Terms & Conditions

1.1 Definitions

In these Terms, unless the context requires otherwise, the following words and expressions shall have the meanings set out below:

"Additional Terms" means any further terms and conditions agreed in writing between the Service Provider and the Customer, set out in or referenced by an Order Form (or any addendum to it), which apply in addition to these Terms.

"Affiliate" means, in relation to a party, any entity that directly or indirectly controls, is controlled by, or is under common control with that party, where "control" means the ownership of more than fifty percent (50%) of the voting share capital or equivalent right to direct the affairs of that entity.

"Agreement" means the agreement formed between the Service Provider and the Customer comprising: (a) the Order Form (where applicable); (b) these Terms; (c) any Additional Terms; and (d) the Privacy Policy.

"AI Features" means those features of the Service that use artificial-intelligence, machine-learning or large-language-model technologies to generate keywords, search profiles, summaries, suggestions or other content, including any successor or replacement features. The AI Features rely on third-party AI model providers selected by the Service Provider from time to time, which the Service Provider may substitute, supplement or remove at any time.

"AI Input" means any text, search profile, domain, description, document or other material that an Authorised User submits into an AI Feature.

"AI Output" means any content generated by an AI Feature in response to an AI Input.

"Authorised User" means a named individual identified by a unique email address whom the Customer has invited to access the Service under the Customer's Subscription, and who has accepted that invitation. Authorised Users must be employees, contractors, or other personnel of the Customer or its Affiliates acting on the Customer's behalf and for the Customer's internal business purposes.

"Campaign Email" means a single outbound email message sent by or on behalf of the Customer through the Marketing Campaign feature of the Service to a recipient on a Customer-supplied contact list.

"Confidential Information" has the meaning given in clause 16 (Confidentiality).

"CRM Connection" means any integration that the Customer enables between the Service and a third-party customer-relationship-management platform (including, at the Effective Date, Pipedrive), authorised by the Customer through OAuth or equivalent credentials.

"Customer" (also "You" or "Your") means the organisation, firm, company or other entity identified as the customer on the Order Form or, in the case of online sign-up, the entity on whose behalf the individual completing sign-up is acting and which is named in the registration. Where the context requires, "Customer" includes the Customer's Authorised Users.

"Customer Data" means all data, content, materials, configurations, contact lists, search profiles, shortlists, pipeline records, campaign templates, AI Inputs, AI Outputs (subject to clause 6.5), and other information uploaded, configured, generated or transmitted by the Customer or its Authorised Users through the Service. Customer Data does not include Public Sector Data or any data, content or materials of the Service Provider.

"Documentation" means the user guides, help articles, FAQs and other written materials made available by the Service Provider through the Service or otherwise published by the Service Provider, as updated from time to time.

"Effective Date" means: (a) where an Order Form is executed, the start date stated in that Order Form; or (b) where the Customer signs up online without a separate Order Form, the date on which the Customer first accepts these Terms.

"Fair Use Policy" means the fair and acceptable use policy set out in clause 8, together with the obligations and prohibitions referenced in clause 8.2.

"Initial Term" has the meaning given in clause 12.1.

"Intellectual Property Rights" means all intellectual property rights anywhere in the world, whether registered or unregistered, including copyrights, database rights, patents, trademarks, service marks, design rights, rights in confidential information, know-how, and all applications for, and rights to apply for, the registration of any of the foregoing.

"Marketing Campaign" means the feature of the Service that enables the Customer to design, schedule and send Campaign Emails through the Service Provider's email-delivery infrastructure together with a connected Microsoft Outlook mailbox of an Authorised User.

"Order Form" means the written ordering document (whether in the form of a signed PDF, an electronic-signature document, or another form mutually agreed by the parties) executed by both parties that identifies the Subscription purchased, the number of Authorised Users, the Subscription Fee, the Subscription Term, and any Additional Terms. For self-serve online sign-ups, the registration data captured during account activation, together with the selected pricing plan, constitute an Order Form for the purposes of this Agreement.

"Permitted Use" means use of the Service by Authorised Users in accordance with this Agreement, the Documentation, and the Fair Use Policy, in support of the Customer's internal business operations and for no other purpose.

"Privacy Policy" means the Service Provider's privacy policy, available at https://d3tenders.com/privacy/, as updated from time to time.

"Public Sector Data" means tender, contract, award, buyer, supplier and related procurement information ingested by the Service from third-party sources, including Find a Tender, Contracts Finder, devolved-administration portals and other public-sector and procurement publishers.

"Renewal Term" has the meaning given in clause 12.2.

"Service" (or "D3 Tenders Service") means the D3 Tenders software-as-a-service platform made available at https://app.d3tenders.com (and any successor URL), together with the associated APIs, AI Features, Marketing Campaign feature, alerting, integrations, Documentation and any Updates.

"Service Provider" (also "D3", "We", "Us" or "Our") means D3 Analytics Ltd, a private limited company registered in Scotland with company number SC777502, whose registered office is at Suite 109, 111 West George Street, Glasgow, G2 1QX, and which trades as "D3 Tenders".

"Subscription" means the right granted to the Customer under this Agreement to access and use the Service for the Subscription Term in return for the Subscription Fee, at the access level and Authorised-User count specified in the Order Form.

"Subscription Fee" means the fee payable by the Customer for the Subscription, as set out in the Order Form, exclusive of VAT and other applicable taxes.

"Subscription Term" means the period during which the Customer is entitled to access the Service, comprising the Initial Term and any Renewal Term(s) unless and until the Subscription is terminated in accordance with this Agreement.

"Suppression List" means the per-Customer list of email addresses automatically maintained by the Service which must not receive Campaign Emails, populated from unsubscribes, hard bounces, spam complaints and manual additions.

"Updates" means any updates, upgrades, patches, modifications, additions, or new versions to the Service that the Service Provider makes generally available to its customers from time to time.

"User Cap" means the maximum of twenty-five (25) Authorised Users that may be enabled under a standard (non-Enterprise) Subscription. Where the Customer requires more than twenty-five (25) Authorised Users, the Customer must enter into Enterprise Edition arrangements with the Service Provider as set out in clause 3.

1.2 Interpretation

1.2.1 The headings in this Agreement are for convenience only and do not affect its interpretation.

1.2.2 Words in the singular include the plural and vice versa.

1.2.3 References to "writing" or "written" include email and electronic signature, but exclude SMS, instant messaging and posts on social-media platforms.

1.2.4 Any obligation in this Agreement not to do something includes an obligation not to permit, suffer or authorise that thing to be done.

1.2.5 References to a clause or schedule are to a clause or schedule of these Terms unless otherwise stated.

1.2.6 The words "include", "including" and "in particular" are illustrative and do not limit the generality of the related words.

1.2.7 In the event of any conflict or inconsistency between the components of the Agreement, the order of precedence is: (a) the Order Form (including any Additional Terms it incorporates); (b) these Terms; (c) the Privacy Policy. The Order Form prevails only to the extent it expressly states the variation it makes to these Terms.

1.2.8 Any terms or conditions submitted by the Customer that contradict or conflict with this Agreement (whether in a purchase order, supplier-onboarding document, or other Customer documentation) are excluded and do not form part of the Agreement, regardless of when or how they were communicated.

2.1 Applicability

These Terms apply to:

2.1.1 every Customer that subscribes to or otherwise accesses or uses the D3 Tenders Service at https://app.d3tenders.com (or any successor URL); and

2.1.2 every Authorised User who accesses or uses the Service on behalf of a Customer.

2.2 Acceptance

2.2.1 The Customer is deemed to have accepted these Terms, and a binding Agreement comes into force, on the earliest of: (a) the date the Customer signs an Order Form referencing these Terms; (b) the date the Customer indicates acceptance through an online sign-up or click-to-accept mechanism; or (c) the date an Authorised User of the Customer first accesses or uses the Service.

2.2.2 If the Customer does not accept these Terms, the Customer must not access or use the Service. If an Authorised User does not accept these Terms or any further use restrictions notified to them by the Service Provider or by the Customer, the Authorised User must not access or use the Service.

2.3 Authority

2.3.1 The individual accepting these Terms on behalf of a Customer warrants and represents that they are at least 18 years of age, have read and understood these Terms, and have all necessary authority to bind the Customer to this Agreement.

2.3.2 If that individual does not have such authority, or if the Customer does not accept these Terms, the individual must not subscribe to or access the Service on the Customer's behalf.

2.4 Customer Responsibility for Authorised Users

2.4.1 The Customer is responsible for: (a) all activity that occurs through its account or any Authorised User's credentials; (b) ensuring that each Authorised User is made aware of, and complies with, this Agreement (including the Fair Use Policy) and the Documentation; and (c) every act or omission of its Authorised Users as if it were the Customer's own.

2.4.2 The Customer must keep all account credentials confidential and must not allow access to the Service to be shared with anyone other than an Authorised User. Sharing credentials with, or otherwise providing access to, individuals who are not Authorised Users constitutes a material breach of this Agreement.

2.4.3 The Customer must promptly notify the Service Provider at hello@d3tenders.com of any actual or suspected unauthorised access to its account, loss or compromise of credentials, or other security incident affecting the Customer's use of the Service.

2.5 Amendments to these Terms

2.5.1 The Service Provider may amend these Terms from time to time. The Service Provider will give the Customer at least thirty (30) days' prior notice of any amendment, by email to the Customer's billing or administrative contact and by reasonable in-product notification. The amended Terms take effect at the end of the notice period and apply to the Customer's continued use of the Service from that date.

2.5.2 If an amendment is materially adverse to the Customer (including, by way of example, a significant reduction in the functionality of the Service, a material new restriction on Permitted Use, or a material increase in fees that takes effect during the current Subscription Term), the Customer may terminate this Agreement by written notice to the Service Provider given within thirty (30) days of the date of the amendment notice. On termination under this clause 2.5.2, the Service Provider shall refund a pro-rata portion of any prepaid Subscription Fee in respect of the unused remainder of the then-current Subscription Term, and neither party shall have any further liability to the other arising from the amendment.

2.5.3 If the Customer does not give notice of termination under clause 2.5.2 within the thirty (30) day period, the Customer is deemed to have accepted the amended Terms, which apply with effect from the date stated in the notice.

2.5.4 Clauses 2.5.1 to 2.5.3 do not apply to: (a) corrections of typographical or clerical errors that do not change the substance of the Agreement; (b) changes required by applicable law or regulation, which may take effect on shorter notice (or immediately) where the law requires; or (c) changes to the Subscription Fee at renewal, which are governed by clause 12.

2.6 Beta and Preview Features

2.6.1 The Service Provider may from time to time make features available to the Customer that are designated as "beta", "preview", "experimental", "early access", "alpha" or similar (each a "Beta Feature"). Beta Features are made available solely for the Customer's evaluation and feedback.

2.6.2 Beta Features are provided "AS IS" and "AS AVAILABLE", without warranty of any kind, express or implied. The Service Provider may modify, suspend, withdraw or discontinue any Beta Feature at any time, with or without notice, and without liability to the Customer.

2.6.3 The Service Provider's standard service-availability commitments, support obligations, warranties and limitations of liability set out in this Agreement do not apply to Beta Features. The Service Provider's liability for Beta Features is limited to the maximum extent permitted by applicable law.

2.6.4 The Service Provider may, in its discretion, attach further specific terms to any Beta Feature (for example, additional confidentiality obligations or a feedback licence). Where it does so, those further terms apply in addition to this clause 2.6.

2.6.5 The Customer must not use Beta Features in production-critical workflows or rely on Beta Features for any business decision without independent verification.

3.1 Grant of Licence

3.1.1 Subject to the Customer's compliance with this Agreement and timely payment of the Subscription Fee, the Service Provider grants the Customer a non-exclusive, non-transferable, non-sublicensable, revocable right, during the Subscription Term, to access and use the Service for the Permitted Use, for the number of Authorised Users specified in the Order Form, in accordance with the Documentation.

3.1.2 The licence is granted to the Customer (a single legal entity). It does not extend to the Customer's Affiliates unless an Affiliate is identified on the Order Form as an Authorised User's employer or otherwise expressly named as a permitted user of the Subscription.

3.1.3 The licence is granted solely for the Customer's internal business operations. The Customer must not use the Service to provide any product or service to any third party (including, without limitation, providing tender-intelligence, search, monitoring, alerting, AI-summary, or contract-data outputs to the Customer's own clients on a paid or unpaid basis), except where, and to the extent, that such use is expressly permitted by the Order Form.

3.2 Authorised Users and User Cap

3.2.1 The Customer may invite, add, remove and replace Authorised Users self-serve through the Service at any time during the Subscription Term, up to the number of Authorised Users specified in the Order Form and in any event not exceeding the User Cap (twenty-five (25)).

3.2.2 Each Authorised User must be a named individual identified by a unique email address. Login credentials must not be shared, and a single Authorised User account must not be used by more than one individual.

3.2.3 Where an Authorised User leaves the Customer's organisation or otherwise ceases to require access, the Customer may remove that Authorised User and assign the seat to a new named individual. The Customer must not engage in a pattern of rapid reassignment of seats designed or having the effect of allowing more individuals than the Customer's purchased Authorised-User count to access the Service. The Service Provider may treat a sustained pattern of such reassignment as a material breach.

3.2.4 If the Customer requires more than twenty-five (25) Authorised Users, the Customer must contact the Service Provider to enter into an Enterprise Edition arrangement. "Enterprise Edition" means a Subscription documented in a written Order Form that may include (without limitation) bespoke Authorised-User counts above the User Cap, multi-year commitments, custom pricing, custom service levels, custom support tiers, and any other commercial terms agreed between the parties. Enterprise Edition Subscriptions remain subject to these Terms except to the extent the Order Form expressly varies them.

3.3 Free Tier

3.3.1 The Service Provider may make a "Free Tier" of the Service available, allowing limited use of the Service without payment of a Subscription Fee. The features, capacity, usage limits and other restrictions applicable to the Free Tier are as set out in the Documentation and on https://d3tenders.com from time to time, and may differ materially from those of paid Subscriptions.

3.3.2 The Free Tier is provided "AS IS" and "AS AVAILABLE", without service-availability commitments, support obligations, or warranties of any kind. Clauses 17 (Warranties, Disclaimers and Liability Cap) apply to the Free Tier only to the extent expressly stated in those clauses.

3.3.3 The Service Provider may modify, restrict, suspend, or terminate the Free Tier (in whole or in part, generally or in respect of a specific user) at any time on reasonable notice and without liability, including for inactivity, suspected abuse, or for any other reason in the Service Provider's discretion.

3.3.4 The User Cap, audit right (clause 3.5) and Fair Use Policy apply to Free Tier users in the same way as to paid Customers, except that any usage in excess of Free Tier limits will result in restriction or termination of access rather than retroactive billing.

3.4 Trial

3.4.1 The Service Provider may offer a free trial of the Service ("Trial") for a period of seven (7) days, or such other period as is stated on the sign-up page or Order Form. During the Trial, the Customer is granted the licence in clause 3.1 on the same terms as a paid Subscription, save that no Subscription Fee is payable for the Trial period.

3.4.2 At the end of the Trial period, the Customer's access to the Service will either: (a) automatically convert to a paid Subscription on the plan selected by the Customer at sign-up, with the Subscription Fee becoming payable from the day after the Trial ends; or (b) where no payment method has been supplied or no plan selected, downgrade to the Free Tier or terminate, in the Service Provider's discretion.

3.4.3 The Service Provider may, in its discretion, decline to offer a Trial to any prospective Customer, terminate a Trial early, or limit the features available during a Trial.

3.4.4 Each Customer is entitled to one Trial. Repeat sign-ups, sign-ups using different email addresses to obtain successive Trials, and similar circumvention attempts may result in immediate termination of access.

3.5 Audit Right and Excess-Use Charge

3.5.1 The Service Provider may, on not less than seven (7) days' written notice and not more than once in any twelve (12) month period (save where the Service Provider reasonably suspects breach), audit the Customer's use of the Service to verify compliance with the Authorised-User count, the User Cap, and the other restrictions in this Agreement. Audits may be conducted by reviewing the Service's own usage logs and access records and by the Customer providing reasonable cooperation in identifying its Authorised Users.

3.5.2 If an audit reveals that the Customer has enabled, permitted, or allowed Authorised Users in excess of the number specified in the Order Form, or has exceeded the User Cap without entering into an Enterprise Edition arrangement, the Customer shall pay to the Service Provider, within thirty (30) days of invoice: (a) the additional Subscription Fee that would have been payable for the excess Authorised Users for the period of the breach, calculated at the Service Provider's then-current standard per-user rate; plus (b) an uplift of twenty-five percent (25%) of that additional Subscription Fee. Payment of the excess-use charge is without prejudice to any other right or remedy available to the Service Provider, including the right to suspend or terminate the Service.

3.5.3 The Service Provider's audit right under this clause 3.5 is in addition to, and does not limit, any of its other rights under this Agreement.

3.6 Restrictions

3.6.1 Except as expressly permitted by this Agreement or by applicable law that cannot be excluded by contract, the Customer must not, and must not permit any Authorised User or third party to:

1. copy, modify, adapt, translate, or create derivative works of the Service or any part of it;
2. reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code, underlying ideas, algorithms, structure, or organisation of the Service, except to the extent that this restriction is expressly prohibited by applicable law;
3. rent, lease, lend, sell, sublicense, assign, distribute, publish, transfer, or otherwise make the Service available to any third party, or use the Service to provide service-bureau, time-sharing, or similar services to any third party (subject to clause 3.1.3);
4. circumvent, disable, or otherwise interfere with any security, authentication, rate-limiting, suppression, audit, logging, or other protective measure of the Service;
5. access or use the Service, or any Public Sector Data, AI Output, or other content made available through the Service, in order to build or improve a competing product or service, or to benchmark the Service for the purpose of competing with the Service Provider;
6. scrape, spider, crawl, harvest, or use any automated means to extract data from the Service or any Public Sector Data made available through the Service, except via the Service's documented APIs in accordance with their published rate limits and terms of use;
7. use the Service, or any data obtained through the Service, to train, fine-tune, evaluate, or otherwise develop any artificial-intelligence or machine-learning model, except to the extent that the Customer's authorised use of an AI Feature inherently involves the operation of an AI Feature on the Customer's behalf;
8. remove, obscure, or alter any proprietary notice, branding, watermark, copyright legend, or attribution displayed in or by the Service;
9. use the Service in violation of any applicable law, regulation, or third-party right; or
10. attempt to do, or assist or permit any third party to do, any of the foregoing.

3.7 Reservation of Rights

3.7.1 All rights not expressly granted to the Customer under this Agreement are reserved by the Service Provider and its licensors. No licence is granted to the Customer by implication, estoppel, exhaustion, or otherwise, in respect of any Intellectual Property Rights of the Service Provider or any third party.

4.1 Overview

4.1.1 The Service is a software-as-a-service platform that provides public-sector procurement intelligence, opportunity discovery, workflow tools, and outbound engagement features to organisations selling into the public sector. The Service is delivered through a web application at https://app.d3tenders.com, supported by APIs and integrations.

4.2 Functional Categories

4.2.1 The Service comprises the following functional categories. The specific features, modules, fields, filters and capabilities within each category are described in the Documentation and on https://d3tenders.com from time to time, and may be added to, modified, replaced, or retired by the Service Provider in accordance with clause 4.6:

1. Search and Discovery — searching, filtering, and browsing public-sector tender, contract, award and pre-procurement information, including tender-detail views and (where enabled) AI-generated tender summaries.
2. Saved Feeds and Alerts — saving search profiles as feeds, configuring email alerts at daily, weekly or monthly cadence, and managing alert recipients within the Customer's organisation.
3. Shortlists and Pipeline — curating tenders into shortlists, assigning tenders to Authorised Users, tracking opportunities through configurable pipeline stages, and adding comments and notes.
4. Buyer and Supplier Insights — viewing buyer and supplier profiles, procurement history, and related analytics derived from Public Sector Data.
5. AI-Assisted Features — features that use artificial-intelligence and large-language-model technologies to assist the Customer (for example, generating keywords from a domain or description, suggesting synonyms, summarising tenders, and similar). The use of AI Features is subject to clause 6.
6. Marketing Campaigns — designing, scheduling and sending Campaign Emails through the Service's outbound email infrastructure together with a connected Microsoft Outlook mailbox of an Authorised User, including suppression-list management and engagement tracking. The use of Marketing Campaigns is subject to clause 7.
7. CRM Integrations — connecting the Service to a third-party customer-relationship-management platform (Pipedrive at the Effective Date) to synchronise tenders, deals or contacts as set out in the Documentation.
8. Reporting and Data Export — exporting search results, alerts, contact lists, and other Customer Data from the Service in CSV or other supported formats, in accordance with the Fair Use Policy.

4.2.2 Where an Order Form expressly identifies particular features as included in a Subscription, those features are committed to the Customer for the Subscription Term (subject to the Service Provider's right to make non-material changes under clause 4.6). Where the Order Form does not specifically enumerate features, the Customer's Subscription includes the functional categories above as made available by the Service Provider from time to time.

4.3 Service Availability

4.3.1 The Service Provider will use reasonable endeavours to make the Service available twenty-four (24) hours a day, seven (7) days a week during the Subscription Term.

4.3.2 The Customer acknowledges that the Service is provided over the public internet and depends on third-party infrastructure (including cloud-hosting providers, email-delivery providers, and AI model providers), and that the Service Provider does not guarantee uninterrupted, error-free, or always-available access.

4.3.3 The Service Provider is not liable for unavailability of the Service caused by: (a) Scheduled Maintenance (clause 4.4); (b) Emergency Maintenance reasonably required to address a security, data-integrity, or stability issue; (c) failure or unavailability of third-party services, internet infrastructure, or the Customer's own equipment, networks or credentials; (d) Customer-caused issues, including misconfiguration or breach of this Agreement; or (e) Force Majeure events as set out in clause 18.

4.3.4 An Order Form may provide for an enhanced service-availability commitment (including a target uptime percentage and service credits). Where it does so, the Order Form provisions apply in place of clause 4.3.1 for that Subscription.

4.4 Scheduled Maintenance

4.4.1 The Service Provider may carry out planned maintenance of the Service ("Scheduled Maintenance") from time to time. Where Scheduled Maintenance is reasonably likely to cause material disruption to the Customer's use of the Service, the Service Provider will use reasonable endeavours to: (a) give at least twenty-four (24) hours' prior notice (by in-product notification, email, or status-page update); and (b) carry out the Scheduled Maintenance outside UK business hours (08:00–18:00 GMT/BST, Monday to Friday) where practicable.

4.4.2 The Service Provider may carry out unplanned maintenance ("Emergency Maintenance") at any time without prior notice where reasonably necessary to address a security incident, a data-integrity issue, or a material risk to the stability or availability of the Service. The Service Provider will notify the Customer of Emergency Maintenance as soon as reasonably practicable.

4.5 Support

4.5.1 During the Subscription Term, the Service Provider will provide email support to the Customer in respect of the Customer's use of the Service. Support requests should be sent to hello@d3tenders.com.

4.5.2 The Service Provider's standard support hours are 09:00 to 17:00 GMT/BST, Monday to Friday, excluding UK public holidays in Scotland. The Service Provider's target is to provide a first response to support requests received during standard support hours within one (1) business day. Support requests received outside standard support hours will be treated as received at the start of the next business day. The first-response target is a target only and not a contractual remedy; the Service Provider does not guarantee any specific resolution time.

4.5.3 The Service Provider's support obligations cover the Service as made generally available. They do not extend to: (a) Beta Features (clause 2.6); (b) the Free Tier (clause 3.3.2); (c) issues caused by the Customer's misuse of the Service, third-party software, or third-party services; or (d) bespoke development or consulting work, which is outside the scope of standard support.

4.5.4 An Order Form may provide for an enhanced support tier (for example, a named-contact arrangement, priority response targets, or out-of-hours coverage). Where it does so, the Order Form provisions apply in addition to or in place of this clause 4.5 for that Subscription.

4.6 Updates, Changes, and Discontinuation of Features

4.6.1 The Service Provider may, from time to time and in its discretion, modify the Service, add, change or replace features, change the user interface, change the underlying technology, change third-party providers used in the Service, or retire features that the Service Provider reasonably considers to be obsolete, underused, or no longer aligned with the Service Provider's product direction.

4.6.2 The Service Provider will use reasonable endeavours to ensure that any change to the Service does not materially diminish the overall functionality available to the Customer during the then-current Subscription Term. If the Service Provider intends to retire a feature that is expressly named on the Customer's Order Form, the Service Provider will give the Customer at least thirty (30) days' prior notice and will use reasonable endeavours to provide an equivalent replacement feature.

4.6.3 Where a change to the Service is materially adverse to the Customer (within the meaning of clause 2.5.2), the Customer's remedies are as set out in clause 2.5.2 (right to terminate with pro-rata refund), and not otherwise.

4.7 Reliance on Third-Party Public Sector Data

4.7.1 The Service includes Public Sector Data ingested from third-party sources (including Find a Tender, Contracts Finder, devolved-administration portals, and other public-sector and procurement publishers). The Service Provider does not control, and does not guarantee the accuracy, completeness, currency, or fitness for purpose of, Public Sector Data.

4.7.2 The Customer acknowledges that decisions taken in reliance on Public Sector Data are made at the Customer's own risk, and that the Service Provider's role is limited to the ingestion, organisation, presentation and analysis of Public Sector Data through the Service. Further provisions on third-party data and AI Output are set out in clauses 6 (AI Features) and 10 (Third-Party Data Sources & Disclaimer).

5.1 Accurate Information

5.1.1 The Customer must provide, and keep updated, accurate, complete and current information in respect of: (a) the legal entity that is the Customer, including its registered name, registered address, and any registration numbers; (b) the individuals who are Authorised Users (their names and email addresses); (c) the Customer's billing contact and payment details; and (d) any other information that the Service Provider reasonably requests for the purposes of operating the Subscription, performing identity or anti-abuse checks, or complying with applicable law.

5.1.2 The Service Provider may rely on the information supplied by the Customer without further verification. Errors, delays, or other consequences arising from inaccurate or out-of-date information are the Customer's responsibility.

5.2 Account Security and Credentials

5.2.1 The Customer must take appropriate technical and organisational measures to protect access to the Service, including: (a) issuing credentials only to Authorised Users; (b) requiring strong, unique passwords; (c) revoking access promptly when an Authorised User leaves the Customer's organisation or no longer requires access; and (d) restricting administrative privileges within the Service to a small number of named Authorised Users.

5.2.2 The credential-sharing prohibition in clause 2.4.2 and the security-incident notification obligation in clause 2.4.3 apply in addition to this clause 5.2.

5.3 Multi-Factor Authentication

5.3.1 The Service supports multi-factor authentication ("MFA"). The Service Provider strongly recommends that the Customer enables MFA for all Authorised Users, and in particular for any Authorised User with administrative or billing privileges. The Customer is responsible for the configuration and use of MFA in respect of its Authorised Users, and for any consequences (including unauthorised access) arising from a failure to enable MFA where the Service Provider has recommended its use.

5.4 Lawful Use

5.4.1 The Customer must use the Service in compliance with all applicable laws, regulations and regulatory codes, including: (a) data-protection and privacy laws (including the UK General Data Protection Regulation and the Data Protection Act 2018); (b) electronic-marketing laws (including the Privacy and Electronic Communications Regulations 2003); (c) intellectual-property laws; (d) competition laws; and (e) anti-bribery, anti-corruption and modern-slavery laws. The Customer must not use the Service to facilitate, plan or commit any criminal, fraudulent or otherwise unlawful act.

5.5 Sanctions and Export Control

5.5.1 The Customer warrants and undertakes that, both at the Effective Date and throughout the Subscription Term: (a) neither the Customer, any of its Affiliates whose personnel are Authorised Users, nor any Authorised User, is a person designated under, or owned or controlled by a person designated under, any sanctions list maintained by the United Kingdom, the European Union, the United States, the United Nations, or any other competent authority ("Sanctions Lists"); (b) the Customer is not located, organised, or resident in, and will not provide access to the Service to any person located, organised or resident in, a country or territory that is the subject of comprehensive trade or economic sanctions by the United Kingdom, the European Union or the United States; and (c) the Customer's use of the Service will comply with all applicable export-control and sanctions laws.

5.5.2 The Customer must notify the Service Provider in writing as soon as reasonably practicable if the Customer or any Authorised User becomes a person referred to in clause 5.5.1.

5.5.3 If the Service Provider reasonably determines that the Customer or any Authorised User is or has become a person referred to in clause 5.5.1, or that continued provision of the Service to the Customer would put the Service Provider in breach of any applicable sanctions or export-control regime, the Service Provider may immediately suspend or terminate the Service in whole or in part, without liability to the Customer, and without prejudice to its other rights and remedies.

5.6 Customer Data Warranties

5.6.1 The Customer warrants that, in respect of all Customer Data uploaded, configured, generated or transmitted through the Service: (a) the Customer has all rights, licences, consents and lawful bases necessary to upload that Customer Data and to permit the Service Provider to process it as contemplated by this Agreement; (b) the Customer Data does not infringe the Intellectual Property Rights, privacy rights, or other rights of any third party; (c) the Customer Data is not obscene, defamatory, threatening, harassing, or otherwise unlawful; and (d) the Customer Data does not contain any virus, malware, or other harmful code.

5.6.2 Without limiting clause 5.6.1, the Customer's specific obligations and warranties in respect of contact lists and recipients used for Marketing Campaigns are set out in clause 7.

5.7 Notice of Adverse Events

5.7.1 The Customer must notify the Service Provider at hello@d3tenders.com promptly, and in any event within forty-eight (48) hours, on becoming aware of:

1. any actual or suspected unauthorised access to, or use of, the Customer's account or any Authorised User's credentials;
2. any loss or compromise of credentials or devices used to access the Service;
3. any incident materially affecting the Customer Data or the Customer's use of the Service;
4. any change in status referred to in clause 5.5.2 (sanctions);
5. any complaint, regulatory inquiry, legal proceeding, or third-party claim received by the Customer arising from the Customer's use of the Service (including from a Campaign Email recipient or from a regulator); and
6. any insolvency, change of control, sale of business, or similar event affecting the Customer that may affect the Customer's ability to perform its obligations under this Agreement (subject always to any confidentiality or regulatory restriction on disclosure).

5.8 Cooperation with Investigations

5.8.1 The Customer must reasonably cooperate with the Service Provider in connection with any: (a) investigation by the Service Provider into a suspected breach of this Agreement (including the Fair Use Policy and the Marketing Campaign requirements in clause 7) or any security incident affecting the Service; (b) audit conducted under clause 3.5; or (c) legitimate regulatory, legal, or law-enforcement request received by the Service Provider that relates to the Customer's use of the Service.

5.8.2 Cooperation under clause 5.8.1 may include providing information requested by the Service Provider, identifying Authorised Users, providing access to relevant logs in the Customer's possession, taking remedial action requested by the Service Provider, and preserving evidence.

5.9 Removal of Non-Compliant Content and Activity

5.9.1 If the Service Provider reasonably considers that any Customer Data, AI Input, Campaign Email, contact list, account configuration, or other Customer activity through the Service is in breach of this Agreement, the Fair Use Policy, applicable law, or third-party rights, the Service Provider may give the Customer notice (which may be by email or in-product notification) identifying the issue and a reasonable period (which, save in the circumstances in clause 5.9.2, will be at least five (5) business days) to remove, modify, or otherwise remediate the issue.

5.9.2 Where the Service Provider reasonably considers that the issue: (a) presents an imminent risk to the security, integrity, or availability of the Service or to other customers; (b) involves illegal content, ongoing harm to a third party, or material reputational risk to the Service Provider; (c) requires immediate action to comply with applicable law or a regulatory or law-enforcement request; or (d) is likely to result in delivery of Campaign Emails in breach of clause 7 in the immediate future, the Service Provider may take the action in clause 5.9.3 without prior notice and may give notice to the Customer after the fact.

5.9.3 Action under clauses 5.9.1 and 5.9.2 may include any one or more of the following: (a) removing or quarantining the offending Customer Data or AI Input; (b) blocking or pausing the offending Campaign Email or contact list; (c) suspending the affected feature or Authorised User access; or (d) where the issue is sufficiently serious and is not remediated within the notice period, suspending or terminating the Subscription in accordance with clause 14.

6.1 Scope and Purpose

6.1.1 The AI Features are designed to assist the Customer with public-sector procurement and tender-related tasks within the Service, including (without limitation) generating keywords from a domain or description, generating and refining search profiles, suggesting synonyms, summarising tenders, and providing similar contextual assistance. The AI Features are scoped to that purpose.

6.1.2 The Customer must use the AI Features only for their intended procurement and tender-related purpose. The Customer must not use the AI Features as a general-purpose chat assistant, for off-domain queries, or for any purpose unrelated to the Customer's use of the Service.

6.1.3 The AI Features are delivered using reputable third-party artificial-intelligence providers selected by the Service Provider from time to time. The Service Provider may substitute, supplement, or remove AI providers at any time without notice, and may modify the behaviour, models, prompts, output formats, or scope of the AI Features as part of ordinary product development.

6.2 AI Output is Not Professional Advice

6.2.1 AI Output is provided for informational and assistance purposes only. AI Output does not constitute, and must not be relied on as, legal, regulatory, compliance, procurement, financial, tax, accounting, professional, or licensing advice.

6.2.2 The Customer must not use AI Output as the sole or primary basis for any decision relating to: (a) bid eligibility, bid suitability, or bid/no-bid decisions; (b) compliance with public-procurement law (including the Procurement Act 2023 and any successor regime), public-sector regulation, or contracting-authority requirements; (c) the interpretation of tender specifications, contract terms, or award criteria; (d) tax, financial, accounting, or legal positions; (e) employment, immigration, sanctions, anti-money-laundering, or modern-slavery compliance; or (f) any other regulated, professional or high-stakes decision.

6.2.3 The Customer must independently verify AI Output before acting on it, including by reviewing the underlying source materials, taking professional advice where appropriate, and applying the Customer's own judgement.

6.3 AI Output is Not Unique or Exclusive

6.3.1 The Customer acknowledges that AI Features are stateless or limited-state services that may generate the same or substantially similar AI Output for different customers in response to the same or similar AI Input. AI Output is not unique to the Customer, and the Customer is not granted any exclusivity over any AI Output.

6.3.2 The Service Provider, its third-party AI providers, and other customers may independently generate, use, and rely on the same or similar outputs without infringing any right of the Customer.

6.4 Accuracy, Limitations, and Risk

6.4.1 The Customer acknowledges that AI Output may be incomplete, inaccurate, out of date, biased, internally inconsistent, factually wrong (including in ways that appear plausible — sometimes referred to as "hallucinations"), or otherwise unsuitable for the Customer's intended purpose. The Customer assumes all risks arising from its reliance on AI Output.

6.4.2 The AI Features are provided "AS IS" and "AS AVAILABLE". To the maximum extent permitted by applicable law, the Service Provider gives no warranty (express or implied) of any kind in respect of the AI Features or the AI Output, including no warranty of accuracy, completeness, fitness for purpose, non-infringement, or freedom from bias or error. The general warranties, disclaimers and limitations of liability in clause 17 apply additionally to the AI Features.

6.5 Ownership of AI Input and AI Output

6.5.1 As between the Customer and the Service Provider, the Customer owns the AI Input the Customer submits and the AI Output generated in response to the Customer's AI Input. AI Input and AI Output form part of Customer Data for the purposes of this Agreement.

6.5.2 The Customer grants to the Service Provider a non-exclusive, royalty-free, worldwide licence during the Subscription Term and after termination as necessary, to host, store, copy, transmit, and process AI Input and AI Output: (a) to operate, deliver, secure, monitor, support, and improve the Service; (b) to comply with applicable law and respond to legitimate regulatory or legal requests; and (c) on the further terms of clause 6.6 (Use for Model Improvement).

6.6 Use for Model Improvement

6.6.1 The Service Provider does not, and will not, transfer or make available Customer AI Input or Customer AI Output to any third-party AI provider for the purpose of that provider training, fine-tuning, or otherwise improving its general-purpose AI models. Where the Service Provider engages a third-party AI provider, the Service Provider will use commercially reasonable efforts to engage that provider on terms that prohibit the use of Customer AI Input and Customer AI Output for training the provider's models.

6.6.2 The Service Provider reserves the right to use AI Input, AI Output, and any data derived from them, in anonymised and aggregated form (such that the data does not identify the Customer or any individual and cannot reasonably be re-identified), to: (a) develop, train, fine-tune, and evaluate the Service Provider's own internal models, datasets, embeddings, prompts, classifiers, retrieval systems, and similar artefacts used to deliver or improve the Service; (b) measure and improve the quality of the AI Features; (c) detect abuse, fraud, and security incidents; and (d) carry out internal research relating to the Service.

6.6.3 The Service Provider may publish aggregated and anonymised statistics, benchmarks, or insights derived from use of the Service (including the AI Features) without naming the Customer or any individual, provided the publication does not identify the Customer or its Authorised Users.

6.7 Prohibited AI Activities

6.7.1 In addition to the restrictions in clause 3.6, the Customer must not, and must not permit any Authorised User or third party to:

1. attempt to manipulate, jailbreak, or otherwise circumvent any safety, scope, security, or content control of the AI Features (including by way of prompt injection, role-play instructions, or instructions to ignore the Service Provider's system prompts);
2. attempt to extract, expose, or reconstruct the Service Provider's system prompts, model weights, training data, embeddings, or other underlying components of the AI Features;
3. attempt to obtain through the AI Features any information about other customers, other customers' data, or non-public information of the Service Provider;
4. submit AI Input that the Customer does not have all necessary rights and permissions to submit, or that is unlawful or in breach of clauses 5.4 (Lawful Use) or 5.6 (Customer Data Warranties);
5. use the AI Features to generate content that is unlawful, defamatory, harassing, infringing, deceptive, or otherwise in breach of this Agreement or applicable law; or
6. use AI Output (or any data obtained through the AI Features) to develop, train, evaluate, or improve any artificial-intelligence or machine-learning model that competes with the Service or with the AI Features.

6.8 AI Rate Limits and Fair Use

6.8.1 The Service Provider may impose rate limits, usage quotas, concurrency limits, token limits, or other technical and operational limits on the AI Features at any time, in its discretion, to protect the availability and economic operation of the Service. The Service Provider may apply different limits to different Subscriptions or features, and may communicate the limits through the Service, the Documentation, or the Order Form.

6.8.2 Excessive use of the AI Features (including automated or programmatic use designed to extract bulk outputs, run high-frequency queries, or otherwise place an unusual burden on the AI Features) is a breach of the Fair Use Policy and may result in the Service Provider taking action under clauses 5.9 (Removal of Non-Compliant Activity) or 14 (Suspension and Consequences of Breach).

7.1 Scope of Permitted Use

7.1.1 The Marketing Campaign feature enables the Customer to send Campaign Emails to recipients on a Customer-supplied contact list, using the Service Provider's email-delivery infrastructure together with a Microsoft Outlook mailbox connected by an Authorised User.

7.1.2 The Customer must use the Marketing Campaign feature only for legitimate business-to-business outreach in connection with the Customer's tender, contract, procurement, public-sector sales or partnership activities. Permitted uses include (without limitation): outreach to public-sector buyers, suppliers, partners, framework participants, intermediaries and adjacent contacts; follow-up to expressions of interest, tender opportunities, awards or contract events; account-management and relationship communications with existing or prospective public-sector counterparties.

7.1.3 The Customer must not use the Marketing Campaign feature for: (a) consumer (business-to-consumer) marketing of any kind; (b) general-purpose email marketing, newsletters, or product marketing unrelated to the Customer's procurement and tender activities; (c) political-campaigning communications, except where the Customer is lawfully entitled to send them and has notified the Service Provider in writing in advance; (d) regulated financial promotions, except where the Customer is authorised under the Financial Services and Markets Act 2000 (or equivalent regime) and the communication is fully compliant; (e) communications to recipients located in jurisdictions where the Customer does not have a lawful basis to send them; or (f) any purpose prohibited under clauses 3.6, 5.4, 5.6, or this clause 7.

7.2 Customer as Data Controller

7.2.1 In respect of the personal data of recipients of Campaign Emails, the Customer is the data controller and the Service Provider acts as a data processor in accordance with applicable data-protection law. The processing of recipient personal data is governed by the Privacy Policy and the data-protection provisions of clause 9.

7.3 Contact-List Warranties

7.3.1 The Customer warrants and undertakes that, in respect of every contact list uploaded to or used in the Service for Campaign Emails, and in respect of every recipient on such a list:

1. the Customer (or, where the Customer has obtained the data from a third party, its source) collected the recipient's contact data lawfully, fairly, and in compliance with applicable data-protection law (including the UK GDPR and the Data Protection Act 2018);
2. the Customer has a lawful basis under applicable data-protection law to process the recipient's personal data for the purpose of sending the Campaign Emails (and, where the lawful basis relied upon is consent, that the consent is freely given, specific, informed, unambiguous, evidenced, and current; or, where the lawful basis is legitimate interests, that the Customer has carried out and documented a Legitimate Interests Assessment that supports the processing);
3. the Customer's sending of Campaign Emails to the recipient is permitted under the Privacy and Electronic Communications (EC Directive) Regulations 2003 ("PECR") and any equivalent or successor regime applicable to the recipient's location, including (where applicable) the soft-opt-in conditions of PECR Regulation 22 in respect of business-to-business marketing to corporate subscribers;
4. the Customer has provided each recipient with a transparency notice or fair-processing information that meets the requirements of Articles 13 or 14 of the UK GDPR (as applicable) and that covers the use of the recipient's personal data for the Campaign Emails;
5. the contact data is reasonably accurate, up-to-date, and not derived from sources that prohibit the use to which the Customer is putting it (including no use of contact data scraped or compiled in breach of the third party's terms of use);
6. the contact list contains only recipients in respect of whom the Customer has lawful authority to send marketing communications, and excludes any individual who has previously objected to direct marketing or withdrawn consent in respect of the Customer's communications; and
7. the Customer holds, and can produce on reasonable request by the Service Provider or by a regulator, evidence of compliance with paragraphs (a) to (f) for each recipient.

7.3.2 The Customer must not upload to or use within the Service any contact list (or part of one) that the Customer has purchased, rented, scraped, or otherwise obtained without the lawful basis required by clause 7.3.1.

7.4 Sending Domain and Authentication

7.4.1 The Customer must connect a Microsoft Outlook mailbox owned and lawfully controlled by the Customer (or by an Authorised User on behalf of the Customer), using the integration provided by the Service. The Customer authorises the Service Provider to send Campaign Emails on behalf of the Customer through the connected Outlook mailbox in accordance with this Agreement.

7.4.2 Before the first Campaign Email is sent from any sending domain used with the Service, the Customer must configure, and thereafter maintain, the following email-authentication records on that domain: (a) a Sender Policy Framework ("SPF") record that authorises the Service Provider's email-sending infrastructure (and the connected Outlook mailbox provider) to send on the Customer's behalf; (b) DomainKeys Identified Mail ("DKIM") signing aligned with the sending domain; and (c) a Domain-based Message Authentication, Reporting and Conformance ("DMARC") policy aligned with the sending domain (with at minimum a policy of p=none for monitoring; p=quarantine or p=reject is recommended).

7.4.3 The Service Provider may require the Customer to evidence the authentication configuration before enabling Campaign Email sending. The Service Provider may pause, block, or refuse to send Campaign Emails where authentication is missing, mis-configured, mis-aligned, or where authentication failures are reported by recipient mail systems.

7.4.4 The Customer must not use the Marketing Campaign feature to send Campaign Emails purporting to be sent from a domain or sender identity that the Customer does not own or lawfully control.

7.5 Mandatory Campaign Email Requirements

7.5.1 Every Campaign Email sent through the Service must:

1. clearly and accurately identify the Customer as the sender, including a valid postal address for the Customer;
2. include a clear and conspicuous mechanism by which the recipient may unsubscribe from further Campaign Emails from the Customer at no cost (typically, an unsubscribe link rendered through the Service);
3. honour any unsubscribe request promptly (and in any event within five (5) business days of receipt), with the recipient being added to the Suppression List for the Customer's organisation;
4. use subject lines that are accurate, not deceptive, and not designed to disguise the marketing nature of the message;
5. accurately describe the content and purpose of the message in any preview text;
6. not contain phishing content, malware, malicious links, fraudulent claims, or content that misrepresents the sender, the Customer's products or services, or any third party;
7. comply with PECR (and any equivalent regime applicable to recipients in other jurisdictions), the Consumer Protection from Unfair Trading Regulations 2008 (where applicable), and all other applicable laws, regulations, and codes of practice;
8. not be obscene, defamatory, harassing, threatening, discriminatory, or otherwise unlawful; and
9. comply with any technical or formatting requirements set out in the Documentation from time to time.

7.6 Send Limits and Volume Controls

7.6.1 The Service Provider sets, and may modify from time to time, technical and operational limits on Marketing Campaigns, including (without limitation): per-Authorised-User per-day send limits, per-Subscription per-day send limits, per-campaign size limits, per-mailbox warm-up ramps, per-recipient frequency limits, and concurrency limits. The current limits are set out in the Documentation, may differ between Subscription levels, and may be modified by the Service Provider at any time on reasonable notice.

7.6.2 An Order Form may set bespoke send limits for an Enterprise Edition Subscription, in which case the Order Form limits apply in place of the Documentation defaults.

7.6.3 The Customer must not seek to exceed, evade, or work around send limits, including by splitting campaigns across multiple Authorised Users, multiple mailboxes, or multiple Subscriptions for the purpose of defeating the limits. The Service Provider may treat such attempts as a material breach.

7.7 Bounce, Complaint, and Engagement Standards

7.7.1 The Customer is responsible for maintaining the deliverability and reputation of its Campaign Emails. The Service Provider may at any time, in its discretion, pause, throttle, or block sending where: (a) the bounce rate, spam-complaint rate, or unsubscribe rate of the Customer's Campaign Emails is excessive (with "excessive" assessed by the Service Provider against email-industry norms applicable from time to time, the Service Provider's then-current operational thresholds, and the standards required by the Service Provider's email-delivery providers); (b) the engagement rate (open, click, or reply) is materially below the level required by the Service Provider's email-delivery providers; (c) Campaign Emails are being delivered to recipient mail systems that are flagging them as spam, phishing, or otherwise abusive; (d) the Service Provider's IP-pool reputation, sending-domain reputation, or third-party feedback loops indicate sender-reputation harm attributable to the Customer; or (e) the Service Provider is required to do so by its email-delivery providers, by an internet-service provider, or by applicable law.

7.7.2 Where the Service Provider pauses, throttles or blocks sending under clause 7.7.1, it will notify the Customer as soon as reasonably practicable and may require the Customer to: (a) review and clean its contact lists; (b) modify its Campaign Email content; (c) reduce its sending volume; (d) implement a warm-up programme; and/or (e) take such other remedial action as the Service Provider reasonably requires before sending is resumed.

7.8 Suppression List

7.8.1 The Service maintains a Suppression List for each Customer's organisation. The Suppression List is automatically populated when: (a) a recipient unsubscribes through the unsubscribe link in a Campaign Email; (b) a Campaign Email hard-bounces; (c) a recipient marks a Campaign Email as spam or otherwise complains; or (d) the Service Provider or the Customer manually adds an address.

7.8.2 The Customer must not, and must not attempt to, send Campaign Emails to addresses on its Suppression List. The Customer must not remove addresses from its Suppression List except where the Customer has obtained fresh, demonstrable consent from the relevant individual for further communications, and any such removal is at the Customer's risk.

7.8.3 The Customer may add further addresses to its Suppression List as required to honour direct opt-out requests received outside the Service (for example, by reply to a Campaign Email, by phone, or in writing). The Customer is responsible for ensuring that all opt-out requests received by the Customer through any channel are reflected in the Suppression List or otherwise excluded from Campaign Emails.

7.9 Outlook Mailbox Connection

7.9.1 To use the Marketing Campaign feature, an Authorised User must connect a Microsoft Outlook mailbox to the Service. The connection is established using the OAuth flow provided by Microsoft, and the resulting tokens are stored by the Service Provider in encrypted form solely for the purpose of operating the Marketing Campaign feature.

7.9.2 The Customer is responsible for: (a) ensuring that the Authorised User connecting the mailbox has authority to do so; (b) the configuration, retention, security, and lawful operation of the Outlook mailbox itself, including compliance with the Customer's contractual and regulatory obligations to its own employees and customers; and (c) the consequences of revocation, expiry, or loss of access to the connected mailbox.

7.9.3 The Service Provider may disconnect the Outlook integration, refresh credentials, or refuse to send through a connected mailbox where reasonably necessary to comply with this Agreement, with Microsoft's terms, or with applicable law. The Customer's exclusive remedy for the operation of this clause 7.9.3 is to reconnect the mailbox in accordance with the Documentation.

7.10 D3's Enforcement Powers

7.10.1 Without prejudice to its other rights and remedies, the Service Provider may at any time, in its discretion and without prior notice where it reasonably considers that the circumstances require: (a) pause, throttle, block, cancel, or refuse to send any specific Campaign Email or all Campaign Emails for the Customer; (b) remove specific recipients or contact lists from sending; (c) add addresses to, or refuse to remove addresses from, the Suppression List; (d) disconnect the Authorised User's Outlook mailbox integration; (e) suspend the Marketing Campaign feature for the Customer in whole or in part; and/or (f) suspend or terminate the Subscription in accordance with clause 14.

7.11 Indemnity for Marketing Campaigns

7.11.1 The Customer shall indemnify, defend, and hold harmless the Service Provider, its Affiliates, and their respective officers, employees, and agents, from and against all claims, demands, actions, proceedings, losses, damages, fines, penalties, costs, and expenses (including reasonable legal fees) suffered or incurred by them, and arising out of or in connection with: (a) any breach by the Customer of this clause 7; (b) any breach by the Customer of applicable data-protection or electronic-marketing law in connection with Campaign Emails; (c) any complaint, claim, regulatory action, or investigation made by a recipient, a recipient's organisation, an internet-service provider, the Information Commissioner's Office, or any other regulator, in connection with Campaign Emails; or (d) any claim that any contact data, content, or other Customer Data used in a Campaign Email infringes a third party's rights.

7.11.2 The indemnity in clause 7.11.1 is in addition to, and does not limit, any other indemnity in this Agreement and is not subject to the liability cap in clause 17.

8.1 Purpose

8.1.1 This Fair and Acceptable Use Policy (the "Fair Use Policy") protects the integrity, availability, security, and economic operation of the Service and protects other customers, recipients of Campaign Emails, and the Service Provider's brand, infrastructure, and licensors. The Customer must comply with the Fair Use Policy at all times, and must ensure that each Authorised User does the same.

8.2 Components

8.2.1 The Fair Use Policy comprises this clause 8 together with the obligations and prohibitions set out in: (a) clause 3.6 (Restrictions); (b) clause 5.4 (Lawful Use), clause 5.6 (Customer Data Warranties), and clause 5.9 (Removal of Non-Compliant Content); (c) clause 6.7 (Prohibited AI Activities) and clause 6.8 (AI Rate Limits and Fair Use); and (d) clause 7 (Outbound Email and Marketing Campaigns) in its entirety. References in this Agreement to the "Fair Use Policy" are to all of the foregoing collectively.

8.3 Permitted Use of D3 Data, AI Output, and Insights

8.3.1 Subject to compliance with this Agreement, the Customer is permitted to use the Public Sector Data, AI Output, exports, search results, summaries, and other outputs of the Service (each a "D3 Output") in the following ways:

1. Internal business use — for the internal business operations, decision-making, research, planning, and analysis of the Customer and its Affiliates whose personnel are Authorised Users;
2. Bid, proposal, pitch and tender-response work — by incorporating D3 Output as an input into the Customer's own bid, proposal, pitch, tender response, or similar work product directed at a specific opportunity or counterparty, where the D3 Output is integrated with the Customer's own analysis, presentation, or commentary;
3. Internal sharing with colleagues — by sharing D3 Output internally with employees, contractors, or other personnel of the Customer who are not Authorised Users, on a need-to-know basis, provided that the recipients are bound by appropriate confidentiality obligations and the sharing is incidental to the Customer's internal use of the Service (and is not a substitute for those individuals being given Authorised User access);
4. One-off sharing on a specific deal — by sharing specific items of D3 Output (such as a single tender notice, contract record, or buyer profile) with a named partner, advisor, or counterparty on a specific deal or opportunity, on a non-systematic basis;
5. Regulated reporting and disclosure — by including D3 Output in regulatory filings, audit responses, or similar disclosures required of the Customer by law or regulation, where such inclusion is required and proportionate; and
6. Other uses expressly permitted by the Order Form — including any agency, service-bureau, white-label, or redistribution rights expressly granted to the Customer under clause 3.1.3.

8.3.2 The Customer must, when sharing D3 Output externally under clause 8.3.1(b), (c), (d), or (e), use reasonable endeavours to: (i) avoid presenting raw bulk extracts of Public Sector Data in a manner that could substitute for an independent subscription to the Service by the recipient; and (ii) where reasonably practicable, attribute the source of Public Sector Data to its original publisher (for example, "source: Find a Tender") and not exclusively to the Service Provider.

8.4 Prohibited Use

8.4.1 In addition to the prohibitions referenced in clause 8.2.1, the Customer must not, and must not permit any Authorised User or third party to:

1. Resell, repackage, or commercialise D3 Output — sell, license, syndicate, publish, or otherwise commercialise (whether for a fee or without charge) any D3 Output, or any product, service, dataset, data feed, report, alert service, intelligence service, dashboard, or analysis built primarily on or using D3 Output, except as expressly permitted by the Order Form. For clarity, this paragraph (a) does not prevent the permitted uses described in clause 8.3.1;
2. Build a competing service — use D3 Output, the Service, or any data, knowledge, or insight gained through the Service to develop, operate, or improve any product or service that competes with the Service or with any of the Service Provider's other products or services;
3. Systematically extract data — extract, copy, store, or accumulate Public Sector Data or other content from the Service in bulk for the purpose of building a separate database or data feed, except via the Service's documented APIs (where available) in accordance with their published rate limits and terms;
4. Burden or attack the Service — engage in any denial-of-service activity, load-testing without prior written permission, scripted high-frequency querying, automated scraping outside the Service's documented APIs, or any other activity that places an unusual or disproportionate burden on the Service's infrastructure;
5. Probe security without permission — perform security research, vulnerability scanning, penetration testing, fuzzing, or similar activity against the Service, except under a written authorisation from the Service Provider that specifies the scope, timing, and rules of engagement;
6. Send spam outside the Marketing Campaign feature — send marketing or other unsolicited bulk communications using or in connection with the Service through any channel other than the Marketing Campaign feature, or in any way that would constitute spam, unsolicited commercial email, or a breach of PECR or any equivalent regime;
7. Circumvent third-party controls — use the Service to circumvent the security, access controls, content filters, anti-spam systems, or other protective measures of any third party, or to facilitate any such circumvention;
8. Misuse D3's brand — use the Service Provider's name, trademarks, logos, branding, or visual identity without the Service Provider's prior written permission, except for factual references to the Service that are accurate and do not imply an endorsement, partnership, or relationship that does not exist;
9. Generate or distribute harmful content — generate, transmit, distribute, store, or display through the Service any content that is unlawful, infringing, malicious, defamatory, obscene, harassing, threatening, discriminatory, or otherwise objectionable; or
10. Attempt or assist any of the foregoing — attempt to do, or assist or encourage any third party to do, any of the things prohibited by this Fair Use Policy.

8.5 Investigation and Enforcement

8.5.1 The Service Provider may investigate suspected breaches of the Fair Use Policy. The Customer must cooperate with such investigations as set out in clause 5.8. Action by the Service Provider in response to a Fair Use Policy breach is governed by clauses 5.9 (Removal of Non-Compliant Content), 7.10 (D3's Enforcement Powers in respect of Marketing Campaigns), and 14 (Suspension and Consequences of Breach).

8.6 Variation

8.6.1 The Service Provider may vary the Fair Use Policy from time to time on at least thirty (30) days' notice, in accordance with clause 2.5. Variations to clause 8.2 that consist solely of cross-references to amended clauses elsewhere in this Agreement do not require separate notice.

9.1 Definitions for this Clause

9.1.1 In this clause 9, the terms "personal data", "process(ing)", "controller", "processor", "data subject", "personal data breach", "special category data", and "supervisory authority" have the meanings given in the UK GDPR. "Data Protection Law" means the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, PECR, and any successor or replacement legislation, in each case as in force from time to time and as supplemented by guidance from the Information Commissioner's Office.

9.2 Roles of the Parties

9.2.1 In respect of the processing of personal data under this Agreement:

1. The Customer is the controller of personal data contained in Customer Data, including AI Input, AI Output (to the extent it contains personal data), contact lists, and recipient personal data used in Marketing Campaigns. The Service Provider acts as a processor on the Customer's behalf in respect of such personal data.
2. The Service Provider is the controller of personal data that it processes for its own purposes, including: (i) account-management and authentication data of Authorised Users (names, email addresses, login records, audit logs); (ii) billing and contracting data of the Customer's billing contacts; (iii) Service-operational data such as telemetry, security logs, and usage analytics; and (iv) marketing and communications by the Service Provider to its own contacts. The Service Provider's controller-role processing is described in the Privacy Policy.
3. Where in any specific scenario it is unclear which party is the controller, the parties shall act reasonably and in good faith to determine the appropriate role consistent with Data Protection Law.

9.3 Processing Particulars (Article 28(3))

9.3.1 In respect of the Service Provider's processor-role processing under clause 9.2.1(a):

1. Subject matter: provision of the Service to the Customer in accordance with this Agreement.
2. Duration: the Subscription Term, plus the post-termination period set out in clause 9.13.
3. Nature and purpose: hosting, storing, organising, retrieving, transmitting, displaying, processing, analysing, and (in respect of Marketing Campaigns) sending personal data, in each case as necessary to deliver the functional categories of the Service set out in clause 4.2 and to support the Customer's use of the Service.
4. Types of personal data: (i) identification and contact data (names, job titles, email addresses, telephone numbers, postal addresses); (ii) employer/organisation data; (iii) procurement-related data associated with named individuals (such as buyer or supplier contacts within Public Sector Data); (iv) communications metadata and content (Campaign Email subject lines, body content, send/open/click/bounce/complaint events); (v) AI Input and AI Output to the extent it contains personal data; and (vi) any other personal data that the Customer chooses to upload or generate within the Service.
5. Categories of data subjects: (i) the Customer's Authorised Users; (ii) recipients of Campaign Emails; (iii) public-sector buyer and supplier contacts named in Public Sector Data and used by the Customer; and (iv) any other individuals whose personal data the Customer chooses to process through the Service.
6. Special category data: the Service is not designed for the processing of special category data or criminal-conviction data. The Customer must use reasonable endeavours to avoid uploading such data into the Service. The Service Provider does not knowingly process special category data on the Customer's behalf, and is not responsible for the consequences of any such data being uploaded by the Customer.

9.4 Customer Instructions

9.4.1 The Service Provider will process Customer personal data only on the documented instructions of the Customer, which are set out in: (a) this Agreement (including the Order Form, these Terms, the Documentation, and the Privacy Policy); (b) the Customer's configuration and use of the Service from time to time; and (c) any further written instructions reasonably given by the Customer that are consistent with this Agreement, are operationally feasible, and do not require the Service Provider to develop new functionality.

9.4.2 The Service Provider may process Customer personal data otherwise than on the Customer's documented instructions where required to do so by applicable law. In that case, the Service Provider will (where lawful) inform the Customer of the legal requirement before carrying out the processing.

9.4.3 If the Service Provider considers that an instruction from the Customer infringes Data Protection Law, the Service Provider will inform the Customer without undue delay.

9.5 Confidentiality of Personnel

9.5.1 The Service Provider ensures that any personnel authorised to process Customer personal data are bound by appropriate written contractual obligations of confidentiality (or are under a statutory obligation of confidentiality) and have been provided with appropriate training in respect of the protection of personal data.

9.6 Security Measures

9.6.1 The Service Provider implements and maintains appropriate technical and organisational measures designed to ensure a level of security of Customer personal data appropriate to the risk, taking into account the state of the art, the costs of implementation, the nature, scope, context and purposes of processing, and the risks to the rights and freedoms of data subjects.

9.6.2 Without limiting clause 9.6.1, the Service Provider's measures include: (a) encryption of Customer personal data in transit (using industry-standard TLS) and at rest; (b) authenticated access controls, including support for MFA and single sign-on; (c) the principle of least privilege in relation to access to Customer personal data by Service Provider personnel; (d) audit logging of administrative access; (e) network segmentation and use of security-controlled cloud infrastructure; (f) supplier risk management for sub-processors; (g) regular review and updating of security measures; (h) backup and disaster-recovery arrangements; and (i) an internal incident-response process.

9.6.3 The Service Provider may modify its security measures from time to time, provided that the modifications do not materially reduce the overall level of security afforded to Customer personal data.

9.7 Sub-processors

9.7.1 The Customer grants to the Service Provider a general written authorisation under Article 28(2) of the UK GDPR to engage sub-processors to process Customer personal data on the Service Provider's behalf for the purposes of operating, supporting, securing, and improving the Service. Sub-processors include, by way of example and without naming specific providers, providers of cloud hosting, identity and authentication, email-delivery, mailbox-integration, AI model inference, payment processing, customer-relationship-management integration, and similar service-delivery infrastructure.

9.7.2 The Service Provider will: (a) engage sub-processors only under written terms that impose data-protection obligations equivalent in substance to those set out in this clause 9; (b) remain liable to the Customer for the acts and omissions of its sub-processors as if they were its own; and (c) take reasonable steps to satisfy itself of the suitability of each sub-processor.

9.7.3 The Service Provider will give the Customer at least thirty (30) days' notice (which may be by in-product notification, email, or status-page update) before engaging any new sub-processor or replacing an existing sub-processor with a new one, where the change is material to the Customer's use of the Service.

9.7.4 The Customer may object on reasonable data-protection grounds to a proposed new sub-processor, by written notice to the Service Provider given within thirty (30) days of the Service Provider's notice. If the Customer objects, the Service Provider shall use reasonable efforts to make available a commercially reasonable change to the Service which avoids the need to use the proposed sub-processor. If no such change is available within thirty (30) days, the Customer may terminate this Agreement by written notice and shall be entitled to a pro-rata refund of any prepaid Subscription Fee for the unused remainder of the then-current Subscription Term, in accordance with clause 13.

9.8 International Data Transfers

9.8.1 The Service Provider may transfer Customer personal data to, and process Customer personal data in, countries or territories outside the United Kingdom, including (without limitation) the European Economic Area, the United States, and other jurisdictions in which sub-processors operate.

9.8.2 In respect of any transfer of Customer personal data to a country or territory not covered by an adequacy regulation made under section 17A of the Data Protection Act 2018 (or any equivalent successor provision), the Service Provider will ensure that an appropriate transfer mechanism under Article 46 of the UK GDPR is in place, including (as applicable): (a) the International Data Transfer Agreement issued by the Information Commissioner ("IDTA"); (b) the International Data Transfer Addendum to the European Commission's Standard Contractual Clauses ("UK Addendum"); or (c) any other transfer mechanism approved under the UK GDPR.

9.8.3 The Customer authorises the Service Provider to enter into the IDTA, the UK Addendum, or any other approved transfer mechanism with sub-processors and third-country recipients on the Customer's behalf, on the standard terms applicable to such mechanisms, and to take such further steps as are reasonably necessary to give effect to such mechanisms.

9.9 Personal Data Breach Notification

9.9.1 The Service Provider will notify the Customer without undue delay, and in any event within seventy-two (72) hours, after becoming aware of a personal data breach affecting Customer personal data processed by the Service Provider as a processor.

9.9.2 The notification will, to the extent the information is then available, describe: (a) the nature of the breach (including, where possible, the categories and approximate number of data subjects and personal-data records concerned); (b) the likely consequences of the breach; and (c) the measures taken or proposed to be taken to address the breach, including measures to mitigate adverse effects. Information not initially available may be provided in stages without undue further delay.

9.9.3 The Service Provider will reasonably assist the Customer in meeting the Customer's own breach-notification obligations under Data Protection Law (including, where applicable, notification to the Information Commissioner's Office and to affected data subjects).

9.9.4 The Customer is responsible for notifying personal data breaches affecting personal data for which the Customer is controller. Notification by the Service Provider to the Customer under this clause 9.9 is not an admission of fault or liability by the Service Provider.

9.10 Assistance with Data Subject Rights

9.10.1 Taking into account the nature of the processing, the Service Provider will provide reasonable assistance to the Customer (by appropriate technical and organisational measures, insofar as practicable) in fulfilling the Customer's obligation to respond to requests from data subjects exercising their rights under the UK GDPR.

9.10.2 Where reasonably practicable, the Service Provider will make available to the Customer, through the Service or on request, the functionality required for the Customer to access, rectify, erase, restrict, or port the Customer personal data of an individual data subject. Where the Customer requires the Service Provider's direct involvement, the Service Provider may charge its reasonable costs for that assistance.

9.10.3 Where the Service Provider receives a request from a data subject in respect of personal data the Customer is controller of, the Service Provider will: (a) not respond to the request directly, except to acknowledge it and direct the data subject to the Customer or to the Service Provider's standard handling process; and (b) notify the Customer of the request without undue delay.

9.11 Regulatory Engagement and DPIAs

9.11.1 The Service Provider will provide reasonable assistance to the Customer (taking into account the nature of the processing and the information available to the Service Provider) in connection with the Customer's obligations under Articles 32 to 36 of the UK GDPR, including data-protection impact assessments and prior consultation with the Information Commissioner.

9.12 Records and Audit

9.12.1 The Service Provider will make available to the Customer, on reasonable written request and not more than once in any twelve (12) month period, such information as is reasonably necessary to demonstrate the Service Provider's compliance with this clause 9, including: (a) a written summary description of the Service Provider's technical and organisational security measures; (b) responses to standard customer security questionnaires; and (c) where the Service Provider holds independent third-party assurance certifications or attestations (such as ISO 27001 or SOC 2), copies or summaries of those reports.

9.12.2 Information provided under clause 9.12.1 is the Confidential Information of the Service Provider and is provided subject to the Customer agreeing in writing (where the Service Provider reasonably requests) to a non-disclosure agreement on commercially reasonable terms.

9.12.3 The Service Provider's audit obligations under this clause 9.12 do not extend to on-site audits, physical inspections, network or system penetration testing, or audits by third-party auditors, save in each case where required by Data Protection Law and where the parties have agreed in writing in advance to the scope, timing, and rules of engagement (and to the Customer's reimbursement of the Service Provider's reasonable costs).

9.13 Return and Deletion of Customer Data on Termination

9.13.1 During the Subscription Term, the Customer may export Customer Data through the Service's available export functionality.

9.13.2 For a period of thirty (30) days following termination or expiry of the Subscription Term ("Post-Termination Export Window"), the Service Provider will continue to make Customer Data available to the Customer through the Service's available export functionality, save where the Service Provider has terminated for the Customer's material breach in circumstances where continued access is reasonably likely to facilitate a continuation of the breach (in which case, the Service Provider will provide a one-off export of Customer Data on reasonable terms).

9.13.3 At the end of the Post-Termination Export Window, the Service Provider will delete or anonymise Customer Data held in active production systems within a further reasonable period (typically not exceeding ninety (90) days), save where retention is required: (a) by applicable law or regulation; (b) for the resolution of disputes or the enforcement of this Agreement; or (c) in the form of routine backups, which will continue to be subject to the Service Provider's standard backup-retention and rotation cycle and will be deleted in the ordinary course.

9.13.4 The Service Provider may retain anonymised and aggregated data derived from Customer Data in accordance with clause 6.6 (Use for Model Improvement) and otherwise for the operation of the Service.

9.14 Privacy Policy and Authorised User Personal Data

9.14.1 In respect of personal data for which the Service Provider is controller (as set out in clause 9.2.1(b)), the Service Provider's processing is described in the Privacy Policy. By making Authorised Users available to use the Service, the Customer represents and warrants that it has provided each Authorised User with appropriate transparency information about the Service Provider's processing, including by signposting the Privacy Policy.

9.15 Conflicts

9.15.1 In the event of any conflict between this clause 9 and the rest of this Agreement, this clause 9 prevails to the extent of any matter relating to the protection of personal data.

10.1 Sources of Public Sector Data

10.1.1 The Service ingests, organises, transforms, enriches, and presents Public Sector Data sourced from third-party publishers, including (without limitation): Find a Tender, Contracts Finder, the Public Contracts Scotland portal, Sell2Wales, eTendersNI, devolved-administration and local-authority procurement portals, framework operators, and other UK public-sector and procurement publishers. The list of sources may be added to, modified, or reduced from time to time as the Service Provider's ingestion pipeline evolves and as third-party sources are added, retired, or change their access arrangements.

10.2 D3's Role as Aggregator

10.2.1 The Service Provider acts as an aggregator and presenter of Public Sector Data. The Service Provider does not author, originate, certify, or endorse Public Sector Data. The original notice, record, or document published by the relevant publisher is the authoritative source.

10.2.2 The Service Provider's transformations of Public Sector Data (including parsing, deduplication, normalisation, classification, enrichment, AI-generated summaries, and similar processing) are designed to make the data more useful within the Service. Such transformations may introduce errors, omissions, or inconsistencies relative to the original source.

10.3 No Warranty on Public Sector Data

10.3.1 To the maximum extent permitted by law, the Service Provider makes no warranty (express or implied) and gives no representation as to the accuracy, completeness, currency, timeliness, reliability, sufficiency, or fitness for any particular purpose of any Public Sector Data made available through the Service.

10.3.2 Public Sector Data is provided "AS IS" and "AS AVAILABLE". The Customer assumes all risks arising from its reliance on Public Sector Data.

10.3.3 Without limiting clauses 10.3.1 or 10.3.2, the Service Provider is not responsible for: (a) errors, omissions, or inaccuracies in the original Public Sector Data; (b) delays, gaps, or failures in publication by third-party publishers; (c) the withdrawal, correction, or alteration of Public Sector Data by its publisher; or (d) the consequences of any such issue for the Customer.

10.4 Refresh and Currency

10.4.1 The Service Provider uses reasonable endeavours to refresh Public Sector Data promptly after it is published or updated by the relevant publisher. The Service Provider's typical refresh cadence is described in the Documentation, may differ between data sources, and may change from time to time without notice and without amendment to this Agreement.

10.4.2 The Service Provider does not commit to any specific refresh interval and does not guarantee that Public Sector Data presented in the Service is the most recent published version at any given moment.

10.5 Publisher Licences and Customer Compliance

10.5.1 Public Sector Data is, in most cases, made available by its publishers under licences that permit re-use, including the Open Government Licence v3.0 ("OGL") and similar open-data licences. Other Public Sector Data may be subject to different terms imposed by the publisher (including attribution, no-derivative, or non-commercial conditions).

10.5.2 The Customer's use, reproduction, or onward sharing of Public Sector Data must comply with the terms of the licence under which the relevant Public Sector Data was originally made available, including any attribution requirements. Where Public Sector Data is identified within the Service as originating from a particular publisher, the Customer should attribute that publisher in accordance with the applicable licence (for example, "source: Find a Tender" or as otherwise required by the licence).

10.5.3 The Customer is responsible for satisfying itself as to the licence terms applicable to any Public Sector Data on which it intends to rely or which it intends to share onward. The Service Provider does not warrant the licence status of any individual item of Public Sector Data.

10.6 Removal, Correction, and Take-Down

10.6.1 The Service Provider may, at any time and without notice to the Customer, remove, modify, mask, replace, or correct any Public Sector Data made available through the Service: (a) where the publisher has updated, retracted, or taken down the original; (b) where required by an applicable law, regulator, or court; (c) where the Service Provider receives a credible take-down request, intellectual-property complaint, defamation complaint, or data-protection request relating to that Public Sector Data; or (d) where the Service Provider reasonably considers it appropriate to do so.

10.6.2 The Service Provider is not liable to the Customer for any consequences of action taken under clause 10.6.1.

10.7 Customer Verification Obligation

10.7.1 The Customer must independently verify Public Sector Data against the original source publication before relying on it for any decision, communication, bid, contract, regulatory submission, or similar purpose. Where appropriate, the Customer should consult professional advisers and the original publisher.

10.7.2 The Service is intended to assist the Customer in identifying, monitoring, and analysing public-sector opportunities. It is not a substitute for the Customer's own due diligence, professional advice, or direct engagement with publishers and contracting authorities.

10.8 Links and References to Third-Party Sites

10.8.1 The Service may include links, references, embedded resources, or pointers to third-party websites, portals, documents, or services (including the original publisher's notice for an item of Public Sector Data). Such third-party sites and resources are not under the control of the Service Provider, and the Service Provider is not responsible for their availability, content, accuracy, security, or terms.

10.8.2 The Customer's use of any third-party site or resource is at the Customer's own risk and is governed by the terms applicable to that third-party site or resource.

11.1 Subscription Fee

11.1.1 In consideration of the licence granted under clause 3.1 and the provision of the Service, the Customer shall pay the Subscription Fee set out in the Order Form, on the terms set out in this clause 11.

11.1.2 The Subscription Fee for the Initial Term is the amount stated in the Order Form. The Subscription Fee for any Renewal Term is governed by clause 12.

11.1.3 The Free Tier is provided without charge, in accordance with clause 3.3. No Subscription Fee is payable in respect of a Trial during the Trial period, in accordance with clause 3.4.

11.2 Taxes

11.2.1 The Subscription Fee, and all other amounts payable by the Customer under this Agreement, are exclusive of value added tax ("VAT") and any other applicable sales, use, services, or similar tax or duty. The Customer shall pay all such taxes in addition to the Subscription Fee, at the rate and in the manner prescribed by applicable law, against a valid tax invoice from the Service Provider.

11.2.2 If the Customer is required by applicable law to make any deduction or withholding from any amount payable to the Service Provider, the amount payable shall be increased so that, after the deduction or withholding has been made, the Service Provider receives a sum equal to the amount it would have received in the absence of the deduction or withholding. The Customer shall promptly provide the Service Provider with such evidence of the deduction or withholding (including original tax receipts where available) as the Service Provider may reasonably require to claim a tax credit or relief.

11.2.3 Each party is responsible for its own income, corporation, and employment taxes arising from this Agreement.

11.3 Currency

11.3.1 The Subscription Fee and all other amounts payable under this Agreement are in pounds sterling (GBP), unless the Order Form specifies a different currency.

11.3.2 Where the Order Form specifies a non-GBP currency: (a) all invoicing under that Order Form will be in the specified currency; (b) the foreign-exchange rate for the conversion (if any) is the rate fixed in the Order Form, or if no rate is fixed, the spot rate as at the Order Form date; and (c) any future renewal invoicing under that Order Form may be re-priced by the Service Provider to reflect material movement in foreign-exchange rates, on at least sixty (60) days' notice to the Customer.

11.4 Invoicing

11.4.1 The Service Provider will issue invoices to the Customer in accordance with the Order Form. In the absence of contrary provision in the Order Form: (a) for invoiced Subscriptions, an invoice for the Subscription Fee for the Initial Term will be issued at or shortly after the Effective Date; (b) for self-serve Subscriptions paid by card or other automated payment method, fees are charged through the relevant payment provider on the Effective Date and on each subsequent renewal date in accordance with the Customer's selected billing frequency; and (c) for multi-year Subscriptions, see clause 11.6.

11.4.2 Invoices will be sent by email to the billing contact identified by the Customer (or, if no specific billing contact is identified, to the individual who signed the Order Form or completed online sign-up). The Customer is responsible for ensuring that its billing contact details are kept up to date in accordance with clause 5.1.

11.5 Payment Terms

11.5.1 Unless otherwise agreed in the Order Form: (a) invoices issued by the Service Provider for invoiced Subscriptions are payable in cleared funds within thirty (30) days of the date of invoice ("Net 30"); and (b) Subscriptions paid by card or other automated payment method through the Service's billing provider are payable on the Effective Date and on each renewal date, with the Customer's payment method being debited automatically.

11.5.2 The Service Provider may require, and an Order Form may specify, that all or part of the first invoice for a Subscription is payable in advance of access to the Service.

11.5.3 Payment must be made by the method specified in the Order Form or, in the absence of contrary specification, by bank transfer to the account notified by the Service Provider on its invoices. Payment by credit card or debit card may be subject to processing fees disclosed at the point of payment.

11.5.4 A payment is regarded as received when cleared funds are received by the Service Provider in the relevant account.

11.6 Multi-Year Subscriptions and Annual Invoicing

11.6.1 Where the Order Form specifies a Subscription Term of more than one year (a "Multi-Year Subscription"):

1. the Subscription Fee for each year of the Multi-Year Subscription is fixed in the Order Form (or is set by reference to a fixed escalation mechanism stated in the Order Form);
2. unless the Order Form expressly provides for full upfront payment of the entire Subscription Term, the Service Provider will issue an invoice for each year of the Multi-Year Subscription separately;
3. the invoice for the first year of the Multi-Year Subscription will be issued at or shortly after the Effective Date; and
4. the invoice for each subsequent year will be issued not less than thirty (30) and not more than sixty (60) days before the relevant anniversary, and is payable in accordance with clause 11.5.1.

11.6.2 The multi-year discount (if any) is granted in consideration of the Customer's commitment to the full Multi-Year Subscription Term. If the Customer terminates a Multi-Year Subscription early other than for the Service Provider's material breach (or under another termination right expressly granted to the Customer in this Agreement), the Customer remains liable for the Subscription Fee for the full Multi-Year Subscription Term in accordance with clause 13.

11.7 Mid-Term Adjustments

11.7.1 Where, during a Subscription Term, the Customer requests (and the Service Provider agrees to) additional Authorised Users beyond the number on the Order Form, additional features, or any other uplift, the Service Provider may invoice for the uplift on a prorated basis to align with the remainder of the then-current invoicing period. The uplifted Subscription Fee thereafter applies to the remainder of the Subscription Term and to subsequent renewals.

11.7.2 Downward adjustments mid-term (such as reductions in Authorised User count) take effect at the next renewal date and do not give rise to refunds in respect of the current invoicing period.

11.8 Disputed Invoices

11.8.1 If the Customer in good faith disputes any portion of an invoice, the Customer must notify the Service Provider in writing within fourteen (14) days of the date of the invoice, setting out the disputed amount and reasonable detail of the basis of the dispute.

11.8.2 The undisputed portion of any invoice remains payable in accordance with clause 11.5.1. The disputed portion is suspended pending resolution. The parties shall use reasonable endeavours to resolve any disputed invoice promptly and in good faith. On resolution, any agreed amount remaining payable becomes payable within fourteen (14) days, and any agreed credit will be applied to the next invoice (or refunded, where there is no upcoming invoice).

11.8.3 Failure by the Customer to dispute an invoice in writing within fourteen (14) days of its date constitutes acceptance of the invoice and waives the Customer's right to dispute it under this clause 11.8.

11.9 Late Payment

11.9.1 If the Customer fails to pay any undisputed amount on or before its due date, the Service Provider may charge interest on the overdue amount at the statutory rate from time to time prescribed under the Late Payment of Commercial Debts (Interest) Act 1998 (currently the Bank of England base rate plus eight per cent (8%) per annum), accruing daily from the due date until the date of actual payment, whether before or after judgment.

11.9.2 If any undisputed amount remains overdue for more than seven (7) days after the due date, the Service Provider may, in addition to its other rights and remedies and on giving the Customer not less than seven (7) days' written notice and an opportunity to cure: (a) suspend the Service in whole or in part; (b) decline to perform further work or release deliverables; and (c) accelerate any other amounts owed by the Customer under this Agreement so that they become immediately due and payable.

11.9.3 Where the Service is suspended for non-payment under clause 11.9.2(a): (a) the Customer remains liable for all Subscription Fees during the suspension period; and (b) the Subscription Term is not extended by the suspension period.

11.9.4 Where the Service Provider refers an overdue debt to a debt-collection agency or solicitor for recovery, the Customer shall pay, in addition to the overdue amount and the late-payment interest under clause 11.9.1, a collection surcharge of fifteen per cent (15%) plus VAT on the overdue amount, together with all reasonable legal fees, court costs, and disbursements incurred by the Service Provider in recovering the debt. The Service Provider's rights under the Late Payment of Commercial Debts (Interest) Act 1998 (including the right to fixed sums for recovery costs) apply in addition.

11.10 Stripe and Third-Party Payment Processors

11.10.1 The Service Provider may use third-party payment processors (including Stripe) to process card and other automated payments. The Customer's payment data is provided directly to the relevant payment processor and is processed in accordance with that payment processor's terms and privacy notice. The Service Provider does not store the Customer's full card details.

11.10.2 If a payment processor declines or reverses a payment, the Service Provider will notify the Customer and the relevant amount will be treated as overdue from the original due date.

11.11 Records

11.11.1 Each party shall keep accurate financial records of all transactions under this Agreement and shall provide such records as the other party reasonably requests for tax, audit, or regulatory purposes.

12.1 Initial Term

12.1.1 The Subscription begins on the Effective Date and continues for the period specified in the Order Form (the "Initial Term"). Where the Order Form does not specify the Initial Term, the Initial Term is twelve (12) months from the Effective Date for invoiced Subscriptions, or the billing-cycle length selected by the Customer at sign-up (typically one (1) month or twelve (12) months) for self-serve Subscriptions.

12.2 Renewal Term and Auto-Renewal

12.2.1 At the end of the Initial Term, and at the end of each subsequent Renewal Term, the Subscription shall automatically renew for a further period (each, a "Renewal Term") unless either party has given non-renewal notice in accordance with clause 12.3.

12.2.2 The length of each Renewal Term is:

1. where the Order Form expressly specifies the length of the Renewal Term, the length so specified;
2. for Multi-Year Subscriptions where the Order Form does not specify the Renewal Term length, twelve (12) months (so that, by default, a Multi-Year Subscription does not roll into another multi-year commitment without the Customer's express agreement); and
3. for all other Subscriptions where the Order Form does not specify the Renewal Term length, the same length as the Initial Term.

12.2.3 A Renewal Term commences immediately on expiry of the previous Term, and the Service continues without interruption (subject to payment of the renewal Subscription Fee).

12.3 Non-Renewal Notice

12.3.1 Either party may prevent automatic renewal by giving the other party written notice of non-renewal:

1. for Subscriptions whose current Term is twelve (12) months or longer (including Multi-Year Subscriptions and any Renewal Term of twelve months or more), at least sixty (60) days before the end of the current Term;
2. for Subscriptions whose current Term is shorter than twelve (12) months but at least one (1) month (typically annually-billed self-serve Subscriptions on shorter terms or Renewal Terms), at least thirty (30) days before the end of the current Term; and
3. for monthly-billed self-serve Subscriptions, at any time before the end of the current monthly billing cycle, with effect from the end of that cycle.

12.3.2 Non-renewal notice from the Customer to the Service Provider must be sent to hello@d3tenders.com or given through the in-product cancellation flow (where available). Non-renewal notice from the Service Provider to the Customer will be sent to the Customer's billing or administrative contact.

12.3.3 Where a non-renewal notice is given but does not satisfy the timing requirements of clause 12.3.1, the Subscription will renew once for the next Renewal Term and the notice will then take effect at the end of that Renewal Term (unless the Service Provider, in its discretion, agrees otherwise).

12.3.4 The Service Provider's right to give non-renewal notice under this clause 12.3 is in addition to (and does not limit) its other termination rights under this Agreement.

12.4 Renewal of Multi-Year Subscriptions

12.4.1 At the end of the Initial Term of a Multi-Year Subscription, the Subscription will (subject to clause 12.3) auto-renew on the basis set out in clause 12.2.2. The Customer is not committed to a further multi-year period unless the parties agree to that in writing (typically by signing a new Order Form covering the new multi-year term).

12.4.2 Where the parties agree on a new multi-year Renewal Term, the parties shall enter into a new (or amended) Order Form recording the new Term, the new Subscription Fee, and any other agreed commercial terms.

12.5 Price Changes at Renewal

12.5.1 The Service Provider may change the Subscription Fee for any Renewal Term. The Subscription Fee for a Renewal Term will be the Service Provider's then-current standard rate for the Customer's Subscription level and Authorised-User count, subject to clauses 12.5.2 and 12.5.3.

12.5.2 The Service Provider will give the Customer notice of the Subscription Fee for the upcoming Renewal Term at least sixty (60) days before the end of the current Term. Notice may be given by email to the Customer's billing contact, by inclusion in the renewal invoice (where issued in time), or by in-product notification.

12.5.3 If the Customer does not wish to accept the renewal Subscription Fee, the Customer's remedy is to give non-renewal notice in accordance with clause 12.3 within the applicable notice period.

12.5.4 For the duration of any Multi-Year Subscription, the Subscription Fee for each year of the Initial Term is the amount fixed in the Order Form (or set by reference to a fixed escalation mechanism stated in the Order Form), in accordance with clause 11.6.1(a). Clause 12.5.1 does not apply to the Initial Term of a Multi-Year Subscription.

12.6 Effect of Non-Renewal

12.6.1 Where non-renewal notice has been given in accordance with clause 12.3, the Subscription terminates at the end of the current Term, no further Subscription Fees are payable beyond the current Term, and clause 9.13 (Return and Deletion of Customer Data on Termination) applies.

12.6.2 Non-renewal does not affect either party's accrued rights and obligations as at the end of the current Term, including the Customer's obligation to pay the Subscription Fee for the current Term in full and any other amounts then outstanding.

13.1 Cooling-Off Period for New Self-Serve Customers

13.1.1 A Customer that has subscribed to the Service through online self-serve sign-up (and not pursuant to a written Order Form executed between the parties) may, in respect of the Customer's first Subscription, cancel that Subscription by written notice to the Service Provider given within fourteen (14) days of the Effective Date.

13.1.2 Where a Customer validly cancels under clause 13.1.1, the Service Provider will refund the Subscription Fee paid by the Customer for the first Subscription, and the Customer's access to the Service will end on the date the Service Provider receives the cancellation notice (or such later date as the Service Provider notifies the Customer for orderly export of Customer Data, not exceeding the 30-day Post-Termination Export Window in clause 9.13).

13.1.3 Clause 13.1 does not apply to: (a) Subscriptions purchased pursuant to a written Order Form executed between the parties; (b) any Renewal Term; (c) any Subscription that has been used by the Customer to send Campaign Emails, generate AI Output beyond ordinary evaluation use, or otherwise consumed material chargeable usage of the Service before cancellation (in which case the Service Provider may, in its discretion, refund only the unused proportion).

13.2 Termination by the Customer for Material Breach

13.2.1 The Customer may terminate this Agreement by written notice to the Service Provider, with immediate effect, if:

1. the Service Provider commits a material breach of this Agreement and (where the breach is capable of remedy) fails to remedy the breach within thirty (30) days after receiving written notice from the Customer specifying the breach and requiring its remedy; or
2. the Service Provider becomes subject to an Insolvency Event (as defined in clause 13.4).

13.3 Termination by the Service Provider for Material Breach

13.3.1 The Service Provider may terminate this Agreement by written notice to the Customer, with immediate effect, if:

1. the Customer commits a material breach of this Agreement and (where the breach is capable of remedy) fails to remedy the breach within thirty (30) days after receiving written notice from the Service Provider specifying the breach and requiring its remedy;
2. the Customer fails to pay any undisputed amount on or before its due date and the failure continues for more than seven (7) days after written notice from the Service Provider in accordance with clause 11.9.2;
3. the Customer becomes subject to an Insolvency Event;
4. the Customer becomes a person referred to in clause 5.5.1 (Sanctions), or the Service Provider reasonably determines that continued provision of the Service to the Customer would put the Service Provider in breach of any applicable sanctions or export-control regime;
5. the Customer commits a breach of this Agreement that is, by its nature, not capable of remedy (including any breach of clauses 3.2, 3.6, 6.7, 7, 8, or 16 that the Service Provider reasonably considers serious); or
6. the Customer commits repeated breaches of this Agreement (whether of the same or different obligations) which, taken together, constitute a material breach.

13.4 Insolvency Events

13.4.1 An "Insolvency Event" occurs in respect of a party if any of the following applies to that party (subject to applicable insolvency-law modifications):

1. it suspends, or threatens to suspend, payment of its debts, or is or becomes unable to pay its debts as they fall due, or admits its inability to pay its debts;
2. it commences negotiations with all or any class of its creditors with a view to rescheduling or compounding its debts;
3. a petition is presented, an order is made, a resolution is passed, or a notice is given for its winding-up, dissolution, or administration (other than for the purposes of a solvent reorganisation that has been notified to the other party in writing);
4. an administrator, administrative receiver, receiver, manager, liquidator, provisional liquidator, or similar officer is appointed over it, or over the whole or any material part of its undertaking or assets;
5. it enters into a composition or arrangement with its creditors generally (other than a solvent reorganisation as referred to in (c));
6. any equivalent or analogous event occurs in any other jurisdiction; or
7. it ceases, or threatens to cease, to carry on business.

13.5 Other Termination Rights

13.5.1 In addition to clauses 13.2, 13.3, and 13.4, the parties' other termination, cancellation, and exit rights under this Agreement are set out in:

1. clause 2.5.2 (Customer's right to terminate on a materially adverse amendment, with pro-rata refund);
2. clause 4.6.3 (Customer's right to terminate on a materially adverse change to the Service);
3. clause 9.7.4 (Customer's right to terminate on a sub-processor objection that the Service Provider does not accommodate);
4. clause 11.9.2 (Service Provider's right to suspend or terminate for non-payment);
5. clause 12.3 (either party's right to give non-renewal notice); and
6. clause 14 (Service Provider's suspension and termination rights for breach).

13.6 No Termination for Convenience

13.6.1 Save as expressly provided in this Agreement (including clauses 2.5.2, 4.6.3, 9.7.4, 12.3, 13.1, and 13.2), the Customer has no right to terminate this Agreement, or any Subscription under it, before the end of the current Subscription Term. The Customer's exit route at the end of a Term is non-renewal in accordance with clause 12.

13.6.2 Where the Customer purports to terminate this Agreement other than in accordance with a right expressly granted under this Agreement, the Customer remains liable for the Subscription Fee for the remainder of the then-current Subscription Term (and, in respect of a Multi-Year Subscription, for the remainder of the Multi-Year Subscription Term in accordance with clause 11.6.2).

13.7 Effects of Termination

13.7.1 On termination or expiry of this Agreement (whether under this clause 13 or under any other right):

1. all licences and rights granted to the Customer under this Agreement immediately end, and the Customer must cease all use of the Service;
2. the Customer must promptly pay any amounts owed to the Service Provider as at the effective date of termination, including any amounts that have been accelerated under clause 11.9.2(c);
3. clause 9.13 (Return and Deletion of Customer Data on Termination) applies in respect of Customer Data;
4. each party must promptly return or destroy (at the disclosing party's option) all Confidential Information of the other in its possession or control, save where retention is required by applicable law or this Agreement;
5. clause 7 (in respect of any Campaign Emails in flight) ceases to apply to future sending, and the Service Provider may pause or cancel any in-flight Campaign Emails; and
6. the parties' rights and obligations expressed in clause 13.9 (Survival), or otherwise expressed to survive termination, continue in force.

13.8 Refunds on Termination

13.8.1 Where this Agreement is terminated under a clause that expressly provides for a pro-rata refund (including clauses 2.5.2, 4.6.3, 9.7.4, and 13.2.1), the Service Provider shall refund the unused proportion of any Subscription Fee that has been prepaid by the Customer in respect of the period after the effective date of termination, calculated on a daily basis. The refund shall be paid within thirty (30) days of the effective date of termination, by the same method by which the Customer originally paid (or, where that is not reasonably practicable, by bank transfer to an account nominated by the Customer in writing).

13.8.2 Where the Customer is entitled to a refund under clause 13.8.1, the Service Provider may set off against the refund any undisputed amounts owed by the Customer to the Service Provider as at the effective date of termination.

13.8.3 Save as expressly provided in clause 13.8.1, no refund of any Subscription Fee or other amount paid by the Customer is due on termination or expiry of this Agreement, regardless of the reason for termination. In particular, no refund is due where the Service Provider terminates under clause 13.3, clause 5.5.3, clause 11.9.2, or clause 14.

13.9 Survival

13.9.1 The following clauses survive termination or expiry of this Agreement: clause 1 (Definitions and Interpretation); clause 2.4 (Customer Responsibility for Authorised Users) in respect of acts or omissions before termination; clause 3.5 (Audit Right and Excess-Use Charge) in respect of usage before termination; clause 5.5 to 5.8 (sanctions, Customer Data warranties, notice obligations, cooperation); clause 6.5 and 6.6 (ownership of AI Input and Output and use of anonymised data); clause 7.11 (Indemnity for Marketing Campaigns); clause 8 (Fair and Acceptable Use Policy) to the extent of accrued claims; clause 9 (Customer Data, Data Protection and Privacy), including in particular clause 9.13 (Return and Deletion); clause 10 (Third-Party Data Sources and Disclaimer) in respect of any Public Sector Data already provided; clause 11 (Fees, Invoicing and Payment) in respect of accrued amounts; this clause 13; clauses 15 (Intellectual Property), 16 (Confidentiality), and 17 (Warranties, Disclaimers and Liability Cap); clause 18 (Force Majeure, Modifications, Notices, Assignment, Severance); clause 19 (Governing Law and Jurisdiction); and any other provision expressly or by implication intended to survive.

14.1 Available Actions

14.1.1 Where the Service Provider reasonably considers that the Customer or any Authorised User is in breach of this Agreement, or where any of the events identified in clauses 5.5.3, 5.9, 7.10, 11.9.2, or 13.3 have occurred or appear likely to occur, the Service Provider may take any one or more of the following actions, in such order and combination as the Service Provider reasonably considers appropriate:

1. issue the Customer with a written warning identifying the breach or concern and requesting that it be remedied within a stated period;
2. restrict, throttle, pause, or disable specific features of the Service for the Customer (including AI Features under clause 6, the Marketing Campaign feature under clause 7, CRM Connections, or data exports);
3. restrict or revoke the access of one or more named Authorised Users (without affecting the Customer's other Authorised Users);
4. remove, quarantine, or block specific Customer Data, AI Input, contact lists, or in-flight Campaign Emails;
5. suspend the Customer's Subscription in whole, with the effect that no Authorised User may access the Service;
6. terminate the Subscription or this Agreement in accordance with clause 13; or
7. take any other action reasonably necessary or appropriate to protect the Service, the Service Provider, other customers, recipients of Campaign Emails, or third parties.

14.2 Proportionality and Discretion

14.2.1 The Service Provider's choice of action under clause 14.1 is at its reasonable discretion. The Service Provider will use reasonable endeavours to choose an action that is proportionate to the nature and seriousness of the breach or concern, taking into account: (a) the harm caused or threatened to the Service, the Service Provider, other customers, or third parties; (b) whether the breach is ongoing, repeated, or likely to recur; (c) the Customer's history of breach (if any); (d) the Customer's response to any warnings or remediation requests; (e) the requirements of any applicable law, regulator, or third-party provider; and (f) the urgency of the situation.

14.2.2 Nothing in clause 14.2.1 requires the Service Provider to issue a warning or to take any lesser action before suspending or terminating where the breach is, in the Service Provider's reasonable view, sufficiently serious or urgent (including breaches of clauses 5.5 (Sanctions), 6.7 (Prohibited AI Activities), 7 (Marketing Campaigns), 8.4 (Prohibited Use), 11.9 (Late Payment after notice), or 16 (Confidentiality), or any breach by the Customer that places the Service Provider in immediate breach of its obligations to a third party).

14.3 Notice and Cooperation

14.3.1 Where reasonably practicable and consistent with the urgency of the situation, the Service Provider will notify the Customer of the action it has taken or proposes to take under clause 14.1, the reasons for the action, and (where applicable) what the Customer must do to remedy the breach.

14.3.2 The Customer must cooperate with the Service Provider's investigation and remediation in accordance with clause 5.8.

14.4 Effect on Subscription Term and Fees

14.4.1 Where the Service is suspended (in whole or in part) under this clause 14, clause 5.9, clause 7.10, clause 11.9.2, or any other provision of this Agreement: (a) the Subscription Term continues to run during the suspension period and is not extended by the suspension; (b) Subscription Fees continue to accrue and remain payable in respect of the suspension period; and (c) the Customer remains bound by all other obligations under this Agreement.

14.4.2 Clause 14.4.1 does not apply where the suspension is the result of the Service Provider's own material breach of this Agreement (in which case the Customer's remedies are as set out in clauses 13.2 and 17).

14.5 Reinstatement

14.5.1 Where the Service Provider has suspended the Service or any feature, the Service Provider will reinstate the Service or feature within a reasonable period after the Service Provider is satisfied that: (a) the breach or concern has been remedied to the Service Provider's reasonable satisfaction; (b) any overdue undisputed amounts have been paid in cleared funds; (c) the Customer has provided any information, assurances, or remedial actions reasonably required by the Service Provider; and (d) reinstatement does not in the Service Provider's reasonable view present an unacceptable risk to the Service, other customers, or third parties.

14.5.2 The Service Provider may, in its discretion, attach reasonable conditions to reinstatement (including, for example, additional verification, lower send limits for Marketing Campaigns following clause 7 issues, or temporary feature restrictions).

14.6 No Liability for Legitimate Suspension or Termination

14.6.1 The Service Provider has no liability to the Customer, any Authorised User, or any third party for any action taken in good faith and on reasonable grounds under clause 14.1, clause 5.9, clause 7.10, clause 11.9.2, or any other suspension or termination right under this Agreement, including any loss of access, lost data (subject to clause 9.13), lost business, lost profits, lost opportunity, lost reputation, or other consequential loss arising from the action.

14.6.2 The Service Provider's decision to take action under this clause 14 does not, of itself, constitute an admission that the breach or concern occurred or that any related loss is recoverable from the Customer.

14.7 Records

14.7.1 The Service Provider may retain records of suspensions, terminations, breaches, warnings, and related correspondence for: (a) the defence of any claim; (b) compliance with applicable law and regulatory requirements; (c) audit purposes; and (d) screening of future applications by, or transactions with, the same Customer or its connected persons. Such records form part of the Service Provider's controller-role processing under clause 9.2.1(b).

15.1 Service Provider's Intellectual Property

15.1.1 As between the parties, the Service Provider and its licensors own all right, title, and interest in and to the Service and all Intellectual Property Rights in: (a) the Service software (including source code, object code, application logic, application programming interfaces, scripts, configurations, and infrastructure templates); (b) the user interface, design, layout, and visual elements of the Service; (c) the AI Features, including their system prompts, prompt templates, prompt-engineering artefacts, model fine-tunes, embeddings, retrieval indexes, classifiers, evaluation frameworks, and any other AI artefacts developed or maintained by the Service Provider; (d) the Documentation, marketing materials, training materials, knowledge base, and other written materials made available by the Service Provider; (e) the Service Provider's trademarks, service marks, trade names, logos, and brand identity (including "D3", "D3 Tenders", and "D3 Analytics"); (f) the Service Provider's analyses, classifications, enrichments, normalisations, and other transformations of Public Sector Data, save in respect of the underlying Public Sector Data itself which remains subject to its publishers' rights and licences; and (g) any improvements, modifications, enhancements, derivative works, or new features developed by or on behalf of the Service Provider, whether or not arising from Customer feedback under clause 15.3.

15.1.2 No Intellectual Property Rights of the Service Provider are assigned, transferred, or licensed to the Customer, except for the limited, revocable licence to access and use the Service expressly granted under clause 3.1 for the duration of the Subscription Term.

15.2 Customer's Intellectual Property

15.2.1 As between the parties, the Customer owns all right, title, and interest in and to: (a) Customer Data (including AI Input and AI Output, in each case as Customer Data, subject to clauses 6.3, 6.5, and 6.6); (b) the Customer's own trademarks, service marks, trade names, and logos; and (c) the Customer's own materials, content, products, and services (other than to the extent these incorporate D3 Output, in which case the licence and permitted-use position in clauses 6 and 8 applies).

15.2.2 The Customer grants to the Service Provider the licence in clause 6.5.2 in respect of AI Input and AI Output, and a corresponding non-exclusive, royalty-free, worldwide licence (during the Subscription Term and for the post-termination period necessary to comply with clause 9.13 and to perform clause 6.6) to host, store, copy, transmit, display, and process all other Customer Data as necessary to deliver, secure, monitor, support, and improve the Service in accordance with this Agreement.

15.3 Feedback

15.3.1 The Customer may from time to time provide the Service Provider with feedback, suggestions, comments, ideas, requests, or recommendations relating to the Service ("Feedback"). The Customer grants to the Service Provider an irrevocable, perpetual, worldwide, royalty-free, fully sublicensable licence to use, modify, reproduce, distribute, and exploit Feedback for any purpose, without obligation to acknowledge or compensate the Customer.

15.3.2 The Service Provider is not required to implement any Feedback. Any improvement, modification, or new feature developed by or on behalf of the Service Provider, whether or not informed by Feedback, belongs to the Service Provider in accordance with clause 15.1.1(g).

15.4 Trademarks and Brand

15.4.1 No party grants any licence to the other in respect of its trademarks, service marks, trade names, or logos, save as expressly provided in this Agreement.

15.4.2 The Customer's use of the Service Provider's name, marks, and brand is governed by clause 8.4(h). The Service Provider may identify the Customer publicly as a customer of the Service (including by name, logo, and a brief description of the Customer's industry sector) for the Service Provider's marketing purposes, unless the Customer has opted out by written notice to the Service Provider. An Order Form may set bespoke publicity terms for an Enterprise Edition Subscription.

15.5 Service Provider's IP-Infringement Indemnity

15.5.1 Subject to clauses 15.6, 15.7, 15.8, 15.10, and the liability cap in clause 17, the Service Provider shall indemnify, defend, and hold harmless the Customer from and against all claims, demands, actions, and proceedings brought by a third party against the Customer alleging that the Customer's use of the Service in accordance with this Agreement directly infringes that third party's: (a) registered patents under the law of the United Kingdom or any European Union member state; (b) registered trademarks under the law of the United Kingdom or any European Union member state; (c) registered designs under the law of the United Kingdom or any European Union member state; or (d) copyright in the United Kingdom (a "Service IP Claim").

15.5.2 The Service Provider's obligation under clause 15.5.1 covers losses, damages, and costs (including reasonable legal fees) finally awarded against the Customer by a court of competent jurisdiction, or agreed by the Service Provider in settlement, in respect of a Service IP Claim.

15.6 Carve-Outs from the IP Indemnity

15.6.1 The Service Provider has no obligation under clause 15.5 to the extent that a Service IP Claim arises from or is contributed to by:

1. Customer Data, AI Input, contact lists, Campaign Email content, or any other content provided, generated, or selected by the Customer or any Authorised User;
2. any AI Output (which is governed by clause 15.8);
3. any Public Sector Data (which is governed by clause 10);
4. any modification of, or addition to, the Service made by or for the Customer (other than by the Service Provider);
5. any combination of the Service with software, services, data, hardware, or processes not provided by the Service Provider, where the alleged infringement would not have occurred but for the combination;
6. any use of the Service in breach of this Agreement, in breach of the Documentation, or for any purpose for which the Service was not intended;
7. any continued use of the Service after the Service Provider has notified the Customer to stop, or after the Service Provider has made available a non-infringing modification or replacement under clause 15.7;
8. any beta, preview, or experimental feature within the meaning of clause 2.6; or
9. any breach by the Customer of clause 15.10 (Indemnity Procedure).

15.7 Service Provider's Mitigation Options

15.7.1 If a Service IP Claim is made or, in the Service Provider's reasonable view, is likely to be made, the Service Provider may, in its sole discretion and at its own cost, do any one or more of the following:

1. procure for the Customer the right to continue to use the affected part of the Service in accordance with this Agreement;
2. modify or replace the affected part of the Service so that it is non-infringing while preserving substantially the same functionality; or
3. terminate the affected Subscription (in whole or in part) by written notice to the Customer with effect from a date specified in the notice, in which case the Service Provider shall refund a pro-rata portion of any prepaid Subscription Fee in respect of the affected part of the Service for the period after that date.

15.7.2 The remedies in clause 15.7.1, and the indemnity in clause 15.5, are the Customer's sole and exclusive remedies in respect of any Service IP Claim. The Service Provider has no further liability to the Customer in connection with any Service IP Claim.

15.8 AI Output IP Risk

15.8.1 The Service Provider does not indemnify the Customer in respect of any third-party claim that the Customer's use of any AI Output infringes the rights of any third party (including, without limitation, copyright, database rights, trademarks, patents, rights in confidential information, publicity rights, or rights in protected content). The Customer assumes all risk in this regard, consistent with clause 6.4.

15.8.2 To the extent the Service Provider receives any indemnification, refund, or comparable recovery from a third-party AI provider in respect of AI Output, the Service Provider may (in its sole discretion, but is not obliged to) elect to pay the Customer a portion of such recovery that fairly reflects the AI Output relevant to the Customer. Nothing in this clause 15.8.2 imposes any obligation on the Service Provider to claim against any third-party AI provider, to litigate, or to share recoveries.

15.9 Customer's IP and Customer-Data Indemnity

15.9.1 The Customer shall indemnify, defend, and hold harmless the Service Provider, its Affiliates, and their respective officers, employees, and agents from and against all claims, demands, actions, proceedings, losses, damages, fines, penalties, costs, and expenses (including reasonable legal fees) suffered or incurred by them arising out of or in connection with: (a) any third-party claim that any Customer Data, AI Input, contact list, Campaign Email content, or other material provided by or on behalf of the Customer infringes a third party's Intellectual Property Rights, privacy rights, publicity rights, or other rights; (b) any breach by the Customer of clauses 5.6 (Customer Data Warranties), 6.7(d) (rights in AI Input), or 7.3 (Contact-List Warranties); or (c) any other use by the Customer of the Service that is in breach of this Agreement and that gives rise to a third-party claim.

15.9.2 The Customer's indemnity under clause 15.9.1 is in addition to, and does not limit, the Customer's indemnity under clause 7.11. The Customer's indemnities under clauses 7.11 and 15.9 are not subject to the liability cap in clause 17.

15.10 Indemnity Procedure

15.10.1 In respect of any indemnified claim under this Agreement, the indemnified party must:

1. give the indemnifying party prompt written notice of the claim, and in any event within ten (10) business days of becoming aware of it (failure to give prompt notice does not relieve the indemnifying party except to the extent it is materially prejudiced by the delay);
2. provide the indemnifying party with all reasonable cooperation, information, and assistance in connection with the defence or settlement of the claim, at the indemnifying party's reasonable cost;
3. allow the indemnifying party to assume sole conduct and control of the defence, settlement, and (where applicable) appeal of the claim, including the right to select counsel; and
4. not make any admission of liability, settlement, compromise, or response to the claim that prejudices the indemnifying party's position, without the indemnifying party's prior written consent (not to be unreasonably withheld or delayed).

15.10.2 The indemnifying party shall not settle any claim in a manner that imposes any non-monetary obligation, admission of liability, or admission of wrongdoing on the indemnified party without the indemnified party's prior written consent (not to be unreasonably withheld or delayed). Where the only relief sought against the indemnified party is monetary damages and the indemnifying party is paying those damages in full under the indemnity, the indemnifying party may settle without the indemnified party's consent.

15.10.3 The indemnified party may, at its own cost, participate in the defence with counsel of its own choosing, but the indemnifying party retains sole conduct and control of the defence under clause 15.10.1(c).

16.1 Confidential Information

16.1.1 "Confidential Information" means any information disclosed (whether before, on, or after the Effective Date, and whether in writing, orally, electronically, or in any other form) by one party (the "disclosing party") to the other party (the "receiving party") that is identified as confidential at the time of disclosure, that is described as confidential in this Agreement, or that a reasonable person would understand from the nature of the information or the circumstances of its disclosure to be confidential.

16.1.2 Without limiting clause 16.1.1, Confidential Information includes:

1. in respect of the Service Provider: the Service software, source code, system prompts, prompt templates, model fine-tunes, embeddings, retrieval indexes, classifiers, evaluation frameworks, AI artefacts, training data and methods, security architecture, infrastructure configurations, internal product and engineering roadmaps, unreleased features, internal pricing models, customer information, supplier information, financial information, and all other non-public information of or about the Service Provider;
2. in respect of the Customer: Customer Data (including contact lists, AI Inputs, AI Outputs to the extent they are not separately published, search profiles, shortlists, pipeline records, and Marketing Campaign content), the Customer's business plans, internal procurement strategies, bid and tender strategies, pricing, supplier and partner information, customer information, financial information, and all other non-public information of or about the Customer; and
3. in respect of both parties: this Agreement, the Order Form, the Subscription Fee, any discounts or commercial concessions, and any other non-public commercial terms agreed between the parties.

16.2 Exclusions

16.2.1 Confidential Information does not include information that the receiving party can demonstrate, by competent written evidence:

1. was lawfully in the receiving party's possession without restriction before its disclosure by the disclosing party;
2. is or becomes publicly available through no act or omission of the receiving party in breach of this Agreement;
3. was lawfully received by the receiving party from a third party that was not bound by any obligation of confidentiality in respect of the information; or
4. was independently developed by or for the receiving party without reference to or use of the disclosing party's Confidential Information.

16.3 Confidentiality Obligations

16.3.1 The receiving party shall:

1. hold the disclosing party's Confidential Information in confidence and protect it with at least the same degree of care that the receiving party uses to protect its own confidential information of similar importance, and in any event with no less than reasonable care;
2. use the disclosing party's Confidential Information only for the purpose of performing its obligations and exercising its rights under this Agreement (the "Permitted Purpose"), and not for any other purpose;
3. not disclose the disclosing party's Confidential Information to any person except as permitted under clause 16.4; and
4. take all reasonable steps to prevent the unauthorised disclosure or use of the disclosing party's Confidential Information.

16.4 Permitted Disclosures

16.4.1 The receiving party may disclose the disclosing party's Confidential Information:

1. to its directors, officers, employees, contractors, professional advisers, and (in the case of the Service Provider) sub-processors and service providers, in each case who have a genuine need to know the Confidential Information for the Permitted Purpose, who have been informed of the confidential nature of the information, and who are bound by obligations of confidentiality (whether contractual, professional, or under a statutory duty) at least as protective as those set out in this clause 16;
2. to its auditors, insurers, and prospective and actual investors, lenders, acquirers, merger partners, and their respective advisers, in connection with a bona fide due-diligence exercise, capital-raising, refinancing, sale, or merger transaction, in each case under reasonable confidentiality protections;
3. to the extent required by applicable law, regulation, court order, or the order or rules of a regulator, government authority, stock exchange, or supervisory authority, provided that the receiving party gives the disclosing party (where lawful and reasonably practicable) prompt prior written notice and reasonable assistance in seeking confidential treatment, a protective order, or another appropriate remedy; and
4. with the disclosing party's prior written consent.

16.4.2 The receiving party is responsible for ensuring that all persons to whom it discloses Confidential Information under clause 16.4.1(a) or (b) comply with this clause 16, and the receiving party is liable for any breach of this clause 16 by such persons as if it were the receiving party's own breach.

16.5 AI Inputs and AI Outputs

16.5.1 AI Inputs and AI Outputs are Confidential Information of the Customer. The Service Provider's processing of AI Inputs and AI Outputs is governed by clauses 6.5, 6.6, 9, and this clause 16; nothing in this clause 16 limits the Service Provider's express rights under clauses 6.5.2 and 6.6.

16.6 Term of Confidentiality

16.6.1 The receiving party's obligations under this clause 16 apply from the date of first disclosure of the Confidential Information and continue:

1. during the Subscription Term;
2. for a period of three (3) years after termination or expiry of this Agreement, in respect of Confidential Information generally; and
3. indefinitely, in respect of: (i) information that constitutes a trade secret under applicable law (including the Service Provider's source code, system prompts, model fine-tunes, embeddings, and other AI artefacts within the meaning of clause 16.1.2(a)); and (ii) personal data, for so long as personal-data confidentiality is required under applicable law.

16.7 Return and Destruction

16.7.1 On termination or expiry of this Agreement, on the disclosing party's reasonable request, or where the receiving party no longer needs the Confidential Information for the Permitted Purpose, the receiving party shall (at the disclosing party's option) return or destroy all Confidential Information of the disclosing party in its possession or control, save to the extent that:

1. retention is required by applicable law or regulation;
2. the Confidential Information is held in routine system backups (which will continue to be subject to the receiving party's standard backup-retention and rotation cycle); or
3. clause 9 (Customer Data, Data Protection and Privacy) or any other express provision of this Agreement requires or permits retention.

16.7.2 Confidential Information retained under clause 16.7.1(a) to (c) remains subject to this clause 16 for as long as it is retained.

16.8 Equitable Remedies

16.8.1 Each party acknowledges that a breach of this clause 16 may cause irreparable harm to the other party for which damages alone may not be an adequate remedy, and that the disclosing party may seek interdict, injunction, specific performance, or other equitable relief in any court of competent jurisdiction (including the courts of Scotland under clause 19), in addition to, and without prejudice to, any other remedy available to it.

17.1 Service Provider's Express Warranty

17.1.1 The Service Provider warrants that, during the Subscription Term, the Service will perform materially in accordance with the Documentation.

17.1.2 The Customer's sole and exclusive remedy, and the Service Provider's sole and exclusive liability, in respect of any breach of the warranty in clause 17.1.1 is, at the Service Provider's option:

1. re-performance or correction of the affected part of the Service within a reasonable period; or
2. where the Service Provider determines that re-performance or correction is not reasonably practicable within a reasonable period, termination of the affected Subscription (in whole or in part) by written notice to the Customer, and refund of a pro-rata portion of any prepaid Subscription Fee in respect of the affected Subscription for the period after termination.

17.1.3 The warranty in clause 17.1.1 does not apply to: (a) Beta Features (governed by clause 2.6); (b) the Free Tier (governed by clause 3.3); (c) the Trial (governed by clause 3.4); (d) the AI Features and AI Output (governed by clauses 6.4 and 17.3); (e) Public Sector Data (governed by clauses 10.3 and 17.3); (f) issues caused by the Customer's misuse of the Service, by Customer Data, by third-party software or third-party services, or by any modification or combination outside the Service Provider's control; or (g) any failure to perform that is the result of a Force Majeure Event under clause 18.

17.2 Customer Warranties

17.2.1 The Customer's warranties to the Service Provider are set out in this Agreement, including in particular at clauses 2.3 (Authority), 5.5 (Sanctions), 5.6 (Customer Data Warranties), 6.7(d) (rights in AI Input), and 7.3 (Contact-List Warranties).

17.3 General Disclaimer of Warranties

17.3.1 Save for the express warranty in clause 17.1.1 (and any further express warranty stated in an Order Form), the Service is provided "AS IS" and "AS AVAILABLE", and to the maximum extent permitted by applicable law:

1. the Service Provider gives no warranties, conditions, representations, or guarantees of any kind (whether express, implied, statutory, by course of dealing, by usage of trade, or otherwise) in respect of the Service, the AI Features, AI Output, Public Sector Data, Beta Features, the Free Tier, the Trial, the Documentation, the Marketing Campaign feature, CRM Connections, or any other element or output of the Service;
2. without limiting paragraph (a), the Service Provider disclaims all implied warranties, conditions, and representations of satisfactory quality, fitness for a particular purpose, accuracy, completeness, currency, reliability, freedom from error, freedom from interruption, freedom from harmful code, non-infringement, and quiet enjoyment;
3. the Service Provider does not warrant that the Service will be uninterrupted, error-free, secure, or free from viruses, malware, or other harmful components, or that any defects will be corrected; and
4. any reliance the Customer or any Authorised User places on the Service, AI Output, Public Sector Data, or any other content or output of the Service is at the Customer's own risk.

17.4 Statutory Floor

17.4.1 Nothing in this Agreement excludes or limits any liability that cannot lawfully be excluded or limited under applicable law, including liability for:

1. death or personal injury caused by the negligence of a party, its employees, agents, or sub-contractors;
2. fraud or fraudulent misrepresentation by a party;
3. any obligation that under Scots law (or, where applicable, English law in respect of any provision so governed) cannot be excluded or limited; or
4. any liability that is, by mandatory provision of applicable law, not capable of exclusion or limitation.

17.4.2 Where any limitation or exclusion in this clause 17 is held by a court of competent jurisdiction to be unenforceable, that limitation or exclusion shall be reduced or modified to the extent necessary to make it enforceable, and the remainder of the clause shall continue in full force and effect.

17.5 Excluded Heads of Loss

17.5.1 Subject to clause 17.4, neither party is liable to the other (whether in contract, delict (including negligence), breach of statutory duty, restitution, misrepresentation, or otherwise, and whether or not the relevant loss was foreseeable or in the contemplation of the parties at the Effective Date) for any of the following types of loss:

1. loss of profits;
2. loss of revenue;
3. loss of business or business opportunity;
4. loss of contracts;
5. loss of anticipated savings;
6. loss of goodwill or reputation;
7. loss arising from business interruption;
8. wasted management or staff time; or
9. any indirect, special, consequential, exemplary, or punitive loss or damage of any kind.

17.5.2 The exclusions in clause 17.5.1 apply even if the relevant loss was reasonably foreseeable, and even if the party against whom the claim is made has been advised of the possibility of the loss.

17.5.3 For the avoidance of doubt, costs reasonably and properly incurred by the Customer in restoring lost or corrupted Customer Data, and other direct losses proximately caused by the Service Provider's breach, are not excluded by clause 17.5.1, but remain subject to the cap in clause 17.6.

17.6 Aggregate Liability Cap

17.6.1 Subject to clauses 17.4 and 17.7, the total aggregate liability of the Service Provider to the Customer arising out of or in connection with this Agreement, whether in contract, delict (including negligence), breach of statutory duty, or otherwise, shall not exceed an amount equal to one hundred per cent (100%) of the Subscription Fees paid by the Customer to the Service Provider in the twelve (12) months immediately preceding the date on which the cause of action first arose.

17.6.2 Where the relevant cause of action arose less than twelve (12) months after the Effective Date, the cap in clause 17.6.1 is the Subscription Fees actually paid by the Customer up to the date the cause of action arose.

17.6.3 The cap in clause 17.6.1 is an aggregate cap covering all claims, causes of action, and liabilities arising under or in connection with this Agreement (including all claims under the indemnity in clause 15.5), and is not a cap that resets per claim or per Subscription Term. Multiple claims do not increase the aggregate cap.

17.6.4 An Order Form may specify a higher (or lower, but not below the level required to satisfy applicable law) aggregate liability cap for an Enterprise Edition Subscription. Where it does so, the Order Form cap applies in place of clause 17.6.1 for that Subscription.

17.7 Carve-Outs from the Cap

17.7.1 Clauses 17.5 and 17.6 do not limit:

1. any liability of either party referred to in clause 17.4 (the statutory floor);
2. the Customer's obligation to pay the Subscription Fee, taxes, late-payment interest, the collection surcharge, the excess-use charge under clause 3.5.2, and any other amounts the Customer is obliged to pay to the Service Provider under this Agreement;
3. the Customer's indemnity obligations under clauses 7.11 (Indemnity for Marketing Campaigns) and 15.9 (Customer's IP and Customer-Data Indemnity); or
4. any amount payable as a refund expressly required by this Agreement.

17.8 Time-Limit on Claims

17.8.1 Without prejudice to the prescription periods applicable under the Prescription and Limitation (Scotland) Act 1973, neither party shall bring any claim against the other arising out of or in connection with this Agreement more than two (2) years after the date on which the party bringing the claim became aware (or ought reasonably to have become aware) of the facts giving rise to the claim. After that period, the claim is irrevocably barred.

17.8.2 Clause 17.8.1 does not apply to claims for non-payment of undisputed amounts, or to liabilities referred to in clause 17.4.

17.9 Risk Allocation

17.9.1 The Customer acknowledges that the limitations and exclusions in this clause 17, together with the structure of the Subscription Fee and the Customer's other rights and remedies under this Agreement (including non-renewal, material-breach termination, and refund mechanics), reflect a deliberate allocation of risk between the parties that is fundamental to the bargain. The Subscription Fee has been calculated on the basis of these limitations and exclusions, and the Customer accepts the risk that any loss it suffers may exceed the amounts recoverable.

17.9.2 The Customer is responsible for procuring such insurance (including in respect of business interruption, cyber risk, professional liability, and direct-marketing liability) as the Customer considers appropriate to cover the Customer's residual risk under this Agreement.

18.1 Force Majeure

18.1.1 Neither party is liable for any delay in performing, or failure to perform, any of its obligations under this Agreement (other than payment obligations) to the extent that the delay or failure is due to a "Force Majeure Event", being any cause beyond the affected party's reasonable control, including (without limitation):

1. acts of God, fire, flood, earthquake, severe weather, or other natural disaster;
2. war, hostilities (whether war is declared or not), terrorism, civil unrest, riot, sabotage, or insurrection;
3. act, order, or restriction of any government, regulator, court, or other competent authority;
4. public-health emergency, epidemic, pandemic, quarantine, or restrictions imposed in connection with any of the foregoing;
5. industrial dispute, strike, lock-out, or labour shortage;
6. failure or unavailability of public internet infrastructure, telecommunications networks, domain-name systems, or certificate authorities;
7. failure, unavailability, suspension, or material degradation of any cloud-hosting, infrastructure-as-a-service, identity-and-authentication, email-delivery, mailbox-integration, AI model inference, payment-processing, customer-relationship-management, or other third-party service that the Service Provider relies on to deliver the Service;
8. malicious third-party cyber attacks, distributed denial-of-service attacks, or other deliberate interference with the Service or its third-party providers, in each case not caused by the affected party's negligence or breach of this Agreement; and
9. any other event beyond the reasonable control of the affected party.

18.1.2 The affected party shall: (a) notify the other party of the Force Majeure Event as soon as reasonably practicable; (b) use reasonable endeavours to mitigate the effect of the Force Majeure Event on its performance; and (c) resume performance as soon as reasonably practicable after the Force Majeure Event ends.

18.1.3 If a Force Majeure Event continues for more than ninety (90) consecutive days and materially affects the Service Provider's ability to deliver the Service, the Customer may terminate this Agreement by written notice to the Service Provider with immediate effect, in which case the Service Provider shall refund a pro-rata portion of any prepaid Subscription Fee in respect of the unused remainder of the then-current Subscription Term in accordance with clause 13.8.1.

18.2 Notices

18.2.1 Any notice or other communication required to be given under this Agreement (a "Notice") must be in writing and delivered:

1. by email, in the case of a Notice from the Customer to the Service Provider, to hello@d3tenders.com (or such other address as the Service Provider notifies in writing); and
2. by email, in the case of a Notice from the Service Provider to the Customer, to the email address of the Customer's billing or administrative contact most recently provided to the Service Provider; or
3. in either direction, to such other address as either party may notify to the other in accordance with this clause.

18.2.2 A Notice may also be sent by pre-paid first-class post or registered post to the registered office (in the case of the Service Provider) or to the registered or principal address (in the case of the Customer), in each case marked for the attention of the company secretary or general counsel.

18.2.3 A Notice is deemed received: (a) if sent by email, at the time of transmission, save that a Notice received outside business hours (09:00–17:00 UK local time on a UK business day) is deemed received at the start of the next business day; and (b) if sent by post, two (2) business days after posting.

18.2.4 Service of a Notice does not validly take effect through email auto-responders, "out of office" messages, or in-product chat messages.

18.3 Assignment and Novation

18.3.1 The Customer may assign or novate this Agreement to a wholly-owned Affiliate of the Customer without the Service Provider's consent, provided that the Customer gives the Service Provider prior written notice. The Customer remains liable for any breach by the assignee Affiliate during the period during which the assignee Affiliate ceases to be a wholly-owned Affiliate of the Customer.

18.3.2 The Customer may not otherwise assign, transfer, charge, sub-contract, or deal in any other manner with all or any of its rights or obligations under this Agreement (including in connection with a sale of all or substantially all of the Customer's business, a merger, change of control, or similar transaction) without the prior written consent of the Service Provider, such consent not to be unreasonably withheld or delayed.

18.3.3 The Service Provider may at any time, on written notice to the Customer: (a) assign or novate this Agreement, or any of its rights or obligations under it, to: (i) any Affiliate of the Service Provider; or (ii) any successor in connection with a merger, acquisition, sale of all or substantially all of the Service Provider's business or assets, internal reorganisation, or similar transaction; and (b) sub-contract any of its obligations under this Agreement to a third party, provided that the Service Provider remains responsible for the performance of those obligations.

18.4 Anti-Bribery

18.4.1 Each party shall: (a) comply with all applicable laws, statutes, regulations, and codes relating to anti-bribery and anti-corruption, including the Bribery Act 2010; (b) not engage in any activity, practice, or conduct that would constitute an offence under sections 1, 2, or 6 of the Bribery Act 2010 if such activity, practice, or conduct had been carried out in the United Kingdom; and (c) maintain in place throughout the term of this Agreement its own policies and procedures, including adequate procedures within the meaning of section 7(2) of the Bribery Act 2010, to ensure compliance with this clause 18.4.

18.5 Modern Slavery

18.5.1 Each party warrants that it has taken reasonable steps to ensure that there is no slavery or human trafficking in its own business or in any of its supply chains, and shall comply with the Modern Slavery Act 2015 in the performance of this Agreement. Each party shall, on the other party's reasonable written request, provide reasonable information about its policies and procedures relating to modern-slavery compliance.

18.6 Severance

18.6.1 If any provision of this Agreement is or becomes invalid, illegal, or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal, and enforceable while preserving the parties' commercial intent. If such modification is not possible, the relevant provision (or part of it) shall be deemed deleted. Any modification or deletion under this clause 18.6 does not affect the validity and enforceability of the rest of this Agreement.

18.7 Entire Agreement

18.7.1 This Agreement (comprising the Order Form, these Terms, any Additional Terms, and the Privacy Policy) constitutes the entire agreement between the parties in respect of its subject matter and supersedes all prior agreements, negotiations, statements, representations, and understandings, whether written or oral, in respect of the same subject matter.

18.7.2 Each party acknowledges that, in entering into this Agreement, it has not relied on, and shall have no remedy in respect of, any statement, representation, assurance, warranty, or understanding (whether negligently or innocently made) that is not set out expressly in this Agreement. Nothing in this clause 18.7 limits or excludes any liability for fraud or fraudulent misrepresentation.

18.8 No Waiver

18.8.1 No failure or delay by a party to exercise any right, power, or remedy under this Agreement, or otherwise, shall operate as a waiver of that right, power, or remedy, nor shall any single or partial exercise prevent any other or further exercise. A waiver of any right, power, or remedy is only effective if given in writing and signed by the party waiving it, and applies only to the matter in respect of which it is expressly given.

18.9 No Partnership or Agency

18.9.1 Nothing in this Agreement constitutes, or is to be construed as constituting, a partnership, joint venture, employment relationship, fiduciary relationship, or agency between the parties. Neither party has authority to bind the other or to incur any obligation on the other's behalf.

18.10 Third-Party Rights

18.10.1 Save as expressly provided in this Agreement, this Agreement does not, and is not intended to, confer any rights on a third party. In particular: (a) no third party has any rights under the Contract (Third Party Rights) (Scotland) Act 2017 to enforce any term of this Agreement; and (b) to the extent it is or has been relevant, no third party has any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Agreement.

18.10.2 The rights of the parties to terminate, rescind, or vary this Agreement, or to settle any claim or dispute under it, are not subject to the consent of any third party.

18.11 Counterparts and Electronic Signature

18.11.1 An Order Form, and any amendment to or other written instrument required by this Agreement, may be executed in any number of counterparts, each of which when executed and delivered constitutes an original of that document, and all of which together constitute one and the same document.

18.11.2 An Order Form, and any amendment or other written instrument, may be executed by electronic signature (including by DocuSign, Adobe Sign, or any other reputable electronic-signature platform), and the parties agree that an electronic signature has the same legal effect as a handwritten signature on a physical original.

18.12 Variation

18.12.1 No variation of this Agreement is effective unless it is in writing and either (a) signed by an authorised representative of each party (in the case of an Order Form, an Additional Term, or a bespoke variation), or (b) introduced by the Service Provider in accordance with clause 2.5 (in the case of a variation to these Terms).

18.13 Cumulative Remedies

18.13.1 Except as expressly provided in this Agreement (including the sole-and-exclusive remedies in clauses 15.7 and 17.1), the rights and remedies of each party under this Agreement are cumulative with, and not exclusive of, any other rights and remedies available at law or in equity.

19.1 Governing Law

19.1.1 This Agreement, and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this Agreement or its subject matter or formation, is governed by and construed in accordance with the law of Scotland.

19.2 Good-Faith Discussion

19.2.1 If any dispute or claim arises out of or in connection with this Agreement, the parties shall first use reasonable endeavours to resolve the dispute by good-faith discussion between senior representatives of each party with authority to settle the dispute. The party raising the dispute shall give the other party written notice setting out the nature of the dispute and the desired outcome, and the parties shall meet (in person or remotely) within fourteen (14) days of that notice.

19.2.2 Clause 19.2.1 does not prevent either party from commencing court proceedings: (a) at any time, where urgent interdict, injunction, specific performance, or other equitable relief is required (including in respect of breach of clause 16 (Confidentiality), clause 15 (Intellectual Property), or clause 7 (Marketing Campaigns) where Campaign Emails in flight or imminently to be sent threaten harm to recipients or to the Service Provider's infrastructure or reputation); or (b) to recover undisputed amounts payable under this Agreement; or (c) where delay would prejudice the party's position by reason of limitation, prescription, or any similar legal time-limit.

19.3 Exclusive Jurisdiction

19.3.1 Subject to clause 19.2.2, each party irrevocably agrees that the courts of Scotland have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this Agreement or its subject matter or formation.

19.3.2 Nothing in clause 19.3.1 limits the right of either party to enforce a judgment of the Scottish courts in any other jurisdiction.