top of page

Terms and Conditions 

ATTENDANCE TERMS:

These are the terms (the “Agreement”) that govern your attendance at and/or participation in an AI Tech UK (referred to herein as the “Event”).

By registering for the Event, you are agreeing to these terms, which form a legal contract between AI Tech UK Ltd trading as “AI Tech UK”, and the registered attendee and/or participant (“you”). If you are registering on behalf of another it is your responsibility to ensure that the person attending is aware of these terms and accepts them, and by completing the registration you are warranting that you have made the attendee aware of these terms and that they have accepted these terms.

1. Event admission

1.1. Admittance. Your registration entitles you to admittance to the Event. All other costs associated with your attendance (including without limitation any travel and/or accommodation expenses) shall be borne solely by you and AI Tech UK shall have no liability for such costs.

1.2. Termination. You acknowledge that AI Tech UK reserves the right to request your removal from the Event if AI Tech UK, in its sole discretion, considers your presence and/or behaviour to create a disruption or to hinder the Event and/or the enjoyment of the Event by other attendees or speakers.

1.3. Media. By attending the Event you acknowledge and agree to grant AI Tech UK the right at the Event to record, film, photograph or capture your likeness in any media now available and hereafter developed and to distribute, broadcast, use or otherwise globally to disseminate, in perpetuity, such media without any further approval from you or any payment to you. This grant to AI Tech UK includes, but is not limited to, the right to edit such media, the right to use the media alone or together with other information, and the right to allow others to use and/or disseminate the media.

1.4. Event Content. You acknowledge and agree that AI Tech UK, in its sole discretion, reserves the right to change any aspects of the Event, including but not limited to, the Event name, themes, content, program, speakers, performers, hosts, moderators, venue and time.

2. Fee(s)

2.1. Payment. The payment of the applicable fee(s) for the Event is due upon registration. If such payment is insufficient or declined for any reason AI Tech UK may refuse to admit you to the Event and shall have no liability in that regard.

2.2. Taxes. The fee(s) may be subject to sales tax, value-added tax, or any other taxes and duties which, if applicable, will be charged to you in addition to the fee(s).

3. Substitution and cancellation policy

3.1 After registering for the Event, if you cancel your attendance more than 2 weeks prior to the date of the Event, you will receive an 80% refund of the amount of your payment. If you cancel within 2 weeks of the date of the Event, you will not be eligible for a refund; however, substitutions (subject to availability) may be arranged at the sole discretion of AI Tech UK.

4. Privacy policy

4.1. AI Tech UK is committed to protecting the privacy of its customers. AI Tech UK is an organization, that operates a strict privacy policy, which is available at: Privacy policy | AI Tech UK (ai-tech.uk)

5. Intellectual property

5.1. All intellectual property rights in and to the Event, the Event content and all materials distributed at or in connection with the Event are owned by AI Tech UK Limited and/or the Event sponsors or speakers presenting at the Event. You may not use or reproduce or allow anyone to use or reproduce any trademarks (including without limitation “AI Tech UK" “Smart Ethics” “National AI Accelerator Programme”) or other trade names appearing at the Event, in any Event content and/or in any materials distributed at or in connection with the Event for any reason without the prior written permission of AI Tech UK Ltd.

5.2. For the avoidance of doubt, nothing in this Agreement shall be deemed to vest in you any legal or beneficial right in or to any trademarks or other intellectual property rights owned or used under licence by AI Tech UK Ltd or any of its affiliates or grant to you any right or licence to any other intellectual property rights of AI Tech UK Limited or its affiliates, all of which shall at all times remain the exclusive property of AI Tech UK Limited and its affiliates.

6. Warranties and limitation of liability

6.1. AI Tech UK gives no warranties in respect of any aspect of the Event or any materials related thereto or offered at the Event and, to the fullest extent possible under the laws governing this Agreement, disclaims all implied warranties, including but not limited to warranties of fitness for a particular purpose, accuracy, timeliness and merchantability. Neither AI Tech UK nor its affiliates can accept any responsibility or liability for reliance by you or any person on any aspect of the Event and/or any information provided at the Event.

 

6.2. Other than to the extent required as a matter of law: (i) neither AI Tech UK nor its affiliates shall be liable for any direct, indirect, special, incidental, or consequential costs, damages or losses arising directly or indirectly from the Event or other aspect related thereto or in connection with this Agreement.

6.3. The maximum aggregate liability of AI Tech UK for any claim in any way connected with therewith or this Agreement whether in contract, tort or otherwise (including any negligent act or omission) shall be limited to the amount paid by you to AI Tech UK under this Agreement to attend the Event.

7. Governing law and jurisdiction

7.1. If you are a business, any dispute or claim arising out of or in connection with a contract between us or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed following the law of England and Wales and the courts of England and Wales shall have exclusive jurisdiction to settle any such dispute or claim.

 

PARTNERSHIP TERMS: 

1. Non-compete: Advisor/Board Member agrees not to engage in any business activities or operations that directly compete with the services provided by AI Tech UK within the specified geographic region or industries for a period of three years after the termination of this agreement. 

2. Non-Solicitation: During the term of this engagement and for a period of [3 years] thereafter, the Advisor/Board Member shall not directly or indirectly solicit, entice, or engage in business transactions with AI Tech UK's clients, partners, employees, or affiliates for their own benefit or that of a third party. 

3. IP Protection: Advisor/Board Member agrees that any intellectual property, including but not limited to trademarks, service marks, copyrights, and trade secrets, associated with the services provided by AI Tech UK shall remain the exclusive property of Smart Ethics. You shall not use, reproduce, or imitate such intellectual property without explicit written consent. 

4. Confidentiality: Advisor/Board Member acknowledges that any information, data, processes, strategies, or business models shared by AI Tech UK during the course of this agreement are proprietary and confidential. You agree not to use, disclose, or replicate this information for the purpose of developing similar services or products. 

5. Non-Use of Proprietary Information: Advisor/Board Member acknowledges that any proposals, presentations, strategies, methodologies, or other information provided by AI Tech UK are proprietary and confidential. You agree not to use, share, or replicate this information for your business purposes or to develop similar proposals without explicit written consent. 

6. Liability: Advisor/Board Member shall indemnify and hold harmless AI Tech UK from any claims, liabilities, costs, and expenses arising from the breach of any clause within this agreement, including but not limited to the non-compete and confidentiality clauses.  

7. Termination: Either party may terminate this agreement with 30 days written notice to the other party. Termination may occur in the event of material breach, insolvency, or as mutually agreed upon by both parties. 

 

8. The terms and conditions could evolve as AI Tech UK scales internationally and will be updated at any time, adapting investment and commercial strategies as agreed by the board and Companies reserves the right to change, and alter any benefit plan in its sole discretion.  

 

AI Tech UK reserves the right to terminate the role and any benefit plan on the grounds of misconduct or breach of any of the terms.  This agreement is valid and binding upon the parties from the date of execution and shall remain in effect until another formal contract is duly executed. 


SPONSORSHIP TERMS:

The Sponsor Terms and Conditions are an integral part of the Sponsor Contract for the AI Tech UK event. The Sponsor Terms and Conditions should be read carefully before signing the Sponsor Contract. By signing the contract, the exhibitor agrees to abide by these rules and regulations.

 

  1. General

​​

  • References to “us”, “we” and “our” shall refer to the AI Tech UK Team (“AI Tech UK “) and references to “you” and  “your” shall refer to the Sponsor or Paid Partner (“Sponsor“). 

  • These terms and conditions and the Sponsor Contract document (together the “Agreement”) set out the terms on which you (i.e. the Sponsor as defined in the Contract) agree to sponsor the Event. Please read the Agreement carefully and make sure you understand it before signing. You understand that by signing the Contract, you agree to be bound by the terms of the Agreement. 

  • Not Used 

  • This agreement is available in PDF format and will only be varied or amended by written agreement of both the Sponsor and AI Tech UK. 

  • This Agreement shall take effect on the date that the last party signs the Contract and shall continue until the completion of the Event (the “Term”) unless terminated early following its Terms and Conditions. 

  • No employer/employee relationship is established or implied with this sponsorship agreement. 

  • This agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be governed by and construed following the law of England and Wales. Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with this agreement or its subject matter or formation.

  2. Rights 

  • We grant you: 

  • the Sponsorship Rights as defined in the Agreement and the Sponsorship Pack; and 

  • a non-transferable, non-exclusive, royalty-free licence to use the Event logos (“Event Marks“) to promote your sponsorship of the Event, during the Term (as defined in clause 1.6) and following the Terms and Conditions of this Agreement. 

  • You grant to AI Tech UK: 

  • a worldwide, non-exclusive, royalty-free, licence to use its logos and trademarks (the “Sponsor Marks“) provided to AI Tech UK during the Term (as defined in clause 1.6) to promote and exploit the Event and for a period of 12 months following the Event in any report produced about the Event or the promotion of future Events, subject to a prior written consent each time from the Sponsor. 

  • If you change the Sponsor Marks at any time during the Term, you agree that we shall not be obliged to make any consequential changes to materials that include the Sponsor Marks produced by AI Tech UK or on our behalf for or in connection with the Event (including, but not limited to, reprinting promotional literature or publicity materials) unless you agree in writing in advance to meet the reasonable costs and expenses incurred by AI Tech UK arising from such change. 

  • If for any reason, we are unable to deliver any of the Sponsorship Rights, we will inform you as soon as reasonably practicable. We may substitute alternative benefits in respect of the same Event to an equivalent value of the relevant Sponsorship Rights without any liability to you. 

  • Where any change to the nature of the Sponsorship Package is to the detriment of either party then the parties shall agree on a replacement service or a price adjustment mutually (both parties acting reasonably). 

3. Your Obligations 

  • You undertake to use commercially reasonable endeavours to support the Event through appropriate marketing and promotional channels and to collaborate with AI Tech UK on any appropriate joint marketing or promotional projects relating to the Event. 

  • You undertake to ensure your personnel exercise the Sponsor Benefits following the terms of this Agreement. 

  • For the avoidance of doubt, it shall be your responsibility to take out and maintain appropriate insurance about any risks under or about this Agreement or your participation in the Event. 

4. Our Obligations

  • We shall at all times during this Agreement effect and maintain an appropriate level of insurance cover about the Event. We shall, if so requested by you, note the interest of the Sponsor on any such policy and shall produce upon reasonable request documentary evidence showing the required insurance cover and proof of payment for the premiums for such insurance. Sponsors are strongly recommended to obtain their event insurance. 

  • We shall not knowingly misuse, permit misuse or bring into disrepute the Sponsor Marks or Sponsor name. 

5. Event Presence (Platinum, Gold & Silver Tier Sponsors Only) 

  • The Event is open to Sponsors whose products and services are directly related to Artificial Intelligence, Analytics, the data community and related technologies. This can include employers and recruiters of such professionals.​

6. Cancellation, Postponement & Force Majeure 

  • We shall not be deemed to be in breach of this Agreement or otherwise liable to you for any failure or delay in performing our obligations under this Agreement as a result of an event or series of connected events outside of our reasonable control (including, without limitation, strikes or other industrial disputes, failure of a utility service or transport network, act of God, war, riot, civil commotion, terrorism, malicious damage, accident, breakdown of plant or machinery, fire, flood or storm). 

  •  Under Section 6.1, AI Tech UK may alter the advertised content, timing, date and/or location of the Event. We reserve the right to do this at any time during the Term and without liability to you, provided that the Event, as altered, is substantially similar to Event as originally advertised and rescheduled within 6 months. We will provide you with notice of any alterations as soon as is reasonably practicable.  

  • We reserve the right to cancel the Event at any time during the Term and will provide you with notice of the same as soon as is reasonably practicable. 

  • If we cancel the Event (under clause 6.3) or materially alter the advertised content, timing, date and/or location of the Event, you shall be entitled to terminate this Agreement with immediate effect and obtain a refund (calculated in good faith) of an amount that reflects the total sums paid by you at the date of cancellation. Any such refund shall be paid by AI Tech UK within 30 days of receipt of confirmation from you of your wish to terminate the Agreement. 

  • If you terminate this Agreement due to any breach of our obligations under this agreement, the following scale of cancellation charges shall apply, calculated from the date that AI Tech UK receives a Notice of Cancellation to the Event date (as defined in the Agreement): 

  • More than two months before the Event Date = 50% of the Sponsorship Fee 

  • Less than two months before the Event Date = 100% of the Sponsorship Fee 

  • Upon expiry or termination of this Agreement, the parties agree that: 

  • our obligations to provide any further Sponsorship Rights shall cease. 

  • any licenses granted under this Agreement shall immediately cease, and 

  • you shall destroy any Event Sponsor Materials and remove the Event Marks from any other materials in your possession 

  • AI Tech UK shall destroy any Sponsor Marks and remove the Sponsor Marks from any other materials in its possession.​

ADDENDUM No. 1  

Addendum to AI Tech UK 2023 Sponsorship Agreement

 

The Terms and Conditions are an integral part of the Sponsorship Agreement for AI-Tech-UK Engagement. The Terms and Conditions should be read carefully before signing the Sponsorship Agreement. By signing the agreement, the exhibitor agrees to abide by these rules and regulations.  

  

1. FEES & PAYMENT TERMS

1.1  In consideration of the Services provided by AI-Tech-UK, the sponsor will pay AI-Tech-UK a fixed fee subject to final agreement upon agreement signing (exclusive of any VAT) (the “Fee”) subject to all Services provided in the Agreement being provided in a manner acceptable to both parties.   ​

1.2  Fees shall be invoiced every month or completion of the engagement and will be payable within 14 calendar days of receipt of the invoice. Late payments may incur interest charges at the statutory rate. ​

1.3  If AI-Tech-UK is unable to carry out the Services for any reason, then AI-Tech-UK will not be entitled to receive any fee in respect of any Services provided in the Agreement, that are not provided satisfactorily. 

1.4. The Sponsor acknowledges and agrees that the sponsorship fee will increase for the subsequent term. The revised fee for the Platinum/Gold/Silver Offering package for the 2026 programme will be communicated no later than 90 days before the start of the renewed term. 

2. CONFIDENTIAL INFORMATION 

2.1  AI Tech UK commits to safeguarding all confidential and sensitive information shared by the Sponsor. This includes, but is not limited to, business strategies, financial data, and other non-public details acquired during the course of this Agreement. AI Tech UK will only disclose such information:

 

- If specifically required to perform its obligations under this Agreement;

or

- When required by law.   ​

2.2  Nondisclosure and Non-use of Confidential Information: The Parties shall not disclose, publish, or otherwise disseminate Confidential Information to anyone other than those of its employees and trusted subcontractors with a need to know, and each Party shall take reasonable precautions to prevent any unauthorized use, disclosure, publication, or dissemination of Confidential Information. The Parties accept the Confidential Information for the sole purpose of evaluation in connection with either Party’s business discussions with each other. Each Party shall not use Confidential Information otherwise for its own or any third Party's benefit without the prior written approval of an authorized representative of the disclosing Party in each instance. The foregoing restrictions on Confidential Information shall not apply to Confidential Information that is required to be disclosed in connection with any suit, action or other dispute related to the Confidential Information or otherwise required to be disclosed as a matter of law.  

​​

​3. INTELLECTUAL PROPERTY

 

3.1 Any intellectual property, including but not limited to materials, presentations, branding, and content, developed or used by AI Tech UK during the programme, remains the sole property of AI Tech UK. 

3.2. The sponsor may use AI Tech UK's branding, logo, and materials solely for promotional purposes related to the programme, subject to prior written approval. 

3.3. Any intellectual property provided by the Sponsor for use in the programme remains the property of the Sponsor. AI Tech UK will use this material solely as necessary to fulfil its obligations under the sponsorship agreement. 

  

4. DATA OWNERSHIP AND PROTECTION

 

4.1. AI Tech UK will process, store and handle attendee data collected during the programme in compliance with applicable GDPR laws. 

4.2. Data shared with the Sponsor, such as attendee lists or profiles, is for programme-related purposes only and cannot be sold, shared, or used beyond the scope of the sponsorship agreement without prior written consent. 

4.3. Both parties agree to take all reasonable measures to protect shared data against unauthorised access, misuse, or disclosure. 

 

4.4.   The AI Tech UK agrees to protect the confidentiality and security of the Sponsor's data by industry best practices and applicable data protection laws  

  

5. RESTRICTIVE COVENANT

 

5.1  The Sponsor agrees not to directly engage in activities that conflict with or undermine the programme during the sponsorship period.

 

5.2. The Sponsor will not, within the period of engagement delivery with AI-Tech-UK, solicit or endeavour to entice away the employment of, employ or negotiate or arrange the employment with AI-Tech-UK delivery staff.  ​

 

6. NON-COMPETE 

 

6.1  That except for availing of the said services under this agreement, the sponsor or any of his constituents, agents or principals shall directly or indirectly during this agreement and for a period of three years after its expiry or termination, solicit, engage, contract or otherwise work in any manner with any person who is or was hired, employed or engaged by AI-Tech-UK any of its constituents, principals, subsidiaries or agents  

7. TERMINATION 

 

7.1  The Agreement is entered into on a flexible basis, with no formal termination date.   

7.2  The Sponsor may terminate the Agreement at any time by giving AI-Tech-UK not less than 30 days' notice in writing.   

7.3  AI-Tech-UK may terminate the Agreement at any time by giving the Sponsor not less than 30 days' notice in writing.   

7.4  The Agreement will terminate automatically without any requirement for notice or payment in place of notice if AI-Tech-UK is unable to provide the Services due to any reason, including, without limitation, in the event of death or permanent incapacity.   

7.5  Sponsor may by written notice summarily terminate the Agreement with immediate effect if:  

 

a-  AI-Tech-UK underperforms to deliver any term of the Agreement which, in the case of a breach capable of remedy, is not remedied by AI-Tech-UK within twenty-one (21) days of a written notice from the Sponsor specifying the breach and requiring its remedy.   

b-  AI-Tech-UK breaches any term of the Agreement which, in the case of a breach capable of remedy, is not remedied by AI-Tech-UK within twenty-one (21) days of a written notice from the Sponsor specifying the breach and requiring its remedy.   

c-  The Individual becomes bankrupt or compounds with their creditors or is convicted of any criminal offence (other than road traffic offences).   

d-  AI-Tech-UK makes a resolution for its winding up, makes an arrangement or composition with its creditors or makes an application to a court of competent jurisdiction for protection from its creditors or an administration or winding-up order is made, or an administrator or receiver is appointed in relation to the sponsor;   

e-  AI-Tech-UK or the Individual conducts themselves in any manner which, in the reasonable opinion of the Board, brings or is likely to bring them and/or the Sponsor into disrepute.   

f-  Sponsor may terminate this Agreement and AI-Tech-UK’s Services by giving written Notice of Termination at any time if performance metrics or agreed delivery services are unfulfilled.  

7.6  “Poor Performance” is AI-Tech-UK’s failure to substantially perform AI-Tech-UK’s duties with the Sponsor (other than any such failure resulting from incapacity due to physical or mental illness), and AI-Tech-UK’s inability to remedy such failure to the Sponsor’s reasonable satisfaction within 30 days of notification.   

7.7  A dispute of poor performance must provide substantial performance breaches against project scope with a defined brief of agreed outcomes.  

8. CURRENCY  

 

8.1  Except as otherwise provided in this Agreement, all monetary amounts referred to in this Agreement are in GBP.  

  

9. AUTHORITY

   

9.1  Both parties shall have no authority to commit each other to any legally binding or other commitments or contracts or to interfere in the running of the business.   

  

10. PERSONAL AGREEMENT

 

10.1  The Agreement is personal between the Sponsor and AI-Tech-UK, and neither may sell, assign or transfer any duties, rights or interests created under the Agreement without the prior written consent of the other. Nothing in the Agreement is intended to confer on any person any right to enforce any terms of the Agreement which that person would not have had but for the Contracts (Rights of Third Parties) Act 1999  

11.  CONFLICT OF INTEREST

11.1  AI-Tech-UK agree to disclose to the Sponsor and obtain the prior written approval of the Company for, any matters relating to AI-Tech-UK business engagements, that be considered to interfere, conflict or compete with the proper performance of the obligations under this contract.  

  

12. RIGHT OF SUBSTITUTION

12.1. Except as otherwise provided in this Agreement, the Service Provider may, at the Service Provider's absolute discretion, engage a third party sub-contractor to perform some or all of the obligations of the Service Provider under this Agreement and the Sponsor will not hire or engage any third parties to assist with the provision of the Services.  

  

12.2. If the Service Provider hires a sub-contractor:  

a-  the Service Provider will pay the sub-contractor for its services and the Payment will remain payable by the Sponsor to the Service Provider.   

b-  for the indemnification clause of this Agreement, the sub-contractor is an agent of the Service Provider.  

  

13. NOTICES

 

13.1  Any notice to be given by one party to the other shall be validly given if:   

a-  posted by prepaid recorded delivery first class post within the mainland of the UK and correctly addressed to the Party to be served, and shall be deemed served on the third working day after posting (unless not delivered);   

b-  personally delivered to or a registered director of the Sponsor and shall be deemed served when so delivered.   

14. ENTIRE AGREEMENT

14.1  The Agreement supersedes any previous agreement between the Parties concerning the matters dealt with it, except for any Non-Disclosure Agreements entered into by the Parties and represents the entire understanding between the Parties concerning its subject-matter. AI-Tech-UK acknowledges and agrees that it has not entered into the Agreement in reliance on any representation, warranty or undertaking which is not set out or referred to in the Agreement. The Agreement may not be changed by oral agreement but only in writing, signed by both Parties. 

 

15. SEVERABILITY

15.1 If any of the provisions of this Agreement are held to be invalid or unenforceable in whole or in part, all other provisions will nevertheless continue to be valid and enforceable with the invalid or unenforceable parts severed from the remainder of this Agreement.

 

16. WAIVER 

16.1  The waiver by either Party of a breach, default, delay or omission of any of the provisions of this Agreement by the other Party will not be construed as a waiver of any subsequent breach of the same or other provisions.  

  

17. GOVERNING LAW AND JURISDICTION

17.1 The Agreement is governed by and to be construed in accordance with English law and the parties submit to the exclusive jurisdiction of the English courts.  

 

17.2  The courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this agreement or its subject matter or formation (including non-contractual disputes or claims).  

17.3  The Client Terms and Conditions are an integral part of the Client Contract for the AI-Tech-UK Engagement. The Client Terms and. Conditions should be read carefully before signing the Client Contract. By signing the contract, the exhibitor agrees to abide by these rules and regulations.  

  

SCHEDULE A- DATA PRIVACY SCHEDULE 

This data privacy schedule (“Data Privacy Schedule”) is subject to the terms and conditions of the Agreement. This Data Privacy Schedule shall be considered a Schedule to the Agreement and shall be deemed part of the Agreement. Terms not defined herein shall have the meaning set forth in the Agreement. In the event of a conflict between the Agreement and this Data Privacy Schedule, this Data Privacy Schedule shall prevail. Provider’s failure to comply with any of the provisions of this Data Privacy Schedule shall be deemed a material breach of the Agreement. 

1. DEFINITIONS 

"Sponsor Personal Data" means Personal Data owned, licensed, or otherwise controlled or Processed by Sponsor or by Sponsor’s Affiliates (including Personal Data Processed by Sponsor or by Sponsor’s Affiliates on behalf of Sponsor’s clients) but does not include Personal Data relating to Sponsor personnel that is obtained by Provider in the ordinary course of maintaining its business relationship with Sponsor. 

“Data Privacy Laws” means all applicable laws, regulations and regulatory guidance in relation to the Processing or protection of Personal Data, as amended from time-to-time, including but not limited to, Regulation (EU) 2016/679 of 27 April 2016, General Data Protection Regulation. 

"Personal Data" means any information relating to an identified or identifiable natural person (or, to the extent that Data Privacy Laws apply to information about legal persons, an identified or identifiable legal person) or as otherwise defined in Data Privacy Laws. 

“Process” means any operation, or set of operations, which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, access to, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction. "Processes" and “Processing” shall be construed accordingly. Processing includes sub-Processing.  

2. PERSONAL DATA PROCESSING AND TRANSFER 

2.1. Both parties acknowledge that as part of the sponsorship relationship, Processing of Personal data shall occur. 

2.2.  Sponsor shall be considered the Data Controller for the Personal Data received in connection with the sponsorship relationship. Provider shall be considered Data Controller for the Personal Data transferred by Sponsor in the scope of the Agreement.  

2.3.  Where Provider obtains Personal Data directly from Sponsor only for the purposes contemplated by the Agreement and for no other purposes (and in particular, not disclose those Personal Data except as necessary for those purposes), the Provider bears the responsibility for ensuring that Personal Data is Processed by Provider and any Provider’s sub-processors in compliance with Data Privacy Laws, in particular that Provider has valid legal basis to Process data subjects personal data (e.g. consent, contract or others) and both parties implement and maintain appropriate physical, technical and organisational security measures to protect Personal Data. 

2.4.  In the event that a party requires or performs a transfer of the other party’s Personal Data to a country outside of the EEA both parties acknowledge and agree that the appropriate contract terms for international data transfers (decisions 2010/87/EU and any updates thereto) (“Standard Contractual Clauses”) shall be attached to this Data Privacy Schedule and shall be enforceable between the parties.  

2.5.  In the event that such Standard Contractual Clauses are required to be replaced or amended in order for data transfer to remain compliant with the Data Privacy Laws, such replacement or amendment shall be automatically incorporated into this Data Privacy Schedule. 

2.6.   If Sponsor needs to provide information (including details of the services provided by Provider) to a competent supervisory authority, (whether directly or indirectly via an Sponsor client), Provider shall assist Sponsor in providing such information, to the extent that such information is solely in the possession of the Provider or its sub-processors.  

 

3. PROVIDER PERSONAL DATA 

Parties may receive Personal Data regarding the other party’s employees, directors and other personnel, as part of maintaining its business relationships with the other party under the Agreement. Personal Data may be obtained indirectly through internal security systems or other means. Each party is hereby permitted to process such Personal Data for purposes related to the Agreement and Sponsor is further permitted to process such Personal Data for relevant purposes under Sponsor global Data Privacy Policy (a copy of which will be made available by Sponsor to Provider upon request). For the purposes set forth above, each party may transfer such Personal Data to any country where such party’s global organization and its clients and vendors operate. If required by Data Privacy Laws, parties agree to sign any additional agreement or amendment that may be required to allow transferring such Personal Data outside its jurisdiction of origin pursuant to Data Privacy Laws.  

 

4.  CHANGES IN DATA PRIVACY LAWS 

In the event of any changes in Data Privacy Laws applicable to Sponsor Personal Data, that result in new requirements, (including new physical, technical, organizational, security, or data privacy measures), or Standard Contractual Clauses invalidation, the parties jointly agree to take such reasonable steps that are necessary in order to ensure data transfers can continue in a manner that is compliant with the Data Protection Laws and Provider will reasonably cooperate with Sponsor in designing a remedial response to implement such new requirements. 

SCHEDULE B -INFORMATION SECURITY SCHEDULE 

This information security schedule, including any attachment hereto, (“Information Security Schedule”) is subject to the terms and conditions of the Agreement.  For the purposes of this Information Security Schedule, “Provider” shall mean AI TECH UK and its third-party providers/suppliers/agents and subcontractors, and “Sponsor” shall mean Sponsor (UK) Limited. Terms not defined herein shall have the meaning set forth in the Agreement. In the event of a conflict between the Agreement and this Information Security Schedule, this Information Security Schedule shall prevail.

1.  INFORMATION SECURITY REQUIREMENTS 

 

1.1Where Provider knows, or reasonably suspects, an accidental or unauthorized loss, destruction, acquisition, disclosure, access, manipulation, use or other form of compromise of Sponsor Data (a “Security Incident”) has occurred, Provider will notify Sponsor’s point of contact in writing promptly, and in any event within forty-eight (48) hours following such discovery and cooperate with Sponsor in any breach investigation or remediation efforts. If Sponsor notifies Provider of a security vulnerability or incident that is identified by Sponsor or a third party to Sponsor, Provider will, in good faith, address the security vulnerability or incident without undue delay regardless of severity regardless of severity.  For the purposes of this Information Security Schedule: (i) “Sponsor Data” shall have the meaning set forth in the Agreement, or if no term is defined, then “Sponsor Data” shall mean all information or data collected, stored, processed, received and/or generated by Provider in connection with providing the applicable Provider Services to Sponsor, including Sponsor Personal Data as defined in the Agreement; and (ii) “Provider Services” shall have the meaning set forth in the Agreement and also includes any other services provided by the Provider under the Agreement, and shall include any software and equipment provided by Provider (including third party software and equipment) required to access the Provider Services or provide the Provider Services.     

 

1.2 Provider represents and warrants that it shall implement appropriate technical and organizational security measures, based on current Industry Standards. “Industry Standards” means commercially reasonable security measures in all applicable equipment, software systems, services and platforms that Provider uses to access, process and/or store Sponsor Data, that are designed to ensure the security, integrity, and confidentiality of Sponsor Data, and to protect against any Security Incident(s). Further, Provider represents and warrants it will comply with applicable laws and regulatory requirements to ensure that Sponsor Data is not destroyed (except as expressly permitted under this Agreement), lost, altered corrupted or otherwise impacted such that it is not readily usable by Sponsor in its business operations. Upon the Sponsor’s request, Sponsor Data shall be immediately provided or otherwise made accessible to Sponsor by Provider, either, at Sponsor’s option, using the Provider Services or in an Industry Standard format specified by Sponsor. 

 

1.3 Illicit Code.  Except for the functions and features expressly disclosed in Provider's documentation provided or made available to Sponsor, Provider represents and warrants that the Provider Services, deliverables, and software and equipment that process, store or transmit Sponsor Data do not and will not contain any malicious or disabling code, including, but not limited to, viruses, malware, worms, back doors, date/time bombs, or Trojan horses. 

 

1.4 Security of All Software Components.  Provider agrees to appropriately inventory all software components (including, but not limited to, open source software) used in the Provider Services, software, equipment and/or deliverables, and provide such inventory to Sponsor upon request. Provider will assess whether any such software components have any security defects and/or vulnerabilities that could lead to a Security Incident.  Provider shall perform such assessment prior to delivery of, or providing access to, such software components to Sponsor and on an on-going basis thereafter during the term of the Agreement and any Orders and Statements of Work under the Agreement. Provider agrees to remediate identified security defects or vulnerabilities in a timely manner. If security defects or vulnerabilities cannot be remediated in a timely manner, Provider agrees to notify Sponsor so that an appropriate risk assessment can be conducted.  Provider further agrees not to disclose the existence of this Agreement, nor any Sponsor Data or intellectual property of Sponsor, in connection with any remediation efforts (including, for example, contribution of code to an open source software project). 

 

1.5 Resiliency.  During the term of the Agreement and all Orders and Statements of Work under the Agreement, Provider shall maintain a high availability (“HA”) solution and related plan that is consistent with Industry Standards for the Provider Services being provided.  The HA solution is required to have a highly available technical architecture across all the application tiers with nodes deployed across different physical data centers with no more than 1 hour of recovery time and data loss.  If an HA solution is not able to be deployed, Provider shall maintain a disaster recovery (“DR”) solution and related plan that is consistent with Industry Standards for the Provider Services being provided.  The DR solution will ensure identified critical capabilities are restored within a twenty-four (24)-hour period with no more than twelve (12) hours of data loss in the event of a declared disaster or major system outage. Provider will test the HA or DR solution and related plan at least twice annually or more frequently if test results indicate that critical systems were not capable of being recovered within the periods above.  Provider will provide summary test results for each exercise which will include the actual recovery point (how much data lost, if any) and recovery times (time to bring back applications and/or the Provider Services, if not automated failover) achieved within the exercise. Provider will provide agreed upon action plans to promptly address and resolve any deficiencies, concerns, or issues that may prevent the critical functionality of the application and/or Provider Services from being recovered within twenty-four (24) hours in the event of a disaster or major system outage.     

2. SECURITY ASSESSMENT 

2.1 Security Assessment.  If Sponsor reasonably determines, or in good faith believes, that Provider’s security practices and procedures do not meet Provider’s obligations pursuant to the Agreement or this Information Security Schedule, then Sponsor may notify Provider of the deficiencies.  Further, Provider shall without unreasonable delay (i) correct such deficiencies at its own expense and (ii) permit Sponsor, or its duly authorized representatives, on reasonable prior notice, to assess Provider’s and Provider subcontractors’ security-related activities that are relevant to the Agreement. Additionally; Provider will complete, in a timely and accurate manner, an information security questionnaire provided by Sponsor to Provider, on an annual basis or more frequently upon Sponsor’s request, in order to verify Provider’s and its subcontractors' compliance with its security-related obligations in the Agreement. (“Security Assessment”). 

 

2.2 Security Issues and Remediation Plan.  Security issues identified by Sponsor during a Security Assessment will have an assigned risk rating and an agreed to timeframe to remediate. Provider shall remediate all security issues identified within the agreed remediation timeframes and failure to comply will result in Sponsor having the right to terminate this Agreement without the payment of any early termination fee and with the right to a refund of any prepaid amounts for the period of time after the effective date of such termination. 

 

3. INFORMATION SECURITY CONTROLS 

 

3.1    Information Security Policies 

  • Policies for Information Security.  Provider’s policies for information security shall be documented by Provider, approved by Provider’s management, published and communicated to Provider’s personnel, contractors, agents and relevant external third parties. 

  • Asset Management 

  • Asset Inventory.  Provider shall maintain an asset inventory of all media and equipment where Sponsor Data is stored. Access to such media and equipment shall be restricted to authorized personnel of Provider.  Provider will ensure that no software or hardware that is past its End of Life (EOL) will be used in the scope of Provider Services without a mutually agreed risk management process for such items. 

  • Asset Handling   

  • Provider shall classify Sponsor Data so that it is properly identified and access to Sponsor Data shall be appropriately restricted.  

  • Provider shall maintain an acceptable use policy with restrictions on printing Sponsor Data and procedures for appropriately disposing of printed materials that contain Sponsor Data when such data is no longer needed to provide the Provider Services under the Agreement.  

  • Provider shall maintain an appropriate approval process whereby such approval is provided to personnel, contractors and agents prior to storing Sponsor Data on portable devices; remotely accessing Sponsor Data; or processing such data outside of Provider facilities. If storing Sponsor Data on portable devices is approved and granted, Provider shall enforce the use of current Industry Standard encryption on the portable device.  Provider will prohibit the enrollment of mobile devices that have been “jail broken.”   

  • Access Control.   

  • Provider shall maintain an appropriate access control policy that is designed to restrict access to Sponsor Data and Provider assets to authorized personnel, agents and contractors.  

  • Provider shall maintain and enforce a password policy that is aligned to current Industry Standards (e.g. NIST Cyber Security Framework and the Center for Internet Security). 

  • Provider shall restrict access to Provider systems involved in providing Provider Services, to only those individuals who require such access to perform their duties using the principle of least privilege access. 

  • Provider shall provide an Industry Standards based single sign-on (SSO) capability (SAML, etc.) for Sponsor which will require authentication to access any Provider web-based application(s) provided as part of the Provider Services, unless the requirement is explicitly waived by Sponsor. Details of how the single sign-on integration must be implemented are available from Sponsor upon request. If SSO is waived, multi-factor authentication is still required for access to Provider web-based application(s) provided as part of the Provider Services. 

  • Cryptography.  Provider shall maintain policies and standards regarding the use of cryptographic controls that are implemented to protect Sponsor Data.   

  • Physical and Environmental Security 

  • Secure Disposal or Reuse of Equipment.  Provider shall verify equipment containing storage media, to confirm that all Sponsor Data has been deleted or securely overwritten using Industry Standard processes, prior to disposal or re-use.   

  • Operations Security  

  • Logging and Monitoring of Events. Provider must enable logging and monitoring on all operating systems, databases, applications, and security and network devices that are involved in providing Provider Services.  

  • Protections from Malware. Provider shall maintain anti-malware controls that are designed to protect systems from malicious software, including malicious software that originates from public networks. Provider shall maintain software at the then current major release for Provider owned anti-malware software and provide maintenance and support for new releases and versions of such software.  

  • Encryption of Data at Rest.  Provider shall encrypt data at rest using current Industry Standard encryption solutions or shall provide the capability with instructions to Sponsor so that Sponsor may enable further encryption, at Sponsor’s discretion.   

  • Communications Security  

  • Information Transfer and Storage.   

  • Provider shall use current Industry Standard encryption to encrypt Sponsor Data that is in transit. 

  • Provider shall restrict access through encryption to Sponsor Data stored on media that is physically transported from Provider facilities.   

  • Security of Network Services.  Provider shall ensure that Industry Standard security controls and procedures for all network services and components are implemented whether such services are provided in-house or outsourced. 

  • System Acquisition, Development and Maintenance 

  • Workstation Encryption.  Provider will require full hard disk encryption all workstations and/or laptops used by personnel, contractors and agents where such personnel are accessing or processing Sponsor Data.  

  • Application Hardening.  Provider will maintain and implement secure application development policies, procedures, and standards that are aligned to Industry Standard practices such as the SANS Top 25 Software Errors and the OWASP Top Ten project. This applies to web application, mobile application, embedded software, and firmware development as appropriate.    

  • System Hardening. Provider will establish and ensure the use of standard secure configurations of operating systems.  Images should represent hardened versions of the underlying operating system and the applications installed on the system. 

  • Infrastructure Vulnerability Scanning. Provider shall use Industry Standard and up-to-date products to scan its internal and external environment (e.g. servers, network devices, etc.) related to Provider Services on a monthly basis.  Provider shall have a defined process to remediate findings. 

  • Provider Relationships 

  • Where other third-party applications or services must be engaged by Provider, Provider’s contract with any third-party must clearly state security requirements consistent with the security requirements of this Information Security Schedule which will be applied to the third party. In addition, service level agreements with the third party must be clearly defined.  

  •   Information Security Incident Management 

  • Provider shall maintain a record of Security Incidents noting the description of the Security Incident, the applicable time periods, the impact, the person reporting and to whom the Security Incident was reported, and the procedures to remediate the incident.  

  • In the event of a Security Incident identified by Provider, Sponsor, or other third party, Provider will: (a) promptly investigate the Security Incident; (b) promptly provide Sponsor with all relevant detailed information about the Security Incident; and (c) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Incident. 

  • The Provider shall track disclosures of Sponsor Data, including what type of data was disclosed, to whom, and the time of the disclosure. 

Limited spaces available on our AI Skills Programme. Join Now!

START YOUR AI JOURNEY WITH US!

Thanks for submitting!

  • Instagram
  • Linkedin
  • Twitter

© 2025 AI Tech UK. Artificial Intelligence Experts & Think Tank, Leeds.  

Registered Company in England: AI-Tech-UK Ltd. Company No: 11214171

Our Privacy Policy

bottom of page