Prove Anything Master Subscription Agreement (MSA)

This Agreement is made on (the “MSA Start Date”) as identified in the sign-up process.

Between:

Prove Anything Limited, a company registered in England, with company number 13472800, whose registered office is at 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ (“Prove Anything”, “we”, “us”, “their”, “its” or “our”); and
The organisation as identified in the sign-up process.

Each of Customer and Prove Anything is a “Party” and together, are the “Parties.”

1. Definitions.

1.1 In this Agreement, unless the context otherwise requires, the following words have the following meanings:

“Affiliate” of a Party means any Person which, during the Term, is a subsidiary or sister company, or representative of that Party in which the relevant party, directly or indirectly, owns more than 50% of the shares or is under common control.

“Agreement” means each Statement of Work or Order Form (including those agreed to in Clause 10.2) together with this Master Subscription Agreement (MSA) and any schedules, appendices and documents referenced in this Agreement.

“Applicable Law” means, where applicable to a Party and relevant to this Agreement, any and all (a) legislation, laws, statutes, decisions, rulings, codes, government policies, regulations, by-laws or licensing conditions (including Data Protection Laws); and (b) mandatory industry requirements and regulations, binding codes of practice, and decisions and directions of any relevant governmental or regulatory, co-regulatory or self-regulatory authority or agency of competent jurisdiction.

“Confidential Information” means all information disclosed by a Party (the “Disclosing Party”) to the other Party (the “Receiving Party”), whether orally or in writing, if designated as confidential, that reasonably should be understood to be confidential given the nature of the information and the circumstances surrounding the disclosure. Confidential Information does not include any information that: (i) is or becomes generally known to the public, other than due to Receiving Party’s breach of this Agreement; (ii) was rightfully known to the Receiving Party before obtaining it from the Disclosing Party; (iii) is received from a third party without breach of any obligation owed to the Disclosing Party; or (iv) was independently developed by the Receiving Party without use of the Disclosing Party’s Confidential Information and for which the Receiving Party can provide documentary evidence created at the same time as the development that verifies the development was independent.

“Customer Data” means any data submitted or uploaded by Users or End Users to the Prove Anything Service under the Customer’s accounts and any Customer Personal Data.

“Customer Personal Data” means all Personal Data processed by Prove Anything and its Affiliates on behalf of the Customer under or in connection with this Agreement.

“Data Protection Laws” means any laws and regulations relating to privacy or the use or processing of data to ensure the parties’ compliance with Article 28(3) of the General Data Protection Regulation (“GDPR”) 2016/679 of the European Parliament and of the Council of 25th May 2018 on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation). Data Protection Act 2018 (the “DPA”) and the Privacy and Electronic Communication (EC Directive) Regulations 2016 (SI 2016/524 and SI 2016/1177; and (b) any laws or regulations ratifying, implementing, adopting, supplementing, or replacing GDPR. In this Agreement, unless the context otherwise requires, “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data”, “process”, “processing”, “transfer” (in the context of Personal Data transfers) and “appropriate technical and organisational measures” shall have the meanings and otherwise be interpreted in accordance the GDPR.

“Documentation” means the standard user instruction materials describing the use and operation of the Prove Anything Service that are provided in the Prove Anything Service’s “Help” files, together with any standard specification documents describing the nature and functionality of the Services (including any document describing Prove Anything Service Plans) which Prove Anything may issue to its customers and modify from time to time.

“End User” means any end-users that utilise your implementation of the Prove Anything Service.

“Fees” means the fees for the Services set out in an Order Form.

“Force Majeure” means any cause, preventing either Party from performing any or all of its obligations, which is beyond the reasonable control of the Party so prevented and which may include nationwide strikes, lock-outs or other industrial disputes, nuclear accident or acts of God, war or terrorist activity, riot, civil commotion, malicious damage, compliance with any new Applicable Law or change in Applicable Law, breakdown of plant or machinery, internet delays or failures or connectivity issues, fire, flood, storm or default of suppliers or third party service provider (but only where such supplier or third party service provider default is itself attributable to force majeure as set out here) and any other acts, events, omissions or accidents.

“Group Company” means in relation to a Party, a company that directly or indirectly controls, is controlled by, or is under common control with any subsidiary or holding company of that Party.

“Implementation Services” means any implementation of the Prove Anything Service for the Customer, as detailed and agreed in an Order Form or Statement of Work.

“Intellectual Property Rights“ means: (i) patents; (ii) copyrights, moral rights, works of authorship (including copyrights in computer software), and rights in data and databases, design rights (whether registered or unregistered); (iii) trademarks, service marks, internet domain names, trade dress, and trade names, together with all associated goodwill; (iv) registrations, applications, renewals and extensions for any of the items in (i)-(iii); (v) know-how and trade secrets; and (vi) rights of privacy and publicity, as well as other forms of protection of a similar nature anywhere in the world whether or not registered or registerable.

“Licence Administrators” means those Users you designate who are authorised to purchase Subscriptions by executing Order Forms and to create User accounts and otherwise administer your use of the Prove Anything Service.

“Live Date” means the date on which you agree that the Implementation Services have been completed in all material respects and the Prove Anything Service is able to accept product data and present product data to end users using Product Tree and/or Product Wallet.

“Order Form” means the form evidencing the initial Subscriptions for the Services executed by the Parties and any subsequently executed order forms, each specifying the number of User licences (if applicable) and other services contracted for, applicable fees, billing periods, and other charges as agreed by the Parties.

“Person” means any: (i) individual; or (ii) partnership, firm, corporation, limited liability company, joint venture, association, trust, unincorporated organisation, or other legal entity or organisation.

“Professional and Software Implementation Services” means any services other than the Prove Anything Service as detailed and agreed in an Order Form and as covered in our Professional Services Agreement

“Proprietary Software” means the Prove Anything platform and software packages made available by Prove Anything Limited.

“Prove Anything Materials” means the Services, Prove Anything Technology, and any information, Documentation, software, products, and services contained in or made available to you by Prove Anything on while providing the Services.

“Prove Anything Technology” means any software development kits, application programming interfaces, and underlying proprietary technology, including software, hardware, user interfaces, algorithms, and processes which Prove Anything makes available to you while providing the Prove Anything Service.

“Prove Anything Service” means Prove Anything’s Product Wallet and Product Tree Service (together with any Service Plan), and related services accessible at a web site or IP address designated by Prove Anything, or ancillary services rendered to you by Prove Anything, to which you are being granted access under this Agreement excluding the Implementation Services and any Professional Services.

“Renewal Term” has the meaning set out in each Order Form.

“Services” means the services to which you have subscribed as set out in an Order Form and which may include Implementation Services, Professional Services, and the Prove Anything Service.

“Service Plan” means the Service Plan you have elected to receive in respect of the Prove Anything Service, as set out in the Order Form and described in the Documentation from time to time.

“Statement of Work” means a document describing in detail how the Services will be carried out including, but not limited to, the responsibilities of the Parties and the timelines.

“Sub-Processor” means a third-party service provider, Group Company or Affiliate appointed by Prove Anything to process Customer Personal Data.

“Subscription” means each Subscription for a Service as set out in the Order Form.

“Subscription Term” means the period between the dates indicated in the Order Form as the ‘Subscription Start Date’ and the ‘Subscription End Date’ for the relevant Subscription.

“Term” means all Subscription Terms together with all Renewal Terms (if applicable).

“Users” means your employees, representatives, consultants, contractors, and agents authorised to use the Prove Anything Service and who have been supplied user identifications and passwords by you (or Prove Anything at your request).

2. Term.

2.1 Framework Agreement. This Agreement shall govern all Order Forms. This Agreement shall commence on the MSA Start Date and shall, unless terminated in accordance with its express terms, continue until the expiry of the last Subscription as set out in the final Order Form between the Parties.

2.2 Services. Each Subscription shall commence on the Subscription Start Date and shall, unless terminated in accordance with the express terms of the relevant Order Form, continue for the Subscription Term and any applicable Renewal Term, as set out in the Order Form.

2.3 Each Subscription shall renew for the Renewal Term, unless either Party notifies the other Party of its election not to renew, as provided in Clause 2.4. If no Renewal Term is set out in an Order Form, then the Subscription will terminate upon the expiry of the Subscription Term or the current Renewal Term.

2.4 Election not to Renew. You may elect not to renew a Subscription by notifying us in writing at least 30 days prior to the expiration of the applicable Subscription Term or then-current Renewal Term. We may elect not to renew a Subscription by notifying you in writing at least 90 days prior to the expiration of the applicable Subscription Term or then-current Renewal Term. Where either Party elects to renew only part of an Order Form, Prove Anything may re-issue an Order Form to reflect the changes to the Services.

2.5 Termination of this Agreement shall terminate all Subscriptions in effect under this Agreement, but termination of any Subscriptions shall not affect any other Subscription.

3. Prove Anything Responsibilities.

3.1 Prove Anything, during the relevant Term, shall make the Services available to you:

(a) in accordance with the applicable Order Form;

(b) in accordance with the Service Level Agreement set out in Appendix A (Service Level Agreement).

3.2 You acknowledge and agree that the Service Credits ((as defined in Appendix A (Service Level Agreement)) and termination provision specified in Appendix A (Service Level Agreement) are your sole and exclusive remedies and our sole and exclusive liabilities for any Service Level Failure ((as defined in Appendix A (Service Level Agreement)) of the Prove Anything Service.

3.3 You acknowledge and agree that Prove Anything relies on its Group Companies, Affiliates, and third-party service providers, to provide its Services and Products to you, and that as such we may share and give them access to your Customer and Personal Data to supply the services and products to you under this Agreement. You further acknowledge and agree that such parties may be based in different jurisdictions and shall have access to Customer Data and Personal Data in those jurisdictions.

Full details can be found:

On our website www.Prove Anything .co.uk/legals in our:
- Information Security document
- Privacy Policy

We reserve the right to change the above policies and documents and their location from time to time. It is therefore important to check our website regularly. Last updated dates will be clearly shown.

In the appendices to the agreement including:
- Data Protection
- Data Processing Activities

We reserve the right to change this Agreement including any appendices contained within and their location from time to time. It is therefore important to check our website regularly. Last updated dates will be clearly shown.

3.4 We shall remain liable for the acts and omission of any third party engaged by it in the provision of the Services, and our dealings with Sub-Processors and transfers of Customer and Personal Data are governed by the Appendix B(1) Data Protection, the Appendix B(2) Data Processing Activities and our Information Security document and Privacy Policy which can be downloaded by going to www.Prove Anything .co.uk/legals

4. Licence

4.1 Subject to the terms of this Agreement, we hereby grant you a non-exclusive, non-transferable, non-sub licensable, revocable (in accordance with Clause 12), worldwide right to: (a) access and use the Prove Anything Service solely for your own internal business purposes during the Term under the Subscriptions set out in an Order Form; and (b) use: (i) any Prove Anything Technology provided to you from time to time; and (ii) any Documentation, in each case of (b)(i) and (ii), solely in connection with your access and use of the Prove Anything Service. Users and End Users (including those of your Affiliates) may access and use the Prove Anything Materials solely for the purposes described in this Clause 4.2. You shall ensure that Users comply with your obligations under this Agreement, and you are responsible for the use and misuse of the Prove Anything Service and Materials by your Users and End Users. A breach by any of your Affiliates or Users of this Agreement will be deemed a breach by you of this Agreement.

4.2 We reserve all rights in and to the Prove Anything Materials not expressly granted to you in this Clause 4. You acknowledge that as between you and Prove Anything is and will be the exclusive owner of all right, title, and interest in and to the Prove Anything Materials, including all Intellectual Property Rights.

4.3 From time to time, you may provide to us (either on your own accord or at our request) feedback, analysis, suggestions, and comments (including bug reports, test results, and design suggestions or ideas) related to the Services (collectively, “Feedback”). As between you and Prove Anything, all right, title, and interest in and to any such Feedback will be owned by Prove Anything. You agree that we will have the perpetual, irrevocable, and worldwide right to use, modify, licence, sublicense, and otherwise exploit all or part of the Feedback or any derivative of it in any manner or media now known or later devised without any remuneration, compensation, or credit to you.

4.4 We may from time to time, in our sole discretion, make changes to the Prove Anything Materials we deem necessary or reasonable to:

(a) maintain or enhance the quality or delivery of the Prove Anything Service to its customers; or

(b) to comply with Applicable Law.

5. Restrictions.

5.1 Except to the extent expressly stated otherwise in this Agreement, you shall not:

(a) alter, adapt, reproduce, modify, create derivative works based on, reverse engineer, decompile, reverse compile, reverse assemble, translate, or disassemble all or any portion of the Prove Anything Materials;

(b) licence, sublicense, sell, lease, transfer, distribute, disclose, or otherwise commercially exploit or make available to any Person the Prove Anything Materials (including use of the Prove Anything Service to a service bureau, or similar business);

(c) access or use the Prove Anything Materials to create, market, or distribute a competitive product or service or otherwise conduct a competitive analysis;

(d) build a product using similar ideas, features, functions or graphics of the Prove Anything Materials other than for internal use within your business and by your employees and Affiliates only, and subject always to Clause 9 (Intellectual Property Rights);

(e) copy any ideas, features, functions, or graphics of the Prove Anything Materials;

(f) enter into any agreement with, or make any representation to, any other Person that conflicts with, results in any breach of, or constitutes a default under, this Agreement;

(g) remove, alter, or obscure any Intellectual Property Rights notice or other restrictive notice or legend contained or included in or on any Prove Anything Materials;

(h) contest, challenge, or otherwise make any claim or take any action adverse to Prove Anything’s ownership of, or interest in, the Prove Anything Materials, including the Intellectual Property Rights in and to them;

(i) bypass or breach any security device or protection used by the Prove Anything Materials or access or use the Prove Anything Materials other than in accordance with the terms of this Agreement;

(j) input, upload, transmit, or otherwise provide material in or through the Prove Anything Services that are unlawful, obscene, infringing, or that contain viruses, worms, Trojan horses, or other harmful or malicious computer code, files, scripts, agents, or programs;

(k) attempt to gain unauthorised access to the Prove Anything Services or our systems or networks; or

(l) interfere with or disrupt the integrity or performance of the Prove Anything Services or the data contained in them.

6. Your Responsibilities

6.1 You shall:

(a) provide Prove Anything with: (i) all necessary cooperation in relation to this Agreement; and (ii) all necessary access to such information as may be required by us to provide the Services, including Customer Data, security access information and network information;

(b) carry out all your responsibilities under this Agreement in a timely and efficient manner;

(c) obtain and maintain all necessary licences, consents, and permissions necessary for Prove Anything, its contractors, and agents to perform their obligations under this Agreement; and

(d) ensure that your network and systems comply with the relevant specifications provided by Prove Anything from time to time.

6.2 ensure that Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing.

6.3 In the event of any known or suspected unauthorised use of any User account, or of the Prove Anything Service, or any other known or suspected breach of security, you shall: (i) report such use to us immediately; (ii) use reasonable efforts to stop immediately any copying or distribution of Prove Anything Materials; and (iii) not impersonate another User or provide false information to gain access to or use any Prove Anything Materials.

6.4 In relation to the Users:

(a) where a maximum number of Users is set out in an Order Form, you shall ensure that the number of actual Users you authorise to access and use the Prove Anything Service and the Documentation does not exceed the maximum number of Users set out in the Order Form;

(b) you will not allow any User login to be used by more than one individual User unless it has been reassigned in its entirety to another individual User, in which case the prior User shall no longer have any right to access or use the Prove Anything Materials;

(c) where we reasonably consider you have provided access to the Prove Anything Service to any individual who is not a User, then without prejudice to Prove Anything other rights, we may suspend such User’s access and you shall promptly disable such passwords and we will not issue any new passwords to any such individual; and

(d) where we can demonstrate you have underpaid any Fees due to us then, without prejudice to our other rights, you shall pay us an amount equal to such underpayment as calculated in accordance with the prices set out in an Order Form within 10 days of the date of the request by us.

6.5 The Prove Anything Service may offer you the ability to communicate with others by sending messages, including email and text messages. You will not use any of the Prove Anything Materials for any purpose which is illegal, unlawful, offensive, discriminatory, harassing, likely to bring any of our software or services into disrepute or cause them to be blacklisted, for spamming, or in any other way or for any other purpose which is, in our reasonable opinion, undesirable. You will only send messages to people who have given you their express consent to receive such messages. You are exclusively responsible for all communications sent using the Prove Anything Service, including all fees and charges associated with such messages, and any liability that may arise from such communications. You shall comply with your internal policies concerning the use and disclosure of personal information and all Applicable Laws.

7. Insurance

7.1 Prove Anything shall maintain in force insurance policies of the types and the amounts as specified to adequately cover its relevant potential liabilities in connection with this Agreement.

7.2 Prove Anything shall, during the term of this Agreement, and for a period of one year after its expiry or termination:

(a) do nothing to invalidate any insurance policy or to prejudice the Customer’s entitlement under those policies; and

(b) procure that the terms of such policies are not altered in such a way as to diminish the benefit of the policies for the Customer which are provided as at the MSA Start Date.

8. Customer Data.

8.1 You, not Prove Anything, have sole responsibility for the entry, deletion, correction, accuracy, quality, integrity, legality, reliability, appropriateness, and right to use the Customer Data.

8.2 We are not responsible for any of the foregoing or for any destruction, damage, loss, or failure to store any Customer Data beyond its reasonable control or resulting from any failure in data transmission or operation of the Prove Anything Service by you.

8.3 If we process any Personal Data on your behalf when performing its obligations under this Agreement, the Parties acknowledge that you shall be the Data Controller and we shall be a Data Processor and in any such case:

(a) you shall ensure that you are entitled to transfer the relevant Customer Personal Data to us so they may lawfully use, process, and transfer the Customer Personal Data in accordance with this Agreement on your behalf;

(b) you shall ensure the relevant third parties have been informed of, and have given their consent to, such use, processing, and transfer as required by all applicable Data Protection Laws;

(c) each Party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction, or damage; and

(d) notwithstanding any other provision of this Agreement, but subject always to Appendix B(1) Data Protection and B(2) Data Processing Activities, nothing shall prevent us from disclosing Customer Personal Data or Customer Data to their Group Companies, Affiliates and third party service providers as necessary to provide the Services in accordance with clause 3, and otherwise in order to comply with Applicable Law or at the request of a governmental, regulatory or supervisory authority.

8.4 From the MSA Start Date the Parties shall comply with Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities

8.5 ensure Customer Data and Personal Data deemed as a special category of Data under GDPR is not given to us in any form unless pre-agreed by us in writing.

8.6 You are solely responsible and liable for any transfer of Customer Data made by you (or made by us at your request) from the Prove Anything Service to a third party and for ensuring that such transfer is in compliance with the Parties’ obligations under the Data Protection Laws.

9. Intellectual Property Rights.

9.1 As between Prove Anything and you:

(a) We own all right, title and interest, including all related Intellectual Property Rights, in and to the Prove Anything Materials and Feedback;

(b) you own all right, title and interest, including all related Intellectual Property Rights, in and to the Customer Data.

9.2 You grant to us a worldwide, royalty free licence to access, use, transmit and disclose the Customer Data for the limited purpose of Prove Anything providing, and supporting your use of, the Services.

10. Payment of Fees

10.1 You shall pay all Fees and charges for the Services in accordance with the terms contained in the applicable Order Form. Except as set out in Clauses 12.3, 12.5 and 14.65, Fees are non-refundable. You are responsible for paying the Fees for all Subscriptions specified in an Order Form, whether or not such Subscriptions are used. Fees are fixed during the Subscription Term. Prove Anything may increase the Fees for any Renewal Term by providing written notice to you (including by e-mail) at least 30 days prior to the commencement of the then current Renewal Term.

10.2 Your designated Licence Administrators may add Subscriptions by executing an additional Order Form online or in hardcopy form. Added Subscriptions will be subject to the following: (a) added Subscriptions for a particular Service will be coterminous with the applicable original Subscription Term for that Service; (b) the Fees for the added Subscriptions will be the same as the Fee applicable to your then-existing Subscription under the applicable original Order Form, prorated for the remainder of the Subscription Term or Renewal Term (as applicable); and (c) Subscriptions added in the middle of a billing month will be charged in full for that billing month.

10.3 Unless otherwise specified in an Order Form, all Fees must be paid in pounds sterling (GBP) and are not subject to any deductions, credits, or other setoffs.

10.4 You shall provide us with complete and accurate billing and contact information and shall update this information within 30 days of any change to it.

10.5 If you wish to dispute any Fees contained in any invoice, you must notify us in writing prior to the date payment of such invoice is due or the invoice will be deemed correct, and you waive your right to dispute it. Where you dispute any invoice, you shall pay any undisputed amounts in accordance with the terms of this Agreement.

10.6 All amounts payable by you under this Agreement are exclusive of taxes and similar assessments. As between the Parties, you are responsible for all sales, use, and excise taxes, and any other similar taxes, duties, and charges of any kind imposed by any governmental or regulatory authority on any amounts payable by you hereunder, other than any taxes imposed on our income.

10.7 You shall pay each invoice submitted to you by us within 30 days from the date of the invoice, unless otherwise stated in the applicable Order Form, to a bank account nominated in writing by Prove Anything from time to time.

10.8 If you fail to pay any invoice when due, you shall pay interest on the overdue amount at the rate of 5% per annum above the Bank of England base rate from time to time. Such interest shall accrue daily from the due date until actual payment of the overdue amount, whether before or after judgement. You shall pay the interest together with the overdue amount.

11. Suspension.

11.1 We may suspend you or a User’s use of the Prove Anything Service if:

(a) we determine in our reasonable discretion that you or any User is in breach of any provision of this Agreement;

(b) your use of the Services is causing material harm to Prove Anything or our customers; and/or

11.2 We will use commercially reasonable efforts to notify you in advance of any such suspension, and in any event within 24 hours following any such suspension. We will use commercially reasonable efforts to limit the suspension to the offending Users or portion of the Service where applicable. You shall assist us in denying access to any User we identify as being unauthorised.

11.3 Reinstatement of the Services will occur upon proven compliance with this Agreement (in Prove Anything’s reasonable opinion). Any suspension will not relieve you of your obligation to pay any Fees during such suspension.

12. Termination.

12.1 A Party may terminate this Agreement in its entirety or in relation to a specific Subscription with immediate effect at any time by providing written notice of termination to the other if the other Party:

(a) commits a material breach of this Agreement, and the breach continues unremedied for a period of 30 days (or 15 days where the breach relates to Prove Anything’s Intellectual Property Rights) after receiving notice describing the nature of the breach. You acknowledge that your failure to pay any Fees promptly when due is a material breach. A material breach of an Order Form by a Party shall not entitle the other Party to terminate the Agreement, only the applicable Order Form;

(b) commits a material breach of this Agreement which is incapable of remedy;

(i) is unable, deemed or declared to be unable, or admits to an inability, to pay its debts as they fall due;

(ii) suspends, or threatens to suspend making payments on any of its debts by reason of actual or anticipated financial difficulties or commences negotiations with any of its creditors;

(iii) becomes insolvent or unable to pay its debts as they mature;

(iv) makes an assignment for the benefit of its creditors;

(v) is dissolved or liquidated, or takes any corporate action for those purposes;

(vi) has a receiver, trustee, custodian, or similar agent appointed by order of any court of competent jurisdiction to take charge of or sell any material portion of its property or business;

(vii) seeks relief or if proceedings are commenced against that other Party, or on its behalf, under any bankruptcy, insolvency, or debtors’ relief law and those proceedings have not been fully stayed within seven days or vacated or set aside within 30 days after the commencement of those proceedings; or

(viii) any event occurs, or proceeding is taken with respect to the other Party in any jurisdiction to which it is subject that has an effect equivalent or similar to any of the events mentioned in this Clause 12.1(c).

12.2 Subject to Clause 12.5(b), you may terminate this Agreement by giving 30 days’ prior written notice to Prove Anything.

12.3 We may terminate this Agreement by giving 90 days’ prior written notice to the Customer at any time, provided we refund to you any Fees paid in advance in respect of any unexpired portion the relevant Subscription Term(s) or current Renewal Term(s) as at the effective date of termination.

12.4 Upon any termination of this Agreement in its entirety or in relation to a specific Order Form or Subscription: (i) all rights and licences granted to you under this Agreement or the terminated Order Form or Subscription (as applicable) shall terminate, and you shall promptly cease exercising those rights and licences; (ii) you shall take all actions necessary or appropriate to destroy or return to us all copies of the Prove Anything Materials in your or your Users’ possession relating to the Agreement or Order Form or Subscription (as applicable); and (iii) you shall promptly pay to us any amounts due under this Agreement or the terminated Subscription or Order Form (as applicable).

12.5 Upon any termination by:

(a) we in accordance with Clauses 12.1(a) or 12.1(b), shall issue to you a pro-rata refund for payment previously received by us in relation to the affected Order Forms or Subscriptions corresponding to any period after the effective date of such termination;

(b) you in accordance with Clause 12.1 (a), 12.1 (b) or 12.2 shall pay to us any unpaid Fees covering the remainder of the applicable Term(s); and

12.6 In no event will any termination relieve you of the obligation to pay any Fees payable to us for the period prior to the effective date of termination.

12.7 Upon your request, which must be tendered at the time of termination and subject to your payment of all outstanding Fees, we will, within 30 days following the termination of this Agreement in its entirety or in relation to a specific Order Form or Subscription, make available to you a file of the Customer Data in our possession at such time relating to the Agreement, Order Form or Subscription (as applicable). You acknowledge that we have no obligation to retain, and we may destroy at our discretion, Customer Data more than 30 days after termination of this Agreement, Order Form or Subscription.

12.8 Clauses 4.3, 5, 9, 10, 12.5, 12.8, 13, 14, 16, 18, and 20 survive any termination of this Agreement.

13. Representations & Warranties.

13.1 Each Party represents and warrants that it has the legal power and authority to enter into this Agreement.

13.2 Prove Anything represents and warrants that: (a) the Prove Anything Service will perform substantially in accordance with the Documentation under normal use and circumstances; (b) it will perform the Services with reasonable skill and care; (c) it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this Agreement; and (d) it will use commercially reasonable efforts to detect and remove or neutralise viruses or other malicious code introduced into the Prove Anything Service that could have an adverse effect on your use of the Prove Anything Service. In the event Prove Anything breaches any of the foregoing representations and warranties, your sole and exclusive remedy, and Prove Anything sole liability, will be for Prove Anything to remedy the non-performance or non-compliance of the Prove Anything Service and/or remove or neutralise the virus or malicious code. If, despite its exercise of commercially reasonable efforts, Prove Anything is unable to remedy the non-performance or non-compliance of the Prove Anything Service or remove or neutralise the virus or malicious code, then you may terminate this Agreement for cause in accordance with Clause 12.1.

13.3 You represent and warrant that you have and will maintain all necessary licences, consents, and permissions necessary to provide the Customer Data to Prove Anything and for us to store and process the Customer Data in accordance with the terms of this Agreement.

13.4 Except for the express warranties set out in Clauses 13.1 and 13.2, the Prove Anything Materials are provided “as is” and we hereby disclaim all warranties, whether express, implied, statutory, or other, and we specifically disclaim all implied warranties of merchantability, fitness for a particular purpose, satisfactory quality, title, and non-infringement, and all warranties arising from course of dealing, usage, or trade practice. We make no warranty of any kind that the Prove Anything Materials, or any products or results or the use of them, will meet your or any other person’s requirements, operate without interruption, achieve any intended result, be compatible or work with any software, system, or other services, or be secure, accurate, complete, free of harmful code or viruses, or error free.

14. Indemnification.

14.1 Subject to Clause 14.3, we shall indemnify and defend you from and against all claims, actions, proceedings, losses, damages, expenses and costs (including court costs and reasonable legal fees) (collectively, “Losses”) arising out of or in connection with any third party claim that any of the Prove Anything Materials, as provided by us to you, infringe the Intellectual Property Rights of that third party (each, an “IP Claim”).

14.2 You shall indemnify and defend our Affiliates, and their officers, directors, shareholders, employees, contractors, licensors, attorneys, and agents (the “Prove Anything Indemnified Parties”) from and against any and all Losses arising out of or in connection with a claim by a third party arising out of or in connection with: (i) your, your Users’ or your End Users’ access to or use of any Prove Anything Materials not in accordance with this Agreement; (ii) Prove Anything’s use of any Customer Data in accordance with this Agreement; or (iii) any IP Claim to the extent it is a Customer IP Claim (as defined below).

14.3 Prove Anything will have no obligation to indemnify or defend you for any IP Claim to the extent arising out of or in connection with: (i) your use of the Prove Anything Materials in combination with other materials, software, Intellectual Property Rights, services, technology or processes not provided or approved by us, where there would be no basis for such IP Claim but for the combination; (ii) a modification, improvement, or enhancement of, or creation of any derivative work based on, the Prove Anything Service by anyone other than us; (iii) your breach of this Agreement or use of the Prove Anything Materials other than as expressly permitted under this Agreement; (iv) Services performed in accordance with specifications or requirements mandated by you; or (v) your failure to implement a Work-Around (as defined in Appendix A (Service Level Agreement), release, update, or other modification to or for the Prove Anything Materials as provided or directed by us (the IP Claims described in (i)-(v) being the “Customer IP Claims”).

14.4 In the defence, settlement or avoidance of any IP Claim, and in addition to but not in lieu of any other obligation set out in this Clause 14, we may, at our option and (subject to your obligations under Clause 14.2) expense: (i) replace or modify any allegedly infringing Prove Anything Materials with non-infringing items and/or services that are reasonably comparable to the Prove Anything Materials being replaced; and/or (ii) obtain a licence for you to continue using and receiving any of the allegedly infringing Prove Anything Materials.

14.5 If we determine in our good faith business judgement the remedies set out in Clauses 14.4 (i) and (ii) are not available on commercially reasonable terms we shall notify you and either Party may immediately terminate the applicable Subscription, Order Form or this Agreement. Upon the receipt of such notice, you shall stop using and return to us all allegedly infringing Prove Anything Materials. We may stop performing all allegedly infringing Services and, in such circumstances, shall refund any monies paid by you for the infringing components of the Prove Anything Materials less a reasonable allowance for the period of time you used or received such components.

14.6 Each Party seeking indemnification under this Agreement (each an “Indemnified Party”) will give prompt notice to the other Party (the “Indemnitor”) of any demand for indemnification that is based on a claim asserted by any Person other than the Indemnitor (a “Claim”), as well as copies of any papers served on the Indemnified Party relating to that Claim, but the Indemnified Party’s failure to provide or delay in providing that notice or those copies will not release the Indemnitor from its obligations under this Clause 14, except to the extent the failure or delay materially prejudices the Indemnitor. The Indemnitor has the exclusive right to conduct the defence of any Claim and any negotiations for its settlement, except that: (i) the Indemnitor may not bind any Prove Anything Indemnified Party or Customer (as applicable), to any agreement, or otherwise prejudice or impair the rights of any Prove Anything Indemnified Party or Customer (as applicable), without the Indemnified Party’s prior written consent, which the Indemnified Party may not unreasonably withhold or delay; (ii) the Indemnified Party will assist the Indemnitor in its defence of any Claim, at the Indemnitor’s request and expense; (iii) the Indemnified Party may participate at its expense in Indemnitor’s defence of or settlement negotiations for any Claim with counsel of the Indemnified Party’s own selection; and (iv) the Indemnified Party may, at its option and the Indemnitor’s expense, and on notice to the Indemnitor, conduct the defence of and any settlement negotiations for any Claim in place of the Indemnitor if the Indemnitor fails to promptly defend the Claim as required in this Clause 14. At the Indemnified Party’s request and the Indemnitor’s expense, and in addition to the Indemnitor’s other obligations under this Agreement, the Indemnitor shall assist the Indemnified Party with the defence of any Claim for which the Indemnified Party conducts the defence under this Clause 14.6.

14.7 You acknowledge that this Clause 14 states Prove Anything entire responsibility and liability and your sole and exclusive remedy for any actual or alleged infringement of third-party Intellectual Property Rights in connection with this Agreement.

15. Force Majeure and Internet Delays.

15.1 If either Party is prevented from performing any of its obligations under this Agreement by Force Majeure, that Party shall as soon as reasonably possible serve notice in writing on the other Party specifying the nature and extent of the circumstances giving rise to Force Majeure. The Party so prevented shall, subject to service of such notice, have no liability in respect of any delay in performance or any non-performance of any such obligation save for any payment obligation which shall continue in full force and effect.

15.2 If either Party is prevented from performance of all or substantially all of its obligations under this Agreement by Force Majeure for a continuous period of more than sixty (60) days in total, the other Party may terminate this Agreement immediately on service of written notice upon the Party so prevented, in which case neither Party shall have any liability to the other except that rights and liabilities which accrued prior to such termination shall continue to subsist and, for the avoidance of doubt, in such circumstances the provisions of Clause 12 relating to the consequences of termination shall apply.

15.3 We are not and will not be responsible or liable for any delay or failure of performance caused in whole or in part by your delay in performing, or failure to perform, any of your obligations under this Agreement.

15.4 You are solely responsible for providing and maintaining your internet connection and information technology environment, networks, and systems. Use of the Prove Anything Service may be subject to limitations, delays, and other problems beyond our control, including those inherent in use of the internet.

16. Limitation of Liability.

16.1 Nothing in this Agreement will limit or exclude either Party’s liability for: (i) death or personal injury resulting from negligence or for fraud, fraudulent misstatement, or fraudulent misrepresentation; (ii) any liability which may not be limited or excluded as a matter of law; or (iii) any claims arising under a Party’s obligations of indemnification pursuant to Clause 14. Nothing in this Agreement will limit or exclude your liability for your breach of Clause 5 or your obligation to pay any undisputed fees.

16.2 Subject to Clause 16.1, neither Party shall be liable (in contract, tort (including negligence), strict liability, or otherwise): (i) for any loss arising from or in connection with loss of revenues, profits (whether direct or indirect), contracts or business, or failure to realise anticipated savings, loss of use or other economic advantage arising from your use of the Prove Anything Service, including the inability to use the Prove Anything Service; loss or corruption of data; unauthorised access to data; or (ii) for any indirect, special, incidental, exemplary, enhanced, punitive, or consequential losses or damages, suffered or incurred by the other party arising out of or in connection with this Agreement even if such Party knew of, had been advised of the possibility of, or foreseen such damages in advance.

16.3 Subject to Clause 16.1 and except as set out in the remainder of this clause 16.3, neither Party’s aggregate liability in connection with any Order Form will exceed 125% of the amount actually paid by you under that Order Form in the 12-month period preceding the event giving rise to such liability, regardless of whether such liability is based in contract, tort, strict liability, or otherwise. With respect to a Party’s breach of its obligations set out in Clause 17 (Confidentiality) or Appendix B(1) (Data Protection) or Appendix B(2) (Data Processing Activities), neither Party’s aggregate liability will exceed the lesser of £1,000,000 (one million pounds sterling) and five times the amount actually paid by you under the applicable Order Form in the 12-month period preceding the event giving rise to such liability.

17. Confidentiality.

17.1 The Receiving Party will use at least the same degree of care in protecting Confidential Information of the Disclosing Party that the Receiving Party uses to protect the confidentiality of its own Confidential Information, but in no event less than a reasonable standard of care. The Receiving Party shall: (i) not use any Confidential Information of the Disclosing Party for any purpose other than as permitted under this Agreement; and (ii) limit access to Confidential Information of the Disclosing Party to its, and its Affiliates’, employees and contractors who need such access to perform their duties to the Disclosing Party and who owe a duty of confidentiality to the Disclosing Party and shall ensure that it includes equivalent contractual terms on confidentiality with such third party. Your Confidential Information includes your Customer Data. Prove Anything Confidential Information includes the Prove Anything Materials, any Order Form, Statement of Work, and the terms of this Agreement.

17.2 The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by Applicable law to do so, on condition that the Receiving Party uses commercially reasonable efforts to give the Disclosing Party prior notice of the compelled disclosure and reasonable assistance, at the Disclosing Party’s cost, in order to permit the Disclosing Party to contest or limit the disclosure.

17.3 Notwithstanding any other provision of this Agreement, Prove Anything may: (i) monitor use of the Prove Anything Service to (a) determine your compliance with the terms of this Agreement and (b) provide support and other requested Services; (ii) utilise any Customer Data on an anonymous and aggregated basis in connection with our development of any products, strategies, or services; (iii) anonymise any Customer Data or other information and aggregate it with other information and data for any further use or purpose related to and Prove Anything’s business; and (iv) use any information gathered by Prove Anything in connection with providing the Services as is necessary to comply with Applicable Laws or in the course of any litigation.

18. Notice.

18.1 We may give notice regarding operational aspects of the Prove Anything Service and changes to the Documentation by means of a general notice on the Prove Anything Service, electronic mail to your email address on record with us, or both.

18.2 Any other notice by one Party to the other under this Agreement will be in writing sent by first class mail, return receipt requested, or nationally recognised overnight delivery service.

18.3 Any notice will be deemed to have been given upon receipt (if sent by overnight delivery service), five (5) business days after mailing (if sent by first class mail) or twelve (12) hours after sending (if sent by email).

18.4 Notice to Prove Anything will be addressed to: Prove Anything Limited, 71-75 Shelton Street, Covent Garden, London, England, WC2H 9JQ for the attention of: the Managing Director. Notice to you will be addressed to your address set out in an Order Form.

19. Assignment; Change in Control.

19.1 Neither Party may assign, delegate, or otherwise transfer this Agreement, or any rights, remedies, or obligations under this Agreement, (including by forward or reverse merger, consolidation, dissolution, or operation of law, and whether voluntarily or by a governmental authority’s action or order) without the prior written consent of the other Party, which consent shall not be unreasonably withheld, except that either Party may assign, delegate, or otherwise transfer this Agreement or any rights, remedies, or obligations under this Agreement without the other Party’s consent to: (i) an Affiliate; or (ii) an acquirer of all or substantially all of the equity interests, assets, or business to which this Agreement relates of the assigning Party (including by a merger, consolidation, or operation of law). Any purported assignment, delegation, or other transfer in violation of this Clause 19.1 is void. You acknowledge that your assignment, delegation, or other transfer of this Agreement will not relieve you of your obligations under this Agreement. This Agreement binds and inures to the benefit of the Parties and their respective permitted assignees and successors.

19.2 You shall notify us in writing, where practicable in advance of, but in any event as soon as reasonably possible after the occurrence of, any actual or proposed change in control of you. Where such change of control results or would result in a direct competitor of Prove Anything directly or indirectly owning or controlling 50% or more of you, we will be entitled to terminate this Agreement for cause immediately upon written notice to you.

20. General.

20.1 Interpretation. The descriptive headings in this Agreement are used solely for convenience and are not intended to affect its meaning or interpretation. Unless the context otherwise requires, words in the singular include the plural and vice versa and words in one gender include any other gender. A reference to a statute or statutory provision includes any legislation effected under it and any statute or statutory provision which modifies, consolidates, re-enacts, or supersedes it, whether such statute or statutory provision comes into force before or after the date of this Agreement. A reference to any Party includes its successors in title and permitted assigns, and a Party, Clause, paragraph, schedule, and appendix is a party to, a Clause, schedule or an appendix to this Agreement and a paragraph of an appendix. The words “includes” or “including” are not limiting and are to be read as if they were followed by the phrase “without limitation.” “Sole discretion” means, with respect to any determination to be made under this Agreement by a Party, the sole and absolute discretion of that Party, without regard to any standard of reasonableness or other standard by which the determination of that Party might be challenged. “Reasonable efforts” or “commercially reasonable efforts” means, with respect to a given obligation, the efforts a reasonable and prudent person wishing to achieve a result would use in similar circumstances to perform that obligation as promptly as possible consistent with its normal business practices and good-faith business judgement, including the incurrence of reasonable immaterial expenditures or liabilities. If any date specified in this Agreement as the only day, or the last day, for taking action falls on a day that is not a business day, then that action may be taken on the next business day. Unless stated otherwise, all references to a date or time of day in this Agreement are references to that date or time of day of the location of Prove Anything set out on page 1. An obligation on a Party not to do something includes an obligation not to attempt to do that thing nor to allow that thing to be done.

20.2 Precedence. Subject always to Appendix B(1) Data Protection and Appendix B(2) Data Processing Activities, if there is any conflict or inconsistency between an Order Form, any Clause or paragraph of this Agreement, any schedule or appendix to this Agreement, and any Documentation, the Clause or paragraph of this Agreement will prevail, followed by a schedule to this Agreement, followed by an appendix to this Agreement, followed by an Order Form, followed by the Documentation.

20.3 Subcontracting. Prove Anything shall be entitled to subcontract any of its obligations under this Agreement to a third party, provided Prove Anything will remain primarily liable to you under this Agreement and shall have substantially equivalent terms in place with such subcontractors as imposed on Prove Anything under this Agreement.

20.4 Severability. If a court or governmental authority of competent jurisdiction holds any provision of this Agreement to be invalid or unenforceable, then such provision(s) will be construed either by modifying it to the minimum extent necessary to make it enforceable (if permitted by law) or disregarding it (if not). If an unenforceable provision is modified or disregarded in accordance with this Clause 20.4, all other provisions of this Agreement are to remain in effect as written, except that this entire Agreement will be unenforceable if modifying or disregarding the unenforceable provision affects the economic and legal substance of the transactions contemplated by this Agreement in a manner materially adverse to either Party.

20.5 No Partnership. Both Parties are independent contractors under this Agreement. Nothing in this Agreement creates an employment, agency, joint venture, or partnership relationship between the Parties or any of their personnel, or any other legal arrangement that would impose liability upon one Party for the act or failure to act of the other Party. Neither Party shall have any express or implied power to enter into any contracts or commitments or to incur any liabilities in the name of, or on behalf of, the other Party, or to bind the other Party in any respect whatsoever.

20.6 Identification. We may identify you as our customer and you may identify us as your supplier and the type of service we provide to you, provided that in doing so no Confidential Information of the other is disclosed. Neither Party shall make any announcement of any kind in respect of the Confidential Information (Terms and Financials) of this Agreement except with the prior written consent of the other Party (not to be unreasonably withheld or delayed) or as is required by law.

20.7 No Third-Party Beneficiaries. This Agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Agreement. This Agreement is for the sole benefit of the Parties and their respective successors and permitted assigns and nothing in this Agreement, express or implied, is intended to or shall confer upon any other Person any legal or equitable right, benefit, or remedy of any nature whatsoever under or by reason of this Agreement.

20.8 Waiver. The failure of a Party to enforce any right or provision in this Agreement will not constitute a waiver of such right or provision by that Party unless acknowledged and agreed to by that Party in writing.

20.9 Entire Agreement. This Agreement (including all Order Forms to this Agreement and the Documentation) constitutes the whole agreement between the Parties and supersedes all previous or contemporaneous discussions, correspondence, negotiations, arrangements, understandings, and agreements between the Parties with respect to its subject matter.

20.10 Counterparts. This Agreement may be executed in counterparts, which taken together shall form one legal instrument.

20.11 Amendments. Except in relation to the appendices and the Documentation which Prove Anything may modify in its reasonable discretion from time to time, no purported variation of this Agreement shall be valid unless it is in writing (which excludes email) and signed by or on behalf of each Party.

20.12 Governing Law. This Agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be governed by and construed in accordance with the law of England and Wales.

20.13 Jurisdiction. Where the Customer is domiciled in the United Kingdom or the European Union, each Party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this Agreement or its subject matter or formation. Where the Customer is not domiciled in the United Kingdom or the European Union, and Prove Anything is the defendant, each Party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle and dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this Agreement or its subject matter or formation. Where the Customer is not domiciled in the United Kingdom or European Union and the Customer is the defendant, any dispute which may arise out of or in connection with this Agreement or its subject matter or formation shall be exclusively referred to and finally resolved by arbitration under the LCIA Rules, which Rules are deemed to be incorporated by reference into this Clause. The number of arbitrators shall be one. The seat, or legal place, of arbitration shall be London, England. The language to be used in the arbitral proceedings shall be England.

Appendix A

Service Level Agreement

In this SLA, unless the context otherwise requires, the following definitions shall apply:

“API” means the Application Programming Interface used to communicate with the Prove Anything platform and programmatically interact with the data and prove anything activities provided.

“Downtime” exists when a Customer is unable to transmit and/or receive data from the Prove Anything Service. Downtime does not include the effects of any internet, Customer network or other connectivity issues not within Prove Anything control, or the effects of any configuration changes implemented by Customer, or any unavailability due to your breach of this Agreement. Downtime is measured from (a) the time the Prove Anything monitoring system indicates that the Prove Anything Service is not functioning as defined herein until (b) restoration of the Prove Anything Service.

“Emergency Maintenance” is maintenance which may delay or interrupt Customer’s use of the Prove Anything Service and that is critical and cannot be delayed.

“Error” means any defect, bug, or error in the Prove Anything Service that prevents: (a) the Prove Anything Service from operating in accordance with the relevant Documentation; (b) access to the Customer Data; or (c) the Prove Anything Service from being provided in accordance with this Service Level Agreement. Errors do not include features or functionality that may be expected by Customer, but which are not currently included in the Prove Anything Service and/or APIs.

“Multi-Tenant Environment” means a server, or collection of servers and network devices, either physical or virtual, which are used for the delivery of the Prove Anything Service and are shared between multiple customers.

“Penetration Test” means an authorised simulated attack on the Prove Anything Service intended to discover security weaknesses or other vulnerabilities that could be exploited by a nefarious actor.

“Priority Level” means the priority that Prove Anything gives to correcting a particular Error, where P1 is the highest priority of Error and P4 is the lowest.

“Response Time” means the amount of time taken for Prove Anything to contact the Customer after an Error has occurred. Before the Customer is contacted, Prove Anything will evaluate the Error, determine the Priority Level, and determine a course of action for the remediation of the Error. Response Time is measured from (a) the time when the relevant Ticket is raised until (b) the time that Prove Anything contacts the Customer.

“Scheduled Maintenance” is maintenance which may delay or interrupt Customer’s use of the Prove Anything Service and is conducted between the hours of 12:00 midnight and 5:00am (GMT) and any other maintenance for which Prove Anything gives you no less than 72 hours’ notice.

“Service Credits” are credits given to customers if Prove Anything fails to achieve the guaranteed Service Levels. The method of calculating Service Credits is set out below.

“Service Level” has the meaning given to it in paragraph 2 below.

“Service Level Failure” means a failure by Prove Anything to achieve the Service Level.

“Single-Tenant Environment” means a server, or collection of servers and network devices, either physical or virtual, which are used for the delivery of the Prove Anything Service for the sole use of a single customer and not shared with other customers.

“Ticket” means a support ticket that describes a request for support or an Error, and that is opened using the Prove Anything online support portal.

“Target Resolution Time” means the amount of time within which Prove Anything aims to resolve a particular Error. The Target Resolution Time is measured from (a) the time when the relevant Ticket is raised until (b) the time that the Error has been resolved.

“Update Schedule” means the frequency with which Prove Anything will provide updates to Customer after an Error has been reported.

“Version” refers to a specific, point-in-time state of the Prove Anything Service, including its source-code, features and capabilities. A Version is identified by either a name or a number, or a combination of the two, to easily differentiate it’s features and capabilities from any other Version of the Prove Anything Service.

“Work-Around” means a temporary work-around, patch or bypass supplied by Prove Anything in order to temporarily correct an Error.

Capitalised words and expressions in this SLA shall have the meaning given to them in the Agreement unless otherwise specified.

Prove Anything shall ensure that the Prove Anything Service will be available, excluding Downtime caused by Scheduled Maintenance, Emergency Maintenance or Force Majeure event, 99.5% of the time in any one calendar month (first day to last day) (the “Service Level”). The Service Level will not apply (and therefore no Service Credits will be applicable) to the extent that any Service Level Failure is caused by: (a) a Penetration Test conducted by Customer without the prior written approval of Prove Anything ; or (b) Customer’s failure to comply with specific instructions provided by Prove Anything ; or (c) a failure of the Customer to comply with any Customer responsibility or obligation detailed in a Statement of Work, Order Form or the Master Subscription Agreement; or (d) Customer’s failure to adhere to Prove Anything ’s best practice guidelines for the use of the API.

Prove Anything Service Releases and Versions.
- If Customer is using the Prove Anything Service in a Multi-Tenant Environment the Prove Anything Service will be updated automatically to the newest Version as soon as it becomes available.
- If Customer is using the Prove Anything Service in their own Single-Tenant Environment, they can choose the date and time on which their Prove Anything Service will be updated to the newest Version. The Customer may also elect not to update to the newest Version.
- Unless otherwise agreed by the Parties, the Response Times, Service Credits, Service Level, Target Resolution Times, and Update Schedules will not apply if Customer has elected to remain on a Version of the Prove Anything Service that is more than one (1) year old. To maintain efficient development methods and support processes Prove Anything may, at its sole discretion, elect not to:

(a) Provide support or correct Errors in Versions of the Prove Anything Service that are more than one (1) year old.

(b) Re-create features from the current Version of the Prove Anything Service in older Versions.

Support hours.

Subscription to support is optional and detailed in the Statement of Works and Order Form.

If you subscribe to support Email support will be provided primarily by the Prove Anything support team via the Prove Anything Online Support Platform. Prove Anything will provide support according to the table below:

Priority Level

Time

Description

All levels

Monday to Friday (excluding public holidays in the UK)

9:00am to 5:00pm (GMT)

Email support will be provided by Prove Anything Customer Support Helpdesk, for all Priority Levels.

Error Priority Levels.

Prove Anything will resolve all Errors reported by customers according to the Priority Level set out in the table below. Priority Levels will be determined by Prove Anything in its sole discretion and will be based upon the information provided at the time the Ticket is raised. If Customer is not satisfied with Prove Anything classification of the Priority Level, then Customer should discuss the matter with the Prove Anything Head of Customer Support.

Priority Level	Business Impact
P1	Whole or critical part of the Prove Anything Service is unusable, causing a major business impact. For example: ● Complete server outage ● An essential component is not available. E.g., the customer-facing wb app are not loading and therefore the customer’s customers are not able to access essential information ● An essential component is completely unusable, and the issue is not caused by network problems within the customer’s location. ● The issue seriously impacts the customer’s customers or serious complaints are raised. ● The API responds (or fails to) in a manner that renders the Prove Anything Service unusable
P2	Important, but not immediately critical part of the Prove Anything Service is unusable, causing some business impact. For example: ● A small number of locations are affected within the whole customer’s network. ● The customer is unable to view standard reports via the back-end user-interface. ● A Work-Around is present where an issue would otherwise be P1. ● The API responds in a way that prohibits Scheduled Maintenance tasks, such as data upload
P3	Small, but not critical part of the Prove Anything Service is unusable or has limited functionality, causing some business impact. For example: ● Filters within a widget are not responding as expected. ● A Work-Around is present where an issue would otherwise be P2. ● The API intermittently fails to respond as expected
P4	Small other items, which may include non-urgent Errors, Errors where acceptable Workarounds are available, causing little business impact. For example: ● The customer is unable to view bespoke or third-party reports (e.g., from an integrated technology or reports created and sent specifically from Prove Anything to the customer) ● A service request – i.e., a user request for information or advice or a standard change (a pre-approved change that is low risk, relatively common and follows a procedure) ● Single user or customer fault. For example, password resets

Error reporting and Resolution procedures.

The procedures for reporting and resolving an Error are as follows:
(a) For all Errors, customers should log the Error using the Prove Anything online support portal.

(b) Once the Error has been reported by Customer, Prove Anything will:

(i) Determine the Priority Level and confirm this to the Customer.

(ii) Respond within the agreed Response Time.

(iii) Open a support Ticket (if this has not already been done per the steps above). All Tickets will be opened using the Prove Anything online support portal, which is actively monitored by qualified Prove Anything support personnel. The status for all Tickets previously reported by any customer can be viewed by Prove Anything support personnel via the support portal.

(iv) Provide an estimate of the Target Resolution Time.

(v) Assign resources to correct such Error within the relevant Target Resolution Time. Prove Anything will use all commercially reasonable efforts to correct the Error in an expeditious manner and will inform Customer of the progress, including the steps being taken to resolve the Error, the expected time for resolution of the Error and any resolution of the Error.

(vi) Provide updates as per the agreed Update Schedule. Prove Anything will endeavour to resolve all Errors in the first response. If this is not possible, we will provide ongoing status updates and information about when we expect any Errors to be resolved. Additional information exchanges related to an open support case may be conducted via email, telephone, or web meeting communication, as appropriate to the case. Customers can check the status of their Ticket at any time using the Prove Anything online support portal.

(c) While we endeavour to resolve any Errors within the Target Resolution Time, our attainment of the target will be related to the amount of development work that is required to rectify the Error. Equally, we try to, and are often able to resolve problems far quicker than the target times if the work required allows:

(i) If an Error has not been corrected within the Target Resolution Time, we will discuss the situation with the Customer and mutually agree on a resolution which may include a Work-Around.

(ii) If Prove Anything cannot correct a P1 or P2 Error within 6 months, then Customer may immediately terminate the relevant Subscription, Order Form and/or this Agreement.

(d) All Errors are categorised in accordance with the Priority Levels defined in this Appendix. Any support requests not categorised as set forth herein will be addressed in the ordinary course of business by Prove Anything, and any applicable modifications or corrections of the Prove Anything Service will be delivered in the next release of the Prove Anything Service after implementation of the correction(s).

(e) These procedures only apply to live Customers. Errors that are discovered during a Customer’s implementation phase will be handled by the implementation team according to the procedures defined during that phase.

(f) Errors that are discovered during the implementation process and present when a Customer goes live will be handled according to any previously agreed arrangements and not according to the procedures outlined in this Appendix.

(g) Errors that are caused by Customer’s suppliers (e.g., implementations performed by Customer’s systems integrator or configuration of the Prove Anything Service by Customer’s professional services partner) may not be able to be corrected by Prove Anything and must be corrected by the relevant supplier.

Target Response Time, Update Schedule, and Resolution Time.

The Target Response Times, Target Update Schedule and Target Resolution Times described above are as follows:

Priority Level	Target Response Time	Target Update Schedule	Target Resolution Time
P1	8 support hours	1 business day	Basic Fix 1 business Day, code change 10 business days
P2	1 business day	2 business days	To be agreed between the Customer and Prove Anything on a case-by-case basis
P3	1 business day	Upon request	To be agreed between the Customer and Prove Anything on a case-by-case basis
P4	2 business days	Upon request	To be agreed between the Customer and Prove Anything on a case-by-case basis

Monitoring of the Service.

Prove Anything will regularly monitor the status of the Prove Anything Service (including routine checks on the hardware, processes and wait queues) using both automated and manual tools and testing procedures.

Upon request by Customer, but no more than once every 6 months, Prove Anything will provide a report listing all Customer-affecting service and outage faults during the prior 6 months, including:

Date and time of fault
Impact of fault on service provision
Service outage duration
Description of Error and resolution identifying steps taken to prevent future occurrences
Scheduled releases
1. Service Credits.

If, as recorded at the end of a calendar month, the Prove Anything Service fails to achieve the Service Level, the Customer is eligible to receive a Service Credit as detailed in the table below. The Service Credit percentage will be calculated in relation to the Fees payable in the month in which the Service Level Failure occurred:

Uptime in a calendar month	Service Credit
Less than 99.5% but greater than or equal to 99.0%	5%
Less than 99.0% but greater than or equal to 95%	15%
Less than 95% but greater than or equal to 90%	50%
Less than 90%	100%

Prove Anything will deduct any Service Credits due at the end of a calendar month from the Fees due to Prove Anything that month or, where Fees have been paid in advance, refund the Service Credit amount within 30 days of the end of the relevant calendar month. Should a Service Credit be earned in the final month of the Prove Anything Service being provided, we will deduct the Service Credit against outstanding amounts due to us under this Agreement, and if no amounts are due, we will refund the Service Credit amount to the Customer within 30 days of the Prove Anything Service having terminated.

The Parties acknowledge that the Service Credits represent a genuine pre-estimate of some of the losses that the Customer would suffer in the event of a Service Level Failure.

Worked Example:

February Uptime: 99.4%

February Fees: £1,000

Service Credit: £50

March Fees: £1,000 less £50 Service Credit = £950

Appendix B(1) – Data Protection

Definitions and interpretation
- In this Appendix, unless the context otherwise requires:

“DP Regulator” means any governmental or regulatory body or authority with responsibility for monitoring or enforcing compliance with the Data Protection Laws;

“Data Subject Request” means a request from a Data Subject to exercise its rights under the Data Protection Laws in respect of that Data Subject’s Personal Data;

“Security Breach” means any actual loss, unauthorised or unlawful processing, destruction, damage, or alteration, or unauthorised disclosure of, or access to the Customer Personal Data, and terms defined in a provision of this Appendix shall have the meaning given to them in that provision.

Compliance with Data Protection Laws
- Prove Anything shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Processor of the Customer Personal Data.
- The Customer shall comply with its obligations under the Data Protection Laws as they apply to it as a Data Controller of the Customer Personal Data.
Processing and security
- In performing its obligations under this Agreement, Prove Anything will only process the categories of Personal Data and only in respect of the categories of Data Subjects, and only for the nature and purposes of processing and duration, as is set out in the Annex to this Appendix or as necessary to perform its obligations under this Agreement, save as otherwise required by any Applicable law.
- In processing the Customer Personal Data, Prove Anything shall:
  - process Customer Personal Data only in accordance with the Customer’s written instructions from time to time (including those set out in this Agreement) except as otherwise required by any Applicable Law;

(b) not process the Customer Personal Data for any purpose other than those set out in the Annex and as necessary to perform its obligations under this Agreement unless otherwise expressly authorised by the Customer;

(d) as far as reasonably practicable, cooperate with and provide assistance to the Customer in relation to any Data Subject Request in respect of Customer Personal Data;

(e) Considering:

(i) the state of the art;

(ii) the nature, scope, context, and purposes of the processing; and

(iii) the risk and severity of potential harm, protect the Customer Personal Data by ensuring that it has in place appropriate technical and organisational measures, including measures to protect the Customer Personal Data against the risks of a Security Breach; and

(f) ensure any persons authorised by Prove Anything to process Customer Personal Data are obliged to keep such data confidential.

Prove Anything shall, without undue delay after discovering any Security Breach or any failure or defect in security which leads, or might reasonably be expected to lead, to a Security Breach (together a “Security Issue“) notify the Customer of the same.
Where a Security Issue arises, Prove Anything shall:

(a) as soon as reasonably practicable, provide the Customer with details of the Security Issue, the actual or expected consequences of it, and the measures taken or proposed to be taken to address or mitigate it;

(b) co-operate with the Customer, and provide the Customer with all reasonable assistance in relation to the Security Issue; and

(c) unless required by Applicable Law, not make any notifications to a DP Regulator or any Data Subjects about the Security Issue without the Customer’s prior written consent (such consent not to be unreasonably withheld or delayed).

Return or destruction of Personal Data
- Subject to paragraph 4.2, Prove Anything will return or, at the election of the Customer, irretrievably delete all Customer Personal Data in its control or possession when it no longer requires such Customer Personal Data to exercise or perform its rights or obligations under this Agreement, and in any event within 30 days following expiry or termination of this Agreement.
- To the extent that Prove Anything is required by Applicable Law to retain all or part of the Customer Personal Data (the “Retained Data“), Prove Anything shall isolate and cease all processing of the Retained Data other than as required by the Applicable Law.
Audit
- Subject to clause 5.2, Prove Anything will, at the Customer’s sole expense, comply with all reasonable requests from the Customer to allow the Customer or its third party auditors to access and inspect Prove Anything’s premises, records and personnel relevant to any processing of Customer Personal Data, in each case to enable the Customer to audit and verify that we complying with our obligations under this Agreement and under the Data Protection Laws in relation to Customer Personal Data (“Data Protection Audit”).
- Prove Anything acknowledges that the Customer (or its third-party auditors) may enter its premises for the purposes of conducting a Data Protection Audit, provided that the Customer gives it reasonable prior written notice, conducts such audit during normal business hours, and take all reasonable measures to prevent unnecessary disruption to Prove Anything’s operations. The Customer will not exercise its audit rights under this clause 5 more than once in any twelve (12) month period, except if: (i) required by instruction of a DP Regulator; or (ii) the Customer reasonably believes a further audit is necessary due to a Security Breach suffered by Prove Anything.
- Prove Anything shall provide such information, reasonable cooperation, and assistance in relation to any request made by the Customer (or its auditors, or its or their representatives) under clause 5.1 as necessary to demonstrate Prove Anything’s compliance with the Data Protection Laws in relation to this Agreement.
Co-operation and assistance
- Prove Anything shall cooperate with the Customer, and provide such information and assistance as the Customer may reasonably require, to enable the Customer to:

(a) comply with the Customer’s obligations under the Data Protection Laws (including Articles 32-36 of GDPR) in respect of Customer Personal Data; and

(b) deal with and respond to investigations and requests for information relating to the Customer Personal Data from any DP Regulator.

If Prove Anything receives any complaint, notice or communication from a DP Regulator or other third party (excluding a Data Subject Request) which relates directly or indirectly to Customer Personal Data or to either Party’s compliance with the Data Protection Laws, it shall notify the Customer as soon as reasonably practicable.

Sub-Processors
- Prove Anything shall not subcontract any processing of the Customer Personal Data to any Sub-Processor except as authorised by the Customer in accordance with this paragraph 7. The Customer consents to Prove Anything engaging Sub-Processors to process the Data provided that: (i) Prove Anything provides at least 30 days’ prior notice of the addition of any subcontractor (including details of the processing it performs or will perform) (“Sub-Processor Notice”); and (ii) Prove Anything complies with paragraphs 7.4 and 7.5 of this Appendix.
- The Customer hereby consents to Prove Anything’s use of the Sub-Processors listed at Prove Anything .co.uk/legals which shall be maintained and updated when any Sub-Processor is added or removed in accordance with this paragraph 7.
- If within 30 days of receipt of a Sub-Processor Notice the Customer notifies Prove Anything in writing of its refusal to consent to Prove Anything’s appointment of a Sub-Processor on reasonable grounds relating to the protection of Customer Personal Data, then either:

(i) Prove Anything will not appoint the Sub-Processor; or

(ii) if Prove Anything does appoint the Sub-Processor, the Customer may elect to terminate the Agreement without penalty or cost to either party save that any portion of the fees paid in advance in respect of Services not yet delivered as at the effective date of termination shall be refunded to the Customer. If after 30 days from receipt of the Sub-Processor Notice the Customer has not indicated its refusal of the appointment of a Sub-Processor in accordance with this paragraph, then the Customer is deemed to have given its consent and Prove Anything shall be entitled to appoint the relevant Sub-Processor with immediate effect.

If Prove Anything appoints a Sub-Processor, Prove Anything shall ensure that:

(a) such Sub-Processor shall only process Customer Personal Data to perform one or more of Prove Anything ‘s obligations under this Agreement; and

(b) it enters into a written agreement or other legally enforceable terms with that Sub-Processor prior to any processing by the Sub-Processor, requiring the Sub-Processor to:

(i) process Customer Personal Data only in accordance with the written instructions of Prove Anything or the Customer; and

(ii) comply with data protection obligations equivalent in all material respects to those imposed on Prove Anything under this Appendix.

Notwithstanding the appointment of a Sub-Processor, Prove Anything is responsible and liable to the Customer for any processing by the Sub-Processor in breach of this Appendix.

Transfer of Personal Data
- Prove Anything shall only transfer Customer Personal Data outside of the EEA where there is adequate protection for such Customer Personal Data in accordance with applicable Data Protection Laws and as authorised by the Customer in accordance with paragraph 7.
- As at the date of this Appendix the Customer consents to the transfers of Customer Personal Data to those non-EEA locations listed at www .Prove Anything .co .uk /legals. Prove Anything will ensure the list is maintained and updated from time to time to reflect any changes.
Precedence

In relation to the subject matter of this Appendix and its Annex, in the event of any inconsistency between the provisions of this Appendix and its Annex and the other provisions of the Agreement including any schedule or annex thereto, the provisions of this Appendix and its Annex shall prevail.

Prove Anything reserves the right to change our Data Protection Policy documentation and its location from time to time.

Appendix B(2) – Data Processing Activities

Overview

We want you to know what Personal Data Processing activities happen when you use our Services, and who might assist us in delivering those Services.

Processing by the provider
- Scope

To allow us to provide the Prove Anything Service to you.

Nature

Prove Anything has developed a suite of tools for brands and companies who supply and sell physical products through retail channels. Prove Anything has further developed a suite of tools for individuals and organisations that work with individuals (for example university, training establishments, online training, and continual professional development) to create immutable certification and proof of qualifications.

Our Customers are the controllers of the end user personal information held on the Prove Anything platform, as personal data will need to be stored to create the Prove Anything Service.

The Prove Anything technical support team may need to access the Prove Anything platform to help our Customers resolve any technical support issues, but we don’t control or process any of the personal data held within the platform.

Purpose of processing and types of personal data

We may process personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need specific details about the specific legal ground that we are relying on to process your personal data, where more than one ground has been set out in the table below.

Purpose / Activity	Type of data	Lawful basis for processing including basis of legitimate interest
To register you as a new customer	● Identity ● Contact	● Performance of a contract with you
To process and deliver your order including payment and collection or recovery of those payments	● Identity ● Contact ● Financial ● Transaction ● Marketing and communications	● Performance of a contract with you ● Necessary for our legitimate interests (debt collection)
To manage our relationship with you which will include: ● Notifying you about changes in our terms or privacy policy ● Asking you for feedback or take a survey	● Identity ● Contact ● Profile ● Marketing and communications	● Performance of a contract with you ● Necessary to comply with a legal obligation ● Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To enable you to take part in a competition, prize draw, or survey	● Identity ● Contact ● Profile ● Usage ● Marketing and communications	● Performance of a contract with you ● Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	● Identity ● Contact ● Technical	● Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) ● Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you	● Identity ● Contact ● Profile ● Usage ● Marketing and communications ● Technical	● Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences	● Technical ● Usage	● Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you	● Identity ● Contact ● Technical ● Usage ● Profile	● Necessary for our legitimate interests (to develop our products/services and grow our business)

Duration of the processing

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. At the end of that retention period (usually no longer than seven years), your data will either be deleted completely or anonymised, for example by aggregation with other data so it can be used in a non-identifiable way for statistical analysis and business planning. For information stored in backup archives, we will securely store the information and isolate it from any further use until deletion is possible.

Categories of data subject
- When using this Service, the groups of individual’s data by category

Your end users using the service that you deliver
The personal data about your employees and contractors that Prove Anything collects as a Customer of ours to complete account administration and set up
The personal data that Prove Anything collects about the service user access technical information (e.g., browser, IP address)
The details of your employee and contractor interactions with us when you require support for the Service (information that you choose to submit)

Prove Anything reserves the right to change our Data Processing Activities Policy documentation and its location from time to time.

Appendix C – Information Security

Our Information Security Document is available on our website by going to www.Prove Anything.co.uk/legals

Prove Anything reserves the right to change our Information Security Policy documentation and its location from time to time.

Appendix D – Privacy Policy

Our Privacy Policy is available on our website by going to www.Prove Anything.co.uk/privacy

Prove Anything reserves the right to change our Privacy Policy documentation and its location from time to time.

Appendix E – Professional Services Terms and Conditions

Professional Services are available to you for an additional fee dependant on the scope of the work to be done.

If you have purchased Professional Services from us this will be detailed in the Order Form or Statement of Work.

Any Professional Services purchased will be governed by the Professional Services Terms and Conditions which can be found at www .Prove Anything .co .uk /legals

The Terms may be modified at any time at our sole discretion. It is your responsibility to review the Terms regularly for updates.