top of page

Terms and Conditions 

ATTENDANCE TERMS:

These are the terms (the “Agreement”) that govern your attendance at and/or participation in an AI Tech UK (referred to herein as the “Event”).

By registering for the Event, you are agreeing to these terms, which form a legal contract between AI Tech UK Ltd trading as “AI Tech UK”, and the registered attendee and/or participant (“you”). If you are registering on behalf of another it is your responsibility to ensure that the person attending is aware of these terms and accepts them, and by completing the registration you are warranting that you have made the attendee aware of these terms and that they have accepted these terms.

1. Event admission

1.1. Admittance. Your registration entitles you to admittance to the Event. All other costs associated with your attendance (including without limitation any travel and/or accommodation expenses) shall be borne solely by you and AI Tech UK shall have not liability for such costs.

1.2. Termination. You acknowledge that AI Tech UK reserves the right to request your removal from the Event if AI Tech UK, in its sole discretion, considers your presence and/or behaviour to create a disruption or to hinder the Event and/or the enjoyment of the Event by other attendees or speakers.

1.3. Media. By attending the Event you acknowledge and agree to grant AI Tech UK the right at the Event to record, film, photograph or capture your likeness in any media now available and hereafter developed and to distribute, broadcast, use or otherwise globally to disseminate, in perpetuity, such media without any further approval from you or any payment to you. This grant to AI Tech UK includes, but is not limited to, the right to edit such media, the right to use the media alone or together with other information, and the right to allow others to use and/or disseminate the media.

1.4. Event Content. You acknowledge and agree that AI Tech UK, in its sole discretion, reserves the right to change any and all aspects of the Event, including but not limited to, the Event name, themes, content, program, speakers, performers, hosts, moderators, venue and time.

2. Fee(s)

2.1. Payment. The payment of the applicable fee(s) for the Event is due upon registration. If such payment is insufficient or declined for any reason AI Tech UK may refuse to admit you to the Event and shall have no liability in that regard.

2.2. Taxes. The fee(s) may be subject sales tax, value added tax, or any other taxes and duties which, if applicable, will be charged to you in addition to the fee(s).

3. Substitution and cancellation policy

3.1 After registering for the Event, if you cancel your attendance more than 2 weeks prior to the date of the Event, you will receive an 80% refund of the amount of your payment. If you cancel within 2 weeks of the date of the Event, you will not be eligible for a refund; however, substitutions (subject to availability) may be arranged at the sole discretion of AI Tech UK.

4. Privacy policy

4.1. AI Tech UK is committed to protecting the privacy of its customers. AI Tech UK is an organization, that operates a strict privacy policy, which is available at: Privacy policy | AI Tech UK (ai-tech.uk)

5. Intellectual property

5.1. All intellectual property rights in and to the Event, the Event content and all materials distributed at or in connection with the Event are owned by AI Tech UK Limited and/or the Event sponsors or speakers presenting at the Event. You may not use or reproduce or allow anyone to use or reproduce any trademarks (including without limitation “AI Tech UK" “Smart Ethics” “National AI Accelerator Programme”) or other trade names appearing at the Event, in any Event content and/or in any materials distributed at or in connection with the Event for any reason without the prior written permission of AI Tech UK Ltd.

5.2. For the avoidance of doubt, nothing in this Agreement shall be deemed to vest in you any legal or beneficial right in or to any trademarks or other intellectual property rights owned or used under licence by AI Tech UK Ltd or any of its affiliates or grant to you any right or licence to any other intellectual property rights of AI Tech UK Limited or its affiliates, all of which shall at all times remain the exclusive property of AI Tech UK Limited and its affiliates.

6. Warranties and limitation of liability

6.1. AI Tech UK gives no warranties in respect of any aspect of the Event or any materials related thereto or offered at the Event and, to the fullest extent possible under the laws governing this Agreement, disclaims all implied warranties, including but not limited to warranties of fitness for a particular purpose, accuracy, timeliness and merchantability. Neither AI Tech UK nor its affiliates can accept any responsibility or liability for reliance by you or any person on any aspect of the Event and/or any information provided at the Event.

 

6.2. Other than to the extent required as a matter of law: (i) neither AI Tech UK nor its affiliates shall be liable for any direct, indirect, special, incidental, or consequential costs, damages or losses arising directly or indirectly from the Event or other aspect related thereto or in connection with this Agreement.

6.3. The maximum aggregate liability of AI Tech UK for any claim in any way connected with therewith or this Agreement whether in contract, tort or otherwise (including any negligent act or omission) shall be limited to the amount paid by you to AI Tech UK under this Agreement to attend the Event.

7. Governing law and jurisdiction

7.1. If you are a business, any dispute or claim arising out of or in connection with a contract between us or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales and the courts of England and Wales shall have exclusive jurisdiction to settle any such dispute or claim.

 

PARTNERSHIP TERMS: 

1. Non-compete: Advisor/Board Member agrees not to engage in any business activities or operations that directly compete with the services provided by AI Tech UK within the specified geographic region or industries for a period of three years after the termination of this agreement. 

2. Non-Solicitation: During the term of this engagement and for a period of [3 years] thereafter, the Advisor/Board Member shall not directly or indirectly solicit, entice, or engage in business transactions with AI Tech UK's clients, partners, employees, or affiliates for their own benefit or that of a third party. 

3.IP Protection: Advisor/Board Member agrees that any intellectual property, including but not limited to trademarks, service marks, copyrights, and trade secrets, associated with the services provided by AI Tech UK shall remain the exclusive property of Smart Ethics. You shall not use, reproduce, or imitate such intellectual property without explicit written consent. 

4. Confidentiality: Advisor/Board Member acknowledges that any information, data, processes, strategies, or business models shared by AI Tech UK during the course of this agreement are proprietary and confidential. You agree not to use, disclose, or replicate this information for the purpose of developing similar services or products. 

5. Non-Use of Proprietary Information: Advisor/Board Member acknowledges that any proposals, presentations, strategies, methodologies, or other information provided by AI Tech UK are proprietary and confidential. You agree not to use, share, or replicate this information for their own business purposes or to develop similar proposals without explicit written consent. 

6. Liability: Advisor/Board Member shall indemnify and hold harmless AI Tech UK from any and all claims, liabilities, costs, and expenses arising from the breach of any clause within this agreement, including but not limited to the non-compete and confidentiality clauses.  

7. Termination: Either party may terminate this agreement with 30 days’ written notice to the other party. Termination may occur in the event of material breach, insolvency, or as mutually agreed upon by both parties. 

 

8. The terms and conditions could evolve as AI Tech UK scales internationally and will be updated at any time, adapting investment and commercial strategies as agreed by the board and Companies reserves the right to change, and alter any benefit plan in its sole discretion.  

 

AI Tech UK reserves the right to terminate the role and any benefit plan on the grounds of misconduct or breach of any of the terms.  This agreement is valid and binding upon the parties from the date of execution and shall remain in effect until another formal contract is duly executed. 


SPONSORSHIP TERMS:

The Sponsor Terms and Conditions are an integral part of the Sponsor Contract for the Ai Tech UK event. The Sponsor Terms and Conditions should be read carefully before signing the Sponsor Contract. By signing the contract, the exhibitor agrees to abide by these rules and regulations.

 

  1. ​General

  • References to “us”, “we” and “our” shall refer to the Ai Tech UK Team (“Ai Tech UK “) and references to “you” and  “your” shall refer to the Sponsor or Paid Partner (“Sponsor“). 

  • These terms and conditions and the Sponsor Contract document (together the “Agreement”) set out the terms on which you (i.e. the Sponsor as defined on the Contract) agree to sponsor the Event. Please read the Agreement carefully and make sure you understand it before signing. You understand that by signing the Contract, you agree to be bound by the terms of the Agreement. 

  • Not Used 

  • This agreement is available in PDF format and will only be varied or amended by written agreement of both the Sponsor and Ai Tech UK. 

  • This Agreement shall take effect on the date that the last party signs the Contract and shall continue until the completion of the Event (the “Term”), unless terminated early in accordance with its Terms and Conditions. 

  • No employer/employee relationship is established or implied with this sponsorship agreement. 

  • This agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be governed by and construed in accordance with the law of England and Wales. Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this agreement or its subject matter or formation.

  2. Rights 

  • We grant you: 

  • the Sponsorship Rights as defined in the Agreement and the Sponsorship Pack; and 

  • a non-transferable, non-exclusive, royalty-free licence to use the Event logos (“Event Marks“) to promote your sponsorship of the Event, during the Term (as defined at clause 1.6) and in accordance with the Terms and Conditions of this Agreement. 

  • You grant to Ai Tech UK: 

  • a worldwide, non-exclusive, royalty-free, licence to use its logos and trade marks (the “Sponsor Marks“) provided to Ai Tech UK during the Term (as defined at clause 1.6) to promote and exploit the Event and for a period of 12 months following the Event in any report produced about the Event or the promotion of future Events, subject to a prior written consent each time from the Sponsor. 

  • In the event that you change the Sponsor Marks at any time during the Term, you agree that we shall not be obliged to make any consequential changes to materials that include the Sponsor Marks produced by Ai Tech UK or on our behalf for or in connection with the Event (including, but not limited to, reprinting promotional literature or publicity materials) unless you agree in writing in advance to meet the reasonable costs and expenses incurred by Ai Tech UK arising from such change. 

  • If for any reason, we are unable to deliver any of the Sponsorship Rights, we will inform you as soon as reasonably practicable. We may substitute alternative benefits in respect of the same Event to an equivalent value of the relevant Sponsorship Rights without any liability to you. 

  • Where any change to the nature of the Sponsorship Package is to the detriment of either party then the parties shall agree a replacement service or a price adjustment mutually (both parties acting reasonably). 

3. Your Obligations 

  • You undertake to use commercially reasonable endeavours to support the Event through appropriate marketing and promotional channels and to collaborate with Ai Tech UK on any appropriate joint marketing or promotional projects relating to the Event. 

  • You undertake to ensure your personnel exercise the Sponsor Benefits in accordance with the terms of this Agreement. 

  • For the avoidance of doubt, it shall be your responsibility to take out and maintain appropriate insurance in relation to any risks under or in relation to this Agreement or your participation in the Event. 

4. Our Obligations

  • We shall at all times during this Agreement effect and maintain an appropriate level of insurance cover in relation to the Event. We shall, if so requested by you, note the interest of the Sponsor on any such policy and shall produce upon reasonable request documentary evidence showing the required insurance cover and proof of payment for the premiums for such insurance. Sponsors are strongly recommended to obtain their own event insurance. 

  • We shall not knowingly misuse, permit misuse or bring into disrepute the Sponsor Marks or Sponsor name. 

5. Event Presence (Platinum, Gold & Silver Tier Sponsors Only) 

  • The Event is open to Sponsors whose products and services are directly related to the Artificial Intelligence, Analytics, the data community and related technologies. This can include employers and recruiters of such professionals. 

NOT USED

6. Cancellation, Postponement & Force Majeure 

  • We shall not be deemed to be in breach of this Agreement or otherwise liable to you for any failure or delay in performing our obligations under this Agreement as a result of an event or series of connected events outside of our reasonable control (including, without limitation, strikes or other industrial disputes, failure of a utility service or transport network, act of God, war, riot, civil commotion, terrorism, malicious damage, , accident, breakdown of plant or machinery, fire, flood or storm). 

  •  Pursuant to Section 6.1, Ai Tech UK may alter the advertised content, timing, date and/or location of the Event. We reserve the right to do this at any time during the Term and without liability to you, provided that the Event, as altered, is substantially similar to Event as originally advertised and rescheduled within 6 months. We will provide you with notice of any alterations as soon as is reasonably practicable.  

  • We reserve the right to cancel the Event at any time during the Term and will provide you with notice of the same as soon as is reasonably practicable. 

  • In the event that we cancel the Event (pursuant to clause 6.3) or materially alter the advertised content, timing, date and/or location of the Event, you shall be entitled to terminate this Agreement with immediate effect and obtain a refund (calculated in good faith) of an amount that reflects the total sums paid by you at the date of cancellation. Any such refund shall be paid by Ai Tech UK within 30 days of receipt of confirmation from you of your wish to terminate the Agreement. 

  • In the event that you terminate this Agreement out with any breach of our obligations under this agreement, the following scale of cancellation charges shall apply, calculated from the date that a Notice of Cancellation is received by Ai Tech UK to the Event date (as defined in the Agreement): 

  • More than two months prior to Event Date = 50% of Sponsorship Fee 

  • Less than two months prior to Event Date = 100% of Sponsorship Fee 

  • Upon expiry or termination of this Agreement, the parties agree that: 

  • our obligations to provide any further Sponsorship Rights shall cease. 

  • any licenses granted pursuant to this Agreement shall immediately cease; and 

  • you shall destroy any Event Sponsor Materials and remove the Event Marks from any other materials in your possession 

  • Ai Tech UK shall destroy any Sponsor Marks and remove the Sponsor Marks from any other materials in its possession. 

ADDENDUM No. 1  

Addendum to Ai Tech UK 2023 Sponsorship Agreement 

 

This Addendum No. 1 along with its attachments (“Addendum”) supplements the Ai Tech UK 2023 Sponsorship Agreement between Sponsor (UK) Limited and Ai Tech UK, which otherwise remains unchanged (hereinafter the “Agreement”).  In the event of a conflict between any term of the Agreement and this Addendum, the terms of this Addendum shall prevail, to the extent of the conflict. This Addendum shall be read along with the Agreement.  

1. Except as expressly set forth in this Agreement, Ai Tech UK will not use Sponsor’s name, trademarks or logos in any fashion that is visible to anyone outside its organization, without Sponsor’s prior written approval.  Ai Tech UK will not produce or make available, in any media, any advertisement, publicity or promotional item which states or implies, either directly or indirectly, that Sponsor endorses, recommends or prefers Ai Tech UK's brand, facilities or services.  Ai Tech UK hereby grants to Sponsor a non-exclusive, non-transferable, royalty-free, worldwide right to use Ai Tech UK branding solely to reasonably promote Sponsor’s participation in the Event or in connection with any benefits expressly provided for in this Agreement. 

Intellectual Property and Branding Rights 

1.1 Subject to the terms and conditions of this Agreement, Sponsor grants the Ai Tech UK a non-exclusive non-transferable right to use Sponsor’s name, the Sponsor logo, any other trademarks or service marks (unregistered or registered), any other symbol or logo used by Sponsor and/or Sponsor IPR (together “the Sponsor Marks”) solely for the purpose of and in connection with the provision of the Services under this Agreement upon prior written approval. The Ai Tech UK shall at all times comply with the guidelines provided by Sponsor (“Branding Guidelines”) while using any Sponsor Marks under this Agreement.   

  

1.2 Subject to Clause 1.1, the Ai Tech UK undertakes and agrees that:  

  • it shall not without Sponsor’s written consent, use Sponsor Marks in connection with its business or in any advertising or promotional materials or activities, in a website, in a press release or in other communications with, or services, materials or products provided to third parties, or sponsor the same;   

  • it shall take prior written approval from Sponsor for all material before printing or posting on a website with Sponsor Marks. Sponsor shall make reasonable efforts to provide such approvals promptly to the Ai Tech UK;  

  • it shall not take any actions, act in any manner, make any statement (public or private) or make use of Sponsor Marks which will in any manner, or is reasonably likely to, in the opinion and the sole discretion of Sponsor, be prejudicial or damaging to its interests, reputation or goodwill;  

  • it shall not state or imply, either directly or indirectly, that Sponsor or any other member of the Sponsor group endorse, sponsor, recommend or prefer the Ai Tech UK’s products or services;  

  • all rights granted under this clause are personal to the Ai Tech UK and are not transferable to any third party and shall terminate on expiry or termination of this Agreement; and   

  • all uses of the Sponsor name, Sponsor logo or Sponsor Marks by Ai Tech UK shall inure solely to the benefit of Sponsor. 

2. If Sponsor provides any materials for the Event, all right, title and interest in and to all such materials provided shall remain solely with Sponsor.  Sponsor grants to Ai Tech UK a non-exclusive, revocable license to use such provided materials only to the extent necessary to fulfill Ai Tech UK’s obligations under this Agreement related to the Event. Ai Tech UK acknowledges that Sponsor makes no representation or warranty to the Ai Tech UK concerning any materials provided to the Ai Tech UK under this Agreement. Any materials provided by Sponsor under this Agreement are provided on an “AS IS” basis. 

 

3. Ai Tech UK shall submit invoice for services by e-mail in a non-manipulable format such as .pdf .tif or .jpg to: acn.uk.einv@Sponsor.com.  Exceptionally, where Ai Tech UK is unable to submit invoices by such means and in such format, it may deliver invoices to:  Accounts Payable, Sponsor; 1 Plantation Place, 30 Fenchurch Street, London EC3M 3BD.All prices are exclusive of VAT or similar taxes and will be in the official currency of the country where the Sponsor entity in the Agreement is located. Sponsor will make payment within 30 days after receipt of Ai Tech UK’s valid invoice in accordance with the Agreement. Payment of an invoice (in whole or in part) will not be deemed acceptance of any goods or services. Sponsor is entitled to postpone and/or offset payment if the Ai Tech UK owes Sponsor money for any reason or if Sponsor disputes the amount due in good faith. 

 

4. Applicable taxes will be billed as a separate item or line item.  Sponsor will pay sales, use, value added, goods and services, and all other similar taxes imposed by any official, authorized governmental entity for goods or services provided under the Agreement, excluding taxes based solely on Ai Tech UK's income or property.  Sponsor will pay such tax(es) in addition to the sums due under the Agreement provided that Ai Tech UK itemizes them on a proper invoice.  Sponsor reserves the right to request proof of payment if previously paid by Ai Tech UK.  If Sponsor is required to withhold or deduct any taxes from any payment, Sponsor will not be required to “gross up” the amount of such payment and will pay the total amount reflected on the invoice less the applicable withholding taxes.  The Parties will cooperate in good faith to minimize taxes to the extent legally permissible. 

  

 

5. Ai Tech UK shall not disclose to any other person nor copy or duplicate information relating to this Agreement, including but not limited to information relating to pricing, personally identifiable information, and specifications furnished by Sponsor, either orally or in writing, except as required by law or by governmental regulations, requirement, or order, or as may be necessary to establish or assert its rights hereunder.  Ai Tech UK further agrees to take such steps necessary to ensure that no unauthorized person shall have access to such information.  Any information or other property furnished to Ai Tech UK by Sponsor shall be returned to Sponsor upon demand.  Nothing in this Agreement prohibits or limits a party’s use of information (including but not limited to ideas, concepts, know-how, techniques, and methodologies) (i) previously known to it, (ii) independently developed by it, (iii) acquired by it from a third party which is not, to its knowledge, under an obligation not to disclose such information, or (iv) which is or becomes publicly available through no breach of this Agreement. 

 

6. To the extent permitted by law, Sponsor’s liability for any and all claims shall not in the aggregate exceed the amounts paid by Sponsor to the Ai Tech UK under this Agreement.  To the extent permitted by law, in no event shall Sponsor be liable for any lost revenues, lost profits, incidental, indirect, consequential, or special damages.  Ai Tech UK will obtain and maintain appropriate insurance for its activities under this Agreement. 

 

7. Ai Tech UK represents and warrants that it is aware of, understands, has complied with, and will comply with, all laws applicable to Ai Tech UK in the performance of the Agreement, including but not limited to: (i) anti-corruption laws such as the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act and other local anti-corruption laws; (ii) data privacy laws, regulations and regulatory guidance, such as the EU’s General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”); (iii) export/import and economic sanctions laws; (iv) immigration, labour and employment laws; (v) employment opportunity and anti-discrimination laws;  (vi) environmental laws; and (vii) data privacy and information security provisions attached as Schedule A and Schedule B respectively. Ai Tech UK will not provide any goods or services to Sponsor that would cause a violation of any such laws. 

 

8. Ai Tech UK shall provide the platform for the Event and ensure that it is sufficient, satisfies the technical and functional expectations and of good quality equivalent to generally accepted industry standards for the purpose of running the Event.  Ai Tech UK shall be fully responsible for the development and set up of the Event and platform. Ai Tech UK warrants that: (a) it has obtained all necessary approvals, consents and authorizations to enter into this Agreement and to perform and carry out its obligations under this Agreement; (b) the platform does not contain any malicious code, including any viruses, malware, disabling code, time bombs, or Trojan horses; (c) that it has full and unencumbered rights and authority to provide the platform for usage as required under this Agreement and that usage of platform by Sponsor shall not lead to any third party claims; and (d) this Agreement is a valid and binding obligation of the Party. 

 

9. Ai Tech UK shall indemnify, defend and hold Sponsor harmless from and against all costs, actions, claims, liabilities, expenses, losses, proceedings or demands (including reasonable legal and other professional expenses) brought and awarded against or incurred or paid by Sponsor as a result of any infringement or alleged infringement of any Intellectual Property Rights belonging to a third party arising in connection with Sponsor’s  use of the platform or any other material supplied by the Ai Tech UK for the purpose of this Agreement; whether or not any claim arises during the Term. 

10. Sponsor is committed to conducting its business free from unlawful, unethical or fraudulent activity. Ai Tech UK will act in a manner consistent with the ethical and professional standards of Sponsor as described in the Sponsor Supplier Standards of Conduct, including prompt reporting of unlawful, fraudulent or unethical conduct. A copy of these standards can be found at Sponsor.com/us-en/company-ethics-code

 

11. The Parties will make good faith efforts to resolve, in a confidential manner, any dispute which may arise under the Agreement, by escalating it to higher levels of management, prior to resorting to litigation or other legal process. 

 

12. If any part of the Agreement is found to be invalid, unlawful or unenforceable then such part will be severed from the remainder of the Agreement which will continue to be valid and enforceable to the fullest extent permitted by law.  

 

13. Any changes to the Agreement will be valid and binding only if such changes are set forth in a written agreement signed by Ai Tech UK and Sponsor. Any click-through, online or other terms or licenses accompanying any goods or services are null and void and will not bind Sponsor and participants of the Event. The Parties expressly agree that any counter offer by Ai Tech UK or terms contained in the Ai Tech UK's response to, or acknowledgment or acceptance of, the Agreement, if any, that are additional to, or different from, the terms set forth in the Agreement will not apply and are hereby expressly rejected by Sponsor. 

SCHEDULE A- DATA PRIVACY SCHEDULE 

This data privacy schedule (“Data Privacy Schedule”) is subject to the terms and conditions of the Agreement. This Data Privacy Schedule shall be considered a Schedule to the Agreement and shall be deemed part of the Agreement. Terms not defined herein shall have the meaning set forth in the Agreement. In the event of a conflict between the Agreement and this Data Privacy Schedule, this Data Privacy Schedule shall prevail. Provider’s failure to comply with any of the provisions of this Data Privacy Schedule shall be deemed a material breach of the Agreement. 

1. DEFINITIONS 

"Sponsor Personal Data" means Personal Data owned, licensed, or otherwise controlled or Processed by Sponsor or by Sponsor’s Affiliates (including Personal Data Processed by Sponsor or by Sponsor’s Affiliates on behalf of Sponsor’s clients) but does not include Personal Data relating to Sponsor personnel that is obtained by Provider in the ordinary course of maintaining its business relationship with Sponsor. 

“Data Privacy Laws” means all applicable laws, regulations and regulatory guidance in relation to the Processing or protection of Personal Data, as amended from time-to-time, including but not limited to, Regulation (EU) 2016/679 of 27 April 2016, General Data Protection Regulation. 

"Personal Data" means any information relating to an identified or identifiable natural person (or, to the extent that Data Privacy Laws apply to information about legal persons, an identified or identifiable legal person) or as otherwise defined in Data Privacy Laws. 

“Process” means any operation, or set of operations, which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, access to, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. "Processes" and “Processing” shall be construed accordingly. Processing includes sub-Processing.  

2. PERSONAL DATA PROCESSING AND TRANSFER 

2.1. Both parties acknowledge that as part of the sponsorship relationship, Processing of Personal data shall occur. 

2.2.  Sponsor shall be considered the Data Controller for the Personal Data received in connection with the sponsorship relationship. Provider shall be considered Data Controller for the Personal Data transferred by Sponsor in the scope of the Agreement.  

2.3.  Where Provider obtains Personal Data directly from Sponsor only for the purposes contemplated by the Agreement and for no other purposes (and in particular, not disclose those Personal Data except as necessary for those purposes), the Provider bears the responsibility for ensuring that Personal Data is Processed by Provider and any Provider’s sub-processors in compliance with Data Privacy Laws, in particular that Provider has valid legal basis to Process data subjects personal data (e.g. consent, contract or others) and both parties implement and maintain appropriate physical, technical and organisational security measures to protect Personal Data. 

2.4.  In the event that a party requires or performs a transfer of the other party’s Personal Data to a country outside of the EEA both parties acknowledge and agree that the appropriate contract terms for international data transfers (decisions 2010/87/EU and any updates thereto) (“Standard Contractual Clauses”) shall be attached to this Data Privacy Schedule and shall be enforceable between the parties.  

2.5.  In the event that such Standard Contractual Clauses are required to be replaced or amended in order for data transfer to remain compliant with the Data Privacy Laws, such replacement or amendment shall be automatically incorporated into this Data Privacy Schedule. 

2.6.   If Sponsor needs to provide information (including details of the services provided by Provider) to a competent supervisory authority, (whether directly or indirectly via an Sponsor client), Provider shall assist Sponsor in providing such information, to the extent that such information is solely in the possession of the Provider or its sub-processors.  

 

3. PROVIDER PERSONAL DATA 

Parties may receive Personal Data regarding the other party’s employees, directors and other personnel, as part of maintaining its business relationships with the other party under the Agreement. Personal Data may be obtained indirectly through internal security systems or other means. Each party is hereby permitted to process such Personal Data for purposes related to the Agreement and Sponsor is further permitted to process such Personal Data for relevant purposes under Sponsor global Data Privacy Policy (a copy of which will be made available by Sponsor to Provider upon request). For the purposes set forth above, each party may transfer such Personal Data to any country where such party’s global organization and its clients and vendors operate. If required by Data Privacy Laws, parties agree to sign any additional agreement or amendment that may be required to allow transferring such Personal Data outside its jurisdiction of origin pursuant to Data Privacy Laws.  

 

4.  CHANGES IN DATA PRIVACY LAWS 

In the event of any changes in Data Privacy Laws applicable to Sponsor Personal Data, that result in new requirements, (including new physical, technical, organizational, security, or data privacy measures), or Standard Contractual Clauses invalidation, the parties jointly agree to take such reasonable steps that are necessary in order to ensure data transfers can continue in a manner that is compliant with the Data Protection Laws and Provider will reasonably cooperate with Sponsor in designing a remedial response to implement such new requirements. 

SCHEDULE B -INFORMATION SECURITY SCHEDULE 

This information security schedule, including any attachment hereto, (“Information Security Schedule”) is subject to the terms and conditions of the Agreement.  For the purposes of this Information Security Schedule, “Provider” shall mean AI TECH UK and its third-party providers/suppliers/agents and subcontractors, and “Sponsor” shall mean Sponsor (UK) Limited. Terms not defined herein shall have the meaning set forth in the Agreement. In the event of a conflict between the Agreement and this Information Security Schedule, this Information Security Schedule shall prevail.

1.  INFORMATION SECURITY REQUIREMENTS 

 

1.1Where Provider knows, or reasonably suspects, an accidental or unauthorized loss, destruction, acquisition, disclosure, access, manipulation, use or other form of compromise of Sponsor Data (a “Security Incident”) has occurred, Provider will notify Sponsor’s point of contact in writing promptly, and in any event within forty-eight (48) hours following such discovery and cooperate with Sponsor in any breach investigation or remediation efforts. If Sponsor notifies Provider of a security vulnerability or incident that is identified by Sponsor or a third-party to Sponsor, Provider will, in good faith, address the security vulnerability or incident without undue delay regardless of severity regardless of severity.  For the purposes of this Information Security Schedule: (i) “Sponsor Data” shall have the meaning set forth in the Agreement, or if no term is defined, then “Sponsor Data” shall mean all information or data collected, stored, processed, received and/or generated by Provider in connection with providing the applicable Provider Services to Sponsor, including Sponsor Personal Data as defined in the Agreement; and (ii) “Provider Services” shall have the meaning set forth in the Agreement and also includes any other services provided by the Provider under the Agreement, and shall include any software and equipment provided by Provider (including third party software and equipment) required to access the Provider Services or provide the Provider Services.     

 

1.2 Provider represents and warrants that it shall implement appropriate technical and organizational security measures, based on current Industry Standards. “Industry Standards” means commercially reasonable security measures in all applicable equipment, software systems, services and platforms that Provider uses to access, process and/or store Sponsor Data, that are designed to ensure the security, integrity, and confidentiality of Sponsor Data, and to protect against any Security Incident(s). Further, Provider represents and warrants it will comply with applicable laws and regulatory requirements to ensure that Sponsor Data is not destroyed (except as expressly permitted under this Agreement), lost, altered corrupted or otherwise impacted such that it is not readily usable by Sponsor in its business operations. Upon Sponsor’s request, Sponsor Data shall be immediately provided or otherwise made accessible to Sponsor by Provider, either, at Sponsor’s option, using the Provider Services or in an Industry Standard format specified by Sponsor. 

 

1.3 Illicit Code.  Except for the functions and features expressly disclosed in Provider's documentation provided or made available to Sponsor, Provider represents and warrants that the Provider Services, deliverables, and software and equipment that process, store or transmit Sponsor Data do not and will not contain any malicious or disabling code, including, but not limited to, viruses, malware, worms, back doors, date/time bombs, or Trojan horses. 

 

1.4 Security of All Software Components.  Provider agrees to appropriately inventory all software components (including, but not limited to, open source software) used in the Provider Services, software, equipment and/or deliverables, and provide such inventory to Sponsor upon request. Provider will assess whether any such software components have any security defects and/or vulnerabilities that could lead to a Security Incident.  Provider shall perform such assessment prior to delivery of, or providing access to, such software components to Sponsor and on an on-going basis thereafter during the term of the Agreement and any Orders and Statements of Work under the Agreement. Provider agrees to remediate identified security defects or vulnerabilities in a timely manner. If security defects or vulnerabilities cannot be remediated in a timely manner, Provider agrees to notify Sponsor so that an appropriate risk assessment can be conducted.  Provider further agrees not to disclose the existence of this Agreement, nor any Sponsor Data or intellectual property of Sponsor, in connection with any remediation efforts (including, for example, contribution of code to an open source software project). 

 

1.5 Resiliency.  During the term of the Agreement and all Orders and Statements of Work under the Agreement, Provider shall maintain a high availability (“HA”) solution and related plan that is consistent with Industry Standards for the Provider Services being provided.  The HA solution is required to have a highly available technical architecture across all the application tiers with nodes deployed across different physical data centers with no more than 1 hour of recovery time and data loss.  If an HA solution is not able to be deployed, Provider shall maintain a disaster recovery (“DR”) solution and related plan that is consistent with Industry Standards for the Provider Services being provided.  The DR solution will ensure identified critical capabilities are restored within a twenty-four (24)-hour period with no more than twelve (12) hours of data loss in the event of a declared disaster or major system outage. Provider will test the HA or DR solution and related plan at least twice annually or more frequently if test results indicate that critical systems were not capable of being recovered within the periods above.  Provider will provide summary test results for each exercise which will include the actual recovery point (how much data lost, if any) and recovery times (time to bring back applications and/or the Provider Services, if not automated failover) achieved within the exercise. Provider will provide agreed upon action plans to promptly address and resolve any deficiencies, concerns, or issues that may prevent the critical functionality of the application and/or Provider Services from being recovered within twenty-four (24) hours in the event of a disaster or major system outage.     

 

2. SECURITY ASSESSMENT 

2.1 Security Assessment.  If Sponsor reasonably determines, or in good faith believes, that Provider’s security practices and procedures do not meet Provider’s obligations pursuant to the Agreement or this Information Security Schedule, then Sponsor may notify Provider of the deficiencies.  Further, Provider shall without unreasonable delay (i) correct such deficiencies at its own expense and (ii) permit Sponsor, or its duly authorized representatives, on reasonable prior notice, to assess Provider’s and Provider subcontractors’ security-related activities that are relevant to the Agreement. Additionally; Provider will complete, in a timely and accurate manner, an information security questionnaire provided by Sponsor to Provider, on an annual basis or more frequently upon Sponsor’s request, in order to verify Provider’s and its subcontractors' compliance with its security-related obligations in the Agreement. (“Security Assessment”). 

 

2.2 Security Issues and Remediation Plan.  Security issues identified by Sponsor during a Security Assessment will have an assigned risk rating and an agreed to timeframe to remediate. Provider shall remediate all security issues identified within the agreed remediation timeframes and failure to comply will result in Sponsor having the right to terminate this Agreement without the payment of any early termination fee and with the right to a refund of any prepaid amounts for the period of time after the effective date of such termination. 

 

3. INFORMATION SECURITY CONTROLS 

 

3.1    Information Security Policies 

  • Policies for Information Security.  Provider’s policies for information security shall be documented by Provider, approved by Provider’s management, published and communicated to Provider’s personnel, contractors, agents and relevant external third parties. 

  • Asset Management 

  • Asset Inventory.  Provider shall maintain an asset inventory of all media and equipment where Sponsor Data is stored. Access to such media and equipment shall be restricted to authorized personnel of Provider.  Provider will ensure that no software or hardware that is past its End of Life (EOL) will be used in the scope of Provider Services without a mutually agreed risk management process for such items. 

  • Asset Handling   

  • Provider shall classify Sponsor Data so that it is properly identified and access to Sponsor Data shall be appropriately restricted.  

  • Provider shall maintain an acceptable use policy with restrictions on printing Sponsor Data and procedures for appropriately disposing of printed materials that contain Sponsor Data when such data is no longer needed to provide the Provider Services under the Agreement.  

  • Provider shall maintain an appropriate approval process whereby such approval is provided to personnel, contractors and agents prior to storing Sponsor Data on portable devices; remotely accessing Sponsor Data; or processing such data outside of Provider facilities. If storing Sponsor Data on portable devices is approved and granted, Provider shall enforce the use of current Industry Standard encryption on the portable device.  Provider will prohibit the enrollment of mobile devices that have been “jail broken.”   

  • Access Control.   

  • Provider shall maintain an appropriate access control policy that is designed to restrict access to Sponsor Data and Provider assets to authorized personnel, agents and contractors.  

  • Provider shall maintain and enforce a password policy that is aligned to current Industry Standards (e.g. NIST Cyber Security Framework and the Center for Internet Security). 

  • Provider shall restrict access to Provider systems involved in providing Provider Services, to only those individuals who require such access to perform their duties using the principle of least privilege access. 

  • Provider shall provide an Industry Standards based single sign-on (SSO) capability (SAML, etc.) for Sponsor which will require authentication to access any Provider web-based application(s) provided as part of the Provider Services, unless the requirement is explicitly waived by Sponsor. Details of how the single sign-on integration must be implemented are available from Sponsor upon request. If SSO is waived, multi-factor authentication is still required for access to Provider web-based application(s) provided as part of the Provider Services. 

  • Cryptography.  Provider shall maintain policies and standards regarding the use of cryptographic controls that are implemented to protect Sponsor Data.   

  • Physical and Environmental Security 

  • Secure Disposal or Reuse of Equipment.  Provider shall verify equipment containing storage media, to confirm that all Sponsor Data has been deleted or securely overwritten using Industry Standard processes, prior to disposal or re-use.   

  • Operations Security  

  • Logging and Monitoring of Events. Provider must enable logging and monitoring on all operating systems, databases, applications, and security and network devices that are involved in providing Provider Services.  

  • Protections from Malware. Provider shall maintain anti-malware controls that are designed to protect systems from malicious software, including malicious software that originates from public networks. Provider shall maintain software at the then current major release for Provider owned anti-malware software and provide maintenance and support for new releases and versions of such software.  

  • Encryption of Data at Rest.  Provider shall encrypt data at rest using current Industry Standard encryption solutions or shall provide the capability with instructions to Sponsor so that Sponsor may enable further encryption, at Sponsor’s discretion.   

  • Communications Security  

  • Information Transfer and Storage.   

  • Provider shall use current Industry Standard encryption to encrypt Sponsor Data that is in transit. 

  • Provider shall restrict access through encryption to Sponsor Data stored on media that is physically transported from Provider facilities.   

  • Security of Network Services.  Provider shall ensure that Industry Standard security controls and procedures for all network services and components are implemented whether such services are provided in-house or outsourced. 

  • System Acquisition, Development and Maintenance 

  • Workstation Encryption.  Provider will require full hard disk encryption all workstations and/or laptops used by personnel, contractors and agents where such personnel are accessing or processing Sponsor Data.  

  • Application Hardening.  Provider will maintain and implement secure application development policies, procedures, and standards that are aligned to Industry Standard practices such as the SANS Top 25 Software Errors and the OWASP Top Ten project. This applies to web application, mobile application, embedded software, and firmware development as appropriate.    

  • System Hardening. Provider will establish and ensure the use of standard secure configurations of operating systems.  Images should represent hardened versions of the underlying operating system and the applications installed on the system. 

  • Infrastructure Vulnerability Scanning. Provider shall use Industry Standard and up-to-date products to scan its internal and external environment (e.g. servers, network devices, etc.) related to Provider Services on a monthly basis.  Provider shall have a defined process to remediate findings. 

  • Provider Relationships 

  • Where other third-party applications or services must be engaged by Provider, Provider’s contract with any third-party must clearly state security requirements consistent with the security requirements of this Information Security Schedule which will be applied to the third party. In addition, service level agreements with the third party must be clearly defined.  

  •   Information Security Incident Management 

  • Provider shall maintain a record of Security Incidents noting the description of the Security Incident, the applicable time periods, the impact, the person reporting and to whom the Security Incident was reported, and the procedures to remediate the incident.  

  • In the event of a Security Incident identified by Provider, Sponsor, or other third party, Provider will: (a) promptly investigate the Security Incident; (b) promptly provide Sponsor with all relevant detailed information about the Security Incident; and (c) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Incident. 

  • The Provider shall track disclosures of Sponsor Data, including what type of data was disclosed, to whom, and the time of the disclosure. 

Limited spaces available on our free National AI Programme. Join Now!

bottom of page