TARGETCONNECT FROM GTI MEDIA LIMITED
TERMS AND CONDITIONS
In these Terms and Conditions the following words shall unless the context otherwise requires have the meanings given:
"Agreement" - these Conditions and the Order Form
"Application" - the Software which has been licensed to the Customer in accordance with the terms of this Agreement
"Commencement Date" - the date the Customer first accesses the System and application
"Conditions" - these standard terms and conditions including appendices: Appendix 1 and Appendix 2
"Confidential Information" - all information which is designated as confidential or which ought in good faith to be treated as confidential including without limitation commercial know-how, specifications, inventions, intellectual property, processes or initiatives and any other information concerning either party's business or services and which (a) the disclosing party has marked as confidential, or (b) has been described as confidential by that disclosing party to the receiving party orally provided such information is subsequently reduced into writing marked confidential and provided to the receiving party within 30 days of its disclosure
"Customer" - the company or entity (including its employees or agents) as set out in the Order Form
"Customer Contacts" - the two customer representatives nominated by the Customer in the Order Form or such persons as the Customer may nominate to replace those customer contacts by written notice to GTI
"Data Protection Legislation" - (i) the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR
"Equipment" - means the web interface over which the Customer shall access the Application, which shall be agreed in advance with GTI
"Emergency Down Time" - down time that was not anticipated or scheduled and is required due to an urgent need to protect the System from external threats, including but not limited to virus threats
"GDPR" - means the General Data Protection Regulation 2016/679/EU
"GTI" - GTI Media Limited (company number 02347472)
"Initial Term" - the initial term of the Agreement set out in the Order Form
"Maintenance Event" - maintenance of the System, Software or Application
"Notice" - a notice given in accordance with clause 15 of this Agreement
"Order Form" - the order form supplied by GTI to the Customer annexed to these Conditions
“Purpose” - means the data processing to be performed by GTI under this Agreement as described in Appendix 2 to this Agreement
"Service Level" - the service levels set out in Appendix 1 to this Agreement
"Software" - means GTI’s proprietary software known as TARGETconnect and the non-exclusive, non-transferable licence granted by GTI to the Customer to enable access to the System to gain access to and use the Application
"System" - the hardware, software, firmware and communication facilities over which the Application is made available to the Customer
2. Terms and Conditions
These Conditions shall apply to the Application accessed and/or used by the Customer under the Agreement.
3. The System
The Customer acknowledges and agrees that any part of the System including the Application may be amended from time to time during the continuance of this Agreement provided however that where any such change requires System downtime or will substantially affect the operability of the Application, GTI will endeavour to give the Customer as much notice as possible.
4. Software Licence
4.1 In order for the Customer to gain access to and use the Application and the System, GTI hereby grants to the Customer a non-exclusive, non-transferable licence to access the System using the Software to enable the Customer to use the Application during the term of this Agreement in accordance with the following conditions:-
4.1.1 Software may only be used by the Customer to access the System for the sole Purpose of using the Application listed by the Customer under this Agreement;
4.1.2 all other terms of this Agreement shall (where applicable) apply to Software.
4.2 In order for the Customer to use the Application, GTI is authorised to license to the Customer the Application in accordance with the terms of this Agreement.
The Service Levels shall govern the availability of the System, subject to Part B of Appendix 1 relating to Maintenance Events.
5.2.1 GTI operates its Systems behind firewalls with redundant disc configurations in a secure UK hosting facility to provide operating data security according to the GTI Infrastructure Description set out in Part C of Appendix 1.
5.2.2 The Customer shall own all rights, title and interest in and to all of the data supplied by it to GTI and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of such data. In the event of any loss or damage to data supplied by the Customer to GTI, the Customer's sole and exclusive remedy shall be for GTI to use reasonable commercial endeavours to restore the lost or damaged data from the latest back-up of such data maintained by GTI. GTI shall not be responsible for any loss, destruction, alteration or disclosure of any data caused by any third party.
GTI shall provide support to the Customer for the Software and the Application in accordance with Part A of Appendix 1.
6. Conditions of use of the Application and the System
6.1 The System and Application may only be accessed and used by the number of Customer employees set out in the Order Form which the Customer has paid for.
6.2 Shared access with non-Customer personnel including its registered students and alumni is permitted under this Agreement only according to details set out in the Order Form.
6.3 The Customer is solely responsible and liable for use of the System and Application including but not limited to proper use of its login IDs and passwords and granting of appropriate user rights. The Customer must notify GTI immediately if it suspects that there has been any breach of this provision
6.4 The Customer shall use the Application and the System solely for the purposes of the Customer's principal business as disclosed in full to GTI prior to execution of this Agreement and from time to time thereafter in the event of any change or relevant diversification of that business.
6.5 The Customer shall not reproduce or redistribute the Application or Software in machine readable form other than with the prior written consent of GTI.
6.6 The Customer shall not otherwise than with the prior written consent of GTI use, store, download, sell, redistribute or deal with the Application or Software in any manner or for any other purpose than in accordance with this Agreement.
6.7 The Customer shall be liable, notwithstanding any other remedies GTI may have against the Customer (including termination of this Agreement) to indemnify GTI for any loss GTI suffers and/or to reimburse GTI for the gain the Customer obtains in contravention of this clause.
6.8 The Customer shall faithfully reproduce or, if omitted, add the copyright symbol and clause of GTI as may be identified on the Application, Software or other software or proprietary material as follows: "©2018 GTI MEDIA ALL RIGHTS RESERVED" to all information obtained from the System or by use of the Application or Software, on all copies (authorised or otherwise) made whether in printed form, magnetic or any other media.
6.9 The Customer acknowledges that it is aware that use of the Application, whether by accessing, utilising, storing or otherwise dealing with the same may from time to time be subject to certain statutory or other external regulations, conditions and restrictions (including but not limited to data protection, financial services, etc regulations). The Customer undertakes to comply with all such regulations, conditions or restrictions.
6.10 Other than with the prior written consent of GTI, the Customer is expressly prohibited from using or redistributing the Application for the purposes of:
6.10.1 acting, either itself or in conjunction with any other party, as a System/service GTI/enabler;
6.10.2 commercial redistributing or reproduction of the same through its own or any third party network, cable or satellite system;
6.10.3 permitting or allowing the Application, Software or the System to infringe or be infringed or otherwise prejudice the proprietary rights of GTI, Application or System suppliers;
6.10.4 allowing any third party to access the Application or the System unless expressly so permitted by GTI.
6.11 The Customer shall at all reasonable times permit GTI to have access to the Customer's location upon reasonable notice and to its user personnel, the Equipment, Software and Application for the purposes of upgrading, inspection, testing, monitoring and verification in accordance with the terms of this Agreement.
6.12 The Customer acknowledges that use of the Application requires the Customer users to have proper training in use of the same. The Customer shall be solely responsible to ensure the same.
7. Fees and Charges
7.1 The Customer shall pay to GTI the fees and charges specified in the Order Form. Such fees and charges may be varied from time to time by GTI with the written agreement of the Customer.
7.2 All amounts and fees stated or referred to in this Agreement are exclusive of value added tax, which shall be added to GTI's invoices at the appropriate rate.
7.3 The Customer shall be responsible for all reasonable out of pocket expenses incurred by GTI in relation to the provision of the services under these terms and conditions.
7.4 GTI shall invoice the Customer in accordance with the Order Form for the fees and charges payable under this Agreement. Each invoice is due and payable 30 days after receipt of the invoice.
7.5 If GTI has not received payment within 30 days after the due date, and without prejudice to any other rights and remedies, GTI reserves the right (without liability) to bar the Customer from access to the Application and the System by whatever means it deems appropriate until such time as payment is received in full.
7.6 Notwithstanding the provisions of clause 7.5 above, if the Customer fails to make any payment by the due date for payment, then, without limiting GTI’s other rights and remedies, Customer shall pay interest on the overdue amount at the rate of 3% per annum above Barclays Bank's base lending rate from time to time. Such interest shall accrue on a daily basis from the due date until the date of actual payment of the overdue amount, whether before or after judgment. GTI may in the alternative claim interest at its discretion under the Late Payment of Commercial Debts (Interest) Act 1998.
8. Intellectual Property Rights
8.1 The Customer acknowledges that any and all of the copyright, patents, trade marks, and other intellectual property rights subsisting in or used in connection with the Application, Software and the System including the manner in which it is comprised, compiled, presented or appears ("look and feel") and all information, documentation and manuals relating to them are (unless another owner is specified in them such party being referred to as the "Owner") the property of GTI or the Owner (as the case may be) and the Customer shall not during or at any time after the expiry or termination of this Agreement in any way question or dispute the ownership by GTI or the Owner as the case may be of any such rights.
8.2 The Customer shall not during or after the expiry or termination of this Agreement, without the prior written consent of GTI or the Owner as the case may be or to the extent only permitted by the applicable law, abuse or permit the abuse of such copyright, patent or other intellectual property right or use or adopt any trade made, trade name or commercial designation that includes or is similar to or may be mistaken for the whole or any part of any trade mark, trade name or commercial designation used by GTI or the Owner as the case may be.
8.3 Infringement of the System and content
The Customer undertakes not to reproduce, adapt, translate, arrange or make available to any third party, either directly or indirectly, any part of the System, or software (including but not limited to the Software) or its contents of which the Application form a part (including any electronic materials necessary for its operation) except to the extent that and for so long as the Customer is expressly permitted to do so in accordance with this Agreement, or as permitted by any mandatory provisions of law, and undertakes to take all necessary steps to prevent access to the System by any person except those of its authorised employees/seats who have access for the purposes permitted by this Agreement.
8.4 Unauthorised extraction and re-utilisation
Notwithstanding other provisions of this clause and irrespective of whether or not copyright in the System, software or content (excluding the Customer’s data as per clause 5.2.2 above) is owned by GTI, the Customer shall not, other than as expressly permitted in this Agreement, extract or re-utilise the contents of the System (or any part thereof) for any commercial purpose including but not limited to trading, building commercial systems, reselling or redistributing the Application.
8.5 Remedies of GTI
The Customer acknowledges that civil and criminal penalties may be incurred in the event of any infringement of the copyright and/or other rights in relation to the System or the Application, and that any such infringement by the Customer may result in damage and/or loss to GTI and/or the Owner, and accordingly agrees that, in addition to any other right or remedy of GTI or the Owner, GTI or the Owner shall be entitled to immediate injunctive relief to restrain any actual or apprehended infringement thereof. The Customer undertakes to indemnify GTI and/or the Owner in full, against all loss, damage, costs and expenses (including loss of profit) which may be incurred by GTI and/or the Owner by reason of any such infringement by the Customer.
9. Confidential Information
9.1 Each party shall hold the other's Confidential Information in confidence and, shall not make the other's Confidential Information available to any third party, or use the other's Confidential Information for any purpose other than the implementation of this Agreement without the written consent of the other party.
9.2 Each party shall take all reasonable steps to ensure that the other's Confidential Information to which it has access is not disclosed or distributed by its employees or agents in breach of the terms of this Agreement.
9.3 A party's Confidential Information shall not be deemed to include information that is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.
9.4 This clause shall survive for 5 years after termination of this Agreement, however arising.
9.5 For the avoidance of doubt, the parties acknowledge that the Customer is subject to the Freedom of Information Act 2000 and may be required to disclose information associated with this Agreement. Any such disclosure will be governed by the rules of the Act.
10. Data Protection
10.1 In this Agreement the terms “Data”, “Personal Data”, “Data Controller”, “Data Processor”, “Data Subject” and “processing” shall have the same meanings as are assigned to those terms in the Data Protection Legislation.
10.2 Each party shall comply with its obligations under the Data Protection Legislation including, without limitation, by:
10.2.1 providing to the other party any information necessary to enable each of the parties to perform their obligations under the Data Protection Legislation; and
10.2.2 co-operating with one another so that both parties can comply with their obligations under the Data Protection Legislation in respect of any data collected, held or processed as part of this Agreement.
10.3 The parties acknowledge that, with regard to the processing of Personal Data by the Application and System, it is their intention that the Customer is the Data Controller and is responsible for obtaining any consents required under the Data Protection Legislation and GTI is the Data Processor processing Personal Data for the Purpose on behalf of the Customer.
10.4 GTI, as Data Processor, undertakes to the Customer to process the Personal Data only for the Purpose and in accordance with the terms of this Agreement and on the lawful instructions reasonably given by the Customer to GTI from time to time; and that:
10.4.1 GTI shall take appropriate technical and organisational measures against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data (including, but not limited to, adequate back-up procedures and disaster recovery systems); and
10.4.2 GTI shall ensure that each of its employees, agents and subcontractors are made aware of its obligations under this Agreement, are reliable and suitably trained with regard to the security and protection of the Personal Data; and
10.4.3 GTI shall inform the Customer if, in its opinion, a request by the Customer under this Agreement infringes GDPR or other applicable Data Protection Legislation; and
10.4.4 GTI shall promptly inform the Customer if any Personal Data is lost or destroyed or becomes damaged, corrupted or unusable; and
10.4.5 GTI shall not process or transfer the Personal Data outside the European Economic Area except with the express prior written consent of the Customer; and
10.4.6 GTI shall notify the Customer of any request or complaint that may be received from individuals who are the subject of the Personal Data (“Data Subjects”) without responding to that request unless it has been authorised to do so by the Customer; and
10.4.7 GTI shall assist the Customer promptly with all requests and complaints which may be received from Data Subjects (and the Customer shall reimburse GTI for its reasonable costs incurred in complying with this requirement); and
10.4.8 provide assistance as is reasonably required to the Customer to help the Customer meet its obligations pursuant to Articles 32 to 36 of the GDPR (where applicable); and
10.4.9 GTI shall not divulge any Personal Data, whether directly or indirectly, to any other GTI applications or systems, or to any third party without the express, explicit and informed consent of the Data Subject with regard to all categories of Personal Data to be so transferred.
10.5 The Customer shall provide GTI with details of the Customer’s Data retention requirements for Data processed under this Agreement and GTI shall take reasonable steps to notify the Customer of all Data processed on the Customer’s behalf that is outstide the time periods specified. However at all times the Customer is responsible as the data controller to provide GTI with instructions on the removal or anonymisation of the data outside of the retention period.
10.6 Subject to clauses 10.7 and 11.4 below, GTI agrees to indemnify and to keep indemnified and defend the Customer against costs, claims, damages or expenses incurred by the Customer or which the Customer may become liable due to any failure by GTI or its employees, subcontractors or agents to comply with the obligations under this Clause 10.
10.7 The Customer acknowledges that GTI is reliant on the Customer for direction as to the extent to which GTI is entitled to use and process the personal data. Consequently, GTI will not be liable for any claim arising from any action or omission by GTI to the extent that such action or omission resulted from the Customer’s express instructions.
10.8 GTI may authorise a third party (sub-contractor) to process the Data for the Purpose under this Agreement provided that:
10.8.1 full details of the sub-contract have been provided to the Customer and the Customer has expressly consented to the sub-contractor being appointed; and
10.8.2 the sub-contractor’s contract is on terms which are no less onerous with regard to the processing of Data as those set out in this clause 10 of this Agreement; and
10.8.3 the subcontractor’s contract will terminate automatically on the expiry or termination of this Agreement for any reason.
10.9 On expiry or termination of this Agreement, GTI shall forthwith deliver to the Customer, or destroy, at the Customer’s sole option, all of the Customer’s Data in its possession or under its control as part of a sub-contracting arrangement.
11.1 GTI undertakes to use all reasonable endeavours to provide the Service Level for the Application and the Software.
11.2 Other than as provided in clauses 5.2.2 and 12.1, neither party shall be liable to the other party in contract, tort or otherwise for any indirect or consequential loss or damage or to any loss of profits, loss of revenue, loss of data, loss of contracts or opportunity, whether direct or indirect, even if the party bringing the claim has advised the other of the possibility of those losses, or if they were within the other party's contemplation
11.3 Nothing in this Agreement excludes the liability of either party:
11.3.1 for death or personal injury; or
11.3.2 for fraud or fraudulent misrepresentation.
11.4 Save as provided under clause 13.3, and unless otherwise excluded pursuant to the foregoing provisions of this clause, the liability of GTI in contract, tort or otherwise for any direct, indirect or consequential loss or damage sustained by the Customer or others directly or indirectly making use of or arising in any way from the Application, the System whether arising as a result of GTI's negligence, wilful default, misrepresentation or other breach or breaches of its duties or obligations, shall be limited to the total fees and charges payable by the Customer under this Agreement in the 12 months preceding the date on which the claim arose.
12.1 The Customer undertakes fully and effectively to indemnify and keep indemnified at all times GTI against all actions, proceedings, costs, claims, demands, liabilities and expenses whatsoever (including legal and other fees and disbursements) sustained, incurred or paid by GTI directly or indirectly in respect of any breach by the Customer of any of the provisions of this Agreement.
12.2 The Customer further undertakes that it will not seek to recover and shall not be entitled to recover from GTI or to be indemnified by GTI in respect of any direct, indirect or consequential loss or damage or against any claims, proceedings, costs, demands, liabilities and expense whatsoever sustained, incurred or paid by the Customer to any party in respect of any of the matters specified in this Agreement other than as required by the applicable law.
13. Term and Termination
13.1 This Agreement shall commence on the Commencement Date and shall continue for the Initial Term and thereafter for successive 12 month periods or until such later date as may be agreed by the parties in writing unless or until terminated in accordance with the terms of clauses 13.2, 13.3 or 14.
13.2 Either party may terminate this Agreement on giving written Notice to expire no earlier than the end of the Initial Term or subsequent anniversary of the Commencement Date.
13.3 Notwithstanding any other provisions of this Agreement, and without prejudice to any other rights such party serving notice may have, either party may forthwith terminate this Agreement by written notice to the other if any of the following events shall occur:-
13.3.1 if the other party commits any breach of the terms or conditions of this Agreement including the terms, conditions and provisions of the appendices and fails to remedy such breach (or in so far as such breach is not capable of remedy to furnish adequate compensation) within 30 days after receiving written notice from the party requiring it so to do;
13.3.2 if the other party becomes bankrupt or compounds or makes any arrangement with or for the benefit of its creditors or (being a private limited or a public limited company or equivalent organisation in the jurisdiction of the applicable law) enters into compulsory or voluntary liquidation or amalgamation (other than for the purpose of a bona fide reconstruction or amalgamation without insolvency) or has a receiver or manager appointed of the whole or substantially the whole of its undertakings; or
13.3.3 if any distress or execution shall be threatened or levied upon any equipment and/or software or other property of the party; or
13.3.4 the other party is unable to pay its debts in accordance with the law relating to this Agreement.
13.4 Termination of this Agreement shall be without prejudice to any accrued rights of either party and shall not affect obligations which are expressed not to be affected by expiry or termination of this Agreement.
13.5 The Customer undertakes that within 7 days after the date of expiry or termination of this Agreement for whatever reason, the Customer shall uninstall/purge/expunge from the Equipment, Software, supporting software (if any) and any copies of any parts of the Application transferred and/or stored during this Agreement and furnish GTI with a certificate, certifying that it has so uninstalled/ purged/expunged the same, to permit GTI's personnel reasonable access to the Customer's Equipment, personnel and premises during reasonable hours and on reasonable notice so to do.
14. Force Majeure
Neither party shall be liable to the other in any way whatsoever for acts, events, accidents or omissions beyond its reasonable control including (but not limited to) failure, interruption, delay or any other matters of the nature whatsoever arising out of war, rebellion, civil commotion, strikes, lock-outs and industrial disputes; fire, explosion, earthquake, acts of God, flood drought or bad weather, the requisitioning or other act or order by any government department, council or other constituted body. In such circumstances, then the party for whose benefit the affected obligation would have been performed shall be entitled, by the giving of Notice in writing to the other party, to immediately to terminate this Agreement and neither party shall be liable to the other for such termination.
All notices to or by the respective parties shall be in writing in the English language and shall be deemed to have been duly given when delivered by hand, posted by recorded delivery post or sent by facsimile to the party to which such notice is required to be given under this Agreement to the address provided for such party stated in the Order Form or to such other address or facsimile number as the respective parties may specify to the other in writing.
Notices delivered by hand or sent by facsimile shall be deemed received on the first working day following such delivery or sending. Notices which have been posted as above shall be deemed received on the third working day following posting.
The Customer shall not, without the prior written consent of GTI, assign or transfer this Agreement or any of its rights under this Agreement to any other person, firm or company.
Failure or neglect by either party to enforce at any time any of the provisions of this Agreement shall not be construed nor shall be deemed to be a waiver of that party's rights nor in any way affect the validity of the whole or any part of this Agreement nor prejudice that party's rights to take subsequent action.
18. Entire Agreement and Amendments
This Agreement supersedes any arrangements, understandings, promises or agreements made or existing between the parties prior to the signing of this Agreement which constitutes the entire understanding between the parties. Except as otherwise provided in this Agreement, no addition, amendment or modification of this Agreement shall be effective unless it is in writing and signed by and on behalf of each party by a director or such other duly authorised officer as the case may be.
The headings of the paragraphs of this Agreement are inserted for convenience of reference only and are not intended to be part of or to affect the meaning or interpretation of this Agreement.
In the event that any or any part of the terms, conditions or provisions contained in this Agreement shall be determined by any competent authority to be invalid, unlawful or unenforceable to any extent such term, condition or provision shall to that extent be severed from the remaining terms and conditions which shall continue to be valid and enforceable to the fullest extent permitted by law.
21. Dispute Resolution
If any dispute arises in connection with this Agreement, the parties will attempt to settle it by mediation in accordance with the Centre for Effective Dispute Resolution (CEDR) Model Mediation Procedure. Unless otherwise agreed between the parties, the mediator will be nominated by CEDR. To initiate the mediation a party must give notice in writing to the other party to the dispute requesting mediation. A copy of the request should be sent to CEDR. No party may commence any court proceedings in relation to any dispute arising out of this Agreement until it has attempted to settle the dispute by mediation and either the mediation has terminated or the other party has failed to participate in the mediation, provided that the right to issue proceedings is not prejudiced by a delay.
22. Governing Law and jurisdiction
This Agreement shall be governed and construed in all respects in accordance with the laws of England and Wales and the courts of England shall have exclusive jurisdiction to settle any dispute or claim that arises out of or in connection with this Agreement, or its subject matter or formation.
SUPPORT AND MAINTENANCE SERVICE LEVEL ARRANGEMENTS
The purpose of this document is to set expectations for the Customer with regard to the service provided.
1.1. GTI provides online services through web-based application databases and administrative systems. These services are accessed through the Internet, providing global access to all users.
1.2. These services reside on GTI’s web and database servers situated in a Data Centre in London (together these comprise the Customer’s “System”). This provides GTI with centralised control of the Systems, to better manage the Systems, and to keep them secure.
1.3. It also provides GTI with the ability to obtain immediate access and control of the services that it provides to the Customer to ensure that it is able to closely monitor and bring to a speedy resolution should any problems arise.
1.4. The centralised management of the GTI System is backed up on a regular and routine basis and provides a single platform to manage data recovery in the rare event this is necessary.
1.5. GTI’s systems are supported by the following support services:
1.5.1. Customer help desk to enable resolution of System issues;
1.5.2. Technical support to resolve web and database server issues;
1.5.3. Infrastructure support to resolve problems relating to operating systems, firewalls or the network that supports the agreed services.
PART A: SUPPORT SERVICES
2. Help desk
2.1. The GTI help desk operates from Monday to Friday between 9:00am and 5:30pm (UK local time) excluding UK Bank Holidays, and will respond to support queries by email and telephone, from Customer Contacts within those hours of operation.
2.2. The response target set out by GTI for various categories of support are:
2.2.1. Response to telephone calls – 80% of all calls to be answered within 20 seconds;
2.2.2. Responses to email within two (2) working days, or as defined in the Agreement.
2.3. Support services require that :-
2.3.1. Customer Contacts are trained in relation to the System (such training being the responsibility of the Customer); and
2.3.2. requests for support are submitted to the GTI help desk through one of the agreed channels outlined in the Agreement; and
2.3.3. sufficient material and information is submitted to enable GTI's support staff to identify the problem; and
2.3.4. where requested, the Customer provides direct access to the version of the System being operated to allow GTI’s support staff to investigate the problem.
2.4. Support services shall not be provided for:
2.4.1. the use of the System in a manner inconsistent with the Agreement;
2.4.2. any System which has been modified by anyone other than GTI unless authorised in writing by GTI;
2.4.3. failure of a System as a result of, abuse or misapplication;
2.4.4. any version of a System as to which a subsequent version was released more than twelve (12) months earlier than the then current date and where the functionality on the subsequent version is materially different from the functionality of the earlier version.
2.5. Training support can be provided to the Customer, as defined:
2.5.1. GTI will maintain a separate and standalone version of the Customer’s System and make this available to the Customer for the purpose of allowing their employees to test and train themselves on the System.
2.5.2. On-site training of Customer employees by GTI, at GTI’s standard training rate as defined in the Agreement.
3. Technical support
3.1. Reporting of bugs and bug-fixing
3.1.1. The Customer is required to report all defects by email in the first instance. If a defect is severely affecting all System users then they are advised to report this by phone to the GTI help desk to avoid any unnecessary delay in addressing the problem.
3.1.2. GTI will use its reasonable endeavours to resolve defects in the standard functionality of the System reported to it by the Customer in accordance with the table below. The Severity Level is the priority that the defect is assigned by the GTI help desk and will determine the nature of GTI’s response (i.e. the type of fix required, any workarounds in the event that a fix is not immediately possible and the fix times).
Entire system fails, which prevents all users from accessing the system. For example:
- System is off-line or “down” - system is not accessible via the internet;
- System is on-line, but no users can log on or register on the system.
Defect given immediate priority attention until resolution achieved. GTI will endeavour to analyse the cause and respond to the reporter within four (4) working hours of validating the defect with a resolution or a plan to resolve the problem.
Core functionality fails, which prevents Customer users from viewing or editing core system data which affects ALL users/items and where no possible workaround exists. For example:
- functional failure where no other option exists to complete the action;
- it is not possible to view or edit any core data (i.e. jobs, vacancies, applications, appointments, events), due to a system error, when using any area of the system;
- key functions & searches return incorrect/no data or do not complete, and no alternative process is available;
- no emails are being sent from the system.
Defect given priority attention until a resolution is identified. A schedule for resolution will be provided as soon as the initial investigation is completed and updates will be provided, if appropriate, each working day or other timescale agreed with the reporter.
Failure of functionality, which affects an isolated group of users/items only, does not relate to core functionality, or where all users/items are affected but a workaround is available.
- functional failure where only some users/items are affected, or where similar functionality can be accessed via an alternative method;
- it is not possible to view or edit any core data (i.e. jobs, vacancies, applications, appointments, and events), due to a system error, when using a single area of the system. However, the required action can be completed via an alternative process;
- key functions & searches return incorrect/no data or do not complete. An alternative process to access required data or complete the task is provided;
- system times out on standard exports or reports, report data or total is incorrect.
GTI will endeavour to analyse the cause and respond to the reporter within two (2) working days of validating the defect with a resolution or a plan to resolve the problem.
Isolated or non-specific errors that do not affect the overall usability of the system, or which affect individual users or items. For example:
- individual user reports an issue with the system;
- individual item displays error when viewing/editing details;
- individual user is unable to log on;
- display issue occurring on a single browser;
- spelling or grammar error within page text.
Often these issues may be traced to external conditions or user/item error.
GTI will endeavour to analyse the cause and respond to the reporter with this information within five (5) working days of validating the issue. Some issues may not have a technical resolution.
3.1.3. The response targets above will not apply:
- where the defect has not been reported directly to the GTI help desk and/or there is no help desk reference relating to the defect;
- where insufficient information is provided in relation to the defect;
- where the defect does not occur on the live System;
- during any Maintenance Event (including Emergency Downtime);
- during Customer-caused or third party-caused outages or disruptions (except to the extent that such outages or disruptions are caused by those duly authorised third parties sub-contracted by GTI);
- during outages or disruptions attributable in whole or in part to force majeure events as defined in the Agreement.
3.1.4. GTI is responsible for the identification, management and resolution of defects, which shall include:
- proactively identifying defects in the software, advising the Customer of the same and providing fixes;
- providing telephone assistance to the Customer in the analysis and correction of defects affecting the System and its use.
3.1.5. GTI reserves the right to schedule any fix within our normal maintenance plan for the System.
3.1.6. GTI is not obliged to fix defects which arise as follows:
- occurring only on test (including UAT) instances of the System;
- occurring only when using an unsupported browser;
- from any modifications to the software made by any person other than GTI;
- as a result of existing or changes to the Customer’s connection to the Internet and ISP provision, or locally installed software on the Customer’s IT systems;
- incorrect use of the Software or operator error.
3.1.7. A defect shall be escalated to the GTI Support Manager, if:-
- the defect has a Severity Level of ‘Blocker’ or ‘Critical’; or
- no progress has been made on the defect within the target resolution time set out above.
GTI will quote for the implementation of the System as a separate cost item. A standard implementation of the System takes 12 weeks and is governed according to a project plan which includes:
- Set-up of UAT site
- Branding the System to resemble the Customer’s corporate branding
- Integration with single sign-on protocols:
- Common Authentication Service (CAS)
- Lightweight Directory Access Protocol (LDAP)
- Set-up of email routing, using one of the methods below:
- SMTP routing
- TARGETconnect 'From Address'
- Set-up of the web domain for the System:
- Use a TARGETconnect subdomain like 'uni.targetconnect.net'
- Use an Institution specific subdomain like 'careers.uni.ac.uk'
- One-time import provided from any existing source of:
- Employer organisations
- Job vacancies/opportunities
- Set-up of a regular feed of student records to keep the System synchronised with the Customer’s primary system for student registrations (e.g. SITS)
- Standard configuration of modules:
- User Groups – define the main groups of users of the System and access rights
- Appointments – help in the set-up of the controlling factors which define the most common appointments, e.g. appointment type, locations, appointment length and conditions on appointment booking
- Events – help in the set-up of controlling factors which define the most common events, e.g. event category, event type and conditions on event booking
- Queries – help in the set-up of the System to receive and process e-queries
- Organisations – help in the set-up of the organisation portal and organisation self-registration
- Opportunities – help in the set-up of required workflow process routes for the major opportunity types and the ability for organisation to submit opportunities through the organisation portal
- Update calls and train-the-trainer sessions conducted via web conference in accordance with the project plan
- Putting the System live
3.3. Advanced Configuration
Help from GTI with advanced configuration of the System can be requested by the Customer. GTI reserves its right to reasonably decline this request. Examples of advanced configuration include:
- menu configuration
- custom notification templates
- other data imports
- custom forms and fields
- application forms
- booking forms for appointments and events
- configuration of the Placements module
- set-up of RSS feeds
- configuration of the Feedback module for use with Appointments and Events
- additional reports
- on-site training of users
Such work completed by GTI is undertaken on a time and materials basis at GTI’s then current daily rates for these services. Work will only be commenced following receipt of a written authority to proceed from the Customer such as a valid Purchase Order.
3.4. Bespoke functionality
Bespoke functionality can be commissioned by the Customer to tailor the System to fit exactly the Customer’s internal processes by the provision of a change to the programming of the software. GTI reserves its right to reasonably decline this request. Work done by GTI in programming, testing and training the Customer in this new functionality is undertaken on a time and materials basis at GTI’s then current daily rates for these services. Such work will only be commenced following receipt of a written authority to proceed from the Customer such as a valid Purchase Order. This new functionality together with that already existing will then constitute the System and all Intellectual Property Rights arising from the development of this new functionality remain subject to the same terms governing licensing of the System.
3.5. New releases
3.5.1. GTI may release new modular functionality and updated versions of the standard system from time to time. GTI shall notify the Customer of a new release as and when any new release is published or made available to its customers generally.
3.5.2. If requested by the Customer, GTI will offer the Customer's personnel training in use of the new release at the standard training rate. The training will occur upon delivery of the new release or at any time during the evaluation of the same.
3.5.3. Should the new release be made available to the Customer by a UAT (User Acceptance Test) version of the Customer’s System, it is the responsibility of the Customer to review this within the agreed timescales and to document in an email to GTI any issues they identify which would prevent the new release from going live. At the expiry of this period and if nothing is heard from the Customer then the Customer is deemed to accept the new release.
3.6. Modular upgrades
A range of modular upgrades are available at separate cost; some modules are configurable to adjust to the Customer requirements.
4.1. Branding of external facing interface(s) to match the styling on other of the Customer’s websites can be incorporated into the System. The work associated with implementing this branding is undertaken on a time and material basis at GTI’s then current daily rates for programming and testing.
4.2. A SSL certificate can be added to the System on request; subject to a separate charge made by GTI for acquiring, installing and administering the renewal of this certificate on behalf of the Customer. Where the Customer hosts the domain record, it is the responsibility of the Customer to ensure that the SSL certificate is purchased/renewed.
4.3. All GTI systems are hosted by GTI who will maintain the appropriate DNS registrations necessary to make this System accessible from the internet. GTI will provide the Customer with the necessary URL link to advertise the System.
4.4. Where a specific domain is required by the Customer to be associated with their System, GTI can acquire the domain on behalf of the Customer. This is subject to a separate charge for the acquisition, renewal and maintenance of the domain record. Legal ownership of domains purchased by GTI on behalf of the Customer can be transferred upon request in writing. Should the Customer wish to purchase the domain themselves and host the domain record on their servers, then it becomes the responsibility of the Customer to maintain this record and for the renewal of the domain registration.
5. Review meetings
5.1. The representatives of GTI and the Customer shall hold review meetings according to an agreed schedule, in order to review the service provided by GTI and any information technology issues which have arisen in relation to it.
5.2. The parties shall each maintain a record of any issues arising in relation to the service including (for each issue) the GTI help desk reference, the date of the call, the priority given to it, the name of the Customer Contact who made the call, details of the issue and its resolution, the date on which the issue was resolved and the time taken to resolve the issue.
6. Account management
In addition to the standard services outlined above, where Account Management is included within the Agreement, this will provide a central point of contact for the Customer.
The role of an account manager is:
6.1. Project scoping and management through the project life-cycle.
6.2. Data requests or queries about the System that are not bugs and can be carried out by the account manager using standard tools at their disposal and completed in a reasonable amount of time (i.e. 10-20 minutes). Provision of this service is also governed by fair use, i.e. these requests should be infrequent and not the norm. GTI reserves the right to refuse these requests or to propose the work is scheduled through the development team with an associated charge.
6.3. Review meetings on an agreed regularity.
PART B: MAINTENANCE AND HOSTING
7.1. Service availability
7.1.1. GTI is committed to the system availability target of 99.5% and will take all reasonable steps to ensure such a target is met.
7.1.2. Periods in which any of the following occur are excluded from the measurement of the service availability:-
- Maintenance Events;
- Emergency Downtime;
- Customer-caused or third party-caused outages or disruptions (except to the extent that such outages or disruptions are caused by those duly authorised third parties sub-contracted by the Supplier to perform the Services);
- outages or disruptions attributable in whole or in part to force majeure events as defined in the Agreement.
7.2. Reports on system availability and performance can be provided to Customer on request.
7.3. All data is backed up daily and a copy is stored both within the Data Centre and off-site.
8. Maintenance events
From time to time, it will be necessary to take part or all of the System off-line for the purposes of hardware, software or firmware maintenance (“Maintenance Events”). Any such Maintenance Events will be carried out as follows:-
8.1. Scheduled Maintenance shall be performed according to a schedule published by GTI and shared with the Customer in advance, typically occurring no more frequently than once a month. If the maintenance will require interruption of the System, GTI will use reasonable endeavours to notify the Customer with a minimum of two (2) working days notice.
8.2. In addition, GTI may interrupt the operation of the System for Unscheduled Maintenance, provided that it has given the Customer a minimum of two (2) working days notice.
8.3. GTI may interrupt the System to perform emergency maintenance and critical systems maintenance to the System, including (but not limited to) bug fixes, virus patches, and reboots of the System (“Emergency Downtime”). These outages will be performed with regard to minimising the impact on users, but such work may be performed at short (or at times without) notice. GTI will use its best endeavours to inform Customer Contacts of any Emergency Downtime, as soon as practicable, where the System will be required to be offline for more than 15 minutes.
8.4. GTI may determine, at its sole discretion, that providing appropriate service levels requires additional equipment and/or bandwidth, and may install that equipment and/or bandwidth without approval from the Customer.
8.5. GTI will proactively administer and monitor the System 24/7 (excluding any downtime) and apply upgrades and patches to the hardware to ensure optimal performance of the System and will use reasonable endeavours to:-
8.5.1. provide upgrades during Maintenance Events only;
8.5.2. provide that upgrades and patches are only applied:-
- after pre-installation testing of the System has been performed;
- using change control processes to ensure that a risk-assessment of all changes are performed in advance;
- along with documentation and a record of the update.
8.5.3. provide automatic alerts to GTI technical support personnel upon a systems failure occurring; and
8.5.4. create records of all failures and downtime, in order to analyse and provide solutions for any areas which may affect the ability to meet committed targets.
8.6. GTI will inform the Customer of any maintenance which will result in changes to the System. Details of retrospective changes made to the System will be provided as soon as practical after the change has been applied. Such notification will be made by email to the Customer Contacts and will include:
8.6.1. a brief description of the change;
8.6.2. a statement relating to the impact on the live service;
8.6.3. the length of the change window and the expected downtime within that window;
8.6.4. contact details should the Customer wish to know more about the changes.
PART C: GTI INFRASTRUCTURE DESCRIPTION
The services will be deployed on shared physical infrastructure running virtualisation technology and designed to segregate traffic based on type and security. There are currently a number of dedicated servers in this infrastructure responsible for providing the System. The majority of these servers provide the front-end web services via a High Availability (HA) interface with the remaining part providing a Highly Available database for back end storage.
The infrastructure is fully redundant and is located in a Tier3 secure hosting facility suite at Interxion, 11 Hanbury Street, London, E1 6QR.
The driving principles behind the infrastructure design are security, availability, scalability, performance and manageability.
- Security is provided through a combination of hardware, technical design and configuration and policy. The layered firewall design is typical of Internet security in the banking sector and provides multi- vendor defence in depth. The basic idea is to keep the configuration of the exterior layer simple and largely static and using the interior layer for more complex functions, where changes will be more frequent. In this design, the firewall layers have been implemented using different technologies – hardware, software and operating systems. The configuration is done using trained technical experts and monitored centrally. The security of the systems is governed by a security policy that frames everything from change control to intrusion detection and response. All GTI Solutions are implemented on Operating Systems that have been hardened. Essentially this restricts a hackers view and capability on a target system should they obtain access to that system.
- Availability is provided by redundancy design for all of the major infrastructure components. Both firewall layers together with the switching and physical infrastructure as well as the virtual platform and web servers offer either automatic fail-over or clustered load-balancing to ensure availability without manual intervention during equipment failure. Our ISP operates redundancy throughout its infrastructure to deliver HA WAN services.
- Scalability is ensured through robust design and the adoption of technology that allows GTI systems to scale as needed. Constant evaluation of our existing and future compute, storage, network and human resources allow us to plan successfully for growth and this is achieved through technology that allows us to scale services with little or no service interruption.
- Performance is assured by ensuring there is more than a sufficient resource to deliver the customer systems and ensuring that these systems are configured for the best performance possible. In every case, we have more memory, compute power, storage and network bandwidth than is needed to ensure no bottlenecks in any of these areas. Streamlined configuration combined with excellent technology and continuous monitoring ensures that the systems perform at the highest possible speeds.
- Manageability is critical to the ongoing security of the GTI Service. The products chosen and the overall architecture have been specified with operations in mind. The monitoring tools used provide GTI with a clear view of the service availability and performance through the gateway.
1. The purpose of the processing under this Agreement is to enable those student service operations of the Customer named on the Order Form to provide the following services via the Software and the Application variously to its students, alumni, advertisers and staff:
a. Appointment advertising and booking
b. Student forms and case notes
c. Student referral
d. Event management, advertising and booking
f. Task management
g. Employer registration
h. Employer event booking
i. Employer vacancy entry, approval and advertisement
j. Job board
k. Ad-hoc and bulk emails
l. Student and graduate management
n. Management of user rights
o. Management of applications to placements (max 5 users)
2. The processing of the Personal Data will involve the:
k. disclosure by transmission;
l. dissemination; and
m. general enquiry and use.
3. The processing of the Personal Data is for the purposes of GTI providing the Application and the System to Customer.
4. The processing will last for the duration of this Agreement and for such period after the expiry or termination of this Agreement to allow GTI to return or delete the Personal Data as instructed by Customer.
5. The Customer, as Data Controller, does not authorise the Personal Data to be transmitted, passed to, or extracted by GTI for any reason other than this specified and lawful purpose, unless the Data Subject has provided express, explicit and informed consent.
6. The Data Subjects of the Personal Data will be the students or the former students (graduates or alumni) of the Customer. The Personal Data that will be processed under this Agreement is:
a. student names and addresses, including email addresses and telephone numbers;
c. country of domicile;
e. student number;
f. course details, including name of course, department and faculty;
g. years of study;
h. start dates and completion dates of study;
i. course length;
j. award or qualification achieved;
k. mode of attendance;
l. student type ( e.g. undergraduate/postgraduate);
m. nature of registration/enrolment;
n. fee status;
7. The obligations and rights of Customer as a data controller are set out in clause 10.