FORTYEIGHT Terms of Service

Effective 10th September 2020 (Version 1.0)

Welcome to FORTYEIGHT!

Our vision is to provide transparency-as-a-service to organisations and governments choosing to adopt artificial intelligence, facial recognition and technological surveillance. These Terms of Service govern access to and use of the features and services available on fortyeight.ai for business customers.

These Terms of Service constitute an agreement between Harmonise Technology Ltd (we or us) and the organisation you represent. Please read these Terms of Service carefully before using Fortyeight Services. By creating an account, you signify the agreement of your organisation to be bound by these Terms of Service.

Definitions

In these Terms of Service, the following terms have the following meanings:

APIs the programmatic web APIs and associated documentation that we make available to Organisations to enable use of FORTYEIGHT.
API Keys the security keys, tokens and other credentials required to access the APIs issued by us to the Organisation.
Credit Limit the amount of your agreed monthly subscription cost.
Dashboard the dashboard available on fortyeight.ai, through which an Organisation can manage its use of FORTYEIGHT.
Data Protection Laws

as applicable and binding on the Organisation, us and/or FORTYEIGHT:

  • in the United Kingdom: the Data Protection Act 2018 and the GDPR, and/or any corresponding or equivalent national laws or regulations;
  • in member states of the European Union (EU) and/or European Economic Area (EEA): the GDPR and all relevant EU and EEA member state laws or regulations giving effect to or corresponding with the GDPR; and
  • any applicable laws replacing, amending, extending, re-enacting or consolidating any of the above Data Protection Laws from time to time (including where applicable under laws applicable in the United Kingdom, the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of the European Union (Withdrawal) Act 2018 as modified by applicable domestic law from time to time).
Escrow Account the database in which the Organisation’s Observations are stored by us.
Fortyeight Brand Materials any trade marks, trade names, service marks, logos and domain names used by us in connection with FORTYEIGHT.
FORTYEIGHT the FORTYEIGHT business services to which an Organisation has subscribed, as shown in the Organisation’s Dashboard.
GDPR General Data Protection Regulation (EU 2016/679).
Identity a piece of information linked to an individual, that enables an Organisation to identify that individual. This could include information such as an email address, IP address or advertising ID.
Intellectual Property Rights means copyright, rights related to copyright such as moral rights and performers rights, patents, rights in inventions, rights in confidential information, know-how, trade secrets, trade marks, geographical indications, service marks, trade names, design rights, rights in get-up, database rights, databases, data exclusivity rights, approvals, utility models, domain names, business names, rights in computer software, mask works, topography rights, the right to sue for infringement, unfair competition and passing off, and all similar rights of whatever nature wherever in the world arising and, in each case:
  • (a) whether registered or not,
  • (b) including any applications to protect or register such rights,
  • (c) including all renewals and extensions of such rights or applications,
  • (d) whether vested, contingent or future, and
  • (e) wherever existing.
Observation an observation about one or more individuals made by an Organisation, that is notified to us so that we can display the Observation to the identified individual(s) if they are a User.
Observation Audit Services the services described in the Observation Audit Service Terms.
Observation Expansion Services the services described in the Observation Expansion Service Terms.
Observation Validation Services the services described in the Observation Validation Service Terms.
Organisation the legal entity or sole trader that signs up to receive FORTYEIGHT as specified during registration.
Organisation Account an account created with FORTYEIGHT by a business or organisation to use FORTYEIGHT for business purposes.
Organisation Account Owner the individual registered as the account owner on behalf of an Organisation.
Organisation User an individual authorised by an Organisation to use the Organisation Account.
Organisation’s Brand Materials the Organisation’s trade marks, trade names, service marks, logos and domain names.
Payment Method a valid means of paying for FORTYEIGHT.
Processor Activities the activities in respect of which we are a processor as set out in clause 21 (Data Protection).
Service Fee the fee payable for a FORTYEIGHT Service as specified when the Organisation subscribes to the relevant FORTYEIGHT service and as visible in the Dashboard at any time.
Service Terms the additional terms of use which apply to a FortyEight service in addition to these Terms of Service as set out in clause 2 (Additional Service Terms).
Standard Contract Clauses the controller-processor model contract clauses approved by the European Commission in the form appended to these Terms of Service.
User an individual user of the FORTYEIGHT web app.
Venue Check-in Services the services described in the Venue Check-in Service Terms.
we or us Harmonise Technology Ltd.

Additional Service Terms

Additional Service Terms apply, depending on the FORTYEIGHT services which an Organisation is using. The following Service Terms are incorporated into these Terms of Service and apply (in addition to these Terms of Service) whenever an Organisation is using the relevant Fortyeight Service:

  • Observation Audit Service Terms;
  • Observation Expansion Service Terms;
  • Observation Validation Service Terms;
  • Venue Check-in Service Terms.

When you subscribe to FORTYEIGHT services, there may be additional terms and conditions and information regarding the services you are ordering specified in the online order form. Unless otherwise expressly set out in any such additional terms and conditions applicable to the specific service to which you subscribe, those additional terms are incorporated into these Terms of Service in relation to your use of that service.

Registering for a FORTYEIGHT Organisation Account

Organisations can create an Organisation Account by registering with FORTYEIGHT and registering an Organisation Account Owner.

The Organisation Account Owner can invite others to use the Organisation Account. Each additional Organisation User must create a new user account that is part of, and associated with, the Organisation's Account. To create an account, the relevant individual must use a valid email address. Organisations may only create one Organisation User account per email address.

Organisation Accounts and Organisation User accounts are intended for use by businesses and other organisations and may be used solely for business purposes.

The Organisation is responsible for all activities that occur under the Organisation’s Account and any associated Organisation Users’ accounts. We are not responsible for unauthorised access to your Organisation Account or Organisation User accounts. The Organisation is solely responsible for maintaining the security of log-in credentials.

The Organisation must ensure that Organisation Users do not disclose their credentials to any third party and is solely responsible for any use or action taken using those credentials. The Organisation must contact us immediately if it believes an unauthorised third party may be using the Organisation Account or associated Organisation User accounts.

The Organisation Account Owner has the ability to administer, manage and close Organisation User accounts. If an Organisation User leaves the Organisation or is no longer authorised to act on behalf of the Organisation, the Organisation is solely responsible for closing that Organisation User’s account.

Subscribing to FORTYEIGHT

Once an Organisation has registered for an Organisation Account, Organisations can subscribe to FORTYEIGHT services. To use FORTYEIGHT services, Organisations must have internet access and they must provide us with a Payment Method if they are subscribing to any service for which payment is required.

Organisations can manage the FORTYEIGHT services to which they are subscribed through the Dashboard. Each Fortyeight Service subscription is made on a monthly basis. Organisations agree that each Fortyeight Service subscription is for a one-month term that will automatically renew each month unless the Organisation cancels the subscription, or the subscription is terminated by us in accordance with clause 24 (Termination). The first month’s subscription will commence on the subscription date and will end on the last calendar day of the first month. Subsequent monthly subscriptions will run from the beginning to the end of the relevant calendar month.

Cancelling subscriptions

Organisations can cancel a subscription for a Fortyeight Service at any time using the Dashboard. When an Organisation cancels a subscription:

  • The Organisation will be billed and agrees to pay the relevant Service Fee for the entire calendar month in which the subscription is cancelled.
  • The Organisation will be able to continue using the relevant Fortyeight Service until the end of the calendar month during which subscription is cancelled, subject to payment of all applicable Service Fees.

Service Fees

Service Fees for each Fortyeight Service will be calculated in accordance with applicable Service Terms and are payable on a monthly basis.

Service Fees may be paid through an agreed Payment Method or, if agreed by us, by BACS payment.

We may change Service Fees from time to time. Any changes to Service Fees will be notified to the Organisation by email to the Organisation Account Owner’s email address. We will give no less than 30 days’ notice of changes to Service Fees.

We reserve the right to conduct credit checks at our sole discretion. We may use any information available in the public domain, validate data provided by the Organisation and exchange data with credit agencies for this purpose. Upon request, the Organisation must provide us with any additional information, and you authorise us to request and obtain such information from government authorities, credit agencies and other third parties as permitted by law. Organisations must ensure that any information provided by them is accurate and complete, and that it is promptly updated as necessary to ensure it remains accurate and complete.

Payment Method

If an Organisation is paying using a Payment Method, Service Fees will be charged to the Organisation’s Payment Method on the last calendar day of the month or when the Credit Limit is reached, whichever is the earlier. In some cases, the payment date may change, for example if the Payment Method fails or if the payment date falls on a non-working day, in which case the payment date will move to the next working day. Organisations can check their next anticipated payment date and Service Fees due on the Dashboard.

Organisations authorise us to charge the applicable Payment Method for Service Fees due on the relevant payment date.

If a Payment Method is declined, the Organisation remains responsible for any uncollected amounts.

For some Payment Methods, the issuer may charge fees, such as foreign transaction fees or other fees relating to the process of the Payment Method. Local tax charges may vary depending on the Payment Method. Please check with the relevant Payment Method service provider for details.

Organisations can update Payment Methods through the Dashboard at any time. Following any update, the Organisation authorises us to charge the updated Payment Method for the Service Fees on the payment dates.

BACS Transfers

Where an Organisation is paying by BACS transfer, we will invoice the Organisation for the Services Fees at the end of each calendar month or when the Credit Limit is reached, if earlier.

The Organisation shall pay all invoices in full without deduction or set-off, in cleared funds, within 14 days of the date of each invoice to the bank account nominated by us.

Late payment

Where sums due under these Terms of Service are not paid in full by the due date:

  • we may suspend access to the Organisation Account and use of FORTYEIGHT until we receive all outstanding Service Fees; and
  • interest shall accrue on a daily basis, and apply from the due date for payment until actual payment in full, whether before or after judgement.

Free Trials

We may offer Organisations a free trial. The duration of the free trial period will be specified during sign-up and is intended to allow new Organisations to try the service.

Free trial eligibility is determined by us at our sole discretion and we may limit eligibility or duration to prevent free trial abuse. We reserve the right to revoke the free trial and put your Organisation Account on hold if we determine that you are not eligible.

At the end of the free trial period, if you choose to continue with your subscription(s) we will charge the Service Fees for the next billing cycle to your Payment Method or raise an invoice at the end of the next calendar month (as applicable) unless you cancel your Fortyeight Services subscriptions prior to the end of the free trial period. If you choose not to continue with the paid for subscription(s), you can continue to use the free FORTYEIGHT functionality.

API Keys and Security

We will provide the Organisation with API Keys to enable the Organisation to access and use FORTYEIGHT. Provision of the API Keys is free of charge.

The Organisation’s use of the API Keys must comply with the technical documentation, usage guidelines and other API documentation provided to the Organisation by us from time to time.

To begin using the APIs, the Organisation must follow the instructions provided on the Dashboard. Once the Organisation has successfully registered to access the applicable APIs, the API Keys enable us to associate the Organisation’s API activity with the relevant Organisation. All activities that occur using the API Keys are the Organisation’s responsibility.

The Organisation must keep its API Keys secret and must not sell, share, transfer or sub-license the API Keys to any other party except for the Organisation’s employees or independent contractors. Such employees or independent contractors must enter into an agreement with the Organisation at least as protective of our rights as these Terms of Service and the Organisation agrees to be responsible for, and liable to us for, any breaches of such agreements by the employees or independent contractors.

The Organisation must notify us immediately if the Organisation becomes aware or suspects that the security of the API Keys is or may be compromised.

The Organisation must promptly report any security deficiencies in, or intrusions to, the Organisation’s systems that the Organisation discovers (or are reported publicly or to the Organisation) to us in writing via email to hello@fortyeight.ai if such intrusions could reasonably be expected to affect FORTYEIGHT or Users in any way. The Organisation will work with us to immediately correct any security deficiency and will immediately disconnect any intrusions or intruders. In the event of any security deficiency or intrusion involving the APIs or FORTYEIGHT, the Organisation will make no public statements (e.g., press, blogs, social media, bulletin boards, etc.) without prior written and express permission from us in each instance.

The Organisation must not copy, adapt, reformat, reverse engineer, disassemble, decompile, decipher, translate or otherwise modify any APIs, API Keys or other information provided by us through automated or other means.

We may provide the Organisation with support in connection with use of the API Keys in our sole discretion and we may stop providing support at any time without notice or liability to the Organisation. We are not obliged to provide any training, support or technical assistance for the the API Keys or the APIs.

We may modify or release subsequent versions of the APIs and require that you use those subsequent versions. The Organisation acknowledges that once we release a subsequent version of an API, the prior version of such API may stop working at any time or may no longer work in the same manner.

Monitoring of service use

To help provide the greatest level of assurance and safety to our community, the Organisation shall assist us in verifying its compliance with these Terms of Service by providing us with information about the Organisation’s use of and access to FORTYEIGHT and use of the APIs and the API Keys. If the Organisation does not demonstrate full compliance with these Terms of Service, as determined in our sole discretion, we may restrict or terminate the Organisation’s access to the APIs and/or FORTYEIGHT.

The Organisation acknowledges that we may monitor any API activity from our own systems for the purpose of ensuring quality, improving our products and services, and ensuring compliance with these Terms of Service. The Organisation must not interfere or attempt to interfere with such monitoring or otherwise obscure from us the Organisation’s API activity. The focus of such monitoring activity is solely to check the Organisation’s API activity. We will not seek to access or use any User data for these purposes.

Acceptable use

As a condition of the Organisations use of FORTYEIGHT, the Organisation agrees not to use FORTYEIGHT:

  • in any way that would knowingly seek to infringe an individual’s human rights;
  • for any purpose that is unlawful under any applicable law or prohibited by these Terms of Service;
  • in any manner that violates the rights of third parties, breaches any laws or regulations regarding privacy or data protection, or exposes us or our Users to legal liability;
  • to knowingly cause harm or distress to a User;
  • to commit any act of fraud;
  • to distribute viruses or malware or other similar harmful software code;
  • to access, store, display, or facilitate the transfer of any content obtained through the following methods: scraping, crawling, spidering or using any other technology or software to access content outside the APIs;
  • for purposes of promoting unsolicited advertising or sending spam;
  • to simulate communications from us or another service or entity in order to collect identity information, authentication credentials, or other information (‘phishing’);
  • in any manner that disrupts the operation of our services or business or the website or business of any other entity;
  • in any manner that harms minors;
  • to promote any unlawful activity;
  • to represent or suggest that we endorse any other business, product or service unless we have separately agreed to do so in writing;
  • to gain unauthorised access to or use of computers, data, systems, accounts or networks; or
  • to attempt to circumvent password or user authentication methods.

Organisation responsibilities

The Organisation represents, warrants and undertakes that:

  • the Organisation is using FORTYEIGHT for business purposes;
  • the individual entering into these Terms of Service on behalf of the Organisation has all necessary legal authority to bind the Organisation to these Terms of Service;
  • the Organisation has all requisite right, power and authority to enter into these Terms of Service and grant to us the rights and authorisations contemplated under these Terms of Service;
  • any information provided or made available by the Organisation to us is at all times accurate and complete;
  • the Organisation will comply with all applicable law, rules, regulations, codes, orders and other requirements of governmental agencies in the Organisation’s performance of its obligations and exercise of its rights under these Terms of Service.

Responsibility for Observations

The Organisation acknowledges that the Organisation is solely responsible for the content and accuracy of Observations that are displayed to a User through FORTYEIGHT. We accept no responsibility or liability for the content of Observations.

The Organisation will ensure that information, including Identities, that the Organisation provides to us to enable us to inform Users of Observations associated with them, is accurate and up to date at the time when such information is submitted.

The Organisation acknowledges and agrees that once a User has been informed of an Observation through FORTYEIGHT, there are no restrictions on the purposes for which the User may use the content of the Observation and no restrictions on the third parties with whom the User may share Observations.

Provision of Fortyeight Services and disclaimer

We will use reasonable endeavours to make FORTYEIGHT available. We do not guarantee that FORTYEIGHT will be available at all times. We will use reasonable endeavours to notify you of any downtime but we may sometimes need to carry out urgent maintenance without notice.

Except as set out in this clause 16 (Provision of Fortyeight Services and disclaimer), we give no warranty and make no representations in relation to FORTYEIGHT. The conditions implied by the Supplier of Goods and Services Act 1982, sections 12 to 16 inclusive are expressly excluded. FORTYEIGHT are provided “as is” and it is the Organisation’s responsibility to ensure that FORTYEIGHT are fit for the purpose for which the Organisation is using FORTYEIGHT.

The Organisation acknowledges that we are not and cannot be aware of the extent of any potential loss or damage to the Organisation resulting from any failure of FORTYEIGHT to conform to any description set out in these Terms of Service or any failure by us to discharge our obligations under these Terms of Service.

Limitation of liability

Our liability is not limited in any way in respect of death or personal injury caused by negligence, fraud or fraudulent misrepresentation or any other losses which cannot be excluded or limited by applicable law.

Subject to the limitations in this clause 17 (Limitation of liability), under no circumstances will we be liable for any:

  • consequential, incidental, special, exemplary or punitive damages that result from the Organisation’s use of FORTYEIGHT, the APIs or the API Keys;
  • loss of profit;
  • loss or corruption of data;
  • loss of contracts;
  • loss of opportunity;
  • loss of savings;
  • harm to reputation or loss of goodwill,

even if we have been advised of the possibility of such damages.

Subject to the limitations in this clause 17 (Limitation of liability), our total liability shall not exceed the lower of £1,000,000 or the sums paid by you under these Terms of Service.

Rights to access FORTYEIGHT

Subject to the Organisation’s compliance with these Terms of Service and payment of any applicable Service Fees, we grant you a limited, non-exclusive, non-transferable, non-sublicensable right to access and use FORTYEIGHT solely in accordance with these Terms of Service. This right does not include the right to resell any Fortyeight Services; any derivative use of Fortyeight Services; or any use of data mining, robots, or similar data gathering and extraction tools. All rights not expressly granted to you in these Terms of Service are reserved and retained by us or our licensors. No feature or part of FORTYEIGHT may be reproduced, duplicated, copied, sold, resold, or otherwise exploited for any commercial purpose without our express written consent. You may not frame or utilise framing techniques to enclose any trademark, logo, or other proprietary information (including images, text, page layout, or form) of ours without express written consent. You may not use any meta tags or any other "hidden text" utilising our name or trademarks without our express written consent.

Intellectual property rights

As between the parties, we own all Intellectual Property Rights in and to (a) the APIs, and all elements, components, and executables of the APIs; (b) FORTYEIGHT; and (c) the Fortyeight Brand Materials. Except to the limited extent expressly provided in these Terms of Service, we do not grant, nor shall the Organisation acquire, any right, title or interest (including any implied licence) in or to any of our property under these Terms of Service. All rights not expressly granted in these Terms of Service are withheld.

For the duration of the Organisation’s subscription(s) to use FORTYEIGHT, the Organisation grants us a paid-up, royalty-free, non-exclusive, worldwide, irrevocable right and licence, under all of the Organisation’s Intellectual Property Rights, to: (a) use and display the Organisation’s Brand Materials in FORTYEIGHT for the purpose of identifying the Organisation to the User; and (b) to promote or advertise the Organisation’s use of FORTYEIGHT. Any good will in the Organisation’s Brand Materials resulting from our use will inure solely to the Organisation.

We may, without your consent, publicly refer to the Organisation, orally or in writing, as a user of FORTYEIGHT. We may also publish your name and logo in press releases, and in promotional materials without additional consent or notice to the Organisation. If the Organisation does not want us to refer to the Organisation in promotional materials, the Organisation can opt-out of this use by contacting us at hello@fortyeight.ai.

You agree not to display the Fortyeight Brand Materials (a) without our prior written consent; (b) in any way that violates applicable law, including laws regarding libel, slander, obscenity and infringement; or (c) in any way that is misleading, implies that your business or products are approved, created or endorsed by us (or otherwise embellishing your relationship with us) or in a way that is otherwise objectionable to us in our sole discretion. Any good will in the Fortyeight Brand Materials resulting from the Organisation’s use will inure solely to us.

Indemnity and insurance

The Organisation agrees to indemnify, defend and hold harmless us and our affiliates, and our and their respective officers, directors, employees, representatives and agents against any loss, claim, damage, settlement, cost, expense, tax or other liability (including, without limitation, reasonable legal fees) arising from or related to (a) any breach of these Terms of Service; (b) any claims from third parties that use of the Organisation’s Brand Materials by us in accordance with these Terms of Service infringes any third party’s intellectual property rights; (c) any claims by third parties that arise in connection with the Organisation’s use of FORTYEIGHT; (d) any claims by third parties that arise in connection with Observations submitted to us by the Organisation; (e) any claims by third parties that arise in connection with any messages that we send on behalf of an Organisation in connection with the Venue Check-in Services; and/or (f) the Organisation’s negligence or wilful misconduct.

The Organisation must have in place contracts of insurance with reputable insurers to cover the Organisation’s obligations under these Terms of Service.

Data protection

In clauses 21 (Data protection) to 23 (Processor obligations) inclusive, the terms controller, data subject, personal data, processor, process and special category data have the meanings given to those terms in the GDPR.

In connection with the following activities, the parties acknowledge and agree that we act as a processor and the Organisation is the controller of the personal data:

  • Storing personal data in the Escrow Account;
  • Collection of additional personal data through FORTYEIGHT as part of the Observation Expansion Services and transmitting such personal data to the Organisation;
  • Collection of validation information through FORTYEIGHT as part of the Observation Validation Services and transmitting such validation information to the Organisation.

Where we are able to link an Observation held in the Escrow Account to one of our Users, we shall display the Observation to the User in their FORTYEIGHT account. Following the initial display of the Observation to the User, we shall continue to store the Observation within the User’s FORTYEIGHT account for the purposes of enabling the provision of our services to the User. We are a controller of the personal data held outside the Escrow Account where it is used by us for the purposes of providing our services to the User.

Controller obligations

When acting as a controller of personal data, each party shall Comply with all Data Protection Laws in connection with the processing of personal data and the exercise and performance of its respective rights and obligations under these Terms of Service, including maintaining all relevant regulatory registrations and notifications as required under Data Protection Laws.

The Organisation warrants, represents and undertakes, that:

  • all personal data sourced by the Organisation for use in connection with FORTYEIGHT, shall comply in all respects, including in terms of its collection, storage and processing, with Data Protection Laws;
  • prior to disclosing any personal data to us, the Organisation shall provide all required fair processing information to, and obtain all necessary consents from, data subjects;
  • all instructions given by the Organisation to us in respect of personal data shall, at all times, be in accordance with Data Protection Laws; and
  • it is satisfied that: (a) our processing operations are suitable for the purposes for which the Organisation proposes to use FORTYEIGHT and engage us to process the personal data; and (b) we have sufficient expertise, reliability and resources to implement technical and organisational measures that meet the requirements of Data Protection Laws.

Processor obligations

Where we act as a processor in relation to the Processor Activities:

  • we shall process personal data only in accordance with the Organisation’s instructions as documented in these Terms of Service (provided that the Organisation acknowledges that we shall separately, as a controller, use personal data contained in Observations to provide services to Users to enable them to view and manage Observations in their FORTYEIGHT account);
  • we shall ensure that all persons authorised to process personal data are subject to legally binding obligations of confidentiality;
  • we shall implement appropriate technical and organisational measures intended to protect personal data against accidental loss, destruction or alternation; unauthorised disclosure or access, or unlawful destruction;
  • we shall be permitted to appoint sub-processors, provided that we put in place a written contract with sub-processors containing equivalent data protection provisions to those contained in these Terms of Service and we shall remain responsible for the performance of our obligations under these Terms of Service;
  • we shall notify the Organisation of any intended changes to our sub-processors and the Organisation shall have an opportunity to object to such appointments. If an objection is raised and we continue to appoint the proposed sub-processor, the Organisation may terminate their subscription(s) for FORTYEIGHT in accordance with clause 24 (Termination);
  • we shall be permitted to transfer personal data to other countries without restriction, provided that if we transfer personal data to a country that is not recognised by the European Commission as offering adequate protection for personal data, we shall ensure that adequate measures are put in place to protect the personal data;
  • if the Organisation is transferring personal data from within the European Union to us in the United Kingdom and due to the exit of the United Kingdom from the European Union, it is it necessary to put in place an adequacy mechanism under GDPR because the UK has not been recognised by the European Commission as having adequate data protection laws, the Standard Contract Clauses shall apply from the date of exit;
  • subject to payment of our reasonable costs and bearing in mind the nature of the processing carried out by us and the personal data available to us, we shall provide reasonable assistance to assist the Organisation: (a) with fulfilling its obligation to respond to requests from data subjects exercising their rights under Data Protection Laws; and (b) with complying with its obligations under Data Protection Laws to keep personal data secure, to notify personal data breaches to supervisory authorities and data subjects, to conduct data protection impact assessments and to consult with supervisory authorities in relation to high risk processing activities;
  • we shall delete all personal data held in the Escrow Account at the end of the expiry period specified by the Organisation. Personal data may be held in back-up records for a short period after the end of the expiry period. Back up data will be deleted in accordance with our usual back-up over-write procedures;
  • upon reasonable request and subject to payment of our reasonable costs, we shall make available to the Organisation all information reasonably necessary to demonstrate compliance with the obligations in this clause 23 (Processor obligations); and
  • subject to payment of our reasonable costs, we shall allow for and contribute to audits conducted by the Organisation to check compliance with this clause 23 (Processor obligations), provided that the Organisation shall provide reasonable notice of audits, shall ensure that appropriate obligations of confidentiality are placed on auditors and shall ensure that audits are carried out during normal business hours and do not cause disruption to the running of our business or FORTYEIGHT.

The processing carried out by us shall be the storage of personal data (which may include special category data) in the Escrow Account and the collection of personal data for the purpose of providing the FORTYEIGHT services requested by the Organisation. The duration of storage of personal data in the Escrow Account shall be for the length of the retention period specified by the Organisation. Personal data shall be processed on behalf of the Organisation for as long as the Organisation subscribes to the relevant FORTYEIGHT Services. The types of personal data processed, shall be personal data contained in Observations, validation information relating to Observations and additional information voluntarily provided by data subjects. Data subjects shall be the customers, employees or other contacts of the Organisation.

Termination

Organisations can close their Organisation Account at any time by sending an email to hello@fortyeight.ai with the subject line “Account Closure Request” or by using the “close account” functionality in the Dashboard (if available). When accounts are closed by an Organisation, the Organisation will continue to have access to FORTYEIGHT until the end of the month in which the Organisation Account is closed. Service Fees will be payable up to the end of the month in which the Organisation Account is closed.

We can close an Organisation Account at any time without cause with immediate effect by notifying the Organisation in writing.

We can also close an Organisation Account with immediate effect at any time, if any of the following occurs:

  • an Organisation breaches any of these Terms of Service;
  • an Organisation fails to pay Service Fees on the due date for payment;
  • an Organisation becomes insolvent or ceases to trade.

If we close an Organisation Account with or without cause you will be responsible for paying the Service Fees up to the termination date.

Consequences of termination

Upon termination, all rights and obligations under these Terms of Service will automatically terminate except for any right of action occurring prior to termination, payment obligations, and obligations that are intended to survive termination, including, without limitation, clauses 20 (Indemnity and insurance), 25 (Consequences of termination), 26 (Confidential information), 31 (Notices), 36 (Non-solicitation), 44 (Governing law), 45 (Jurisdiction) of these Terms of Service and any obligations that arise on termination under the Service Terms.

Confidential information

Each party undertakes that it shall keep any information that is confidential in nature concerning the other party and its affiliates including, any details of its business, affairs, customers, clients, suppliers, plans or strategy (Confidential Information) confidential and that it shall not use or disclose the other party’s Confidential Information to any person, except as permitted in this clause 26 (Confidential information).

A party may:

  • disclose any Confidential Information to any of its employees, officers, representatives or advisers (Representatives) who need to know the relevant Confidential Information for the purposes of the performance of any obligations under these Terms of Service, provided that such party must ensure that each of its Representatives to whom Confidential Information is disclosed is aware of its confidential nature and agrees to comply with this clause 26 (Confidential information) as if it were a party;
  • disclose any Confidential Information as may be required by law, any court, any governmental, regulatory or supervisory authority (including any securities exchange) or any other authority of competent jurisdiction to be disclosed; and
  • use Confidential Information only to perform any obligations under these Terms of Service.

Each party recognises that any breach or threatened breach of this clause 26 (Confidential information) may cause irreparable harm for which damages may not be an adequate remedy. Accordingly, in addition to any other remedies and damages, the parties agree that the non-defaulting party may be entitled to the remedies of specific performance, injunction and other equitable relief without proof of special damages.

This clause 26 (Confidential information) shall bind the parties during the term of these Terms of Service and following termination of these Terms of Service.

Anti-bribery

For the purposes of this clause 27 (Anti-bribery) the expressions ‘adequate procedures’ and ‘associated with’ shall be construed in accordance with the Bribery Act 2010 and guidance published under it.

The Organisation shall ensure that it and each person referred below does not, by any act or omission, place us in breach of any Bribery Laws. The Organisation shall comply with all applicable Bribery Laws, ensure that it has in place adequate procedures to prevent any breach of this clause 27 (Anti-bribery) and ensure that:

  • all of the Organisation’s personnel and all direct and indirect sub-contractors, suppliers, agents and other intermediaries of the Organisation;
  • all others associated with the Organisation; and
  • each person employed by or acting for or on behalf of any of those persons referred to in clauses above,

involved in performance of obligations under these Terms of Service so comply.

The Organisation shall not make or receive any bribe (which term shall be construed in accordance with the Bribery Act 2010) or other improper payment or advantage, or allow any such bribe or improper payment or advantage to be made or received on its behalf, either in the United Kingdom or elsewhere, and will implement and maintain adequate procedures to ensure that such bribes or improper payments or advantages are not made or received directly or indirectly on its behalf.

The Organisation shall immediately notify us as soon as it becomes aware of a breach or possible breach of any of the requirements in this clause 27 (Anti-bribery).

Modern slavery

The Organisation undertakes, warrants and represents that:

  • neither the Organisation nor any of its officers, employees, agents or sub-contractors has
    • (a) committed an offence under the Modern Slavery Act 2015 (an MSA Offence); or
    • (b) been notified that it is subject to an investigation relating to an alleged MSA Offence or prosecution under the Modern Slavery Act 2015; or
    • (c) is aware of any circumstances within its supply chain that could give rise to an investigation relating to an alleged MSA Offence or prosecution under the Modern Slavery Act 2015;
  • it shall comply with the Modern Slavery Act 2015; and
  • it shall notify us immediately in writing if it becomes aware or has reason to believe that it, or any of its officers, employees, agents or subcontractors have breached or potentially breached any of the Organisation’s obligations under this clause 28 (Modern slavery). Such notice to set out full details of the circumstances concerning the breach or potential breach of the Organisation’s obligations.

Dispute resolution

Any dispute arising between the parties out of or in connection with these Terms of Service, other than a dispute related to non-payment of Service Fees, shall be dealt with in accordance with the provisions of this clause 29 (Dispute resolution).

The dispute resolution process may be initiated at any time by either party serving a notice in writing on the other party that a dispute has arisen. The notice shall include reasonable information as to the nature of the dispute.

The parties shall use all reasonable endeavours to reach a negotiated resolution through the following procedures:

  • Within seven days of service of the notice, authorised representatives of the parties shall meet to discuss the dispute and attempt to resolve it.
  • If the dispute has not been resolved within seven days of the first meeting of the authorised representatives, then the matter shall be referred to the senior account owner/senior account manager (as applicable) (or persons of equivalent seniority). The senior account owner/senior account manager (or equivalent) shall meet within seven days to discuss the dispute and attempt to resolve it.
  • The specific format for the resolution of the dispute shall be left to the reasonable discretion of the parties, but may include the preparation and submission of statements of fact or of position.
  • If the dispute has not been resolved within 14 days of the first meeting of the senior account owner/senior account manager (or equivalent) then the matter may be referred to mediation in accordance with the London Court of International Arbitration Mediation Rules.

Either party may issue formal legal proceedings or commence arbitration at any time whether or not the steps referred to above have been completed.

Entire agreement

These Terms of Service (including any applicable Additional Services Terms) constitute the entire agreement between the parties and supersede all previous agreements, understandings and arrangements between the parties, whether in writing or oral in respect of their subject matter.

Each party acknowledges that it has not entered into these Terms of Service in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in these Terms of Service. No party shall have any claim for innocent or negligent misrepresentation on the basis of any statement in these Terms of Service.

Nothing in these Terms of Service purports to limit or exclude any liability for fraud.

Notices

Any notice or other communication given by a party under this Agreement shall be:

  • in writing and in English;
  • sent to the relevant party at the address set out below in this clause 31 (Notices).

Notices may be given, and are deemed received by email on receipt of a delivery receipt email from the correct address.

Notices and other communications shall be sent to:

Harmonise Technology Ltd for the attention of Nicholas Oliver, CEO at hello@fortyeight.ai.

The Organisation for the attention of the Organisation Account Owner at the Organisation Account Owner’s email address.

Force majeure

In this clause Force Majeure means an event or sequence of events beyond a party’s reasonable control preventing or delaying it from performing its obligations under these Terms of Service. Inability to pay is not Force Majeure.

A party shall not be liable if delayed in or prevented from performing its obligations under these Terms of Service due to Force Majeure, provided that it:

  • promptly notifies the other of the Force Majeure event and its expected duration; and
  • uses reasonable endeavours to minimise the effects of that event.

Further assurance

Each party shall at the request of the other party, and at the cost of the requesting party, do all acts and execute all documents which are necessary to give full effect to these Terms of Service.

Variation

We may change these Terms of Service at any time by posting the amended Terms of Service on the Dashboard website. All amended terms shall automatically be effective 30 days after they are initially posted.

From time to time, we may choose in our sole discretion to add or remove benefits or features of FORTYEIGHT. Your continued use of FORTYEIGHT after we change the Terms of Service or change any benefits or features constitutes your acceptance of the changes. If you do not agree to any changes, you must close your Organisation Account.

Assignment and sub-contracting

We may at any time assign, sub-contract, transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of our rights under these Terms of Service.

The Organisation shall not assign, sub-contract, transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of its rights under these Terms of Service, in whole or in part, without our prior written consent.

Non-solicitation

In order to protect our legitimate business interests, during the duration of these Terms of Service and for a period of 12 months after their termination, the Organisation shall not, either directly or indirectly, by or through itself, its affiliate, its agent or otherwise, or in conjunction with its affiliate, its agent or otherwise, whether for its own benefit or for the benefit of any other person:

  • solicit, entice or induce, or endeavour to solicit, entice or induce, any of our employees, officers or directors (Restricted Persons) with a view to employing or engaging them; or
  • employ or engage, or offer to employ or engage a Restricted Person without our prior written consent.

Notwithstanding the provisions above, the Organisation may employ or engage any Restricted Person of the other party who has responded directly to a bona fide recruitment drive either through a recruitment agency engaged by the relevant party or via an advertisement placed publicly by the relevant party (either in the press, social media, online or in trade and industry publications).

Set off

Each party shall pay all sums that it owes to the other party under these Terms of Service without any set-off, counterclaim, deduction or withholding of any kind, save as may be required by law.

No partnership or agency

The parties are independent and are not partners or principal and agent and these Terms of Service do not establish any joint venture, trust, fiduciary or other relationship between them, other than the contractual relationship expressly provided for in it. Neither party shall have, nor shall represent that it has, any authority to make any commitments on the other party’s behalf.

Severance

If any provision of these Terms of Service (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of these Terms of Service shall not be affected.

If any provision of these Terms of Service (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it was deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.

Waiver

No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under these Terms of Service shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.

No single or partial exercise of any right, power or remedy provided by law or under these Terms of Service shall prevent any future exercise of it or the exercise of any other right, power or remedy.

A waiver of any term, provision, condition or breach of these Terms of Service shall only be effective if given in writing and signed by the waiving party, and then only in the instance and for the purpose for which it is given.

Conflicts

In the event of any conflict or inconsistency between different parts of these Terms of Service, the following descending order of priority applies:

  • the Standard Contract Clauses (if applicable);
  • the terms and conditions in the main body of these Terms of Service;
  • the terms and conditions in any applicable Additional Terms of Service.

Subject to the above order of priority between documents, later versions of documents shall prevail over earlier ones if there is any conflict or inconsistency between them.

Costs and expenses

Each party shall pay its own costs and expenses incurred in connection with the negotiation, preparation, signature and performance of these Terms of Service.

Third party rights

A person who is not a party to these Terms of Service shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of the provisions of these Terms of Service.

Governing law

These Terms of Service and any dispute or claim arising out of, or in connection with, them, their subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales.

Jurisdiction

The parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, these Terms of Service, their subject matter or formation (including non-contractual disputes or claims).

Venue Check-in Service Terms

These Venue Check-in Service Terms apply, in addition to the Terms of Service, when the Organisation has subscribed to the Venue Check-in Services.

In these Venue Check-in Service Terms, the following terms have the following meanings:

Check-in a “check-in” occurs each time an individual inputs their details into FORTYEIGHT using one of the Organisation’s Location Codes
Location Code the unique code which is issued by us and which is linked to a specific location, person or event.
Venue Check-in Price the price payable for each Check-in as specified in the online order form and as may be updated from time to time by us by giving the Organisation not less than 30 days’ notice in writing.

Venue Check-in Services

Venue Check-in Services enable the Organisation to collect information about people who enter a venue or attend an event to assist with complying with obligations in relation to Covid-19 contact tracing.

Guests visiting the venue input their personal data directly into FORTYEIGHT via their mobile website or by SMS. We store guest data in the Escrow Account. If the Organisation needs to contact guests due to potential exposure to Covid-19, the Organisation can use FORTYEIGHT to send a message to guests to alert them to the potential exposure. Contact details held in the Escrow Account will be used by us to send messages on behalf of the Organisation.

At the request of the Organisation, we can also provide an exported list of the contact information for provision to public health authorities. When exporting this data, each user whose data is exported, will have a new Observation created, informing them of this export, ensuring users remain informed about the use of their data.

Calculation of Venue Check-in Service Fee

The Venue Check-in Service Fee is calculated based on the number of Check-ins that occur in the relevant calendar month multiplied by the Venue Check-in Price unless otherwise agreed in writing between the parties.

Organisation obligations

The Organisation is responsible for informing guests about how the Organisation collects and uses personal data.

The Organisation must specify the expiry date for information that is collected by us on behalf of the Organisation during Check-in and which is stored in the Escrow Account. The expiry date should not be longer than is necessary to retain information for Covid-19 contact tracing purposes. The default expiry time is set to 21 days.

The Organisation is responsible for determining whether and when to send messages to users through FORTYEIGHT.

The Organisation may solely use FORTYEIGHT to store information about guests as required for Covid-19 contact tracing purposes and to send messages to individuals to inform them about potential Covid-19 exposure. FORTYEIGHT may not be used by the Organisation to send any promotional or marketing materials and the information collected through FORTYEIGHT may not be used for any promotional or marketing purposes, unless adequate consent for such use of data has been obtained through the FORTYEIGHT user interface.

The Organisation is responsible for determining how it implements the FORTYEIGHT service and is solely responsible for ensuring compliance with its legal and regulatory obligations in accordance with government guidance.

The Organisation must always act in a truthful and transparent manner in relation to the role of FORTYEIGHT and will seek to build trust and confidence in the FORTYEIGHT service and not do anything to undermine the reputation or credibility of FORTYEIGHT.

Observation Audit Service Terms

These Observation Audit Service Terms apply, in addition to the Terms of Service, when the Organisation has subscribed to the Observation Audit Services.

In these Observation Audit Service Terms, the following terms have the following meanings:

Observation Audit Price the price payable for each Observation notified to FORTYEIGHT to hold in the Escrow Account as specified in the online order form and as may be updated from time to time by us by giving the Organisation not less than 30 days’ notice in writing.

Observation Audit Services

The Observation Audit Services allow the Organisation to notify FORTYEIGHT of new Observations made about individuals, for transfer to the Escrow Account. We will check whether any of the identifiers provided with each Observation submitted to the Escrow Account match with the verified identities of signed up Users. If so, the user will be informed of the Observation once added to in their FORTYEIGHT account.

Calculation of Observation Audit Service Fee

The Observation Audit Service Fee is calculated based on the number of Observations notified to FORTYEIGHT’s Escrow Account in the relevant calendar month, multiplied by the Observation Audit Price, unless agreed otherwise in the order form.

Organisation obligations

The Organisation must specify the expiry date for Observations that are submitted to the Escrow Account.

If a User disputes the content of an Observation and we notify the Organisation about the dispute, the Organisation must take all reasonable steps to verify the accuracy of the Observation and to update the Observation if necessary.

Observation Validation Service Terms

These Observation Validation Service Terms apply, in addition to the Terms of Service, when the Organisation has subscribed to the Observation Validation Services.

In these Observation Validation Service Terms, the following terms have the following meanings:

Observation Validation Price the price payable for each Observation validated through FORTYEIGHT as specified in the online order form and as may be updated from time to time by us by giving the Organisation not less than 30 days’ notice in writing.
Validation Information information provided by a User in response to a validation request

Observation Validation Services

The Observation Validation Services enable the Organisation to ask individuals to validate whether Observations, or parts thereof, are correct. For example, if the Organisation has made an assumption about an individual’s interests, the Organisation can ask for this to be validated. We will ask Users whether they are willing to validate Observations and, if the User is happy to validate the information, we will pass the validation information back to the Organisation.

Calculation of Observation Validation Service Fee

The Observation Validation Service Fee is calculated based on the number of Observations that are validated in the relevant calendar month multiplied by the Observation Validation Price, unless agreed otherwise in the order form.

Organisation obligations

The Organisation is responsible for providing Users with an adequate privacy notice to explain the purposes for which Validation Information will be used and for ensuring that it has a lawful basis to permit the collection and use of Validation Information.

Upon closure of the Organisation Account, the Organisation must permanently delete and cease to use all Validation Information, except if doing so would cause the Organisation to violate any legal or regulatory requirements.

Observation Expansion Service Terms

These Observation Expansion Service Terms apply, in addition to the Terms of Service, when the Organisation has subscribed to the Observation Expansion Services.

In these Observation Expansion Service Terms, the following terms have the following meanings:

Expansion Information additional information provided by a User in response to an expansion request.
Expansion Request a request for Expansion Information submitted by the Organisation.
Observation Expansion Price the price payable for each Observation expanded through FORTYEIGHT as specified in the online order form and as may be updated from time to time by us by giving the Organisation not less than 30 days’ notice in writing.

Observation Expansion Services

Observation Expansion Services enable the Organisation to ask Users to provide them with additional information about themselves. We will ask Users whether they are willing to provide additional information. If so, we will transmit the relevant information to the Organisation.

Calculation of Observation Expansion Service Fee

The Observation Expansion Service Fee is calculated based on the number of Expansion Requests that are submitted by the Organisation in the relevant calendar month multiplied by the Observation Expansion Price.

Organisation obligations

The Organisation is responsible for providing Users with an adequate privacy notice to explain the purposes for which Expansion Information will be used and for ensuring that it has a lawful basis to permit the collection and use of Expansion Information.

Upon closure of the Organisation Account, the Organisation must permanently delete and cease to use all Expansion Information, except if doing so would cause the Organisation to violate any legal or regulatory requirements.

Standard Contractual Clauses

These Standard Contractual Clauses shall come into effect in accordance with Clause 23 of the Terms of Service.