Terms & Conditions

ISMS Online Customer License Agreement  (ver1.2 commercial in confidence)

This agreement (“Agreement”) is made as of the service commencement date on the order form (the “Effective Date”) by and between Alliantist Limited, a company registered in England and Wales (company number: 4922343) whose registered office is at Cornelius House 178-180 Church Road Hove BN3 2DJ (“Alliantist“) and the customer specified on the order form  (“Customer”) located at the address listed on the same form.

“ISMS Online” is powerful cloud software owned and operated by Alliantist and available in various platform options, including white labelling to reflect the Customer brand.  The platform option depends on the business purpose of the customer (“the Purpose”) and is specified on the order form along with any extra services.  ISMS Online is accessible by Registered Users as licensed by Alliantist. Customer desires to license ISMS Online and to have the right to authorise Customer Users and Partner Users (as defined hereinafter) to access the platform for Customer led business activities that benefit its organisation (“the Purpose”) subject to the terms and conditions of this Agreement.

1.    Definitions

a)     Customer Organisation: the ISMS Online organisation account to which Customer’s employees and representative Registered Users are associated.

b)     Customer Users: Registered Users who are employees of the Customer or generally operating in a capacity as representatives for the Customer and who have accepted the User Registration Terms.  Each Customer User will have their own unique login email address and password.

c)     Partner Organisation:  an organisation that the Customer wishes to collaborate with for the Purpose (e.g. a supplier or customer).  Partners will accept the Partner Registration Agreement unless its organisation is already a Customer with its own agreement to access ISMS Online already in place.

d)     Partner Users: Registered Users who are employees or representatives of a Partner and require access to ISMS Online.  Partner Users are associated with a Partner organisation and may only use the platform for the Purpose.  Partner Users have limited access to ISMS Online and have accepted the User Registration Terms.  Each Partner User will have its own unique login and password.

e)     Registered User: either a Customer User or Partner User registered in ISMS Online.

f)      Documentation: user guides and online tours for ISMS Online in electronic or printable form made available in the ‘help’ section of ISMS Online and updated from time to time.

g)     Order Form: the schedule that sets out the fees, number and type of Registered Users, the duration and start date for access to ISMS Online by the Customer along with the relevant features, initiative types and tools or solutions being provisioned as well as the information security platform selected.

h)     Customer Organisation Data:  all content entered into ISMS Online by Customer Users.

i)       Partner Organisation Data: all content entered into ISMS Online by Partner Users.

j)       User Registration Terms: the terms of registration set out by Alliantist for all users of ISMS Online.

k)     Partner Registration Agreement: the terms of registration set out by Alliantist for all Partner organisations using ISMS Online.

l)       Personal Data: shall have the meaning as provided in the Data Protection Act 1998.

m)   ISMS Online Policies:  Any policies provided by Alliantist to help Customer with easier Adoption or Adaption, in the form of written content presented in the ISMS Online system such as risk management methodologies, security incident policies etc (not the ISMS Online technology or any of the tools used to execute the policies).

2.    Licensing and IPR

a)     Subject to the terms of this Agreement, Alliantist grants, and Customer accepts, a non-exclusive, non-transferable, revocable, license,without the right to grant sublicenses, except to Partner Organisations subject to the order form scope, to use ISMS Online for the Purpose.

b)     Customer shall display and retain Alliantist’s and/or its suppliers’ copyright, trademarks, proprietary, or confidentiality statement or legends and other notices in ISMS Online however it is used.

c)     Customer acknowledges that Alliantist retains all right, title and interest in and to the original, and any copies, of ISMS Online, ISMS Online Policies and the Documentation, and ownership of all patent, copyright, trade secret, trademarks and other intellectual property rights (whether registered or not) pertaining thereto, shall be and remain the sole property of Alliantist.

d)     Notwithstanding that Customer may contribute to the cost of or participate in the making of derivative works, translations, customised versions, updates, error corrections, enhancements, modifications, or other versions of ISMS Online, Customer shall not be an owner of any copies or translations or versions of, nor have any interest in, ISMS Online, ISMS Online Policies or its Documentation, but rather, is licensed, pursuant to and subject to the limitations in this Agreement, to use such copies for the purpose stated in this Agreement.

e)     Without limiting the generality of the foregoing, Customer receives no rights and agrees that it will not itself, or through any parent, subsidiary, affiliate, agent or other third party (i) decompile, disassemble, reverse engineer or attempt to reconstruct, identify or discover any source code, underlying ideas, underlying user interface techniques, processes or algorithms of ISMS Online, ISMS Online Policies or any portion thereof, or otherwise derive its source code; (ii) modify, port, translate, localise or create derivative works of ISMS Online; (iii) sell, lease, license, sublicense, copy, market or distribute ISMS Online, other than to Partners as set out in this Agreement; (iv) encumber or suffer to exist any lien or security interest on ISMS Online; (v) disclose the results of any performance tests or qualitative analysis on ISMS Online to any third party without the prior written consent of Alliantist; and (vi) use a total number of Registered Users in excess of those agreed by their type in the Order Form.

f)      Each Registered User accepts the User Registration Terms.

g)     Each Partner Organisation accepts the ‘click through’ Partner Registration Agreement unless they already have a Customer Account with Alliantist.

h)     The Customer retains all right, title and interest to all Customer Organisation Data.

i)       Customer must not knowingly transmit any worms or viruses or any code of a destructive nature.

j)       Customer shall notify Alliantist immediately of any unauthorised use of its Registered Users accesses, or any other breach of security. Alliantist will not be liable for any loss or damage arising from Customer’s failure to comply with these requirements.

3.    Billing and Payment

a)     Fees for Customer license to ISMS Online, ISMS Online Policies and any other services are set out in the Order Form and include all maintenance and support fees for the Term.  These fees include automatic access to relevant ISMS Online releases and platform upgrades for the functionality in scope on the order form.

b)     Unless otherwise stated on the order form fees are payable annually in advance, with payment due on the date of the invoice.

c)     Additional users can be added at any time subject to the relevant fee payment as set out in the Order Form, with Registered User numbers being reviewed quarterly and paid pro rata for the remainder of the year to align with the annual payment.

d)     All fees assume a fair and acceptable use of ISMS Online.  In the event that the use of ISMS Online by the Customer exceeds fair and acceptable use Alliantist will alert Customer to the issues in writing and give the Customer the opportunity of easing use or paying for the extra service requirements that the Customer requires.

e)     All fees exclude VAT and other government taxes.

4.    Warranties, Indemnities and Liability

a)     Alliantist warrants that ISMS Online shall perform substantially in accordance with the specifications set out in the Documentation during the period of this Agreement.

b)     Customer hereby acknowledges and agrees that Alliantist (including officers, associates, agents and directors of Alliantist) has not made or granted any express warranties concerning ISMS Online except for the warranty in section 4(a) above.  Customer is not authorised to (and shall not) create any warranty obligations on behalf of Alliantist with its Partners or Partner Users.

c)     Except with respect to Alliantist’s express obligations under this Agreement to confidentiality, to the maximum extent permitted by applicable law, Alliantist shall have no liability whatsoever to anyone for any claim, loss or damage of any kind whatsoever in relation to any Customer Data or any use to which it is put.

d)     The warranties set forth in section 4(a) above are limited to ISMS Online and do not apply to any third party software or technology.  Excepting the warranty set forth in section 4(a), Alliantist hereby disclaims and Customer hereby waives all warranties, express or implied, including but not limited to all implied warranties of fitness for a particular purpose (even where disclosed by the Customer), all implied warranties of merchantability and all implied warranties arising by usage of trade, course of dealing or course of performance.  Any ISMS Online Policies, Documentation or data provided by Alliantist is provided “AS IS” without warranty of any kind.  Alliantist does not guarantee or warrant the accuracy, completeness or usefulness of the data, nor the merchantability or fitness for any particular purpose.  Alliantist does not make any warranty and Customer hereby waives any and all warranties as to the results obtained from ISMS Online or as to the accuracy or reliability of the data.  Alliantist shall not be liable under any circumstances for harm or damages resulting from or arising out of Customer’s inability to use ISMS Online or to access ISMS Online.

e)     Customer hereby acknowledges and agrees that access to ISMS Online may be affected by local network telecommunications activity; government networks, electronic mail failure, capacity and compatibility with third party communication equipment, communication software, web browsers and internet (or intranet) enabled software.  Alliantist hereby disclaims and Customer hereby waives any and all Alliantist responsibility for any failures in connection with local market network telecommunication activity, government networks, electronic mail failure, capacity and compatibility with third party communication equipment, communication software, web browsers and internet (or intranet) enabled software.

f)      Alliantist shall not be liable for any failure to perform its obligations under this Agreement because of circumstances beyond its control which such circumstances shall include (without limitation) natural disaster, terrorism, labour disputes, war, declarations of governments, transportation delays, telecommunications failure and misuse of ISMS Online or Documentation by Customer.

g)     Customer agrees to hold harmless and indemnify Alliantist, and its subsidiaries, affiliates, officers, agents, and employees and other ISMS Online licensees from and against any third-party claim arising from or in any way related to Customer’s use of ISMS Online, including any liability or expense arising from all claims, losses, damages (actual and consequential), suits, judgments, litigation costs and attorneys’ fees, of every kind and nature. In such a case, Alliantist will provide Customer with written notice of such claim, suit or action.

h)     Nothing in this Agreement limits either party’s liability in the case of death or personal injury caused by the other party’s negligence.

i)       Except as set forth above, in the event that Alliantist fails to provide support and maintenance services set out in the schedule, Alliantist’s only liability and Customer’s sole remedy for such failure shall be either (a) for Alliantist to use commercially reasonable efforts to correct such failure through further services up to the value of the outstanding fees paid under this Agreement, or (b) at its discretion refund any prepaid but unutilised fees paid by the Customer.

5.     Term and Termination

a)     This Agreement shall last for the minimum term of one year or as set out in the Order Form.

b)     Unless expressly set out in the Order Form, renegotiated or terminated by either party at least 30 days before the renewal date:

I.         For ease the agreement shall automatically renew for additional one-year periods

II.         ISMS Online fees shall be subject to increases at renewal in line with RPI (Retail Price Index)

c)     Either party may terminate this Agreement and any Order Form immediately upon written notice if the other: (i) commits a material breach of the Agreement and which (in the case of a breach capable of remedy) shall not have been remedied within 30 days of a written request to remedy the same.  A material breach includes a failure by Customer to make payment in accordance with this Agreement; or (ii) the other party has a liquidator, receiver, administrator or administrative receiver appointed in respect of the whole or any part of its undertaking or assets; or (iii) the other party ceases or threatens to cease to carry on business.

6.    Consequences of Termination

a)   On termination for any reason:

i.     save for  6v. all rights granted to the Customer under this Agreement including without limitation the license to use ISMS Online shall cease;

ii.     the Customer shall cease all activities authorised by this Agreement;

iii.     the Customer shall immediately pay to Alliantist any sums due to Alliantist under this Agreement, except where any sum of money shall be recoverable from or         payable by Alliantist, the Customer may deduct same from any sum then due to Alliantist under this Agreement.

iv.     Customers can remove their data from ISMS Online at no cost at any time.  At Customer’s request, Alliantist will work with Customer in a professional capacity to manage Customer’s exit from ISMS Online, including making available copies of Customer Organisation Data, provided that Customer will pay reasonable fees to Alliantist for providing any such termination support service, such fees to be mutually agreed in writing prior to termination support work commencing.

v. Assuming payment of at least one year’s fees, or by separately purchasing any ISMS Online Policies from Alliantist as specified on the order form, Customer shall be able to continue using such ISMS Online Policies on an ongoing basis purely for their own Purpose.  Under no circumstances should the ISMS Online Policies be shared with others even after termination of this Agreement.

7.    Confidentiality

a)     ISMS Online, ISMS Online Policies and the Documentation are proprietary to Alliantist and contain valuable trade secrets. The Customer shall at all times keep the software, policies, Documentation, technical or commercial information, inventions or processes and any and all information concerning Alliantist’s business or products and which have been disclosed to the Customer by Alliantist and which are of a confidential nature in strict confidence and shall not permit the same to be used, copied, disclosed or disposed of except in accordance with this Agreement.

b)     The terms of this Agreement are confidential and may not be disclosed by either party without the prior written consent of the other party.

c)     The receiving party may disclose information of a confidential nature to such of its employees as need to know the same for the purpose of discharging the receiving party’s obligations under this Agreement and shall ensure that such employees are subject to obligations of confidentiality corresponding to those set out in this Agreement.

d)     The provisions of this section 7 shall: (i)          not apply to information which is already public knowledge or becomes so at a future date (other than by breach of this Agreement);  (ii) not apply to information which is known without restriction to the receiving party at the time of disclosure without breach of any obligation of confidentiality; (iii) not apply to information which is shown to the reasonable satisfaction of the originating party to have been generated independently by the receiving party; (iv) remain in full force and effect notwithstanding termination of this Agreement for any reason.

8.    Personal Data and Data Protection

a)     It is Alliantist’s policy to respect the privacy of its Customers, Partner Organisations and their Registered Users. Alliantist’s privacy policy regarding ISMS Online is available from the relevant platform footer area and is subject only to Alliantist’s obligation to comply with applicable laws and lawful government requests, to operate its business properly, and to protect its users or itself.

b)     All information uploaded to ISMS Online will be stored in servers managed by Alliantist’s approved third party provider.

c)     Registered Users shall only enter Personal Data to ISMS Online in accordance with the Documentation.

d)     Unless otherwise agreed in any separate Information Sharing Agreement between the Customer and Partner Organisations, Customer shall be deemed to be the Data Controller for the purposes of the Personal and other Data uploaded to ISMS Online by Customer Users, and the Partner Organisation is assumed to be the Data Controller for Personal and other Data uploaded to ISMS Online by Partner Users.

e)     In the event of an issue in the ownership or release of Data for example in a Freedom of Information Request, or User activity investigation conducted by a Customer, where the data is used in a collaborative initiative between Customers and Partner Organisations, Alliantist will work with the collaborators as required to facilitate access to the relevant data controllers and once agreed between the respective controllers, provide information as requested, including but not limited to relevant audit logs and other systems administration data. Any information requests sent direct to Alliantist by external parties will be redirected back to originating party and alerted to the Customer.  No information will be shared with any other party without that Customer first approving it in writing.  The Customer will be responsible for passing on its information and dealing with the enquiry as well as any costs arising from it.

f)      Registered Users are responsible for maintaining the confidentiality and security of their password and login details.

g)     ISMS Online may contain links to other third party web sites. Alliantist is not responsible for the privacy practices or the content of these other web sites. Registered Users will need to check the policy statement of these other web sites to understand their policies. Registered Users who access a linked site may be disclosing their private information. It is the responsibility of the Registered User to keep such information private and confidential

9. General

a) Unless otherwise specified in the order form, service and support shall be provided subject to the terms set out in Alliantist’s support policy available in the footer of the relevant platform option.

b) Alliantist has the right to assign or novate the whole or any part of the Agreement without Customer’s prior written consent.  For the avoidance of doubt this shall not affect the obligations on Alliantist and or its successors for the performance of the Agreement.

c) The failure of Alliantist to exercise or enforce any right or provision of the Agreement shall not constitute a waiver of such right or provision. If any provision of the Agreement is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should endeavour to give effect to the parties’ intentions as reflected in the provision, and the other provisions of the Agreement remain in full force and effect.

d) These terms will be governed by and construed in accordance with English Law, without giving effect to its conflict of law provisions or Customer’s actual state or country of residence. Any claims, legal proceeding or litigation arising in connection with ISMS Online will be brought solely in England, and Customer consents to the jurisdiction of such courts provided that each party shall have the right to enforce a judgment of the English Courts in a jurisdiction in which the other party is incorporated or in which any assets of the other party may be situated.

e) The section headings in the terms are for convenience only and have no legal or contractual effect.

h) A person who is not a party to this Agreement may not rely upon or enforce any rights pursuant to the Contracts (Rights of Third Parties) Act 1999.

i) This Agreement constitutes the entire agreement between Customer and Alliantist and is deemed signed in accordance with the ordering process and payment from Customer.