Our general terms and conditions published below govern the relationship between Us (PAAC IT Ltd) and our Business Customers with service specific information covered in the appropriate service schedule that we will both sign. In signing one or more of Our service Schedules you will confirm that you have read, understood and agree to these terms and conditions below. If anything is unclear, please ask.
We aim to keep things simple and straightforward and we’ll always do our best to fulfil your needs and meet your expectations. But it’s important to have things written down so that we both know what’s what, who should do what and when, and what will happen if something goes wrong.
We want you and your staff to be aware that in the provision of some Services We and Our Service Suppliers will have access to your data, including personal data.
You (“You”, “Your”) are retaining us, PAAC IT Ltd (“We”, “Us” and “Our”, registration number 07070674, with registered offices at 10 Lower Street, Haslemere, Surrey, GU27 2NX to provide IT Services for You and Your organisation that may include Your staff, Your computers and Your networks.
What do both parties agree?
You: You have the authority to enter into this Agreement. You’ll give us access to the Equipment and information we tell you we need to provide the service. You also agree to stick to the payment arrangements set out in these terms and conditions and the applicable Schedules. You will follow Our recommendations for keeping Equipment at an acceptable level of technical and operational currency. You will be responsible for managing security, user logon and authentication for applications outside the scope of the Schedules.
Us: We have the experience and ability to do everything we’ve agreed with you and we’ll do it all in a professional and timely manner. We’ll endeavour to meet every deadline that’s set and on top of that we’ll maintain the confidentiality of information you give us.
Business Day – Our regular hours of service are Mondays to Fridays between the hours of 9:00 to 17:30 inclusive, but do not include national, public, or bank holidays.
Charges – are i) The amounts specified in the Schedules; ii) amounts as may be agreed in writing between each other from time to time; and / or iii) amounts calculated by multiplying PAAC IT’s time-based charge rates (as listed in Schedules) by the time spent by Our staff performing the Services.
Controller – determines the purposes and means of processing personal data as defined in the Data Protection Act 2018.
Equipment – means the IT related components, such as but not limited to servers, workstations, routers, printers etc, that are defined in the relevant Schedule.
Force Majeure Event – means: (a) acts of God, such as fire, flood, earthquake or other natural causes; (b) terrorist events, riots, insurrections, war or national emergency; or (c) judicial, legal or other action of a governmental authority, which action makes performance of this Agreement impossible.
Personal Data – Any information provided relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal Data is that information provided directly or indirectly by the You for Processing within the meaning of the Data Protection Act 2018.
Processing – Any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction as per the Data Protection Act 2018.
Processor – is responsible for processing personal data on behalf of a controller as defined in the Data Protection Act 2018.
Schedule – The document that describes the Services we perform for You and managed under these Terms and Conditions.
Services – means the services We provide to You under these Terms and Conditions and defined in the applicable Schedules. Services may include software and services from our Service Suppliers and delivered by Us.
Service Supplier – means an organisation that we work with to provide Services to You. Examples include Microsoft and Datto.
Service Supplier Licence – means the terms and conditions related to the provision of software from Service Suppliers which is or will be used by Us for the purposes of providing the Services. Examples are licences from Microsoft and Datto.. Applicable Service Supplier licences are identified in the Service Schedule.
Processor – Any Processor engaged by PAAC IT within the meaning in the Data Protection Act 2018.
Term – the period during which we will provide Services to You as defined in the Schedules.
2.1 These terms and conditions specify the obligations of each of us in respect to the Services we provide to You. The Service Schedules describe what is included in each of the Services We provide and related licensing terms. If changes are required, the relevant Schedule will be updated accordingly.
2.2 We do need you to take good care of the Equipment and so Our Services do not include maintenance or repair necessitated by:
2.3 The Services do not include the cost of spare parts required to repair Equipment or the cost of software. Where parts or software is required, we will obtain approval from You before proceeding.
3.1. We have categorised requests for assistance as Incidents (a service affecting issue) and Service Requests (a request such as adding or deleting a user, password reset, or a “How do I …?” query).
3.2. To report an Incident, You should:
3.3 To escalate an Incident or Request, please telephone Us at any time (quoting the reference number), and ask to speak to the Managing Director. If an Incident or Request is escalated, We must:
3.4 We may downgrade an escalated Incident or Request if the Incident or Request is being managed to a scheduled timeframe; or the Incident has been resolved and is in the process of being tested.
3.5 Response time for Incidents are shown in the following table:
3.6 Service requests will be responded to within 2 hours. Simple requests will be dealt with promptly, more complex requests will be scheduled to a mutually convenient time.
4.1 If a dispute or difference does arise between us, we will initially work to resolve the issues via representatives from each of us.
4.2 If our respective representatives are unable or unwilling to resolve the matter between themselves, either of them may request a meeting of Our Managing Director and a senior representative You nominate.
4.3 If the matter is not resolved within thirty (30) days after such meeting, either of us may by agreement seek to settle the dispute by non-binding mediation with an accredited alternative dispute resolution practitioner, the cost of which shall be borne by each of us equally.
4.4 During the dispute resolution process, We must continue to provide uninterrupted Services to You in accordance with these Terms and Conditions and the respective Schedule.
4.5 Nothing in this process shall have the effect of excluding either of us executing rights at any time to take up their remedies under law.
5.1 You undertake to keep your usernames and passwords confidential and not disclose them to any third party other than those of your employees, agents and subcontractors who you authorise to access the Service on your behalf. You agree to contact us immediately if you suspect that anyone else knows your usernames and/or passwords.
5.2 We will use reasonable endeavours to keep information held on the Service secure.
6.1. Each of us (hereafter called the “Receiving Party”) undertakes to keep and maintain all Confidential Information (which term shall include all information marked or notified to the Receiving Party as confidential or proprietary together with all information which would in the normal course of business be regarded as confidential or proprietary) in the strictest confidence and not to disclose such information to any third party without the prior written consent of the other.
6.2. Each of us shall ensure that its employees and subcontractors:
6.3 Upon the termination or expiration of this Agreement for any reason, or upon the Client’s earlier request, PAAC IT will deliver to the Client all of the Client’s property or Confidential Information in tangible form that PAAC IT may have in its possession or control. PAAC IT may retain one copy of the Confidential Information in its legal files.
6.4 The provisions of this clause shall apply throughout the full course of this Agreement and for two years thereafter.
7.1 Just to be clear, “Intellectual property rights” means all patents, rights to inventions, copyright (including rights in software) and related rights, trademarks, service marks, get up and trade names, internet domain names, rights to goodwill, rights in designs, database rights, rights in confidential information (including know-how) and any other intellectual property rights, in each case whether registered or unregistered and including all applications (or rights to apply) for, and renewals or extensions of, such rights and all similar or equivalent rights or forms of protection which subsist or shall subsist now or in the future in any part of the world.
7.2 We, our technology and licensing partners and our Service Suppliers, own any intellectual property rights in all aspects of the Service. You agree that you will not, and you will ensure that your employees will not, copy, redistribute, publish, modify or revise any part of the Service without our prior written consent. This provision shall survive termination.
8.1 Both of us shall comply with the Data Protection Act 2018 and related legislation at all times.
8.2 We acknowledge and agree that with regard to the Processing of Personal Data, You are the Controller, We are the Processor and that We will engage Sub-processors only with Your consent.
8.3 We will only process personal data in accordance with your written instructions which shall comply with Data Protection Laws and Regulations. You have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which You acquired the Personal Data.
8.4 We will inform You should You give Us a Processing instruction that we consider does not comply with the GDPR, or related data protection law.
8.5. We shall treat Personal Data as Confidential Information and shall only Process Personal Data on behalf of and in accordance with Your documented instructions for the following purposes: (i) Processing in accordance with the Agreement and applicable Order Form(s); (ii) Processing initiated by Users in their use of the Services; and (iii) Processing to comply with other documented reasonable instructions provided by You (e.g., via email) where such instructions are consistent with the terms of the Agreement.
8.6 Where You deem it necessary to conduct a Data Privacy Impact Assessment We will cooperate with Your reasonable requests to assist. To the extent legally permitted, You shall be responsible for any costs arising from our provision of such assistance.
8.7 We shall, to the extent legally permitted, promptly notify You if We receive a Subject Access Request from a Data Subject and on Your request, we will assist You to respond to the request. You shall be responsible for any costs arising from our provision of such assistance.
8.8. You acknowledge and agree that We may engage Service Supplier Sub-processors in connection with the provision of the Services. We shall provide notification of a new Sub-processor(s) before authorizing any new Sub-processor(s) to Process Personal Data in connection with the provision of the applicable Services. In the event You object to a new Sub-processor, We will use reasonable efforts to make available to You a change in the Services or recommend a commercially reasonable change to Your configuration or use of the Services to avoid Processing of Personal Data by the objected-to new Sub-processor without unreasonably burdening You.
8.9. We shall maintain appropriate technical and organizational measures for protection of the security confidentiality and integrity of Your Data.
8.10. If We become aware of and confirm a breach of Our security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data covered by the GDPR in Our custody or control We will, without undue delay, notify You and exercise best efforts to mitigate the effects and to minimise any damage resulting from such a security breach. We shall make reasonable efforts to identify the cause of such Data Incident and take those steps as We deem necessary and reasonable in order to remediate the cause of such a Data Incident to the extent the remediation is within Our reasonable control. You agree that an unsuccessful security incident will not be subject to this section. Our obligation to report or respond to a security incident will not be construed as an acknowledgement of any fault of liability on Our part. The obligations herein shall not apply to incidents that are caused by You or anyone acting with Your authorisation.
8.11 Within a reasonable amount of time following expiration or termination of the Agreement plus any post termination period during which You have the ability to export or have Personal Data returned, We will delete Your Personal Data to the extent allowed by applicable law. You hereby instruct Us to delete all Personal Data after such period. It is Your responsibility to ensure all Personal Data has been exported / returned to You prior to its deletion by Us.
8.12 You acknowledge that We may use your information in order that We can provide an efficient service to you and to compile statistics which do not identify you.
8. 13 Your personal data and that of other Service users will be shared with Our Service Suppliers under the terms of the Service Supplier Licence. The Service Suppler may collect, use, transfer, disclose, and otherwise process Your data, including personal data, as described in the applicable Service Supplier Licence.
8.14 You shall notify Your individual users of the Service that their data may be processed for the purpose of disclosing it to law enforcement or other governmental authorities (and that it shall obtain those users’ consent to this).
8.15 We may record any telephone call you make to or receive from us and store the emails you send to or receive from us, for the above purposes and in order to monitor service standards.
8.16. We and Our Service Supplier reserves the right in our or their sole discretion, but shall not be obliged, to remove any data from the Service which it is reasonably believed to contravene the policies of any of our Service Suppliers.
9.1 You agree that you will use the Service within the limitations set out in this clause.
9.2 You agree that the Service is only to be used by You and Your employees for Your internal business purposes and You must not re-sell the Service or allow any third party to have access to the Service.
9.3 Your use of the Service must be for lawful purposes and you shall comply with all legal requirements including but not limited to respecting third parties’ copyright, trademarks and software licences and all application legislation and codes of practice.
9.4 You may not copy, rent, lease, sublicense, display, reverse engineer, modify or alter any software provided by Us.
9.5 You agree that you will not use the Service in any way to:
10.1 Where a Service Supplier Licence is required to provide a Service, You agree at all times to comply with the terms of the Service Supplier Licence. The terms of such Service Supplier Licences may vary from time to time and you agree to be bound by such changes and specific demands or requirements that may be set out in the Service Supplier Licences.
10.2 Any rights granted to You in the Schedules are subject always to the terms of the Service Supplier Licences. You acknowledge, agree and understand that We are only able to grant the rights to you which We are entitled to grant in the Service Supplier Licences and these documents will always take precedence and priority over our responsibilities and obligations to you in these Terms and Conditions and the Schedules.
10.3 You shall further indemnify us in full and on demand for any losses We may suffer as a result of any breaches by you of the Service Supplier Licences
10.4 In addition, you agree to comply at all times with any Service Supplier licence arrangements, as such arrangements may be varied, that We may have entered into and which may impact on the Service We are providing to you.
11.1 The total liability of either party to the other Party under or in connection with these Terms and Conditions whether based upon an action or claim in contract, tort (including negligence), misrepresentation, equity or otherwise, including under any indemnity, shall be limited to 100% of the Charges for the applicable Schedule. Any regulatory penalties imposed on either party will count towards such liability cap.
11.2 We will not be liable for any indirect or consequential damages.
12.1 If the performance of this Agreement or any obligation (other than one for money owed) is prevented, delayed or interfered with by a Force Majeure Event, the party affected by the Force Majeure Event is excused on a day-by-day basis to the extent of the interference, but only if: (i) the Force Majeure Event is beyond the reasonable control of the party claiming it and without that party’s fault or negligence; (ii) the affected party notifies the other party as soon as practicable of the nature and expected duration of the claimed Force Majeure Event; and (iii) the affected party uses its best efforts to protect against the Force Majeure Event and uses all commercially reasonable efforts to avoid, mitigate or remove the extent of the delay and causes of non-performance and resumes performance promptly after the causes have been eliminated. The obligations of the party not claiming the Force Majeure Event are also excused on a day-by- day basis.
13.1 These terms and conditions will continue to apply during the term of any and all Schedules.
13.2 Each Schedule will define the process and rights for termination of that particular Schedule.
13.3 If You would like Us to assist to arrange a smooth transition to anther competent organisation at on the termination of a Schedule, you agree to pay our reasonable costs in providing transition services.
14.1 Neither of us can transfer this Agreement to anyone else without the other’s permission.
14.2 We both agree that we’ll adhere to all relevant laws and regulations in relation to our activities under these terms and conditions and not cause the other to breach any relevant laws or regulations.
14.3 These terms and conditions stay in place and need not be renewed. If for some reason one part of this contract becomes invalid or unenforceable, the remaining parts of it remain in place.
14.4 Although the language is simple, the intentions are serious and this contract is a legal document under exclusive jurisdiction of English and Welsh courts.