This Agreement applies whenever a Customer or Authorised User downloads, installs or activates a Software Service (Aveni Assist or Aveni Assist Paraplanner) through the Intelliflo Store. By using a Software Service you are accepting this Agreement and your obligations therein. Aveni contracts directly with the Customer and subscription, billing and provisioning are facilitated through Intelliflo.

Where these terms are accepted by any person on behalf of a Customer, such person warrants that they are authorised to enter into this agreement on behalf of the Customer. 

• Definitions and interpretation

1. 1. 1. The definitions set out in schedule 1 apply to this Agreement.
      2. This agreement is made up of (i) the Data Processing Addendum (ii) the Service Level Agreement and (iii) these general terms and conditions (the “Agreement”). If there is any conflict or ambiguity between the terms of the documents listed in this clause, a term contained in a document higher in the list shall have priority over one contained in a document lower in the list.

• Use of the Services

1. 1. 1. Subject to the terms and conditions of this Agreement, Aveni hereby grants to the Customer a non-exclusive, non-transferable right and licence, without the right to grant sublicences, to access and use the Services and the Platform during the Subscription Term solely for the Customer’s internal business operations and only by up to the number of Authorised User Licences for which it has paid.  
      2.  The Customer shall ensure that (i) each Authorised User Licence is used by only one Authorised User and (ii) each Authorised User shall keep a secure and confidential password for their use of the Services. 
      3. The Customer shall ensure that the Authorised Users shall not upload more than 20 hours of recordings per month (as an average across all Users) (the “Maximum Number of Hours”) to the Aveni Assist platform without the prior written consent of Aveni. Where this limit is exceeded, additional fees shall apply, as set out on the Intelliflo Store. 
      4. During the Subscription Term and for one year afterwards, Aveni (or its independent third-party auditors) has the right, upon reasonable notice, to audit Customer’s relevant systems and records to confirm Customer’s compliance with this Agreement. Aveni may conduct no more than one audit per twelve-month period and Customer shall reasonably cooperate with Aveni (or its independent third-party auditors) for such audit. Aveni shall conduct such audit during Customer’s regular business hours and in a way designed to minimise business disruption. If an audit discloses Customer has installed, accessed, used, or otherwise permitted use of or access to a Service in a manner that is not expressly permitted by this Agreement, Customer agrees to promptly pay Aveni for any unpaid Fees for such use or access to a Service, in addition to the cost of such audit.
      5. The Customer shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Services that is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive, facilitates illegal activity, depicts sexually explicit images, promotes unlawful violence, is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability, or is otherwise illegal or causes damage or injury to any person or property and Aveni reserves the right, without liability or prejudice to its other rights to the Customer, to disable the Customer’s access to any material that breaches the provisions of this clause.
      6. The Customer shall not, and (where applicable) shall ensure that its Authorised Users shall not:
         1. except to the extent expressly permitted under this Agreement attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Services and/or Platform (as applicable) in any form or media or by any means; or attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Services and/or the Platform; or
         2. access all or any part of the Services and Platform in order to build a product or service which competes with the Services and/or the Platform; or
         3. use the Services and/or Platform to provide services to third parties; or
         4. subject to clause 15.10 license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Platform available to any third party (except the Authorised Users); or
         5. introduce, or permit the introduction of, any Virus into the Services or Aveni’s network and information systems. 
      7. The Customer agrees that it is liable for the acts and omissions of each Authorised User, as though those acts and omissions were those of the Customer.
      8. The Customer shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and/or the Platform and, in the event of any such unauthorised access or use, promptly notify Aveni.
      9. Aveni will have no liability and no obligation in relation to the content or use of any third party website, products or services that the Customer may access, or be enabled or assisted to access, through the Services. Any such content or use shall instead be governed by the applicable third party terms.

• Additional usage

1. 1. 1.  The Customer may, from time to time during any Subscription Term, purchase additional Authorised User Licences via the Intelliflo Store and Aveni shall grant access to the Services and the Platform to such additional Authorised Users.

• Support Services

1. 1. 1. Aveni will provide the Customer with Aveni’s standard customer support services for the Software Services in accordance with the Service Level Agreement in effect at the time that the Software Services are provided.  Aveni may amend the Service Level Agreement in its sole and absolute discretion from time to time provided that if Aveni makes any changes that materially changes the nature of the service offering and/or adversely decreases the level of service, then it shall notify Customer. 

• Data protection and security

1. 1. 1. Each party shall comply with its respective obligations under Data Protection Laws in connection with this Agreement, and shall comply with the terms set out in the Data Processing Addendum. 
      2. The data security measures taken by Aveni are set out in schedule 3 to these terms. 

• Warranties

1. 1. Each party warrants that: 

1. it is duly organized, validly existing and in good standing under the laws of its jurisdiction of organization; and 
2. it has full corporate power and authority to execute and deliver this Agreement and to comply with its obligations hereunder.

1. Aveni warrants that:

1. it shall perform the Services substantially in accordance with the Platform and good industry practice and with reasonable skill and care; 
2. it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this Agreement.

1. Aveni’s obligations at 6.2(a) shall not apply to the extent of any non-conformance which is caused by use of the Services contrary to Aveni’s instructions, or modification or alteration of the Services by any party other than Aveni or Aveni’s duly authorised contractors or agents. If the Services do not conform with the terms of clause 6.2(a), Aveni will, at its expense, use reasonable commercial endeavours to correct any such non-conformance promptly. Such correction constitutes the Customer’s sole and exclusive remedy for any breach of the undertaking set out in 6.2(a).  
2. Aveni:

1. does not warrant that:
   1. the Customer’s use of the Services will be uninterrupted or error-free; 
   2. the Services, Platform and/or the information obtained by the Customer through the Services will meet the Customer’s requirements; 
   3. the Platform or the Services will be free from vulnerabilities or Viruses; and
2. is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Services and Platform may be subject to limitations, delays and other problems inherent in the use of such communications facilities.

1. Except as expressly and specifically provided in this Agreement:

1. all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by Applicable Law, excluded from this Agreement; and
2. the Services and the Platform are provided to the Customer on an “as is” basis.

1. In the event of any loss or damage to Customer Data, the Customer’s sole and exclusive remedy against Aveni shall be for Aveni to use reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up maintained by Aveni in accordance with its back up procedures and policies. Aveni shall not be responsible for any loss, destruction, alteration or disclosure of Customer Data caused by any third party (except those third parties sub-contracted by Aveni to perform services related to Customer Data maintenance and back-up).

• Customer’s obligations

1. 1. The Customer shall:

1. provide Aveni with all necessary and desirable co-operation and information as may be required by Aveni in order to provide the Services, including but not limited to Customer Data, security access information and configuration services;
2. in the event of any delays in the Customer’s provision of such assistance as agreed by the parties, Aveni may adjust any agreed timetable or delivery schedule as reasonably necessary and Aveni shall not be liable for any failure to deliver any or all of the Services to the extent caused by Customer’s delay;
3. obtain and shall maintain all necessary licences, consents, and permissions necessary for Aveni, its contractors and agents to perform their obligations under this Agreement, including without limitation the Services;
4. ensure that its network and systems comply with the relevant specifications provided by Aveni from time to time; and
5. be, to the extent permitted by law and except as otherwise expressly provided in this Agreement, solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to Aveni’s data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet.

1. The Customer assumes sole responsibility for results obtained from the use of the Services and the Platform by the Customer, and for conclusions drawn from such use. Aveni shall have no liability for any damage caused by errors or omissions in any Customer Data, information, instructions or scripts provided to Aveni by the Customer in connection with the Services, or any actions taken by Aveni at the Customer’s direction.

• Charges and payment

1. 1. 1. The Customer shall pay the Fees via the Intelliflo Store in accordance with its store terms. Payment to Intelliflo shall be deemed payment to Aveni. Aveni is not responsible for Intelliflo’s billing systems or disputes arising between the Customer and Intelliflo regarding invoicing or collection. .
      2. Aveni has not received payment within 30 days after the due date, due to a failure by the Customer to pay the Fees then,without prejudice to any other rights and remedies of Aveni, (i) Aveni may, on no less than 5 Business Days’ notice to the Customer and without liability to the Customer, disable the Customer’s and Authorised Users’ password, account and access to all or part of the Services and Aveni shall be under no obligation to provide any or all of the Services while the invoice(s) remain unpaid and (ii) interest shall accrue on a daily basis on such due amounts at a rate of 8 % per annum above the base rate from time to time of the Bank of England until such invoice(s) are fully paid.
      3. All amounts and fees stated or referred to in this Agreement shall be payable in pounds sterling; are non-cancellable and non-refundable and are exclusive of value added tax, which shall be added to Aveni’s invoice(s) at the appropriate rate.
      4. Aveni reserves the right to adjust its Fees at any time and any such change shall be reflected on the Intelliflo Store and in the Customer’s monthly billing via the Intelliflo Store.

• Intellectual Property Rights

1. 1. Aveni confirms that it has all the rights in relation to the Platform and the Services that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this Agreement.
   2. The Customer acknowledges and agrees that Aveni and/or its licensors own all Intellectual Property Rights in the Services and the Platform. Except as expressly stated herein, this Agreement does not grant the Customer any Intellectual Property Rights in respect of the Services or the Platform.
   3. The Customer shall own all right, title and interest in and to all of the Customer Data that is not personal data and shall have sole responsibility for the legality, reliability, integrity, accuracy, quality and right to use all Customer Data, and Aveni is not responsible or liable for Customer’s actions related to the deletion, correction, destruction, damage, loss or failure to store any Customer Data. 
   4. The Customer hereby consents to and grants Aveni a nonexclusive license during the Subscription Term for Aveni to access, use, transmit, modify and copy Customer Data from time to time as necessary for the purpose of providing the Services, ensuring the proper functioning and improvement of the Platform, and related support and administration, or otherwise as requested by Customer or permitted under this Agreement.
   5. All reports, summaries, graphs, visualisations, and other content generated by the Platform that is derived from or based on the Customer Data (“Output”) shall be owned by the Customer. The Customer hereby grants Aveni a nonexclusive, non-transferable, perpetual licence to use the Outputs for the purpose of providing and/or improving the Services and/or the Platform.
   6. Aveni may anonymise Customer Data such that it no longer constitutes personal data under the Data Protection Laws. Aveni shall apply industry standard data loss prevention processes to anonymise Customer Data. Once anonymised, Aveni may use such data for any lawful purpose, including but not limited to training, fine-tuning, and improving its proprietary language models and algorithms, developing new features, and enhancing overall system performance.
   7. The Customer agrees that Aveni has the right to aggregate, collect and analyse data and information relating to the Customer’s use of the Services (“Usage Data”) and shall be free (during and after the term of this Agreement) to (i) use Usage Data and other information to improve the Aveni’s products and services and (ii) disclose Usage Data and other information solely in an aggregated and de-identified format that does not identify the Customer, Authorised Users or any other individual.
   8. Where the Customer provides to Aveni input, comments or suggestions regarding the Services and/or the possible creation, modification, correction, improvement or enhancement of the Services (the “Feedback”), the Customer grants to Aveni a non-exclusive, perpetual, worldwide, transferable, royalty-free licence, with the right to sublicense through multiple tiers, to use, publish, disclose, perform, copy, make, have made, use, modify, create derivative works, distribute, sell, offer for sale and otherwise benefit from Feedback in any manner and via any media.
2. Confidentiality 
   1. Each party shall: 

1. treat as confidential, and shall not disclose, any Confidential Information of the other party other than to its employees, affiliates, contractors, consultants or advisors (each, a “Representative”) who have a bona fide need-to-know such Confidential Information, provided that (i) such Representatives are bound by legally enforceable obligations consistent with and at least as restrictive as the provisions of this Section 8 and (ii) the receiving party shall be responsible for any breach by its Representatives; 
2. use the same degree of care to protect the other party’s Confidential Information as it uses to protect its own Confidential Information of a similar nature, but in no event less than reasonable care; and 
3. use the other party’s Confidential Information only for the purposes described in this Agreement.

1. Confidential Information shall not include: 

1. any information that is or becomes generally available to the public (provided that such information did not become public as a result of the receiving Party’s or its Representative’s disclosure thereof in breach of this Agreement); 
2. any information received by the receiving Party (without restriction on use or disclosure) from sources other than the disclosing Party or its Representatives (provided that such source is not subject to a confidentiality obligation with regard to such information); 
3. any information that is independently developed by the receiving Party without use of or reference to Confidential Information of the other Party; or 
4. any information that was in the receiving Party’s possession (without restriction on use or disclosure) prior to the time of its disclosure by or on behalf of the disclosing Party.  

Notwithstanding the foregoing, either Party may disclose Confidential Information of the other Party to any regulatory agency or court of competent jurisdiction if and to the extent: 

1. approved by the other Party in advance and in writing; or 
2. required to comply with Applicable Law provided that such Party provides prompt prior written notice of such required disclosure to the other Party (to the extent legally permitted) and reasonably cooperates with the other Party (at such other Party’s cost and expense) to limit the extent of such disclosure. 

1. On termination or expiry of this Agreement:

1. each party shall destroy or return all documents and materials containing Confidential Information and erase all Confidential Information from its computer and communications systems and devices, provided that they shall be able to keep one copy of Confidential Information (subject to the restrictions in this clause) for a party’s standard archiving purposes and/or to comply with Applicable Law; and 
2. the parties’ obligations under this clause 10 shall continue in force for a period of three years following the termination of this Agreement.

1. Subject to clause 10.5, no party shall make, or permit any person to make, any public announcement concerning this Agreement without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including, without limitation, any relevant securities exchange), any court or other authority of competent jurisdiction.
2. Customer hereby grants Aveni a limited, non-exclusive, royalty-free license to use and display Customer’s name, designated trademarks, and associated logos (the “Customer Marks”) during the Subscription Term in connection with Aveni’s marketing and promotional efforts for its products and services, including by publicly naming Customer as a customer of Aveni and case studies.

1. Indemnity
   1. The Customer shall defend, indemnify and hold harmless Aveni against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer’s use of the Services and/or Platform, provided that:

1. the Customer is given prompt notice of any such claim;
2. Aveni provides reasonable co-operation to the Customer in the defence and settlement of such claim, at the Customer’s expense; and
3. the Customer is given sole authority to defend or settle the claim.

1. Aveni shall defend the Customer, its officers, directors and employees against any claim that the Customer’s use of the Services or Platform in accordance with this Agreement infringes any third party patent effective as of the Effective Date, copyright, trade mark, database right or other intellectual property right, and shall indemnify the Customer for any amounts awarded against the Customer in judgment or settlement of such claims, provided that:

1. Aveni is given prompt notice of any such claim;
2. the Customer does not make any admission, or otherwise attempt to compromise or settle the claim and provides reasonable co-operation to Aveni in the defence and settlement of such claim, at Aveni’s expense; and
3. Aveni is given sole authority to defend or settle the claim.

1. In the defence or settlement of any claim, Aveni may procure the right for the Customer to continue using the Services, replace or modify the Services so that they become non-infringing or, if such remedies are not reasonably available, terminate this Agreement on 2 Business Days’ notice to the Customer without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.
2. In no event shall Aveni, its employees, agents and sub-contractors be liable to the Customer to the extent that the alleged infringement is based on:

1. a modification of the Services or Platform by anyone other than Aveni; or
2. the Customer’s use of the Services or Platform in a manner contrary to the instructions given to the Customer by Aveni; or
3. the Customer’s use of the Services or Platform after notice of the alleged or actual infringement from Aveni or any appropriate authority; or
4. the Customer Data; or
5. the Customer’s breach of this Agreement.

1. The foregoing and clause 11.2(b) states the Customer’s sole and exclusive rights and remedies, and Aveni’s (including Aveni’s employees’, agents’ and sub-contractors’) entire obligations and liability, for infringement or alleged infringement of any third party patent, copyright, trade mark or database right by Aveni.

1. Limitation of liability
   1. Nothing in this Agreement excludes the liability of Aveni:

1. for death or personal injury caused by Aveni’s negligence; or
2. for fraud or fraudulent misrepresentation.

1. Subject to clause 11.1:

1. Aveni shall have no liability for any:
   1. loss of profits, 
   2. loss of business, 
   3. wasted expenditure, 
   4. depletion of goodwill and/or similar losses, 
   5. loss or corruption of data or information, or
   6. any special, indirect or consequential loss, costs, damages, charges or expenses; and
2. Aveni’s total aggregate liability to the Customer (including in respect of the indemnity at clause 10.2), in respect of all defaults shall not exceed the total Fees paid by the Customer for the Service for the twelve-month period preceding the first incident out of which the liability arose, less any portion of such Fees retained by Intelliflo as commission 

1. Nothing in this Agreement excludes the liability of the Customer for any breach, infringement or misappropriation of Aveni’s Intellectual Property Rights.

1. Term and termination
   1. This Agreement shall, unless otherwise terminated as provided in this clause 13, commence on the Effective Date and shall continue unless:
      1. the Customer (or all its Authorised Users) cancels the subscription via the Intelliflo Store;
      2. the Customer’s Intelliflo account is terminated; or
      3. otherwise terminated in accordance with this agreement.
   2. Aveni may terminate this Agreement if:
      1.  the Customer has not paid any Fees due within 60 days of the due date; or
      2. Intelliflo suspends or terminates the API connection or removes the Software Services from the Intelliflo Store. 
   3. Without affecting any other right or remedy available to it, either party may terminate this Agreement:

1. upon written notice to the other party if the other party materially breaches this Agreement (including any Order Form) and fails to cure such breach within 30 days of delivery of written notice thereof specifying the nature of the breach in reasonable detail; or 
2. immediately upon written notice if the other party: (i) becomes insolvent or generally unable to pay, or generally fails to pay, its debts as they become due, makes a general assignment for the benefit of creditors, or enters into an agreement with its creditors providing for the extension or composition of debt; (ii) files a petition, or has a petition filed against it which petition is not dismissed within 60 days, under any laws relating to bankruptcy, insolvency or liquidation; or (iii) ceases to carry on all or substantially all of its business.

1. On termination or expiry of this Agreement for any reason:

1. all licences granted under this Agreement shall immediately terminate and the Customer shall immediately cease all use of the Services and/or the Platform; 
2. each party shall return and make no further use of any equipment, property, Platform and other items (and all copies of them) belonging to the other party;
3. Aveni may destroy or otherwise dispose of any of the Customer Data in its possession unless Aveni receives, no later than ten days after the effective date of the termination of this Agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. Aveni shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by Aveni in returning or disposing of Customer Data; and
4. any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the Agreement which existed at or before the date of termination shall not be affected or prejudiced; and
5. sections 1 (Definitions), 6.4 to 6.6 (Warranties), 8 (Charges and Payment), 9 (Intellectual Property), 10.1 (Ownership of Customer Data), 10 (Confidentiality), 11 (Indemnification), 12 (Limitation of Liability), 13.4 (Effect of Termination), 13.4(e) (Survival), and 15 (General) shall survive any termination or expiration of this Agreement.

1. Force majeure

Neither party shall be in breach of this Agreement or otherwise liable for any delay or failure in the performance of its obligations for so long as and to the extent that such delay or failure results from events, circumstances or causes beyond its reasonable control. If the period of delay or non-performance continues for more than 90 days the party not affected may terminate this Agreement by giving not less than 30 days written notice to the affected party.

1. General
   1. Subject to clause 4.1, Aveni may update any part of this Agreement from time to time provided that any such update does not have a material adverse effect on the Customer or substantially change the nature and intent of the Agreement. In all other cases, no variation of any provision of the Agreement is effective unless in writing and signed by the authorised representatives of each party.
   2. A waiver of any right or remedy is only effective if given in writing and shall not be deemed a waiver of any subsequent right or remedy. A delay or failure to exercise, or the single or partial exercise of, any right or remedy does not waive that or any other right or remedy, nor does it prevent or restrict the further exercise of that or any other right or remedy.
   3. Except as expressly provided in this Agreement, the rights and remedies provided under this Agreement are in addition to, and not exclusive of, any rights or remedies provided by law.
   4. If any provision or part-provision of this Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of this Agreement.
   5. If any provision or part-provision of this Agreement is deemed deleted under clause 15.4, the parties shall negotiate in good faith to agree a replacement provision that, to the greatest extent possible, achieves the intended commercial result of the original provision.
   6. This Agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous and contemporaneous agreements, promises, assurances and understandings between them, whether written or oral, relating to its subject matter.
   7. Each party acknowledges that in entering into this Agreement it does not rely on, and shall have no remedies in respect of, any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in this Agreement.
   8. Each party agrees that it shall have no claim for innocent or negligent misrepresentation or negligent misstatement based on any statement in this Agreement. Nothing in this clause shall limit or exclude any liability for fraud.
   9. The Customer shall not, without the prior written consent of Aveni, assign, transfer, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any of its rights and obligations under this Agreement.
   10. Aveni may at any time assign, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any or all of its rights and obligations under this Agreement, provided that it gives prior written notice of such dealing to the Customer.
   11. Nothing in this Agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
   12. This Agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Agreement.
   13. This Agreement may be executed in any number of counterparts, each of which shall constitute a duplicate original, but all the counterparts shall together constitute the one Agreement. Transmission of the executed signature page of a counterpart of this Agreement by email takes effect as the transmission of an executed “wet-ink” counterpart of this Agreement. No counterpart shall be effective until each party has provided to the other at least one executed counterpart.
   14. Notices under this Agreement shall be delivered by email to the email address set out in the Order Form (or as otherwise notified to the other party from time to time). This clause does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution. 
   15. This Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and interpreted in accordance with the law of England and Wales.

1. Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims).

Schedule 1

Definitions

• Affiliates: in relation to any company, any “subsidiary” or “holding company” (as such terms are defined in the Companies Act 2006) of that company or any subsidiary of that holding company.

• Applicable Laws: any applicable (a) statute, regulation, regulatory requirement, by law, ordinance, subordinate legislation or other law (regardless of its source) or mandatory guidance or code of practice (including in each case any judicial or administrative interpretation of it), in force from time to time in any applicable jurisdiction; or (b) judgment of a relevant court of law, or sanction, directive, order or requirement of any relevant regulator.

• Authorised Users: those employees, agents and independent contractors of the Customer or the Customer’s Affiliates who are authorised by the Customer to use the Services and the Platform.

• Authorised User Licences: the user licences purchased by the Customer (via the Intelliflo store)  which entitle Authorised Users to access and use Aveni Assist and the Platform in accordance with this Agreement on a one user per licence basis.

• Business Day: a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business.

• Confidential Information: any and all information disclosed or made accessible by or on behalf of one party or its affiliates to the other party or its affiliates (or any representative of any of them), whether orally, visually, in writing or in any other form, which is either (a) marked or identified as “confidential” at the time of disclosure or (b) of a nature that a reasonable business person would understand, under the circumstances, to be confidential or proprietary provided that the disclosing party generally treats it as confidential, including all technical, product, service, business, marketing, sales, financial and pricing information and data, techniques, methodologies, processes, algorithms, know-how, ideas, concepts, inventions, discoveries and trade secrets, including information of or about (including the identity of) employees, affiliates, customers, licensors, suppliers, subcontractors and representatives.

• Customer: the firm or entity purchasing the Services via the Intelliflo Store.

• Customer Data: the data inputted by the Customer, Authorised Users, or Aveni on the Customer’s behalf for the purpose of using the Services or facilitating the Customer’s use of the Services. 

• Data Processing Addendum: the data processing addendum set out in schedule 4.

• Data Protection Laws: all Applicable Laws relating to data protection and privacy which are from time to time applicable to Aveni or the Customer including the Data Protection Act 2018 (“DPA”) and the UK GDPR (as defined in the DPA) and the terms “data subject, controller, personal data, personal data breach, process, sub-processor and supervisory authority shall have the respective meanings given in Data Protection Laws (and “processed”, processes” and “processing” shall be construed accordingly).

• Effective Date: the date the Customer account is set up by Aveni. 

• Fees: the fee then in effect for the Service.ct

• Initial Subscription Term: the initial term of this Agreement as set out in the Order Form.

• Intellectual Property Rights: patents, rights to inventions, copyright and related rights, moral rights, trade marks and service marks, business names and domain names, rights in get-up and trade dress, goodwill and the right to sue for passing off, rights in designs, rights in computer software, database rights, rights to use, and protect the confidentiality of, confidential information (including know-how and trade secrets) and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.

• Intelliflo Store means the online store provided by Intelliflo Limited at https://store.gb.intelliflo.net.

• Order Form: an order form signed by the Customer and Aveni, referencing these terms and conditions, or any online order form or purchase confirmation filled in by the Customer (including via a third party platform) for the Services. 

• Platform: means the proprietary software application, system, tools, and related or derivative services provided by Aveni including any underlying technology, algorithms, models, user interfaces, databases, and associated documentation which enables the Customer to use the Software Services.

• Services: any service provided by Aveni to the Customer, which may include, without limitation, Software Services and/or the Support Services.

• Service Level Agreement: the service level agreement set out in schedule 2.

• Software Services: means Aveni Assist and Aveni Assist Paraplanner.

• Standard Contractual Clauses: as the context requires:

1. the international data transfer agreement issued by the UK Information Commissioner under section 119A(1) of the DPA;
2. means standard contractual clauses for the transfer of personal data to third countries pursuant to EU GDPR adopted by the European Commission decision of 4 June 2021 and published under document number C(2021) 3972 and available at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en&uri=CELEX:32021D0914 (“EU Commission Standard Contractual Clauses”) and, where applicable, the international data transfer addendum to the EU Commission Standard Contractual Clauses issued by the UK Information Commissioner; or
3. any subsequent alternative clauses approved by the UK Information Commissioner from time to time (which will automatically apply);

• Subscription Term: the date from the Effective Date until the Customers’ subscription is cancelled in accordance with this agreement. 

• Support Services: the support services set out in the Service Level Agreement.

• Virus: any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.

Schedule 2

SERVICE LEVEL AGREEMENT FOR AVENI SOFTWARE SERVICES

This service level agreement (SLA) sets forth the service level for the applicable software service for which the Customer has subscribed in an Order Form. It applies to and is incorporated by reference into the Agreement made by and between Aveni and the Customer. This SLA remains valid during the term of the Agreement. 

Capitalised terms used but not defined in this SLA shall have the meaning given to them in the General Terms. 

• Requests for support

The Aveni support team is based in the UK and core hours of operation are 08.00 – 18.00 GMT (the “Support Hours”). All requests for support must be sent via email to support@aveni.ai, or via the support form in Aveni Assist and Aveni Detect.

• Service Response Time

Any request for support shall be categorised by Aveni in accordance with the categories set out in the table below. Aveni shall respond to a request for support within the response times listed in the table.

Initial Response Time is calculated from the time when the issue is reported in full by the Customer to time when an initial acknowledgement is provided by the Aveni support team for that issue.

In respect of Critical issues, Aveni will provide support outside of Support Hours and an update every hour, until resolution of the issue. For all other issues, Aveni will provide support within business hours and will confirm once the issue is resolved.

• Customer Obligations

In order to provide the highest quality support, Aveni requires a level of partnership from the Customer.  The Customer will assign designated support contacts to work with Aveni on support issues. Such contacts must:

• Understand the Aveni deployment in the Customer or hosted environment

• Provide timely and accurate responses (and where required, take prompt action) to Aveni Support team member requests
• Leverage Aveni-provided documentation sources and tools for self-service resolution of issues where possible
• Thoroughly describe symptoms of an issue, provide background information and describe the business impact 
• Provide support to Customer end-users thereby ensuring Aveni Support team members are focused on issues submitted by the designated support contacts.

• Service Availability

The Platform shall be available no less than 99.9% of the time (other than for maintenance as set out below), measured on a calendar monthly basis (“Platform Uptime Target”).  

Maintenance 

• Planned Maintenance. Aveni may conduct up to 8 hours per calendar month of scheduled maintenance for purposes of performing maintenance on the Platform, or installing upgrades, fixes or reconfigurations (“Planned Maintenance”). Aveni will inform the Customer of any Planned Maintenance by providing them with at least two Business Days’ notice by email. 

• Emergency Maintenance. Aveni may conduct emergency maintenance with no prior notice in order to resolve severe security or safety issues or other emergency issues. Aveni will use best endeavours to notify the Customer at the beginning and end of such maintenance

Exclusions

The calculation of a Platform’s unavailability shall not include unavailability due to any of the following:

• events of force majeure under clause 14 of the General Terms;
• issues associated with Customer’s devices, local area networks or internet service provider connections; 
• Customer’s acts or omissions in breach of the Agreement or which otherwise hinder or prevent restoration of a Service’s availability; or
• cloud provider or integrated application provider unavailability or outage events; or
• outages or API changes in the Intelliflo Store or the Intelliflo API..

• Service Credits

If the Platform fails to meet the Platform Uptime Target in any given calendar month (excluding maintenance and the exclusions, as set out above), the Customer shall be entitled to a service credit, calculated as a percentage of 1/12 of the annual fees payable for the affected Software Service (i.e. a pro rata monthly portion), as follows:

Service Credits shall be applied as a deduction from future fees payable and shall not be redeemable for cash, refunded, or applied to fees already paid or currently due.

Service Credits must be requested in writing within 30 days of the end of the month in which the relevant Platform unavailability occurred. If not claimed within this period, the Customer waives any entitlement to such credits.

Schedule 3

Data & Security

Audio and metadata are uploaded to the platform and stored with encryption at rest using a secure key. The audio lifecycle can be summarised as follows:

• Data is uploaded via API or direct to S3 through a shared AWS repository.
• The audio is stored separate from all other Aveni audio from other customers.
• After the agreed retention period expires, the call audio is deleted along with all metadata relating to the call.
• Access to stored content is controlled by fine-grained security roles

The security posture of the platform consists of the following systems:

• Front end software leverages Auth0 using JWT and openID for app authentication and authorization
• API access is automatically limited to verified users
• Users have permissions which give fine-grained access to platform features
• Designated client administrators can manage some permissions themselves through an admin role
• The core platform is protected by Aveni security mechanisms including Virtual Private Cloud, Database level security, IAM user roles and groups and secret management
• The Principle of Least Privilege is used throughout the platform to limit access to customer data.

Schedule 4

AVENI DATA PROCESSING ADDENDUM

• General

1. 1. 1. The parties acknowledge and agree that the Customer shall be a controller, and Aveni shall act as a processor for and on behalf of the Customer, where Aveni is processing Customer personal data when providing the Services.
      2. This data processing addendum (“DPA”) sets out the details required by article 28(3) UK GDPR as at the date of this DPA relating to the processing of Customer personal data to be undertaken by Aveni as a processor. The subject matter and duration of the processing, the nature and purpose of the processing, the types of personal data and categories of data subject as required by Article 28(3) of UK GDPR or equivalent provisions of any Data Protection Laws, relating to this DPA, are as set out in Annex 1 to this DPA.
      3. Each party confirms that it holds, and during the term of this DPA shall maintain, all registrations and notifications required in terms of the Data Protection Laws applicable to that party which are necessary for the performance of its obligations under the DPA.  
      4. The Customer warrants, represents and undertakes that it has obtained all consents from data subjects, established legal grounds and provided all notices to data subjects (and as appropriate will maintain and update and ensure the continued validity throughout the term of the DPA of the foregoing), in each case as necessary for Aveni (as a processor) to provide the Services in accordance with the terms of this DPA and Data Protection Laws.
      5. Each party confirms that, in the performance of this DPA, it shall comply with the Data Protection Laws applicable to it. If a party becomes unable to comply with its obligations under this DPA in any material respect, it shall promptly notify the other party. 
      6. In connection with its processing of Customer personal data and taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risk of varying likelihood and severity for the rights and freedoms of the data subjects, each party shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, and shall take all measures required pursuant to Article 32 UK GDPR. In assessing the appropriate level of security, each party shall take account in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Customer personal data transmitted, stored or otherwise processed. The measures adopted by Aveni are set out in Annex 2 to this DPA.

• Processing of personal data

1. 1. 1. In so far as Aveni processes Customer personal data on behalf of the Customer as its processor, Aveni shall not process, transfer, modify, amend or alter the personal data or disclose or permit its disclosure to any third party other than in accordance with the Customer’s documented instructions (whether in the DPA or otherwise) unless processing is required by any Applicable Laws to which Aveni (or its relevant sub-processor) is subject, in which case Aveni shall, to the extent permitted by such Applicable Laws, inform the Customer of that legal requirement before processing that personal data. 
      2. Aveni acknowledges that the Services may involve the processing of special category personal data as defined in Article 9 of the UK GDPR, including but not limited to health information, ethnic origin, or other sensitive personal information that may be shared by data subjects during use of the Services. The Customer is solely responsible for determining the lawful basis under Article 6 and the appropriate condition under Article 9 of the UK GDPR for the processing of special category data.
      3. The Customer warrants that any processing that results from its instructions to Aveni in respect of the Customer personal data shall be lawful and, in respect of any special category personal data, the Customer shall ensure that it has a valid legal basis and condition under Article 9 of the UK GDPR for any such processing.  Aveni shall notify the Customer without undue delay if, in Aveni’s opinion, an instruction from the Customer infringes Data Protection Laws.  Aveni shall be entitled but not obliged to suspend execution of the instructions concerned until the Customer confirms such instructions in writing.
      4. Without prejudice to paragraphs 2.4 or 8.2, if so requested by the Customer, or otherwise required by this DPA, Aveni shall promptly:
         1. amend, transfer or delete Customer personal data; and
         2. cease to process Customer personal data, and promptly arrange for its secure return or destruction, as reasonably required by the Customer.
      5. Save where the Customer makes requests to Aveni which are directed at mitigating the consequences of a breach of this DPA by Aveni (or any sub-processor), Aveni shall be relieved of all its dependent obligations under this DPA to the extent that the Customer makes specific requests to Aveni pursuant to paragraphs 2.3(a) or 2.3(b) to delete, cease processing or destroy personal data, and Aveni (and/or the relevant sub-processor) complies with those requests.
      6. Aveni and its sub-processors may transfer Customer personal data (or access it from) outside of the UK and EEA as required in connection with the performance of the Services and Aveni’s obligations under this DPA, provided that:
         1. Aveni ensures that all such transfers and access are effected to or from (as the context requires) a jurisdiction approved in accordance with Data Protection Law as having an adequate level of data protection law to allow transfers to such jurisdiction without further safeguards (a “Permitted Jurisdiction”); or
         2. if the transfer is to be effected to or from a jurisdiction other than a Permitted Jurisdiction, Aveni:
            1. ensures appropriate safeguards are provided in respect of such transfer or access in accordance with Data Protection Laws and that enforceable data subject rights and effective legal remedies for data subjects are available.  For these purposes, the Customer shall promptly comply with any reasonable request of Aveni, including any request to enter into Standard Contractual Clauses; and
            2. undertakes a transfer impact assessment in respect of such transfer and, as appropriate, implements any supplementary measures or changes to the provision of the Services necessary to comply with the ruling of the Court of Justice of the European Union (ECJ) dated 16 July 2020, Case C-311/18 Data Protection Commissioner v Facebook Ireland and Maximillian Schrems.

• Personnel

1. 1. 1. Aveni shall take reasonable steps to ensure the reliability of any Aveni personnel who may have access to the Customer personal data, ensuring in each case that: 
         1. access is limited to those individuals who need to access the relevant personal data, as necessary for the purposes set out in Annex 1 in the context of that individual’s duties to Aveni; and 
         2. all such individuals are informed of the confidential nature of the Customer personal data and are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

• Sub-processors

1. 1. 1. Aveni shall be entitled to:
         1. appoint or authorise any sub-processor to process (or to appoint or authorise another sub-processor to process) Customer personal data provided that it gives the Customer at least 30 days written notice of such proposed appointment (whether concerning the addition or replacement of sub-processors).  The Customer shall have the opportunity to, acting reasonably, object to such changes before the expiry of the notice period. If the Customer objects to any such change, it shall promptly provide to Aveni reasonable details (subject to any applicable legal or confidentiality constraints) of the basis of its objection.  The Customer shall promptly consider any further information provided by Aveni in response to an objection, and promptly withdraw such objection if the information provided by Aveni adequately addresses the objection.  
         2. Aveni’s sub-processors, as listed in Annex 1, are specifically approved by the Customer for use in connection with the performance of the Services. 
      2. With respect to each sub-processor appointed by Aveni, Aveni shall:
         1. undertake appropriate due diligence prior to the processing of Customer personal data by such sub-processor to verify that it is capable of providing the level of protection for Customer personal data required by this DPA;
         2. enter into a written agreement with the sub-processor incorporating terms which are compliant with the relevant requirements of Article 28 UK GDPR; and
         3. as between the Customer and Aveni, remain fully liable to the Customer for all acts or omissions of such sub-processor as though they were its own.

• Rights of data subjects

1. 1. 1. Taking into account the nature of the processing, Aveni shall assist the Customer by implementing appropriate technical and organisational measures, insofar as reasonably practicable, to facilitate the fulfilment by the Customer of its obligation to respond to requests from data subjects relating to the exercise of their rights under the Data Protection Laws.
      2. Aveni shall promptly notify the Customer if it:
         1. receives a request from a data subject under the Data Protection Laws in respect of any Customer personal data processed by Aveni as processor under this DPA, including any requests by a data subject to exercise rights under Chapter III of UK GDPR; or
         2. receives any communication from the Information Commissioner in connection with Customer personal data processed by Aveni under this DPA.
      3. Aveni shall, at the Customer’s cost, co-operate with, and provide all information and assistance reasonably requested by, the Customer to enable the Customer to comply with its obligations under the Data Protection Laws and in connection with any investigation of or management of or response to any personal data breach or any complaint, communication or request made as referred to in paragraph 5.2 (and insofar as possible within the timescales reasonably required by the Customer), including by promptly providing:
         1. the Customer with reasonable details and copies of the complaint, communication or request;
         2. assistance as reasonably requested by the Customer to enable it to comply with the exercise of rights by a data subject within the relevant timescales set out in the Data Protection Laws;
         3. assistance as reasonably requested by the Customer to comply with any assessment, enquiry, notice or investigation under any Data Protection Laws in respect of the Customer personal data, or with respect to any request from a supervisory authority, or any consultation by the Customer with a supervisory authority; 
         4. assistance as reasonably requested by the Customer following a personal data breach; and
         5. assistance as reasonably requested by the Customer: (a) with any data protection impact assessments which are required under Article 35 UK GDPR; and (b) with any prior consultations to any supervisory authority of the Customer which are required under Article 36 UK GDPR, in each case solely in relation to processing of the Customer personal data by Aveni (or any sub-processor) on behalf of the Customer and taking into account the nature of the processing and information available to Aveni (and/or the relevant sub-processor(s)).

• Notification of personal data breach

1. 1. 1. Aveni shall:
         1. notify the Customer without undue delay after determining that a personal data breach affecting Customer personal data processed by Aveni under this DPA has occurred (which determination it shall make as soon as reasonably possible after becoming aware of any relevant incident or circumstances);
         2. provide to the Customer relevant information in its possession that is not subject to confidentiality obligations that is requested by the Customer in relation to the notified personal data breach, including regarding the nature of the breach, the categories and approximate number of data subjects and records concerned, to enable the Customer to evaluate the impact of the personal data breach and to meet any obligations on the Customer to report the personal data breach to a supervisory authority and/or notify the affected data subjects in accordance with the Data Protection Laws; 
         3. if at the time of making the original notification described in paragraph 6.1(a), Aveni does not have available to it all the information referred to in paragraph 6.1(b), Aveni shall include in the original notification such information as it has available to it at that time, and then shall provide the further information referred to in paragraph 6.1(b) as soon as possible thereafter; and
         4. not inform any third party or make any announcement or publish or otherwise authorise any broadcast of any notice or information about a personal data breach without the prior written consent of the Customer acting reasonably (including consent as to the content, media and timing thereof), except to the extent: (a) notification of a personal data breach is required by Applicable Laws to which Aveni (or a sub-processor) is subject; or (b) such disclosure is required by contract to its other customers provided that, where providing notice to its other customers, it only provides details relating to that customer and does not provide any details relating to the Customer (or which would enable the Customer to be identified). 

• Processing records and data protection audits

1. 1. Subject to any measures reasonably necessary to protect any other confidential information Aveni holds in any relevant records, data processing systems or facilities, Aveni shall:
      1. allow its data processing facilities, procedures and documentation in relation to the Services to be submitted for scrutiny by the Customer’s auditors or any supervisory authority in order to ascertain compliance with the Data Protection Laws and the terms of this DPA; and 
      2. provide reasonable co-operation to the Customer in respect of any such audit and shall, at the request of the Customer, provide the Customer with reasonable evidence of compliance with its obligations under this DPA. 

The Customer shall provide at least 30 days’ prior written notice of any such audit, and shall undertake the audit at its own cost during Aveni’s normal business hours and in a manner that causes minimal disruption to Aveni’s business.

• Obligations upon expiry of this DPA

1. 1. Subject to paragraph 8.2, Aveni shall promptly and in any event within thirty (30) days of the expiry or termination of this DPA, at the Customer’s choice, either delete and/or return via API upon request by the Customer all copies of the Customer personal data processed by Aveni and/or its sub-processors on behalf of the Customer under this DPA.
   2. Aveni may (and may permit its sub-processors to) process and retain any Customer personal data where (but only to the extent that and for so long as) it is, or the relevant sub-processors are, obliged to do so by Applicable Laws provided that (except to the extent that it may be prohibited from doing so by that Applicable Laws) Aveni has first informed and consulted with the Customer of that obligation and complies with the Data Protection Laws in relation to that processing

• Governing law and jurisdiction

1. 1. This DPA is subject to the same governing law and jurisdiction as the Agreement.

Annex 1

Description of Processing Activities

• Subject matter and types of personal data

Personal details (title, first name, last name, gender, dependents, nationality, marital status), contact information (email address, address, phone number), employment details (job title, salary, employment status), financial status (income, outgoings, pension, property ownership, loans and mortgages, savings and investments, other assets), financial goals, details of insurance cover, internet protocol address, records of meetings and decisions and any other personal data which the Customer’s employee or staff may gather from their clients.

• Special category data

Health information, racial or ethnic origin, political or religious beliefs and any other special category personal data which the Customer’s employee or staff may gather from their clients.

• Duration of processing

Until the earliest of termination of this DPA in accordance with its terms or the date upon which processing is no longer necessary for the purposes of either party performing its respective obligations under this DPA (to the extent applicable).

• Nature and purpose of processing

To provide the Customer and the Authorised Users with the Services in accordance with the DPA. 

• Categories of data subject

The Customer’s clients, officers, employees and temporary staff.

• Sub-processors

Annex 2

Aveni Technical and Organisational Security Measures

1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risks to data subjects, Aveni shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. Aveni shall implement the following, as appropriate:

1. a)     the pseudonymisation and encryption of the personal data;

1. b)      the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

1. c)      the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and

1. d)      a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

2. As a minimum, Aveni shall implement the items set out below.

Organisational Measures

Aveni has in place the following policies:

• Data Protection Policy
• Personal data breach Policy
• IT Communications and Systems Policy
• Data Security Policy
• Business Continuity Policy

Technical Measures

Aveni shall implement the following measures, as appropriate:

• Firewalls
• Anti-malware
• Encryption of personal data
• Access controls
• Penetration testing
•    Vulnerability scanning