Website Terms and Conditions of Use

PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THIS SITE

Terms of website use

This terms of use (together with the documents referred to in it) tells you the terms on which you may make use of our website: https://10to8.com/ (our site), whether as a guest or a registered user. Use of our site includes accessing, browsing, or registering to use our site.

Please read these terms of use carefully before you start to use our site, as these will apply to your use of our site. We recommend that you print a copy of this for future reference. 

By using our site, you confirm that you accept these terms of use and that you agree to comply with them. 

If you do not agree to these terms of use, you must not use our site.

Other applicable terms

These terms of use refer to the following additional terms, which also apply to your use of our site:

• Our Privacy Policy which sets out the terms on which we process any personal data we collect from you, or that you provide to us. By using our site, you consent to such processing and you warrant that all data provided by you is accurate. 
• Our Cookie Policy which sets out information about the cookies on our site.

If you purchase any products or services from our site, our terms and conditions of service will also apply to the sales. These terms and conditions can be accessed here.

Information about us

This website is operated by Sign In Scheduling Ltd ("We").  We are registered in England and Wales under company number 14480136 and have our UK head office registered office at 4 Waterside Way, Northampton, NN4 7XD.

Changes to these terms

We may revise these terms of use at any time by amending this page. 

Please check this page from time to time to take notice of any changes we made, as they are binding on you. 

Changes to our site

We may update our site from time to time, and may change the content at any time. However, please note that any of the content on our site may be out of date at any given time, and we are under no obligation to update it.

We do not guarantee that our site, or any content on it, will be free from errors or omissions.

Accessing our site

Our site is made available free of charge. 

We do not guarantee that our site, or any content on it, will always be available or be uninterrupted. Access to our site is permitted on a temporary basis. We may suspend, withdraw, discontinue or change all or any part of our site without notice. We will not be liable to you if for any reason our site is unavailable at any time or for any period.

You are responsible for making all arrangements necessary for you to have access to our site.  

You are also responsible for ensuring that all persons who access our site through your internet connection are aware of these terms of use and other applicable terms and conditions, and that they comply with them.  

Your account and password

If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential. You must not disclose it to any third party. 

We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our reasonable opinion you have failed to comply with any of the provisions of these terms of use.

If you know or suspect that anyone other than you knows your user identification code or password, you must promptly notify us at: support@10to8.com.

Intellectual property rights

We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it.  Those works are protected by copyright laws and treaties around the world.  All such rights are reserved. 

You may print off one copy, and may download extracts, of any page(s) from our site for your personal use and you may draw the attention of others within your organisation to content posted on our site.  

You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text. 

Our status (and that of any identified contributors) as the authors of content on our site must always be acknowledged. 

You must not use any part of the content on our site for commercial purposes without obtaining a licence to do so from us or our licensors.

If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

No reliance on information

The content on our site is provided for general information only. It is not intended to amount to advice on which you should rely. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.

Although we make reasonable efforts to update the information on our site, we make no representations, warranties or guarantees, whether express or implied, that the content on our site is accurate, complete or up-to-date. 

Limitation of our liability

Nothing in these terms of use excludes or limits our liability for death or personal injury arising from our negligence, or our fraud or fraudulent misrepresentation, or any other liability that cannot be excluded or limited by English law.

To the extent permitted by law, we exclude all conditions, warranties, representations or other terms which may apply to our site or any content on it, whether express or implied. 

We will not be liable to any user for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:

• use of, or inability to use, our site; or
• use of or reliance on any content displayed on our site. 

If you are a business user, please note that in particular, we will not be liable for:

• loss of profits, sales, business, or revenue;
• business interruption;  
• loss of anticipated savings; 
• loss of business opportunity, goodwill or reputation; or
• any indirect or consequential loss or damage. 

We will not be liable for any loss or damage caused by a virus, distributed denial-of-service attack, or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any content on it, or on any website linked to it.

Different limitations and exclusions of liability will apply to liability arising as a result of the supply of any products or services by us to you, which will be set out in our Terms and conditions of service.

Viruses

We do not guarantee that our site will be secure or free from bugs or viruses.

You are responsible for configuring your information technology, computer programmes and platform in order to access our site. You should use your own virus protection software.

You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack. By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will cooperate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

Third party links and resources in our site

If our site contains links to other sites and resources provided by third parties, these links are provided for your information only.  

We have no control over the contents of those sites or resources. 

Applicable law

Please note that these terms of use, its subject matter and its formation, are governed by English law. You and we both agree that the courts of England and Wales will have non-exclusive jurisdiction. 

Contact us

To contact us, please email: support@10to8.com.

Thank you for visiting our site.

Cookies and how we use them

Information gathered by the use of cookies in your web browser, such as your IP address, geographical location, operating system and browser.

We use cookies to analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.

Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.

You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies.

However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.

What are cookies?

Cookies are small text files saved by your browser or mobile devices when visiting certain websites. These files allow websites to remember your preferences and details and can be provided by the site you are visiting or a third party. Many cookies have expiry dates upon which they will automatically be removed from your device, however some may be persistent depending on the reason for their creation.

Essential cookies

These cookies are vital to provide a safe and smooth experience on our website. These will usually be set in response to an action you take or required for fraud detection. This cookie type cannot be turned off on our system, however you can use your browser settings to prevent their use. This may have serious effects on your browsing experience and some pages or services may become unavailable to you.

Analytics cookies

Analytics cookies allow us to improve our site and services by collecting details on your browsing experience. These are implemented through a third-party analytics package. The information helps us improve the website structure, design, content and functions.

Marketing cookies

These cookies may be set by advertising or social media partners. These cookies may be used to help monitor how successful our marketing campaigns are, including building a profile of your or your browsing habits to improve future campaigns or provide targeted advertising to you on other websites.  You can find further information about how to delete and manage cookies in your web browser here: https://ico.org.uk/your-data-matters/online/cookies/

If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies. However, please note that doing this may affect how our website 

functions. Some pages and services may become unavailable to you.

You can find further information about cookies from the Information Commissioner's website: https://ico.org.uk/your-data-matters/online/cookies/

EU Regulations VS UK Regulations

If you are based in the EU you can follow the link below to see what EU law says about cookies:

EU Cookie Law: https://www.aboutcookies.org/eu-cookie-law

Active Cookie List

We put you in full control, you can change your preferences at any time by clicking the button below.

Policy Review Statement

• This policy may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 1 year from the initial approval and thereafter on an annual basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Associated References, Legislation and Further Guidance

For further information about Sign In App’s compliance with data protection law, please contact:

Governance, Risk and Compliance Team

Tel: 00 44 1604 349759

Email: privacy@signinsolutions.com

Alternatively for further information about data protection law you can contact the information Commissioner's Office Directly on 0303 123 1113 or at https://ico.org.uk/

Privacy Policy

1. Our Role in your privacy

Sign In Solutions (together with its affiliated companies) is committed to ensuring the privacy and confidentiality of your personal information, and to protect it from unauthorised access and disclosure.

The purpose of this Privacy Policy is to clearly communicate to you how  we handle your personal information to provide you with services, and to comply with our legal obligations. This Privacy Policy applies to all websites owned or operated by us and our apps and services, as amended from time to time. If you are a customer this Privacy Policy together with our Terms & Conditions of Service (see Annex A), Use of Website Policy and our Data Processing Agreement (see Annex A) will give you a better and more complete understanding of the type of personal information that we hold about you and the way we handle that information.

2. What information will we collect?

Personal data may be collected, stored and used when visiting our website, registering for a trial, or placing an order. The personal information that you are asked to provide, and the reasons why you are asked to provide it, will only be used in ways described in this policy.

Information you provide

• When visiting our website or using our apps.

If you choose to contact us through either of these sources, information you provide such as your name, email address or telephone number and any other information you choose to provide us with will also be stored.  If you click a link on our website which redirects you to an affiliates website (or third-party website) you should take the time to read the privacy notice on the affiliates (or third-party) website.

• Account registration.

When registering for an account/trial, details that you provide to us to create a user account and provide you with access to the applications. The registration requires you to provide us with personal contact information, such as your name, company name and email address.

• Payment information.

When paying for your order online, your financial information is directed to our third-party payment processor. We do not store your financial data on our systems (Please see Annex A for any product specific variations).

• Information provided by you so we can provide a service.

This will depend on which service you are using, please see Annex A for product specific variances.

• If you are visiting our premises.

If you are a visitor who has signed into our application, the information provided, such as your name, your company, whom you are visiting and other information that we request, i.e. a photograph or your vehicle registration number (UK).  

• Visiting our customer’s premises.

If you are signing into our application whilst visiting one of our customers this policy does not apply to you, instead you should defer to their privacy notice.  They are acting as the ‘Controller’ of the data.  This means they collect information necessary for the purposes of your visit to their premises. If you want to exercise your rights with the data they hold you should contact them directly.

3. Use of Cookies

We use cookies on our site, you can read more about how we use cookies and how you can change your preferences on our cookies page (see annex A). 

4. Purpose of processing

Your data will be processed only for specified, explicit and legitimate purposes. We collect and process the personal data detailed in this policy, and the purposes for which we process personal data will be informed to data subjects at the time that their personal data is collected.

We may, from time to time, use your personal data for reporting and for making improvements to our services; in such instances we will always ensure an individual cannot be identified.

Your personal data may be transferred to our trusted third party processors, this will be for purposes such as: enabling payments, hosting of our servers, project management tools and customer relationship management system.

Our trusted third party processors are contractually bound and have technical, organisational and security measures in place to keep your information confidential and use it only for specified, explicit, and legitimate purposes.

Some messages from us are service-related and necessary for customers. You agree that we can send you non-marketing emails or messages, such as those related to transactions, your account, security, or product changes/updates.

If we intend to use any data provided by yourself for marketing purposes, such as sending updates or information relating to the product, we will always make this clear and offer an ‘opt out’ should you wish not to receive such information.

If you have agreed that we can use your information for marketing purposes, you can change your decision easily, via one of these methods:

• Use the unsubscribe button at the bottom of the email.
• Write to us by email to the appropriate Data Protection Officer for your jurisdiction as specified in section 13.
• Use the “Contact Us” button on our website

We will never lease, distribute or sell your personal data to a third party without requesting your prior permission. We will only transfer your data to other third parties without informing you separately beforehand in the exceptional cases where we are either legally required on important public interest grounds, or for the establishment, exercise or defence of legal claims.

5. Data quality

If we collect your personal information from our Website, app or whilst providing services to you, we will process it in a way that is adequate, relevant and limited to what is necessary in relation to the purposes for why it is processed. We will maintain and update your information as necessary to keep it accurate or when you advise us that your personal information has changed. We will keep your information in a form which permits your identification for no longer than is necessary. We will hold personal information collected from web enquiry forms for a period of up to 12 months from when the enquiry is closed.

6. Lawful Basis for processing personal data

Our lawful basis for collecting and processing the personal data described in this policy will depend on the type of personal information concerned and the specific context in which we collect it. However, we will generally only collect personal information from you where either;

• We need the personal information to perform our obligations under a contract with you
• The processing is in our legitimate interest and not overridden by your rights
• You have given your consent to do so

We have a legitimate interest in operating our services, for example when responding to your queries, improving our services, or undertaking direct marketing.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not.

7. Security of your data

Protecting personal data from unauthorised access, loss or alteration is of the utmost importance to us. We have physical, technical and organisational procedures to safeguard the information we collect. Our systems are tested annually by an external body to ensure your information is secure. We also conduct internal and external audits so we are confident we comply with the framework standards we have set. 

We have put in place appropriate security, privacy and technical measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties on the basis of least-privilege and least-functionality and who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Where will your personal data be processed?

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Policy.

Sometimes we will need to share your personal data with authorised third parties and suppliers outside your chosen data territory, this will be for purposes such as: enabling payments, project management tools, back office functions and our customer relationship or accounts management system.  Your data is shared only when strictly necessary and in accordance with the safeguards and good practices detailed in this privacy policy.  Further details of all applicable authorised sub-processors are set out in Annex A.  

9. How long will we hold your data?

The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it - for example, to provide you with a service or to comply with applicable legal, tax or accounting requirements.

Data will be retained for as long as your account is active and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policy. Following that period, we’ll make sure it’s deleted or anonymised.

10. Sign In App use for visitors

If you use Sign In App at our customers premises:

Please note that we are acting as a ‘data processor’, our customer will be the ‘data controller’ and will assume responsibility for the processing of personal data and how long that is held for. We have to act upon our customer’s instructions regarding data retention. Data will be stored in encrypted backups for 14 days after the retention period in a location selected by the customer.

If you use Sign In App at our premises:

Please note that we are acting as a ‘data controller’, and will assume responsibility for the processing of personal data for authorised visitors to our premises.  Data retention periods will be aligned in accordance with our own data retention policies and local legislation. Data will be stored in encrypted backups for 14 days after the retention period in the EU.  Approved visitors who enter our own secured offices are escorted and are required to have their visitor information stored for two years as part of our security measures. 

11. Data subject rights

It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to unsubscribe@signinsolutions.com please remember to tell us which of our products it's relating to. 

You also have rights to:

• know what personal data we hold about you, and to make sure it’s correct and up to date
• request a copy of your personal data, or ask us to restrict processing your personal data or delete it
• object to our continued processing of your personal data

You can exercise these rights at any time by sending an email to privacy@signinsolutions.com or your jurisdiction specific DPO.

12. Contact Information

As we are a global company with different products, we have data protection officers and privacy officers covering jurisdictions in which they specialise.

• UK, EU, EEA

Governance, Risk and Compliance Team

Telephone: Tel: 44 1604 349759

Email: privacy@signinsolutions.com 

USA, Canada and Global Regions

Jason Mordeno

Global Privacy Officer

Email: privacy@signinsolutions.com 

13. Policy Review Statement

This policy may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 1 year from the initial approval and thereafter on an annual basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Annex A - Product Specific Disclosure

Applicable legislations in the following regions of USA, Canada, United Kingdom, European Union, European Economic Area and any local laws or regulations on data protection, as amended from time to time. Sign In Solutions and its Affiliates is registered as a data controller as defined in the UK GDPR with the data protection regulator in the UK, the Information Commissioner’s Office.

There may be variations to our policy based on the product you are using, these are listed below:

Enterprise Ecosystem (Sign In Enterprise, Sign In Compliance and Sign In Workspace)

Standard Terms & Conditions: https://signinenterprise.com/tos/

Data Processing Agreement: https://signinenterprise.com/tos/dpa/

Sub-processors: https://trust.signinenterprise.com  

Cookies: https://signinenterprise.com/privacy/ 

Sign In App and its Affiliated Companies (Sign In App, Sign In Central Record, Sign In Scheduling) 

Standard Terms & Conditions: https://signinapp.com/terms/

Data Processing Agreement: https://signinapp.com/terms/data-processing/

Sub-processors: https://signinapp.com/terms/sub-processors/

Cookies: https://signinapp.com/cookies/

Additional categories of data collected:

• Personal data entered by organisations in order to provide our service;
• Personal data inputted by Individual Users in order to use our services;
• Specific personal or personal-sensitive information, for example name, date of birth and gender;
• Personal contact information, for example address, telephone number and email address;
• and Information relating to the Individual User’s use of our services such as booking and use of the Client’s facilities, for example, membership or patient number.
  

Annex B - Regional and Industry Related Disclosures

There may be variations to our policy based on the country you are accessing our products from, these are listed below:

United Kingdom

8. Where will your personal data be processed?

Where your personal data originates from the UK and is transferred outside the UK, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, where approved transfer mechanisms are in place to protect your personal data or with an appropriate transfer mechanism in place such as ‘Standard Contractual Clauses’ or ‘International Data Transfer Agreement’, a contract and appropriate technical safeguards . If you wish for more information about this please contact privacy@signinsolutions.com.

11. Data subject rights

If you’re not happy with how we are processing your personal data, please let us know by sending an email to privacy@signinsolutions.com. We will review and investigate your complaint, and get back to you within a reasonable time frame.

You can also contact the Information Commissioner’s Office on 0303 123 1113

or visit their website: https://ico.org.uk/make-a-complaint/.

EU & EEA

8. Where will your personal data be processed?

Where your personal data originates from the EEA and is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, where approved transfer mechanisms are in place to protect your personal data or with an appropriate transfer mechanism in place such as ‘Standard Contractual Clauses’ or ‘International Data Transfer Agreement’, a contract and appropriate technical safeguards . If you wish for more information about this please contact privacy@signinsolutions.com.

11. Data subject rights

If you’re not happy with how we are processing your personal data, please let us know by sending an email to privacy@signinsolutions.com. We will review and investigate your complaint, and get back to you within a reasonable time frame.

You can also contact the European Data Protection Board 

or visit their website: European Data Protection Board

Germany

 We can provide you with a contract for order processing (Vertrag zur Auftragsverarbeitung (AVV)) please ask your sales representative.

US

8. Where will your personal data be processed?

Where your personal data originates from the US and is transferred outside the US, it will only be transferred to countries that have been identified as providing adequate protection for US data, where approved transfer mechanisms are in place to protect your personal data or with an appropriate transfer mechanism in place such as ‘Standard Contractual Clauses’ or ‘International Data Transfer Agreement’, a contract and appropriate technical safeguards . If you wish for more information about this please contact: privacy@signinsolutions.com.

HIPAA

Our products are HIPAA compliant and we can provide you with a Business Associate Agreement, please ask your sales representative for further details.

If you would like to do your own research on Global Privacy Law and Data Protection, the International Association of Privacy Professionals (IAPP) have a useful resource: https://iapp.org/resources/article/global-comprehensive-privacy-law-mapping-chart/

Terms and Conditions

Welcome to Sign in App and thank you for your interest in our products.  We offer a range of digital products and associated services including the Sign In App Visitor Management Application, Sign In Scheduling (formerly known as 10to8) and Sign In Central Record (formerly known as SCR Tracker).   The following terms and conditions will apply to any of the products you purchase from our group of companies. The Sign In App entity you will enter into a contract with will depend on the product you purchase or your location, and this is explained [https://10to8.com/legal/].  

These Sign In App terms of service (along with any other terms and policies referenced herein, which are incorporated into, and form an integral part hereof) (this "Agreement") are entered into by Sign In App and the entity or person agreeing to this Agreement ("you” or “your”) and govern your access to and use of our Products. "Sign In App" has the meaning given at [https://10to8.com/legal/#contracting-entity/] and “we” or “us” means Sign In App. This Agreement is effective when you click to accept it (or otherwise express your intention to accept this Agreement (for example, via DocuSign) (the "Effective Date"). If you are accepting on behalf of a company, you represent and warrant that (i) you have full legal authority to bind that company to this Agreement; (ii) you have read and understand this Agreement; and (iii) you agree, on behalf of that company, to this Agreement. Definitions of capitalised terms are in Schedule 1. 

We take our responsibilities and obligations in respect of your data extremely seriously, and you can find out more information about our approach to privacy and data protection when you are using our Sites here [https://10to8.com/legal/#privacy-policy/] and when you purchase and use our Products in our data processing agreement here: [https://10to8.com/legal/#dpa] which is updated periodically and which is incorporated into this Agreement by reference. If you purchase or rent any devices, printers or other equipment or hardware from us then additional terms apply, which can be found here [https://10to8.com/legal/#product-terms/] or [https://10to8.com/legal/product-terms-sale/]

1. OUR PRODUCTS AND SERVICES

1.1. Sign In App offers a range of digital products including the Sign In App Visitor Management Application, Sign In Central Record and Sign in Scheduling which are offered online and via a mobile application (each a “Product” and, collectively, the “Products”). Additional terms [https://10to8.com/legal/product-terms/] may apply to your use of some of our Products and those additional terms are incorporated into this Agreement by reference.  Further details about our Products are available on our websites https://signinapp.com https://www.signincentralrecord.com and https://10to8.com (the “Websites”) which may be modified or updated from time to time.

2. REGISTRATION AND PLACING ORDER 

2.1. To access and use the Products you shall be required to purchase a Subscription (as defined in clause 6.1 below) by submitting an Order to us (via the Websites or by email). By submitting your Order, you consent to us conducting verification and security procedures in respect of the information provided in the Order. 

2.2. Upon the submission of the Order you will have the option to (i) make payment for the Fees on the Websites, or (ii) be sent an invoice for the Fees, payable in accordance with clause 6.1. 

2.3. On our acceptance of your first Order, you shall be sent an email (“Confirmation Email”) confirming the acceptance of your Order together with details of the Product or Products you have purchased access to and how to log in to them. Further Confirmation Emails shall be sent on our acceptance of any subsequent Orders you send to us, including any Orders for additional Products.  

2.4. You hereby warrant that the information provided by you is true, accurate and correct. You further warrant that you shall promptly notify us in the event of any changes to such information provided. 

2.5. Each Order will specify your Scope of Use for the applicable Product(s), which may include: (a) number and type of Users permitted; (b) storage limits or capacity of Content; (c), Devices, licences, copies or instances; (d) number of Site(s); (e) the number of logins, appointments, credits or messages permitted, (f) the commencement date and duration of your Subscription Term; (g) any Authorised Parties  or (h) any other entitlements or restrictions. 

3. ADDING A NEW PRODUCT TO YOUR ORDER 

3.1. During a Subscription Term, you may upgrade your existing Order by either: (i) adding additional Users and/or Authorised Parties; (ii) upgrading to a different Subscription tier; (iii)  adding additional features and functionalities to an existing Product; adding one or more additional Products; and/or (iv) upgrading to a longer Subscription Term  (collectively, “Subscription Upgrades”). Some Subscription Upgrades or other changes may be considered to be a new purchase, which will form a new contract and a new Subscription Term and some won’t, and this will be clearly communicated to you in the new Order. Upon a Subscription Upgrade, you will be billed for the applicable increased amount of Fees, at our then-current rates (unless indicated otherwise in the new Order), which shall be either: (1) prorated for the remainder of the then-current Subscription Term, or (2)  whenever the Subscription Term is being restarted due to the Subscription Upgrade, then the  Subscription Fees already paid by Customer will be credited towards the new upgraded Subscription Fees,  and the difference shall be due and payable by you upon the date on which the Subscription Upgrade was made.Any changes to the number of Users within a certain Product which extends the number of Users above the number permitted in the applicable Order shall be a deemed Subscription Upgrade, and shall be billed on a prorated basis for the remainder of the then-current Subscription Term. 

4. PROVISION OF THE PRODUCTS

4.1. Following the conclusion of your Order in accordance with clause 1 or following and Subscription Upgrade in accordance with clause 3, we will provide the Products in accordance with this Agreement (including the Order(s)and any other document or terms referred to in this Agreement) and you may use the Products in accordance with this Agreement for the duration of the Subscription Term(s). 

5. USING THE PRODUCT (LICENCE, RIGHTS AND RESTRICTIONS)

5.1. Subject to the terms, conditions and restrictions set forth in this Agreement, we grant you a revocable, non-exclusive, non-transferable (without a right to sub-licence) licence to access and use the Products and any applicable Documentation as referred to in your Order(s) during the applicable Subscription Term, in accordance with this Agreement and the applicable Scope of Use.

5.2. Subject to the terms, conditions and restrictions set forth in this Agreement, we grant to you a non-exclusive, non-sublicensable, non-transferable licence to use the Documentation during the Subscription Term solely for your internal business purposes in connection with your use of the Products.

5.3. You shall not, and shall procure that Users shall not, except as expressly permitted in this Agreement (i) modify, translate, create or attempt to create derivative copies of or copy the App in whole or in part; (ii) reverse engineer, decompile, disassemble or otherwise reduce the object code of the Products to source code form; (iii) circumvent, interfere with, disrupt or disable any security or other technological features or measures of the Products; (iv) distribute, sub-licence, assign, share, timeshare, resell, rent, lease, transmit, grant a security interest in or otherwise transfer the Products or your right to use the Products. 

5.4. The Products may include code and libraries licensed to us by third parties, including open-source software. Open-source software may be used according to the terms and conditions of the specific licence under which the relevant open-source software is distributed, but is provided "as is" and expressly subject to the disclaimer in clause 10.3. 

5.5. You are responsible for ensuring that any Content is not deemed to be offensive, illegal, inappropriate or that in any way: 

5.5.1. is unlawful, fraudulent, harmful, threatening, abusive, defamatory, obscene, infringing, hateful, harassing or racially or ethnically offensive; 

5.5.2. requires a licence or other permission for use, unless the you hold all necessary rights to make such data available for use in connection with the Products; 

5.5.3. harasses or advocates harassment of another person; 

5.5.4. displays pornographic or sexually explicit material; 

5.5.5. promotes any conduct that is abusive, threatening, obscene, defamatory or libellous; 

5.5.6. promotes any illegal activities; 

5.5.7. provides instructional information about illegal activities, including violating someone else’s privacy or providing or creating computer viruses; 

5.5.8. promotes or contain information that you know or believe to be inaccurate, false or misleading; 

5.5.9. engages in the promotion of contests, sweepstakes and pyramid schemes, without our prior written consent; 

5.5.10. contains any virus or other thing or device which may prevent, impair or otherwise adversely affect the operation of the Products or the Websites; or 

5.5.11. infringes any Intellectual Property Rights or any other proprietary rights of any third party. 

5.6. You hereby grant, and procure that any User grants, to us a non-exclusive, worldwide royalty free licence to use the Content and all other materials submitted by you or any User for the Purpose, and to aggregate and anonymise such materials solely for the purpose of producing reports of usage trends of the applicable Product.

5.7. You acknowledge that the Products do not verify the rights and restrictions applicable to any Content. Where you do not own the Content, you are solely responsible for checking the relevant licence rights and restrictions applicable to any Content. We shall not be liable to you for any losses, damages, costs or expenses incurred by you arising out of or in connection with your use of any Content through the Products. 

5.8. You warrant and represent: 

5.8.1. that you own, are licensed or otherwise have a right to use any and all the Intellectual Property Rights in any Content; 

5.8.2. the Content does not and will not contravene or breach any applicable law, regulation code of practice or directive; and 

5.8.3. the Content and its use through a Product does not and will not infringe any right, title or interest (including any Intellectual Property Rights) of any third party. 

5.9. You further agree that at all times, you shall, and procure that any User shall:

5.9.1. not use Login Details with the intent of impersonating another individual; 

5.9.2. not allow any other person other than a User to use your Login Details; 

5.9.3. not do anything likely to impair, interfere with or damage or cause harm or distress to any persons using a Product; 

5.9.4. not use a Product, the content therein and/or do anything that will infringe any intellectual property right or other rights of any third parties; 

5.9.5. not use any information obtained using a Product otherwise than in accordance with this Agreement; 

5.9.6. comply with all our instructions and policies from time to time in respect of the Websites and your use of the Products; 

5.9.7. co-operate with any reasonable security or other checks or requests for information made by us from time to time; and 

5.9.8. use the information made available to you using the Products and on the Websites at your own risk. 

5.10. You shall: 

5.10.1. promptly notify us in the event of a breach of security or any unauthorised use of the Login Details; 

5.10.2. ensure all Users keep confidential the Login Details; 

5.10.3. be liable for all access to and use of the Products whether authorised by you or not. 

5.11. You shall keep, and procure that all Users and each Authorised Party keep, any Login Details confidential and secure. Without prejudice to our other rights and remedies, we reserve the right to promptly disable your (or any Authorised Parties’) Login Details and suspend your (or any Authorised Parties’) access and use of the Products in the event we have any reason to believe that any User has breached any of the provisions set out herein. 

5.12. You acknowledge that you shall be responsible for all use of the Products by Users and any Authorised Parties. You shall be liable for breach of this Agreement by a User or an Authorised Party as if it were a breach by you. We reserve the right to suspend the access of any User or Authorised Party we believe, acting reasonably, is not using a Product for your benefit and on your behalf.

5.13. We shall use reasonable endeavours to always make the Products available to you and the Users, but we cannot guarantee an uninterrupted or fault free service. 

5.14. Our ability to provide the Products may be impaired by conditions or circumstances that are beyond our control, including, without limitation third party service providers, App-Store availability, geographic or atmospheric conditions, local physical obstructions, software and hardware features or functionality of your Devices, personal computer, operating system, and the number of other Users logging onto the Products at the same time. We shall take reasonable action to minimise the disruption caused by such circumstances, but you acknowledge, agree and accept that some such interruptions may not be avoidable. 

5.15. We use industry standard security measures to protect against the loss, misuse and alteration of the information, data, and/or content handled by our Products. However, you acknowledge and agree that we cannot guarantee complete security of such information, data, and/or content or that our security measures will prevent hacks, worms, bugs, trojans or such other similar devices that may allow access to or unauthorised viewing of such information, data, and/or content. 

5.16. There may be storage limits associated with the Products. Where applicable, these limits may be described in the services descriptions on our Websites. We reserve the right to charge for additional storage or fees at the rates specified on our Websites. We may impose new, or may modify existing, storage limits for the Products at any time in our discretion, with or without notice to you. 

5.17. We reserve the right to make changes to the Products or part thereof, from time to time at our sole discretion, and we may from time-to-time update, add, remove, modify and/or vary any features or functionalities of the Products. Such changes shall not however, remove any material element of functionality previously available as part of the Products (insofar as such functionality relates to the intended use of the Product).. 

5.18. You are responsible for ensuring that your computer systems utilise an up-to-date browser and operating system free from malware or meet any other requirements and specifications as set out in an Order Form, any applicable Documentation or as communicated to you by us from time to time.

6. FEES AND PAYMENT

6.1. All Products are provided on a subscription basis (a “Subscription”) for the term specified in your Order(s) (a “Subscription Term”). All Fees are payable in advance and are non-refundable, save as expressly stated in this Agreement.   A notice of renewal will be sent to your email at least 60 days from the end of each Subscription Term notifying you that your Subscription is due to renew for an additional Subscription Term. 

6.2. You shall notify us immediately in the event you cease to comply with any of the restrictions applicable to any of your then current Orders. In the event we receive your notice, or we deem acting reasonably that you have exceeded the restrictions of an Order (including the number of Users permitted), we reserve the right to change your Order in accordance with clause 3, which may result in additional Fees being payable by you. We reserve the right to deduct such Fees from your original method of payment or invoice you for the additional amount. 

6.3. If you made a payment for your Subscription(s) using an online payment processing service (operated by us or by one of our payment processing partners such as Stripe) you hereby authorise us to use the payment credentials provided by you for any Fees due for any Subscription Terms which are renewed in accordance with clause 7.1.  Any invoices are payable within fifteen (15) days of the invoice date. If we do not receive your payment by the applicable due date, we reserve the right (a) to charge interest on all invoices presented to you which are not paid by the applicable due date at the annual rate of 4% above the base rate from time to time of the Bank of England, such interest to accrue on a daily basis from the date on which payment became overdue up to the date on which SIA receives the full outstanding amount together with all accrued interest, whether before or after judgement; and (b) to withhold or suspend your access to the Product(s) and/or terminate your Order(s) or this Agreement. 

6.4. We reserve the right to increase the Fees at any time on notice to you, which shall take effect from the start of the next applicable Subscription Term following the Subscription Term in which we gave notice to you. Fees for all Products will increase by at least 5% upon each renewal of a Subscription Term unless otherwise notified to you or agreed between the parties in writing.

6.5. All Fees payable hereunder are exclusive of VAT or other sales tax, which will be added at the applicable rate and all payments to be made by you hereunder shall be made without set-off, compensation, deduction or counterclaim and without deduction for any taxes, levies, duties, fees, deductions, withholdings, restrictions or conditions of any nature whatsoever. If at any time any applicable law requires you to make any such deduction or withholding from any such payment, the sum due from you with respect to such payment shall be increased to the extent necessary to ensure that, after the making of such deduction or withholding, we receive a net sum equal to the sum which we would have received had no deduction or withholding been required.

7. DURATION, SUSPENSION AND TERMINATION OF YOUR ORDERS 

7.1. Your Subscription Term(s) shall be for the period as specified in the applicable Order and commencing on the date specified in the Order and each applicable Subscription Term shall automatically renew for equivalent Subscription Terms (for example, if your initial Subscription Term is two years, each applicable renewal term shall be two years) unless you have given notice of termination at least 60 days prior to the end of the applicable Subscription Term, or unless terminated earlier in accordance with this Agreement. 

7.2. We may suspend your access to one or more Products or suspend or terminate all or any part of your Order(s) or this Agreement immediately on notice to you in the event that: 

7.2.1. you fail to comply with one or more material provisions of this Agreement or, if you have concurrent contracts with us for different Products, any other agreement which you may have entered into with us; 

7.2.2 we believe that there has been fraudulent use, misuse or abuse of features and functionalities of any of our Products (in whole or in part); or 

7.2.3. we believe that you have provided us with any false, inaccurate or misleading information, and for the avoidance of doubt, no Fees shall be refunded to you in the event of termination by us in accordance with the foregoing. 

7.3. You acknowledge and agree that we shall have no liability for any losses incurred by, or any other consequences experienced by, you or any third party as a result of any termination or suspension of your access to the Products. 

7.4. Either party may terminate this Agreement (including all related Orders) if the other party (a) fails to cure any material breach of this Agreement within thirty (30) days after written notice; (b) ceases operation without a successor; or (c) seeks protection under any bankruptcy, receivership, trust deed, creditors’ arrangement, composition or comparable proceeding, or if any such proceeding is instituted against that party (and not dismissed within sixty (60) days thereafter); (d) if we elect to discontinue providing a Product for which you have purchased a Subscription, in whole or in part; or (e) if we fail to deliver a Product or Equipment as the case may be within ten (10) days of Order. 

7.5. Upon termination of a Subscription, your and any User’s access to the Products shall cease and any Content will no longer be accessible through the Products. We offer an archiving service, at no additional cost, and will retain copies of your Content and/or other data (but not including any Protected Data, which shall be retained only in accordance with the provisions of the Data Processing Agreement which can be located [https://10to8.com/legal/dpa/] made available through the Product for a period of thirty days from the date of termination and you will be provided with written notice from SIA of the final date on which your Content can be retrieved by you before it is permanently deleted. 

8. INTELLECTUAL PROPERTY RIGHTS, USAGE DATA AND FEEDBACK

8.1. The Products, the Websites and the Documentation, including all Intellectual Property, title and interest therein, and all upgrades and other adaptations and modifications of or to the foregoing (including as developed by us in the course of providing Support Services), are owned or licensed by, and are proprietary to us. Except as expressly provided in this Agreement, we grant no rights or licences under this Agreement whatsoever in or to Products or the Object Code or Source Code therein. All rights and licences to Products not expressly granted herein are hereby reserved by us. No title to or ownership of any Products or Source code or Proprietary rights related to Products or any related materials is transferred to you under this Agreement. You are expressly prohibited from: 

8.1.1. reproducing, copying, editing, transmitting, uploading or incorporating into any other materials, any of the Products or the Websites; and 

8.1.2. removing, modifying, altering or using any registered or unregistered marks/logos/design owned by us and/or its licensors, and doing anything which may be seen to take unfair advantage of our reputation and goodwill or could be considered an infringement of any of the rights in the Intellectual Property Rights owned by and/or licensed to us. 

8.2. You and/or your licensors own all rights in the Intellectual Property Rights relating to the Content. Except as licenced to us in accordance with this Agreement, all right, title and interest in and to the Content will remain exclusively with you and/or your licensors. 

8.3. Save where expressly permitted under this Agreement, we are expressly prohibited from: 

8.3.1. reproducing, copying, editing, transmitting, uploading or incorporating into any other materials, any of the Content; and 

8.3.2. removing, modifying, altering or using any registered or unregistered marks/logos/design owned by you and/or your licensors, and doing anything which may be seen to take unfair advantage of your reputation and goodwill or could be considered an infringement of any of the rights in the Intellectual Property Rights owned by and/or licensed to you. 

8.4. You acknowledge and agree that (i) we may monitor the use of the Products by you and collect data relating to such use solely for purposes of: (a) providing the Products, (b) ensuring compliance with this Agreement, and (c) planning, development and improvements with respect to the Products; (ii) we may publish and display Usage Data for the promotion of the Products, during the Term of this Agreement and thereafter, as long as the Usage Data is aggregated and anonymised such that any customers, users or other information cannot be identified, extracted, inferred, reverse-engineered, extrapolated or interpolated. 

8.5. “Usage Data” means: (i) the number of Users and the geographical location where such Users are located (but not, for the sake of clarity, the identity of any User or the specific location), (ii) Counts of sign in activity and feature usage, (iii) Identifying global trends and behaviour patterns, (iv) device models, screen sizes and software versions in use including operating systems, (v) general site locations and number of active users (for the sake of clarity, within the United States at the State level or within Canada at the Province level, and (vi) error frequency and patterns. 

8.6. From time to time, you may choose to submit comments, information, questions, data, ideas, description of processes, or other information to us, (“Feedback”). We may in connection with the Products freely use, copy, disclose, licence, distribute and exploit any Feedback in any manner without any obligation, royalty or restriction based on intellectual property rights or otherwise. No Feedback will be considered your Confidential Information, and nothing in this Agreement limits our right to independently use, develop, evaluate, or market products, whether incorporating Feedback or otherwise. 

9. CONFIDENTIALITY

9.1. All confidential, non-public information one party receives from the other in its performance of this Agreement that is marked “confidential” or that the other party knows, or reasonably should know, is confidential to such party, including software and information relating to products, pricing, Intellectual Property, technical information, business strategies (including the existence of, the terms of and its position in any dispute in relation to an Agreement), employees, officers, contractors and agents and customers (“Confidential Information”), will be held in confidence and only be used strictly in accordance with this Agreement and not for any other purposes and will not, without the express written consent of the disclosing party, be used or disclosed except to those of the receiving party’s representatives who are bound to substantially similar obligations of confidentiality and have a need to know. Each party will be responsible and liable for the acts and omissions of its representatives to the same extent as if performed by such party. In any case, the receiving party shall exercise at least the same standard of care to protect such information from unauthorised disclosure or use as it uses to protect its own confidential information of a similar nature, which in no event shall be less than reasonable care. For the avoidance of doubt, information which (a) is in the public domain at the time of its disclosure by disclosing party or thereafter; (b) was properly in the receiving party’s possession prior to such disclosure by disclosing party; or (c) was disclosed to receiving party by a third party who did not obtain such Confidential Information, directly or indirectly, from the other party subject to any confidentiality obligation, will not be considered Confidential Information under an Agreement. Notwithstanding the confidentiality obligations under an Agreement, the receiving party is free to make disclosure of any Confidential Information in a judicial, legislative, or administrative investigation or proceeding or to a government or other regulatory agency; provided that, to the extent permitted by the circumstances, the receiving party provides to disclosing party prior written notice of the intended disclosure to enable the disclosing party the reasonable opportunity to contest or limit such disclosure (including reasonable assistance at disclosing party’s expense) or, if prior written notice is not permitted, prompt notice of such disclosure. Each party acknowledges that the disclosure of Confidential Information may cause irreparable injury to the party whose information is disclosed. Therefore, each party is, upon a disclosure or threatened disclosure of any Confidential Information, entitled to seek injunctive relief. This provision shall not in any way limit such other remedies as may be available to such party at law or in equity.

10. EXCLUSION OF WARRANTIES, LIMITATION OF LIABILITY AND INDEMNITY

10.1. You hereby warrant that (a) all users with administrative access to the Products are at least 18 years old; (b) you have the right and capacity to enter into and be bound by this Agreement; and (c) you shall comply with all applicable laws regarding the use of the Products. 

10.2. EXCEPT FOR THE EXPRESS WARRANTIES SET FORTH IN THIS AGREEMENT, TO THE MAXIMUM EXTENT PERMITTED BY LAW: (A) THE PRODUCTS ARE PROVIDED “AS IS”, “WHERE IS” AND “AS AVAILABLE”, AND WE EXPRESSLY DISCLAIM ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY (INCLUDING WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR PURPOSE, SYSTEM INTEGRATION, OR WARRANTIES WITH RESPECT TO THE QUALITY, AND/OR PERFORMANCE OF, THE PRODUCTS); AND (B) WE DO NOT REPRESENT, WARRANT OR PROVIDE ANY OTHER FORM OF GUARANTEE THAT THE PRODUCTS MEET YOUR REQUIREMENTS, OPERATE WITHOUT INTERRUPTION, OR ARE ERROR FREE. NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY US, OUR AGENTS, OUR THIRD-PARTY SERVICE PROVIDERS, SUBCONTRACTORS, OFFICERS, EMPLOYEES OR REPRESENTATIVES SHALL CREATE ANY WARRANTY OR IN ANY WAY INCREASE THE SCOPE OF ANY WARRANTY, AND YOU MAY NOT RELY ON ANY SUCH INFORMATION OR ADVICE WITH RESPECT TO US. THE PRODUCTS MAY BE SUBJECT TO LIMITATIONS, DELAYS, AND OTHER PROBLEMS INHERENT TO THE USE OF THE INTERNET AND ELECTRONIC COMMUNICATIONS. WE ARE NOT RESPONSIBLE FOR ANY DELAYS, DELIVERY FAILURES, OR OTHER DAMAGE RESULTING FROM SUCH PROBLEMS. 

10.3. Nothing in this Agreement shall be deemed to exclude, restrict or limit liability for the following categories: 

10.3.1. death or personal injury resulting from negligence; or 

10.3.2. any liability for fraudulent misrepresentation. 

10.4. Subject to clause 10.7, we shall not be responsible for any: 

10.4.1. loss of profits, sales, business, or revenue; 

10.4.2. loss or corruption of data, information or software; 

10.4.3. loss of business opportunity; 

10.4.4. loss of anticipated savings; 

10.4.5. loss of goodwill; or 

10.4.6. special, indirect or consequential loss, 

10.4.7. whether such losses, damages, costs and expenses resulted from your or our negligence, failure to comply with this Agreement or otherwise. 

10.5. You shall, to the maximum extent permitted by law, but subject to clause 10.7, indemnify, defend and hold Sign In App harmless for any and all losses in respect of, arising from, or asserted in, any demand, or any civil, criminal, administrative, or investigative claim or proceeding commenced or threatened by any third party (a “Third Party Claim”) against Sign In App arising or resulting from (a) a wilful breach of obligations hereunder by you (b), the use of the Products in a manner not permitted by this Agreement, or, (c) your infringement or misappropriation of, or any other violation of, a third party’s Intellectual Property Rights. 

10.6. We shall, to the maximum extent permitted by law, but subject to clause 10.7, indemnify, defend and hold you harmless for any and all losses in respect of, arising from any Third Party Claim against you arising or resulting from (a) the gross negligence or wilful misconduct of Sign In App in the performance of our obligations under this Agreement, (b) a wilful breach of our obligations hereunder or, (c) our infringement or misappropriation of, or any other violation of, a third party’s Intellectual Property Rights. 

10.7. Subject to any additional terms [https://10to8.com/legal/], except in connection with (a) a party’s breach, violation, infringement or misappropriation of (i) the other party’s Intellectual Property Rights, (ii) a third party’s intellectual property rights or (iii) it’s confidentiality obligations under clause 9; (b) a breach of any party’s data protection obligations under the Data Processing Agreement, or (c) your liability for your payment obligations hereunder, the total amount of either party’s liability to the other party per claim or series of related claims shall not exceed the Fees paid by you to us in the twelve (12) month period immediately preceding the month in which the claim arose (provided that all claims arising from the same or substantially the same circumstances will be treated as one, and will be treated as arising on the date on which the first such claim arose). 

11. EQUIPMENT

11.1. If you have included the purchase of Equipment in your Order then the Hardware Sale Terms shall apply to your Order, which are located at [https://10to8.com/legal/#product-terms-sale/].  If you have included the rent of Equipment in your Order then the Hardware Rental Terms shall apply to your Order, which are located at [https://10to8.com/legal/#product-terms-rental/]

12. TRAINING

12.1. If an Order specifies that you will be entitled to training in respect of one or more Products then the following additional terms will apply [https://10to8.com/legal/#product-terms-sale/].

13. PRODUCT SPECIFIC TERMS

13.1. If you have included the Sign in App Visitor Management Application in an Order then additional terms will apply, which are located here [https://signinapp.com/legal-stuff/].

13.2. If you have included Sign In Central Record in an Order then additional terms will apply, which are located here [https://www.signincentralrecord.com/legal/terms].

13.3. If you have included Sign In Scheduling in an Order then additional terms will apply, which are located here https://10to8.com/legal/.

14. FREE TRIALS AND FREE PRODUCTS

14.1. We may offer you a one-time free trial for such period set out on the Websites from time to time, during which you can try out a Product for free (“Free Trial”). You acknowledge that during any Free Trial, the applicable Product may have certain restrictions and limited functionality. The terms relating to the Free Trial are located at https://10to8.com/legal/#free-trial

14.2. We may make certain Products available to you free of charge (“Free Products”). Free Products are provided to you without charge up to certain limits as described in the Order. Usage over these limits requires you to purchase an Upgraded Subscription.

15. DATA PROTECTION

The terms applicable to the processing of Personal Data are set out in the Data Processing Agreement which is located at https://10to8.com/legal/#dpa/

16. PUBLICITY AND MARKETING 

16.1. You hereby agree that we may in any of our marketing material refer to you as our customer and refer to the type of services that we have provided to you. Such use will be limited to the following marketing materials: brochures; on our Websites; promotional videos; and for the purposes of internal and external company presentations.

16.2. Subject to your prior written approval, we may publish and circulate a case study describing the Products supplied by us to you, including aggregate figures relating to your use of the Products or any other information which may be agreed between us. 

17. THIRD PARTY TERMS

17.1. If you are required to download any of our Products through an App-Store, or if you purchase products or services which are provided by third parties and offered through our Products or Websites, then additional terms will apply. 

17.2. Some of our Products contain links to and integrations with the third-party products and may include integrations to other third party applications and services (“Third Party Services”). These Third Party Services are not owned or controlled by us and we have no control over, and assume no responsibility for, the content, privacy policies, or practices of any Third Party Services. We do not review, approve, monitor, endorse, warrant, or make any representations with respect to Third Party Services, and the inclusion of any link in the Products, or any other services provided in connection with them is not and does not imply an affiliation, sponsorship, endorsement, approval, investigation, verification or monitoring by us of any information contained in any Third Party Service or associated websites. In no event will we be responsible for the information contained in such third party website or for your use of or inability to use such website. Access to any third party website is at your own risk, and you acknowledge and understand that linked Third Party Services may contain legal terms and conditions and privacy policies that are different from ours and which you may be required to accept and adhere to. We are not responsible for such terms, provisions or policies, and expressly disclaim any liability for them.

18. GENERAL

18.1. If either party is prevented or delayed from performing any of its obligations under this Agreement by acts of God, war, hostilities, riot, fire, epidemics, pandemics, explosion, accident, flood, sabotage, lack of adequate power or labour, strike, lock-out or injunction, compliance with governmental laws, regulations or orders or any other cause which affects performance of this Agreement arising from or attributable to acts, events, omissions or accidents beyond the reasonable control of the party affected (“Force Majeure”) its obligations under this Agreement shall be suspended for so long as the Force Majeure continues and to the extent that that party is so prevented, hindered or delayed. If any Force Majeure prevails for a continuous period in excess of 30 days, either party shall be entitled to terminate this Agreement in its entirety or in part by giving notice in writing to the other party.

18.2. If we fail at any time to insist upon strict performance of our obligations under this Agreement, or if we fail to exercise any of the rights or remedies to which we are entitled to under this Agreement, this will not constitute a waiver of any such rights or remedies and shall not relieve you from compliance with such obligations. 

18.3. You shall comply with all foreign and local laws and regulations which apply to your use of the Product in whatever country you are physically located, including without limitation, export control laws and regulations. 

18.4. A waiver by us of any default shall not constitute a waiver of any subsequent default. 

18.5. No waiver by us of any of the terms of this Agreement shall be effective unless it is expressly stated to be a waiver and is communicated to you in writing. 

18.6. All notification and communication should be sent to the contact details set out on the page “Contracting Entity and Jurisdiction” which can be located at [https://10to8.com/legal/#contracting-entity/]. A notice or communication is deemed given: (i) if delivered personally, when left at the relevant party’s address; (ii) if sent by post, two working days after posting it; (iii) if sent by email on completion of its transmission. 

18.7. If any term, condition, or provision of this Agreement are determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such term, condition or provision will to that extent, be severed from the remaining terms, conditions and provisions which shall continue to be valid to the fullest extent permitted by law. 

18.8. This Agreement (and any Orders) represent the entire agreement between you and us in respect of your use of the Websites and the Products and shall supersede any prior agreement, understanding or arrangement between us, whether oral or in writing. 

18.9. The provisions of this Agreement shall be binding upon and inure to the benefit of the parties and their successors and permitted assigns. You may not assign or transfer this Agreement (in whole or in part) or any of your rights or obligations hereunder, unless you make a request in writing in advance and we reply in writing consenting to your request. We may require you and the proposed assignee/transferee to agree to additional terms or pay additional fees. We do not give blanket consents, so you will follow these procedures for each additional or subsequent transfer or assignment you or your permitted assignees/transferees wish to make. We may assign this Agreement and any of our rights or obligations under this Agreement to an Affiliate, in our sole discretion. 

18.10. You acknowledge that in entering into this Agreement, you have not relied on any representations, undertaking or promise given by or implied from anything said or written whether on the Websites, the Internet or in negotiation between us (whether made innocently or negligently) except as expressly set out in this Agreement. 

18.11. Except as provided in clause 17, a person who is not a party to this agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of the provisions of this agreement. 

18.12. This Agreement is governed by and construed in accordance with the laws of the applicable legal jurisdiction as set out on the page “Contracting Entity and Jurisdiction”.

18.13. We may alter or amend this Agreement by giving reasonable notice to you by email. By continuing (or Users continuing) to use the Products after expiry of the notice period, you will be deemed to have accepted any amendment to this Agreement.

DEFINITIONS

Schedule 1 Definitions

“Affiliate” means, with respect to a Party, any entity that directly or indirectly controls, is controlled by, or is under common control with such Party, whereby "control" (including, with correlative meaning, the terms "controlled by" and "under common control") means the possession, directly or indirectly, of the power to direct, or cause the direction of the management and policies of such person, whether through the ownership of voting securities, by contract, or otherwise. 

“App-Store” means the third party app-stores we may offer the applicable Products for download through; 

"Authorised Parties" shall mean those Affiliates (meaning any present or future entity controlling, controlled by, or under your common control), service providers, or other third parties authorised by you as identified in Order, provided in each case that you are responsible for each Authorised Party's compliance with this Agreement and remain fully liable for any breach of the terms of this Agreement by any such Authorised Party. 

“Companion App” means the mobile application we make available to download and install onto a Device from the App-Store (and which includes any updates, enhancements, modifications or variations thereto) which we make available as part of the Management Portal in connection with the Sign In App Visitor Management Application; 

“Confirmation Email” shall have the meaning attributed in clause 3.4; 

"Content" means any and all data, files, documents, multimedia files, third party links, images, videos, and any other information or material whatsoever (in any format) made available by you, your or any Users (including any content owned by a third party) in connection with the use of the Products or otherwise accessed and/or processed using the Products; 

“Data Protection Laws” means as applicable and binding on you or us: 

(a) in the United Kingdom: 

I. the Data Protection Act 2018 and the UK GDPR; 
II. the GDPR, and/or any corresponding or equivalent national laws or regulations;

(b) in member states of the European Union: the GDPR and all relevant member state laws or regulations giving effect to or corresponding with any of them; 

(c) any applicable laws replacing, amending, extending, re-enacting or consolidating any of the above Data Protection Laws from time to time; 

“Device” means the devices owned or leased by you or your Users to download and use the Products; 

“Documentation” means any materials, articles, blogs or technical information made available by us in any 'knowledge’ or ‘help’ centre section of our Websites;

“Equipment” means the equipment, Devices and any hardware materials (including any devices) you purchase or rent from us and as set out in an Order; 

“Fees” means as set out in an Order; 

“Free Trial” shall have the meaning attributed at clause 14.1; 

“GDPR” means the General Data Protection Regulations 2016/679; 

“Intellectual Property Rights” means all intellectual property rights throughout the world including without limitation, (a) any right arising under any patent, copyright, trademark, trade secret or other intellectual property law anywhere in the world; (b) all software (including all related data), processes, methodologies, technologies, algorithms, architectures, techniques, designs, reports, works of authorship, video recordings, audio recordings, photographs, models, trade secrets, customer and supplier lists, pricing and cost information, business and marketing plans and proposals, trademarks, service marks, logos, business names, formulae, ideas, inventions (including all patents, patent applications, patent disclosures, and any reissuances, continuations, continuations-in-part, revisions, and re-examinations thereof), discoveries, programmer interfaces, specifications, operating instructions, know-how, drawings, concepts, notes, manuals, documentation, training materials, and job aids, regardless of whether intellectual property rights actually inhere in any such items; (c) any other tangible or intangible items in which intellectual property rights may inhere; and (d) all modifications, enhancements, translations, adaptations, derivations/derivative works, and combinations of any of the foregoing, patents, utility models, trade and service marks, trade names, domain names, right in designs, copyrights, moral rights, topography rights, rights in databases, trade secrets and know-how and in all cases whether or not registered or register able and including registrations and applications for registration of any of these and rights to apply for the same, and all rights and forms of protection of a similar nature or having equivalent or similar effect to any of these anywhere in the world; 

“Login Details” means the unique username and password required for all Users to access and use the Products; 

“Management Portal” means the administrative portal of the Sign In App Visitor Management Application accessible with the Login Details on the Websites or through a Companion App through which a User may manage the Reception App; 

“Reception App” means the mobile application forming part of Sign In App Visitor Management Application that we make available to download and install onto a Device from the App-Store (and which includes any updates, enhancements, modifications or variations thereto) and which is used to interact with your Site(s) visitors during the signing in and out process; 

“Order” means an order in respect of a Subscription and/or Equipment that you submit to us (whether via the Websites or by email) and which is accepted by us in accordance with this Agreement; 

“Products” means together the Sign In App Visitor Management Application, Sign In Central Record and Sign In Scheduling; 

“Protected Data” means personal data received by us from or on your behalf in connection with the performance of our obligations under this Agreement, excluding any personal data received by us from you in relation to the entry and enforcement of this Agreement; 

“Purpose” means to use, copy, compress, modify and transmit in order to provide you with the Products and perform our obligations under this Agreement; 

“Scope of Use” means your permitted scope of use for one or more Products as specified in an Order;

“Sign In Central Record” means the online single central record software application (formerly known as SCR Tracker)

“Sign In App Visitor Management Application” means the online visitor management software application which comprises of the Reception App, the Management Portal and the Companion App; 

“Sign in Scheduling” means the online scheduling and booking software application formerly known as 10to8;

“Site” shall mean a building in a single postal or zip code, or a group of buildings that share the same postal or zip code and as more specifically identified in an Order; 

“Sub-processors” means another data processor engaged by us for carrying out processing activities in respect of the Protected Data on your behalf; 

“Subscription” has the meaning as set out in clause 6.1;

“Subscription Term” has the meaning as set out in clause 6.1;

“UK GDPR” means the retained EU law version of the EU GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by Schedule 1 to the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419).

“User(s)” shall mean a person who you or an Authorised Party have permitted to access and use the Products including your employees, representatives, consultants, contractors, agents, or other third parties, provided they are acting for your benefit and on your behalf, and who has been given the Login Details; 

Additional Product Specific Terms and Conditions

If an Order includes Subscriptions to one or more of the following Products then these additional terms and conditions will apply, which shall form part of the Agreement you enter into with us.

Product Terms (Sale)

Capitalised terms used but not defined on this page have the meaning given to them in the agreement that refers to this URL (the “Agreement”). 

1. EQUIPMENT 

1.1 This section will apply where you have included the purchase of Equipment in your Order. 

1.2 We make all reasonable efforts to ensure that all prices shown on our Website are correct at the time of going online. We make all reasonable efforts to ensure that all prices shown on our Website are correct at the time of going online. We reserve the right to change prices and to add, alter, or remove special offers from time to time and as necessary. Delivery charges will be confirmed in your Order. You will be responsible for the settlement of any other charges (such as customs duties and import taxes (including VAT)) which may be applicable to your purchase.

1.3 When you submit an Order for Equipment our acceptance of this Order is indicated by us sending an Order confirmation email (which is when a legally binding contract is formed) and the Order confirmation will include your Order number, confirmation of the types and quantity of Equipment ordered, fully itemized pricing (including any applicable taxes, delivery and additional charges and an estimated delivery date. 

1.4 Delivery of the Equipment shall be deemed complete once we have delivered the Equipment to the address you provided in your Order and the responsibility (the risk in) in the Equipment shall pass to you on delivery. 

1.5 Ownership (the title) of the Equipment shall pass to you once we have received payment in full and cleared funds without any set-off, counterclaim, deduction, or withholding (except where any deduction or withholding of tax is required by law. Until title to the Equipment has passed to you, you shall: 

1.5.1 hold the Equipment as bailee for us; 

1.5.2 take all reasonable care of the Equipment and keep them in the condition in which they were delivered; 1.5.3 insure the Equipment for an amount at least equal to the price (as indicated in the Order); and 

1.5.4 not remove or alter any mark on or packaging of the Equipment. 

2. EQUIPMENT WARRANTY. 

2.1 RFID Reader. We warrant that the RFID Reader shall, for a period of twelve (12) months from the delivery of the RFID Reader to you (“Warranty Period”), be free from material defects in design, material, and workmanship; be of satisfactory quality (as defined in the Sale of Goods Act 1979); and be fit for any purpose described by us. We shall at our option, repair, replace or refund the relevant proportion of the Fee paid by you in respect of the RFID Reader, provided always that we receive written notice of any defect from you within the Warranty Period. 

2.2 Except as provided on this page, we shall have no further liability to you with respect to any RFID Reader which does not comply with Clause 2.1. 

2.3 Notwithstanding clause 2.1, we shall not be liable for any failure or defect of the RFID Reader where such failure or defect arises by reason of wear and tear, wilful damage, negligence or by your failure to comply with any instructions in relation to the RFID Reader including any instructions on installation, operation, storage or maintenance. 

2.4 On expiry of the Warranty Period, we will at no additional cost, absolutely assign to you the benefit of all warranties about the RFID Reader made to us by the supplier of the RFID Reader, the manufacturer of the RFID Reader or any other person. 

2.5 Other Equipment. If any Equipment purchased by you is covered by a third-party warranty, we shall: (a) provide you with a copy of each such warranty; and (b) if such warranty does not, by its terms, pass through to you, then to the extent permitted by the third party, assign to you all warranties provided by such third party. These are your exclusive warranty remedies with respect to such Equipment. No additional terms or warranties are offered.

HARDWARE RENTAL ADDENDUM

These Hardware Rental Terms and Conditions (this “Rental Addendum”) shall apply to the rental of all Equipment from Sign In App (“SIA”) by Customers for use in conjunction with the Products. The Rental Addendum supplements and is incorporated by reference into and made a part of the Agreement between Customer and SIA. In the event of a conflict between this Rental Addendum and the Agreement, the terms of the Agreement shall govern unless this Rental Addendum expressly states that the terms of the Rental Addendum shall control.

• Definitions and Interpretation

In this Rental Addendum, unless the context otherwise requires, the following expressions have the following meanings. All capitalised terms used but not defined herein shall have the meaning ascribed to them in the Agreement

• APPLICATION

This Rental Addendum governs the Customer’s rental of Equipment as described in the Order Form. No order for Equipment shall be binding unless agreed to and accepted by both parties in an Order Form.

• TERM AND TERMINATION

1. This Rental Addendum shall remain in effect for the duration of the Rental Period. The Rental Period shall automatically renew for an equivalent length of time as the immediately preceding Rental Period, unless either party provides written notice of non-renewal at least sixty (60) days prior to the expiration of the then current Rental Period.
2. SIA may terminate this Rental Addendum and any corresponding Order Forms upon written notice to Customer in the event the Customer fails to comply with one or more of the terms in this Rental Addendum.

• DELIVERY

1. SIA shall deliver the Equipment to the Delivery Address as set out in the Order Form or otherwise agreed to between the parties in writing. SIA shall use its best and reasonable endeavours to ensure that delivery is made on time but shall not be liable for any failure to do so.
2. Customer, or an authorised representative thereof, must be available at the Delivery Address at the time of delivery to acknowledge receipt of delivery. In the event that the Customer fails to comply with the provisions of this clause, it shall be deemed to have accepted delivery of the Equipment and assumed responsibility thereof.

• RENTAL CHARGES

1. Customer shall pay the Rental Charges as set out in the Order Form. All Rental Charges shall be paid in accordance with the terms of the Agreement, or as otherwise agreed to in the Order Form.
2. All Rental Charges are exclusive of applicable federal, state, provincial, value-added, goods and services, harmonized, property or local taxes. Should additional taxes or government fees be introduced or imposed on the rental of the Equipment by the Customer, then SIA reserves the right to adjust the Rental Charges to accommodate for  such changes to the taxes and/or government fees.
3. Customer shall be responsible for the handling of any customs clearance and payment of any import duties and taxes  imposed on the Equipment upon delivery.
4. SIA reserves the right to increase the Rental Charges to reflect any change in delivery dates, quantities or specifications which is requested by the Customer, or any delay caused by the Customer, or any failure of the Customer to perform its obligations under this Rental Addendum.

• SOFTWARE

1. The title and intellectual property rights in and to any software supplied with or as part of the Equipment, including programs and documentation (“the Software”) shall be retained by the appropriate proprietor thereof. The Customer gains no rights of ownership over such software at any time.
2. The Customer is granted the right to use the Software only for the term of the Rental Period. The Customer’s receipt of the Equipment indicates acceptance of the terms of any licence for Software supplied and the Customer shall indemnify SIA against any liability, damage, cost or expense which it incurs in relation to any failure by the Customer to observe the terms of any such licence.

• OBLIGATIONS OF THE CUSTOMER

1. The Customer hereby undertakes and agrees as follows:
1. to inspect the Equipment immediately on delivery thereto and to notify SIA within 24 hours of delivery by telephone if the equipment is defective or damaged. If no such notification is given the Equipment shall be deemed to be complete and in good order and condition and fit for the purpose for which it is required by the Customer;
2. to use the Equipment in a proper manner and with all reasonable care and to operate the Equipment in accordance with any instructions issued for it;
3. not to use the Equipment for any purpose for which it was not designed or intended and not to interfere or tamper with it nor allow any other person to do so unless previously agreed in writing by SIA;
4. that the Equipment shall at all times remain the property of SIA unless sold to the Customer under a separate agreement in writing; and
5. not to sell or offer for sale, assign, mortgage, pledge, sub-let or transfer the Equipment or the benefit of the Contract either in whole or in part.

• RISK OF LOSS OR DAMAGE

1. Loss of or damage to the Equipment shall not discharge the contract formed pursuant to this Rental Addendum nor affect the Customer’s liability to make payments under it. Risk of loss of or damage to the Equipment shall be borne by and remain with the Customer until the Equipment is returned to SIA.
2. If the Equipment becomes a total or constructive total loss due to any action or inaction by the Customer, or is otherwise lost or stolen while in Customer’s control or possession, the Customer shall pay SIA on demand such sum as equals the manufacturer’s then current list price for goods which at the time are the same as or the closest available equivalent to the Equipment.

• EQUIPMENT MALFUNCTION

• In the event of an Equipment malfunction (for reasons other than misuse, accident or malicious damage) then SIA shall either repair or replace the malfunctioning Equipment at no additional charge to Customer (other than shipping costs for which Customer shall be responsible). SIA shall not be responsible for any damage or malfunction caused by accident, malicious damage or misuse of the Equipment and SIA reserves the right to terminate this Rental Addendum and any corresponding Order Forms in such event.

• LIABILITY 

1. The Customer expressly acknowledges that SIA is not the original manufacturer or supplier of the Equipment, and that the Equipment has been selected by the Customer as suitable for its purpose. The Customer accordingly agrees and acknowledges that all conditions, warranties or representations whether express or implied or statutory or otherwise in respect of the Equipment or its fitness for any particular purpose are hereby expressly excluded to the fullest extent permitted by law;
2. The aggregate liability of SIA to the Customer in respect of any loss or damage whether arising in contract, tort, for breach of statutory duty or otherwise arising from the use of Equipment shall be limited to and shall not in any circumstances exceed the total amount of the Rental Charges paid or payable by the Customer to SIA in respect of the Equipment during the Rental Period in which receipt of notification by SIA of the relevant claim was received.
3. SIA shall not in any circumstances be liable whether in contract, tort, for breach of statutory duty or otherwise for any consequential or indirect loss or damage howsoever arising and of whatsoever nature (including, without limitation, any loss or damage to computer programs or data, loss of profit, loss of goodwill, loss of revenue, loss of anticipated benefit, business interruption, management time or third party liability.

• RETURN OF THE EQUIPMENT

1. The Customer shall be responsible for the return of the Equipment (together with the packing materials and shipping costs thereof) to an address specified by SIA, at its own risk on or before the Return Date and the Equipment shall be returned unencumbered and in good repair, condition and working order (fair wear and tear excepted).
2. SIA will notify the Customer of any items not returned off rental including cables, manuals and other accessories. Any items not returned within 7 days of any such notification will be invoiced at the manufacturer’s then current list price for goods which at the time are the same as or the closest available equivalent to such items.
3. If the Equipment is not returned within thirty (30) days after the Rental Period has ended, then all Equipment not received by SIA shall be deemed lost and Customer shall be charged for the full replacement cost of the Equipment not returned by Customer.
4. CUSTOMER SHALL, PRIOR TO RETURNING THE EQUIPMENT TO SIA, (I) REMOVE ALL DATA FROM THE EQUIPMENT AND PERFORM A FACTORY RESET OF THE EQUIPMENT; AND (II) PROVIDE A WRITTEN STATEMENT CONFIRMING THAT ALL DATA HAS BEEN REMOVED IN A MANNER THAT RENDERS IT UNRECOVERABLE BY SIA.

Free Trial

Capitalised terms used but not defined on this page have the meaning given to them in the agreement that refers to this URL (the “Agreement”).

• FREE TRIAL

1. We may offer you a one-time free trial for new customers for such period set out on the Website from time to time, during which you can try out a Product for free (“Free Trial”). You acknowledge that during any Free Trial, the applicable Product may have certain restrictions and limited functionality. 
2. During the Free Trial we grant you a non-exclusive, non-transferable (without a right to sub-licence) licence to install and use the Product during the applicable Free Trial period for the purpose of accessing and managing your use of the Product.
3. You acknowledge that the terms and conditions set out in the Agreement apply to your use of the Product during the Free Trial and you agree that you will comply with these terms.
4. On expiry of the Free Trial, you will receive an email from us and will have the option to either (i) continue access to the Product by submitting an Order for a Subscription; or (ii) cease access to and use of the Product. 
5. We reserve the right to modify, cancel and/or limit any Free Trial offer at any time.
6. Our support and maintenance commitments as set out in the Service Level Commitments  and our indemnity as set out in the Agreement do not apply to your use of the Products during the Free Trial.
7. If you choose not to continue use of a Product after the Free Trial, you acknowledge and agree that all Content shall no longer be accessible through the Product on expiry of the Free Trial. 
8. You understand that any pre-release and beta products we make available (“Beta Versions”) are still under development, may be inoperable or incomplete and are likely to contain more errors and bugs than generally available Products. We make no promises that any Beta Versions will ever be made generally available. In some circumstances, we may charge a fee in order to allow you to access Beta Versions, but the Beta Versions will still remain subject to the terms of the Agreement. All information regarding the characteristics, features or performance of Beta Versions constitutes our Confidential Information. To the maximum extent permitted by applicable law, we disclaim all obligations or liabilities with respect to Free Trials. 

Contracting Entity

Some of our Products are provided by different legal entities which are all part of the Sign In App group of companies.  The table below will explain which legal entity you are entering into a contract with when you purchase each Product.  If you purchase the Sign In App Visitor Management Application, the entity in which you enter into a contract with will be determined by your location, as identified in the table below.  

Depending on your location, there may be some additional terms which supplement or replace the terms of our Agreement with you. These terms are set out in section 1.4 below, and form part of our Agreement with you.

Capitalised terms used but not defined on this page have the meaning given to them in the Agreement

1.1. Sign In App Contracting Entity. For purposes of the Agreement, “Sign In App” means the entity identified below in column 2 based on the Product you purchase or, if you purchase the Sign In App Visitor Management Application, your billing address.

1.2. Address for notices.  The address to which you should direct any notices under this Agreement is set out in column 3.

1.3. Governing Law.  The legal jurisdiction for any dispute arising out of or in connection with this Agreement is set out in column 4.

Spain. If you are contracting with Sign In App S.L then the following provisions apply to you. In the event of a conflict between the terms in this ‘Spain’ section and the terms otherwise set forth in this Agreement, the terms of this ‘Spain’ section shall control.

The following amendments shall apply to the Terms of Service:

Clause 18.11 shall be replaced with the following:

Except as provided in clause 4.1.4, a person who is not a party to this agreement shall not have any rights to enforce any of the provisions of this agreement.

The definition of “Data Protection Laws” in schedule 1 shall be replaced with the following:

“Data Protection Laws” means as applicable and binding on you or us: 

a) in Spain:

I) the Organic Law 3/2018, Personal Data Protection and Guarantee of Digital Rights.;

ii) the GDPR, and/or any corresponding or equivalent national laws or regulations;

b) in member states of the European Union: the GDPR and all relevant member state laws or regulations giving effect to or corresponding with any of them;

c) any applicable laws replacing, amending, extending, re-enacting or consolidating any of the above Data

Protection Laws from time to time;

The following amendments shall apply to the Product Terms - Equipment:

Clause 2.1 shall be replaced with the following:

RFID Reader.  We warrant that the RFID Reader shall, for a period of twelve (12) months from the delivery of the RFID Reader to you (“Warranty Period”), be free from material defects in design, material, and workmanship; be of satisfactory quality; and be fit for any purpose described by us. We shall at our option, repair, replace or refund the relevant proportion of the Fee paid by you in respect of the RFID Reader, provided always that we receive written notice of any defect from you within the Warranty Period.

The following amendments shall apply to the Data Protection Addendum:

The definition of “UK GDPR” shall be replaced with “Spain GDPR” and the following definitions will be amended as set out below:

The Competent Supervisory Authority will be the Spanish Data Protection Agency.  The designated Data Protection  can be contacted by email at privacy@signinsolutions.com.

United States. If you are contracting with Sign In App Inc. then the following additional provisions apply to you. In the event of a conflict between the terms in this ‘United States’ section and the terms otherwise set forth in this Agreement, the terms of this ‘United States’ section shall control.

You acknowledge that the Products may be controlled by the laws of one or more countries governing technology use and transfer, including U.S. Export Administration Regulations, and/or may be subject to the sanctions programs of one or more countries. You shall not access, use or transfer the Products in violation of such laws and sanctions programs. You represent and warrant that you are not, and you are not acting on behalf of, (i) any person who is a citizen, national, or resident of, or any entity registered in, or any person or entity who is controlled by the government of, any country to which the United States or any other government has prohibited export or other transactions, or (ii) any person or entity listed on any denied persons or entities list maintained by the United States or any other government, including lists maintained by the U.S. Office of Foreign Assets Control regarding sanctions programs that it administers, the U.S. Treasury Department list of Specially Designated Nationals and Blocked Persons, and the U.S. Commerce Department Denied Persons List or Entity List. You also represent, warrant and covenant that you shall not permit any person or entity described in the preceding sentence to access or use the Products, whether in any U.S. embargoed or sanctioned country or otherwise, or any person or entity to access or use the Services or any part of the Services in violation of any U.S. or other export embargoes, sanctions or laws. You agree to comply with all applicable laws regarding the access and use of the Products by you and any users authorised by you. Notwithstanding anything contained in this Agreement to the contrary, We may, at our sole discretion, immediately terminate your access and use of the Products without prior written notice or an opportunity to cure in the event of an actual or threatened breach of this supplementary Section 1 (Export Controls and Sanctions Compliance).

Service Level  Commitments 

1. SUPPORT

1.1. We shall provide support services 24 hours a day, Monday to Friday, such business hours to exclude public holidays.  For Critical issues we offer 24x7 support.

1.2. When seeking support you shall use your best and reasonable endeavours to provide the fullest information possible to assist us in diagnosing any faults in either the products or equipment you have purchased or rented from us

1.3. Our support obligations and commitments on this page do not apply to software, equipment or services not purchased via and managed by us.

1.4. Additionally, our support obligations and commitments on this page do not apply when:

1.4.1. The problem has been caused by using equipment, software or service(s) in a way that is not recommended.

1.4.2. You have made unauthorised changes to the configuration or set up of affected equipment, software or services. 

1.4.3. The issue has been caused by unsupported equipment, software or other services.

1.5. Support can be sought via the following contact channels: 

1.6. The response time measures how long it takes us to respond to a support request raised via the above channels.

1.7. We are deemed to have responded when we have replied to your initial request. This may be in the form of an email or telephone call, to either provide a solution or request further information.

1.8. We will always endeavour to resolve problems as swiftly as possible. We recognise that your systems are key to your business. However, we are unable to provide guaranteed resolution times. This is because the nature and causes of problems can vary enormously. In all cases, we will make our best efforts to resolve problems as quickly as possible and will also provide frequent progress reports to you. 

1.9. We had an uptime of 99.99% during 2022.

Data Processing Agreement (“DPA”)

This DPA forms part of the Agreement entered into between Sign In Scheduling (“Sign In Solutions” or “SIS”) and you (the “Customer”) on the Effective Date (as defined in the Agreement). "Sign In Solutions" means the entity with whom you entered into the Agreement and “we” or “us” means Sign In Solutions, and all references to the Agreement shall include this DPA (including the Standard Contractual Clauses, as defined below). 

All capitalized terms not defined in this DPA shall have the meanings set forth in the Agreement. This DPA applies where, and only to the extent that, SIS processes your Personal Data that is protected by Applicable Privacy Laws and regulations applicable to the processing of Personal Data under this DPA. Signatures of assent of SIS and Customer to the Agreement will be deemed signature to, and acceptance and agreement of, this DPA and the Standard Contractual Clauses incorporated hereto.

Definitions

1. Processing of data

1.1. Parties’ roles. As between SIS and the Customer, the Customer is the controller of Customer Personal Data, and SIS shall process Customer Personal Data only as a processor acting on behalf of Customer as described in Annex A (Details of Processing) of this DPA.

1.2. Purpose limitation. SIS shall process Customer Personal Data only in connection with the arrangements envisaged under this DPA and in accordance with Customer’s documented lawful instructions, except where otherwise required by applicable law. Customer instructs SIS and its Sub-processors to process Customer Personal Data as reasonably necessary for the provision of the Products contemplated by the Agreement and to perform its obligations under the Agreement.

1.3. Description of processing. A description of the nature and purposes of the Processing, the types of Personal Data, categories of Data Subjects, and the duration of the Processing are set out further in Annex A of this DPA.

1.4. Sensitive data. The Customer is responsible for ensuring that suitable safeguards are in place prior to transmitting or processing, or prior to permitting Customer’s Uses to transmit or process, any Sensitive Data via the Products. The Customer shall take such additional measures (e.g. relating to security and consent) as are necessary to protect such Sensitive Data in accordance with its obligations under all Applicable Privacy Laws.

1.5. Third countries. To the extent such data is transferred under this DPA to a Third Country, the parties agree to abide by the SCCs, where applicable, for such transfers. In particular, transfers of Personal Data from the European Union, European Economic Area, Switzerland, or the United Kingdom of Great Britain and Northern Ireland (“UK”) to Third Countries are subject to the Standard Contractual Clauses, Module Three. The information required for the purposes of the SCCs is provided in Annex C of this DPA. The SCCs are hereby incorporated into the Agreement and the parties’ acceptance of this DPA shall constitute the parties’ acceptance and signing of the Standard Contractual Clauses. If the terms of the Agreement conflict with the SCCs, the terms of the SCCs will prevail. Notwithstanding the foregoing, in the event any data transfer mechanisms are approved under Applicable Privacy Laws the parties may agree to leverage such data transfer mechanisms in lieu of the Standard Contractual Clauses.

1.6. Customer compliance. Customer shall, in its use of the Products, at all times process Personal Data, and provide the Instructions for the processing of Personal Data, in compliance with Applicable Privacy Laws. Customer represents and warrants that Customer has obtained or will obtain, all necessary consents, licenses and approvals for the processing of Personal Data under this DPA and, where applicable, has a valid legal basis under Applicable Privacy Laws for the processing of Personal Data under this DPA. If Customer is a Data Processor of Personal Data, Customer represents and warrants that Customer’s instructions and processing of Personal Data, including its appointment of SIS as a sub-processor, have been authorized by the respective Data Controller. Customer further represents and warrants that Customer (i) will comply with all Applicable Privacy Laws in its performance arising out of this DPA; and (ii) has reviewed SIS’s security practices and acknowledges that such practices are appropriately designed to ensure a level of security appropriate to the risk of processing hereunder.

1.7. Notification obligations regarding the Customer's instructions. SIS shall promptly notify the Customer in writing without any obligation to provide legal advice, unless prohibited from doing so under Applicable Privacy Laws, if it becomes aware or believes that any data processing instruction from the Customer violates Applicable Privacy Laws.

2. Return or Deletion of Data

2.1. Following completion of the Products, SIS shall return or delete the Personal Data as set forth under the Agreement or applicable service documentation, or provide Customer the ability to delete such Personal Data directly through the tools or functionality made available by the Service. The foregoing obligations shall not apply (a) where deletion is not permitted under applicable law (including Applicable Privacy Laws) or the order of a governmental or regulatory body; (b) where SIS retains such Personal Data for internal record keeping and compliance with any legal obligations; and (c) where SIS’s then-current data retention or similar back-up system stores Personal Data provided such data will remain protected in accordance with the measures described in the Agreement and this DPA.

3. Authorized Personnel

3.1. SIS shall ensure that all Authorized Personnel are made aware of the confidential nature of Personal Data and have executed confidentiality agreements or are otherwise subject to binding duties of confidentiality that prohibit them from disclosing or otherwise processing any Personal Data except in accordance with the Instructions and their obligations in connection with the Products.

3.2. SIS shall take commercially reasonable steps to ensure that Authorized Personnel have received data privacy security and training appropriate to the nature of their processing of Personal Data and the requirements of Applicable Privacy Laws.

4. SIS Sub-processors

4.1. Customer hereby provides SIS with general written authorization to engage Sub-processors to process (including transfer) Personal Data in connection with the Products in accordance with this Section 4.

4.2. A list of SIS’s current Sub-processors (the “Sub-processor List”) is available at https://10to8.com/legal (such URL may be updated by SIS from time to time upon notice to Customer). These Sub-processors will be deemed authorized by Customer to process Personal Data in connection with this DPA. At least thirty (30) days before enabling any new Sub-processor to access or participate in the processing of Customer Personal Data, SIS will add such Sub-processor to the Sub-processor List and notify Customer of that update. Customer may object to such an engagement on reasonable data protection grounds by providing notice to SIS within ten (10) days of receipt of the aforementioned notice from SIS.

4.3. If the Customer has raised a reasonable objection to the new Sub-processor, and the parties have failed to agree on a solution within a reasonable period of time, the Customer shall have the right to terminate the Agreement with a notice period mutually determined by SIS and  the Customer, without prejudice to any other remedies available under law or contract. In this event Customer shall immediately pay all fees and costs then owing to SIS up until the date of termination.

4.4. If Customer does not object to the engagement of a third party in accordance with Section 4.2, that third party will be deemed an Sub-processor for the purposes of this DPA.

4.5. SIS shall ensure that each Sub-processor is subject to obligations regarding the processing of Personal Data that are substantially similar to those which SIS is subject under this DPA.

4.6. SIS shall be liable to Customer for any breach of this DPA caused by the acts or omissions of its Sub-processors.

4.7. If Customer and SIS have entered into the Standard Contractual Clauses as described in Section 6 (Transfers of Personal Data) the above authorizations will constitute Customer’s prior written consent to the subcontracting by SIS of the processing of Personal Data if such consent is required under the Standard Contractual Clauses.

5. Security of Personal Data

5.1. SIS shall implement and maintain appropriate technical and organizational measures designed to (i) ensure a level of security appropriate to the risk presented by the processing of the Personal Data; and (ii) protect the Personal Data from unauthorized access, destruction, use, modification or disclosure. Such technical and organizational measures shall include measures equal to or exceeding the measures set forth in Annex B of this DPA. 

6. Transfers of Personal Data

6.1. Only to the extent applicable, or if required by SIS to provide the Products, Customer acknowledges and agrees that SIS and its Sub-processors may process (including transfer) Personal Data in the United Kingdom of Great Britain and Northern Ireland (“UK”), the European Economic Area, the United States of America, Canada and in any other location where SIS or its Sub-processors maintains data processing operations, as set forth in the Sub-processor List. SIS will at all times provide an adequate level of protection for the Personal Data, in accordance with the requirements of Applicable Privacy Laws and, to the extent applicable, the requirements below.

6.2. In connection with the provision of the Products to Customer, SIS may (and may authorize its Sub-processors to) receive from, process within, or transfer Personal Data to, any Third Country provided that SIS and its Sub-processors take measures to adequately protect such data consistent with Applicable Privacy Laws. Such measures may include to the extent available and applicable under such laws.

6.3. The parties’ agreement to enter into and comply with the Standard Contractual Clauses which are hereby incorporated into this DPA and as further set forth in Annex C. In particular, transfers of Personal Data from the European Union, European Economic Area, Switzerland or the UK by Customer to SIS or SIS to Customer in Third Countries are subject to the Standard Contractual Clauses, Module Two (“Controller to Processor”), and Module Three (“Processor to Processor”). The information required for the purposes of the SCCs is provided in Annex C to this DPA. To the extent that any substitute or additional appropriate safeguards or transfer mechanisms under Applicable Privacy Laws are required to transfer data to a Third Country, the parties agree to implement the same as soon as practicable and document such requirements for implementation in an attachment to this DPA.

6.4. The Parties acknowledge and agree that they have, taking into account, without limitation, the Personal Data and Third Countries in scope, the relevant security measures under this DPA and the relevant parties participating in the processing of such Personal Data, conducted an assessment of the appropriateness of the relevant transfer mechanism adopted hereunder and have determined that such transfer mechanism is appropriately designed to ensure Personal Data transferred in accordance with this DPA is afforded a level of protection in the destination country that is essentially equivalent to that guaranteed under the Applicable Privacy Laws.

7. Cooperation, Audit and Records Requests

7.1. SIS shall, to the extent permitted by law, promptly notify Customer following the receipt and verification of a Data Subject Request or shall otherwise advise the Data Subject to submit their Data Subject Request to Customer directly. In either case, Customer will be responsible for responding to such a request. 

7.2. At the request of Customer and taking into account the nature of the processing applicable to any Data Subject Request, SIS shall apply appropriate technical and organizational measures to enable Customer to comply with Customer’s obligation to respond to such Data Subject Request and/or in demonstrating such compliance provided that (i) Customer is itself unable to respond or fulfill the request without SIS’s assistance and (ii) SIS is able to do so in accordance with all applicable laws, rules, and regulations. Customer shall be responsible to the extent legally permitted for any costs and expenses arising from any such assistance by SIS. 

7.3. If SIS receives a subpoena, court order, warrant or other legal demand from a third party, law enforcement, foreign government, or any other public or judicial authorities seeking the disclosure of Personal Data, SIS shall, legally permitting, promptly notify Customer in writing of such request. SIS shall only comply with such third-party requests where SIS has determined it is legally required to do so, in which case SIS shall provide reasonable cooperation to Customer, at Customer’s expense, if Customer wishes to limit, challenge or protect against such disclosure, to the extent permitted by applicable laws. Customer shall assume all risk and liability in handling and responding to such third-party requests and shall indemnify SIS for all losses, costs, damages, claims, actions, suits, demands and liabilities suffered or incurred by or brought against SIS arising out of or relating to any third-party access requests.

7.4. SIS shall, taking into account the nature of the processing and the information available to SIS provide Customer with reasonable cooperation and assistance for Customer to comply with its obligations under the Applicable Privacy Laws, including any obligations to conduct a data protection impact assessment, respond to any inquiry from or consult with any Supervisory Authority or demonstrate compliance with Applicable Privacy Law. The obligations hereunder shall only apply where required of SIS by Applicable Privacy Law and provided that Customer does not otherwise have access to the relevant information or functionality being requested. Customer shall be responsible to the extent legally permitted for any costs and expenses arising from any such assistance by SIS.

7.5. Upon Customer’s request and no more than once per calendar year, SIS shall make available for Customer’s review copies of all applicable attestation reports or certifications demonstrating SIS’s compliance with Applicable Privacy Laws as they relate to SIS’s processing of the Customer Personal Data hereunder. Solely where and to the extent (i) required by Applicable Privacy Laws and (ii) such copies of the attestation reports or  certifications are insufficient to demonstrate SIS’s compliance with Applicable Privacy Laws as it relates to SIS’s processing of the Personal Data hereunder, SIS shall make available to the Customer additional information reasonably necessary to demonstrate compliance with such obligations and allow for and contribute to audits, including mutually agreed and managed inspections, of those data processing facilities within SIS’s control conducted by the Customer or another auditor mutually agreed upon by SIS and the Customer.

7.6. Any audit or inspection authorized by Section 7.5 will occur only after the Customer has provided SIS with at least 30 days’ prior written notice and during a mutually agreed upon date, time, and location by SIS and the Customer. Audits must not unreasonably interfere with SIS’s business or operations, and the scope of such audit will be subject to SIS’s reasonable pre-approval. Individuals responsible for conducting such an audit shall be subject to a contract of confidentiality with SIS. The work required by SIS to participate in any audit may result in additional fees (at a mutually agreed upon hourly rate) to be paid by the Customer, unless otherwise agreed in writing prior to the commencement of such audit. To ensure that SIS complies with Applicable Privacy Laws and its contractual obligations regarding data privacy and security, Customer agrees that SIS is not required to provide Customer with access to SIS’s systems or information in a manner that may compromise the security, privacy, or confidentiality of SIS’s other customers’ confidential or proprietary information.

7.7. Any information disclosed pursuant to this Section 7 will be deemed SIS’s Confidential Information.

8. Personal Data Breach

8.1. After becoming aware of a positively identified Personal Data Breach, SIS shall, without undue delay (but no later than 72 hours), inform Customer of the Personal Data Breach and take such steps as SIS, in its sole discretion, deems necessary and reasonable to remediate such Personal Data Breach (to the extent that remediation is within SIS’s reasonable control).

8.2. SIS shall, taking into account the nature of the processing and the information reasonably available to SIS: (a) provide Customer with reasonable cooperation and assistance necessary for Customer to comply with its obligations under Applicable Privacy Laws with respect to notifying relevant regulators and/or Data Subjects affected by such Personal Data Breach; and (b) provide Customer with information in SIS’s reasonable control concerning the details of the Personal Data Breach including, as applicable, the nature of the Personal Data Breach, the categories and approximate numbers of Data Subjects and Personal Data records concerned, and the likely consequences of the Personal Data Breach.

8.3. The obligations described in this Section 8 shall not apply in the event that a Personal Data Breach results from the actions or omissions of Customer. In no event will SIS’s cooperation or obligation to report or respond to a Personal Data Breach under this Section be construed as an acknowledgement by SIS of any fault or liability with respect to the Personal Data Breach.

8.4.Unless prohibited by an applicable statute or court order, Customer will notify SIS of any third-party legal process relating to any Personal Data Breach, including, but not limited to, any legal process initiated by any governmental entity.

9. Miscellaneous 

9.1. All notices to Customer under this DPA shall be sent by email and directed to the Customer’s designated system administrator for the Products and the “legal and privacy notices” contact if provided by Customer in conjunction with the Agreement. Customer may update these contacts at any time by emailing privacy@signinsolutions.com. 

9.2. The liability of SIS and its respective employees, directors, officers, Affiliates, successors, and assigns (the “SIS Parties”), arising out of or related to this DPA, whether in contract, tort, or other theory of liability, shall be subject to the ‘Exclusion of Warranties, Limitation of Liability and Indemnity’ section of the Agreement, and any reference in such section to the liability of SIS or the SIS Parties means the aggregate liability of the SIS Parties under the Agreement and this DPA together. 

9.3. This DPA is without prejudice to the rights and obligations of the parties under the Agreement which will continue to have full force and effect. In the event of any conflict between the terms of this DPA and the terms of the Agreement, the terms of this DPA will prevail. In the event of any conflict between the terms of this DPA and the Standard Contractual Clauses then, only insofar as the Standard Contractual Clauses apply, the Standard Contractual Clauses will prevail.

9.4. Unless otherwise so required under this DPA or Applicable Privacy Law, Customer and SIS each agree that the dispute resolution provisions of the Agreement (including governing law and venue) apply to this DPA. 

Annex A

Details of Processing

1. Data Exporter:

Name, address and contact information:
As provided under the Agreement.

Activities relevant to the data transferred under the Clauses:
Receipt of the Products under the Agreement.

Signature and date:
As provided under the Agreement.

2. Data Importer:

Name: Sign In Solutions Inc.

Address: 150 2nd Ave N, Suite 1540 St. Petersburg FL, USA 33701

Contact information:

United Kingdom, and European Economic Zone
Governance, Risk and Compliance Team privacy@signinsolutions.com

USA, Canada and Global Regions
Jason Mordeno: Global Privacy Officer dpo@signinsolutions.com

Activities relevant to the data transferred under the Clauses: The provision, maintenance and securing of the Products

Signature and date: As provided under the Agreement.

3. Details of Data Processing

3.1. Subject matter: The subject matter of the data processing under this DPA is the Customer Personal Data. 

3.2. Duration: As between SIS and Customer, the duration of the data processing under this DPA is until the expiration or termination of the Agreement in accordance with its terms.

3.3. Purpose: SIS shall only process Customer Personal Data for the following purposes: (i) processing to perform its obligations under the Agreement; and (ii) processing to comply with any other reasonable instructions provided by Customer (e.g., via email or support tickets) that are consistent with the terms of the Agreement (individually and collectively, the "Purpose"). 

3.4. Nature of the processing: SIS provides support to the Customer in their use of the Products as more particularly described in the Agreement. 

3.5. Categories of data subjects: Customer’s employees and Users (as such term is defined in the Agreement)

3.6. Categories of Customer Personal Data: Customer may upload, submit or otherwise provide certain personal data to SIS, the extent of which is typically determined and controlled by Customer in its sole discretion, and may include the following types of personal data:

• Data Subjects’ identification information (first and last name), contact information, which may include some or all of the Data Subject’s e-mail address, address, telephone number, and location and IT information (IP addresses, usage data, cookies data, online navigation data, location data, browser data) and

• Any other personal data that you choose to include in your instance of the Products for Data Subjects to enter, notably Sensitive Data for which you have received the explicit consent from a Data Subject to the Processing of such Sensitive Data for the intended purposes and subject to Clause 1.4 of this DPA, Sensitive Data.

3.7. Processing Operations: Customer Personal Data will be processed in accordance with the Agreement (including this DPA) and may be subject to the following processing activities: Storage and other processing necessary to provide, maintain and improve the Products and Professional Products provided to Customer pursuant to the Agreement; and/or Disclosures in accordance with this DPA and/or as compelled by applicable law.

Annex B

Security Measures

SIS shall:

1. Provide a level of technical and organizational measures (including appropriate Security and Compliance Measures relating to the categories or nature of Customer Data) appropriate to protect against the harm that might result from a data breach, which shall include but not be limited to:

a. Governance, Risk and Compliance Controls

• Governance - SIS maintains a governance, risk and compliance program, that is a set of processes, policies and procedures in order to operate in accordance with relevant laws, regulations and industry standards;

• Risk - SIS manages risk frameworks that identify and manage risks to technology and data processing systems;

• Compliance - SIS maintains security and compliance processes and conducts audits that examines our controls with management and the safeguarding of customer data;

b. Infrastructure Security Controls

• Monitoring - SIS maintains security monitoring systems, including, but not limited to, detecting and preventing intrusion, monitoring traffic and monitoring file integrity;

• Authentication - SIS maintains effective authentication processes that are maintained to protect Customer Data (e.g., multi factor authentication for privileged access or restricted information);

• Vulnerability Management - SIS has a defined policy and process that establishes requirements for assessing and managing vulnerabilities;

c. Network Security Controls

• Access Points - SIS maintains the authentication and  and supervision of access rights with access to the network and by applying technical policies to prevent any internal and external threats posed by the access;

• Network Management of Roles and Responsibilities - defines authorized groups, roles and responsibilities for management of network components;

• System and Security Events/Firewalls - SIS automatically logs system and security events, reviews logs on a periodic basis, issues identified are investigated and resolved in a timely manner;

d. Data Security Controls

• Technical and Organizational Policies - SIS has processes in place for the classification, management, access, use, destruction of data;

• Encryption - SIS encrypts data in transmit, in transit, at rest and in storage by utilizing industry standard encryption tools; 

• Encryption Keys - SIS safeguards the security and confidentiality of all encryption keys associated with encrypted Customer Data; 

• Role Based Access Controls - SIS practices the method of least privilege which limits user access to authorized individuals;

• Scheduled Backups - SIS backs up Customer Data on a regular basis as required by the Customer and ensuring that any back up data is subject to appropriate Security Measures as necessary to protect the confidentiality, integrity and availability of Customer Data;

Annex C

Standard Contractual Clauses

The parties agree that personal data transferred between and by the parties to Third Countries shall be subject to the Standard Contractual Clauses to the extent applicable and as further set forth under the DPA.

1. The terms “data controller” or “controller,” “data exporter,” “data importer,” “data processor” and “Personal Data” shall have the meaning under the GDPR, UK DPA 2018, Swiss DPA, or another Applicable Privacy Law, as applicable.
2. For transfers of Personal Data to Third Countries originating from outside the EU, references to the General Data Protection Regulation will be replaced by the Applicable Privacy Law and references to the “EU,” “Union” or “Member State” shall be replaced with the applicable originating region.
3. Section 1 Clause 1 (a) of the Standard Contractual Clauses (Definition of Data Importer): The “data importer” means SIS.
4. Section 1 Clause 1 (a) of the Standard Contractual Clauses (Definition of Data Exporter):The “data exporter” means Customer.
5. With respect to objections to Sub-processors under Section 1 Clause 9,the process set forth under Section 4 of this DPA shall apply.

With respect to Processing of applicable personal data:

1. When Customer is a Data Exporter and Controller, and SIS is a Data Importer and Controller – Module 1 shall apply.
2. When Customer is a Data Exporter and Controller, and SIS is a Data Importer and Processor – Module 2 shall apply.
3. When Customer is a Data Exporter and Processor, and SIS is a Data Importer and Sub-Processor – Module 3 shall apply.
4. References to Module 4 in the SCCs shall not apply and language referencing that module shall not be treated as part of this DPA.

To the extent that any additional appropriate safeguards under Applicable Privacy Laws recognizing the Standard Contractual Clauses or similar principles are required to export data to any Third Country, or to the extent that the Standard Contractual Clauses are substituted or replaced or not recognised under any such law, the parties agree to either promptly implement the same or agree to use another acceptable method for transfer of such data and promptly amend this Annex C as necessary to comply with such requirements.

If the terms of the Agreement or the DPA conflict with the Standard Contractual Clauses, the terms of the Standard Contractual Clauses will prevail.

1. The Standard Contractual Clauses will be deemed incorporated into this DPA and shall apply as completed below:
2. In Clause 7, the “Docking Clause (Optional)”, will be deemed incorporated.
3. In Clause 9, Option 2 is selected, and the time period for prior notice of addition or replacement of Sub-processors will be as set forth in the DPA.
4. In Clause 11, the optional language will not apply.
5. In Clause 13, the competent supervisory authority shall be the Irish Data Protection Commission where the EU SCCs apply, the FDPIC where the Swiss DPA applies and the UK Information Commissioner where the UK Transfer Addendum applies.
6. In Clause 17, Option 2 is selected, and the Standard Contractual Clauses will be governed by the law of Ireland where the EU SCCs apply, the law of Switzerland where the Swiss DPA applies and the law of England and Wales where the UK Transfer Addendum applies.
7. In Clause 18(b), disputes will be resolved before the courts of Ireland where the EU SCCs apply, the courts of Switzerland where the Swiss DPA applies and the courts of England and Wales where the UK Transfer Addendum applies.
8. Annexes I and II of the SCCs are as set in Exhibits A and B of this DPA; and Annex III is as set forth in the Sub-processor List.
9. For the purposes of the UK Transfer Addendum, the Standard Contractual Clauses will be interpreted in accordance with Part 2 of the UK Transfer Addendum; Sections 9 – 11 of the UK Transfer Addendum will override Clause 5 of the EU SCCs and both the “Importer” and “Exporter” shall be able to end the UK Transfer Addendum as set out in Section 19 of the UK Transfer Addendum.

By entering into the DPA, the Parties are deemed to be signing the applicable Standard Contractual Clauses.

Affiliated Companies List

Review Statement

• This list may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation or guidance prompt an earlier review.

For further information about Sign In App’s affiliated companies, please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Other Policies

Data Protection Impact Assessment (DPIA) Policy Statement

Sign In App (together with its affiliated companies) has a legal obligation under the Data Protection Act 2018, UK GDPR and the EU GDPR to perform a Data Protection Impact Assessment (DPIA) for high risk processing activities.

Aim

Our aim to to ensure that ‘Privacy by Design and Default’ are embedded into our processes and that conducting a DPIA for activities that relate to processing of personal data will help to identify any risks, apply appropriate solutions and mitigating actions where processing is deemed likely to cause high risk to one or more individuals.

What types of processing automatically require a DPIA? 

• Systematic and extensive profiling with significant effects
• Large scale use of sensitive data
• Public monitoring

What other factors might indicate likely high risk?

• Evaluation or scoring.
• Automated decision-making with legal or similar significant effects.
• Systematic monitoring.
• Sensitive data or data of a highly personal nature.
• Data processed on a large scale.
• Matching or combining datasets.
• Data concerning vulnerable data subjects.
• Innovative use or applying new technological or organisational solutions.
• Preventing data subjects from exercising a right or using a service or contract.

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Data Protection Impact Assessment Policy is available on request.

For further information about Sign In App’s compliance with data protection law, please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Alternatively you can contact the information Commissioner's Office Directly on 0303 123 1113 or at https://ico.org.uk/

Modern Slavery & Human Trafficking Policy Statement

Sign In App (together with its affiliated companies) makes an annual Statement in line with prevailing legislation.  

Modern slavery is a crime and a violation of fundamental human rights. It takes various forms, such as slavery, servitude, forced and compulsory labour and human trafficking, all of which have in common the deprivation of a person's liberty by another in order to exploit them for personal or commercial gain. We are committed to improving our practices to combat slavery and human trafficking.

We are a provider of visitor management software and accompanying hardware to organisations and the education sector globally. Given the nature of our business and scale of operations, the risk of modern slavery within our own workforce is remote. However, the Company operates a number of policies that mitigate the risk of modern slavery and sets out steps to be taken to prevent corruption generally and slavery and human trafficking in its operations. 

Our supply chains

SIA are currently under the threshold prescribed by the Secretary of State in relation to section 54 of the Modern Slavery Act 2015 however we are committed to ensuring there is transparency in our own business and in our approach to tackling modern slavery throughout our supply chains. We expect the same high standards from all of our suppliers and business partners, and as part of our contracting processes, we ensure that our Suppliers are committed to the same and reserve the right to request rectification where standards fall short, or move to alternative suppliers.

Due diligence processes for modern slavery and human trafficking

As part of our initiative to identify and mitigate risk we conduct risk assessments and review our suppliers on an annual basis.  We are committed to combating slavery and human trafficking and expect the same high standards from our supply chain.

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Modern Slavery & Human Trafficking Policy is available on request.

For further information about Sign In App’s compliance with modern Slavery & Human Trafficking legislation , please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Quality Policy Statement

Sign In App (together with its affiliated companies) aims to provide customers with our software products and associated hardware which meet, or more so, exceed their expectations.

 We are committed to continuous improvement and are currently working on a fully documented Quality Management System that will provide a framework for measuring and improving our performance.

Management will ensure business, legal, regulatory requirements and contractual security obligations are taken into account, many of which are already monitored via our ISO 27001:2013 accreditation and the NHS Data Security and Protection Toolkit (NHS DSPT) submission.

Our QMS will include the following:

• regular gathering and monitoring of customer feedback
• a customer complaints procedure
• selection and performance monitoring of suppliers against set criteria
• training and development for our employees
• regular audit of our internal processes
• measurable quality objectives which reflect our business aims
• management reviews of audit results, customer feedback and complaints

The full policy is shared with all staff. Although the Operations Manager has ultimate responsibility for quality, all employees have a responsibility within their own areas of work to help ensure that quality is embedded within the whole company.

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Quality Policy is available on request.

For further information about Sign In App’s quality management, please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Environmental Policy Statement

Sign In App (together with its affiliated companies) recognises that it has a responsibility to the environment beyond legal and regulatory requirements.  We are committed to reducing our environmental impact and continually improving our environmental performance. We will encourage customers, suppliers and employees to do the same. 

As we strive for excellence in every aspect of our business we are committed to minimising the environmental impacts of the business operation. 

Our stated aims are to: 

• Continuously improve our environmental performance. 
• We will reduce the need to travel, restricting to necessity trips only and will promote the use of travel alternatives such as e-mail, web demos or video/phone conferencing. 
• Reduce our consumption of resources, only print where there is a need to, such as shipping labels and documents that have to be hand signed. 
• Manage waste generated from business operations according to the principles of reduction, re-use and recycling. 
• Comply as a minimum with all relevant environmental legislation as well as other environmental requirements. 
• Encourage our supply chain to be ethical, environmentally conscious with strong corporate social responsibility values. 

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Environmental Policy is available on request.

For further information about Sign In App’s compliance with environmental protection law, please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Health & Safety Policy Statement

The policy of Sign In App (together with its affiliated companies) is to provide a safe and healthy working environment to its employees and others within the company including contractors and visitors.

 We are committed to:

• A safe and healthy working environment and safe systems of work.
• The provision of  offices designed and maintained to operate and function safely without risk to health.
• Instructions and procedures for the safe use of tools and equipment.
• Training as deemed necessary within job requirements.
• Adequate supervision of employees undergoing training, both on and off the job, at our own premises.
• Adequate welfare facilities at work.
• Protective clothing and equipment where necessary.
• Medical advice as is necessary.
• Periodic review and surveys of work places and Safety Policy and the implementation of any corrective action as necessary.

All employees are reminded that under Section 7 of the Health and Safety at Work Act 1974 it is their duty to act, in the course of their employment, with due care for the health, safety and welfare of themselves, other employees and other persons who might be affected by their acts or omissions. For the avoidance of danger they should:

• Comply with the instructions and Codes of Practice issued for safe working.
• Make proper use of protective clothing and safety equipment provided.
• Report any defects in offices, equipment or safety procedures that come to their notice.

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Health & Safety Policy is available on request.

For further information about Sign In App’s compliance with Health & Safety legislation please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Business Continuity Plan Policy Statement

Sign In App (together with its affiliated companies) is a software solution used by organisations of all sizes to reduce risk, optimise employee engagement and welcome visitors efficiently. To reflect the critical nature of the product, Sign In App is committed to a high-availability approach with infrastructure designed to ensure resilience, security and scalability.

In the event of a significant business disruption we aim to recover and resume business as soon as possible.   We will:

• Safeguard our employees and property
• Make financial and operational assessments
• Protect the company's resources and data
• Inform our key stakeholders (where appropriate) 

In the event of a significant business disruption our employees are trained to follow our Business Continuity Policy with nominated individuals having responsibility for key tasks.  Our aim is to resume operations as quickly as possible, given the scope and severity of the event.

Our infrastructure has been designed with resilience in mind and, in line with the ISO 27001:2013 framework, we audit, risk assess and strive for continual improvement in all areas of our business.

Contacting us during a significant business disruption event:

• Phone: Our phone system is capable of remote access, allowing us to continue accepting calls whilst away from the office.  

You can find our office numbers here: 

Sign In App

Sign In Central Record

Sign In Scheduling

• Web Form: Follow the above web link and complete a webform, we can email you or call you back.
• Follow a link to our home page, there you can open a chat with one of our team 

Sign In App

Sign In Central Record (access chat via portal)

10to8

• Email: You can email our support team directly at:

Sign In App: support@signinapp.com

Sign In Central Record: help@signincentralrecord.com

Sign In Scheduling: support@10to8.com

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed annually unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Business Continuity Plan Policy is available on request.

For further information about Sign In App’s Business Continuity Planning, please contact:

Governance, Risk and Compliance Team

Tel: + 44 1604 349759

Email: privacy@signinsolutions.com

Anti Corruption & Bribery Policy Statement

Sign In App (together with its affiliated companies) conducts business in an honest and ethical manner.  We take a zero tolerance approach to bribery and corruption in any form. We commit to acting professionally, openly, fairly and with integrity in all our business dealings and relationships wherever we operate.

We remain bound by the laws of all jurisdictions in which we operate, including the Bribery Act 2010 in the UK and the Foreign Corrupt Practices Act 1977 in the United States, in respect of our conduct both at home and abroad. The principles underpinning this Policy are the same in every country in which we operate, regardless of business sector, local customs and practices.

The employees of Sign In App receive training on Anti-Corruption and Bribery and are required to report any concerns.  

Policy Review Statement

• This policy statement may be reviewed at any time and at the request of either staff or management, but will automatically be reviewed 3 years from the initial approval and thereafter on a triennial basis unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Anti-Corruption & Bribery Policy is available on request.

For further information about Sign In App’s Anti-Corruption & Bribery stance, please contact:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Information Security Policy Statement

Sign In App (together with its affiliated companies) recognises that it has a responsibility to exercise due care and due diligence to protect information systems from unauthorised access, use, disclosure, destruction, modification, disruption or distribution.  This will ensure that our reputation with our clients is maintained through confidentiality, integrity and availability. 

Management will ensure business, legal, regulatory requirements and contractual security obligations are taken into account.

Risk assessments and audits against agreed criteria are undertaken on an annual basis, these are audited externally.

The Leadership Team bears the responsibility for establishing and maintaining the systems and internal processes and is committed to maintaining their integrity through regular instruction and training of all personnel so that each employee has a full understanding of what the standards are and what is required to achieve them.

Equally, every member of staff is expected to adopt personal responsibility to maintain this company-wide commitment to integrity. All workers and subcontractors employed for a particular project or function will be required to attain the highest standards set by the company and accept responsibility and accountability for their actions.

Sign In App has a Policy of Continuous Improvement and Objective setting in line with the ISO 27001:2013 Standard. 

The Information Security Management System will be monitored regularly under IG/IS Team’s ultimate responsibility with regular reporting of the status and effectiveness at all levels. 

Policy Review Statement

• This policy may be reviewed at any time if we believe that doing so will enhance our ability to deliver our services.  It will automatically be reviewed annually unless organisational changes, legislation, guidance or non-compliance prompt an earlier review.

Our full Information Security Policy is available with the provision of an NDA.

For further information about Sign In App’s compliance with data protection law, or Information Security please contact in the first instance:

Governance, Risk and Compliance Team

Tel: +44 1604 349759

Email: privacy@signinsolutions.com

Accessibility Statement for Appointment Scheduling Software

10to8 is committed to ensuring digital accessibility for people with disabilities. We are continually improving the user experience for everyone, and applying the relevant accessibility standards.

Measures to support accessibility

10to8 takes the following measures to ensure accessibility of Appointment Scheduling Software:

• Integrate accessibility into our procurement practices.
• Steps in our development consider and evaluate accessibility.
• Working third party to assess our current level of accessibility and addressing issues found.

Compliance status

The Web Content Accessibility Guidelines (WCAG) defines requirements for designers and developers to improve accessibility for people with disabilities. It defines three levels of conformance: Level A, Level AA, and Level AAA.

We divide 10to8 into three distinct areas for accessibility; The 10to8 website, the booking system and our appointment scheduling system. Our aim is for all parts of 10to8 to be compliant with WCAG 2.1 level AA.

The 10to8 commercial website is partially compliant with the Web Content Accessibility Guidelines version 2.1 AA standard. It is not assessed regularly as it is large (thousands of pages) and is not part of the 10to8 product, therefore full assessment and procedures to maintain level WCAG 2.1 level AA are considered not proportionate or necessary. We endeavor to ensure it is accessible using standard web tools.

Appointment Scheduling Software is conformant with WCAG 2.1 level AA.

Appointment Scheduling Booking System is conformant with WCAG 2.1 level AA.

Assessment approach

10to8 assessed the accessibility of the Public Appointment System by the following approaches:

• External evaluation by Test Partners to assess current accessibility status.
• Work resolve any issues found.
• Re-evaluation and certification by Test Partners to demonstrate accessibility status & compliance with WCAG 2.1 level AA
• Use of standard automatic tools to test for compliance with WCAG 2.1 level AA in development

10to8 assesses the accessibility of Appointment Scheduling Software by the following approaches:

• External evaluation by Kaffeinated Kodemonkey to assess current accessibility status, annually.
• Work resolve any issues found and accept any remaining
• Using standard automatic tools to test for compliance with WCAG 2.1 level AA in development

Technical specifications

Accessibility of Appointment Scheduling Software relies on the following technologies to work with the particular combination of web browser and any assistive technologies or plugins installed on your computer:

• HTML
• WAI-ARIA
• CSS
• JavaScript

These technologies will be relied upon for conformance with the accessibility standards as we resolve our accessibility issues.

Feedback & reporting accessibility problems

We welcome your feedback on the accessibility of Appointment Scheduling Software. Please let us know if you encounter accessibility barriers on Appointment Scheduling Software:

E-mail: accessibility@10to8.com