Terms and Conditions

These terms and conditions are to be read in conjunction with applicable Mosaic Island proposals and/or statements of work (‘Proposal/SOW’).

The Parties:

A. Mosaic Island Limited a company incorporated in England & Wales (registration number 5882056) of St Brandon’s House, 29 Great George Street, Bristol, BS1 5QT. (‘the Consultancy’), and

B. The client who purchases the Services from the Consultancy and whose details are set out in the Proposal/SOW (‘the Client’).


(a) The Consultancy’s field of expertise covers information technology design and delivery, that includes the provision of enterprise/solution design together with the full range of delivery cycle skills to deliver pragmatic, business led solutions details of which are specified in the applicable Proposal/SOW(‘Services’).

(b) The Consultancy agrees to supply the Services and the Client agrees to engage the Consultancy on the following terms and conditions:

1. Nature of these terms and conditions

1.1. These terms and conditions apply in respect of any Proposal/SOW by the Consultancy where the Client and Consultancy have not entered into a separate framework agreement known as a Master Services Agreement for the provision of services. With respect to any applicable Proposal/SOW these terms and conditions together with the Proposal/SOW form the contract (‘Contract’) for the supply of the Services by the consultancy to the Client. Where the Client and the Consultancy have entered into any Master Services Agreement any proposal or statement of works between them will be governed by the terms of that Master Services Agreement.

1.2. This Contract will be deemed to have come into force on the date that the Client instructs the Consultancy to undertake the Services and the Consultancy agrees to do so.

1.3. A Contract formed on the basis of these terms and conditions is governed only by these terms and conditions and by no others, except where both parties expressly agree otherwise in writing. In particular, it is agreed that any purchase order or other such document from the Client is intended for the Client’s own administrative purposes only and that notwithstanding its wording, neither a purchase order or other such document nor its content will have any legal effect.

1.4. These terms and conditions will prevail if there is any conflict between them and the Proposal/SOW.

1.5. Either party may request a change to the nature or scope of Services covered by a Proposal/SOW. Any such request will be sufficiently detailed to enable the other party to assess the impact of the proposed change. No such change will become effective until agreed in writing between the parties.

1.6. This Contract is not exclusive; the Consultancy is and remains at liberty to provide services to third parties, and the Client is and remains at liberty to engage services (including similar services) from third parties. The Consultancy reserves the right to decline to provide any advice and assistance outside the scope of the Services as specified in the applicable Proposal/SOW, even if the Consultancy may previously have provided such additional advice and assistance.

2. Services

2.1. The Consultancy will provide Services as agreed from time to time in the applicable Proposal/SOW, so far as is reasonably practicable within any agreed timescale specified in the applicable Proposal/SOW, and with all proper skill and care.

2.2. As an independent professional organisation, the Consultancy will not be subject to the direction or control of the Client, and itself accepts the responsibility for the proper provision of Services. It is the Consultancy’s responsibility to maintain adequate Professional Indemnity, Employer's Liability, and Public Liability insurance.

2.3. The Consultancy is responsible for maintaining reasonable continuity in personnel providing Services on its behalf but reserves the right in its sole discretion to make changes from time to time; no additional charge will be made for any handover period, and the Consultancy remains responsible for Services performed by any individual on its behalf. Where the Consultancy’s charges are on a time and materials basis, or where any individual who will provide Services is named in a Proposal/SOW, it is the Consultancy’s responsibility to ensure that the relevant skills and experience of any replacement personnel remain commensurate with the fee rates charged.

2.4. It is the Client’s responsibility to afford the Consultancy with such access and staff cooperation as the Consultancy may reasonably require for the proper performance of any Services.

3. Copyright and Intellectual Property Rights

3.1. ‘Intellectual Property Rights’ means patents, copyright and related rights, trade marks and service marks, rights in designs, rights in computer software, database rights, rights to use and protect the confidentiality of confidential information (including know-how and trade secrets) and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.

3.2. ‘Deliverable’ means a work produced by the Consultancy in the course of Services for delivery to the Client.

3.3. Where pre-existing Intellectual Property Rights are incorporated in any Deliverable, the Client has non-exclusive irrevocable world-wide royalty free licence to use modify and distribute such pre-existing works, but only as part of the Deliverable; all other rights in the pre-existing Intellectual Property Rights are reserved and remain with the Consultancy.

3.4. Subject to clause 3.3, all Intellectual Property Rights in any Deliverable, other than pre-existing Intellectual Property Rights, pass to the Client upon payment of all fees due to the Consultancy which relate to that Deliverable, and the Consultancy will execute a formal assignment thereof on request by the Client.

3.5. The Consultancy will indemnify the Client against infringement of third party Intellectual Property Rights by a Deliverable, provided that the Client notifies the Consultancy of any relevant third party Intellectual Property Rights promptly on such rights becoming known to or suspected by the Client.

4. Charges and Payment

4.1. Estimates are subject to change if based on incorrect information provided by the Client, or if any specified dependencies / facilities are not available on time, or if any equipment required to be provided by the Client fails to operate correctly (save where the engagement itself is for the repair thereof).

4.2. All sums due will be invoiced and paid as specified in the applicable Proposal/SOW. The Client will pay the Consultancy’s invoices, plus VAT, within 30 days of the date of the invoice. Unless otherwise specified, where payment is on a time and materials basis, the Consultancy may invoice monthly.

4.3. If any of the Consultancy’s invoices becomes overdue, the Consultancy may suspend provision of Services, and any agreed timescale will be automatically extended; the Consultancy may also terminate this Contract for material breach whilst any payment is more than 7 days overdue.

5. Limitation of Liability

Save to the extent expressly provided, all conditions, warranties or other terms implied by statute or common law are hereby excluded to the fullest extent permitted by law. The Consultancy is not liable for any loss or damage in excess of the higher of (a) ₤100,000, or (b) 125% of the total sums payable in any one month under a Proposal/SOW, except where it may not lawfully exclude or limit liability. Each party expressly excludes liability for consequential loss or damage, loss of profit, business, revenue, goodwill or anticipated savings. Any liability or remedy for innocent misrepresentation is expressly excluded. Neither party excludes or limits liability for death or personal injury or for fraud or fraudulent misrepresentation.

6. Termination

6.1. The Contract will continue until the Services have been completed or either party ends it as set out below or as otherwise permitted in these terms and conditions.

6.2. Either party may terminate this Contract:

6.2.1. on 14 days’ written notice; or

6.2.2. immediately if the other breaches these terms and conditions and if the breach is capable of being remedied, has not been remedied within 30 days of receipt of written notice requiring it to be remedied; or

6.2.3. immediately if the other is unable to pay its debts or enters into compulsory or voluntary liquidation or compounds with or convenes a meeting of its creditors or has a receiver or manager or an administrator appointed or ceases for any reason to carry on business or takes or suffers any similar action which means that it may be unable to pay its debts.

6.3. On termination of this Contract by either party the following will apply:

6.3.1. any rights or obligations which have accrued prior to termination will not be affected; and

6.3.2. all Confidential Information belonging to the other will be returned or destroyed within 14 days.

7. Force Majeure

If either party is obstructed in performing any of its obligations under this Contract by an event outside its reasonable control, then performance to the extent obstructed is suspended for so long as the obstruction continues. Whilst performance is suspended and has been so for more than 7 days, either party may terminate this Contract by immediate written notice.

8. Staff obligations

8.1. Neither party wishes to create or imply any mutuality of obligation between themselves either in the course of, or between, any performance of the Services.

8.2. Each party solely retains all the responsibilities and rights of an employer towards and in relation to its own employees. Neither party seconds its employees to the other. Each party will indemnify the other against any claims brought by or in relation to its own employees, whether such claims relate to employment, tax, national insurance, or otherwise.

8.3. Neither party will employ, engage, or otherwise solicit any person who during the previous 12 months was an employee or sub contractor of the other and with whom such party had material contact in connection with Services performed under any Proposal/SOW, until 6 months after this Contract has terminated.

9. Data Protection

9.1. The parties will (and will procure that their agents, subcontractors and employees will) comply with the requirements of applicable Data Protection Laws (as that term is defined in the data processing terms annexed to these terms and conditions ('Data Processing Terms’).

9.2. Notwithstanding the general obligation in clause 9.1, where in respect of any Proposal/SOW the Consultancy is processing personal data for the Client as a data processor (as those terms are defined by the Data Protection Laws) the Data Processing Terms will apply to the data processing under that Proposal/SOW and the data processing details required by paragraph 2 of the Data Processing Terms will be included in the Proposal/SOW.

9.3. If in the course of providing the Services under a Proposal/SOW, it becomes apparent that the Consultancy will be required to process personal data for the Client the Data Processing Terms will apply to the data processing under that Proposal/SOW and the parties agree in good faith to agree and complete the data processing details required by paragraph 2 of the Data Processing Terms as soon as practicable and in any event before any such processing takes place.

10. Anti-Bribery

The Consultancy will comply with all applicable laws, regulations, codes and sanctions relating to anti-bribery and anti-corruption including but not limited to the UK Bribery Act 2010 and will not engage in any activity, practice or conduct which would constitute an offence under sections 1, 2 or 6 of the UK Bribery Act 2010 if such activity, practice or conduct had been carried out in the UK.

11. Confidentiality

11.1. ‘Confidential Information’ means any information relating to the business of the disclosing party which is not publicly available including, but not limited to, any information specifically designated by the disclosing party as confidential; any information supplied to the disclosing party by any third party in relation to which a duty of confidentiality is owed or arises; and any other information which should otherwise be reasonably regarded as possessing a quality of confidence or as having commercial value in relation to the business of the disclosing party.

11.2. Unless the parties have signed a separate agreement containing more specific provisions in relation to confidentiality (in which case the provisions of such agreement will continue to apply in lieu of this clause), each party will keep any Confidential Information disclosed by the other secret. Neither party may use or take advantage of any Confidential Information without the discloser’s consent, even after the end of this Contract.

11.3. The obligation in clause 11.2 does not apply to;

11.3.1. information known to the receiver before disclosure by the other party; or

11.3.2. information which becomes public knowledge without fault on the part of the receiver; or

11.3.3. disclosures made to the extent required by some applicable legal or regulatory requirement.

12. Third Party Rights

A person who is not a party to this Contract will not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Contract.

13. Variation

No variation of this Contract including any Proposal/SOW will be effective unless it is in writing and signed by the parties (or their authorised representatives).

14. Waiver

14.1. A waiver of any right or remedy under this Contract or by law is only effective if given in writing and will not be deemed a waiver of any subsequent breach or default.

14.2. A failure or delay by a party to exercise any right or remedy provided under this Contract or by law will not constitute a waiver of that or any other right or remedy, nor will it prevent or restrict any further exercise of that or any other right or remedy.

14.3. No single or partial exercise of any right or remedy provided under this Contract or by law will prevent or restrict the further exercise of that or any other right or remedy.

14.4. A party that waives a right or remedy provided under this Contract or by law in relation to one party, or takes or fails to take any action against that party, does not affect its rights in relation to any other party.

15. Notices

Any notice to be given by either party to the other must be in writing and may be sent by recorded delivery at its registered office (if a company) or its principal place of business (in any other case) and will be deemed to be served 2 days following the date of posting.

16. Entire Agreement

Neither party enters in to Contract on the basis of or relying on any representation, warranty or other provision not expressly stated herein.

17. Law

These terms are governed by the laws of England & Wales, whose courts will have sole jurisdiction in relation to all matters arising.

Data Processing Terms

1. Definitions

1.1 In these Data Processing Terms:

Controller; has the meaning given in applicable Data Protection Laws from time to time.

Data Protection Laws; means, as binding on either party or the Services:

(a) the Directive 95/46/EC (Data Protection Directive) and/or Data Protection Act 1998 or the GDPR;

(b) any laws which implement any such laws; and

(c) any laws that replace, extend, re-enact, consolidate or amend any of the foregoing.

Data Protection Supervisory Authority; means any regulator, authority or body responsible for administering Data Protection Laws.

Data Subject; has the meaning given in applicable Data Protection Laws from time to time.

GDPR; means the General Data Protection Regulation (EU) 2016/679.

International Organisation; has the meaning in the GDPR.

Consultancy Personnel; means any employee of the Consultancy carrying out any processing activities on behalf of the Client in respect of the Protected Data.

Personal Data; has the meaning given in applicable Data Protection Laws from time to time.

Personal Data Breach; has the meaning given in the GDPR.

processing; has the meaning given in applicable Data Protection Laws from time to time (and related expressions, including process, processed, processing, and processes will be construed accordingly).

Processor; has the meaning given in applicable Data Protection Laws from time to time.

Protected Data; means Personal Data received from or on behalf of the Client in connection with the performance of the Consultancy’s obligations under the relevant Proposal/SOW.

Sub-Processor; means any agent, subcontractor or other third party engaged by the Consultancy for carrying out any processing activities on behalf of the Client in respect of the Protected Data.

2. Data processing details

2.1 Processing of the Protected Data by the Consultancy under the relevant Proposal/SOW will be for the subject-matter, duration, nature and purposes and involve the types of Personal Data and categories of Data Subjects set out in the Proposal/SOW.

3. Compliance with Data Protection Laws

3.1 The parties agree that the Client is a Controller and that the Consultancy is a Processor for the purposes of processing Protected Data pursuant to the relevant Proposal/SOW.

3.2 The Client will at all times comply with all Data Protection Laws in connection with the processing of Protected Data. The Client will ensure all instructions given by it to the Consultancy in respect of Protected Data (including the terms of the Master Agreement and the relevant Proposal/SOW) will at all times be in accordance with Data Protection Laws.

3.3 The Consultancy will process and will ensure its Sub-Processors and Consultancy Personnel process Protected Data in compliance with the obligations placed on it under Data Protection Laws and the terms of the relevant Proposal/SOW.

4. Instructions

4.1 The Consultancy will only process and will ensure its Sub-Processors and Consultancy Personnel only process the Protected Data in accordance these Data Processing Terms (and not otherwise unless alternative processing instructions are agreed between the parties in writing) except where otherwise required by applicable law (and will inform the Client of that legal requirement before processing, unless applicable law prevents it doing so on important grounds of public interest).

4.2 If the Consultancy believes that any instruction received by it from the Client is likely to infringe the Data Protection Laws it will promptly inform the Client and be entitled to cease to provide the relevant Services until the parties have agreed appropriate amended instructions which are not infringing.

5. Security

5.1 In accordance with the Data Protection Laws, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing of the Protected Data to be carried out under or in connection with the relevant Proposal/SOW, as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons and the risks that are presented by the processing, especially from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to the Protected Data transmitted, stored or otherwise processed, the Consultancy will implement appropriate technical and organisational security measures appropriate to the risk, including as appropriate:

5.1.1 the pseudonymisation and encryption of personal data;

5.1.2 the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

5.1.3 the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;

5.1.4 a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

6. Sub-processing and Consultancy Personnel

6.1 The Consultancy is permitted to use Sub-Processors provided the Consultancy will prior to any Sub-Processor carrying out any processing activities in respect of the Protected Data, appoint each such Sub-Processor under a written contract enforceable by the Consultancy containing the same obligations as under these Data Processing Terms.

6.2 The Consultancy will not permit any processing of Protected Data by any agent, subcontractor or other third party other than its own employees, its Sub-Processors or its Sub-Processors’ own employees.

6.3 The Consultancy will ensure that all persons authorised by the Consultancy or any Sub-Processor to process Protected Data are subject to an enforceable obligation of confidence with regards to the Protected Data.

6.4 The Consultancy will remain fully liable to the Client under the Master Agreement and the relevant Proposal/SOW for all the acts and omissions of each Sub-Processor and Consultancy Personnel as if they were its own.

7. Assistance

7.1 The Consultancy will (at the Client’s cost) provide reasonable assistance to the Client taking into account the nature of the processing and the information available to the Consultancy to ensure compliance with the Client’s obligations under Article 32 (security of processing), Article 33 (notification of personal data breach to the supervisory authority), Article 34 (communication of a personal data breach to the data subject), Article 35 (data protection impact assessment) and Article 36 (prior consultation) of the GDPR (and any similar obligations under applicable Data Protection Laws.

7.2 The Consultancy will taking into account the nature of the processing, promptly assist the Client (by appropriate technical and organisational measures), insofar as this is possible, for the fulfilment of the Client’s obligations to respond to requests for exercising the Data Subjects’ rights under Chapter III (rights of the data subject) of the GDPR (and any similar obligations under applicable Data Protection Laws) in respect of any Protected Data.

8. International transfers

The Client agrees that the Consultancy may transfer Protected Data to countries outside the United Kingdom or to any International Organisation provided all such transfers will (to the extent required under Data Protection Laws) be effected by way of such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time.

9. Audits

9.1 The Consultancy will and will ensure all Sub-Processors, make available to the Client, in accordance with Data Protection Laws, such information that is in its and all Sub-Processors possession or control as is necessary to demonstrate the Consultancy’s compliance with the obligations placed on it under these Data Processing Terms and to demonstrate compliance with the obligations on each party imposed by Article 28 of the GDPR (and under any equivalent Data Protection Laws equivalent to that Article 28), and allow for and contribute to audits, including inspections, by the Client (or another auditor mandated by the Client) for this purpose (subject to a maximum of 1 audit request in any 12 month period under this paragraph 9).

9.2 The Consultancy will provide (or procure) access to all relevant premises, systems, personnel and records during normal business hours for the purposes of each such audit or inspection upon reasonable prior notice (not being less than 2 Business Days) and provide and procure all further reasonable co-operation, access and assistance in relation to any such audit or inspection.

10. Breach

10.1 The Consultancy will promptly (and in any event within 24 hours) notify the Client if it (or any of its Sub-Processors or Consultancy’s Personnel) suspects or becomes aware of any suspected, actual or threatened occurrence of any Personal Data Breach in respect of any Protected Data.

10.2 The Consultancy will promptly (and in any event within 24 hours) provide all information as the Client requires to report the circumstances referred to in paragraph 10.1 (above) to a Data Protection Supervisory Authority and to notify affected Data Subjects under Data Protection Laws.

11. Deletion/return

11.1 At the end of the provision of the Services relating to the processing of Protected Data, at the Client’s cost and the Client’s option, the Consultancy will either return all of the Protected Data to the Client or securely dispose of the Protected Data (and thereafter promptly delete all existing copies of it) except to the extent that any applicable law requires the Consultancy to store such Protected Data.

11.2 For the purposes of paragraph 11.1 Protected Data will be considered securely disposed of or deleted where it is put beyond use such that the Consultancy:

11.2.1 is not able to use the Protected Data to inform any decision in respect of any individual or in a manner that affects the individual in any way;

11.2.2 surrounds the Protected Data with appropriate technical and organisational security; and

11.2.3 commits to permanent deletion of the Protected Data if, or when, this becomes possible.

12. Survival

These Data Processing Terms will survive termination or expiry of the relevant Proposal/SOW indefinitely in the case of paragraph 11 of these Data Processing Terms and until 12 months following the earlier of the termination or expiry of the relevant Proposal/SOW in the case of all other paragraphs and provisions of these Data Processing Terms.

© Mosaic Island 2018 All rights reserved