DORWAY LTD, a company incorporated in England with company number 13018650 and whose registered
office address is 56 Queen Anne Street, London, England W1G 8LA (“Supplier”); and “Customer”;
each a “party” and together the ‘”parties”.
(A) The Supplier has developed certain software applications and platforms which it makes available to subscribers via the internet on a pay-per-use basis for the purpose of providing a digital business card platform.
(B) The Customer wishes to use the Supplier’s service in its business operations.
(C) The Supplier has agreed to provide and the Customer has agreed to take and pay for the Supplier’s service subject to the terms and conditions of this agreement.
IT IS AGREED:
1.1 The definitions and rules of interpretation in this clause apply in this agreement.
“Authorised Users” means those employees, agents and independent contractors of the Customer who are authorised by the Customer to use the Services and the Documentation;
“Business Day” means a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business;
“Change of Control” shall be as defined in section 1124 of the Corporation Tax Act 2010, and the expression “change of control” shall be construed accordingly OR the beneficial ownership of more than 50% of the issued share capital of a company or the legal power to direct or cause the direction of the general management of the company, and “controls“, “controlled” and the expression “change of control” shall be construed accordingly;
“Confidential Information” means information that is proprietary or confidential and is either clearly labelled as such or identified as Confidential Information in clause 10.5 or clause 10.6;
“Customer Data” means the data inputted by the Customer, Authorised Users, or the Supplier on the Customer’s behalf for the purpose of using the Services or facilitating the Customer’s use of the Services;
“Documentation” means the specification for the Services set out in Part A Schedule 3 and the specification for the Support Services set out in Part B of Schedule 3;
“Doorway(s)” means the user subscriptions purchased by the Customer pursuant to clause 8.1 and the applicable Plan which entitle Authorised Users to access and use the Services and the Documentation in accordance with this agreement;
“Effective Date” means the date of this agreement;
“Initial Subscription Term” means the initial term of this agreement as set out in clause 13.1;
“Insolvency Event” means where a person ceases or threatens to cease to carry on business, is found unable to pay its debts within the meaning of the Insolvency Act 1986 section 123, has an administrator, receiver, administrative receiver or manager appointed over the whole or any part of its assets, enters into any composition with creditors generally, or has an order made or resolution passed for it to be wound up (otherwise than in furtherance of any scheme for solvent amalgamation or solvent reconstruction) or undergoes any similar or equivalent process in any jurisdiction;
“Normal Business Hours” means 8.00 am to 6.00 pm local UK time, each Business Day;
“Plan” means the pricing plan chosen by the Customer from the options available at www.doorway.io/pricing/ and specified in Schedule 1;
“Renewal Period” means the period described in clause 13.1;
“Services” means the subscription services provided by the Supplier to the Customer under this agreement via www.doorway.io or any other website notified to the Customer by the Supplier from time to time, as more particularly described in the Documentation;
“Software” means the online software applications provided by the Supplier as part of the Services; “Subscription Fees” the subscription fees payable by the Customer to the Supplier for the
Doorways in accordance with the applicable Plan, as set out in paragraph 1 of Schedule 1;
“Subscription Term” means has the meaning given in clause 13.1 (being the Initial Subscription Term together with any subsequent Renewal Periods);
“Support Services” the support services provided by the Supplier as set out in Part B of Schedule 3 or as otherwise agreed between the parties in writing;
“Virus” means any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices; and
1.2 Clause, Schedule and paragraph headings shall not affect the interpretation of this agreement.
1.3 A person includes an individual, corporate or unincorporated body (whether or not having separate legal personality) and that person’s legal and personal representatives, successors or permitted assigns.
1.4 A reference to a company shall include any company, corporation or other body corporate, wherever and however incorporated or established.
1.5 Unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular.
1.6 Unless the context otherwise requires, a reference to one gender shall include a reference to the other genders.
1.7 A reference to a statute or statutory provision is a reference to it as it is in force as at the date of this agreement.
1.8 A reference to a statute or statutory provision shall include all subordinate legislation made as at the date of this agreement under that statute or statutory provision.
1.9 A reference to writing or written includes faxes but not email.
1.10 References to clauses and Schedules are to the clauses and schedules of this agreement; references to paragraphs are to paragraphs of the relevant schedule to this agreement.
2. Plan and user subscriptions
2.1 Subject to the Customer purchasing a Plan in accordance with clause 3.3 and clause 8.1, the restrictions set out in this clause 2 and the other terms and conditions of this agreement, the Supplier hereby grants to the Customer a non-exclusive, non-transferable right, without the right to grant sublicences, to permit the Authorised Users to use the Services and the Documentation during the Subscription Term solely for the Customer’s internal business operations.
2.2 In relation to the Authorised Users, the Customer undertakes that:
(a) the maximum number of Authorised Users that it authorises to access and use the Services and the Documentation shall not exceed the number of permitted Authorised Users it has purchased from time to time;
(b) it will not allow or suffer any Doorway to be used by more than one individual Authorised User unless it has been reassigned in its entirety to another individual Authorised User, in which case the prior Authorised User shall no longer have any right to access or use the Doorway, the Services and/or Documentation;
(c) it shall permit the Supplier or the Supplier’s designated auditor to audit the Services in order to establish the name and password of each Authorised User and the Customer’s data processing facilities to audit compliance with this agreement. Each such audit may be conducted no more than once per quarter, at the Supplier’s expense, and this right shall be exercised with reasonable prior notice, in such a manner as not to substantially interfere with the Customer’s normal conduct of business;
(d) if any of the audits referred to in clause 2.2(c) reveal that any password has been provided to any individual who is not an Authorised User, then without prejudice to the Supplier’s other rights, the Customer shall promptly disable such passwords and the Supplier shall not issue any new passwords to any such individual; and
(e) if any of the audits referred to in clause 2.2(c) reveal that the Customer has underpaid Subscription Fees to the Supplier, then without prejudice to the Supplier’s other rights, the Customer shall pay to the Supplier an amount equal to such underpayment as calculated in accordance with the prices set out in paragraph 1 of Schedule 1 within 10 Business Days of the date of the relevant audit.
2.3 The Customer shall not access, store, distribute or transmit any Viruse(s), or any material during the course of its use of the Services that:
(a) is or are unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;
(b) facilitates illegal activity;
(c) depicts sexually explicit images;
(d) promotes unlawful violence;
(e) is or are discriminatory based on race, gender, colour, religious belief, sexual orientation, disability; or
(f) is or are otherwise illegal or causes damage or injury to any person or property;
and the Supplier reserves the right, without liability or prejudice to its other rights to the Customer, to disable the Customer’s access to any material that breaches the provisions of this clause.
2.4 The Customer shall not:
(a) except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties and except to the extent expressly permitted under this agreement:
(i) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software and/or Documentation (as applicable) in any form or media or by any means; or
(ii) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software; or
(b) access all or any part of the Services and Documentation in order to build a product or service which competes, directly or indirectly, with the Services and/or the Documentation; or
(c) use the Services and/or Documentation to provide services to third parties; or
(d) subject to clause 21.1, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Documentation available to any third party except the Authorised Users, or
(e) attempt to obtain, or assist third parties in obtaining, access to the Services and/or Documentation, other than as provided under this clause 2; or
(f) introduce or permit the introduction of, any Virus into the Supplier’s network and information systems.
2.5 The Customer shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify the Supplier.
2.6 The rights provided under this clause 2 are granted to the Customer only, and shall not be considered granted to any subsidiary or holding company of the Customer.
3. Additional Doorways
3.1 Subject to clause 3.2 and clause 3.3, the Customer may, from time to time during any Subscription Term, purchase additional Doorways and the Supplier shall grant access to the Services and the Documentation to such additional Authorised Users in accordance with the provisions of this agreement.
3.2 The Supplier shall evaluate such request for additional Doorways and respond to the Customer with approval or rejection of the request (such approval not to be unreasonably withheld). Where the Supplier approves the request, the Supplier shall activate the additional Doorways within 10 days of its approval of the Customer’s request.
3.3 If the Supplier approves the Customer’s request to purchase additional Doorways, the Customer shall, within 30 days of the date of the Supplier’s invoice, pay to the Supplier the relevant fees for such additional services and/or Doorways as set out in www.doorway.io/pricing or set out and mutually agreed in writing. If such separate services and/or Doorways are purchased by the Customer part way through the Initial Subscription Term or any Renewal Period (as applicable), such fees shall be pro-rated from the date of activation by the Supplier for the remainder of the Initial Subscription Term or then current Renewal Period (as applicable).
4.1 The Supplier shall, during the Subscription Term, provide the Services and make available the Documentation to the Customer on and subject to the terms of this agreement.
4.2 The Supplier shall use commercially reasonable endeavours to make the Services available 24 hours a day, seven days a week, except for:
(a) planned maintenance carried out during the maintenance window of 10.00 pm to 2.00 am UK time; and
(b) unscheduled maintenance performed outside Normal Business Hours, provided that the Supplier has used reasonable endeavours to give the Customer at least 6 Normal Business Hours’ notice in advance.
4.3 The Supplier will, as part of the Services and at no additional cost to the Customer, provide the Customer with the Supplier’s standard customer Support Services during Normal Business Hours in accordance with the Supplier’s Support Services policy in effect at the time that the Services are provided. The Supplier may amend the Support Services policy in its sole and absolute discretion from time to time. The Customer may purchase enhanced support services separately at the Supplier’s then current rates.
5. Data protection The parties shall comply with Schedule 2 in relation to processing of any personal data under or in connection with this agreement.
6. Supplier’s obligations
6.1 The Supplier undertakes that the Services will be performed substantially in accordance with the Documentation and with reasonable skill and care.
6.2 The undertaking at clause 6.1 shall not apply to the extent of any non-conformance which is caused by use of the Services contrary to the Supplier’s instructions, or modification or alteration of the Services by any party other than the Supplier or the Supplier’s duly authorised contractors or agents. If the Services do not conform with the foregoing undertaking, Supplier will, at its expense, use all reasonable commercial endeavours to correct any such non-conformance promptly, or provide the Customer with an alternative means of accomplishing the desired performance. Such correction or substitution constitutes the Customer’s sole and exclusive remedy for any breach of the undertaking set out in clause 6.1.
6.3 The Supplier:
(a) does not warrant that:
(i) the Customer’s use of the Services will be uninterrupted or error-free;
(ii) that the Services, Documentation and/or the information obtained by the Customer through the Services will meet the Customer’s requirements; or
(iii) the Software or the Services will be free from Viruses.
(b) is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Services and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities.
6.4 This agreement shall not prevent the Supplier from entering into similar agreements with third parties, or from independently developing, using, selling or licensing documentation, products and/or services which are similar to those provided under this agreement.
6.5 The Supplier warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this agreement.
6.6 In the event of any loss or damage to Customer Data, the Customer’s sole and exclusive remedy against the Supplier shall be for the Supplier to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by the Supplier. The Supplier shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by the Supplier to perform services related to Customer Data maintenance and back-up for which it shall remain fully liable).
7. Customer’s obligations
7.1 The Customer shall:
(a) provide the Supplier with all necessary co-operation in relation to this agreement in order to provide the Services, including but not limited to Customer Data, security access information and configuration services;
(b) without affecting its other obligations under this agreement, comply with all applicable laws and regulations with respect to its activities under this agreement;
(c) carry out all other Customer responsibilities set out in this agreement in a timely and efficient manner. In the event of any delays in the Customer’s provision of such assistance as agreed by the parties, the Supplier may adjust any agreed timetable or delivery schedule as reasonably necessary;
(d) ensure that the Authorised Users use the Services and the Documentation in accordance with the terms and conditions of this agreement and shall be responsible for any Authorised User’s breach of this agreement;
(e) obtain and shall maintain all necessary licences, consents, and permissions necessary for the Supplier, its contractors and agents to perform their obligations under this agreement, including without limitation the Services;
(f) ensure that its network and systems comply with the relevant specifications provided by the Supplier from time to time; and
(g) be, to the extent permitted by law and except as otherwise expressly provided in this agreement, solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to the Supplier’s data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet.
7.2 The Customer shall own all right, title and interest in and to all of the Customer Data that is not personal data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of all such Customer Data.
8. Charges and payment
8.1 The Customer shall pay the Subscription Fees to the Supplier for the Doorways and Services in accordance with this clause 8 and Schedule 1 and the applicable Plan.
8.2 The Customer shall on the Effective Date provide to the Supplier valid, up-to-date and complete credit card details or approved purchase order information acceptable to the Supplier and any other relevant valid, up-to-date and complete contact and billing details and, if the Customer provides:
(a) its credit card details to the Supplier, the Customer hereby authorises the Supplier to bill such credit card:
(i) on the Effective Date for the Subscription Fees payable in respect of the Initial Subscription Term; and
(ii) subject to clause 13.1, on each monthly anniversary of the Effective Date for the Subscription Fees payable in respect of the next Renewal Period;
(b) its approved purchase order information to the Supplier, the Supplier shall invoice the Customer:
(i) on the Effective Date for the Subscription Fees payable in respect of the Initial Subscription Term; and
(ii) subject to clause 13.1, at least 30 days prior to each anniversary of the Effective Date for the Subscription Fees payable in respect of the next Renewal Period,and the Customer shall pay each invoice within 30 days after the date of such invoice.
8.3 If the Supplier has not received payment within 30 days after the due date, and without prejudice to any other rights and remedies of the Supplier:
(a) the Supplier may, without liability to the Customer, disable the Customer’s password, account and access to all or part of the Services and the Supplier shall be under no obligation to provide any or all of the Services while the invoice(s) concerned remain unpaid; and
(b) interest shall accrue on a daily basis on such due amounts at an annual rate equal to 3% over the then current base lending rate of the Supplier’s bankers in the UK from time to time, commencing on the due date and continuing until fully paid, whether before or after judgment.
8.4 All amounts and fees stated or referred to in this agreement:
(a) shall be payable in pounds sterling;
(b) are, subject to clause 12.3(b), non-cancellable and non-refundable;
(c) are exclusive of value added tax, which shall be added to the Supplier’s invoice(s) at the appropriate rate.
8.5 The Supplier shall be entitled to increase the Subscription Fees and the fees payable in respect of any additional Doorways purchased pursuant to clause 3.3, at the start of each Renewal Period upon 30 days’ prior notice to the Customer, and Schedule 1 shall be deemed to have been amended accordingly.
9. Proprietary rights
9.1 The Customer acknowledges and agrees that the Supplier and/or its licensors own all intellectual property rights in the Services and the Documentation. Except as expressly stated herein, this agreement does not grant the Customer any rights to, under or in, any patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the Services or the Documentation.
9.2 The Supplier confirms that it has all the rights in relation to the Services and the Documentation that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this agreement.
10.1 Each party may be given access to Confidential Information from the other party in order to perform its obligations under this agreement. A party’s Confidential Information shall not be deemed to include information that:
(a) is or becomes publicly known other than through any act or omission of the receiving party;
(b) was in the other party’s lawful possession before the disclosure;
(c) is lawfully disclosed to the receiving party by a third party without restriction on disclosure; or
(d) is independently developed by the receiving party, which independent development can be shown by written evidence.
10.2 Subject to clause 10.4, each party shall hold the other’s Confidential Information in confidence and not make the other’s Confidential Information available to any third party, or use the other’s Confidential Information for any purpose other than the implementation of this agreement.
10.3 Each party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this agreement.
10.4 A party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction, provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of such disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this clause 10.4, it takes into account the reasonable requests of the other party in relation to the content of such disclosure.
10.5 The Customer acknowledges that details of the Services, and the results of any performance tests of the Services, constitute the Supplier’s Confidential Information.
10.6 The Supplier acknowledges that the Customer Data is the Confidential Information of the Customer.
10.7 No party shall make, or permit any person to make, any public announcement concerning this agreement without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including, without limitation, any relevant securities exchange), any court or other authority of competent jurisdiction.
10.8 The above provisions of this clause 10 shall survive termination of this agreement, however arising.
11.1 The Customer shall defend, indemnify and hold harmless the Supplier against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer’s use of the Services and/or Documentation, provided that:
(a) the Customer is given prompt notice of any such claim;
(b) the Supplier provides reasonable co-operation to the Customer in the defence and settlement of such claim, at the Customer’s expense; and
(c) the Customer is given sole authority to defend or settle the claim.
11.2 The Supplier shall defend the Customer, its officers, directors and employees against any claim that the Customer’s use of the Services or Documentation in accordance with this agreement infringes any United Kingdom patent effective as of the Effective Date, copyright, trade mark, database right or right of confidentiality, and shall indemnify the Customer for any amounts awarded against the Customer in judgment or settlement of such claims, provided that:
(a) the Supplier is given prompt notice of any such claim;
(b) the Customer does not make any admission, or otherwise attempt to compromise or settle the claim and provides reasonable co-operation to the Supplier in the defence and settlement of such claim, at the Supplier’s expense; and
(c) the Supplier is given sole authority to defend or settle the claim.
11.3 In the defence or settlement of any claim, the Supplier may procure the right for the Customer to continue using the Services, replace or modify the Services so that they become non-infringing or, if such remedies are not reasonably available, terminate this agreement on 5 Business Days’ notice to the Customer without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.
11.4 In no event shall the Supplier, its employees, agents and sub-contractors be liable to the Customer to the extent that the alleged infringement is based on:
(a) a modification of the Services or Documentation by anyone other than the Supplier; or
(b) the Customer’s use of the Services or Documentation in a manner contrary to the instructions given to the Customer by the Supplier; or
(c) the Customer’s use of the Services or Documentation after notice of the alleged or actual infringement from the Supplier or any appropriate authority.
11.5 The foregoing and clause 12.3(b) states the Customer’s sole and exclusive rights and remedies, and the Supplier’s (including the Supplier’s employees’, agents’ and sub-contractors’) entire obligations and liability, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.
12. Limitation of liability
12.1 Except as expressly and specifically provided in this agreement:
(a) the Customer assumes sole responsibility for results obtained from the use of the Services and the Documentation by the Customer, and for conclusions drawn from such use. The Supplier shall have no liability for any damage caused by errors or omissions in any information, instructions or scripts provided to the Supplier by the Customer in connection with the Services, or any actions taken by the Supplier at the Customer’s direction;
(b) all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this agreement; and
(c) the Services and the Documentation are provided to the Customer on an “as is” basis.
12.2 Nothing in this agreement excludes the liability of the Supplier:
(a) for death or personal injury caused by the Supplier’s negligence; or
(b) for fraud or fraudulent misrepresentation.
12.3 Subject to clause 12.1 and clause 12.2:
(a) the Supplier shall not be liable whether in tort (including for negligence or breach of statutory duty), contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under this agreement; and
(b) the Supplier’s total aggregate liability in contract (including in respect of the indemnity at clause 11.2), tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of this agreement shall be limited to the total Subscription Fees paid for the Plan and Doorways during the 12 months immediately preceding the date on which the claim arose.
12.4 Nothing in this agreement excludes the liability of the Customer for any breach, infringement or misappropriation of the Supplier’s intellectual property rights in the Services and Documentation.
13. Term and termination
13.1 This agreement shall, unless otherwise terminated as provided in this clause 13, commence on the Effective Date and shall continue for 1 month (“Initial Subscription Term“) and, thereafter, this agreement shall be automatically renewed for successive periods of 1 month (each a “Renewal Period“), unless:
(a) either party notifies the other party of termination, in writing, at least 30 days before the end of any Renewal Period, in which case this agreement shall terminate upon the expiry of the applicable Renewal Period; or
(b) otherwise terminated in accordance with the provisions of this agreement;
and the Initial Subscription Term together with any subsequent Renewal Periods shall constitute
the “Subscription Term“.
13.2 Without affecting any other right or remedy available to it, either party may terminate this agreement with immediate effect by giving written notice to the other party if:
(a) the other party fails to pay any amount due under this agreement on the due date for payment and remains in default not less than 30 days after being notified in writing to make such payment;
(b) the other party commits a material breach of any other term of this agreement and (if such breach is remediable) fails to remedy that breach within a period of 30 days after being notified in writing to do so;
(c) the other party undergoes an Insolvency Event.
13.3 On termination of this agreement for any reason:
(a) all licences granted under this agreement shall immediately terminate and the Customer shall immediately cease all use of the Services and/or the Documentation;
(b) each party shall return and make no further use of any equipment, property, Documentation and other items (and all copies of them) belonging to the other party;
(c) the Supplier may destroy or otherwise dispose of any of the Customer Data in its possession unless the Supplier receives, no later than ten days after the effective date of the termination of this agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. The Supplier shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by the Supplier in returning or disposing of Customer Data; and
(d) any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the agreement which existed at or before the date of termination shall not be affected or prejudiced.
14. Force majeure
The Supplier shall have no liability to the Customer under this agreement if it is prevented from or delayed in performing its obligations under this agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, including, without limitation, strikes, lock-outs or other industrial disputes (whether involving the workforce of the Supplier or any other party), failure of a utility service or transport or telecommunications network, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant or machinery, fire, flood, storm, epidemic, pandemic (including the Covid-19 pandemic and any resulting governmental restrictions imposed) or default of suppliers or sub-contractors, provided that the Customer is notified of such an event and its expected duration.
15.1 Subject to clause 15.2, if there is an inconsistency between any of the provisions in the main body of this agreement and the Schedules, the provisions in the main body of this agreement shall prevail.
15.2 Schedule 2 (including Annex A and Annex B) is without prejudice to the rights and obligations of the parties under the main body of this agreement which shall continue to have full force and effect. In the event of any conflict between the terms of Schedule 2 and the provisions in the main body of this agreement, the terms of Schedule 2 shall prevail so far as the subject matter concerns the processing of personal data.
- Variation No variation of this agreement shall be effective unless it is in writing and signed by the parties (or their authorised representatives).
- Waiver No failure or delay by a party to exercise any right or remedy provided under this agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.
- Rights and remedies Except as expressly provided in this agreement, the rights and remedies provided under this agreement are in addition to, and not exclusive of, any rights or remedies provided by law.
19.1 If any provision or part-provision of this agreement is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of this agreement.
19.2 If any provision or part-provision of this agreement is deemed deleted under clause 19.1 the parties shall negotiate in good faith to agree a replacement provision that, to the greatest extent possible, achieves the intended commercial result of the original provision.
20. Entire agreement
20.1 This agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.
20.2 Each party acknowledges that in entering into this agreement it does not rely on any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in this agreement.
20.3 Each party agrees that it shall have no claim for innocent or negligent misrepresentation or negligent misstatement based on any statement in this agreement.
20.4 Nothing in this clause shall limit or exclude any liability for fraud.
21.1 The Customer shall not, without the prior written consent of the Supplier, assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this agreement.
21.2 The Supplier may at any time assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under this agreement.
- No partnership or agency Nothing in this agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
- Third party rights This agreement does not confer any rights on any person or party (other than the parties to this agreement and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999.
- Counterparts This agreement may be executed in any number of counterparts, each of which shall constitute a duplicate original, but all the counterparts shall together constitute the one agreement.
25.1 Any notice required to be given under this agreement shall be in writing and shall be delivered by hand or sent by pre-paid first-class post or recorded delivery post to the other party at its address set out in this agreement, or such other address as may have been notified by that party for such purposes, or sent by fax to the other party’s fax number as set out in this agreement.
25.2 A notice delivered by hand shall be deemed to have been received when delivered (or if delivery is not in business hours, at 9 am on the first business day following delivery). A correctly addressed notice sent by pre-paid first-class post or recorded delivery post shall be deemed to have been received at the time at which it would have been delivered in the normal course of post. A notice sent by fax shall be deemed to have been received at the time of transmission (as shown by the timed printout obtained by the sender).
26. Governing law
This agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.
Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this agreement or its subject matter or formation (including non-contractual disputes or claims).
1. Subscription Fees
The Subscription Fees shall amount to the price payable to the Customer’s selected Doorway Service Plan, excluding VAT, paid on a monthly basis.
I. INTRODUCTION Definitions
1.1 In this Schedule, the following terms shall have the following meanings:
(a) “Adequate Country” means a country or territory recognised as providing an adequate level of protection for personal data transfers under an adequacy decision or regulations made from time to time by (as applicable) (i) the European Commission under the EU GDPR or ii) the UK Secretary of State under UK GDPR;
(b) “Anonymized Data” means personal data that has been processed in such a manner that it can no longer be attributed to an identified or identifiable natural person;
(c) “Applicable Data Protection Law” means all worldwide data protection and privacy laws and regulations applicable to the processing of personal data under the agreement,including (where applicable) EU Data Protection Law and UK Data Protection Law;
(d) “controller“, “processor“, “data subject“, “personal data“, “processing” (and “process“) and “special categories of personal data” shall have the meanings given in Applicable Data Protection Law;
(e) “EEA” means the European Economic Area;
(f) “EU Data Protection Law” means:
(i) all EU regulations or other legislation applicable (in whole or in part) to the processing of personal data (such as Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (the “GDPR”));
(ii) the national laws of each EEA member state implementing any EU directive applicable (in whole or in part) to the processing of personal data (such as Directive 2002/58/EC); and
(iii) any other national laws of each EEA member state applicable (in whole or in part) to the processing of personal data,as amended or superseded from time to time;
(g) “EU Standard Contractual Clauses” means the European Commission’s implementing decision 2021/914/EU of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to the GDPR and currently available at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=en;
(h) “UK Standard Contractual Clauses” means the UK International Data Transfer Agreement dated 21 March 2022 issued under s119A(1) of the Data Protection Act 2018
and currently available at https://ico.org.uk/media/for- organisations/documents/4019538/international-data-transfer-agreement.pdf.
(i) “UK Addendum” means the template Addenum B.1.0. dated 21 March 2022 issued under s119A(1) of the Data Protection Act 2018 and currently available at https://ico.org.uk/media/for-organisations/documents/4019539/international-data- transfer-addendum.pdf.
(j) “UK Data Protection Law” means:
(i) the GDPR as it forms part of UK law by virtue of section 3 of the European Union (Withdrawal) Act 2018 (the “UK GDPR”);
(ii) the Data Protection Act 2018;
(iii) the Privacy and Electronic Communications (EC Directive) Regulations 2003 as they continue to have effect by virtue of section 2 of the European Union (Withdrawal) Act 2018; and
(iv) any other laws in force in the UK from time to time applicable (in whole or in part) to the processing of personal data,
as amended or superseded from time to time.
II. Controller and Processor
2. Relationship of the parties
2.1 The Customer (the controller) appoints the Supplier as a processor to process the personal data described in Annex A to this Schedule for the purposes described in Annex A to this Schedule (the “Permitted Purpose“).
2.2 The Customer acknowledges that as the Supplier (or Authorised Users) use the Services, the Supplier (as controller) may i) process Customer account data to manage the relationship with the Customer (including for accounting and taxation purposes and ii) , create and derive from processing under the Agreement, Anonymized Data for the purpose of product improvement and development purposes. Supplier may use and disclose Anonymized Data in any manner it deems useful, provided that any disclosure of Anonymized Data is done in a manner that does not permit the identification of Customer in relation to such Anonymized Data.
2.3 Each party shall comply (and will procure that any of its personnel comply and use commercially reasonable efforts to procure that its subprocessors comply) with the obligations that apply to it under Applicable Data Protection Law. As between the parties, the Customer shall have sole responsibility for the accuracy, quality and legality of personal data and the means by which Customer acquired personal data.
III. Supplier processor obligations
3. Customer Instructions
3.1 With respect to personal data Supplier shall only process personal data (i) in accordance with this and Schedule; and (ii) Customer’s written instructions. If the Supplier becomes aware that any Customer instruction infringes Applicable Data Protection Law, it shall promptly inform the Customer.
3.2 In the unlikely event that applicable law requires Supplier to process personal data other than pursuant to Customer’s instructions, Supplier will notify Customer (unless prohibited from so doing by applicable law
4.1 The Supplier shall:
4.1.1 implement and maintain appropriate technical and organisational measures to protect the personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the personal data (a “Security Incident“). Such measures shall have regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons and shall include without limitation the security measures set out at . https://www.doorway.io/security/;and
4.1.2 where required by applicable Data Protection Law, provide other such reasonable cooperation and assistance to the Customer (at Customers expense) with respect to Customer’s obligations with respect to the security of processing.
5.1 Supplier shall take reasonable steps to ensure that any person that it authorises to process the personal data (including Supplier’s staff, agents and subcontractors) (an “Authorised Person”) shall be subject to a strict duty of confidentiality (whether a contractual duty or a statutory duty), and shall not permit any person to process the personal data who is not under such a duty of confidentiality. Supplier shall ensure that all Authorised Persons process the personal data only as necessary for the Permitted Purpose.
6. International transfers
6.1 The Supplier shall not transfer the personal data (nor permit the personal data to be transferred) outside of EEA and/or the UK unless it takes such measures as are necessary to ensure the transfer is in compliance with Applicable Data Protection Law. Such measures may include (without limitation) transferring the personal data to a recipient an Adequate Country, to a recipient that has achieved binding corporate rules authorisation in accordance with Applicable Data Protection Law, or to a recipient that has executed (i) EU Standard Contractual Clauses, adopted or approved by the European Commission; or (ii) for transfers from the UK, UK Standard Contractual Clauses or the UK Addendum to the EU Standard Contractual Clauses approved by the Secretary of State ).and as applicable, transferring the personal data subject any reasonably appropriate supplementary safeguards in support of the above..
7.1 The Customer consents to the Supplier engaging the third party subprocessors listed in Annex B and any other subprocessors the Supplier may instruct to process the personal data for the Permitted Purpose provided that: (i) the Supplier shall update the Customer with details of any change in subprocessors at least 10 days’ prior to any such change; (ii) the Supplier imposes data protection terms on any subprocessor it appoints that require it to protect the personal data to the standard required by Applicable Data Protection Law; and (iii) the Supplier remains liable for any breach of this Clause that is caused by an act, error or omission of its subprocessor. The Customer may object to the Supplier’s appointment or replacement of a subprocessor prior to its appointment or replacement, provided such objection is based on reasonable grounds relating to data protection. In such event, the Supplier will either not appoint or replace the subprocessor or, if this is not possible the Customer may suspend or terminate this Agreement (without prejudice to any fees incurred by the Customer prior to suspension or termination).
8. Cooperation and data subjects’ rights
8.1 The Supplier shall provide reasonable and timely assistance to the Customer (at the Customer’s expense) to enable the Customer to respond to: (i) any request from a data subject to exercise any of its rights under Applicable Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable); and (ii) any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the personal data. In the event that any such request, correspondence, enquiry or complaint is made directly to the Supplier, the Supplier shall promptly inform the Customer providing full details of the same.
9. Data Protection Impact Assessment
9.1 The Supplier shall provide reasonable cooperation to the Customer (at the Customer’s expense) in connection with any data protection impact assessment or prior consultation with a regulatory authority that may be required under Applicable Data Protection Law for any data protection impact assessment conducted under this paragraph 9.
10. Return and Deletion
10.1 The Supplier shall unless otherwise required to comply with applicable law, delete or return to the Customer all personal data (including copies thereof) for which Supplier is the processor and that is processed pursuant to this DPA in accordance with the procedures and timeframes specified at clause 13.3 of the Agreement.
11. Security incidents
11.1 If it becomes aware of a confirmed Security Incident, the Supplier shall:
11.1.1 inform the Customer without undue delay and shall provide reasonable information and cooperation to the Customer so that the Customer can fulfil any data breach reporting obligations it may have under (and in accordance with the timescales required by) Applicable Data Protection Law;
11.1.2 take any such reasonably necessary measures and actions to remedy or mitigate the effects of the Security Incident and shall keep the Customer informed of all material developments in connection with the Security Incident; and
11.1.3 not make any public announcement about a Security Incident that explicitly names the Customer without the prior written consent from the Customer unless required to make a disclosure or announcement by applicable law.
12. Audit and records
12.1 The Customer acknowledges that the Supplier is regularly audited by independent third party auditors. Upon request, the Supplier shall supply a summary copy of its audit report(s) to the Customer, and /or make available to the Customer (at Customer’s expense) such other information in Supplier’s possession or control as the Customer may reasonably request with a view to demonstrating Supplier’s compliance with the obligations of processors under Applicable Data Protection Law in relation to its processing of personal data under this Schedule which shall be subject to the confidentiality provisions of this Agreement.
IV. Other information that we collect
12.2 The Customer acknowledges that, in using the Services, the Supplier may collect certain information automatically from an Authorised User’s device. This information may be considered personal data under Applicable Data Protection Law.
12.3 Specifically, the information the Supplier collects automatically may include information like an Authorised User’s IP address, device type, unique device identification numbers, other internal identifiers (integers), browser-type, broad geographic location (e.g. country or city-level location) and other technical information. The Supplier may also collect information about how an Authorised User’s device has interacted with the Services.
12.4 The Customer acknowledges that collecting this information enables the Supplier to better understand the users of the Services, where they come from, and what content or functionality in the Services is of interest to them. The Supplier uses this information for its internal analytics purposes and to improve the quality and relevance of the Services to its users.
Schedule 3 – Documentation
Doorway provides digital business cards and business analytics services for companies, conference organizers, and social users. Our operations include the development and maintenance of our virtual business cards (“Doorway cards”) held in digital wallets for iOS and Android users, development and maintenance of Doorway cards’ associated features as well as the development and maintenance of our website and web app (“doorway.io”).
Paying users (“our customers”) are able to modify their Doorway cards, their company branding, and their registry of designated employees. We provide a variety of features via subscription for Doorway cards, and we constantly work to improve our pipeline and service offering to our customers. Free users (“social users”) are able to generate and use Doorway cards with no customized branding nor web-based analytics features.
Our customers select one of four service tiers (“Plan”) based on the needs of their business, and their corresponding subscription fee is determined via the Plan selected. Our customers are able to amend the Plan they subscribe for at any time, and their subscription fee is updated according to any amendments made. As at the date of this agreement, Doorway offers the following four Plan: Starter, Professional, Business and Enterprise. The respective services for each Plan are as follows:
(a) Starter: The Starter Plan provides up to 400 Doorways per user account (“authorized user limit”). The user account grants one administrator who is responsible for the design of the user account’s Doorway and subsequent distribution of account Doorways to designated employees (“authorized users”). The administrator can update the account’s Doorway design at any time and can add and remove authorized users from the account within the authorized user limit. The administrator is responsible for payment of the account’s Subscription Fees. The administrator does not have the ability to control authorized users’ Doorway details; authorized users have the unique ability to control the details their respective Doorways share.
(b) Professional: The Professional Plan provides up to 400 Doorways per user account. The user account grants one administrator who is responsible for the design of the account’s Doorway and subsequent distribution of account Doorways to authorized users. The administrator can update the user account’s Doorway design at any time, can add and remove authorized users from the account within the authorized user limit, and can manage the details shared by authorized users’ Doorways. The administrator has access to bulk management features, wherein they can create Doorways via .csv upload, as detailed at https://app.doorway.io/cardholders/import. The Professional Plan includes Doorway and/or its affiliated partners planting 20 trees per month on behalf of the user account (“account forest”). The administrator has access to data provided by Doorway and/or our affiliated partners, which includes tracking of the location, species and generated CO2 offset of their account forest, with metrics updated on a monthly basis. The administrator is responsible for payment of the account’s Subscription Fees.
(c) Business:TheBusinessPlanprovidesupto400Doorwaysperuseraccount.Theuser account has the ability to grant one or more account administrator(s) (“multiple admins”). Each account administrator can update the user account’s Doorway design at any time, can add and remove authorized users from the account within the authorized user limit, and can manage the details shared by authorized users’ Doorways. Authorized users are able to control the details shared by their individual Doorways based on admin granted permissions. The administrator has access to bulk management features, wherein they can create Doorways via .csv upload, as detailed at https://app.doorway.io/cardholders/import. User accounts include optional profile pictures, to be uploaded by either authorized users or account administrators, depending on the administrator(s)’ granted permission. The account administrator(s) have access to scan analytics of authorized user Doorways. The Professional Plan includes Doorway and/or its affiliated partners planting 50 trees per month on behalf of the user account (“account forest”). The administrator has access to data provided by Doorway and/or our affiliated partners, which includes tracking of the location, species and generated CO2 offset of their account forest, with metrics updated on a monthly basis. The administrator(s) is responsible for payment of the account’s subscription fees.
(d) Enterprise: The Enterprise Plan provides a bespoke set of user subscription services and number of authorized users for each user account. Customers who exceed the authorized user limit are automatically placed into the Enterprise service tier. User subscription services include all services detailed in the Business service tier, as well as optionality to include departmental billing, priority customer service, and integrations with single-sign-on or human resource management platforms. The number of trees planted each month for the customer’s account forest is also determined on a bespoke basis, determined in part by the number of authorized users within the respective user account.
More details on the Plans available to Doorway customers are available at www.doorway.io/pricing.
Part B: Support Services
Per the information on our website, www.doorway.io, we provide regular support to our paying customers and can be reached via phone or email.
Subject matter of processing
Supplier’s provision of the Services to Customer, including the use of Supplier’s software for the development and maintenance of virtual business cards
Nature and purpose of processing
The collection, analysis (including improving Suppliers software and Services) storage, duplication, deletion and disclosure of personal data as necessary to provide the Services, and as may be further instructed by Customer in writing
The categories of data subject whose personal data that may be Processed in order to provide the Services may include the Customer’s representatives and Authorised Users.
Categories of personal data
The categories of personal data that may be Processed in order to provide the Services includes the first names, surnames and email addresses of the Customer’s representatives and Authorised Users.
Special categories of data (if appropriate)
Supplier may process the personal data as necessary to perform the Services including hosting and storage; service change management; issue resolution; IT security purposes including incident management; maintenance and performance of technical support systems and IT infrastructure; and implementation, configuration and performance testing.
Duration of the processing
Supplier will process the personal data for the duration of this agreement, or until such data is no longer necessary for the purposes of either party performing its obligations under this agreement (to the extent applicable), unless otherwise agreed between the parties in writing.
Approved Subprocessors Name
|Amazon Web Services, Inc.||Cloud service provider||United States & EU|
|Heroku, Inc.||Cloud service provider||United States & EU|
|Salesforce.com, Inc.||Cloud service provider||United States & EU|
|SendGrid, Inc.||Cloud-based notification services||United States|
|Twilio Inc||Cloud-based notification services||United States|
|Stripe, Inc.||Subscription data and payment information||United States & EU|
|Cloudflare, Inc.||Content delivery provider||United States|
|Hubspot, Inc.||Customer relationship manager software||United States|
|Alphabet, Inc.||Software service provider||United States & EU|