Platform Agreement
Commercial terms for subscribing to the assureOS platform
PARTIES
(1) Arqen Group LTD T/A AssureOS (company number 16770928, registered office at 20 Wenlock Road, London, England, N1 7GU) ("Provider" or "AssureOS" or "we" or "us"); and
(2) The organisation identified in the Order Form ("Client" or "you" or "your").
Each a "Party" and together the "Parties".
BACKGROUND
(A) AssureOS provides a cloud-based compliance and operational management platform designed for emergency services, healthcare providers, care organisations, and related sectors.
(B) The Client wishes to subscribe to specified modules of the Platform and related services on the terms set out in this Agreement.
(C) This Agreement sets out the universal terms applicable to all subscriptions, with specific module selections, pricing, and commercial terms documented in the Order Form.
IT IS AGREED as follows:
1. DEFINITIONS AND INTERPRETATION
1.1 Definitions
In this Agreement, unless the context otherwise requires:
"Affiliate" means any entity that directly or indirectly controls, is controlled by, or is under common control with a Party, where "control" means the ownership of more than 50% of the voting shares or equivalent ownership interest;
"Agreement" means this Platform Agreement, including all Schedules, the Order Form, and any documents expressly incorporated by reference;
"Applicable Law" means all applicable laws, regulations, regulatory requirements, and codes of practice in force from time to time in the United Kingdom, including without limitation UK GDPR, the Data Protection Act 2018, and sector-specific regulations applicable to the Client's operations;
"Authorised Users" means those employees, contractors, agents, and other personnel of the Client who are authorised by the Client to access and use the Platform in accordance with this Agreement;
"Business Day" means any day other than a Saturday, Sunday, or public holiday in England;
"Client Data" means all data, information, content, records, and materials uploaded to, stored on, processed by, or transmitted through the Platform by or on behalf of the Client or its Authorised Users, including Personal Data;
"Clinical Safety" means compliance with DCB0129, DCB0160, and related clinical risk management standards applicable to health IT systems;
"Commencement Date" means the date specified in the Order Form or, if not specified, the date on which the Client first accesses the Platform;
"Confidential Information" means all information disclosed by one Party to the other (whether in writing, orally, or by any other means) that is marked as confidential or that reasonably should be understood to be confidential given the nature of the information and circumstances of disclosure, including business plans, technical data, pricing, Client Data, and the terms of this Agreement;
"CQC" means the Care Quality Commission or any successor regulatory body;
"Data Protection Legislation" means the UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003, and all other applicable data protection and privacy legislation in force from time to time in the United Kingdom;
"Documentation" means the user guides, technical specifications, API documentation, help materials, and other documentation made available by AssureOS relating to the Platform;
"Fees" means the Subscription Fees, Usage Fees, and Professional Services Fees payable by the Client as specified in the Order Form and the Schedules to this Agreement;
"Force Majeure Event" means any event beyond the reasonable control of a Party, including acts of God, fire, flood, earthquake, pandemic, epidemic, acts of terrorism, war, civil unrest, government actions, power failures, internet or telecommunications failures, and failures of Third-Party Services;
"Initial Term" means the initial subscription period specified in the Order Form;
"Intellectual Property Rights" means patents, trademarks, service marks, trade names, domain names, copyrights, database rights, design rights, moral rights, know-how, trade secrets, rights in software, and all other intellectual property rights, whether registered or unregistered, and all applications and rights to apply for any of them, anywhere in the world;
"Malicious Code" means viruses, worms, Trojan horses, ransomware, spyware, or other harmful or malicious code, files, scripts, or programs;
"Modules" means the discrete functional components of the Platform to which the Client subscribes, as specified in the Order Form, which may include (without limitation) compliance tracking, workforce management, credential verification, training management, clinical records, and other functionality;
"NHS" means the National Health Service in England, Wales, Scotland, or Northern Ireland, as applicable;
"Order Form" means the order document executed by the Parties that specifies the Modules subscribed to, the number of Authorised Users, the Subscription Fees, the subscription term, and other commercial particulars;
"Personal Data" has the meaning given in the Data Protection Legislation;
"Platform" means the AssureOS cloud-based compliance and operational management platform, including all web applications, mobile applications, APIs, portals, and related software and services made available by AssureOS;
"Professional Services" means implementation, configuration, training, consultancy, integration, and other professional services provided by AssureOS as specified in Schedule 2 or any Statement of Work;
"Renewal Term" means each successive subscription period following the Initial Term, as described in Clause 12;
"Service Level Agreement" or "SLA" means the service level commitments set out in Schedule 3 (if applicable) or as otherwise agreed in writing;
"Statement of Work" or "SOW" means a document agreed between the Parties that describes specific Professional Services to be provided, including scope, deliverables, timelines, and fees;
"Subscription Fees" means the recurring fees payable for access to the subscribed Modules, as specified in the Order Form;
"Subscription Term" means the Initial Term and any Renewal Terms;
"Third-Party Services" means services, data, APIs, software, and products provided by third parties that may be integrated with or accessed through the Platform, including without limitation DVLA driving licence checks, MOT/vehicle checks, identity verification services, regulatory register lookups (HCPC, GMC, NMC, SIA, etc.), DBS checking services, and similar third-party integrations;
"UK GDPR" means the General Data Protection Regulation ((EU) 2016/679) as it forms part of the law of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018;
"Usage Fees" means the per-transaction or consumption-based fees for Usage Services, as set out in Schedule 1;
"Usage Services" means Platform features that incur per-use charges, including driving licence verification, vehicle checks, digital identity verification, and other services identified in Schedule 1;
"Virus" means any thing or device (including software, code, file, or program) which may prevent, impair, or otherwise adversely affect the operation of any computer software, hardware, or network, or which is designed to corrupt, damage, disrupt, or provide unauthorised access to any system or data.
1.2 Interpretation
In this Agreement, unless the context otherwise requires:
(a) references to clauses and Schedules are to clauses of and Schedules to this Agreement;
(b) headings are for convenience only and do not affect interpretation;
(c) the singular includes the plural and vice versa;
(d) references to "writing" or "written" include email;
(e) "includes" and "including" mean "includes without limitation" and "including without limitation";
(f) references to any statute or statutory provision include any subordinate legislation made under it and any amendments, re-enactments, or replacements of them from time to time; and
(g) a reference to a Party includes its permitted successors and assigns.
2. PLATFORM ACCESS AND LICENCE
2.1 Grant of Licence
Subject to the Client's compliance with this Agreement and payment of the applicable Fees, AssureOS grants to the Client a non-exclusive, non-transferable, revocable licence during the Subscription Term to:
(a) access and use the subscribed Modules for the Client's internal business operations;
(b) permit the number of Authorised Users specified in the Order Form to access and use the Platform; and
(c) use the Documentation in support of the Client's permitted use of the Platform.
2.2 Restrictions
The Client shall not, and shall ensure that its Authorised Users do not:
(a) sublicense, sell, resell, transfer, assign, distribute, or otherwise make available the Platform or any part thereof to any third party;
(b) modify, adapt, translate, or create derivative works based on the Platform;
(c) reverse engineer, disassemble, decompile, or otherwise attempt to derive the source code of the Platform, except to the extent expressly permitted by Applicable Law;
(d) access the Platform to build a competitive product or service or to copy any features, functions, or graphics;
(e) remove, alter, or obscure any proprietary notices on the Platform;
(f) use the Platform in any manner that could damage, disable, overburden, or impair AssureOS's servers or networks;
(g) use any robot, spider, scraper, or other automated means to access the Platform;
(h) introduce any Malicious Code or Virus;
(i) attempt to gain unauthorised access to the Platform, other accounts, computer systems, or networks;
(j) use the Platform in violation of Applicable Law; or
(k) use the Platform to store or transmit infringing, obscene, threatening, defamatory, or otherwise unlawful material.
2.3 Client Responsibilities
The Client is responsible for:
(a) maintaining the confidentiality of all login credentials and access keys;
(b) all activities that occur under its account or through its Authorised Users;
(c) ensuring that its use of the Platform complies with Applicable Law and any applicable professional standards, regulatory requirements, and codes of conduct;
(d) the accuracy, quality, integrity, and legality of Client Data;
(e) obtaining all necessary consents and authorisations required to upload, process, and transmit Client Data through the Platform;
(f) all operational, clinical, and care decisions made using or informed by information from the Platform;
(g) implementing appropriate internal policies, procedures, and training for Authorised Users; and
(h) notifying AssureOS promptly of any actual or suspected security breach or unauthorised access.
2.4 Platform as a Tool
THE CLIENT ACKNOWLEDGES AND AGREES THAT:(a) the Platform is a tool to assist the Client's compliance and operational management activities and is not a substitute for the Client's own professional judgment, due diligence, or regulatory obligations;
(b) the Platform does not guarantee compliance with any Applicable Law, regulatory requirement, or professional standard;
(c) ultimate responsibility for compliance, clinical decisions, operational management, and care delivery rests solely with the Client;
(d) AssureOS is not a regulated healthcare provider, care provider, or emergency service and does not provide clinical, care, or operational advice; and
(e) the Client should independently verify all information and maintain appropriate oversight of all Platform-assisted activities.
3. THIRD-PARTY SERVICES
3.1 Third-Party Integrations
The Platform may integrate with or facilitate access to Third-Party Services. The Client acknowledges that:
(a) Third-Party Services are provided by independent third parties and are subject to those third parties' terms, conditions, and privacy policies;
(b) AssureOS has no control over and accepts no responsibility for the availability, accuracy, completeness, reliability, or timeliness of Third-Party Services;
(c) Third-Party Services may be modified, suspended, or discontinued by the relevant third party at any time without notice; and
(d) data obtained from Third-Party Services is provided "as received" and AssureOS does not verify, validate, or guarantee such data.
3.2 Regulatory Data Sources
Where the Platform provides access to data from regulatory bodies (including but not limited to HCPC, GMC, NMC, SIA, CQC, DVLA, DVSA, DBS, and similar organisations), the Client acknowledges that:
(a) such data is sourced from publicly available registers or authorised third-party services;
(b) AssureOS does not guarantee that such data is current, complete, or accurate;
(c) there may be delays between changes to regulatory status and updates to the Platform;
(d) the Client remains responsible for independently verifying regulatory status where required by Applicable Law or best practice; and
(e) regulatory bodies may change their data availability, access methods, or terms at any time.
3.3 Third-Party Service Failures
ASSUREOS SHALL NOT BE LIABLE FOR ANY LOSS, DAMAGE, COST, OR EXPENSE ARISING FROM: (a) the unavailability, interruption, or failure of any Third-Party Service;
(b) errors, inaccuracies, or omissions in data provided by Third-Party Services;
(c) changes to Third-Party Services that affect Platform functionality;
(d) the acts or omissions of any third-party service provider; or
(e) the Client's reliance on Third-Party Services without independent verification. The Client's sole remedy for issues with Third-Party Services shall be to raise the matter with the relevant third-party provider directly.
4. FEES AND PAYMENT
4.1 Subscription Fees
The Client shall pay the Subscription Fees specified in the Order Form. Subscription Fees are based on the Modules subscribed to, the number of Authorised Users, and the subscription tier selected. Unless otherwise stated in the Order Form:
(a) Subscription Fees are invoiced annually in advance;
(b) all Subscription Fees are non-refundable; and
(c) any increase in Authorised Users or additional Modules will be subject to additional Subscription Fees, pro-rated for the remainder of the then-current billing period.
4.2 Usage Fees
The Client shall pay Usage Fees for Usage Services in accordance with the rates set out in Schedule 1. Usage Fees are calculated based on actual consumption and are invoiced monthly in arrears unless otherwise agreed. AssureOS reserves the right to update Usage Fee rates upon 30 days' written notice, with updated rates applying to Usage Services consumed after the effective date of the change.
4.3 Professional Services Fees
Professional Services shall be charged in accordance with the rate card set out in Schedule 2 or as specified in the applicable Statement of Work. Unless otherwise agreed, Professional Services are invoiced monthly in arrears based on time and materials expended.
4.4 Payment Terms
All invoices are payable within 30 days of the invoice date unless otherwise specified in the Order Form. All Fees are exclusive of VAT, which shall be added at the prevailing rate where applicable. If the Client fails to pay any amount due by the due date, AssureOS may:
(a) charge interest on the overdue amount at 4% per annum above the Bank of England base rate;
(b) suspend access to the Platform until all outstanding amounts are paid; and
(c) exercise any other remedies available under this Agreement or at law.
4.5 Price Increases
AssureOS may increase Subscription Fees at the start of any Renewal Term by providing at least 60 days' written notice before the end of the then-current term. If the Client does not agree to the increase, it may terminate this Agreement by providing written notice before the start of the Renewal Term.
4.6 Disputed Invoices
If the Client disputes any invoice in good faith, it must notify AssureOS in writing within 14 days of the invoice date, specifying the nature of the dispute. The Client shall pay all undisputed amounts by the due date. The Parties shall use reasonable efforts to resolve any dispute promptly.
5. DATA PROTECTION
5.1 Roles and Responsibilities
The Parties acknowledge that:
(a) for the purposes of Data Protection Legislation, the Client is the Controller and AssureOS is the Processor of Personal Data processed through the Platform;
(b) the subject matter, duration, nature, purpose, types of Personal Data, and categories of Data Subjects are as described in Schedule 4 (Data Processing Agreement) or the Order Form; and
(c) both Parties shall comply with their respective obligations under Data Protection Legislation.
5.2 AssureOS's Processing Obligations
When processing Personal Data on behalf of the Client, AssureOS shall:
(a) process Personal Data only on documented instructions from the Client, unless required to process by Applicable Law;
(b) ensure that persons authorised to process Personal Data are bound by appropriate confidentiality obligations;
(c) implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk;
(d) not engage sub-processors without the Client's prior written consent (which may be given generally in this Agreement) and ensure that sub-processors are bound by equivalent data protection obligations;
(e) assist the Client in responding to requests from Data Subjects exercising their rights under Data Protection Legislation;
(f) assist the Client in ensuring compliance with its obligations regarding security, breach notification, impact assessments, and prior consultation;
(g) at the Client's choice, delete or return all Personal Data after the end of the provision of services (subject to Applicable Law requiring retention); and
(h) make available to the Client all information necessary to demonstrate compliance and allow for and contribute to audits and inspections.
5.3 UK Data Residency
AssureOS confirms that Client Data, including Personal Data, shall be stored and processed in data centres located in the United Kingdom. If any transfer of Personal Data outside the United Kingdom is required, AssureOS shall ensure that appropriate safeguards are in place as required by Data Protection Legislation.
5.4 Security Incident Notification
AssureOS shall notify the Client without undue delay (and in any event within 72 hours) upon becoming aware of any Personal Data breach affecting Client Data. Such notification shall include, to the extent known:
(a) a description of the nature of the breach;
(b) the categories and approximate numbers of Data Subjects affected;
(c) the likely consequences of the breach; and
(d) measures taken or proposed to address the breach.
5.5 Sub-Processors
The Client provides general authorisation for AssureOS to engage sub-processors for the processing of Personal Data. AssureOS shall maintain a list of sub-processors and notify the Client of any intended changes, giving the Client an opportunity to object on reasonable grounds. If the Client objects, the Parties shall discuss the matter in good faith; if the objection cannot be resolved, the Client may terminate the affected services.
6. CLINICAL SAFETY (WHERE APPLICABLE)
6.1 DCB0129 Compliance
Where the Platform or any Module is classified as a Health IT System under NHS Digital standards, AssureOS shall:
(a) maintain compliance with DCB0129 (Clinical Risk Management: its Application in the Manufacture of Health IT Systems) or successor standards;
(b) conduct and maintain a Clinical Risk Management System;
(c) produce and maintain a Clinical Safety Case Report and Hazard Log for the Platform; and
(d) make Clinical Safety documentation available to NHS clients upon reasonable request.
6.2 DCB0160 Compliance (Client)
Where the Client is an NHS organisation or a provider using the Platform for NHS purposes, the Client shall:
(a) comply with DCB0160 (Clinical Risk Management: its Application in the Deployment and Use of Health IT Systems) or successor standards;
(b) conduct its own clinical risk assessment for the deployment and use of the Platform in its environment;
(c) appoint a Clinical Safety Officer as required; and
(d) report any clinical safety incidents to AssureOS and relevant authorities as required.
6.3 Clinical Safety Disclaimer
THE CLIENT ACKNOWLEDGES THAT: (a) clinical safety compliance is a shared responsibility between AssureOS (as manufacturer) and the Client (as deploying organisation);
(b) AssureOS's clinical safety activities relate to the Platform as provided and do not address risks arising from the Client's specific deployment, configuration, integration, or use;
(c) the Platform is not a medical device and is not intended to diagnose, treat, cure, or prevent any disease or condition; and
(d) all clinical decisions remain the sole responsibility of appropriately qualified healthcare professionals employed or engaged by the Client.
7. INTELLECTUAL PROPERTY
7.1 AssureOS IP
AssureOS (and its licensors, where applicable) owns all Intellectual Property Rights in the Platform, Documentation, and any improvements, modifications, or derivative works thereof. Nothing in this Agreement transfers any Intellectual Property Rights to the Client, except for the limited licence expressly granted herein.
7.2 Client Data
The Client (and its licensors, where applicable) owns all rights in the Client Data. The Client grants AssureOS a non-exclusive, royalty-free, worldwide licence to use, copy, store, process, and transmit Client Data solely to the extent necessary to provide the Platform and perform its obligations under this Agreement.
7.3 Feedback
If the Client provides AssureOS with any feedback, suggestions, or ideas regarding the Platform ("Feedback"), the Client grants AssureOS a perpetual, irrevocable, royalty-free, worldwide licence to use, modify, and incorporate such Feedback into the Platform and AssureOS's other products and services without obligation to the Client.
7.4 Aggregated and Anonymised Data
AssureOS may collect, use, and disclose aggregated, anonymised, or de-identified data derived from Client Data for analytics, benchmarking, service improvement, research, and other lawful purposes, provided such data does not identify the Client or any individual.
8. CONFIDENTIALITY
8.1 Confidentiality Obligations
Each Party shall:
(a) keep the other Party's Confidential Information confidential;
(b) not disclose Confidential Information to any third party without the prior written consent of the disclosing Party, except to employees, contractors, and advisers who need to know and are bound by equivalent confidentiality obligations;
(c) not use Confidential Information for any purpose other than performing obligations or exercising rights under this Agreement; and
(d) protect Confidential Information using the same degree of care it uses to protect its own confidential information, but in no event less than reasonable care.
8.2 Permitted Disclosures
A Party may disclose Confidential Information:
(a) to the extent required by Applicable Law, court order, or governmental or regulatory authority, provided that (where legally permitted) the disclosing Party gives prior notice to the other Party;
(b) to its professional advisers on a confidential basis; or
(c) with the prior written consent of the other Party.
8.3 Exclusions
Confidentiality obligations do not apply to information that:
(a) is or becomes publicly available through no fault of the receiving Party;
(b) was rightfully in the receiving Party's possession before disclosure;
(c) is independently developed by the receiving Party without use of Confidential Information; or
(d) is rightfully obtained from a third party without restriction.
9. WARRANTIES AND DISCLAIMERS
9.1 AssureOS Warranties
AssureOS warrants that:
(a) it has the right to grant the licences contained in this Agreement;
(b) the Platform will perform substantially in accordance with the Documentation under normal use;
(c) it will provide the Platform using reasonable skill and care; and
(d) it will use commercially reasonable efforts to ensure the Platform is free from Malicious Code.
9.2 Disclaimer of Warranties
EXCEPT AS EXPRESSLY SET OUT IN THIS AGREEMENT, THE PLATFORM AND ALL RELATED SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE". TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ASSUREOS EXPRESSLY DISCLAIMS ALL WARRANTIES, CONDITIONS, AND REPRESENTATIONS OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WITHOUT LIMITATION:(a) any warranties of merchantability, fitness for a particular purpose, title, non-infringement, or quiet enjoyment;
(b) any warranties arising from course of dealing, usage, or trade practice;
(c) any warranties that the Platform will meet the Client's requirements, achieve any intended results, or be compatible with any other software, systems, or services;
(d) any warranties that the Platform will be uninterrupted, timely, secure, or error-free;
(e) any warranties regarding the accuracy, reliability, completeness, or currency of any information, data, or content accessed through the Platform;
(f) any warranties that Client Data will not be lost, damaged, or corrupted; and (g) any warranties regarding Third-Party Services.
9.3 No Guarantee of Compliance
ASSUREOS DOES NOT WARRANT OR REPRESENT THAT USE OF THE PLATFORM WILL:(a) ensure the Client's compliance with any Applicable Law, regulatory requirement, professional standard, or contractual obligation;
(b) satisfy any regulatory inspection, audit, or accreditation requirement;
(c) prevent any adverse regulatory action, penalty, or sanction;
(d) guarantee any particular outcome in clinical, operational, or care settings; or
(e) substitute for the Client's own compliance programmes, policies, and professional oversight.
THE CLIENT ASSUMES ALL RISK AND RESPONSIBILITY FOR COMPLIANCE DECISIONS, OPERATIONAL JUDGMENTS, AND CARE DELIVERY.9.4 Client Warranties
The Client warrants that:
(a) it has the authority to enter into this Agreement and to grant the licences contained herein;
(b) Client Data and its use by AssureOS as contemplated by this Agreement do not infringe any third party's Intellectual Property Rights or other rights;
(c) all Client Data has been collected and will be processed in compliance with Data Protection Legislation;
(d) it has obtained all necessary consents and authorisations for the processing of Personal Data through the Platform; and
(e) it will use the Platform only in accordance with this Agreement and Applicable Law.
10. LIMITATION OF LIABILITY
10.1 Exclusion of Certain Losses
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, NEITHER PARTY SHALL BE LIABLE TO THE OTHER FOR:(a) any indirect, incidental, special, consequential, punitive, or exemplary damages;
(b) any loss of profits, revenue, business, contracts, anticipated savings, or goodwill;
(c) any loss of data (except as specifically provided in Clause 10.5);
(d) any loss of use or corruption of software, data, or information;
(e) any regulatory fines, penalties, sanctions, or enforcement costs;
(f) any costs of regulatory compliance, remediation, or corrective actions;
(g) any losses arising from clinical, operational, or care decisions;
(h) any third-party claims against the other Party; or
(i) any losses that were not reasonably foreseeable at the time of entering into this Agreement, in each case whether arising from contract, tort (including negligence), breach of statutory duty, or otherwise, even if that Party has been advised of the possibility of such damages.
10.2 Cap on Liability
SUBJECT TO CLAUSES 10.4 AND 10.5, ASSUREOS'S TOTAL AGGREGATE LIABILITY ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, WHETHER ARISING FROM CONTRACT, TORT (INCLUDING NEGLIGENCE), BREACH OF STATUTORY DUTY, OR OTHERWISE, SHALL NOT EXCEED THE TOTAL FEES PAID BY THE CLIENT TO ASSUREOS UNDER THIS AGREEMENT IN THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE CLAIM.10.3 Client's Cap on Liability
Subject to Clause 10.4, the Client's total aggregate liability arising out of or in connection with this Agreement shall not exceed the greater of:
(a) the total Fees paid or payable by the Client under this Agreement in the 12-month period immediately preceding the event giving rise to the claim; or
(b) £100,000.
10.4 Unlimited Liability
Nothing in this Agreement shall limit or exclude either Party's liability for:
(a) death or personal injury caused by its negligence;
(b) fraud or fraudulent misrepresentation;
(c) any liability which cannot be limited or excluded by Applicable Law;
(d) breach of Clause 8 (Confidentiality) up to a maximum of £500,000 per claim; or
(e) the Client's payment obligations for Fees properly due under this Agreement.
10.5 Data Loss
ASSUREOS'S SOLE LIABILITY AND THE CLIENT'S SOLE REMEDY FOR ANY LOSS, DAMAGE, OR CORRUPTION OF CLIENT DATA SHALL BE LIMITED TO ASSUREOS USING REASONABLE COMMERCIAL EFFORTS TO RESTORE SUCH DATA FROM THE MOST RECENT BACKUP AVAILABLE.AssureOS shall not be liable for any loss of data caused by:
(a) the Client's acts or omissions, including failure to maintain adequate backups;
(b) Authorised User actions or errors;
(c) Third-Party Services;
(d) Force Majeure Events;
(e) Malicious Code introduced by the Client or Authorised Users; or
(f) the Client's failure to comply with security requirements or recommendations.
10.6 Allocation of Risk
The Parties agree that the limitations and exclusions of liability in this Clause 10 are reasonable given the nature of the Platform, the Fees charged, the availability of insurance, and the allocation of risks between the Parties. Each Party has had the opportunity to take independent legal advice regarding these provisions.
10.7 Specific Exclusions
WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, ASSUREOS SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE ARISING FROM OR RELATED TO:(a) the Client's compliance failures, regulatory breaches, or enforcement actions;
(b) the Client's operational or clinical decisions, whether or not informed by Platform data;
(c) patient, service user, or client outcomes;
(d) the Client's failure to verify data obtained from the Platform or Third-Party Services;
(e) the Client's misconfiguration or misuse of the Platform;
(f) actions taken by Authorised Users;
(g) integration with the Client's systems, third-party software, or custom developments;
(h) the unavailability or failure of Third-Party Services;
(i) the Client's failure to implement appropriate internal controls, policies, or procedures; or
(j) any matters outside AssureOS's reasonable control.
11. INDEMNIFICATION
11.1 Client Indemnity
The Client shall indemnify, defend, and hold harmless AssureOS, its Affiliates, and their respective directors, officers, employees, agents, and contractors from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from or related to:(a) the Client's breach of this Agreement;
(b) the Client's violation of Applicable Law;
(c) the Client Data, including any claims that Client Data infringes any third party's rights;
(d) the Client's use of the Platform, including any claims by patients, service users, clients, or other third parties;
(e) any regulatory investigation, enforcement action, or proceeding against the Client;
(f) the acts or omissions of Authorised Users;
(g) the Client's operational, clinical, or care decisions;
(h) the Client's failure to obtain required consents or authorisations;
(i) the Client's integration of the Platform with third-party systems; or
(j) any claims by the Client's employees, contractors, or agents.
11.2 AssureOS Indemnity
AssureOS shall indemnify, defend, and hold harmless the Client from and against any third-party claim that the Platform (excluding Third-Party Services and Client Data) infringes any United Kingdom patent, copyright, or trademark, provided that:
(a) the Client gives AssureOS prompt written notice of the claim;
(b) the Client gives AssureOS sole control of the defence and settlement; and
(c) the Client provides reasonable assistance at AssureOS's expense.
11.3 Infringement Remedies
If any claim is made or likely to be made that the Platform infringes a third party's rights, AssureOS may at its option:
(a) procure the right for the Client to continue using the Platform;
(b) modify the Platform so it becomes non-infringing without material reduction in functionality;
(c) replace the Platform with a non-infringing equivalent; or
(d) if none of the foregoing is commercially practicable, terminate this Agreement and refund any prepaid Fees for the remainder of the Subscription Term.
This Clause 11.3 states AssureOS's entire liability and the Client's sole remedy for infringement claims.
11.4 Exclusions from AssureOS Indemnity
AssureOS shall have no obligation under Clause 11.2 for any claim arising from:
(a) modification of the Platform by anyone other than AssureOS;
(b) combination of the Platform with other products, services, or data not provided by AssureOS;
(c) use of the Platform other than in accordance with this Agreement and the Documentation;
(d) the Client's failure to use corrections or updates made available by AssureOS;
(e) Client Data; or
(f) Third-Party Services.
12. TERM AND TERMINATION
12.1 Term
This Agreement commences on the Commencement Date and continues for the Initial Term specified in the Order Form. Upon expiry of the Initial Term, this Agreement will automatically renew for successive Renewal Terms of the same duration as the Initial Term, unless either Party gives written notice of non-renewal at least 60 days before the end of the then-current term.
12.2 Termination for Breach
Either Party may terminate this Agreement immediately by written notice if:
(a) the other Party commits a material breach of this Agreement and (where the breach is capable of remedy) fails to remedy the breach within 30 days of receiving written notice specifying the breach;
(b) the other Party becomes insolvent, enters into administration, receivership, or liquidation, makes an arrangement with its creditors, or ceases to carry on business; or
(c) any event occurs which, under Applicable Law, has a similar effect to any of the foregoing.
12.3 Termination for Convenience
The Client may terminate this Agreement for convenience by providing at least 90 days' written notice to AssureOS. In such case, the Client shall remain liable for all Fees due for the remainder of the then-current Subscription Term.
12.4 Suspension
AssureOS may suspend access to the Platform immediately without notice if:
(a) the Client fails to pay any Fees when due;
(b) AssureOS reasonably believes the Client is in material breach of this Agreement;
(c) required by Applicable Law or any governmental or regulatory authority;
(d) AssureOS reasonably believes suspension is necessary to protect the security or integrity of the Platform; or
(e) the Client's use of the Platform poses a risk to other users or to AssureOS's systems. AssureOS shall use reasonable efforts to limit the scope and duration of any suspension and to notify the Client promptly.
12.5 Effect of Termination
Upon termination or expiry of this Agreement:
(a) all rights and licences granted to the Client shall immediately cease;
(b) the Client shall cease using the Platform and delete or return all copies of Documentation and Confidential Information;
(c) the Client shall pay all outstanding Fees;
(d) each Party shall return or destroy the other Party's Confidential Information (subject to Applicable Law requiring retention); and
(e) AssureOS shall make Client Data available for export for a period of 30 days following termination, after which AssureOS may delete all Client Data.
12.6 Data Export
During the 30-day period following termination, the Client may export Client Data using the Platform's standard export functionality or by requesting a data export from AssureOS (which may be subject to reasonable Professional Services fees if assistance is required). AssureOS shall provide Client Data in a commonly used, machine-readable format. The Client is responsible for exporting all required data within this period.
12.7 Survival
The following Clauses shall survive termination or expiry of this Agreement: Clause 1 (Definitions), Clause 7 (Intellectual Property), Clause 8 (Confidentiality), Clause 9.2 and 9.3 (Disclaimers), Clause 10 (Limitation of Liability), Clause 11 (Indemnification), and this Clause 12.7, together with any other provisions that by their nature should survive.
13. NHS AND PUBLIC SECTOR PROVISIONS
13.1 Application
This Clause 13 applies where the Client is an NHS organisation, a public sector body, or an organisation providing services under an NHS or public sector contract.
13.2 NHS Specific Terms
Where required, AssureOS shall:
(a) comply with the NHS Data Security and Protection Toolkit (DSPT) or equivalent successor requirements;
(b) support the Client's compliance with NHS Standard Contract requirements;
(c) co-operate with NHS Digital and relevant NHS bodies as reasonably required; and
(d) comply with any mandatory NHS terms that cannot be excluded by agreement.
13.3 HSCN Connectivity
Where the Client requires Health and Social Care Network (HSCN) connectivity, this shall be subject to separate agreement and may incur additional fees. AssureOS does not guarantee HSCN connectivity and shall not be liable for any inability to achieve or maintain such connectivity.
13.4 Public Sector Provisions
Where required by Applicable Law or the terms of a public sector framework (such as G-Cloud), this Agreement shall be read subject to any mandatory provisions of such frameworks. In the event of conflict between this Agreement and mandatory framework terms, the mandatory terms shall prevail to the extent of the conflict.
13.5 Freedom of Information
The Client acknowledges that AssureOS may be required to disclose information relating to this Agreement under the Freedom of Information Act 2000 or the Environmental Information Regulations 2004. AssureOS shall consult with the Client before making any such disclosure where practicable.
14. GENERAL PROVISIONS
14.1 Notices
Any notice under this Agreement shall be in writing and sent to the address or email specified in the Order Form. Notices are deemed received:
(a) if delivered by hand, on the day of delivery;
(b) if sent by prepaid first class post, on the second Business Day after posting; or
(c) if sent by email, on the next Business Day after sending (unless a delivery failure notification is received).
14.2 Assignment
The Client may not assign, transfer, or sub-contract any of its rights or obligations under this Agreement without AssureOS's prior written consent. AssureOS may assign or transfer its rights and obligations under this Agreement to any Affiliate or in connection with a merger, acquisition, or sale of all or substantially all of its assets.
14.3 Entire Agreement
This Agreement constitutes the entire agreement between the Parties regarding its subject matter and supersedes all prior agreements, understandings, and negotiations. Each Party acknowledges that it has not relied on any representation, warranty, or undertaking not expressly set out in this Agreement.
14.4 Variation
No variation of this Agreement shall be effective unless in writing and signed by both Parties. AssureOS may update the terms of this Agreement from time to time by providing at least 30 days' notice; continued use of the Platform after such notice constitutes acceptance of the updated terms.
14.5 Waiver
No failure or delay by either Party in exercising any right under this Agreement shall operate as a waiver of that right. A waiver of any breach shall not constitute a waiver of any subsequent breach.
14.6 Severability
If any provision of this Agreement is found to be invalid, illegal, or unenforceable, the remaining provisions shall continue in full force and effect. The Parties shall negotiate in good faith to replace any invalid provision with a valid provision that achieves the original intent as closely as possible.
14.7 Third Party Rights
A person who is not a Party to this Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of its terms, except that AssureOS's Affiliates may enforce the indemnification and limitation of liability provisions.
14.8 Force Majeure
Neither Party shall be liable for any failure or delay in performing its obligations (other than payment obligations) caused by a Force Majeure Event, provided that the affected Party:
(a) promptly notifies the other Party of the Force Majeure Event;
(b) uses reasonable efforts to mitigate its effects; and
(c) resumes performance as soon as reasonably practicable. If a Force Majeure Event continues for more than 60 days, either Party may terminate this Agreement on written notice.
14.9 Governing Law and Jurisdiction
This Agreement and any dispute or claim arising out of or in connection with it shall be governed by and construed in accordance with the law of England and Wales. Each Party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement.
SIGNATURE
This Agreement has been executed by the Parties on the date specified in the Order Form.
| For and on behalf of AssureOS:Signature: ______________________________Name: ______________________________Title: ______________________________Date: ______________________________ | For and on behalf of the Client:Signature: ______________________________Name: ______________________________Title: ______________________________Date: ______________________________ |
|---|
1. SUBSCRIPTION FEES
Subscription Fees for subscribed Modules are as specified in the Order Form. Subscription Fees vary based on the Modules selected, number of Authorised Users, organisation size, and subscription tier.
2. USAGE FEES
The following Usage Fees apply to Usage Services consumed through the Platform. All prices are exclusive of VAT.
2.1 Driving Licence Verification
| Service | Unit | Price (excl. VAT) |
|---|---|---|
| DVLA Driving Licence Check (standard) | Per check | £2.50 |
| DVLA Driving Licence Check (with endorsement details) | Per check | £3.50 |
2.2 Vehicle Verification
| Service | Unit | Price (excl. VAT) |
|---|---|---|
| MOT Status Check | Per check | £1.50 |
| Vehicle Tax Status Check | Per check | £1.50 |
| Full Vehicle Check (MOT, Tax, Insurance) | Per check | £3.00 |
2.3 Digital Identity Verification
| Service | Unit | Price (excl. VAT) |
|---|---|---|
| Right to Work Check | Per check | £10.00 |
2.4 DBS Services
| Service | Unit | Price (excl. VAT) |
|---|---|---|
| Enhanced DBS with Barred Lists | Per application | £75.00 |
Note: DBS fees are set by the Disclosure and Barring Service and are passed through at cost. Current DBS fees are available at www.gov.uk/dbs-check-costs.
3. VOLUME DISCOUNTS
Volume discounts may be available for high-volume Usage Services. Please contact AssureOS for a custom pricing quotation if you anticipate significant usage volumes.
4. PRICE CHANGES
AssureOS reserves the right to update Usage Fees upon 30 days' written notice. Updated rates will apply to Usage Services consumed after the effective date of the change. Price changes will not affect Usage Services already consumed.
5. INVOICING
Usage Fees are invoiced monthly in arrears based on actual consumption recorded by the Platform during the billing period. Detailed usage reports are available through the Platform.
6. THIRD-PARTY PASS-THROUGH COSTS
Where Usage Services incur third-party fees (such as DBS application fees), these are passed through at cost in addition to the AssureOS processing fees shown above.
SCHEDULE 2 PROFESSIONAL SERVICES RATE CARD1. PROFESSIONAL SERVICES OVERVIEW
AssureOS offers Professional Services to support implementation, customisation, integration, training, and ongoing consultancy. Professional Services are provided on a time and materials basis unless a fixed-price engagement is agreed in a Statement of Work.
2. RATE CARD
The following daily rates apply to Professional Services. All rates are exclusive of VAT.
| Role | Daily Rate | Half-Day Rate |
|---|---|---|
| Technical Consultant | £750 | £400 |
| Senior Technical Consultant | £950 | £500 |
| Solutions Architect | £1,100 | £575 |
| Project Manager | £800 | £425 |
| Implementation Specialist | £700 | £375 |
| Training Specialist | £650 | £350 |
| Clinical Safety Specialist | £1,000 | £525 |
| Data Migration Specialist | £850 | £450 |
| Integration Specialist | £900 | £475 |
A day is defined as 8 working hours. A half-day is defined as 4 working hours.
3. TYPES OF PROFESSIONAL SERVICES
3.1 Implementation Services
Platform configuration, data migration, user setup, workflow configuration, and go-live support. Typical implementation projects range from 2-20 days depending on complexity.
3.2 Integration Services
API integration, third-party system connectivity, SSO configuration, and custom data feeds. Quoted on a project basis following scoping.
3.3 Training Services
Administrator training, end-user training, train-the-trainer programmes, and custom training material development. Training can be delivered on-site or remotely.
3.4 Consultancy Services
Compliance advisory, process optimisation, best practice guidance, and strategic planning support.
3.5 Clinical Safety Services
Support with DCB0160 compliance, clinical risk assessments, hazard log development, and clinical safety case documentation.
3.6 Custom Development
Bespoke functionality, custom reports, workflow automation, and tailored solutions. Quoted on a project basis following detailed requirements gathering.
4. ENGAGEMENT PROCESS
Professional Services engagements typically follow this process:
(a) Scoping discussion to understand requirements
(b) Proposal or Statement of Work preparation
(c) Client approval and scheduling
(d) Service delivery
(e) Sign-off and invoicing
5. TERMS OF ENGAGEMENT
5.1 Booking and Cancellation
Professional Services should be booked at least 5 Business Days in advance. Cancellations with less than 3 Business Days' notice may be charged at 50% of the scheduled fee.
5.2 Travel and Expenses
On-site Professional Services may incur additional travel and accommodation expenses, charged at cost with receipts. Travel time exceeding 2 hours may be charged at 50% of the applicable daily rate.
5.3 Out-of-Hours Work
Work performed outside normal business hours (9am-6pm Monday to Friday) or on weekends or public holidays will be charged at 150% of the standard rate.
5.4 Fixed-Price Engagements
For defined-scope projects, AssureOS may offer fixed-price quotations. Fixed-price engagements will be documented in a Statement of Work specifying scope, deliverables, timeline, assumptions, and payment terms.
6. INVOICING
Professional Services are invoiced monthly in arrears based on time recorded, or in accordance with the payment milestones specified in the applicable Statement of Work.
7. RATE REVIEWS
AssureOS reserves the right to review and update Professional Services rates annually. Rate changes will be communicated with at least 60 days' notice and will not affect engagements already in progress or formally scheduled.