- Home
- /
- Terms and Conditions
Terms & Conditions
These Terms and Conditions are effective on 1st October 2023 for all customers agreeing to these Terms and Conditions for the first time. If you previously agreed to a version of our Terms and Conditions before 1st October 2023, we have sent you a notice that we have updated these Terms and Conditions, effective 1st November 2023. Now that we have notified you (except as otherwise stated in the notice), please be aware that you are accepting these updated terms by continuing to use our Services after 1st November 2023.
If you have a separate written agreement with Clear Ideas, the updates to the Terms and Conditions will not apply to you. As part of these updates, we have not changed your ability to use our services. You may continue accessing your customer account and using our services as always.
In these Terms and Conditions (hereafter "Agreement" or "Terms"), "we," "us," "our" or "Clear Ideas" will refer collectively to Clear Ideas and or Clear Connections Ireland Limited with their registered address at No 19, The Exchange, Calmount Park, Ballymount, Dublin, D12 F5X0, Ireland (Registered address) and or Clear Connections Europe Limited with its registered address at 207 Regent Street 3rd Floor, London, W1B 3HH.
The terms "you," "your", and "Customer" will refer to you. To be eligible to register for a customer account to use the Services, you must review and accept these Terms by clicking on the "I Accept" or "Get Started" button or other mechanism provided. If you are registering for a customer account to use the Services on behalf of an organisation, then you are agreeing to these Terms for that organisation and promising to Clear Ideas that you have the authority to bind that organisation to these Terms (and, in which case, the terms "you" and "your" or "Customer" will refer to that organisation). The exception is if that organisation has a separate written agreement with Clear Ideas covering the use of the Services, in which case that agreement will govern such use.
Please review these terms carefully. Once accepted, these terms become a binding legal agreement between you and Clear Ideas. If you do not agree to be bound by these terms, do not click the "I accept" or "get started" button, and do not use the services.
When we refer to the "Services" in these Terms, we mean to include all products and services that Clear
Ideas offers and that you order under an Order Form or by using the Clear Ideas customer account. This also includes our services provided to you on a trial basis or otherwise free of charge. Services may consist of products that provide both (a) the platform services, including access to any application programming interface ("API"), and (b), where applicable, connectivity services that link the Services to the telecommunication providers' networks via the Internet.
When we refer to the "Customer Application", we mean any software application or service the Customer makes available to End Users that interfaces with the Services.
When we refer to the "Clear Ideas API", we mean an application programming interface for the Services
(or feature of the Services) provided to you by us.
When we refer to the "Documentation", we mean all of the API instruction manuals and guides, code
samples, manuals, guides, online help files and technical documentation made publicly available by us
for the Services, and as may be updated from time to time.
1. Changes to These Terms
Prior notice of changes: Clear Ideas may update these Terms and Conditions from time to time by providing you with prior written notice by email of material updates at least thirty (30) days in advance of the effective date. Notice will be given via an email to the email address owner of your account. This notice will highlight the intended updates. Updates will be effective upon the date indicated on the notice subject to the paragraph below.
Your acceptance: Following such notice, your continued access or use of the Services on or after the effective date of the changes to the Terms constitutes your acceptance of any updates. If you do not agree to any updates, you should notify us immediately and explain the objection(s). We will discuss the objection(s) with you and attempt to reach an agreement, which we will confirm in writing as an amendment specific to you. If no agreement can be reached by the effective date of the changes, we would either agree in writing to continue under the existing terms, or you must stop using the Services within 30 days of being notified to do so.
2. Your Account(s)
2.1 To use the Services, you will be asked to create a customer account. As part of the account creation process, you will be asked to provide your email address and verify that you are a person by providing a telephone number to which we will send you a verification code to enter into a form. Until you register for an account, your access to the Services will be limited to what is available to the general public. When registering for an account, you must provide true, accurate, current, and complete information about yourself as requested during the account creation process. You may also create sub-accounts within each account. You must keep that information true, accurate, current, and complete after you create each account.
2.2 You are solely responsible for all use (whether or not authorised) of the Services under your customer account(s) and any subaccount(s), including the quality and integrity of your Customer Data and each Customer Application (as defined below). You are also solely responsible for all acts and omissions of anyone who has access to or otherwise uses any Customer Application ("End Users"). You agree to take all reasonable precautions to prevent unauthorised access to or use of the Services and will notify us promptly of any unauthorised access or use. We will not be liable for any loss or damage arising from unauthorised use of your customer account(s). You will be solely responsible, at your own expense, for acquiring, installing, and maintaining all hardware, software and other equipment as may be necessary for you and each End User to connect to, access, and use the Services.
2.3 As part of the sign-up process Clear Ideas may verify your personal and or company information with a third-party credit reference agency and other databases to verify your personal and company information to prevent fraud or money laundering. This will involve a soft search being placed on your credit file. We reserve the rights to carry out director credit checks if required. If the business is a start up with no credit history, we reserve the right to offer you amended terms which may include a deposit. We reserve the right to deny service in accordance with internal credit scoring criteria.
3. Access and Use of the Services
3.1 Provision of the Services. We will make the Services available to you in accordance with these Terms, the Documentation, and any applicable Order Forms. The Services will comply with this Service Level Agreement ("SLA"), which may be updated from time to time in accordance with Section 1. We will provide the Services in accordance with laws applicable to Clear Ideas. 's provision of the Services to its customers generally (i.e., without regard for your particular use of the Services), and subject to your use of the Services in accordance with these Terms, the Documentation, and any applicable Order Form.
3.2 You may use the Services, on a non-exclusive basis, solely to: (a) use and make the Services available to End Users in connection with the use of each Customer Application in accordance with the Documentation and our Acceptable Use Policy; (b) use the Services solely in connection with and as necessary for your activities pursuant to these Terms; and (d) allow your affiliates to use the Services (subject to Section 8 (Affiliates)) pursuant to this Section 3.
4. Customer Data
4.1 Use of Customer Data. "Customer Data" consists of data and other information made available to us by or for you through the use of the Services under these Terms. You instruct us to use and disclose Customer Data only in so far as is necessary to (a) provide the Services consistent with the Clear Ideas Data Processing Agreement, and this Section 4, including detecting, preventing, and investigating security incidents, fraud, spam, or unlawful use of the Services, and (b) respond to any technical problems or your queries and ensure the proper working of the Services. Should Clear Ideas act in breach of its obligations under this Section 4 and/or Section 12.1.4 and/or the Data Processing Agreement it shall indemnify you in respect of any claims or fines which may arise from that breach to the extent that Clear Ideas is responsible for the same up to a maximum amount of €1,000,000.
4.2 PCI DSS: Clear Ideas shall comply with the requirements of the PCI-DSS and attest to compliance annually as a Third-Party Service Provider. In line with our obligations under PCI-DSS Requirements 12.8.2 and 12.9 we shall take full responsibility for the security of payment card data whilst in our environment as shown in Appendix 3 – Data Flow Diagram showing the service data flows and service demarcation points. In addition, to maintain compliance to PCI-DSS 12.8.5, each party will be responsible for maintaining compliance to the PCI-DSS as set out in the Clear Ideas Responsibilities Matrix.
4.3 Data Security. We shall be responsible for the security of the processing, storage, and transmission of your data that we undertake in accordance with the terms of this Agreement (including the Data Processing Agreement); We shall only process, store or transmit your data for the purpose of providing the Services and in accordance with your instructions (as set out in the Data Processing Agreement). We conduct regular testing of the systems and procedures outlined in this Agreement.
4.4 Data Retention. Details regarding how long your end-user personal information may be stored on Clear Ideas systems and how to delete, access, or exercise other choices about end-user data will depend on which Clear Ideas products and services you are using and how you are using them. For that reason, our API documents and product collateral for each of our products and services are the best place to find more detailed information about managing end-user data collected and stored in connection with your use of our products and services, as well as the particular data retention periods for your use case. If the Clear Ideas product or service you use enables you to store records of your usage on Clear Ideas, including personal information contained within those records, and you choose to do so, then Clear Ideas will retain these records for as long you instruct. In some cases, the use of extended storage may cost more. If you later instruct us to delete those records, we will do so. Please note that it may take up to 30 days for the data to be completely removed from all systems. In some cases, a copy of those records, including the personal information contained in them, may nonetheless be retained to carry out necessary functions like billing, invoice reconciliation, troubleshooting, and detecting, preventing, and investigating spam, fraudulent activity, and network exploits and abuse. Sometimes legal matters arise that also require us to preserve records, including those containing personal information. These matters include litigation, law enforcement requests, or government investigations. If we have to do this, we will delete the impacted records when no longer legally obligated to retain them. We may, however, retain or use records after they have been anonymised if the law allows.
5. Customer Responsibilities, Restrictions and Requirements
5.1 Your Responsibilities. You will: (a) be solely responsible for all use (whether or not authorised) of the Services under your account, including for the quality and integrity of Customer Data and each Customer Application; (b) use Services only in accordance with this Agreement, Documentation, Order Forms or other applicable terms relating to the use of the Services, and applicable laws; (c) be solely responsible for all acts, omissions and activities of your End Users, including their compliance with these Terms, and any Order Forms or other terms of sales of the Services; (d) do your best to prevent unauthorised access to or use of the Services and notify Clear Ideas promptly of any such unauthorised access or use; (e) provide reasonable cooperation regarding information requests from law enforcement, regulators, or telecommunications providers; and (f) comply with the representations and warranties you make in Section 12 (Representations and Warranties) below.
5.2 Services Usage Restrictions. With regard to the Services, you agree that: (a) except to make the Services available to your End Users in connection with the use of each Customer Application as permitted herein, you will not transfer, resell, lease, license or otherwise make available the Services to third parties or offer them on a standalone basis, other than permitted by Section 8; (b) you will not attempt to use the Services to access or allow access to Emergency Services (meaning, an official government-sponsored emergency telephone number (such as 112 in the European Union and other locations worldwide) which is used to dispatch professional emergency responders) unless the Service is expressly approved for Emergency Services; (c) you will ensure that the Services are used in accordance with all applicable law of the jurisdiction within which you operate; (d) you will ensure that we are entitled to use your Customer Data, as needed to provide the Services; (e) you will not use the Services in any manner that violates any applicable law of the jurisdiction within which you operate; (f) You will not use the Services to create, train, or improve (directly or indirectly) a substantially similar product or service, including any other machine translation engine; (g) you will not create multiple Customer Applications or Service accounts to simulate or act as a single Customer Application or Service account (respectively) or otherwise access the Service in a manner intended to avoid incurring fees; (h) except as allowed by applicable law, you will not reverse engineer, decompile, disassemble or otherwise create, attempt to create or derive, or permit or assist anyone else to create or derive the source code of any software provided in connection with the Services.
5.3 Suspension of Services. In addition to suspension of the Services for non-payment of fees as described in Section 10.3 (Suspension for Non-Payment), we may also suspend the Services immediately upon notice for cause if: (a) you violate (or give us a reasonable reason to believe you have violated) any material provision of these Terms, (b) there is reason to believe the traffic created from your use of the Services or your use of the Services is fraudulent or negatively impacting the operating capability of the Services; (c) we determine, in our sole discretion, that providing the Services is prohibited by applicable law, or it has become impractical or unfeasible for any legal or regulatory reason to provide the Services; or (d) subject to applicable law, upon your liquidation, commencement of dissolution proceedings, disposal of your assets or change of control, a failure to continue business, assignment for the benefit of creditors, or if you become the subject of bankruptcy or similar proceeding, or (e) there is any use of the Services by Customer or End Users that threatens the security, integrity or availability of the Services. However, Clear Ideas will use commercially reasonable efforts under the circumstances to (x) provide you with notice and an opportunity to remedy such violation or threat prior to any such suspension; (y) where practicable limit the suspension based on the circumstances leading to the suspension (e.g., to certain phone numbers, sub-accounts or other subset of traffic); and (z) remove the suspension as quickly as reasonably practicable after the circumstances leading to the suspension have been resolved.
6. Changes to the Services.
The features and functions of the Services, including the Clear Ideas Application Programming Interface and our service level agreement may change over time. It is your responsibility to ensure that calls or requests you make to the Services are compatible with our then-current Services. Although we try to avoid making changes to the Services that are not backwards compatible, if any such changes become necessary, we will use reasonable efforts to let you know at least sixty (60) days prior to implementing those changes.
7. Beta Offerings.
From time to time, Clear Ideas may make Beta Offerings available to you at no charge. You may choose to try such Beta Offerings or not in your sole discretion. Clear Ideas may discontinue Beta Offerings at any time in our sole discretion and may decide not to make a Beta Offering generally available. For avoidance of doubt, such Beta Offerings are not "Services" under these Terms. "Beta Offerings" means services that are identified as alpha, beta, non-GA, limited release, developer preview, or any such similarly designated services, products, features, and documentation offered by Clear Ideas.
8. Affiliates
Your affiliates mean any entity or person that controls you, is controlled by you, or under common control with you, such as a subsidiary, parent company, or employee. The term "control" means more than 50% ownership. Similarly, if we refer to our affiliates, we mean an entity or person that controls us, is controlled by us, or is under common control with us. If your affiliates use the Services under these Terms, then you and those affiliates will be jointly and severally responsible for the acts and omissions of your affiliates, including, but not limited to, their breach of these Terms. Any claim from any of your affiliates that use the Services pursuant to these Terms may only be brought against us by you on your affiliates' behalf.
You may permit a third party supplier of outsourcing or facility management services and/or a third party provider of services to you to receive the benefit of and use the Services provided by us to you for the purpose of providing services to you provided that (i) You are responsible for ensuring that any such third party supplier complies with the terms of this Agreement as they relate to the use of the Services on the same basis as applies to you; and (ii) you shall remain fully liable for any and all acts or omissions by such third party supplier related to this Agreement.
9. Relationship of the Parties
9.1 Relationship. You and Clear Ideas are independent contractors in the performance of each and every part of these Terms. Nothing in these Terms is intended to create or shall be construed as creating an employer-employee relationship or a partnership, agency, joint venture, or franchise. You and Clear Ideas will be solely responsible for all of our respective employees and agents and our respective labour costs and expenses arising in connection with our respective employees and agents. You and Clear Ideas will also be solely responsible for any and all claims, liabilities or damages or debts of any type that may arise on account of each of our respective activities, or those of each of our respective employees or agents, in the performance of these Terms. Neither you nor Clear Ideas has the authority to commit the other of us in any way and will not attempt to do so or imply that it has the right to do so.
9.2 You and Clear Ideas acknowledge and agree that the provision of or cessation of all or part of the Services at any time and any arrangements contemplated by this Agreement are not intended to constitute a relevant transfer for the purposes of the TUPE Regulations and or the European Communities (Protection of Employees on Transfer of Undertakings) Regulations 2003.
9.3 You and Clear Ideas agree that for the period of this agreement and for 12 calendar months following its termination it will not directly or indirectly induce or attempt to induce any employee of the other party who has been involved with this agreement to leave the employment of the other party. This does not prohibit the employment of any person recruited through an employment agency, if neither party nor any person connected with them has encouraged that agency to approach the relevant individual nor the placing of a public advertisement for a post available to members of the public generally or the employment of any person who answers such an advertisement. Clear Ideas estimates the impact of a breach of this Section 9.3 would be one times the current gross annual salary of the personnel concerned. You accept that this is a reasonable estimate of the loss and agree to pay the same upon demand in the event of a breach. You may demand, and Clear Ideas may pay similar damages in the event of a breach by Clear Ideas. Nothing in this Section 9.3 shall prejudice the right of the non-breaching party to seek injunctive relief.
10. Fees, Payment Terms, Taxes
10.1 Fees. You agree to pay fees in accordance with the rates listed on Our Site unless otherwise set forth in an order form or order confirmation between the parties (an "Order Form").
Additionally, we will charge you, and you shall pay, in accordance with Section 10.3, any and all additional costs, fines, or penalties we incur from a governmental or regulatory body or telecommunication provider as a result of your use of the Services.
We also reserve the right to pass on any fees, surcharges or other fees incurred by Clear Ideas as a result of Malformed or Missing Caller IDs provisioned by you (in the case of Wholesale Access Services and/or P-Asserted-Identity headers).
10.2 Taxes. Unless otherwise stated in an Order Form, you shall be responsible for and shall pay all taxes imposed on or with respect to the Services that are the subject of this Agreement. For purposes of this Section 10.2, taxes do not include any taxes that are imposed on or measured by our net income, property tax, or payroll taxes. If you are exempt from any such taxes for any reason, we will exempt you from such taxes on a going-forward basis once you deliver a duly executed and dated valid exemption certificate to our tax department and our tax department has approved such exemption certificate. Such exemptions should be sent directly to support@clearconnections.ie. If you are exempt from VAT or GST, then it is your responsibility to provide your VAT or GST registration number to us. If you provide us an exemption certificate or your VAT or GST number after you have paid Taxes, then we will provide, upon your written request, a credit to your customer account for taxes previously paid for up to a period of three (3) months from the date of receipt of your written request. If for any reason a taxing jurisdiction determines that you are not exempt from any such exempted taxes and then assesses us, such taxes, you agree to promptly pay to us such taxes, plus any applicable interest or penalties assessed.
Should you be required by applicable law to withhold any tax from any payment owed to us, then you shall provide us with an exemption certificate or similar document to reduce or eliminate any such withholding. Upon receipt of such certificate or document, you shall thereafter reduce or eliminate, as the case may be, such withholding. You shall provide us with documents evidencing your payment of any such withheld tax to applicable tax authorities.
10.3 Payment Terms. You will make all of the payments due hereunder in accordance with the following applicable payment method:
10.3.1 Credit Card Payment Terms. If you elect to pay via credit card, then you are responsible for either (a) enabling auto-recharge on your customer account(s) or (b) ensuring that your customer account(s) has a sufficient positive balance to cover all fees due. If, for any reason, you have a negative balance on your customer account(s), then we reserve the right to suspend the Services.
10.3.2 Direct Debit Invoicing Payment Terms. If you elect to pay via direct debit, receive invoices and we approve you for the same, then invoices will be sent to you via email as a PDF on a monthly basis. Payment will be requested via the direct debit mandate and payment collected on all of the undisputed fees hereunder within fourteen (14) days of the date of the invoice. Unless you and Clear Ideas agree otherwise in writing, all undisputed fees due pursuant to these Terms are payable in Euro, unless otherwise agreed to between the parties in writing. Payment for Professional Services and any Capital Expenditure items will be required in full in advance of provision. Any variation to these terms will be shown on the Order Form. Payment for regular recurring fees will be required monthly in advance. Payment for consumption-based costs will be required monthly in arrears. Payment obligations cannot be cancelled, and fees paid are non-refundable. If you are overdue on any payment of undisputed fees and fail to pay within ten (10) business days of a written notice of your overdue payment, then we may assess, and you must pay a late fee. The late fee will be either 1.5% of the overdue balance per month in arrears, or the maximum amount allowable by applicable law, whichever is less. Following the notice of non-payment, we may also suspend the Services until you pay the undisputed fees due plus any late fees.
10.3.3 Suspension for Non-Payment. If we suspend the Services pursuant to this Section 10.3, then we will have no liability for any damage, liabilities, losses (including any loss of data or profits) or any other consequences that you may incur in connection with any such suspension.
10.4 Fee Disputes. If you are disputing any fees or Taxes, you must act reasonably and in good faith and you must cooperate diligently with Clear Ideas to resolve the dispute. You must notify us in writing if you dispute any portion of any fees paid or payable by you pursuant to these Terms. You must provide that written notice to us within sixty (60) days of the date we bill you for the charge you want to dispute, and we will work together with you to resolve the dispute promptly.
11. Ownership and Confidentiality
11.1 General. As between you and Clear Ideas, we exclusively own and reserve all right, title and interest in and to the Services, Documentation, our Confidential Information and all anonymised or aggregated data resulting from use and operation of the Services (such as but not limited to volumes, frequencies, or bounce rates) and that do not identify a natural person or organisation or company as the source of the information. As between you and Clear Ideas, you exclusively own and reserve all right, title and interest in and to each Customer Application, Customer Data, and your Confidential Information.
11.2 To the extent that you and/or your End Users make a suggestion or recommendation (a "Contribution") as to how the functionality of the Service could be changed or improved, and Clear Ideas implements such a Contribution, Clear Ideas shall exclusively own and reserve all right, title and interest in the change(s) made to the Service.
11.3 Use of Marks. Subject to your prior written consent, you grant Clear Ideas the right to use your name, logo, and a description of your use case to refer to you on Clear Ideas website, marketing, or promotional materials, subject to your standard trademark usage guidelines that you provide to us from time-to-time.
11.4 Confidentiality.
11.4.1 "Confidential Information" means any information or data, regardless of whether it is in tangible form, disclosed by either party that is marked or otherwise designated as confidential or proprietary or that should otherwise be reasonably understood to be confidential given the nature of the information and the circumstances surrounding disclosure. Confidential Information does not include any information which: (a) is publicly available through no fault of the receiving party; (b) was properly known to the receiving party, without restriction, prior to disclosure by the disclosing party; (c) was properly disclosed to the receiving party, without restriction, by another person without violation of the disclosing party's rights; or (d) is independently developed by the receiving party without use of or reference to the Confidential Information of the disclosing party.
11.4.2 Use and Disclosure. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information of like kind (but not less than reasonable care) to (i) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement and (ii) except as otherwise authorised by the Disclosing Party in writing, limit access to Confidential Information of the Disclosing Party to those of its and its affiliates employees and contractors who need that access for the purposes of this Agreement and who are legally bound to keep such information confidential consistent with the terms of this Section 11. Each party may disclose the terms of any Order Form or other purchase of Services to its affiliates, legal counsel, and accountants without the other's prior written consent and will remain responsible for its affiliate's, legal counsel’s, or accountant's compliance with this Section 11 (Confidentiality). Notwithstanding the foregoing, (x) Each party may disclose the terms of this Agreement and any applicable purchase transaction to a subcontractor to the extent necessary to perform its obligations under this Agreement, and (y) Clear Ideas may use and disclose your Confidential Information as necessary to provide the Services, subject to the Data Processing Agreement and in each case of (x) and (y) under terms of confidentiality materially as protective as set forth herein. The Customer may disclose such information pursuant to any disclosure process, procedure or obligation required within the jurisdiction within which the Customer operates, inclusive of any listing rules of any securities exchange on which the capital stock of the Customer and/or any of its Affiliates may be listed from time to time.
11.4.3 Compelled Disclosure. Either party may disclose the other's Confidential Information if so required, pursuant to a regulation, law, or court order. The relevant party will give the other notice of the compelled disclosure (to the extent legally permitted). Each party will cover the other's reasonable legal fees for preparation of witnesses, deposition/affidavits, and testimony to the extent such compelled disclosure is in connection with a lawsuit or legal proceeding to which the other is a party or to the extent fees are incurred in connection with reasonable assistance provided in connection with efforts to contest disclosure.
11.5 Injunctive Relief. The parties expressly acknowledge and agree that no adequate remedy may exist at law for an actual or threatened breach of this Section 11 and that, in the event of an actual or threatened breach of the provisions of this Section 11, the non-breaching party will be entitled to seek immediate injunctive and other equitable relief, without waiving any other rights or remedies available to it.
12. Representations and Warranties; Warranty Disclaimer
12.1 Representations and Warranties.
12.1.1 Recordings and Communications Monitoring. You represent and warrant that if you record or monitor telephone calls, SMS messages, or other communications using the Services, then you will comply with all applicable laws prior to doing so and will secure all required prior consents to record or monitor communications using the Services. We make no representations or warranties with respect to recording or monitoring of telephone calls, SMS messages, or other communications. You acknowledge that these representations, warranties, and obligations are essential to our ability to provide you with access to recording and monitoring features that are part of the Services, and you further agree to indemnify us and our affiliates in accordance with the terms of Section 13 (Mutual Indemnification) for claims arising out of or related to your acts or omissions in connection with providing notice and obtaining consents regarding such recording or monitoring of telephone calls, SMS messages, or other communications using the Services.
12.1.2 Customer Data. You represent and warrant that you have provided (and will continue to provide) adequate notices and have obtained (and will continue to obtain) the necessary permissions and consents to provide Customer Data to us for use and disclosure pursuant to Section 4 (Our Use of Customer Data).
12.1.3 Services. We represent and warrant that the Services will perform materially in accordance with the applicable Documentation. Clear Ideas. 's sole obligation, and your sole and exclusive remedy, in the event of any failure by Clear Ideas to comply with this Section 12.1.3 will be for Clear Ideas to, at Clear Ideas. 's option, re-perform the affected Services or refund to you the fees you actually paid for the affected Services.
12.1.4 PCI-DSS. We warrant that our payment service is compliant with PCI-DSS Service Provider requirements and that we will maintain compliance for the duration of the Agreement. We will supply a copy of our PCI Attestation of Compliance to you annually on request. If our external auditors deem that our service is no longer compliant, we will advise you of this change in status within 24 hours, and you have the right to suspend the service with immediate effect and the opportunity to cancel the service if compliance is not re-established within five working days.
12.2 Disclaimers. Without limiting a party's express warranties and obligations hereunder, and except as expressly provided herein, the services are provided "as is," and Clear Ideas makes no warranty of any kind, whether express, implied, statutory, or otherwise, and Clear Ideas specifically disclaims all implied warranties, including any implied warranty of merchantability, fitness for a particular purpose or non-infringement, to the fullest extent permitted by law. Clear Ideas additionally disclaims all warranties related to third-party telecommunications providers. Beta offerings are provided "as is" and "as available" with no warranties whatsoever, and Clear Ideas shall have no liability whatsoever for any harm or damage arising out of or in connection with a beta offering.
13. Mutual Indemnification
13.1 Indemnification by Clear Ideas. We will defend you from and against all claims, demands, suits or proceedings made or brought against you by a third party alleging that the Services infringe or misappropriate such third party's intellectual property rights ("Infringement Claim") and will indemnify you from any damages, legal fees, and costs finally awarded against you as a result of, or for amounts you pay to settle an Infringement Claim under a settlement for which Clear Ideas has given its written approval.
13.2 Infringement Options: If your use of the Services has become, or in the opinion of Clear Ideas is likely to become, the subject of any Infringement Claim, Clear Ideas may at its option and expense: (a) procure for you the right to continue using the Services as set forth herein; (b) modify the Services to make them non-infringing; or (c) if the foregoing options are not reasonably practicable, terminate these Terms and refund you any unused pre-paid fees. This Section 13 states your exclusive remedy for any Infringement Claim by a third party.
13.3 Limitations: Clear Ideas will have no liability or obligation with respect to any Infringement Claim and a court award of damages (a) arising out of your use of the Services in breach of these Terms, (b) arising out of the combination, operation, or use of the Services with other applications, portions of applications, products, or services where the Services would not by themselves, and without modification, be infringing, or (c) arising from Services for which there is no charge.
13.4 Indemnification by You: You will defend Clear Ideas from and against any claim, demand, suit or proceeding made or brought against Clear Ideas by a third party alleging that the Customer Date infringes or misappropriate such third party's intellectual property rights (collectively, "Customer Indemnifiable Claims") and will indemnify Clear Ideas from any damages, legal fees, and costs finally awarded against Clear Ideas as a result of, or for amounts paid by Clear Ideas to settle a Customer Indemnifiable Claim under a settlement for which you have given your written approval.
13.5 Conditions of Indemnification. As a condition of the foregoing indemnification obligations: (a) the indemnified party ("Indemnified Party") will promptly notify the indemnifying party ("Indemnifying Party") of any Infringement Claim or Customer Indemnifiable Claim, as applicable (collectively referred to as a "Claim"), provided, however, that the failure to give such prompt notice shall not relieve the Indemnifying Party of its obligations hereunder except to the extent that the Indemnifying Party was actually and materially prejudiced by such failure; (b) the Indemnifying Party will have the sole and exclusive authority to defend or settle any such Claim (provided that, the Indemnifying Party will obtain the Indemnified Party's consent in connection with any act or forbearance required by the Indemnified Party, which consent will not be unreasonably withheld); and (c) the Indemnified Party will reasonably cooperate with the Indemnifying Party in connection with the Indemnifying Party's activities hereunder, at the Indemnifying Party's expense. The Indemnified Party reserves the right, at its own expense, to participate in the defence of a Claim. Notwithstanding anything herein to the contrary, the Indemnifying Party will not settle any Claims for which it has an obligation to indemnify pursuant to this Section 13 admitting liability or fault on behalf of the Indemnified Party, nor create any obligation on behalf of the Indemnified Party without the Indemnified Party's prior written consent.
14. Limitation of Liability; Emergency Services
14.1 Indirect consequential and related damages: In no event will either party or its affiliates have any liability arising out of or related to this agreement for any revenues, goodwill, or indirect, special, incidental, consequential, cover, business interruption or punitive damages, whether an action is in contract or tort and regardless of the theory of liability, even if a party or its affiliates have been advised of the possibility of such damages or if a party's or its affiliates' remedy otherwise fails of its essential purpose. The foregoing disclaimer will not apply to the extent prohibited by law.
14.2 Limitation of Liability. Except for amounts payable under a party's indemnification obligations under Section 4 (data protection) and 13 (mutual indemnification) of these terms, in no event will the aggregate liability of each party arising out of or related to these terms exceed €50,000 or the amounts paid or payable by Customer hereunder for the services giving rise to the liability during the twelve (12) month period preceding the first incident out of which the liability arose. The foregoing limitation will apply whether an action is in contract or tort, and regardless of the theory of liability, but will not limit your payment obligations under Section 10 (fees, payment terms, taxes) above.
14.3 Emergency services disclaimer. Neither Clear Ideas nor its representatives will be liable under any legal or equitable theory for any claim, damage, or loss (and customer will hold Clear Ideas harmless against any and all such claims) arising from or relating to the inability to use the services to contact emergency services, as defined in Section 5.2(b) above. Clear Ideas outbound communications services should not be used for contacting emergency services unless the Service is expressly approved for this purpose and you and Clear Ideas have entered an Emergency Services Addendum in connection with your use of the approved product.
14.4 In relation to the limitation of liability: Nothing in this Agreement shall exclude or limit the liability of either party for (i) gross negligence or intentional misconduct of such party, (ii) death or personal injury caused by that party's negligence or (iii) fraud or fraudulent misrepresentation or (iv) any other liability to the extent that the same may not be excluded or limited as a matter of applicable law. Should Clear Ideas be required to update these Terms and Conditions as a result of changes in the law or requirements from telecommunications providers, it shall provide you with 30 days prior written notice of the same, or such period as it is reasonably able to do and where you reject such changes, you will be able to terminate these Terms and Conditions immediately without incurring any liability.
The provisions of this Section 14 allocate the risks pursuant to these terms between the parties, and the parties have relied on the limitations set forth herein in determining whether to enter into these terms.
15. Term; Termination
15.1 Term. These Terms will commence on the date you accept them and continue until terminated in accordance with Section 15.2 (Termination) below ("Term").
15.2 Termination. Either party may terminate these Terms and close your customer account(s) for any reason upon ninety (90) days' written notice to the other party. Notwithstanding the preceding sentence, if there is an Order Form(s) in effect, these Terms will not terminate until such Order Form(s) have expired or been terminated. Where an Order Form states a "Secondary Period", ninety (90) days' written notice must be provided prior to the expiry of the Primary Period or anniversary of the Secondary Period in order to terminate the contract. Clear Ideas, at its sole discretion, may terminate these Terms and close your customer account(s) in the event you commit any material breach of these Terms and fail to remedy that breach within five (5) business days after Clear Ideas provides written notice of that breach to you. You may also terminate these Terms if we commit a material breach of these Terms and fail to remedy that breach within five (5) days after providing written notice of that breach to us.
16. Survival
Upon termination of these Terms, your payment obligations, the terms of this Section 16, and the terms of the following Sections will survive (i.e., still apply): Section 4 (Customer Data), Section 10 (Fees, Payment Terms, Taxes), Section 11 (Ownership and Confidentiality), Section 13 (Mutual Indemnification), Section 14 (Limitation of Liability; Emergency Services), and Section 17 (General).
17. General
17.1 Compliance with Laws. Both parties will comply with the applicable law relating to your respective activities pursuant to these Terms. Clear Ideas will provide the Services per laws applicable to Clear Ideas provision of the Services as set out in Section 3.1, and subject to Customer's use of the Services in accordance with this Agreement, the Documentation, and applicable Order Form (if any).
17.2 No Waiver, Order of Precedence. Either party's failure to enforce at any time any provision of these Terms, our Acceptable Use Policy, or any other of the other party's obligations does not waive such party's right to do so later. And, if such party does expressly waive any provision of these Terms, our Acceptable Use Policy, or any of either party's other obligations, that does not mean it is waived for all time in the future. Any waiver must be in writing and signed by you and us to be legally binding. In the event of any conflict or inconsistency among the following documents, the order of precedence shall be (except as otherwise expressly set forth in an applicable Order Form): (1) product-specific terms set out in the Order Form, (2) the Terms and Conditions and (3) the Documentation.
17.3 Assignment. The Customer will not assign or otherwise transfer these Terms, in whole or in part, without our prior written consent. The parties may, however (without the further prior written consent of the other), assign any of its rights under this Agreement (including any right of action against each other) to any of their Affiliates. Further, the parties shall not unreasonably refuse any request from the other to novate this Agreement to an Affiliate. Any attempt to assign, delegate, or transfer these Terms other than as provided for in this Agreement will be void. Subject to this Section 17.3, these Terms will be binding on both you and Clear Ideas and each of our successors and assigns. Nothing in this agreement prevents Clear Ideas from transferring its interest, benefit, rights, or responsibilities under this agreement to a third party.
17.4 Severability. If any provision of these Terms is held by a court or other tribunal of competent jurisdiction to be unenforceable, that provision will be limited or eliminated to the minimum extent necessary to make it enforceable and, in any event, the rest of these Terms will continue in full force and effect.
17.5 Notices. Any notice required or permitted to be given hereunder will be given in writing to the party at the address specified in this Agreement by personal delivery, certified mail, return receipt requested, overnight delivery by a nationally recognised carrier or by email. Billing-related notices to Customer will be addressed to the relevant billing contact designated by Customer in its account.
17.6 Force Majeure. No failure, delay or default in performance of any obligation of a party shall constitute an event of default or breach of these Terms to the extent that such failure to perform, delay, or default arises out of a cause, existing or future, that is beyond the control and without negligence of such party, including action or inaction of governmental, civil or military authority; fire; strike, lockout or other labour dispute; flood, terrorist act; war; riot; theft; pandemic; earthquake and other natural disaster. The party affected by such cause shall take all reasonable actions to minimise the consequences of any such cause.
17.7 Government Terms. We provide the Services, including related software and technology, for government end use in accordance with these Terms. If you (or any of your End Users) are an agency, department, or other entity of any government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Services or any related documentation of any kind, including technical data, software, and manuals, is restricted by these Terms. All other use is prohibited, and no rights other than those provided in these Terms are conferred.
17.8 Amendments. Any and all amendments to This Agreement will be in the form of an addendum to the agreement, stating the Section and Sub-Section to be amended and the agreed replacement wording. The addendum must be signed and dated by appointed representatives of both parties, and reference to all addenda will be added to the signature page of this agreement.
17.9 Governing Law. This Agreement shall be governed by and construed in accordance with Irish Law. In relation to any legal action or proceedings to enforce this Agreement or arising out of or relating to this Agreement ("proceedings"), each of the parties irrevocably submits to the exclusive jurisdiction of Ireland and the Irish courts and waives any objection to proceedings in such courts on the grounds of venue or in the grounds that the proceedings have been brought in an inconvenient forum.
17.10 Entire Agreement. Except as provided in these Terms and any exhibits or addenda or other terms incorporated by reference into these Terms, these Terms supersede all prior and contemporaneous proposals, statements, sales materials or presentations and agreements, oral and written. No oral or written information or advice given by Clear Ideas, its agents or employees will create a warranty or in any way increase the scope of the warranties or obligations under these Terms. Any purchase order document or similar document provided by you shall be construed solely as evidence of your internal business processes. The terms and conditions contained thereon shall be void and have no effect with regard to these Terms between you and Clear Ideas and be non-binding against Clear Ideas even if signed by Clear Ideas after the date you accept these Terms.
Signed by
[NAME OF DIRECTOR/OFFICER] ____________________________________
for and on behalf of
[NAME OF ORGANISATION] ____________________________________
Signed by
[NAME OF DIRECTOR/OFFICER]____________________________________
for and on behalf of
Clear Ideas
Addendum Reference ____________________________________
Data Processing Agreement
This document concerns the processing of Personal Data (as defined below) in relation to the delivery of Services provided by the Supplier, as further specified in the Agreement between the Supplier and Company.
1. Definitions and rules of interpretation
1.1 The terms used in this Data Processing Agreement shall have the meanings set forth herein. Capitalised terms not otherwise defined herein shall have the meaning given in the Agreement.
1.2 In this Data Processing Agreement, the following terms shall have the meanings set out below, and cognate terms shall be construed accordingly:
"Company" The purchaser of the Services from the Supplier
"Company Affiliate" means the Company's holding company and ultimate holding company and each of its subsidiary companies and its holding company's and ultimate holding com-pany's subsidiary companies from time to time (with "holding company" and "subsidiary" having the meanings given to them in section 7 and section 8 of the Companies Act 2014) and any employee, officer, or contractor of Company or Company Affiliate
"Data Flow Diagram" means the diagrammatic representation of the data flow necessary to deliver the Service, naming Controller, Processor and all required Sub-processor organisations (Appendix 3)
"Data Protection Law" means the General Data Protection Regulation (Regulation (EU) 2016/679) and the Data Protection Act 2018
"EEA" means the European Economic Area
"GDPR" means General Data Protection Regulation, Regulation (EU) 2016/679
"Personal Data" means any information that:
(i) relates to an identified person or identifiable natural person who can be identified, direct-ly or indirectly, by reference to that information; or
(ii) would be considered personal information as such term or concept is defined by Data Protection Laws
"Restricted Transfer" means an onward transfer of Personal Data from Supplier to a Sub-processor where such transfer would be prohibited by the EU Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of the EU Data Protection Laws) in the absence of the Standard Contractual Clauses to be established under clause 12.
"Standard Contractual Clauses" means the contractual clauses set out in Schedule A as amended as indicated (in square brackets and italics) in that schedule and under the Agreement.
"Services" means the services to be provided by the Supplier to the Company as set out in the Terms and Conditions and any Order Form.
"Supplier" Clear Ideas
1.3 References in this Data Processing Agreement to any terms defined in the Data Protection Laws (including without limitation Data Controller, Data-Processor, personal data breach and Sub-Processor) have the meanings as defined in the Act and currently meeting EU adequacy provisions to EU Data Protection Laws.
2. Processing of Personal Data, scope, and purpose
2.1 Supplier shall, at all times, comply with Data Protection Laws in the processing of Personal Data for the purposes of provision of Services and not process Personal Data other than on the Company's docu-mented written instructions unless processing is required by applicable laws to which Supplier is subject, in which case Supplier shall to the extent permitted by applicable laws inform the Company of that legal requirement before the relevant processing of that Personal Data. For clarity, any documented instruc-tions from the Company Affiliate who has provided those specific instructions shall be deemed for the purpose of this Data Processing Agreement the Company Affiliates' written instructions and will only ap-ply to that specific Company Affiliate.
2.2 Company instructs Supplier to process Personal Data as reasonably necessary for the provision of Services and consistent with the Agreement. The processing activities will involve:
Categories of Personal Data: Personal Data may include, among other information:
(a) personal information such as title, name, address, telephone or mobile number, email address, and business contact details;
(b) information concerning health, family, lifestyle, and social circumstances, including age, date of birth, nationality, marital status, and dependents;
(c) financial information such as national insurance number, tax code, and bank account de-tails.
Categories of Data Subjects: Data subjects include the Company's customers, and any other iden-tifiable person whose Personal Data is being processed.
2.3 During the term of the Agreement, the Company may provide written instructions to Supplier in addition to those specified in the Agreement with regard to the processing of Personal Data. Supplier shall comply with all such instructions without additional charge to the extent necessary for Supplier to comply with Data Protection Laws as a data processor.
2.4 Collection. Supplier shall only collect, store, transmit, disclose, process, destroy, or otherwise use any Personal Data in accordance with the Company's instruction and never in a manner that contravenes Data Protection Laws or fails to meet the requirements set forth in this Data Processing Agreement. Sup-plier shall not distribute, sell, license, lease, transfer, or otherwise convey Personal Data for Supplier's own purposes or for the benefit of any other party other than Company without Company's prior written consent.
2.5 Collection.
(a) To the extent that Supplier collects Personal Data on Company's behalf, Supplier shall only collect that Personal Data necessary to perform Services under the Agreement or to otherwise fulfil Company's instructions on collection.
(b) Supplier shall notify Company about the methods of operation and data collection capabil-ities for any cookie, JavaScript, pixel, beacon, statistical ID, probabilistic ID, UIDI, similar tracking mechanisms, or other method of monitoring a user or device across web and/or app locations or properties (Tracking Technologies) Supplier intends to use and shall not use Tracking Technologies without Company's prior written consent. Supplier shall never use Tracking Technologies that: (i) use Flash local shared objects; (ii) fail to provide users with an opportunity to control the use of such Tracking Technologies; (iii) are deployed on behalf of other parties (so-called "fourth party" tracking or "piggybacking"); or (iv) circumvent user preferences as designated in Web browser privacy controls.
2.6 Data location. Unless otherwise agreed upon by the parties in writing, Supplier shall use Personal Data only in (i) the jurisdiction where the data subject resides or (ii) the European Union if the data sub-ject resides anywhere within the European Union. Supplier shall obtain Company's written consent be-fore transferring Personal Data from the EU to a country outside the EU. As at the date of this Agree-ment, the Parties acknowledge that the Supplier shall process Personal Data in the EU and (where neces-sary for business continuity) US jurisdictions, and the parties shall comply with the provisions of clause 12 regarding such processing.
2.7 Data Flow Diagram. Appendix 3 contains the Data Flow Diagram. No changes will be made to the Service as represented in the Data Flow Diagram, without the written consent of both parties.
3. Confidentiality
3.1 Supplier shall keep all Personal Data confidential and only disclose such information strictly to its employees on a need-to-know basis in relation to its processing activities under this Data Processing Agreement.
3.2 Supplier shall take reasonable steps to ensure the reliability of any employee who may have ac-cess to the Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know or access the relevant Personal Data, as strictly necessary for the purposes of the Agreement, and to comply with Data Protection Laws in the context of that individual's duties to Supplier, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
4. Subprocessing
(a) Supplier shall not sub-contract any of its obligations to a sub-data processor without the Customer's prior written consent. Where the Customer gives its written consent to the Supplier to engage a sub-contractor to carry out any part of the Services involving the Processing of Personal Data, the Supplier must include in any contract with the third-party provisions which are equivalent to those in this Data Processing Agreement and as are required by Data Protection Laws. To avoid doubt, where a third party fails to fulfil its obligations under any sub-processing agreement or any Data Protection Laws, the Supplier will remain fully liable to the Customer for fulfilling the Supplier's obligations under these terms.
(b) If any of the Sub-processors appointed by Supplier and approved by Customer are locat-ed outside the EU, then the Supplier shall enter into the Controller-to-Processor Standard Con-tractual Clauses set out in Schedule A to this Data Processing Agreement with such Sub-processor(s) with Supplier as the "data exporter" in Customer's name and on its behalf and the Subprocessor as the "data importer." The Supplier will make the executed Controller-to-Processor Standard Contractual Clauses available to Customer promptly on the Customer's re-quest.
(c) In respect of any data transfers under this clause 4 which rely on the controller to processor standard contractual clauses to enable the lawful transfer of Customer Personal Data, the par-ties agree that Data Subjects for whom a Supplier entity or a third-party Subprocessor processes Customer Personal Data are third-party beneficiaries under the Standard Contractual Clauses.
5. Data subject rights
Supplier shall put in place all appropriate technical and organisational measures to enable Company to comply with its obligations to respond to requests from data subjects to exercise their rights in respect of Personal Data, including but not limited to the right to access the Personal Data processed by Supplier and to request the rectification of inaccurate Personal Data. Supplier shall not respond to any such request from a data subject without receiving the prior written consent of Company.
6. Personal data breach
6.1 Supplier shall notify Company without undue delay upon Supplier or any Subprocessor (as the case may be) becoming aware of a personal data breach affecting Personal Data, providing Company with sufficient information to allow Company to meet any obligations to report or inform data subjects of the personal data breach under the Data Protection Laws. Such notification shall, as a minimum:
(a) describe the nature of the personal data breach, the categories and numbers of data sub-jects concerned, and the categories and numbers of personal data records concerned.
(b) communicate the name and contact details of Supplier's data protection officer or other relevant contact from whom more information may be obtained.
(c) describe the likely consequences of the personal data breach and
(d) describe the measures taken or proposed to be taken to address the personal data breach.
6.2 Supplier shall cooperate with Company and take such reasonable steps as are directed by Com-pany to assist in the investigation, mitigation, and remediation of each such personal data breach.
7. Data protection impact assessment and prior consultation
Consistent with the size and complexity of its organisation, Supplier shall maintain its own privacy process that manages its handling of personal information and includes a documented data breach response. Supplier will appoint (or have appointed) a leader to oversee this privacy process. Where necessary, Supplier shall assist Company in completing privacy impact assessments and in consultations with the rel-evant supervisory authorities.
8. Data processor and data controller
Supplier shall fully comply with all applicable governmental, legal, regulatory, and professional require-ments relating to privacy, including Data Protection Laws. For the purposes of Data Protection Laws, Sup-plier is considered a data processor in relation to the Personal Data it accesses under the Agreement and the Company is the data controller.
9. Information security
9.1 Supplier shall implement and maintain compliance with appropriate technical and organisational security measures (including the measures set out below) to process and protect Personal Data.
9.2 Compliance with industry standards. Supplier shall use organisational, administrative, physical, and technical policies, standards, and controls to protect Personal Data against the unauthorised or un-lawful processing and against accidental loss or destruction of, or damage to, Personal Data. Such measures shall be consistent with currently accepted industry standards (e.g., the NIST Cyber Security Framework, ISO 27001/27002, etc.) and comply at all times with all Data Protection Laws concerning the protection and securing of information.
9.3 Assessment and review. Supplier shall implement a process for regularly testing, assessing, and evaluating the effectiveness of the security measures it puts in place to ensure the security of Personal Data.
9.4 Encryption. Supplier shall not store Personal Data on any portable device or media (e.g., laptop, flash drive, Smartphone) that does not use industry-standard, full disk (where possible) encryption. All Personal Data shall be encrypted when in transit and at rest consistent with accepted industry encryption standards.
9.5 Web-enabled applications. All Internet-facing websites accessed by Company employees must have industry standard tuned Web Application Firewall (WAF) and must be scanned and remediated us-ing accepted industry standards for security vulnerabilities (e.g., Open Web Application Security Project and Open Web Application Security Project Top 10). Scans and remediation must first be completed prior to application launch. Post-launch, Company shall conduct scans at a frequency appropriate for the rele-vant application, technology, and data risk. Websites shall implement and maintain accepted industry standard account and password management controls, including:
(a) lockout after no more than ten unsuccessful login attempts.
(b) prohibiting user IDs, passwords, and Personal Data from being displayed in a URL.
(c) storing user passwords and reset or forgotten security questions in an encrypted manner.
(d) re-authentication is required after no more than 30 minutes of inactivity, and
(e) prohibiting the storage of passwords or Personal Data in persistent local storage (caches, etc.) or in any cookies, JavaScript, or other web tracking technology.
9.6 Awareness and training. Supplier shall provide information security awareness training to all its employees with access to Personal Data or Company systems or networks that materially addresses the security requirement in this Data Processing Agreement.
9.7 Hosted systems. Supplier shall notify Company in writing when it hosts Personal Data in a shared or cloud environment. Supplier shall protect (or, if applicable, cause its Sub-processor to protect) the Per-sonal Data in this cloud environment using controls consistent with accepted industry standards (e.g., Cloud Security Alliance Cloud Controls Matrix). Supplier shall collaborate in good faith to identify an alter-native to such hosting should Company so request.
9.8 Records and continuity. Supplier shall maintain a records retention process and a business conti-nuity plan for all Personal Data in its control or custody.
9.9 Disposal. Supplier shall destroy Personal Data using a secure means of disposal (e.g., incineration or cross-cut shredding) when such data is no longer required (either for the supply of Software and provi-sion of services or to be retained by law). Hardware containing Personal Data must be physically de-stroyed or securely overwritten prior to disposal or use for another purpose.
9.10 Device management. Supplier shall use only securely configured, corporate-owned devices (i.e., non-BYOD or hybrid or work personal use devices) to connect Company networks and systems or to ac-cess or store Personal Data.
10. Deletion or return of Personal Data
10.1 On expiration or termination of the Agreement, Supplier shall promptly and in any event within 30 days of the date of termination or expiration:
(a) return a complete copy of all Personal Data to Company or a third party nominated by Company by secure file transfer in such format as is reasonably notified by Company to Supplier; and
(b) delete and procure the deletion of all other copies of Personal Data.
Supplier may retain Personal Data to the extent required by Data Protection Laws and only to the extent and for such period as required by such Data Protection Laws and always provided that Supplier shall ensure the confidentiality of all such Personal Data and shall ensure that such data is only processed as necessary for the purposes specified in the Data Protection Laws requiring its storage and for no other purpose.
10.2 Supplier shall provide written certification to Company that it has fully complied with this clause 10 within five days of the date of deletion.
11. Audit rights
11.1 Supplier shall make available to Company on request all information necessary to demonstrate compliance with this Data Processing Agreement and shall allow for and contribute to audits, including inspections, by Company or an auditor appointed by Company in relation to the processing of Personal Data by Supplier.
11.2 Information and audit rights of Company only arise under clause 11.1 to the extent that the Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law (including, where applicable, article 23 of the GDPR).
12. Restricted Transfers
12.1 Company (as "data exporter") and Supplier (as "data importer") hereby enter into the Standard Contractual Clauses in respect of any Restricted Transfer from Company to Supplier.
12.2 The Standard Contractual Clauses shall come into effect under clause 12.1 on the later of:
(a) the data exporter becoming a party to them.
(b) the data importer becoming a party to them, and
(c) commencement of the relevant Restricted Transfer.
12.3 Clause 12.1 shall not apply to a Restricted Transfer unless its effect, together with other reasona-bly practicable compliance steps (which, for the avoidance of doubt, do not include obtaining consents from data subjects), is to allow the relevant Restricted Transfer to take place without breach of applicable EU Data Protection Laws
13. General terms
13.1 Duration. This Data Processing Agreement shall remain in force for so long as Supplier has Per-sonal Data in its control or custody.
13.2 Order of precedence. This Data Processing Agreement is subject to the terms of the Agreement. In the event of any conflict between the terms of the Agreement and the terms of this Data Processing Agreement, the terms of the Data Processing Agreement shall prevail.
13.3 Materiality. If Supplier fails to comply with any of the terms in this Data Processing Agreement, then Company shall have the right to either suspend Supplier's performance under the Agreement or terminate the Agreement with immediate effect, without any penalty, liability or further obligation.
14. Governing Law and Jurisdiction
14.1 This Agreement is governed by the laws of Ireland.
14.2 Any dispute arising in connection with this Agreement, which the Parties will not be able to re-solve amicably, will be submitted to the exclusive jurisdiction of the courts of Ireland.
Schedule A
[These Clauses are deemed to be amended from time to time, to the extent that they relate to a Restricted Transfer which is subject to the EU Data Protection Laws of a given country or territory, to reflect (to the extent possible without material uncertainty as to the result) any change (including any replacement) made in accordance with those EU Data Protection Laws (i) by the Commission to or of the equivalent contractual clauses approved by the Commission under Article 46 of the General Data Protection Regulation (in the case of the EU Data Protection Laws); or (ii) by an equivalent competent authority to or of any equivalent contractual clauses approved by it or by another competent authority under another EU Data Protection Laws (otherwise).]
[If these Clauses are not governed by the law of a Member State, the terms "Member State" and "State" are replaced, throughout, by the word "jurisdiction".]
Standard Contractual Clauses for Personal Data (processors)
For the purposes of Chapter 5 of the General Data Protection Regulation for the transfer of personal data to processors established in third countries which do not ensure an adequate level of data protection. [This opening recital is deleted if these Clauses are not governed by the law of a member state of the EU.]
Name of the data exporting organisation:
Address:
(the "data exporter").
And
Name of the data importing organisation: Clear Ideas ("CLEAR IDEAS")
Address: No 19, The Exchange, Calmount Park, Ballymount, Dublin, D12 F5X0, Ireland
(the "data importer").
each a "party", together the "parties”.
HAVE AGREED on the following Contractual clauses (the Clauses) in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals for the transfer by the data exporter to the data importer of the personal data specified in the Data Processing Agreement.
1 Definitions
For the purposes of the Clauses:
1.1 'personal data', 'special categories of data', 'process/processing', 'controller', 'processor', 'data subject', and 'Commissioner' shall have the same meaning as in the GDPR.
1.2 'the data exporter' means the controller who transfers the personal data.
1.3 'the data importer' means the processor who agrees to receive from the data exporter personal data intended for processing on his behalf after the transfer in accordance with his instructions and the terms of the Clauses and who is not subject to a third country's system covered by adequacy regulations issued under the GDPR and or the Data Protection Act 2018.
1.4 'the Subprocessor' means any processor engaged by the data importer or by any other Subprocessor of the data importer who agrees to receive from the data importer or from any other Subprocessor of the data importer personal data exclusively intended for processing activities to be carried out on behalf of the data exporter after the transfer in accordance with his instructions, the terms of the Clauses and the terms of the written subcontract;
1.5 'the applicable data protection law' means the legislation protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data applicable to a data controller.
1.6 ‘technical and organisational measures' means those measures aimed at protecting personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure, or access, in particular where the processing involves the transmission of data over a network and against all other unlawful forms of processing.
2 Details of the transfer
The details of the transfer and, in particular the special categories of personal data, where applicable are specified in Appendix 1 of the Data Processing Agreement, which forms an integral part of the Clauses.
3 Third/party beneficiary clause
3.1 The data subject can enforce against the data exporter in this Clause, Clause 4.2 to 4.9, Clause 5.1 to 5.5, and 5.7 to 5.10, Clause 6(1) and (2), Clause 7, Clause 8(2), and Clauses 9 to 12 as third-party beneficiary.
3.2 The data subject can enforce against the data importer in this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2), and Clauses 9 to 12, in cases where the data exporter has factually disappeared or has ceased to exist in law unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law, as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
3.3 The data subject can enforce against the Subprocessor in this Clause, Clause 5(a) to (e) and (g), Clause 6, Clause 7, Clause 8(2) and Clauses 9 to 12, in cases where both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, unless any successor entity has assumed the entire legal obligations of the data exporter by contract or by operation of law as a result of which it takes on the rights and obligations of the data exporter, in which case the data subject can enforce them against such entity.
3.4 The parties do not object to a data subject being represented by an association or other body if the data subject so expressly wishes and if permitted by national law.
4 Obligations of the data exporter
The data exporter agrees and warrants:
4.1 that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State.
4.2 that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses.
4.3 that the data importer will provide sufficient guarantees in respect of the technical and organisational security measures specified in Appendix 2 to this contract.
4.4 that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
4.5 that it will ensure compliance with the security measures.
4.6 that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not covered by section 97 of the Data Protection Act 2018.
4.7 to forward any notification received from the data importer or any Subprocessor pursuant to Clause 5(b) and Clause 8(3) to the data protection supervisory authority if the data exporter decides to continue the transfer or to lift the suspension.
4.8 to make available to the data subjects upon request a copy of the Clauses, with the exception of Appendix 2, and a summary description of the security measures, as well as a copy of any contract for Sub processing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information;
4.9 that, in the event of Sub processing, the processing activity is carried out in accordance with clause 11 by a Subprocessor providing at least the same level of protection for the personal data and the rights of data subject as the data importer under the Clauses and
4.10 that it will ensure compliance with Clauses 4.1 to 4.9.
5 Obligations of the data importer
The data importer agrees and warrants:
5.1 to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract.
5.2 that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
5.3 that it has implemented the technical and organisational security measures specified in Appendix 2 before processing the personal data transferred.
5.4 that it will promptly notify the data exporter about:
(i) any legally binding request for disclosure of personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
(ii) any accidental or unauthorised access, and
(iii) any request received directly from the data subjects without responding to that request unless it has been otherwise authorised to do so.
5.5 to deal promptly and properly with all inquiries from the data exporter relating to its processing of personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred.
5.6 at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which the data exporter shall carry out, or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority.
5.7 to make available to the data subject upon request a copy of the Clauses or any existing contract for Sub processing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2, which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
5.8 that, in the event of sub-processing, it has previously informed the data exporter and obtained its prior written consent.
5.9 that the processing services by the Subprocessor will be carried out in accordance with Clause 11.
5.10 to send promptly a copy of any Subprocessor agreement it concludes under the Clauses to the data exporter.
6 Liability
6.1 The parties agree that any data subject who has suffered damage due to any breach of the obligations referred to in Clause 3 or Clause 11 by any party or sub-processor is entitled to receive compensation from the data exporter for the damage suffered.
6.2 If a data subject is not able to bring a claim for compensation in accordance with paragraph 1 against the data exporter, arising out of a breach by the data importer or his Subprocessor of any of their obligations referred to in Clause 3 or Clause 11, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.
6.3 The data importer may not rely on a breach of its obligations by a subprocessor in order to avoid its own liabilities.
6.4 If a data subject is not able to bring a claim against the data exporter or the data importer referred to in paragraphs 1 and 2 arising out of a breach by the Subprocessor of any of their obligations referred to in Clause 3 or in Clause 11 because both the data exporter and the data importer have factually disappeared or ceased to exist in law or have become insolvent, the Subprocessor agrees that the data subject may issue a claim against the data Subprocessor with regard to its own processing operations under the Clauses as if it were the data exporter or the data importer unless any successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law, in which case the data subject can enforce its rights against such entity. The liability of the Subprocessor shall be limited to its own processing operations under the Clauses.
7 Mediation and jurisdiction
7.1 The data importer agrees that if the data subject invokes third-party beneficiary rights and/or claims compensation for damages under the Clauses, the data importer will accept the decision of the data subject:
(a) to refer the dispute to mediation by an independent person or, where applicable, by the Data Protection Commission.
(b) to refer the dispute to the Irish courts.
7.2 The parties agree that the choice made by the data subject will not prejudice its substantive or procedural rights to seek remedies in accordance with other provisions of national or international law.
8 Cooperation with supervisory authorities
8.1 The data exporter agrees to deposit a copy of this contract with the supervisory authority if it so requests or if such deposit is required under the applicable data protection law.
8.2 The parties agree that the supervisory authority has the right to conduct an audit of the data importer and any Subprocessor, which has the same scope and is subject to the same conditions as would apply to an audit of the data exporter under the applicable data protection law.
8.3 The data importer shall promptly inform the data exporter about the existence of legislation applicable to it or any Subprocessor preventing the conduct of an audit of the data importer or any Subprocessor, pursuant to paragraph 2. In such a case, the data exporter shall be entitled to take the measures foreseen in Clause 5 (b).
9 Governing law
The Clauses shall be governed by the laws of Ireland.
10 Variations of the contract
The parties undertake not to vary or modify the Clauses. This does not preclude the parties from (i) making changes permitted by the GDPR and or the Data Protection Act 2018, or (ii) adding clauses on business-related issues where required as long as they do not contradict the Clause.
11 Sub processing
11.1 The data importer shall not subcontract any of its processing operations performed on behalf of the data exporter under the Clauses without the prior written consent of the data exporter. Where the data importer subcontracts its obligations under the Clauses, with the consent of the data exporter, it shall do so only by way of a written agreement with the Subprocessor which imposes the same obligations on the Subprocessor as are imposed on the data importer under the Clauses. Where the Subprocessor fails to fulfil its data protection obligations under such written agreement the data importer shall remain fully liable to the data exporter for the performance of the Subprocessor's obligations under such agreement.
11.2 The prior written contract between the data importer and the Subprocessor shall also provide for a third-party beneficiary clause as laid down in Clause 3 for cases where the data subject is not able to bring the claim for compensation referred to in paragraph 1 of Clause 6 against the data exporter or the data importer because they have factually disappeared or have ceased to exist in law or have become insolvent and no successor entity has assumed the entire legal obligations of the data exporter or data importer by contract or by operation of law. Such third-party liability of the Subprocessor shall be limited to its own processing operations under the Clauses.
11.3 The provisions relating to data protection aspects for sub processing of the contract referred to in paragraph 1 shall be governed by the laws of the country where the exporter is registered.
11.4 The data exporter shall keep a list of sub processing agreements concluded under the Clauses and notified by the data importer pursuant to Clause 5.10 which shall be updated at least once a year. The list shall be available to the Data Protection Commission.
12 Obligation after the termination of personal data processing services
12.1 The parties agree that on the termination of the provision of data processing services, the data importer and the Subprocessor shall, at the choice of the data exporter, return all the personal data transferred and the copies thereof to the data exporter or shall destroy all the personal data and certify to the data exporter that it has done do, unless legislation imposed upon the data importer prevents it from returning or destroying all or part of the personal data transferred. In that case, the data importer warrants that it will guarantee the confidentiality of the personal data transferred and will not actively process the personal data transferred anymore.
12.2 The data importer and the Subprocessor warrant that upon request of the data exporter and/or the Data Protection Commission, it will submit its data processing facilities for an audit of the measures referred to in paragraph 1.
Appendix 1 - to the Standard Contractual Clauses
Data Exporter
The data exporter is a _________ based supplier of _______________and is contracting with the importer for it to provide a software solution for _________________________. The data exporter is using the personal data which is being transferred to identify the caller.
Data Importer
The data importer is a is an Irish based provider of call handling services and card payment processing. The data importer uses a US based Subprocessor to process telephone calls in the event of failure of primary processing facilities in the EU.
Signed by
[NAME OF DIRECTOR/OFFICER] ____________________________________
for and on behalf of
[NAME OF ORGANISATION] ____________________________________
Signed by
Steve Walker ____________________________________
for and on behalf of
Clear Ideas Limited
Appendix 2 - to the Standard Contractual Clauses
This Appendix forms part of the Clauses and must be completed and signed by the parties.
Description of the technical and organisational security measures implemented by the data importer in accordance with Clauses 4.4 and 5.3 (or document/legislation attached):
https://www.twilio.com/legal/binding-corporate-rules (Processor)
https://www.twilio.com/legal/data-protection-addendum
https://www.twilio.com/docs/glossary/what-is-personally-identifiable-information-pii
https://www.twilio.com/gdpr
https://poly.ai/privacy-policy
ILLUSTRATIVE INDEMNIFICATION CLAUSE (OPTIONAL)
Liability
The parties agree that if one party is held liable for a violation of the clauses committed by the other party, the latter will, to the extent to which it is liable, indemnify the first party for any cost, charge, damages, expenses, or loss it has incurred.
Indemnification is contingent upon:
(a) the data exporter promptly notifying the data importer of a claim; and
(b) the data importer being given the possibility to cooperate with the data exporter in the defence and settlement of the claim1.
1 Paragraph on liabilities is optional.
Signed by
[NAME OF DIRECTOR/OFFICER] ____________________________________
for and on behalf of
[NAME OF ORGANISATION] ____________________________________
Signed by
Steve Walker ____________________________________
for and on behalf of
Clear Ideas Limited ____________________________________
Appendix 3 – Data Flow Diagram
Attach relevant Data Flow Diagram here.
Service Level Agreement (SLA)
1. Operational Hours
Email Support: support@clearconnections.ie Telephone Support: Support number will be provided after sign-up to appropriate service level | |
Name | Operational hours for reporting issues and requests |
STANDARD | 09:00 – 17:00 hrs (GMT) Mon to Fri excluding Irish public holidays |
ENHANCED | 08:00 – 20:00 hrs (GMT) Mon to Sat excluding Irish public holidays |
TOTAL | 00:00 – 23:59 hrs (GMT) Mon to Sun including all Irish public holidays |
BESPOKE | Operational hours and response times agreed in writing |
Note that outside of Business Hours (09:00 – 17:00 hrs (GMT) Mon to Fri excluding Irish public holidays) calls will be handled by an automated message rely service or an external agency with messages passed to our on-call engineers.
All times are subject to Daylight Saving Time (DST)
2. Fault Categories
Category | Definition |
URGENT | Greater than 25% of overall solution is unavailable |
HIGH | Operation of the application(s) is degraded i.e., system is operational but with failures occurring. Less than 25% but more than individual devices/users are being affected |
NORMAL | Operational performance of the application is impaired, although most business operations remain functional. |
LOW | Information Request: Request for documentation or advice on service operation. |
REQUEST | Change to the configuration of applications, reporting or networking systems without the requirement for additional licensed services. |
3. Response Times
For the purposes of Response Times, Operational Hours are defined within the Category type. Business Hours are defined as 09:00 – 17:00 hrs (GMT) Mon to Fri excluding Irish public holidays.
Category | Response Time (Hrs) | ||
STANDARD | ENHANCED | TOTAL | |
URGENT | 2 Operational Hours | 2 Operational Hours | 1 Operational Hour (24/7) |
HIGH | 4 Operational Hours | 4 Operational Hours | 2 Operational Hours |
NORMAL | 8 Operational Hours | 8 Operational Hours | 4 Operational Hours |
LOW | 16 Business Hours | 16 Business Hours | 8 Business Hours |
REQUEST | 16 Business Hours | 16 Business Hours | 16 Business Hours |
4. Service Availability and Service Credits
4.1 Clear Ideas Limited warrants that the Services will (excluding any period of Force Majeure and Maintenance) have an Uptime Percentage (as defined below) of not less than 99.99% of every calendar month. The Uptime Percentage will be calculated in accordance with the following formula:
U% = (S-D)/S x 100
where:
- “U%” = Uptime Percentage.
- "S" = the number of hours in a relevant calendar month.
- "D" = the number of hours in the relevant calendar month during which the Services were down and not available to the Company (excluding any period of Force Majeure and Maintenance or Effective Work-Around)
4.2 If the warranty in this paragraph is breached in any calendar month during the term of the Agreement, Clear Ideas Limited agrees by way of liquidated damages to pay an amount equal to the percentage reduction in the Period Service Fee calculated in accordance with Clause 5.3 and Clause 5.4 within 21 days of notification.
4.3 The reduction in the preceding sub-paragraph will be calculated in accordance with the following table:
Services availability during the relevant calendar month | Reduction in Service Fee (for month) |
Where U% is greater than 99% but less than 99.95% | 10% |
Where U% is greater than 97% and less than or equal to 99% | 20% |
Where U% is greater than 95% and less than or equal to 97% | 30% |
Where U% is less than or equal to 95% | 40% |
4.4 Clear Ideas Limited shall not be responsible for failure or delay in providing the Services if arising from one or more of the following reasons:
(a) You are in material breach of its obligations under this Agreement; or
(b) Your system administrator(s) being unavailable when reasonably required by Us to assist in the rectification of the Urgent fault or material period of downtime.
(c) unreasonable delay by You in notifying a failure to Us or in submitting instructions unless Clear Ideas Limited was aware of the Urgent fault or material period of downtime or ought reasonably to have been aware of it.
4.5 Maintenance to the Services for the purpose of, without limitation, performing server maintenance, security, or emergency works, together with interruptions to access them due to Force Majeure, shall not constitute downtime. Clear Ideas Limited shall use all reasonable endeavours to perform such works outside of peak usage hours and in such a way as to minimise the potential impact on You. Except for Emergency Maintenance, Clear Ideas Limited will provide You with at least 2 (two) business days prior written notification of such works. However, there may be occasions where the nature of the work is such that this notice period cannot be observed or exceptionally that no notice can be given. For the avoidance of doubt, all server maintenance, security, or emergency works shall be classified as Maintenance.
4.6 The inability of one or more of Your users to access the Services shall not constitute downtime if other users are simultaneously able to gain access or if Clear Ideas Limited can demonstrably secure such access over a standard browser (as this demonstrates the fault lies with You and not with the Services).
4.7 Where we fail to meet the SLAs for a consecutive 3 months, you shall have the right to immediately terminate these Terms and Conditions without incurring further liability.
4.8 For the purpose of this Schedule, the following definitions shall apply:
"Effective Work-Around" means:
(i) invocation of a "disaster recovery" or "business continuity plan" as agreed between the Clear Ideas Limited and You. This includes, but is not limited to, re-routing calls at the PSTN carrier level to an alternative destination; or
(ii) any other solution employed by Clear Ideas Limited which restores service to a sufficient degree so that the incident can no longer be reasonably classified as Urgent.
"Maintenance" means:
(i) "Scheduled Maintenance" on all or part of its network and servers for up to 12 hours in any calendar month between the hours 20:00 and 08:00 GMT, providing You are given 48 hours' notice. Such Scheduled Maintenance may be service affecting.
(ii) "Scheduled Maintenance" on all or part of its network and servers for up to 4 hours in any calendar month between the hours 08:00 and 22:00 GMT, providing You are given 48 hours' notice and that any single episode of maintenance does not exceed 1 hour. Such Scheduled Maintenance may be service affecting.
(iii) "Emergency Maintenance" on all or part of its network and servers for up to 4 hours in any calendar month between the hours 00:00 and 23:59 GMT, providing You are given 30 minutes notice and that any single episode of maintenance does not exceed 30 minutes. Such Emergency Maintenance may be service affecting.
<<END>>
Download Terms and Conditions
Click the download button to download a PDF copy of the Terms and Conditions.