Assess Content and Platform Agreement

1.DEFINITIONS

In this Licence, unless the context otherwise requires, the following expressions have the following meanings:

Best Industry Practice: In respect of the provision of Services [and the Maintenance and Support,] using the highest degree of skill, care, prudence, efficiency, foresight and timeliness which would reasonably be expected from a person highly skilled and experienced in the provision of the same or similar services to the Services using appropriately skilled, trained and experienced personnel.

CII Group: The Chartered Insurance Institute, being a corporate body formed under royal charter with company number RC000104 and having its principal office at 3^rd Floor, 20 Fenchurch Street, London EC3M 3BY (referred to in this definition as “the Institute”) and any corporate body or charity which the Institute is the ultimate holding company of or where such a corporate body or charity is a subsidiary of the Institute and the Institute either directly or indirectly exercises management control, even though it may own less than fifty per cent (50%) of the shares and is prevented by law from owning a greater shareholding.

Commencement Date: 202_.

Fee(s):  All fees, including the licence fee, due to CIIE as set out in Schedule 2.

Intellectual Property Rights: All patents, copyrights, design rights, trademarks, service marks, trade secrets, know-how, database rights and other rights in the nature of intellectual property rights (whether registered or unregistered) and all applications for the same, anywhere in the world.

Licence Period: [2 years] from the Commencement Date.

[Maintenance and Support: The maintenance and support services in respect of the Product set out in Schedule 3.]

Product: The CII product and services as set out in Schedule 1.

Registered User(s): A user account on the Licensee’s Learning Management System (provided by Access UK Limited.), which has access to the Product.  See clause 2.4.

Security policy: As set out in Schedule 5.

Services: The initial customisation and training services as well as any post implementation services in respect of the Products set out in Schedule 1.

2. GRANT OF LICENCE

 2.1 CIIE confirms that it is the lawful licensor of or has the right to license the Product and in consideration of the obligations under this Licence, CIIE grants to the Customer a non-exclusive non-transferable terminable licence to use the Product subject to the provisions of this Licence.  This Licence shall not be deemed to extend to any programs or other materials of CIIE other than the Product unless specifically agreed to in writing by the parties.

2.2  The Customer acknowledges that it is licensed to use the Product for staff training and development purposes and only in accordance with the express terms of this Licence and not further or otherwise.

2.3 In consideration of the payment of the Fee for the Licence Period the Customer shall be granted the right to enrol any of its staff as Registered Users to use the Product.  The Fee shall also entitle the Customer to receive periodic updates to the Product, which CIIE issues to all customers from time to time.  The Fee will be adjusted pro rata according to the number of Registered Users.  The Customer shall remain liable for all actions of any party who is granted access as a Registered User by the Customer. 

2.4 CIIE shall and shall procure that its sub-contractors and agents use Best Industry Practice in the provision of the Services [and the Maintenance and Support] pursuant to the terms herein.  Any additional work or services falling outside the scope of this License required by the Customer shall be mutually agreed by the parties in writing, pursuant to the Fees set out in Schedule 2.

2.5 CIIE agrees to notify the Customer as soon as practicable in the event that CIIE identifies the need to amend, correct or withdraw the content at short notice, due to error, inaccuracy or other cause.  Certain products may be subject to an allowance or fair usage limit specified by CIIE from time to time.  Failure to comply with a specified allowance or limit may result in the Customer becoming liable to pay additional fees.

3. TERM AND RENEWAL

3.1 The Licence shall commence on the Commencement Date and shall continue for the License Period until or unless terminated in accordance with any of the provisions of clause 10 or any other clause of this Licence.  Any renewal of this Licence may be mutually agreed by the parties in writing.

4. PAYMENT

4.1 The Fee shall be paid by the Customer in accordance with this clause 4.

4.2 The Fee and other charges payable under this Licence are exclusive of any applicable VAT and other sales tax which shall be payable by the Customer at the rate and in the manner prescribed by law against submission of a valid tax invoice.

4.3 CIIE shall submit invoices annually in advance to the Customer’s registered office unless an alternative address is agreed and all properly rendered and undisputed invoices shall be paid within 30 days of the invoice date (the “Due Date”).  If Customer adds additional Registered Users during the duration of this Licence, CIIE may issue an invoice for these additional Registered Users if CIIE considers this to be in excess of fair usage.

4.4 If the Customer fails to pay on the Due Date any amount which is payable to CIIE, save in respect of payments which are in dispute, then that amount shall bear interest from the Due Date until payment is made in full both before and after any judgement at 4% per annum above the base rate of HSBC Bank plc from time to time. Such interest shall accrue daily and be compounded quarterly.

4.5 If the Customer fails to pay any sums due to CIIE and if thirty (30) days after being sent a payment reminder notice by CIIE any sums remain unpaid, CIIE reserves the right to:

(a) disable the account;

(b) temporarily suspend the provision of the Services to the Customer until such time as all outstanding invoices have been settled in full in cleared funds, whereupon the Services will be reinstated.  Before reinstating the Services, CIIE may require the Customer to pay a fee for reinstating the Services (as notified to the Customer by CIIE) and/or set up a direct debit mandate for payment of future fees; and

(c) to claim interest under the Late Payment of Commercial Debts (Interest) Act 1998.

4.6 All amounts due under this Licence shall be paid in full without any set-off, counterclaim, deduction or withholding (other than any deduction or withholding of tax as required by law).

5. INTELLECTUAL PROPERTY RIGHTS

5.1 The Customer acknowledges that all Intellectual Property Rights in the Product (and any subsequent update to the Product) are the property of CIIE or the CIIE has the right to license the Intellectual Property Rights, and the Customer shall have no rights in or to the Product other than the right to use it in accordance with this Licence.

5.2 The Customer shall, during the Licence Period, effect and maintain industry standard security measures to safeguard the Product from access or use by any unauthorised person.  For the purposes of this sub-clause, industry standard security measures means that passwords and log-in details may not be shared beyond the applicable Registered User.  The Customer shall notify CIIE as soon as practicable if the Customer becomes aware of any unauthorised use of the whole or any part of the Product by any person.

5.3 The Customer shall not, without the prior written consent of CIIE:

(a) adapt, or decompile the whole or any part of the Product;

(b) assign, transfer, sell, lease, rent, charge or otherwise deal in or encumber the Product or use the Product on behalf of any third party or make available the same to any third party; or

(c) remove or alter any copyright notices or other proprietary notice or logo; or confidential or proprietary legends or identification on the Product.

5.4 CIIE undertakes to defend the Customer from and against any claim or action  that the possession, use, development, modification or maintenance of the Product (or any part thereof) infringes the Intellectual Property Rights of a third party (“Infringement Claim”) and shall fully indemnify and hold harmless the Customer from and against any losses, damages, costs (including all reasonable legal fees) and expenses incurred by or awarded against the Customer as a result of or in connection with any such Infringement Claim.

6. DELIVERY

6.1 CIIE shall deliver the Product (either directly or through its sub-contractors).  The Product will be provided in accordance with the Service Level Agreement set out in Schedule 3 and the warranties in clause 7.

7. WARRANTIES

7.1 CIIE undertakes to provide the Product and warrants that the Product shall be in good working order. CIIE further warrants that the Product shall be free of defects in design, materials and workmanship, including programming errors in any software.

7.2 CIIE does not warrant that use of the Product will be uninterrupted or error free.  The Customer accepts its responsibility for the selection of the Product to achieve its intended results and the CIIE does not warrant that the use of the Product in accordance with this Licence will meet the Customer’s specific business requirements. 

7.3 The warranties referred to in Clauses 7.1 and 7.2 above shall remain in force even where the Product is to be modified by routine execution of any basic or extended maintenance agreements but shall not (except by agreement) apply after significant software modifications or developments (at the request of the Customer) are made to the Product.  If CIIE (or its sub-contractors) carries out the execution of these modifications then the warranties will remain in force.

7.4 CIIE warrants that the Product does not violate or in any way infringe upon the rights of third parties, including property, contractual, employment, trade secrets, proprietary information and non-disclosure rights or any intellectual property rights including trademarks, copyright or patent rights.  Further, CIIE warrants that it has the right to make the Product available to the Customer on terms set out herein.

7.5 Further, the above warranties shall not apply to the extent that any defect in the Product arose or was exacerbated as a result of:

(a) incorrect use, operation or corruption of the Product through no fault of CIIE;

(b) use of the Product with other software or on equipment with which it is incompatible pursuant to the Technical Specification in Schedule 3.

7.6 All other conditions, warranties or other terms which might have effect between the parties or be implied or incorporated into the Licence or any collateral contract, whether by statute, common law or otherwise, are hereby excluded to the extent permitted by the applicable laws including, without limitation, the implied conditions, warranties or other terms as to satisfactory quality, fitness for purpose or the use of reasonable skill and care.

7.7 Without prejudice to any of its rights and remedies, the Customer hereby agrees to afford CIIE not less than fourteen (14) days (following notification thereof by the Customer) in which to remedy any fault hereunder.

8. LIABILITY

8.1 CIIE shall not be liable to the Customer for:

(a) any indirect or consequential loss or damage;

(b) loss of data or other equipment or property;

(c) economic loss or damage;

(d) liability for loss or damage of any nature whatsoever suffered by third parties (including in each case incidental and/or punitive damages); and/or

(e) any loss of profit, interest, revenue, anticipated savings or business or damage to goodwill, even if CIIE is advised in advance of the possibility of any such losses and/or damages.

8.2 CIIE’s total liability in contract, tort (including negligence), by way of indemnity, misrepresentation or otherwise in relation to the Licence shall be limited to the list price of the Products and/or Fee(s) paid for the Services to which the claim relates.  CIIE shall take out at its own cost and maintain in force, for so long as CIIE has obligations under this Licence, appropriate insurance cover (including in respect of errors and omissions) for a sum of money of not less than £1 million.

8.3 The exclusions in this clause 8 shall apply to the fullest extent permissible at law, but nothing shall exclude CIIE’s liability for:

(a) death or personal injury, caused by the negligence of its officers, employees, contractors or agents;

(b) fraud or fraudulent misrepresentation; or

(c) for any other liability which may not be excluded by law.

8.4 All liability that is not expressly assumed under this Licence is excluded to the extent permitted by the applicable law.  The limitations in this clause 8 will apply regardless of the form of action, whether under statute, in contract or tort including negligence or any other form of action.  The parties acknowledge and agree that the limitations contained in this clause 8 are fair and reasonable in the light of all the circumstances.

9. CONFIDENTIALITY, PUBLICITY AND DATA PROTECTION

9.1 Each party shall, during the term of this Licence and thereafter, keep confidential any information of a confidential nature concerning the proprietary information, technical data and information, know-how, formulae, specifications, software, business affairs, customers, clients or suppliers of the other party or of any member of the group of companies to which the other party belongs (together the “Confidential Information”).  This obligation of confidentiality shall not apply where:

(a) the disclosing party has consented in writing to the disclosure of its Confidential Information;

(b) the disclosure of the Confidential Information is required pursuant to a legal or regulatory obligation in which case the receiving party shall promptly notify the disclosing party to the extent permitted under the applicable law;

(c) the Confidential Information is or becomes available in the public domain through no wrongdoing or breach of this Clause 9; or

(d) the receiving party is in possession of the Confidential Information from a third party without obligations of confidentiality.

9.2 The terms of the Licence are confidential and may not be disclosed by the Customer without the prior written consent of CIIE which shall not be unreasonably withheld.

9.3 The provisions of this clause 9 shall remain in full force and effect notwithstanding termination of the Licence for any reason.

9.4 Each party confirms that where they process personal data on behalf of the other, they will ensure compliance with requirements and obligations equivalent to those applicable to data controllers and data processors as set out in the Data Protection Act 2018 and the General Data Protection Regulation (EU) 2016/679 (GDPR) or equivalent, the parties shall:

(a) Ensure that they have secured such consents, registrations and notifications as may be required to enable CIIE to process Personal Data to the extent required to provide the services; and

(b) Comply with their respective obligations under the Data Protection Laws which arise in connection with this Licence and that they shall not, in respect of the Personal Data, do or omit to do any act which puts the other party in breach of its obligations under the Data Protection Laws.

9.5 Neither party shall use the names, trademarks or trade names, whether registered or not, of the other party in publicity releases or advertising or in any other manner, without securing the prior written approval from the other party.

9.6 The parties agree to indemnify the other against any actions, costs, liabilities, losses, damages and expenses which either party may suffer or incur as a result of any breach by the other of any of the undertakings given in this clause.

10. TERMINATION

10.1 Either party may terminate this Licence at any time on written notice to the other party if the other:

• is in material or persistent breach of any of the terms of this Licence and either that breach is incapable of remedy, or the other party fails to remedy that breach within 30 days after receiving written notice requiring it to remedy that breach; or
• is unable to pay its debts (within the meaning of section 123 of the Insolvency Act 1986), or becomes insolvent, or is subject to an order or a resolution for its liquidation, administration, winding-up or dissolution (otherwise than for the purposes of a solvent amalgamation or reconstruction), or has an administrative or other receiver, manager, trustee, liquidator, administrator or similar officer appointed over all or any substantial part of its assets, or enters into or proposes any composition or arrangement with its creditors generally, or is subject to any analogous event or proceeding in any applicable jurisdiction; or
• is the subject of any change of control (as defined in section 995 of the Income Tax Act 2007).

10.2 Termination by either party in accordance with the rights contained in this clause 10 shall be without prejudice to any other rights or remedies of that party accrued prior to termination.

10.3 On termination for any reason:

•  all rights granted to the Customer under this Licence shall cease;
• the Customer shall cease all use of the Product as authorised by this Licence;
• CIIE shall stop the Customer accessing the Product and all Services will cease;
• the Customer shall immediately pay to CIIE any undisputed sums due to CIIE under this Licence and, for the avoidance of doubt, any sum that is disputed shall be in good faith; and
• the Customer shall immediately destroy or return to CIIE (at CIIE’s option) all copies of the Product then in its possession, custody or control and, in the case of destruction, certify, on demand, to CIIE that it has done so.

11. ANTI-BRIBERY COMPLIANCE

11.1 CII and Customer shall:

(a) comply with all applicable laws, statutes and regulations relating to anti-bribery and anti-corruption including but not limited to the Bribery Act 2010 (“Relevant Requirements”);

(b) not engage in any activity, practice or conduct which would constitute an offence under sections 1, 2 or 6 of the Bribery Act 2010 if such activity, practice or conduct had been carried out in the UK;

(c) have and shall maintain in place throughout the term of this Licence its own policies and procedures, including but not limited to adequate procedures under the Bribery Act 2010, to ensure compliance with the Relevant Requirements and clause 11.1(b), and will enforce them where appropriate;

and

(d) promptly report any request or demand for any undue financial or other advantage of any kind received by the other party in connection with the performance of this Licence.

12. VIRUS CHECKS

12.1 Both parties recognise that it is possible for software to be produced which could corrupt not only any software in any Product produced under the Licence but also any other software used on the same system including the operating system software.  Such corruption of software may remain dormant and will not necessarily be found during a period of acceptance testing.  Such corruption for the purposes of this clause 12 shall be termed a “Virus” or “Viruses”.

12.2 CIIE warrants that it and its sub-contractors shall use all reasonable endeavours to ensure that no Viruses are coded or introduced to the Product or any software therein during the Licence Period.

12.3 Without prejudice to the Customer’s rights and remedies, CIIE agrees, in the event that a Virus is found, to use all reasonable endeavours to promptly assist the Customer in reducing the effect of the Virus, and in particular in the event that Virus causes loss of operational efficiency and/or loss of data, to assist the Customer to the same extent to mitigate such losses and to restore the Customer to its original operating efficiency at CIIE’s cost.  For the avoidance of doubt this clause 12.3 shall only apply to a Virus or Viruses caused by CIIE’s actions or omissions and not those caused by the Customer.

13. MISCELLANEOUS

13.1 Force Majeure. No party shall be liable to the other for any delay or non-performance of its obligations under this Licence arising from any cause beyond its reasonable control including, without limitation, any of the following: act of God, governmental act, war, fire, flood, explosion or civil commotion.  For the avoidance of doubt, nothing in this clause 13.1 shall excuse the Customer from any payment obligations under this Licence.

13.2 Entire Agreement. The provisions of Schedules 1, 2, 3 and 4 shall form part of this Licence and shall have effect as if set out in full in the body of the Licence.  Any reference to this Licence includes the Schedules. This Licence, the Schedules referred to herein contain the whole agreement between the parties relating to the subject matter hereof and supersede all prior agreements, arrangements and understandings between the parties relating to that subject matter.

13.3 Each party agrees that it shall have no remedies in respect of any representation or warranty (whether made innocently or negligently) that is not set out in this Licence.  No party shall have any claim for innocent or negligent misrepresentation based upon any statement in this Licence.

13.4 Subcontracting and Assignment. CIIE may perform any or all of its obligations under this Licence through any members of the CII Group, CIIE’s agents or sub-contractors provided at all times that CIIE remains liable for all acts and omissions of its members, agents and sub-contractors as if such omissions are its own. The Licence may not be assigned by either party without the other party’s prior written consent, which shall not be unreasonably withheld.

13.5 Severability. If any provision of this Licence is judged to be illegal or unenforceable, the continuation in full force and effect of the remainder of the provisions shall not be prejudiced.

13.6 Notices. Any notice required to be given by either party to the other party under this Licence shall be served personally, sent by first class prepaid post addressed to the other party’s representative at the address stated below or sent to the party’s representative via email.

In the case of CIIE:	In the case of the Customer:
Customer Director	The Managing Director (or such other senior title) at the address shown on the front page of the Licence.
The Chartered Insurance Institute	[Address 1
3rd Floor	Address 2
20 Fenchurch Street	Address 3 + Post Code]
London EC3M 3BY
Email: assess.config@cii.co.uk	Email: [Please insert]

13.7 Any notice serviced personally shall be considered given at the time of such service, any notice given by first class pre-paid letter shall be deemed to have been received within two days after the date of posting (upon provision of evidence of such posting) unless the contrary is proved and any notice given by email shall be deemed to have been given on the date of transmission.

13.8 A notice in relation to the service of any proceedings or other documents in any legal action cannot be validly given via email and must be served in person or via first class prepaid post.  

13.9 Amendments. Any amendment, waiver or variation of this Licence shall not be binding on the parties unless set out in writing, expressed to amend this Licence and signed by or on behalf of each of the parties.

13.10 Third Party Rights. No term of this Licence is intended to confer a benefit on, or to be enforceable by, any person who is not a party to this Licence, whether under the Contracts (Rights of Third Parties) Act 1999 or otherwise.

13.11 Waiver. No failure or delay by CIIE to exercise any right, power or remedy will operate as a waiver by CIIE nor will any partial exercise preclude any further exercise of the same, or of some other right, power or remedy by CII.

13.12 Counterparts. This Licence may be executed in any number of counterparts or duplicates, each of which shall be an original, and such counterparts or duplicates shall together constitute one and the same agreement.

14. GOVERNING LAW AND JURISDICTION

14.1 This Licence shall be governed by and construed in accordance with English Law and each party hereby submits to the non-exclusive jurisdiction of the English Courts.

SCHEDULE 1

PRODUCT INFORMATION

For the purposes of this Licence, the definitions set out hereunder shall apply to the following Products, which CIIE is providing to the Customer:

Assess IDD An online training and competency solution designed to meet the compulsory CPD requirement for staff involved in the distribution of insurance products.  Usage limited to those learning outcomes reasonably required to make the Registered Users IDD compliant, such usage not to exceed an average of 15/20 hours per person per year.

Assess + A product for companies with a bespoke requirement including appraisal system, training and competency and customised solutions.

Configuration: Additional services agreed with the Customer including but not limited to importing users, uploading a question bank, uploading learning content, set up of activity enrolment rules, set up new reports and other services as agreed with the Customer.

Financial Assess: An online training and competency solution for the retail financial services sector’.

Hosted Content Solution: A product for companies that already have a Learning Management System in place and want to access CII content using 3^rd party software integration.

Insurance Assess/Broker Assess: An online training and competency solution for the general insurance sector:

Mortgage Assess: An online training and competency solution with for the mortgage and home finance sector.

Training: Product education delivered remotely.

LINKED SOLUTION - PRODUCT INFORMATION

Configuration: Initial set up and configuration of the Linked Solution.

Training: Product education delivered either at the Customer’s premises, over the telephone or via the Internet.

SCHEDULE 2

FEES

Content + Platform

(delete as appropriate)

Licence fees

Product:                                                         xxxxx

Assess Licence Fee:                                       £ xxxxx per year

Maximum number of Registered Users             xxxxx

If Customer adds additional Registered Users during the duration of this Licence, CIIE may issue an invoice for these additional Registered Users added by the Customer.

Product option fees:

<name of product option> – fee:                      £ xxxxx per year

<name of product option> – configuration fee   £ xxxxx

<name of product option> – fee:                      £ xxxxx

<name of product option> – configuration fee    £ xxxxx

Service fees:

Configuration Service                                        £ xxxxx

Advanced Configuration Service                         £ xxxxx

Administration Service                                      £ xxxxx per year

Training <duration, volume>                             £ xxxxx

Total annual fees:                                           £ xxxxxx

Total implementation fees:                             £ xxxxxx

Content Only

Product:                                                            xxxxx

Licence Fee per Registered User:                    £XXXX

Maximum number of Registered Users:          [Unlimited/or state no of Registered Users]

Total annual fees:                                            £XXXX per year

SCHEDULE 3

SERVICE LEVEL AGREEMENT

1. The Customer acknowledges that the Support and Maintenance Services (as defined below) are provided both directly by CIIE and by Access UK Limited incorporated and registered in England and Wales with company number 02343760 and whose registered office is at The Old School, School Lane, Stratford St Mary, Colchester CO7 6LZ, Essex, (“Access”) on behalf of CIIE provided that CIIE shall remain liable for all actions and omissions of Access as if such actions and omissions are its own.

2. PURPOSE AND DEFINITION

For the purposes of this Schedule, the definitions set out hereunder shall apply:

Availability the Customer’s ability to access and use all functionalities of the Product and shall be calculated pursuant to clause 7.4 below;

Downtime where the functionalities of the Product are unavailable such that the Product is not capable of being accessed and/or used;

Permanent Fix a permanent resolution of the Support Issue;

Planned Downtime Downtime that is scheduled in advance;

Response Times the times as set out in clause 5 below to respond to a Support Issue raised by a Customer and which for the avoidance of doubt, is calculated from notification submitted by the Customer during the Support Hours;

Service Credits a credit provided to the Customer for each Service Failure event and is calculated pursuant to clause 7.7 below;

Service Failure (a) in respect of the Support Issue, failure to comply with the Resolution Times pursuant to clause 5 below; or (b) where the Product fails to achieve Availability of 99.75% pursuant to clause 7 below;

Support Hours the hours between 9.00 am and 5.30 pm Monday to Friday excluding bank holidays or public holidays in the United Kingdom;

Support Issue a failure or a cessation, interruption or degradation of the usual functionality of the Product;

Unplanned Downtime when the system is unavailable outside of scheduled releases and Planned Downtime;

Workaround a temporary resolution in respect of the Support Issue and may include Access performing the task on an ongoing basis on behalf of the Customer until a Permanent Fix is provided.

3. RESPONSIBILITIES

3.1 CIIE shall during the Licence Period:

3.1.1 provide maintenance and support services and Support Issue management services pursuant to this Schedule;

3.1.2 maintain procedures for reporting, management and escalation of Support Issues; and

3.1.3 ensure the resolution of Support Issues whether through a Permanent Fix or a Workaround in accordance with the Response and Resolution Times.

3.2 The responsibilities of the Customer are to: 

3.2.1 report a Support Issue which it becomes aware of as soon as practicable and provide sufficient detail of such Support Issue subject always that CIIE shall request further information it requires from the Customer; and

3.2.2 ensure the availability of the relevant personnel to provide assistance in the resolution of the Support Issues to the extent reasonably required by CIIE

4. SCOPE OF MAINTENANCE AND SUPPORT

4.1 CIIE shall provide the maintenance and support services by means of telephone and e-mail support to the Customer for the following:

4.1.1 diagnosing the root cause of a Support Issue;

4.1.2 correction of all coding errors in the Product;

4.1.3 advice and support on the set up, accessibility and use of the Product; and

4.1.4 provision of a Permanent Fix or a Workaround in respect of all Support Issues raised by the Customer in respect of the Product, save for the exception set out under clause 4.2 below.

4.2       For the avoidance of doubt, any Workaround provided must be followed by a Permanent Fix pursuant to clause 4.3 below.

4.3       Unless otherwise mutually agreed by the parties in writing, the maintenance and support services shall not include the following:

4.3.1    responsibility for any end user hardware or software with which the Product is used;

4.3.2    development work on any Customer-owned or third party content to enable it to correctly function on the Product;

4.3.3    requests which would require the modification or extraction of data directly from the Product database;

4.3.4 amendments to functionality as a result of changing Customer requirements or redefinition of requirements; and

4.3.5 development required as a result of changes to the Customer’s own organisational infrastructure or business procedures.

4.4 All support requests should be notified to CIIEs third party supplier (“Access”) via the Helpdesk telephone line 0800 055 6586.

4.5 All Support Issues raised by the Customer whether in or outside the United Kingdom shall be dealt with based on the Response Times and Resolution Times during the Support Hours.

4.6 CIIE will maintain a log of Support Issues (see definition below) notified by the Customer to CIIE during the Licence Period.  The date and nature of the Support Issue will be included in the log, together with CIIE’s actions taken and the date the Support Issues are resolved whether by Workaround or through a Permanent Fix.  This will be available for the Customer to view on request.

4.7 CIIE will respond to notification of a Support Issue by completing all of the following actions:

4.7.1 promptly allocating a service request log number and notifying the Customer of the number and the level of Priority pursuant to clause 5.1 below;

4.7.2 promptly carrying out, where possible, remote diagnostic checks in respect of the Product from Access’s premises;

4.7.3 provide advice by telephone or e-mail, including advice as to action and checks to be carried out by Customer if necessary.

5. SUPPORT ISSUES AND RESPONSE TIMES

5.1 The categorisation of Support Issues and their target Response and Resolution Times are as follows:

Priority Level	Description	Initial Response time	Updates	Expected Customer Response
P1	Critical Business Impact Customer’s business has significant loss of service or performance is severely impacted and requires immediate attention.  Examples: • All users are unable to use the service • Unable to complete a payroll run and people may not get paid • Database is down	<1 hour	Updates are provided on an hourly basis unless otherwise agreed.	A customer must commit to work with the support engineer until resolution, otherwise the priority level will be lowered at our discretion.
P2	Moderate business impact Customer is experiencing a moderate loss of service or the service is degraded, however work can continue albeit in a reduced manner.  Examples: • An entire process cannot proceed	<2 hours	Updates are provided every 4 hours, unless otherwise agreed with the customer.	The Customer will be contactable during business hours and respond in a timely manner to any questions or requests for information.
P3	Minimum business impact Customer’s business is functioning however there is a minor issue with service.	<4 hours	Daily.	The Customer will respond to the support teams in a reasonable timeframe.
P4	No business impact a ‘How to’ type query.	Up to one business day	Weekly	The Customer will respond to the support teams in a reasonable timeframe.

5.2 Support Issues will be lowered in level of Priority and notified to the Customer once a Workaround suitable and accepted by the Customer has been provided.

5.3 All Permanent Fixes are subject to investigation, implementation and testing, and may require up to 4 weeks for such Permanent Fixes to be released.]

6. TECHNICAL SPECIFICATION

https://access-support.force.com/Support/s/article/Access-LMS-Minimum-Technical-Requirements

7. SYSTEM AVAILABILITY

7.1 The service level for the Availability of the Product is 99.75% based on 24 hours x 365 days, excluding Planned Downtime.

7.2 Access shall investigate and log any interruption of the availability of the Product and shall take all reasonable steps in accordance with the Response and Resolution Times to provide a Permanent Fix or a Workaround with a view to preventing a recurrence of the cause.

7.3 Planned Downtime will by default be scheduled out of normal working hours to minimise any impact on users.

7.4 Availability is to be calculated at the end of each calendar month in accordance with the following formula: -

A = (T – U)/T

where:

“A” means the Availability of the Product (expressed as a percentage).

“U” means the total number of hours in the respective month during which the Product is unavailable, due to Unplanned Downtime.

“T” means the total number of hours in that respective month.

7.5 Service unavailability (Unscheduled Downtime “U”) shall be calculated from the time of the Access monitoring system registering an alert.

7.6 Downtime shall end when Availability of the Product is restored to the affected Customer(s).

7.7 Service Credits shall be calculated as a sum equivalent to one working day’s value of Licence Fee over a term of 1 year for Priority 1 and/or Priority 2 Service Failures as set out under clause 5.1 where less than 90% resolution is achieved by Access for these priorities in any three consecutive months and for the avoidance of doubt no Service Credits shall be payable for Priority 3, 4 or 5 Service Failures.

7.8 Service Credits of one working day of Licence Fees per service failure shall be payable for failure to meet the 99.75% service availability level for any three consecutive months.

7.9 All Service Credits owing to the Customer shall be deducted by CIIE from any Fees due from the Customer under this Licence.

7.10 Without prejudice to any of its rights and remedies, the Customer is entitled to terminate the Licence for material breach pursuant to clause 10 of the Licence where Service Credits are incurred on more than 2 occasions over any 3 month period during the Licence Period.

7.11 Access shall have no responsibility for, and Downtime shall not include any time when the Product is not Available as a result of any of the following:

7.11.1 failure of the Customer’s internet connection;

7.11.2 failure of any Customer communications facilities or other Customer equipment; or

7.11.3 any act of the Customer which directly causes the Downtime.

7.12 In the case of an emergency or Unplanned Downtime, the Customer shall, where possible, be contacted in advance.  Notwithstanding the foregoing, any emergency or Unplanned Downtime shall be taken into account in respect of the Availability calculations. 

8. SYSTEM RESPONSE TIMES

8.1 The Product shall be configured so as to achieve in normal operating circumstances the following minimum performance levels:

8.1.1 Time to log into the Product from input of URL and password < 6 seconds;

8.1.2 Time to refresh screen e.g. after saving or selecting an item to view < 3 seconds.

8.2 The only exceptions to these performance levels are functions which require intensive database interrogation to provide data, such as reporting or the staff activity dashboard.  The performance levels for such transactions should be reasonable based on the level of data interrogation required to be measured and established as base by external testing.

8.3 If response times cannot be met due to an internet problem or for any other reason external to Access’s hosting service then the performance level will be based on Access and other external internet site response times

9. SERVICE LEVEL OBJECTIVE

9.1 The Service Level Objectives (SLOs) shall mean the:-

9.1.1 the Availability as calculated according to clause 7.4;

9.1.2 the Response and Resolution Times stated in clause 5.1;

9.1.3 the System Response Times stated in clause 8.

10. CIIE shall provide the Customer with a monthly report providing an agreed view of performance against the Objectives, and on request details of the calls logged to Access Customer Support Team (CST) including the date and time each call was logged at the CST and the response times to the fault, time taken to identify the solution and time taken to resolve the fault and showing performance against service levels agreed in this Schedule. Incident reports will be produced for all severity 1 incidents as part of the reporting pack.

SCHEDULE 4

CII Security Policy and Procedures

The following security policies and procedures are designed to protect the Confidential Information of our Customers, their affiliates and Customers.  This list cannot be exhaustive; thus Access shall implement such additional security procedures as may be necessary and appropriate under the circumstances to protect the Confidential Information from unauthorized access.  These processes will be in place prior to Access receiving, hosting, storing and/or processing the Confidential Information.

1. Updated virus software on all Access systems that will protect Customer systems, applications, or Confidential Information.

2. Strong passwords (upper, lower, number, special character) with enforced password rules.

3. Individual user accounts for each user (no shared accounts).

4. Encrypted login sessions and secure transfer of all Customer data.

5. Encrypted storage of all Customer data on external systems.

6. Active security monitoring process (intrusion detection, log review, incident response).

7. Perimeter firewalls.

8. Active security patch management process with current patches applied to all systems on which Customer information or applications will be stored or processed.

9. Written, enforced security policy endorsed by executive management.

10. Strong physical security controls in place on rooms where computer(s) housing Customer data is stored.

11. Employment references are taken on all Information Services employees and other employees with access to Customer data. Adherence to secure development methodology and inclusion of security in applications used by our Customers.

12. Regular backups of systems containing Customer data and applications and secure backup storage.

13. Logical access controls consistent with generally accepted industry practices.

14. Independent assessment/verification of control representations via external ISO27001 accreditation. A comprehensive penetration test/vulnerability assessment would also be an acceptable measure of effectiveness of security measures (at Customer’s request and expense).

15. If any of the Confidential Information is to be transmitted to third parties, the third party shall be identified by/to our Customer and approved by our Customer, an appropriate transmission encryption scheme shall be used to protect the Confidential Information in transit, and the third party shall be required to adhere to the security provisions contained herein.