Software End User Licence and Support Terms and Conditions

IMPORTANT NOTICE:

BY ORDERING, DOWNLOADING OR OTHERWISE ACCESSING THE SOFTWARE OR BY CONFIRMING THE ORDER AS PART OF THE DOWNLOADING OR ORDERING PROCESS, THE CUSTOMER AGREES TO THE TERMS OF THIS AGREEMENT WHICH WILL BIND IT AND ITS EMPLOYEES.
IF YOU ARE ENTERING INTO THIS AGREEMENT AND ACCEPTING THESE TERMS AND CONDITIONS ON BEHALF OF A COMPANY OR OTHER LEGAL ENTITY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH ENTITY TO THIS AGREEMENT, IN WHICH CASE THE TERM “YOU” OR “CUSTOMER” SHALL REFER TO SUCH ENTITY. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS AGREEMENT, YOU MAY NOT USE THE SOFTWARE. IF YOU DO NOT INTEND TO BE LEGALLY BOUND TO THE TERMS AND CONDITIONS OF THIS AGREEMENT, DO NOT ACCESS OR OTHERWISE USE THE SOFTWARE AND DO NOT CLICK “ACCEPT” OR OTHERWISE ASSENT TO THIS AGREEMENT.
IF THE CUSTOMER DOES NOT AGREE TO THE TERMS OF THIS AGREEMENT, THE SUPPLIER WILL NOT LICENCE THE SOFTWARE TO THE CUSTOMER AND THE CUSTOMER MUST DISCONTINUE THE DOWNLOADING OR ORDERING PROCESS NOW BY CANCELLING THE DOWNLOADING OR ORDERING PROCESS. IN THIS CASE, THE DOWNLOADING OR ORDERING PROCESS WILL TERMINATE OR THE CUSTOMER MAY NOT DOWNLOAD OR USE THE SOFTWARE.

1. Definitions and Interpretation

1.1 The definitions and rules of interpretation in this clause apply in this Agreement.

Affiliate: in relation to the person concerned: a holding company or a subsidiary or a subsidiary of a holding company of such person (where “holding company” and “subsidiary” have the meanings given to such terms in section 8 and section 7 respectively of the Companies Act 2014); a person directly or indirectly Controlled by such person; a person under Common Control with such person; a person that Controls such person; or an associated undertaking of such person.

Agreement: (a) the Order Form, (b) these Software End User Licence and Support Terms and Conditions (the “T&Cs”) and (c) the Appendices.

Authorised Installation: an instance of the Software (up to the maximum quantity specified on the Order Form) for which the Customer has a valid User Licence.

Authorised Site: has the meaning set out in the Order Form.

Authorised Users: those employees, agents and independent contractors of the Customer who are authorised by the Customer to use the Software and the Documentation and (where applicable) to use the Drug Information and receive the Hardware Support Services, as set out in the Order Form.

Appendices: Appendix 1 (Data Processing Agreement), Appendix 2 (Messaging Terms and Conditions (if applicable) to these T&Cs and including the schedules to the Appendices.

Business Day: any day which is not a Saturday, Sunday or public/bank holiday in Ireland.

Confidential Information: information that is proprietary or confidential and is either clearly labelled as such or identified as Confidential Information in clause 8.

Control: the ability of a person or persons, directly or indirectly, to direct or cause the direction of the affairs of another person, whether through provisions contained in its constitutional documents or, as the case may be, certificate of incorporation or by-laws or other documentation regulating or managing the affairs of that or any other person, or by virtue of any powers conferred by any applicable laws or regulations, the ownership of voting securities, by contract or otherwise, and “Controlled” or “under Common Control” shall be construed accordingly.

Customer: has the meaning set out in the Order Form or the practice or partnership using the Software.

Customer Data: the data inputted by or on behalf of the Customer for the purpose of using the Software or facilitating the Customer’s use of the Software, and shall include, where the context so requires, Personal Data.

Documentation: the documents made available to the Customer by the Supplier online via www.clanwilliamhealth.com or such other web address notified by the Supplier to the Customer from time to time which sets out a description and the user instructions for the Software.

Drug Information: means the database of medical, pharmaceutical and commercial information and periodic updates owned by or licensed to the Supplier.

Effective Date: has the meaning set out in the Order Form.

Hardware Maintenance Services Policy: the Supplier’s hardware maintenance services policy as available at www.clanwilliamhealth.com as may be varied from time to time by the Supplier.

Hardware Support Services: the standard hardware maintenance services provided to Authorised Users in respect of Supported Hardware by the Supplier in accordance with the Hardware Maintenance Services Policy. If the Customer has requested such services, these will be specified on the Order Form.

Initial Period: has the meaning set out in the Order Form.

Licence Fee: the charges payable by the Customer to the Supplier as set out in the Order Form.

Licence Term: the Initial Period together with any subsequent Renewal Periods.

Normal Business Hours: 9 am to 5.30 pm on a Business Day in Ireland.

Order Form: the Software End User Licence Order Form signed by the Supplier and Customer detailing the commercial terms of the Agreement.

Permitted Purpose: the use of an Authorised Installation for a Customer’s own internal business purposes for the uses described in the Documentation.

Personal Data: has the meaning set out in Appendix 1.

Renewal Period: has the meaning given to that term in clause 5.1 of these T&Cs.

Software: the software applications provided by the Supplier to the Customer, as more particularly described in the Order Form.

Software Support Services: the standard software support and maintenance services provided to Authorised Users by the Supplier, in accordance with the Software Support Services Policy.

Software Support Services Policy: the Supplier’s standard support services policy as available at www.clanwilliamhealth.com as may be varied from time to time by the Supplier.

Supplier: has the meaning set out in the Order Form.

Supported Hardware: those items of computer equipment and/or peripherals provided to the Customer by the Supplier that the Supplier notifies the Customer are covered by this Agreement which are physically located in an Authorised Site.

Support Hours: 8.00 am to 5.30 pm from Monday to Friday, excluding Bank Holidays.

User Licence: a licence purchased by the Customer pursuant to this Agreement which entitles Authorised Users to access and use an Authorised Installation of the Software, the Drug Information and the Documentation for the Permitted Purpose.

Virus: any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.

1.2 A person includes an individual, corporate or unincorporated body (whether or not having separate legal personality) and that person’s legal and personal representatives, successors or permitted assigns.

1.3 Words in the singular shall include the plural and vice versa.

1.4 A reference to a statute or statutory provision is a reference to it as it is in force for the time being, taking account of any amendment, extension, or re-enactment and includes any subordinate legislation for the time being in force made under it.

1.5 A reference to writing or written includes e-mail.

1.6 Clause, appendix, schedule and paragraph headings shall not affect the interpretation of this Agreement. References to clauses, appendices and schedules are to the clauses, appendices and schedules of this Agreement. The words “includes” and “including” are to be construed without limitation.

2. User Licences and Related Products and Services

2.1 Subject to the Customer having purchased the User Licences in accordance with the terms and conditions of this Agreement, the Supplier hereby grants to the Customer, as of the Effective Date, a non-exclusive, non-transferable right to permit the Authorised Users to use Authorised Installations of the Software at the Authorised Site(s) together with the Documentation during the Licence Term solely for the Permitted Purpose.

2.2 The licence granted to the Customer under clause 2.1 is personal to the Customer and the Customer shall not, without the prior written consent of the Supplier, assign, transfer, novate, charge, sub-licence or deal in any other manner with all or any of its rights or obligations under this Agreement.

2.3 In relation to the Authorised Sites, the Customer undertakes that:

(a) it will ensure that there are no instances of the Software or the Drug Information on computer equipment which is owned or leased by the Customer which is not an Authorised Installation; and

(b) in the event that it wishes to decommission an Authorised Installation, it will use all reasonable steps to remove all references to and files associated with the Software and/or the Drug Information and/or the Documentation from the computer equipment prior to creating a new Authorised Installation; and

(c) it will ensure that there is no unauthorised access to, or use of, the Software and/or the Drug Information and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify the Supplier.

2.4 The Customer may purchase from the Supplier any of the below products and/or services, and the Supplier agrees, if purchased, to provide such products and/or services subject to the terms of this Agreement:

(a) additional User Licences which will have the effect of increasing the number of Authorised Installations;

(b) Supported Hardware;

(d) Drug Information.

2.5 Should the Customer purchase any of the products and/or services specified in clause 2.4 during the Licence Term, the parties agree that the Order Form (including, for the avoidance of doubt, any Licence Fees or other fees) shall be amended to account for these products and/or services.

2.6 Subject to the charges and payment provisions of the Order Form, if the Customer agrees to purchase any of the products and/or services specified in clause 2.4, the Supplier shall debit the Customer’s bank account by an amount equal to the relevant fees for any of the products and/or services specified in clause 2.4 as may be agreed by the Supplier with the Customer.

2.7 The Customer acknowledges that should it use the Software otherwise than as specified in this Agreement, without the prior written consent of the Supplier, it may be liable to the Supplier for additional fees, including on any change of use approved by the Supplier.

2.8 If no Supported Hardware and/or Hardware Support Services and/or Drug Information are purchased under this Agreement, then all references to Supported Hardware and/or Hardware Support Services and/or Drug Information in this Agreement shall be disregarded, and the remainder of the relevant provisions shall be construed accordingly.

3. The Supplier’s Obligations

3.1 In relation to the Software, the Supplier:

(a) shall provide the Software together with any access keys, where applicable, required for the operation thereof and make available the Documentation to the Customer during the Licence Term on and subject to the terms of this Agreement; and

(b) undertakes that the Software will perform substantially in accordance with the Documentation for a period of 60 days from the Effective Date, provided that the Customer has installed the latest version of the Software in accordance with clause 4.1(b); and

(c) will from time to time and at the Supplier’s sole discretion, at no additional cost to the Customer, make available to the Customer updates to ﬁx defects or enhance the stability of the Software in accordance with the Supplier’s release plan.

3.2 The Customer accepts responsibility for the accuracy of its data, any decisions related to its data and the selection of the Software to achieve its intended results. The Supplier does not warrant, represent or undertake that:

(a) the use of the Software will be uninterrupted or error-free; or

(b) any data or reports generated by the Software will be accurate or error-free; or

3.3 In relation to the Software Support Services, the Supplier:

(a) will provide Authorised Users with the Software Support Services in accordance with the Supplier’s Software Support Services Policy in effect at the time; and

(b) will use reasonable endeavours to provide Software Support Services outside Support Hours, if requested to do so by the Customer, and the Customer will be liable to pay the Supplier’s prevailing callout charges and reimburse any directly related costs; and

(c) may, at its sole discretion, make information available to third party software/hardware suppliers where the problem is diagnosed and involves the Software, software other than the Software or hardware in order to resolve any identiﬁed problems.

For the avoidance of doubt, at the date of this Agreement, the Supplier’s Software Support Services Policy does not include the provision of any support services in relation to computer hardware or other equipment.

3.4 In relation to the Drug Information, the Supplier:

(a) shall provide the Drug Information together with any access keys, where applicable, required for the operation thereof to the Customer during the Licence Term on and subject to the terms of this Agreement; and

(b) will from time to time and at the Supplier’s sole discretion, at no additional cost to the Customer, make available to the Customer updates to the Drug Information.

3.5 In relation to the Supported Hardware, the Supplier:

(a) will provide Authorised Users with the Supplier’s standard customer support services in accordance with the Supplier’s Hardware Maintenance Services Policy in effect at the time; and

(b) if the Customer requests Hardware Support Services outside Support Hours, the Supplier will use reasonable endeavours to provide such support and the Customer will be liable to pay the Supplier’s prevailing callout charges and reimburse any directly related costs; and

(c) will not provide Hardware Support Services where attempts to fix or service the Supported Hardware are made by other than by the Supplier, without the prior approval of the Supplier or hardware other than Supported Hardware supplied by the Supplier is installed on the system without the prior written consent of the Supplier.

in addition to the services outlined in this clause, the Supplier offers a number of additional hardware support services, including (inter alia) a fix or replacement policy for Supported Hardware provided by the Supplier for a period of up to three years after installation. For the avoidance of doubt, this service is not included in the Supplier’s basic hardware support services but may be requested by the Customer at the time such equipment is provided by the Supplier.

3.6 The Supplier’s obligations under this clause 3 shall cease immediately in the event that:

(a) adjustments to the Software are required because of accident, neglect, misuse or cause other than ordinary use; or

(b) attempts to fix or service the Software are made by other than the Supplier, without the prior approval of the Supplier; or

(d) where the Customer owes the Supplier any monies outside the Supplier’s usual trading terms; or

(e) where the Customer infringes the copyright of the software licensed by the Supplier and any of its Affiliates or agents.

3.7 If, in the opinion of the Supplier, user support services are required as a result of cases stated in clause 3.6, the Customer may be liable to pay the Supplier the prevailing callout charges, and for reimbursement of any directly related expenses.

3.8 The Supplier shall not be liable for any non-availability of the Software arising out of any failure of the internet or any other communication system required to access the Software or for any defect or fault in the Customer’s computer system which prevents Authorised Users from accessing the Software.

4. The Customer’s Obligations

4.1 Throughout the Licence Term, the Customer shall:

(a) make available personnel and provide information, facilities, services, and equipment to the Supplier as and when necessary so that the Supplier can fulﬁl its obligations under this Agreement at no cost to the Supplier; and

(b) ensure that the latest version of the Software and the Drug Information is installed, and the Customer acknowledges that the Supplier shall not be obliged to support other than the latest version; and

(c) promptly notify the Supplier of any error message or problem with the Software or the Drug Information and ensure the full co-operation of its employees and agents with the Supplier in the diagnosis of any Software issue; and

(d) ensure that the environment and electrical supply are maintained in a satisfactory manner; and

(e) ensure existing computer networks to which computers operating the Software are connected are properly maintained as configured at the time of initial installation. Alterations to the network must not be made without consultation with the Supplier; and

(f) keep and operate the Software in a proper and prudent manner and ensure that only competent trained Authorised Users are allowed to operate the Software and the Drug Information;

(g) immediately inform the Supplier of any changes to its direct debit details (if applicable) or any billing details; and

(h) comply with the terms and conditions or policies of third parties as may be notified by the Supplier to the Customer from time to time.

4.2 The Customer shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Software that:

(a) is unlawful, harmful, discriminatory, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive; or

(b) causes damage or injury to any person or property,

and the Supplier reserves the right, without liability to the Customer, to disable the Customer’s access to any material that breaches the provisions of this clause.

4.3 Except as may be allowed by any applicable law which is incapable of exclusion by Agreement between the parties, the Customer shall not:

(a) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software and/or Drug Information and/or Documentation (as applicable) in any form or media or by any means; or

(b) attempt to reverse compile, disassemble, reverse engineer, or otherwise reduce to human-perceivable form all or any part of the Software and/or the Drug Information; or

(c) access all or any part of the Software and/or Drug Information and/or Documentation in order to build a product or service which competes with the Software and/or the Drug Information and/or the Documentation; or

(d) licence, sub-licence, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Software and/or the Drug Information and/or Documentation available to any third party except the Authorised Users; or

(e) attempt to obtain, or assist third parties in obtaining, access to the Software and/or the Drug Information and/or the Documentation, other than as provided under this Agreement.

4.4 The Customer shall ensure that no third party or person in the Customer’s organisation shall service or attempt to remedy any defect or in any way interfere with the Software, the Drug Information, Supported Hardware, network or setup of the Supported Hardware, except on each occasion under the instructions of the Supplier’s personnel. Any such interference may violate any obligations the Supplier has under this Agreement.

4.5 The Customer shall not (and shall not permit any third party to) carry out any integrations of the Software without the prior written consent of the Supplier.

5. Term and Termination

5.1 This Agreement shall, unless otherwise terminated as provided in this clause 5, commence on the Effective Date and shall continue for the Initial Period. After the Initial Period, this Agreement shall be automatically renewed for successive periods, each equal to the length of the Initial Period (each a “Renewal Period“), unless:

(a) either party notifies the other party of termination, in writing, at least 90 days before the end of the Initial Period or any Renewal Period, in which case this Agreement shall terminate upon the expiry of the applicable Initial Period or Renewal Period; or

(b) the Agreement is otherwise terminated in accordance with the provisions of this Agreement.

5.2 For the avoidance of doubt, in the event that the Customer notifies the Supplier of the termination of this Agreement, any unpaid portions of the Licence Fee will continue to be payable by the Customer to the Supplier in accordance with the charges and payment provisions of the Order Form. Further, in the event the Customer ceases to use the Software before the end of the Licence Term such amounts will continue to be payable by the Customer to the Supplier.

5.3 Without prejudice to any other rights or remedies to which the parties may be entitled, either party may terminate this Agreement without liability to the other if the other party commits a material breach of any of the terms of this Agreement and (if such a breach is remediable) fails to remedy that breach within 30 days of that party being notified in writing of the breach.

5.4 Without prejudice to any other rights or remedies to which the parties may be entitled, the Supplier may terminate this Agreement without liability to Customer if:

(a) the Customer fails to pay any amount due under this Agreement on the due date for payment and remains in default not less than 30 days after being notified to make such payment; or

(b) the Customer ceases or threatens to cease to do business, becomes unable to pay its debts as they fall due, becomes or is deemed insolvent, has a receiver, manager, examiner, liquidator, administrator, administrative receiver or similar officer appointed in respect of the whole or any parts of its assets or business, makes any composition or arrangement with its creditors, or suffers or undergoes any analogous process to the above in any jurisdiction because of debt.

5.5 On termination of this Agreement for any reason:

(a) all licences granted under this Agreement shall immediately terminate;

(b) each party shall return and make no further use of any equipment, property, Documentation, Drug Information, and other items (and all copies of them) belonging to the other party;

(c) subject to clause 5 of Appendix 1, the Supplier may destroy or otherwise dispose of any of the Customer Data in its possession unless the Supplier receives, no later than ten days after the effective date of the termination of this Agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. The Supplier shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by the Supplier in returning or disposing of Customer Data; and

(d) the accrued rights of the parties as at termination, or the continuation after termination of any provision expressly stated to survive or implicitly surviving termination, shall not be affected or prejudiced.

6. Customer Data

6.1 Any capitalised terms in this clause 6 shall, unless otherwise defined, have the meaning given to them in Appendix 1.

6.2 The Customer shall have sole responsibility for ensuring the legality, reliability, integrity, accuracy, and quality of the Customer Data used in conjunction with and/or entered into the Software.

6.3 The parties acknowledge that in entering into this Agreement they have entered into the Data Processing Agreement at Appendix 2 which shall govern the Processing of Personal Data.

6.4 If the Supplier Processes any Personal Data on the Customer’s behalf when performing its obligations under this Agreement, the parties record their intention that the Customer shall be the Controller and the Supplier shall be a Processor and in any such case:

(a) the Customer shall ensure that the Customer is entitled, under an appropriate legal basis under the GDPR, to transfer the relevant Personal Data to the Supplier so that the Supplier may lawfully use, Process, and transfer the Personal Data in accordance with this Agreement on the Customer’s behalf; and

(b) the Customer shall ensure that the relevant third parties have been informed of, and, where necessary, have given their consent to, such use, Processing, and transfer as required by all applicable Data Protection Laws; and

(c) the Supplier shall Process the Personal Data only in accordance with the terms of this Agreement and any lawful instructions reasonably given by the Customer from time to time; and

(d) each party shall take appropriate technical and organisational measures against unauthorised or unlawful processing of the personal data or its accidental loss, destruction, or damage.

6.5 During the Licence Term, the Supplier shall have the right to use anonymised, aggregated prescription information processed by it on behalf of the Customer and the Customer grants the Supplier the rights to utilise such data to the extent that such usage shall not be in contravention of any applicable Data Protection Laws in effect at the time.

6.6 The Customer will back-up all data and verify that data is correctly backed up at least on a daily basis in line with prudent industry norms. Such data shall be made available to the Supplier, as required to support the Software. The Supplier is under no obligation to and makes no warranty in respect of back-ups of Customer Data and shall not under any circumstances be liable for any loss of or corruption of data.

6.7 The Customer will take reasonable precautions to ensure its system is protected from Viruses by using anti-virus software and that any anti-virus software is updated, as specified, to ensure the latest protection technology is used. The Customer accepts that the Supplier is not responsible for protecting software and transaction data from Viruses or for ensuring that Customers are using anti-virus software or ensuring that Customers are keeping their anti-virus software up to date.

7. Third Party Providers

7.1 The Customer acknowledges that the Software may enable or assist it to access the website content of, correspond with, and purchase products and services from, third parties via third-party websites and that it does so solely at its own risk. The Supplier makes no representation or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or correspondence with, any such third-party website, or any transactions completed, and any contract entered into by the Customer, with any such third party. Any contract entered into and any transaction completed via any third-party website is between the Customer and the relevant third party, and not the Supplier. The Supplier recommends that the Customer undertakes thorough due diligence of the third party’s website terms and conditions, privacy policy and cyber security standards prior to using the relevant third-party website. The Supplier does not endorse or approve any third-party website nor the content of any of the third-party website made available via the Software.

7.2 The Customer acknowledges that any use of any third-party integration into the Software is at its own risk. The Supplier shall have no obligations and makes no warranty, representation or undertaking in respect of a third party’s products or services integrated into the Software. By using or otherwise sending SMS, RCS, MMS or other forms of communication messages using the Software (or any integration), the Customer hereby acknowledges and agrees that it: (i) shall be liable for the costs / charges of such messages as notified to the Customer from time to time, to be included in the invoice for the services; (ii) will comply with the suppliers terms and conditions relating to the provision of those services (including but not limited to the provisions of Appendix 2).

7.3 The Customer shall comply with the terms and conditions of any third-party website or integration into the Software contained via the following link: https://clanwilliamhealth.com/third-party-tcs/

8. Confidentiality

8.1 The provisions of this clause shall survive termination of this Agreement, however arising.

8.2 Each party may be given access to Confidential Information from the other party in order to perform its obligations under this Agreement. A party’s Confidential Information shall not be deemed to include information that:

(a) is or becomes publicly known other than through any act or omission of the receiving party; or

(b) was in the other party’s lawful possession before the disclosure; or

(d) is independently developed by the receiving party, which independent development can be shown by written evidence; or

(e) is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.

8.3 Each party shall:

(a) hold the other’s Confidential Information in confidence and, unless required by law, not make the other’s Confidential Information available to any third party, or use the other’s Confidential Information for any purpose other than the implementation of this Agreement; and

(b) take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this Agreement.

8.4 Neither party shall be responsible for any loss, destruction, alteration, or disclosure of Confidential Information of the other party caused by any third party.

8.5 The Customer acknowledges that details of the Software, and the results of any performance tests of the Software, constitute the Supplier’s Confidential Information.

9. Proprietary Rights

9.1 The Customer acknowledges and agrees that the Supplier and/or its licensors own all intellectual property rights in the Software, the Drug Information, and the Documentation. Except as expressly stated herein, this Agreement does not grant the Customer any rights to, or in, patents, copyrights, database rights, trade secrets, trade names, trademarks (whether registered or unregistered), or any other rights or licences in respect of the Software or the Drug Information or the Documentation.

9.2 The Supplier confirms that it has all the rights in relation to the Software and the Drug Information and the Documentation that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this Agreement.

10. Indemnity

10.1 The Customer shall defend, indemnify and hold harmless the Supplier and any Supplier Affiliate against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer’s use of the Software and/or the Drug Information and/or the Documentation, including in relation to data inputted by Customer and/or any Authorised User, and/or any integrations made to the Software.

10.2 The Supplier shall, subject to clause 10.1, defend the Customer against any third party claim that the Software or Drug Information or Documentation infringes any patent effective as of the Effective Date, copyright, trade mark, database right or right of confidentiality, and shall indemnify the Customer for any amounts awarded against the Customer in judgment or settlement of such claims, provided that:

the Supplier is given prompt notice of any such claim; and
the Customer provides reasonable co-operation to the Supplier in the defence and settlement of such claim, at the Supplier’s expense; and
the Supplier is given sole authority to defend or settle the claim.

10.3 In the defence or settlement of any claim, the Supplier may:

(a) procure the right for the Customer to continue using the Software and/or the Drug Information (or any part of these); or

(b) replace the Software and/or Drug Information with non-infringing software and/or Drug Information; or

(d) if such remedies specified in (a) to (c) of this clause 10.3 are not reasonably available, terminate this Agreement on 2 Business Days’ notice to the Customer without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.

10.4 In no event shall the Supplier, its employees, agents, and sub-contractors be liable to the Customer to the extent that the alleged infringement is based on:

(a) a modification of the Software or the Drug Information or the Documentation by anyone other than the Supplier; or

(b) the Customer’s use of the Software or the Drug Information or the Documentation in a manner contrary to the instructions given to the Customer by the Supplier; or

(c) the Customer’s use of the Software or the Drug Information or the Documentation after notice of the alleged or actual infringement from the Supplier or any appropriate authority.

10.5 The foregoing states the Customer’s sole and exclusive rights and remedies, and the Supplier’s (including the Supplier’s employees’, agents’, and sub-contractors’) entire obligations and liability, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.

10.6 For the purpose of this clause, Supplier enters into this Agreement on its own behalf and as agent for each of its Affiliates, each of which may exercise the rights of Supplier under this Agreement.

11. Limitation of liability

11.1 Subject to the provisions of clause 10, this clause sets out the entire financial liability of the Supplier (including any liability for the acts or omissions of its employees, agents, and sub-contractors) to the Customer in respect of:

(a) any breach of this Agreement; and

(b) any use made by the Customer of the Software and/or the Drug Information and/or the Documentation or any part of them; and

(c) any representation, statement or tortious act or omission (including negligence) arising under or in connection with this Agreement.

11.2 Except as expressly and specifically provided in this Agreement:

(a) the Customer assumes sole responsibility and the Supplier expressly disclaims any liability for results obtained from the use of the Software and/or the Drug Information and/or the Documentation and/or Supported Hardware by the Customer, and for conclusions drawn from such use;

(b) the Supplier shall have no liability for any damage caused by errors or omissions in any information, instructions or scripts provided to the Supplier by the Customer in connection with the Software or the Drug Information, or faults which arise from the misuse, incorrect use of or damage to the Software, from whatever cause, caused by the Customer or any actions taken by the Supplier at the Customer’s direction;

(c) the Supplier shall have no liability for any damage caused by the accuracy of any data or reports generated by the Software, or for any decision support tools within the Software;

(d) the Supplier shall have no liability for any loss or damage suffered by the Customer due to any integrations carried out on the Software;

(e) the Supplier shall have no liability for any loss or damage suffered by the Customer due to a third party’s products or services integrated into the Software;

(f) all warranties, representations, conditions, and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this Agreement;

(g) subject to clause 3.1, the Software, Documentation, Drug Information, and Supported Hardware are provided to the Customer on an “as is” basis and expressly subject to the disclaimer in clause 11.2(b);

(h) subject to clause 6 and Appendix 1, the Supplier shall not be liable for the acts or omissions of any sub-contractors it appoints; and

(i) in no event shall the Supplier, its employees, agents, and sub-contractors be liable to the Customer for any reports produced by the Software.

11.3 Nothing in this Agreement excludes the liability of the Supplier:

(a) for death or personal injury caused by the Supplier’s negligence; and/or

(b) for fraud or fraudulent misrepresentation; and/or

11.4 Subject to clauses 11.2 and 11.3:

(a) the Supplier shall not be liable whether in tort (including for negligence or breach of statutory duty), contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under this Agreement; and

(b) the Supplier’s total aggregate liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of this Agreement shall be limited to the total Licence Fees paid for the User Licences during the 12 months immediately preceding the date on which the claim arose.

11.5 The Supplier shall have no liability to the Customer under this Agreement if it is prevented from or delayed in performing its obligations under this Agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, including, without limitation, epidemics or pandemics, strikes, lock-outs or other industrial disputes (whether involving the workforce of the Supplier or any other party), failure of a utility service or transport or telecommunications network, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant or machinery, fire, flood, storm or default of suppliers or sub-contractors, provided that the Customer is notified of such an event and its expected duration.

12. Records and Audit

12.1 The Customer shall maintain accurate and complete records of its installation and usage of the Software including:

(a) the number of copies (including backup copies);

(b) the number of Authorised Users; and

12.2 Within five Business Days of being requested to do so by the Supplier, the Customer shall provide the Supplier with copies of the records referred to in clause 12.1 for the purpose of verifying that the Customer’s treatment of the Software is in accordance with this Agreement.

12.3 The Customer shall allow and procure for the Supplier (and any authorised representatives of the Supplier) access to its premises to inspect the equipment on which the Software is installed or on which the Supplier reasonably believes the Software might be installed, and to audit (and take copies of) the relevant records of the Customer, to the extent necessary to verify that the installation and use of the Software is in accordance with this Agreement.

12.4 At the Supplier’s option, the audit and inspection referred to in clause 12.3 may be undertaken by way of remote access or by way of physical attendance at any premises where the Customer locates its computer equipment.

12.5 The provisions of this clause 12 shall survive termination or expiry of this Agreement for a period of 12 months.

13. Other

13.1 The Supplier reserves the right to make changes to these T&Cs at any time and shall make the updated terms available to the Customer on the Supplier’s website (www.clanwilliamgroup.com) as soon as reasonably practicable.

13.2 If any provision (or part of a provision) of this Agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable, or illegal, the other provisions shall remain in force.

13.3 If any invalid, unenforceable or illegal provision would be valid, enforceable, or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect.

13.4 This Agreement, and any documents referred to in it, constitute the whole Agreement between the parties and supersede any previous arrangement, understanding or Agreement between them relating to the subject matter they cover.

13.5 Each of the parties acknowledges and agrees that in entering into this Agreement it does not rely on any undertaking, promise, assurance, statement, representation, warranty or understanding (whether in writing or not) of any person (whether party to this Agreement or not) relating to the subject matter of this Agreement, other than as expressly set out in this Agreement.

13.6 The Supplier may at any time assign, transfer, charge, sub-contract, or deal in any other manner with all or any of its rights or obligations under this Agreement.

13.7 This Agreement does not confer any rights on any person or party (other than the parties to this Agreement and, where applicable, their successors and permitted assigns).

13.8 Any notice required to be given under this Agreement shall be in writing and shall be sent to the other party at its address set out in this Agreement, or such other email or postal address as may have been notified by that party for such purposes.

13.9 A notice delivered by hand shall be deemed to have been received when delivered (or if delivery is not in Normal Business Hours, at 8am on the first Business Day following delivery). A correctly addressed notice sent by post or recorded delivery post shall be deemed to have been received at the time at which it would have been delivered in the normal course of post. A notice sent by email shall be deemed to have been received at the time of the receipt of an emailed reply to sender from the recipient confirming receipt of the original notice.

13.10 This Agreement may be executed in counterparts, each of which is deemed an original, but all of which together are deemed to be one and the same agreement. The parties consent to the execution of this Agreement by electronic means.

14. Governing Law and Jurisdiction

14.1 This Agreement and any disputes or claims arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) are governed by, and construed in accordance with, the laws of Ireland.

14.2 The parties irrevocably agree that the courts of Ireland have exclusive jurisdiction to settle any dispute or claim that arises out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims).

APPENDIX 1: DATA PROCESSING AGREEMENT (“DPA”)

For the purposes of this DPA, the Customer shall be known as the Controller and the Supplier shall be known as the Processor (each a “Party” and together the “Parties“).

1 INTERPRETATION

- The following definitions and rules of interpretation apply in this DPA.

“Affiliate”	shall have the meaning given to that term in the Principal Agreement;
“Data”	means Personal Data and Special Categories of Personal Data (as the context requires);
“Data Protection Laws”	means the Data Protection Acts 1988 to 2018; Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR“); Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on Privacy and Electronic Communications) and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations, 2011 (to the extent applicable);
“Normal Business Hours”	shall have the meaning given to that term in the Principal Agreement;
“Principal Agreement”	the Agreement as defined in the Software End User Licence and Support Terms and Conditions to which this DPA is appended;
“Processor System”	any information technology system or systems owned or operated by the Processor to which Data is delivered or on which the Services are performed in accordance with this DPA;
“Personal Data Breach”	a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed
“Services”	the services to be supplied by the Processor to the Controller in connection with the Principal Agreement (to the extent relevant) as set out at Schedule 1;
“Standard Contractual Clauses”	the “Standard Contractual Clauses” annexed to the European Commission Decision of: i) 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to GDPR or ii) (until such times as Processor has entered into the Standard Contractual Clauses outlined at i), the 5 February 2010 for the Transfer of Customer Personal Data to Processors established in Third Countries under Directive 95/46/EC);
“Technical and Organisational Security Measures”	shall mean those measures aimed at protecting Data against accidental or unlawful destruction, accidental or unauthorised loss, alteration or unauthorised disclosure of or access to Data, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, as set out at Schedule 2; and
“Term”	means the term of the Principal Agreement.

1.2 For the purposes of this DPA, the terms “Personal Data”, “Data Subject”, “controller”, “processor”, “Processing” (and “Process” and “Processed” shall have a corresponding meaning), “Special Categories of Personal Data” and “Recipient” shall have the same meanings as in the Data Protection Laws.

2 DATA PROCESSING

2.1 The subject matter, nature, and purpose of the Processing of Personal Data, together with the duration of the Processing, the type of Personal Data and the categories of Data Subjects is set out at Schedule 3.

2.2 During the Term, the Processor will process the Data in accordance with the terms and conditions set out in this DPA, and in particular the Processor will:

2.2.1 comply with its obligations as a Processor under the Data Protection Laws;

2.2.2 having regard to the state of the art, costs of implementation (where applicable) and taking into account the nature, scope, context and purposes of the Processing and the risk to the rights and freedoms of Data Subjects posed by the Processing and the information available to the Processor, implement the Technical and Organisational Security Measures, which the Controller and the Processor agree to be appropriate for the purposes of this DPA;

2.2.3 at the cost of the Controller, insofar as reasonably possible and practicable to do so, assist the Controller:

(a) in complying with the rights of the Data Subjects as set out in the Data Protection Laws;

(b) in conducting data protection impact assessments involving the Services (which may include by provision of documentation to allow customer to conduct their own assessment); and

(c) with respect to any investigations relating to a Personal Data Breach including preparing any required notices, and providing any information reasonably requested by the Controller in relation to any Personal Data Breach.

2.2.4 without due delay, notify the Controller of any actual Personal Data Breach which does actually affect the Data, after becoming aware of such Personal Data Breach;

2.2.5 unless otherwise lawfully directed in writing by Controller:

(a) insofar as it is reasonably possible and lawful to do so, process the Data solely in accordance with the instructions of Controller as notified in writing in advance by the Controller, except as required/permitted to do otherwise by European Union law or the laws of any member state to which the Processor is subject, and (where permitted) the Processor will inform the Controller of such;

(b)take reasonable steps to ensure that each of its employees, officers, representatives, advisers and/or subcontractors engaged in processing the Data will be informed of the confidential nature of the Data and are under an obligation to keep the Data confidential; and

(c) not Process or transfer any Data outside the European Economic Area (“EEA”) without the prior written consent of the Controller, other than as provided by clause 3 of this DPA.

2.3 To the extent that Processor cannot comply with the Controller’s instructions pursuant to clause 2.2.5(a) of this DPA or a change to those instructions (as the case may be) without incurring material additional costs, the Processor shall: (i) immediately inform the Controller, giving full details of the problem; and (ii) cease all processing of the affected Data (other than securely storing that Data) until revised instructions are received.

2.4 The Processor will, at the cost of the Controller and on reasonable notice during Normal Business Hours, give commercially reasonable assistance to the Controller, in ensuring compliance with the Controller’s obligations under the Data Protection Laws having regard to the state of the art, costs of implementation (where applicable) and taking into account the nature, scope, context and purposes of the Processing and the risk to the rights and freedoms of Data Subjects posed by the Processing and the information available to the Processor.

2.5 The Controller hereby agrees that it will comply with its obligations as a Controller under the Data Protection Laws. In particular, the Controller shall ensure that at all relevant times there is a legal basis for Processing in accordance with the Data Protection Laws to enable the Processor (and the Processor’s Affiliates) to Process the Data and/or Special Categories of Personal Data as pursuant to the Services under this DPA.

3. SUB-CONTRACTING

3.1 The Controller hereby grants to the Processor authorisation to subcontract its processing functions as it deems necessary in respect of Processing the Data pursuant to this DPA to any of the third parties listed at Schedule 4, including those third parties based outside the EEA which are also listed at Schedule 4.

3.2 The Processor will inform the Controller of any intended changes concerning the addition or replacement of sub-contractors from such list and the Controller, acting reasonably, will have the right to object to a proposed change within thirty (30) days from receiving written notice from the Processor such notice to include evidence as to why the Controller objects. In the event that the Controller objects to any such proposed change, the Processor will have the option to propose an alternative contractor or terminate the Principal Agreement (which will be effective ten (10) days from the Controller exercising its right to object).

3.3 In the event that a sub-contractor is contracted by the Processor to carry out Processing, the Processor will procure (so far as it is within the Processor’s control to do so) that such sub-contractor enters into an agreement with the Processor in relation to Processing the Data, the terms of which are similar to, but not less onerous than, the terms of this DPA.

3.4 The Processor is hereby authorised to transfer the Data to the third parties listed in Schedule 4 as being based outside the EEA provided that, to the extent applicable, for transfers of Controller Data from the EEA to locations outside the EEA (either directly or via onward transfer) that do not have adequate standards of data protection as determined by the European Commission, Processor relies upon:

3.4.1 the Standard Contractual Clauses; or

3.4.2 such other appropriate safeguards, or derogations (to the limited extent appropriate), specified or permitted under the Data Protection Laws.

3.5 With respect to Processor’s reliance on the Standard Contractual Clauses for international transfers of Customer Data under the DPA, Processor shall act in its capacity as ‘data exporter’ as set out in the relevant modules of the Standard Contractual Clause.

4 AUDIT

4.1 Not more than once in any period of twelve months during the Term, the Processor will, at the cost of and on reasonable notice from the Controller during Normal Business Hours:

4.1.1 provide all information necessary; and/or

4.1.2 permit the Controller (or any auditor acting under the authority of the Controller) to carry out an audit or inspection, to demonstrate the Processor’s compliance with its obligations laid down in Article 28 of the GDPR, PROVIDED HOWEVER that:

4.1.3 the scope of an audit will be limited to Processor Systems, processes, and documentation relevant to the processing and protection of Controller Data;

4.1.4 Controller shall ensure that any auditors or representatives that it appoints will conduct audits subject to any appropriate and reasonably confidentiality restrictions requested by Controller;

4.1.5 any information obtained by the Controller in connection with or in the course of any such audit and any such information provided to or obtained by the Controller shall be maintained by the Controller in the strictest confidence, shall be used solely for the purposes of ensuring that the Processor is complying with its obligations as a Processor under the Article 28 of the GDPR and shall not be used or disclosed for any other purpose

5 RETURN OR DESTRUCTION OF DATA

5.1 Upon prior written request and at the option and cost of the Controller, the Processor will as soon as reasonably practicable and possible to do so:

5.1.1 destroy or return to Controller all Data; and

5.1.2 to the extent technically practicable, erase all Data from the Processor System.

5.2 Nothing in clause 5.1 of this DPA shall require the Processor to return or destroy Data that the Processor is required to retain by applicable law, or to satisfy the requirements of any laws of the European Union or member state law, regulatory authority or body of competent jurisdiction to which the Processor is subject.

6 LIABILITY

6.1 The Controller acknowledges that the Processor is reliant on the Controller for direction as to the extent to which the Processor is entitled to use and process the Personal Data. Consequently, the Processor will not be liable for and the Controller shall indemnify and keep indemnified and defend at its own expense the Processor against all claims, costs (including without limitation court costs and legal fees), damages (direct or indirect), losses or expenses (“Loss“) suffered or incurred by the Processor or for which the Processor may become liable including and in particular to such arising from:

6.1.1 civil claims where a final award of damages has been granted or which are subject to a court approved settlement; and/or

6.1.2 administrative fines imposed by a supervisory authority and approved by a court of competent jurisdiction,

in each case, except to the extent that any such Loss arises due to the failure by the Processor to comply with any of its obligations under this DPA or for breach of the Data Protection Laws.

SCHEDULE 1: SERVICES

The Services shall comprise of the following as defined in the Principal Agreement (where purchased):

Software
Software Support Services
Drug Information
Supported Hardware
Hardware Support Services

SCHEDULE 2: Technical and Organisational Security Measures

Domain	Practices
Organisation of Information Security	Security Ownership. Clanwilliam Health have an internal security committee and a Data protection officer Security Roles and Responsibilities. Clanwilliam Health staff with access to Customer Data are subject to confidentiality agreements within their contracts. Risk Management Program. ISO 27001 framework is used to identify risks to Availability of our services and confidentiality data assets.
Asset Management	Asset Inventory. Clanwilliam Health use IS0 27001 frame work for developing an internal asset inventory. Asset Handling · Clanwilliam Health regularly review access to assets with departments. · HR issue joiner requests listing requirements for access and also removal off assets for leavers · Monitoring off internal activity is controlled by IBM Qrader · All Assets have anti-virus · Assets with sensitive information are encrypted with Bitlocker or Deslock+
Human Resources Security	Security Training. Clanwilliam Health issue all staff with data protection training modules on induction and refresher training every 12 months. Train modules cover Data protection principles, data subject access request, Data Breach and keeping data secure. HR issue starter and leaver forms to IT for removal of access to building, emails, and any IT assets.
Physical and Environmental Security	Physical Access to Facilities. Clanwilliam Health requires Fob pass to enter building and fob to enter office. Physical Access to Components. Records of employees entering building are logged. Visitors require sign in on book and issues visitor passes. Protection from Disruptions. IT Comms room has redundancy with UPS, high availability ISP and firewalls. Component Disposal. A data retention policy and procedure has been introduced to comply to GDPR. Shredding is carry out on site and certified
Communications and Operations Management	Operational Policy. Clanwilliam Health maintains an Information security management system which contains documents for security access, internet usage, BYOD, email policy, password policy and many others Data Recovery Procedures 1. Clanwilliam Health review their backup requirements with departments every 6 months. 2. Off site and on site backups are maintained. 3. Azure and Keepitsafe are used for Online backups 4. Tests are periodically restored. Malicious Software. Clanwilliam Health have Eset Security and anti-virus installed on all IT assets. Qradar SIEM is monitoring the network for malicious activity. Data Beyond Boundaries – Clanwilliam Health encrypts data used within data centers and Azure Event Logging. Event logs within the network are monitors by Qradar .
Access Control	Access Policy. Clanwilliam Health maintains a record of security privileges of individuals having access to Customer Data. These are reviewed with line managers every 6 months. Access Authorization 1. Access to data is approved by line manager and HR policies used for joiners and leavers. 2. Clanwilliam Health deactivates authentication credentials from leavers and reviews AD periodically 3. O365 access is managed by IT – Clanwilliam Health ensures that where more than one individual has access to systems containing Customer Data, the individuals have separate identifiers/log-ins. Least Privilege – Customer support personnel are only permitted to have access to Customer Data when needed. – Clanwilliam Health restricts access to Customer Data to only those individuals who require such access to perform their job function. Integrity and Confidentiality – Clanwilliam Health instructs Clanwilliam Health personnel to disable administrative sessions when leaving premises Clanwilliam Health controls or when computers are otherwise left unattended. – Clanwilliam Health stores passwords in a way that makes them unintelligible while they are in force. Authentication – Clanwilliam Health uses industry standard practices to identify and authenticate users who attempt to access information systems. – Where authentication mechanisms are based on passwords, Clanwilliam Health requires that the passwords are renewed regularly. – Where authentication mechanisms are based on passwords, Clanwilliam Health requires the password to be at least eight characters long with Complexity – Clanwilliam Health ensures that de-activated staff are not granted access
Information Security Incident Management	Incident Response Process – Clanwilliam Health have a procedure in place for reporting security breaches. – A major incident policy is in place for the event of such breaches Service Monitoring. Clanwilliam Health review monitoring logs periodically.
Business Continuity Management	– Clanwilliam Health maintains a business continuity plan so insure customers have access to services in the event of environmental or physically building access issues.

SCHEDULE 3

(A)	Subject matter, nature and purpose of the processing of Personal Data under the Principal Agreement	Subject matter The provision of Services by the Processor to the Controller under the Principal Agreement. Nature Processing activities, such as storage, retrieval, analysing, data collection and data transfer will all be undertaken by the Processor. Purpose · Software Updates · Drug Information Updates · Technical Support Services · Remote Connection for Technical Support · Support Call Logging · Telephone Support
(B)	Duration of the processing of Personal Data under the Principal Agreement	Personal Data will be processed for the Term of the Principal Agreement unless the Principal Agreement is terminated earlier in accordance its clause 5 or the Personal Data processing extends beyond the termination of the Principal Agreement in order to comply with applicable laws pursuant to clause 5.2 of this DPA.
(C)	Type of Personal Data processed under the Principal Agreement	Personal Data Personal Data can be processed and can include, name, address, telephone or mobile number, fax number, email address, information concerning family, lifestyle and social circumstances including age, date of birth, marital status, number of children and name(s) of spouse and/or children; employment details including employer name, job title, identification numbers, and social security details. Special Categories of Personal Data Sensitive Personal Data can be processed and can include racial or ethnic origin, religion, physical or mental health condition and sexual life, notes, prescriptions, maternity, lab results and other medical data
(D)	Categories of data subjects of the Personal Data processed under the Principal Agreement	Categories of the individuals to whom the Personal Data relates – e.g. past, present and prospective patients; past, present and prospective employees, personnel and third-party suppliers.

SCHEDULE 4: LIST OF PROCESSORS ENGAGED BY THE PROCESSOR

Sub-contractor	Function	Location
Keep it Safe	On-line backup	Ireland
Blacknight Solutions	Data Centre (hosting)	Ireland
Codex DSS	CRM System partner	Ireland
Ward Solutions	Clanwiliam Health IT Security Partner	Ireland
Secure LAN IT Business Solutions	Engineering Services	Ireland
Azure	Hosting of Paradox the Socrates system updater tool	Ireland
Ethos	Hardware and PC supplier	Ireland
DiskShred	Supplier used to dispose of hard drives	Ireland
Esendex	SMS service provider	UK
Clickatell	SMS service provider	Ireland
Healthlink	Electronic Referrals	Ireland
Affidea	Electronic Referrals	Ireland
PCRS	Data Returns for GMS card checker and registration checker	Ireland
Socrates Patient Portal	Patient self-service portal	Ireland
Practice Administration Technologies (Billink)	Card Payments	Ireland
Dictate IT Limited	Dictation Services (Live ASR)	UK

APPENDIX 2: Messaging Terms and Conditions

1 Definitions and interpretation

1.1 In this Schedule:

Unless otherwise stated to the contrary or as otherwise defined herein, defined terms used or referred to in this schedule shall have the same meaning as in the Agreement, in this Schedule:
Agreement	means the software end user licence and support terms and conditions relating to the use of the Software;
Applicable Law	means applicable laws of the European Union (EU), the European Economic Area (EEA) or any of the EU or EEA’s member states from time to time together with applicable laws in the United Kingdom from time to time;
Business Day	means a day other than a Saturday, Sunday or bank or public holiday in England and / or Dublin, Ireland (as the case may be);
Data Protection Laws	in this Schedule means all Applicable Laws relating to the processing, privacy and/or use of Personal Data, as applicable to either party or the Services, including the following laws to the extent applicable in the circumstances: (a) the GDPR; (b) the Irish Data Protection Act 2018; (c) the UK Data Protection Laws; (d) any laws which implement any such laws; and any laws which replace, extend, re-enact, consolidate or amend any of the foregoing (including where applicable, the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of the European Union (Withdrawal) Act 2018 as modified by applicable domestic law from time to time);
Force Majeure	means an event or sequence of events beyond a party’s reasonable control preventing or delaying it from performing its obligations under this schedule, including any matters relating to transfer of data over public communications networks and any delays or problems associated with any such networks or with the internet;
Intellectual Property Rights	means in respect of the Service, any and all copyright, rights in inventions, patents, know-how, trade secrets, trade marks and trade names, service marks, design rights, rights in get-up, database rights and rights in data, domain names and all similar rights and, in each case whether registered or not;
Network Operator	means any telecommunications network operator;
Permitted Purpose	means use solely for the Customer’s business operations and also for the internal business of operations of the Customer, in each case in accordance with this Schedule. Permitted Purpose expressly excludes any of the following to the maximum extent permitted by law: (a) copying, reproducing, distributing, redistributing, transmitting, modifying, adapting, editing, abstracting, selling, licensing, leasing, renting, assigning, transferring, disclosing (in each case whether or not for charge) or in any way commercially exploiting any part of any Service; (b) permitting any use of any Service in any manner by any third party (including permitting use in connection with any timesharing or service bureau, outsourced or similar service to third parties or making any Service (or any part) available to any third party or allowing or permitting a third party to do any of the foregoing (other than to the Authorised Users for the Permitted Purpose)); (c) combining, merging or otherwise permitting any Service to become incorporated in any other program or service, or arranging or creating derivative works based on it (in whole or in part); or (d) attempting to reverse engineer, observe, study or test the functioning of or decompile the Services (or any part), except as expressly permitted under this Schedule.
Policies	means each of the following: (a) the Text Message Supplier’s policy on acceptable use of the Services from time to time (the Acceptable Use Policy); (b) the Text Message Supplier’s policy on information security as amended and updated from time to time (the Information Security Policy); (c) the Text Message Supplier’s privacy policy as amended and updated from time to time (the Privacy Policy), as may be updated from time to time and available at www.esendex.co.uk
Regulator	means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority;
Service(s)	means the communication services relating a Transaction provided by the Text Message Supplier and used by the Customer using the Software;
Schedule	means the terms and conditions set out in the clauses and other provisions of this schedule;
Text Message Supplier	mean Commify UK Limited (trading as Esendex) a company registered in England and Wales with registration number 04217280 whose registered office address is at 20 Wollaton Street, Nottingham NG 1 5FW;
Transaction	means any SMS, RCS, MMS, email, voice or other format message sent or received; (ii) any voicemail received: (iii) any voice call made or received; (iv) any GSM or GPS device detection; and (v) any other form of communication accessed or engaged in, using the service.

2. Rights of use

2.1 The provisions of this Schedule apply to the Customer in respect of the Customer’s use of the Services.

2.2 Upon using the text message service or otherwise sending a Transaction, you agree to be bound by the terms of these terms and conditions and you are granted a non-exclusive, non-transferable, sub-licence to use each Service for the Permitted Purpose.

2.3 The Customer hereby agrees to:

2.3.1 ensure only Authorised Users use the Services and that such use is at all times in accordance with these terms and conditions;

2.3.2. ensure Authorised Users are, at all times whilst they have access to the Services, the Customer’s employees or contractors;

2.3.3 keep and maintain a list of all Authorised Users;

2.3.4 ensure that your account (and account details) cannot be used by more than one medical practice at the same time;

2.3.5 shall at all times comply with the terms of this Agreement (including this Schedule);

2.3.6 are required to maintain a confidential password or access details for any Service and not share that password with any third party other than with Authorised Users.

2.4 The Customer shall:

2.4.1 be liable for the acts and omissions of the Authorised Users as if they were its own; and

2.4.2 only provide Authorised Users with access to the Services via the access method provided by the Supplier (or the Text Message Supplier as the case may be) and shall not provide access to (or permit access by) anyone other than an Authorised User.

2.5 The Customer acknowledges that use of the Services is at all times subject to the Customer’s compliance with the Agreement and this Schedule.

3. Support

In respect of the Services, support services shall be available during the hours of 0800-17.30 on a Business Day and in accordance with the Support Services provided by the Supplier.

4. Changes to services and terms

4.1 You acknowledge that the Text Message Supplier may update the Policies and you agree to be bound by the terms of and comply with those Policies.

4.2 The Customer acknowledges that the Text Message Supplier shall be entitled to modify the features and functionality of the Services.

4.3 The Text Message Supplier may replace virtual mobile numbers from time to time.

4.4 SMS message fees are charged on a per SMS basis. Each SMS is a set of systematized textual and numeric characters (text) of up to 160 characters when using the GSM alphabet. Some symbols constitute more than one character (as more particularly set out at https://support.esendex.co.uk/sms/long-message-can-send/). If message text exceeds 160 characters, it shall be charged as more than 1 SMS. If the GSM alphabet is not used, the character limit for 1 SMS shall be less than 160 characters.

4.5 By sending a Transaction (whether or not such Transaction is received), the Customer shall be liable for the costs of the Transaction, payable to the Supplier and in accordance with the suppliers payment terms.

4.6 Fees shall be incurred for each Transaction submitted whether or not such Transaction is received by the intended recipient of a Transaction.

4.7 Fees for Transactions may be increased on notice to the Customer.

4.8 Any pre-paid Transaction credit purchased or Transaction balance shall be non-refundable and shall expire 12 months after the date purchased.

4.9 The Services may be subject to delays, interruptions, errors or other problems resulting from use of the internet or public electronic communications networks used by the parties or third parties. The Customer acknowledges that such risks are inherent in communications services and that neither the Supplier or Text Message Supplier shall have any liability for any such delays, interruptions, errors or other problems.

4.10 The Customer acknowledges that neither the Supplier or Text Message Supplier has any liability or obligations (howsoever arising whether under contract, tort, in negligence or otherwise) in relation to:

- - the content of Transactions; or
  - without prejudice to clause 6.1.3, the Services being free of minor errors or defects.

5. Customer’s responsibilities

5.1 The Customer agrees and shall ensure that Authorised Users shall at all times comply with all applicable laws, rules and regulations relating to the use or receipt of the Services, including to the Data Protection Laws.

5.2 The Customer shall at all times comply with the Policies.

5.3 The Customer shall:

5.3.1 reasonably co-operate with the Supplier and/or Text Message Supplier in all matters relating to the Services;

5.3.2 provide, in a timely manner, such information as the Supplier and/or Text Message Supplier may reasonably require in order to provide the Services;

5.3.3 provide the Supplier and/or Text Message Supplier with reasonable and available information if requested by a Network Operator and/or Regulator relating to a Customer’s use of the Services.

5.4 The Customer shall defend, indemnify and hold harmless the Supplier and the Text Message Supplier against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection any claim by a third party in connection with the content of a Transaction or the use of the Service.

5.5 Clauses 5.1 to 5.4 (inclusive) shall survive termination or expiry of the Agreement.

6. Intellectual Property

6.1 All Intellectual Property Rights in and to the Services belong to and shall remain vested in the Text Message Supplier or the relevant third party owner. To the extent that the Customer or any person acting on its or their behalf acquires any Intellectual Property Rights in the Services, the Customer shall assign or procure the assignment of such Intellectual Property Rights with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to the Text Message Supplier or such third party as the Text Message Supplier may elect. The Customer shall execute all such documents and do such things as the Supplier and/or Text Message Supplier may consider necessary to give effect to this clause 1.

6.2 Except for the rights expressly granted in this Schedule, the Customer and its direct and indirect sub-contractors, shall not acquire in any way any title, rights of ownership, or Intellectual Property Rights of whatever nature in the Services and no Intellectual Property Rights of either party are transferred or licensed as a result of this Schedule or the Agreement.

6.3 This clause 6 shall survive the termination or expiry of the Agreement.

7. Customer Systems and Customer Data

7.1 The Customer acknowledges that neither the Supplier or the Text Message Supplier has any control over any Customer Data hosted as part of the provision of the Services and will not actively monitor the content of your data. The Customer acknowledges that the Customer is responsible for the accuracy, quality, integrity and legality of the Customer Data and that its use (including use in connection with the Service) complies with all applicable Data Protection Laws and Intellectual Property Rights.

7.2 The Customer acknowledges that the Text Message Supplier makes use of automated fraud detection on receipt of the Customer Data to protect end-users from fraudulent or otherwise deceptive conduct.

7.3 If the Supplier or the Text Message Supplier becomes aware that any of your data does not comply with the Acceptable Use Policy or any other part of this Schedule, the Supplier (or the Text Message Supplier) shall have the right to permanently delete or otherwise remove or suspend access to the relevant Customer Data which is suspected of being in breach of any of the foregoing from the Services and/or and if required by law, disclose Customer Data to law enforcement

7.4 Neither the Supplier or the Text Message Supplier shall be liable for consequential, indirect or special losses.

8. Suspension

8.1 The Supplier or Text Message Supplier may suspend access to the Services on reasonable notice if:

8.1.1 the Supplier or Text Message Supplier reasonably suspects that there has been any material misuse of the Services or breach of this Schedule;

8.1.2 a Network Operator or Regulator requires it;

8.1.3 the Customer (or any third party) significantly exceeds its usual volumes of Transactions and has not provided the Supplier or Text Message Supplier with reasonable prior notice; or

8.1.4 the Customers fails to pay any sums due in respect of the Services.

8.2 Where the reason for the suspension is suspected misuse of the Services or breach of these terms, the Supplier or Text Message Supplier, may terminate the Services and may at its discretion take steps to investigate the issue and may restore or continue to suspend access.

9. Termination of the Services

Notwithstanding that the Supplier or Text Message Supplier may terminate (or suspend access without notice), the Customer may terminate the Services on 60 days prior written notice.

10. Consequences of termination of the Services

10.1 Immediately on termination or expiry of this Schedule (and/or the Agreement if applicable) (for any reason), the rights granted by the Customer under this Schedule shall terminate and the Customer shall:

10.1.1 stop using the Services; and

10.1.2 pay all outstanding fees due and payable.

10.2 Termination or expiry of this Schedule (and/or the Agreement if applicable) shall not affect any accrued rights and liabilities of a party at any time up to the date of termination or expiry and shall not affect any provision of this Schedule that is expressly or by implication intended to continue beyond termination.

10.3 Except as expressly provided in this Schedule, the Supplier or Text Message Supplier (as the case may be) may at any time assign, sub-contract, sub-licence (including by multi-tier), transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of its rights or obligations under this Schedule.

10.4 The Customer acknowledges that the Supplier or Text Message Supplier are independent and are not partners or principal and agent and that no joint venture, trust, fiduciary or other relationship is established between them, other than the contractual relationship expressly provided for in it. The Supplier does not represent that it has, any authority to make any commitments on behalf of the Text Message Supplier.

10.5 If any provision of this Schedule (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of this Schedule shall not be affected.

10.6 If any provision of this Schedule (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it was deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.

10.7 No failure, delay or omission by either the Supplier or the Text Message Supplier in exercising any right, power or remedy provided by law or under this Schedule shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.

10.8 No single or partial exercise of any right, power or remedy provided by law or under this Schedule shall prevent any future exercise of it or the exercise of any other right, power or remedy.

10.9 Neither the Supplier or the Text Message Supplier shall be in breach of this Schedule nor liable for delay in performing, or failure to perform, any of its obligations under this Schedule if such delay or failure result from a Force Majeure.