1. Purpose of contract:
Auto Time is an authorised reseller and distributor of the KELIO software solution developed by Bodet Software.
The Client has the right to use the KELIO software solution developed by Bodet Software and supplied by Auto Time, remotely accessible via an online portal in Software as a Service (SaaS) mode under the Kelio On Demand service agreement.
The service contract for KELIO On-Demand constitutes the undertakings existing between the Parties in their entirety (referred to hereinafter as the “Contract”).
In the event of any contradiction between the service contract for Kelio On Demand on the one part, and the Client’s own general or specific terms and conditions of purchase on the other, the former shall prevail.
2. Description of the solution:
The KELIO solution (hereinafter “the Software Solution”) made available to the Client for the entire term of the contract consists of the following elements:
The Client shall designate any individual person duly authorised to access and to use the Application (the “Users”). The Client shall undertake to ensure compliance of the terms of the Contract by its Users.
3. Service Fee:
The “Service Fee” means the fixed and non-refundable fees owed by the Client to Auto Time as payment for the provision of the Software Solution as set out above, it’s hosting, first-level user technical support and second-level support for service availability/accessibility services under the terms set out in the Contract.
The amount payable on receipt of invoice, in advance, shall be the fixed lump sum, excluding tax, of:
(sum in letters): ______________
This amount is payable by BACS or credit/debit card.
The Client will be billed on a quarterly basis.
The Client agrees to pay by standing order thereafter, to be set up by the Client direct with their bank.
Any unjustified delay in payment shall, by right and without formal notice, and without prejudice to all other rights or recourse available to Auto Time, cause late payment interest to become payable at the rate of ten percentage points above the rate of interest applied by the European Central Bank as at 1st January for the first half-year in question and at 1st July for the second half-year.
4. Term of contract:
The fixed term of the Contract shall be 36 (thirty-six) months, effective from the date upon which the service is made available. This term is irrevocable. Availability of the service shall be effective when the software environment is accessible from the Client’sworkstations.
5. End of contract:
Three months after the end of the Contract, Auto Time will destroy all the data input or imported by the Client into the SoftwareSolution and hosted by Auto Time (the “Client Data”). At the end of the contract, for any reason whatsoever and irrespective of the initiating Party, all of the maintenance and support services will immediately cease on that date.
The Client must ensure recovery of its data by exporting it using the standard export tools provided in the Software Solution before the end of the Contract.
6. Revision of price:
The Service fee set out in Article 3 will not be increased for the first 36 months unless additional modules or employee capacity areadded. If the client does not renew the contract after the initial 36-month period the cost detailed in article 3 will increase by 2%each year to take into account inflation.
7. Access to the Software Solution:
7.1 The Software Solution is accessed by means of a remote connection, using an identifier and password pair intended to identify a user (hereinafter the “Identifiers”). For reasons of security and confidentiality, only the use of these Identifiers shall enable the users to access the Software Solution. The Client is responsible for the management of passwords. The Identifiers are personal and confidential. They serve as proof as to the identity of the Client and/or the User and engage the undertaking of the Client in respect of all use of the Software Solution.
The Client undertakes and shall ensure that the Users undertake to keep secret their Identifiers and to refrain from divulging them to any third parties. In this respect, the Client understands and accepts that it is solely responsible for maintaining the confidentiality and security of the Identifiers. The Client shall be solely liable for the consequences that may result from the use of these Identifiers by any non-authorised third parties who have acquired knowledge of them. It is incumbent upon the Client and/or the User to regularly change the password that provides access to the Application in order to limit the potential for unauthorised access to its Client Data. Should a User lose his/her password, the User will need to contact the Client in order to request a new password.
7.2 The Client is informed that the connection to the Software Solution is made via the public Internet network, to which all Users must have access. The Client must possess an average bandwidth of 25 Kbps per User, with the possibility of exceeding this at peak times. The pre-sale bit rate test carried out by Bodet Software is a one-off measurement designed to assess the validity of the offer under real user conditions. It does not constitute a commitment by Bodet Software as to the quality and the speed of the Client’sinternal network and Internet connections. It is the Client’s responsibility to seek assurances from its Internet service provider that its network meets the minimum requirements. Access to the Software Solution via a private network is not offered within the standard terms of this offer. However, additional subscriptions may be offered. The Client is aware of technical difficulties that may affect this network and cause the network to become slow or unavailable, making the connection impossible. Auto Time cannot be held responsible for any difficulty in accessing the Software Solution due to disruption of the Internet network.
8.Maintenance and support for Users of the Software Solution: To receive the below, a Service Level Agreement must be in place. A Service Level Agreement (SLA) quotation will be emailed six weeks prior to the initial twelve months Software Service Level Agreement (SLA) expiration date. Receipt of the signed Service Level Agreement (SLA) and purchase order (PO) if required, will confirm continuity of service as outlined below.
8.1 Auto Time undertakes to examine the requests relating to problems with using the Software Solution and, where possible, to resolve such problems by providing working methods and advice. To this end, the Client will contact the telephone support service or visit the technical support platform. This service is available from Monday to Friday (excluding public holidays), from 09:00 to17:00 GMT. Access to this service is unlimited in terms of the number of requests. Each support request is tracked and gives rise to a written report that can be accessed on the technical support platform. The average resolution time for support requests is subject to a quality commitment. All the services are regularly assessed by customer surveys.
8.2 The Client is informed that Auto Time/Bodet Ltd shall provide and install the patches and updates for the Software Solution. the client will therefore benefit from all updates related to legal developments. As such, the client agrees that Bodet Software will install the necessary security updates without prior notice and major versions with a minimum notice period of one month. The provision of a validation environment, if required, is the responsibility of the Client.
8.4 Access to the telephone support service is restricted to two users, as designated by the Client. These users are to be identified during each call and, if necessary, are to provide 1st level support to the Client’s other users. The online technical support platform is accessible by two user accounts. These users will receive a username and password when they register. Only those users who have attended one or more training sessions delivered by Auto Time technicians are authorised to access the support service. The support service must in no event compensate for a lack of training on the part of the users of the application software, nor cover operating errors by users. Neither shall it include services related to a modification to the initial scope of use of the Software Solution, such as moving the hardware, changing the database, etc.
8.5 The Client shall supply all the necessary documents for examining the problem, including plans, files and generally all information requested by Auto Time. The Client undertakes to obtain the necessary training in order to prevent usage problems that may be due to lack of training.
8.6 The Client shall notify Auto Time at the earliest opportunity of any potential incident or malfunction affecting the software solution and/or the Hardware, provide means of access to the entire installation and allow visits by duly qualified Auto Timeengineers only. Any replacement of cables will be paid for by the Client.
9.– Hosting services: The Client Data is hosted in a highly secure infrastructure by Oceanet Technology, ISO 27001 certified. The hosting service is located in France and is subject to French law.
9.1 Service availability (SLA or Service Level Agreement)The hosting service is: accessible 24 hours a day, 7 days a week (except for scheduled maintenance times)monitored and administered from 07:00 to 21:00 on working days GMT. The monthly service level commitment is:99.98% for availability of telecoms access to the hosting centre, with a GRT (Guaranteed Restoration Time) of 2 hours 99.99% for availability of the network and electrical infrastructure at the hosting centre, with a GRT (Guaranteed Restoration Time) of 2 hours 99.9% for availability of the shared hosting platform, with a GRT (Guaranteed Restoration Time) of 30 minutes. The following are not covered: unavailability due to the Client’s Internet network; scheduled downtime (in particular, “off-line” backups and system maintenance time); downtime requested by the Client; breakdown caused by the Client’s personnel; Standard maintenance is carried out during working hours (07:30 to 17.00 Monday to Friday GMT). A maintenance window of four(4)hours is scheduled once a month for maintenance operations requiring service downtime. This maintenance is not systematic and takes place outside working hours. Auto Time will provide the client with 2 days’ notice of the scheduled maintenance.
9.2 Backup and recovery Throughout the duration of the Contract, Bodet Software will carry out the hosting, storage and backing up of the Client Data: data: daily backup with twelve (12) day retention and copy held at another data centre 15 km away systems: system backup via daily snapshot with five (5) day retention and copy held at another data centre 15 km away The maximum time for starting recovery of Client Data is four (4) working hours from the initial request. Bodet Software shall provide the data storage capacity required for the operation of the Software Solution and for the number of Users authorised. The Client may add external data to the Software Solutions (for example, for pdf, doc, jpeg documents), and to the employee file in particular. The Contract shall include 1 GB of storage intended for this purpose. It is the Client’s responsibility to adhere to the stated volume thresholds and to notify Bodet Software of any increased requirements in terms of processing capacity. Where that capacity is exceeded, the storage volume will be invoiced at the applicable rate.
Each Party undertakes to implement the appropriate means to ensure the utmost secrecy concerning the programs, know-how, methods, data, information and documents belonging to the other Party, to which it may have access as a result of performing the contract. This undertaking shall remain in force for the duration of the Contract and for three (3) years following its expiry, for whatever reason.
11.1 Auto Time shall grant to the Client a non-assignable, non-transferable and non-exclusive licence, for the duration of the contract and under the conditions set out in the terms of the contract, to use the Software Solution within the limit of the number of authorised simultaneous Users, solely for its internal requirements and for its sole benefit. Right of access is granted by way of identifiers entrusted by the Client to each authorised User.
In any event, the Client shall remain solely liable to Auto Time for any breach of the stipulations in the present Contract by third parties.
11.2 The Client acknowledges that prior to the signature of the Contract it carried out checks as to the suitability of the software solution for its requirements and acknowledges that all the information and advice that it had need of in order to commit to the present Contract were duly communicated by Bodet Software. It hereby declares that its hardware and connection methods are compatible with the configuration required for use of the Software Solution and that it has the technical knowledge and skills required for use of the Software Solution. The Client is solely responsible for its use of the Software Solution and the results that it obtains. In the event of disagreement, it is the Client’s responsibility to prove any non-compliance.
11.3 The right of ownership attached to the Software Solution or relating to it shall in all cases remain the unseizable property ofBodet Software or of its licensors.
12.1 The Parties undertake to comply with the personal data regulations in force and in particular, Regulation (EU) 2016/679 of 27 April 2016, on the protection of personal data (hereinafter the GDPR). The Client is defined as the data controller within the GDPR, whereas Auto Time is the data processor.
12.2: The processing subcontracted to Auto Time by the Client contains these processes necessary to fulfil the contract:
i. Supporting the Software Solution.
ii. Hosting the Software Solution. The processes in question are: storing, backing up and restoring the Client’s data. They include all personal data entered into the Software Solution by the Client. The type of personal data and categories of data subjects depend on the Client’s use of the Software Solution.
12.3 In signing the Contract, the Client expressly authorises Auto Time and Bodet Software to proceed with processing the personal data of Users for the purposes of security, maintenance and licensing in order to generate access rights to the Software Solution within the context of the performance of the Contract.
iii. Auto Time Systems are processors as maintenance and end-user support.
iv. Bodet are processors for the hosting for the Software as a Service. In accordance with the GDPR, natural persons whose personal data is the subject of processing have a right of access, to rectification, to erasure and to objection, and a right to restriction of the processing, which may be exercised by contacting the Client. The Client undertakes to
(i) provide information to and obtain if necessary the consent of each person who is a User regarding the processing concerning them and of their rights described above and
(ii) cooperate with and assist Auto Time/Bodet Software to enable it to fulfil its obligations concerning the protection of personal data.
In its capacity as data processor, Auto Time/Bodet Software is authorised to process, on behalf of the Client, the personal data(including HR data) contained in the Client Data.
not to process the personal data entrusted to it by the Client except for the sole purposes of performance of the Contract and to process personal data in accordance with the documented instructions of the Client, notably in the present Contract.
12.4 If Bodet Software is of the opinion that an instruction constitutes an infringement of the GDPR, or of any other provision of EU law relating to data protection, it shall notify the data controller of this at the earliest opportunity. Moreover, if Bodet Software is required to proceed with the transfer of data to a third country or to an international organisation, under European Union law, it shall inform the Client of this legal obligation before the processing, unless the law concerned bans such provision of information for significant reasons in the public interest. Bodet Software will implement sufficient procedures to guarantee security and confidentiality, notably in order to prevent this data from being distorted, damaged or unauthorised by third parties having access to it. Auto Time/Bodet Software ensures that the persons authorised to process personal data under the Contract undertake to respect confidentiality or are subject to an appropriate statutory obligation of confidentiality and receive the necessary training on the subject of personal data protection.
12.5 Auto Time/Bodet Software takes into consideration, as regards its tools, products, applications or services, the principles of data protection by design and by default. Where possible, Auto Time/Bodet Software must help the Client fulfil its obligation to respond to the requests of data subjects to exercise their rights: right of access, to rectification, to erasure and to objection, right to restriction of processing, right to data portability and right not to be subject to automated individual decision-making (including profiling).
When data subjects submit requests to Auto Time/Bodet Software to exercise their rights, Bodet Software must send these requests to the Client, on receipt, by email, so that the Client can take appropriate action.
Bodet Software notifies the Client by email of any personal data breach as soon as possible and within a maximum of forty-eight (48)hours of becoming aware of said breach. This notification is accompanied by all useful documentation allowing the data controller, if necessary, to report this breach to the relevant supervisory authority and/or to the data subjects. The Client must provide Bodet Software with a dedicated email address (for example, its DPO’s email address).
At the request of the Client, Auto Time shall provide the Client with the information necessary for carrying out impact analyses relating to data protection or for prior consultation of the supervisory authority.
12.6 Bodet Software undertakes to implement the following security measures:
Surveillance and protection of premises against any physical intrusion and restricted access control for sensitive physical areas
Surveillance and protection of the Information System against any system intrusion
Information System security policy (updates, activity audits, anti-virus, anti-spam and password management policy, backup)
Regular audit of the Information System by independent experts
Implementation of a PDMS (personal data management system)
Raising staff awareness regarding security and privacy
Technical measures concerning software:
Regular audits of the Software Solutions by independent experts
The policy of awareness-raising and continuous improvement of the quality and security of the Software Solutions
Data transfer encryption solutions (HTTPS, VPN)
Native authentication with dedicated password management policy or authentication by interfacing (LDAP, SAML, CAS, etc.)
Limited client session duration
Access rights restricted by default
Traceability of connections to the Software Solution and of functional changes to data
Measures concerning hosting:
A dedicated and restricted team accessing the data centre servers via a private line, and only from authorised machines
Hosting centres are certified for their security procedures (ISO 27001, ISAE 3402)
Access to servers by way of a bastion host for personal authentication administration, logging all actions performed
Isolation of host servers in separate VLANs
Measures to ensure availability of the Software Solution (backup, duplication, restoration of data)
Security and filtering of access to the Software Solution (anti-virus, anti-spyware, intrusion prevention) and possibility of incoming filtering (source IP restriction)
Encrypted data transfers (HTTPS, VPN)
Implementation of a solution for collection of all technical log files
Possibility of testing the Software Solutions in a test environment
12.7 Bodet Software declares that it keeps a written record of all categories of processing activities performed on behalf of the Client as data controller including all information required by the GDPR.
Bodet Software shall make available to the Client all documentation necessary to demonstrate fulfilment of all its obligations and to allow the carrying out of audits. The carrying out of security audits on the Software Solution by the Client is subject to the prior written authorisation of Bodet Software.
12.8: Auto Time may use a subprocessor (hereinafter “the subprocessor “) to carry out specific processing activities. In this case, Auto Time shall inform in advance and in writing the Client of any envisaged change concerning the addition or replacement of other processors. The Controller has a maximum period of 30 calendar days from the date of receipt of this information to present their objections. This subcontracting can only be carried out if the Client has not raised any objection within the agreed period.
The subsequent subprocessor is bound to comply with the obligations of this contract on behalf of and according to the instructions of the Client. It is the responsibility of Auto Time to ensure that the subprocessor offers the same sufficient guarantees as to the implementation of appropriate technical and organisational measures to ensure that the processing meets the requirements of the GDPR. If the subcontractor does not fulfil its data protection obligations, Auto Time remains responsible to the Client for the subprocessor’s performance of its obligations.
It is the Client’s responsibility to provide its own controllers with the necessary information relating to subcontracting.
13.Liability and guarantees:
13.1 Auto Time undertakes to use all due care and diligence in meeting the requirements of the Contract. Subject to fulfilment by the Client of its obligations, Auto Time is bound by an obligation of diligence. Bodet Software shall not be held liable by the Clientexcept for proven negligence on the part of Auto Time and for damages arising out of any occurrences which are directly attributable.
13.2 Auto Time will not be liable for delays or breaches of its obligations due to cases of force majeure and notably but not limited to: governmental decisions, fires, explosions, accidents, strikes, interruption or failure of communication or hosting networks on which Auto Time is reliant and/or substitute networks or any other reason beyond its control.
13.3 The Client undertakes to use the Software Solution in accordance with the laws and regulations in force and the stipulations of the Contract. It undertakes to not infringe the intellectual property rights of Bodet Software, AUTO TIME or of any third party. The Client is obliged to adhere to the instructions of Auto Time and the technical prerequisites featured in the documentation relating to the Software Solution.
13.4 The Client is solely responsible for access to and use of the Software Solution. It is the Client’s responsibility to ensure that each of its Users complies with the contractual conditions of access to and use of the Software Solution. In addition, the Client is solely responsible for its access to the Internet. It is the Client’s responsibility to take all reasonable measures to maintain this access. Auto Time will not be liable for any damage relating to the Client’s use of the Software Solution, nor for any loss resulting from such damage.
13.5 Auto Time shall in no event be held liable for any consequential or unforeseeable loss or damage to the Client, which shall include in particular but not exhaustively, any lost profit, loss, inaccuracy and/or corruption of files or of Client Data, commercial injury, loss of turnover or economic loss, loss of customers, loss of opportunity, cost of recovery of Client Data, of obtaining a substitute product, service or technology, increase in its internal costs, loss of image or any other non-economic loss. Any action directed against the Client by a third party either relating to or resulting from the performance or non-performance of the Contract by the Client shall not give rise to any right to compensation.
13.6 The Client guarantees that the Client Data must in no way: (i) violate the applicable law; (ii) infringe copyright, trademarks or third party rights; (iii) include unlawful, hateful, obscene, injurious, threatening or defamatory content; (iv) be corrupted or contain a virus or any malicious code, and/or (v) constitute unlawful processing of personal data and/or data processing aimed at the mass sending of unsolicited advertising mailshots. Should Auto Time be made aware that an element of the Client Data is in breach of the provisions of this Article, Bodet Software reserves the right to delete this element immediately and by right.
14.1 Should either Party fail to comply with one of the obligations for which it is responsible under the Contract, the other Party shall notify it by registered letter with receipt of delivery. If there is no reply within fifteen (15) days, a reminder shall be sent by registered letter with receipt of delivery. If there is no reply to this reminder within eight (8) days, the party concerned has the option to terminate the Contract.
14.2 In the event of non-payment, Auto Time may suspend its services, and terminate the Contract. If termination occurs on this basis, the outstanding Price shall become due and Auto Time shall retain the advance payment.
15.1 The Contract, including its appendices, sets out the obligations of the Parties in their entirety and cancels and replaces all other written documents, communications or prior agreements that may have been exchanged between them regarding the same purpose. It can only be modified by a contract amendment duly signed by the Parties.
15.2 Unless otherwise notified, Auto Time is authorised to make reference to the Client’s company name and the corresponding logos, as a sales reference only, for the duration of the Contract.
15.3. All additions or modifications to the Contract will be the subject of an amendment, for which there is likely to be a supplement to the Price. All provisions contrary to the terms of the contract must be made in writing.
16.If one or more provisions of the Contract are held to be invalid in application of a law or regulation, or declared invalid by final decision of a competent
For more information on our solutions or to arrange an on-site with one of our consultants to discuss your access control requirements in more detail, please don’t hesitate to call us on 01257 252002 England / 01506 896 806 Scotland or use the contact form below.