviewing or attempting to verify the accuracy or currency of any Third-Party Content.
15.3. Customer acknowledges that:
(a) Customer and/or its Authorised Users may be required to enter into certain agreements with the owner(s) or licensor(s) of Third-Party Content; and
(b) in the event the relevant agreements are not entered into, Customer and/or its Authorised Users may be unable to access:
(i) such Third-Party Content; and/or
(ii) any or all of those elements of the Nexudus Platform that permit or enable Customer and/or its Authorised Users to search for, find, store, manage, access or use such Third-Party Content.
15.4. To the fullest extent permitted by law, Nexudus expressly disclaims any and all express or implied terms of any nature relating to Third-Party Content.
15.5. As between Customer and Nexudus, Customer is solely responsible for:
(a) any Third-Party Content integrated with, used with or accessed via the Nexudus Platform;
(b) determining the suitability of any Third-Party Content for its intended use by Customer; and
(c) as necessary for its intended use, verifying the authenticity and accuracy of the Third-Party Content prior to using it.
16. CONFIDENTIALITY
16.1. In these Terms of Service, “Confidential Information” means any information that is clearly labelled or identified as confidential, or ought to reasonably be treated as being confidential, and includes the Nexudus Technology, Input Data, Output Data and any screenshots of the operation of the Nexudus Technology.
16.2. Confidential Information excludes any information which:
(a) is or becomes publicly known other than through a breach of these Terms of Service;
(b) was in the receiving Party’s lawful possession before the disclosure;
(c) is lawfully disclosed to the receiving Party by a third-party without restriction on disclosure;
(d) is independently developed by the receiving Party and that independent development can be shown by written evidence; or
(e) is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.
16.3. Each Party will hold the other’s Confidential Information in confidence and not make the other’s Confidential Information available to any third-party unless that third-party is subject to an equivalent duty of confidentiality.
16.4. Neither Party will use the other’s Confidential Information for any purpose other than the implementation of these Terms of Service.
16.5. Each Party will take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its Personnel in breach of the terms of these Terms of Service.
16.6. This Clause 16 will survive termination of these Terms of Service.
17. SUSPENSION AND TERMINATION
17.1. Without affecting any other right or remedy available to it, Nexudus may immediately suspend Customer’s access to the Nexudus Technology in the event it considers (acting reasonably and in good faith) that Customer is in breach of any of the restrictions set out in Clause 4, until such time as Customer remedies that breach.
17.2. Either Party may terminate any Subscription at any time without further liability by giving thirty (30) days’ written notice to the other Party.
17.3. Without affecting any other right or remedy available to it, either Party may terminate any Subscription with immediate effect and without further liability by giving written notice to the other Party:
(a) at any time during the Trial Period, pursuant to Clause 2.1(b);
(b) if the other Party commits a material breach of any term of these Terms of Service which breach is irremediable or (if such breach is remediable) fails to remedy that breach within a period of thirty (30) days after being notified to do so; or
(c) if the other Party becomes insolvent or unable to pay its debts (as defined in section 123 of the Insolvency Act 1986), proposes a voluntary arrangement, has a receiver, administrator or manager appointed over the whole or any part of its business or assets, suffers the presentation of any petition, the making of any order shall or the passing of any resolution for its winding up (except for the purposes of a bona fide solvent amalgamation or reconstruction), bankruptcy or dissolution, otherwise proposes or enters into any composition or arrangement with its creditors or any class of them, ceases to carry on business or claims the benefit of any statutory moratorium, or undergoes any similar or equivalent process in any jurisdiction.
18. CONSEQUENCES OF TERMINATION
18.1. On termination of any Subscription:
(a) Customer shall promptly (and in any event within ten (10) Business Days of the date of termination) pay Nexudus any outstanding balances owing to Nexudus under the applicable Subscription; and
(b) any and all licences, permissions and authorisations granted to Customer and/or its Authorised Users by Nexudus under these Terms of Service will terminate automatically.
18.2. Any obligation to return, destroy or permanently erase Confidential Information outlined in Clause 18.1(c) shall not apply:
(a) in respect of the Input Data and Output Data that Nexudus may be entitled to retain pursuant to Clauses 8.3(b) and 9.3(b);
(b) in respect of one (1) copy of the Input Data and Output Data that Nexudus may be entitled to retain as necessary to comply with any legal, regulatory, judicial, audit, or internal compliance requirements; and
(c) to any Confidential Information that is retained by Nexudus on electronic back-up media made in the ordinary course of business and from which it cannot readily be isolated from other information and deleted.
18.3. Any provision of these Terms of Service that either expressly or by implication is intended to come into or continue in force on or after termination of these Terms of Service shall remain in full force and effect.
18.4. Termination of a Subscription shall not affect any rights, remedies, obligations or liabilities of the Parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of these Terms of Service which existed at or before the date of termination.
19. GENERAL
19.1. Marketing. Customer acknowledges and agrees that Nexudus may include Customer’s name, logo and/or a description of the technology and services provided to Customer under these Terms of Service in lists of Nexudus’ clients on its website.
19.2. Feedback. Customer may at any time submit to Nexudus ideas, suggestions and/or feedback to improve the Nexudus Platform (collectively, “Feedback”). In doing so, Customer warrants that it has all rights necessary to submit such Feedback and acknowledges and agrees that any such Feedback (including any Intellectual Property Rights therein) shall be owned by Nexudus. Customer hereby assigns to Nexudus, by way of present and future assignment, all right, title and interest in and to Feedback (including any Intellectual Property Rights therein).
19.3. Force Majeure. No Party will be in breach of these Terms of Service nor liable for any failure to perform its obligations under these Terms of Service if that failure results from circumstances beyond its reasonable control (for the purposes of this Clause 19.3, a “Force Majeure Event”). If a Force Majeure Event continues for three (3) months, the unaffected Party may terminate these Terms of Service by giving thirty (30) days’ written notice to the other Party.
19.4. Non-solicitation. During the Term, and for a further six (6) months following termination, Customer agrees that it shall not directly or indirectly employ or engage (without Nexudus’ prior written agreement), or solicit for such employment or engagement, any of Nexudus’ Personnel who have been engaged in the performance of these Terms of Service, whether or not such person would commit a breach of contract by reason of leaving service or office; provided that this Clause 19.4 shall not prohibit:
(a) print or electronic employment advertising of a general nature (a “General Employment Notice”), or
(b) employment or engagement by Customer of individuals resulting from a General Employment Notice.
19.5. Open source software. Certain elements of the Nexudus Technology are subject to ‘open source’ or ‘free software licenses’ (for the purposes of this Clause 19.5, “Open Source Software”). Customer acknowledges that certain elements of such Open Source Software are owned by third parties. No Open Source Software is licensed under any provision of these Terms of Service under which Nexudus grants Customer any licence to use the Nexudus Technology; instead, each item of Open Source Software is licensed under the terms of the end-user licence that accompanies such Open Source Software (for the purposes of this Clause 19.5, each an “OSS Licence”). Nothing in these Terms of Service limits Customer’s rights under, or grants Customer rights that supersede, the terms and conditions of any OSS Licence. If required by any OSS Licence, Nexudus shall make available relevant pieces of Open Source Software available upon written request.
19.6. Subcontracting. Nexudus may engage any third-party to perform its obligations under these Terms of Service, provided that Nexudus shall remain fully liable to Customer for performance of such obligations (subject to the exclusions and limitations outlined herein).
19.7. Assignment. Customer may not assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under these Terms of Service, without the prior written consent of Nexudus provided that Customer may freely assign these Terms of Service (in whole, but not in part) to: (a) any of its Affiliates; or (b) the acquirer of all or substantially all of its business or assets.
19.8. These Terms of Service are subject to occasional revision. Any changes to these Terms of Service will be effective immediately for new Customers, and will be effective thirty (30) days after publishing the revised Terms of Service on the Nexudus Platform and/or website for existing Customers. Continued use of the Nexudus Platform following the publication of the updated Terms of Service shall indicate Customer’s acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes. Should any change to these Terms of Service have a material impact on your rights and/or obligations, we will notify you via email.
19.9. Waiver. A waiver of any right or remedy under these Terms of Service or by law is only effective if given in writing and shall not be deemed a waiver of any subsequent breach or default. A failure or delay by a Party to exercise any right or remedy provided under these Terms of Service or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under these Terms of Service or by law shall prevent or restrict the further exercise of that or any other right or remedy.
19.10. Rights and Remedies. The rights and remedies provided under these Terms of Service are in addition to, and not exclusive of, any rights or remedies provided by law.
19.11. Severance. If any provision or part-provision of these Terms of Service shall be held to be invalid, illegal, void or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this Clause 19.11 shall not affect the validity and enforceability of the rest of these Terms of Service. If one Party gives notice to the other of the possibility that any provision or part-provision of these Terms of Service is invalid, illegal or unenforceable, the Parties shall negotiate in good faith to amend such provision so that, as amended, it is legal, valid and enforceable, and, to the greatest extent possible, achieves the intended commercial result of the original provision.
19.12. Entire agreement. The Subscription Confirmation together with these Terms of Service constitute the entire agreement and understanding between the Parties relating to the matters thereof, and supersede all previous agreements (if any and whether in writing or not) between the Parties in relation to such matters. The Parties acknowledge and agree that, except as otherwise expressly provided for in these Terms of Service, they are not entering into these Terms of Service on the basis of, and are not relying on and have not relied on, any statement, representation, warranty or other provision (in any case whether oral, written, expressed or implied) made, given, or agreed to by any person (whether a Party to these Terms of Service or not) in relation to the subject matter of these Terms of Service, provided that nothing in these Terms of Service shall exclude any Party from liability for fraud or fraudulent misrepresentation.
19.13. No Partnership or Agency. Nothing in these Terms of Service is intended to, or shall be deemed to, establish any partnership or joint venture between any of the Parties, constitute any Party the agent of another Party, or authorise any Party to make or enter into any commitments for or on behalf of any other Party. Each Party confirms it is acting on its own behalf and not for the benefit of any other person.
19.14. Rights of Third Parties. A person who is not a Party to these Terms of Service shall not be entitled to enforce any of its terms in any circumstances, including pursuant to the Contracts (Rights of Third Parties) Act 1999.
19.15. Notices. Any notice required to be given under these Terms of Service will be in writing and will be sent to the email addresses for contractual notices set out in a Subscription Confirmation. Notices will be deemed to have been received at the time of transmission as shown by the sender’s records (or if sent outside business hours, at 9am on the first Business Day following dispatch). A Party may change its details given in a Subscription Confirmation by giving written notice to the other Party.
19.16. Governing law. The Terms of Service and all matters arising from them (including any dispute relating to the existence, validity or termination of these Terms of Service or any contractual or non-contractual obligation) shall be governed by, and construed in accordance with the laws of England.
19.17. Jurisdiction. In relation to any legal action or proceedings to enforce these Terms of Service or arising out of or in connection with these Terms of Service (including any dispute relating to the existence, validity or termination of these Terms of Service or any contractual or non-contractual obligation) (for the purposes of this Clause 19.17, “Proceedings”) each of the Parties irrevocably submits to the exclusive jurisdiction of the courts of England and waives any objection to Proceedings in such courts on the grounds of venue or on the grounds that the Proceedings have been brought in an inappropriate forum provided that a judgment or order of any court may be enforced in any court of competent jurisdiction.
ANNEX 1
Service Levels
1. INTRODUCTION
1.1 In this Annex:
(a) “Business Hours” means between the hours of 10:00 and 18:30 in the UK on a Business Day;
(b) “Help Desk Support” means the technical support and assistance relating to the Nexudus Platform provided by Nexudus’ help desk technicians; and
(c) “Upgrade” means a new version of, or an update to, the Nexudus Platform, whether for the purpose of fixing an error, bug or other issues in the Nexudus Platform or enhancing the functionality of the Nexudus Platform.
2. HELP DESK SUPPORT
2.1 Nexudus will use reasonable efforts to make available during Business Hours a Help Desk Support facility, which in the first instance is provided by way of email and/or instant chat support (at Nexudus’ discretion from time to time) for the purposes of:
(a) assisting Customer with the initial setup configuration of the Nexudus Platform (charges may be applicable in some cases depending on the complexity of the Input Data and/or Customer’s specific requirements);
(b) assisting Customer with the proper use of the Nexudus Platform; and/or
(c) determining the causes of errors and fixing errors in the Nexudus Platform.
3. RESPONSE AND RESOLUTION TIMES
3.1 Nexudus will use reasonable efforts to respond to support requests made through the helpdesk available on the Nexudus Administration Panel and resolve issues raised by Customer in accordance with the following timelines:
Severity | Examples | Response Time | Resolution time |
---|---|---|---|
Serious | Nexudus Platform not functioning or exhibiting a problem that is severely affecting Customer’s use. Third-party integrations and connected services are not covered by this severity level. | 4 business hours. | 24 hours from initial response. |
Moderate | Nexudus Platform is exhibiting a problem but it is not adversely affecting Customer’s use. | 16 business hours. | 24 hours from initial response. |
Minor | General query regarding the operation of the Nexudus Platform. | 72 buisnes hours. | 72 hours from initial response. |
3.2 Nexudus will determine, acting reasonably, which severity category an issue raised by Customer falls into.
3.3 All support services will be provided by Nexudus remotely unless expressly agreed otherwise by the Parties.
4. LIMITATIONS
4.1 Where the total man hours spent by Nexudus in performing the support services under Paragraphs 2 and 3 exceed five (5) hours in any rolling thirty (30)-day period, Nexudus may agree to provide additional support services to Customer during the relevant period, but the provision of such services will be subject to payment by Customer of additional charges at Nexudus’ then-current standard hourly rate (which will be communicated to Customer at the time).
4.2 Nexudus shall have no obligation to provide support services in respect of:
(a) any fault or error caused by the improper use of the Nexudus Platform or the use of the Nexudus Platform otherwise than in accordance with the Documentation;
(b) customisations of the Nexudus Platform requested by, and created for, Customer; or
(c) third-party integration of the Nexudus Platform requested or enabled by Customer (including via the Nexudus Administration Panel).
5. TRAINING
5.1 Any training requested by Customer and delivered by or on behalf of Nexudus will attract additional charges at Nexudus’ then-current standard hourly rate (which will be communicated to Customer at the time).
6. UPGRADES
6.1 Customer acknowledges that, from time to time during the Term, Nexudus may introduce Upgrades to the Nexudus Platform, and that such Upgrades may result in changes the appearance and/or functionality of the Nexudus Platform.
7. UPTIME COMMITMENT
7.1 Nexudus will use all reasonable efforts to ensure that the Nexudus Platform is available 99% of the time during each calendar month.
8. SCHEDULED MAINTENANCE
8.1 Customer acknowledges and agrees that Nexudus may suspend access to the Nexudus Platform in order to carry out scheduled maintenance, and Nexudus will use reasonable efforts to:
(a) provide reasonable advance notice of any such suspension to Customer; and
(b) ensure that any such suspension will not amount to more than twelve (12) hours in any calendar month.
9. BACK-UP AND RESTORATION
9.1 Nexudus will use reasonable efforts to:
(a) create back-ups of the Input Data stored on the Nexudus Platform on a daily basis;
(b) at least once every three (3) days, arrange for the off-site storage of a current back-up of the Input Data stored on the Nexudus Platform (which will be over-written on the following off-site back-up date).
ANNEX 2
Data Processing Addendum
THIS DATA PROCESSING ADDENDUM (“DPA”) is entered into by the Parties.
1. INTERPRETATION
1.1. In this DPA, the following additional terms shall have the meanings set out in this Paragraph 1, unless expressly stated otherwise:
(a) “CCPA” means the California Consumer Privacy Act of 2018.
(b) “Cessation Date” has the meaning given in Paragraph 10.1.
(c) “Controller” means the party that determines the purposes and means of the Processing of Personal Data, and includes a “business” as defined in the CCPA.
(d) “Data Protection Laws” means, collectively: (i) the GDPR; (ii) the CCPA; and (iii) all other applicable laws relating to the collection, Processing and protection of Personal Data and privacy that may exist in any relevant jurisdiction.
(e) “Data Subject Request” means the exercise by a Data Subject of their rights under, and in accordance with, the GDPR in respect of Personal Data.
(f) “EEA” means the European Economic Area.
(g) “GDPR” means, as appropriate and as amended from time to time: (i) the General Data Protection Regulation (Regulation (EU) 2016/679) (“EU GDPR”); and/or (ii) the EU GDPR as it forms part of UK law by virtue of section 3 of the European Union (Withdrawal) Act 2018 (“UK GDPR”), including, in each case any applicable national implementing or supplementary legislation (e.g. the UK Data Protection Act 2018), and any successor, amendment or re-enactment, to or of the foregoing. References to “Articles” and “Chapters” of the GDPR shall be construed accordingly.
(h) “Processor” means the party which Processes Personal Data on behalf of the Controller, and includes a “service provider” as defined in the CCPA.
(i) “Restricted Transfer” means the disclosure, grant of access or other transfer of Personal Data to any person located in: (i) in the context of the EEA, any country or territory outside the EEA which does not benefit from an adequacy decision from the European Commission (an “EEA Restricted Transfer”); and/or (ii) in the context of the UK, any country or territory outside the UK which does not benefit from an adequacy decision from the UK Government (a “UK Restricted Transfer”), which would be prohibited without a legal basis under Chapter V of the GDPR.
(j) “Security Statement” means the Nexudus Security Statement found at https://help.nexudus.com/docs/security-statement.
(k) “Services” means any services provided by Nexudus to Customer in connection with a Subscription.
(l) “Subprocessors” means additional Processors appointed by Nexudus to Process Personal Data on its behalf, including the sub-processors listed at https://help.nexudus.com/v3/docs/subprocessors.
(m) “Supervisory Authority” means: (i) in the context of the EU GDPR, any authority within the meaning of Article 4(21) of the EU GDPR; and (ii) in the context of the UK GDPR, the UK Information Commissioner’s Office.
(n) “UK” means the United Kingdom.
1.2. In this DPA:
(a) the terms “Data Subject”, “Personal Data”, “Personal Data Breach” and “Processing / Process / Processed” shall have the meaning ascribed to the corresponding terms in the Data Protection Laws.
(b) unless otherwise defined in this DPA, all capitalised terms in this DPA shall have the meaning given to them in the Terms of Service; and
(c) any reference to any statute, regulation or other legislation in this DPA shall be construed as meaning such statute, regulation or other legislation, together with any applicable judicial or administrative interpretation thereof (including any binding guidance, guidelines, codes of practice, approved codes of conduct or approved certification mechanisms issued by any relevant Supervisory Authority).
2. ROLES OF THE PARTIES
In the course of Nexudus providing the Services, Customer may from time-to-time provide or make available Personal Data to Nexudus for Processing on the Nexudus Platform in connection with the Services. The Parties acknowledge and agree that, in relation to any such Personal Data, Customer will be the Controller and Nexudus will be a Processor for the purposes of the Data Protection Laws.
3. DETAILS OF PROCESSING
These Terms of Service determine the subject-matter and duration of Nexudus’ Processing of Personal Data, and the obligations and rights of Customer in relation to such Processing. The types of Personal Data, categories of Data Subjects and nature of Nexudus’ Processing of Personal Data are set out in Attachment 1 (Details of Processing).
4. INSTRUCTIONS
4.1. Nexudus shall Process Personal Data:
(a) on behalf of Customer and only in accordance with the instructions given by Customer from time to time as documented in, and in accordance with, the terms of these Terms of Service; or
(b) as required by applicable laws, in which case Nexudus shall (to the extent not prohibited by such laws) inform Customer of that legal requirement before the relevant Processing of that Personal Data.
4.2. Nexudus shall promptly inform Customer if, in its opinion, an instruction infringes against applicable laws.
5. LAWFUL PROCESSING
5.1. Customer shall ensure that it is entitled to give access to the relevant Personal Data to Nexudus so that Nexudus may lawfully Process Personal Data in accordance with these Terms of Service on Customer’s behalf, which may include Nexudus Processing the relevant Personal Data outside the country where Customer and/or the Data Subjects are located in order for Nexudus to provide the Services.
5.2. Customer shall:
(a) comply with its obligations under the Data Protection Laws which arise in relation to this DPA and the receipt of the Services; and
(b) not do or omit to do anything which causes Nexudus (or any Subprocessor) to breach any of its obligations under the Data Protection Laws.
6. PERSONNEL
6.1. Nexudus shall ensure that all persons it authorises to access Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
6.2. Each Party shall take reasonable steps to ensure that any natural person acting under its authority who has access to Personal Data does not Process it except on instructions from it.
7. SECURITY MEASURES
Nexudus shall implement appropriate technical and organisational measures to protect Personal Data and ensure a level of security appropriate to the risk. Nexudus’ measures comprise those documented in its Security Statement.
8. RESTRICTED TRANSFERS
8.1. Nexudus shall store and Process Personal Data inside the EEA or the UK at all times during the Term.
8.2. In the event Nexudus needs to store and/or Process any Personal Data outside of the EEA or the UK at any time during the Term, the Parties acknowledge and agree that this may result in a Restricted Transfer. The Parties shall negotiate in good faith to implement a valid data transfer mechanism which complies with the requirements of Data Protection Laws prior to any such Restricted Transfer taking place.
9. SUBPROCESSORS
9.1. Customer hereby authorises Nexudus to appoint the Subprocessors as additional Processors of Personal Data, provided that Nexudus shall:
(a) impose upon such Subprocessors data protection obligations that ensure at least the same level of data protection as set out in this DPA; and
(b) be responsible for the acts and omissions of such Subprocessors.
9.2. Nexudus shall inform Customer of any intended changes concerning the addition or replacement of a Subprocessor by making such information available to Customer at https://help.nexudus.com/docs/subprocessors. Customer may object to such changes in writing setting out its reasonable concerns in detail within fifteen (15) days from such notice. If Customer does not respond to such changes, Nexudus shall have the right to continue to Process the Personal Data in accordance with the terms of this DPA, including using the relevant Subprocessors. If Customer objects, Nexudus shall consult with Customer, consider Customer’s concerns in good faith and inform Customer of any measures taken to address Customer’s concerns. If Customer upholds its objection and/or demands significant accommodation measures which would result in a material increase in cost to provide the Services, Nexudus shall be entitled to increase the Fees for the Services or, at its option, terminate the relevant Subscription.
10. DELETION
10.1. Upon the date of termination or expiry of Services involving the Processing of Personal Data (the “Cessation Date”), Nexudus shall cease all Processing of Personal Data related to such Services except as set out in this Paragraph.
10.2. Customer hereby acknowledges and agrees that, due to the nature of Personal Data Processed by Nexudus, return (as opposed to deletion) of Personal Data may require exceptional effort by Nexudus in some circumstances. Having regard to the foregoing, Customer agrees that it is hereby deemed (at the Cessation Date) to have irrevocably selected deletion, in preference of return, of such Personal Data. As such, Nexudus shall delete all relevant Personal Data Processed on behalf of Customer within thirty (30) days of the Cessation Date, subject to Nexudus retaining any copies required by applicable laws (and in that case, for such period as may be required by such applicable laws).
11. ASSISTANCE AND COOPERATION
Nexudus shall, upon Customer’s reasonable written request, provide reasonable assistance to Customer with its legal obligations under Data Protection Laws, including any data protection impact assessments and prior consultations with Supervisory Authorities which Customer reasonably considers to be required of it by Data Protection Laws, in each case solely in relation to Processing of Personal Data by, and taking into account the nature of the Processing by, and information available to, Nexudus.
12. DATA SUBJECT REQUESTS
12.1. Nexudus shall, upon Customer’s reasonable written request, provide Customer with such assistance as may be reasonably necessary and technically possible in the circumstances to assist Customer in fulfilling its obligation to respond to Data Subject Requests.
12.2. Upon receipt of any Data Subject Request that relates to Personal Data that Nexudus Processes for Customer, Nexudus shall promptly notify Customer and not respond to such Data Subject Request except on the written instructions of Customer.
12.3. Customer is solely responsible for responding to Data Subject Requests. Nexudus’ notification of or response to a Data Subject Request under this Paragraph is not an acknowledgement by Nexudus of any fault or liability with respect to the Data Subject Requests.
13. PERSONAL DATA BREACHES
13.1. If Nexudus becomes aware of any actual Personal Data Breach affecting Personal Data that Nexudus Processes for Customer, Nexudus shall: (i) notify Customer of such Personal Data Breach without undue delay; and (ii) take reasonable steps to mitigate the effects of the Personal Data Breach. The notification shall at least:
(a) describe the nature of the Personal Data Breach including, where possible, the categories and approximate number of Data Subjects concerned and the categories and approximate number of Personal Data records concerned;
(b) communicate the name and contact details of the data protection officer or other contact point at Nexudus where more information can be obtained;
(c) describe the likely consequences of the Personal Data Breach; and
(d) describe the measures taken or proposed to be taken by Nexudus to address the Personal Data Breach, including, where appropriate, measures to mitigate its possible adverse effects.
13.2. Customer is solely responsible for complying with data breach notification laws applicable to Customer and fulfilling any third-party notification obligations related to any Personal Data Breach. Nexudus’ notification of, or response to, a Personal Data Breach under this Paragraph is not an acknowledgement by Nexudus of any fault or liability with respect to the Personal Data Breach.
14. DEMONSTRATION OF COMPLIANCE
14.1. Nexudus shall, upon Customer’s reasonable written request, make available to Customer all information reasonably necessary to demonstrate Nexudus’ compliance with the obligations set out in this DPA in relation to Personal Data that Nexudus Processes for Customer. Nexudus and Customer may use current certifications or other existing audit reports to minimise repetitive audits.
14.2. If Customer (acting reasonably and in good faith) considers that the information provided in accordance with Paragraph 14.1 is not sufficient to demonstrate Nexudus’ compliance with the obligations set out in this DPA, or where otherwise required by Data Protection Laws, Customer may (at its cost) perform on-site audits at the Nexudus processing facility (or facilities) that provides the Services to Customer, subject to the following:
(a) on-site audits may only be carried out once per calendar year, unless a Supervisory Authority having jurisdiction over Customer expressly requires more frequent audits (in which case the request for audit shall detail the applicable requirements under which the Supervisory Authority requires the audit and/or information from Customer, including details of the relevant regulation or regulatory obligation which necessitates such request);
(b) requests for on-site audit visits shall be made in writing by Customer at least sixty (60) days in advance (unless shorter notice is given by the Supervisory Authority or specifically required by the relevant regulatory obligation, in which case Customer will give as much advance notice as is possible in the circumstances and provide the reasoning for the shorter notice), and shall specify the scope of the information sought and the specific purpose of the audit;
(c) on-site audits will be limited to a review of Nexudus’ compliance with this DPA;
(d) on-site audits shall be conducted during normal business hours for the facility and shall be coordinated with Nexudus so as to cause minimal disruption to Nexudus’ business operations;
(e) on-site audits must be reasonable in scope and duration, shall not last more than two (2) Business Days;
(f) on-site audits shall be performed by Customer’s employees and/or a reputable third-party auditor agreed to by both Parties, it being understood that Customer (and its representatives) shall at all times be bound by the confidentiality provisions of the Terms of Service and shall be accompanied by a representative of Nexudus;
(g) Nexudus may require on-site audits to be conducted remotely if necessary for health and safety reasons;
(h) except as prohibited by applicable laws or the relevant Supervisory Authority, Nexudus shall receive and be entitled to comment on any report prepared by or on behalf of Customer prior to that report being published or disseminated (such report to be Nexudus Confidential Information except to the extent it relates to the business or affairs of Customer, which information will be Customer Confidential Information), which publication or dissemination shall be done only pursuant to the confidentiality provisions of the Terms of Service;
(i) when performing audits in multi-client environments, care should be taken to ensure that risks to another client’s environment (e.g. impact on service levels, availability of data, confidentiality aspects) are avoided or mitigated;
(j) Nexudus does not allow any form of direct security testing initiated by Customer or on behalf of Customer, including but not limited to, vulnerability scanning, penetration testing, application code scanning, dynamic testing, installation of audit software, direct access to systems, or ethical hacking of Nexudus systems, applications, databases, or networks, except as may otherwise be agreed by Nexudus’ Chief Information Security Officer and/or designee in writing and signed by both Parties; and
(k) Nexudus will not acknowledge any results from any form of security testing that is not performed by Nexudus. Nexudus will provide Customer and any Supervisory Authority with access to a summary of its annual vulnerability assessment findings in accordance with the section ‘Patch and Vulnerability Management’ in the Security Statement.
15. REIMBURSEMENT
Customer shall reimburse Nexudus for any costs reasonably incurred by Nexudus in performing its obligations under Paragraphs 11 to 14, in each case except to the extent that such costs were incurred as a result of any breach by Nexudus of its obligations under this DPA.
Attachment 1
Details of Processing
Nexudus’ activities
Nexudus offers a web-based software-as-a-service white-label platform to manage your coworking and flex workspace.
Subject matter and duration of the Processing of Personal Data
The subject matter and duration of the Processing of the Personal Data are set out in the DPA.
The nature and purpose of the Processing of Personal Data
Nexudus will process the Personal Data to deliver the Services.
The types of Personal Data to be Processed
Nexudus may process Personal Data of the following categories:
- Identification data (e.g. name, date of birth)
- Identification documents (e.g. passport, identity card)
- Contact data (e.g. email address, postal address)
- Any other Personal Data that Customer or any Authorised User chooses to upload to the Nexudus Platform (including via features of the Nexudus Platform e.g. messaging features).
Customer acknowledges that the Nexudus Platform has not been designed to process or manage special categories of personal data (as defined in the GDPR) or information of a similarly sensitive character regulated by applicable Data Protection Laws, and accordingly Customer shall ensure that any Personal Data uploaded to the Nexudus Platform does not contain such information, including Personal Data of children under 16 years of age. Nexudus will not have, and specifically disclaims any, liability that may result from Customer or any Authorised User collecting, processing or managing special categories of personal data via the Nexudus Platform.
The categories of Data Subjects to whom the Personal Data relates
Nexudus may process Personal Data from Data Subjects of the following categories:
- Customer’s and Customer Affiliates’ customers / users
- Customer’s and Customer Affiliates’ prospective customers / users
- Visitors to Customer’s and Customer Affiliates’ premises
Any other Data Subjects referenced in any content uploaded by Customer or any Authorised User to the Nexudus Platform.
Authorised Subprocessors
Customer authorises Nexudus to appoint the Subprocessors listed at https://help.nexudus.com/docs/subprocessors.
Data retention
Nexudus will delete the Personal Data from its systems on expiry or termination of the Services in accordance with Paragraph 10 of the DPA.