Software as a Service Agreement

(1) Archject Limited, a company registered in England and Wales (company number 17240869) whose registered office is at 167–169 Great Portland Street, London, England, W1W 5PF (the Provider, us or we); and

(2) the person, firm or company identified as the customer in the Order (the Customer, you or your).

A. The Provider operates a cloud-hosted software platform that enables architectural practices and related professionals to manage client information, store and organise project documents, generate and store transcripts of meetings and calls using artificial-intelligence features, send and automate emails and other communications, raise invoices, and produce reports.

B. The Customer wishes to use that platform on a subscription basis, charged per seat, on the terms of this agreement.

C. This agreement sets out the terms on which the Provider will supply, and the Customer may access and use, the Services.

Affiliate — any entity that directly or indirectly controls, is controlled by, or is under common control with a Party.

Authorised User — an individual authorised by the Customer to use the Services, being the Customer's employees, partners, agents or contractors.

Confidential Information — information disclosed by one Party to the other that is marked or would reasonably be understood to be confidential, including the Customer Data and the Provider's pricing, software and know-how.

Customer Data — all data, content and material uploaded to, generated within, or processed by the Services by or on behalf of the Customer.

Data Protection Laws — the UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003, and all other applicable laws relating to the processing of personal data and privacy.

DPA — the Data Processing Addendum set out in Schedule 2.

Fees — the subscription and other charges payable for the Services as set out in the Order.

Initial Term — the initial subscription period stated in the Order.

Order — the order form, online sign-up, quotation or other ordering document by which the Customer subscribes to the Services.

Platform — the Provider's software-as-a-service application known as Archject Limited, accessible at app.archject.co.uk, together with related documentation and APIs.

Seat — a single subscription entitlement permitting one named Authorised User to access and use the Services.

Services — the provision of access to and use of the Platform, together with the AI Transcript, email, invoicing, reporting and related functionality described in Schedule 1, and any support and maintenance.

AI Transcript — any transcription, summary, note or other output generated by the AI features of the Platform from audio, video or text input supplied by or on behalf of the Customer.

Virus — any code or device intended to harm or impair the operation of software, hardware or data.

2.1 This agreement begins on the date the Customer first accepts it (whether by signature, online acceptance, or first use of the Services) and continues for the Initial Term.

2.2 After the Initial Term the agreement renews automatically for successive Renewal Terms of 12 months each, unless either Party gives at least 30 days' written notice before the end of the then-current term that it does not wish to renew.

2.3 The Provider may change the Fees for any Renewal Term by giving at least 30 days' written notice before the renewal date.

3.1 Subject to the Customer paying the Fees and complying with this agreement, the Provider grants the Customer a non-exclusive, non-transferable right to permit its Authorised Users to access and use the Services during the Subscription Term for the Customer's internal business purposes.

3.2 The Services are described in Schedule 1. The Provider may improve or modify the Services from time to time provided that it does not materially reduce their core functionality during a Subscription Term.

3.3 The Customer must not, except as permitted by law: (a) copy, modify, or create derivative works of the Platform; (b) reverse-engineer or attempt to obtain the source code; (c) resell, rent, or make the Services available to any third party other than Authorised Users; or (d) use the Services to build a competing product.

3.4 The Provider may use sub-contractors and third-party service providers (including cloud hosting and AI model providers) to deliver the Services, and remains responsible for their performance.

4.1 The Services are licensed on a per-Seat basis. The number of Seats is stated in the Order. Each Seat may be used by one named Authorised User at a time.

4.2 Login credentials are personal to each Authorised User and must not be shared. The Customer is responsible for all activity that takes place under its account.

4.3 The Customer may reassign a Seat to a different individual where an Authorised User no longer needs access. Seats may not be used by more than one individual concurrently.

4.4 The Customer may add Seats at any time; additional Seats are charged at the then-current per-Seat rate, pro-rated to the remainder of the current billing period. Reductions in Seat numbers take effect from the next Renewal Term unless agreed otherwise.

5.1 The Customer must use the Services in accordance with the Acceptable Use Policy in Schedule 3 and all applicable laws.

5.2 The Customer is solely responsible for the Customer Data, including its accuracy, quality, legality, and the Customer's right to upload and process it through the Services.

5.3 The Customer must ensure that it has all necessary rights, consents and lawful bases to provide the Customer Data (including personal data relating to its own clients and other third parties) to the Provider for processing through the Services.

5.4 The Customer must not upload any material that is unlawful, infringing, defamatory, or that contains a Virus, and must take its own back-ups of any Customer Data it considers critical.

6.1 The Services include functionality that allows the Customer to send, schedule and automate emails and other communications to the Customer's own contacts and to generate invoices and reports.

6.2 The Customer is solely responsible for the content of all communications it sends using the Services and for ensuring compliance with applicable laws, including the Privacy and Electronic Communications Regulations 2003 and the UK GDPR.

6.3 The Provider provides the tools to create and send communications and invoices but does not review, verify or take responsibility for their content, accuracy, or any tax, accounting or regulatory treatment of invoices generated through the Services.

6.4 The Customer must not use the Services to send unsolicited bulk communications (spam) or any communication that is unlawful or breaches a third party's rights.

7.1 The Services use artificial-intelligence and machine-learning technology, including third-party AI models, to generate AI Transcripts and related summaries and outputs from input supplied by or on behalf of the Customer.

7.2 AI Transcripts and other AI-generated output may contain errors, omissions or inaccuracies. They are provided as a productivity aid only. The Customer is responsible for reviewing and verifying any AI output before relying on it.

7.3 Where the Customer records calls, meetings or other conversations and uploads them for transcription, the Customer is responsible for ensuring that all participants have been informed and that any necessary consent has been obtained.

7.4 The Provider will not use Customer Data to train, fine-tune or improve any AI model for the benefit of third parties, and will configure its AI sub-processors accordingly.

8.1 The Customer must pay the Fees set out in the Order. Fees are charged per Seat per month or year as stated in the Order and are exclusive of VAT, which is payable in addition at the applicable rate.

8.2 The Provider will invoice the Customer monthly or annually in advance. Unless the Order says otherwise, invoices are payable within 14 days of the invoice date.

8.3 If any undisputed sum is not paid when due, the Provider may (a) charge interest on the overdue amount at 4% per year above the Bank of England base rate, accruing daily, and (b) on 14 days' notice, suspend the Services until payment is made.

8.4 All Fees are non-refundable except where this agreement expressly says otherwise.

9.1 The Provider (and its licensors) own all intellectual property rights in the Platform, the Services and all related software, documentation and materials. Nothing in this agreement transfers any of those rights to the Customer beyond the licence in clause 3.

9.2 The Customer (and its licensors) own all intellectual property rights in the Customer Data. The Customer grants the Provider a non-exclusive licence to host, copy, process, transmit and display the Customer Data to the extent necessary to provide the Services.

9.3 The Customer grants the Provider a perpetual, royalty-free licence to use any feedback or suggestions it provides about the Services, without obligation to the Customer.

10.1 As between the Parties, the Customer Data belongs to the Customer. The Provider will not access, use or disclose the Customer Data except as necessary to provide the Services, as instructed by the Customer, as set out in the DPA, or as required by law.

10.2 The Provider will maintain appropriate technical and organisational measures to protect the Customer Data against unauthorised or unlawful processing and accidental loss, destruction or damage.

10.3 The Provider will take routine back-ups of the Customer Data but the Customer remains responsible for retaining its own copies of any data it considers critical.

11.1 Each Party will comply with its obligations under the Data Protection Laws. The Parties acknowledge that, in respect of personal data within the Customer Data, the Customer is the controller and the Provider is the processor.

11.2 The DPA in Schedule 2 governs the Provider's processing of personal data on the Customer's behalf and forms part of this agreement.

12.1 Each Party must keep the other's Confidential Information confidential, use it only to perform this agreement, and disclose it only to those of its personnel and advisers who need to know it.

12.2 These obligations do not apply to information that is or becomes public through no breach of this agreement, was lawfully known before disclosure, or is required to be disclosed by law or a regulator.

12.3 These obligations continue for 3 years after the end of the agreement, except that obligations relating to personal data continue for as long as required by the Data Protection Laws.

13.1 The Provider will use commercially reasonable efforts to make the Services available in accordance with the service levels and support terms in Schedule 4.

13.2 The Services may be temporarily unavailable during scheduled or emergency maintenance. The Provider is not responsible for unavailability caused by factors outside its reasonable control.

14.1 The Provider warrants that it will provide the Services with reasonable skill and care and that it has the right to enter into this agreement.

14.2 Except as expressly stated in this agreement, the Services are provided "as is" and the Provider excludes all implied terms so far as the law allows. In particular the Provider does not warrant that the Services will be uninterrupted or error-free or that AI output will be accurate or complete.

14.3 Each Party warrants that it has the authority to enter into this agreement.

15.1 Nothing in this agreement limits or excludes either Party's liability for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; or (c) any other liability that cannot lawfully be limited or excluded.

15.2 Subject to clause 15.1, neither Party is liable to the other for any loss of profit, loss of business or revenue, loss of anticipated savings, loss of goodwill, or any indirect or consequential loss.

15.3 Subject to clause 15.1, each Party's total aggregate liability in any 12-month period is limited to the greater of the total Fees paid or payable by the Customer in the 12 months before the event giving rise to the claim or £1,000.

15.4 The Customer acknowledges that AI output and Services are productivity tools and that the Customer remains responsible for its own professional obligations to its clients.

16.1 The Customer will indemnify the Provider against losses, damages and reasonable costs arising from: (a) the Customer Data infringing a third party's rights or breaching applicable law; (b) the Customer's use of the Services in breach of this agreement; and (c) communications sent by the Customer in breach of clause 6.

16.2 The Provider will indemnify the Customer against losses arising from a third-party claim that the Customer's authorised use of the Platform infringes that third party's UK intellectual property rights, provided the Customer notifies the Provider promptly and allows the Provider to control the defence.

17.1 The Provider may suspend all or part of the Services, on notice where practicable, if: (a) the Provider reasonably believes the Services are being used in breach of this agreement or unlawfully; (b) there is a security risk; or (c) Fees are overdue as set out in clause 8.3. The Provider will restore the Services promptly once the cause is resolved.

18.1 Either Party may terminate this agreement on written notice if the other: (a) commits a material breach that is not remedied within 30 days of written notice; or (b) becomes insolvent, enters administration, or is unable to pay its debts.

18.2 The Provider may terminate or suspend immediately if the Customer commits a serious breach of the Acceptable Use Policy or fails to pay Fees that remain overdue 30 days after the due date.

18.3 Termination does not affect any rights or liabilities that have accrued before termination.

19.1 On termination or expiry: (a) the licence granted under clause 3 ends and the Customer must stop using the Services; and (b) each Party must, on request, return or destroy the other's Confidential Information.

19.2 For a period of 30 days after termination, the Provider will make the Customer Data available for the Customer to export in a commonly used format. After that period, the Provider may delete the Customer Data in accordance with the DPA.

19.3 Any Fees for the remainder of the then-current Subscription Term become payable on termination by the Provider for the Customer's breach.

20.1 Neither Party is liable for failure or delay in performing its obligations (other than payment obligations) caused by events beyond its reasonable control. If the event continues for more than 60 days, either Party may terminate on written notice.

21.1 Entire agreement. This agreement and its Schedules and the Order are the entire agreement between the Parties and supersede all prior discussions.

21.2 Variation. The Provider may update these terms on 30 days' notice; if a change materially and adversely affects the Customer, the Customer may terminate before the change takes effect. Other variations must be in writing and signed by both Parties.

21.3 Assignment. The Customer may not assign or transfer this agreement without the Provider's consent. The Provider may assign it to an Affiliate or successor to its business.

21.4 No partnership. Nothing creates a partnership, agency or employment relationship between the Parties.

21.5 Third parties. A person who is not a Party has no rights under the Contracts (Rights of Third Parties) Act 1999.

21.6 Severance. If any provision is held invalid, the rest of the agreement continues in force.

21.7 Governing law. This agreement and any dispute arising out of it are governed by the laws of England and Wales. The courts of England and Wales have exclusive jurisdiction.

The Provider will make the following functionality available as part of the Platform:

• Core platform — Secure, cloud-hosted access for Authorised Users via web browser. Storage and organisation of client records, project information and documents.

• AI features — Generation of AI Transcripts and summaries from audio, video or text input supplied by the Customer. AI-assisted note-taking and search across stored content.

• Communications and workflow — Sending, scheduling and automation of emails and other communications to the Customer's contacts. Invoice generation. Reporting and analytics on the Customer's own data.

This DPA applies where the Provider processes personal data on behalf of the Customer. The Customer is the controller and the Provider is the processor.

Provider obligations — The Provider will: (a) ensure persons authorised to process the personal data are under a duty of confidence; (b) implement appropriate technical and organisational security measures; (c) assist the Customer in responding to data subject requests; and (d) notify the Customer without undue delay of any personal data breach affecting the Customer Data.

Sub-processors — The Customer gives general authorisation for the Provider to engage sub-processors (including cloud hosting providers and AI model providers), provided the Provider maintains a list of sub-processors, imposes equivalent data protection obligations on them, and gives 14 days' notice of any changes.

International transfers — The Provider will not transfer personal data outside the UK unless it has put in place a lawful transfer mechanism under the Data Protection Laws.

Return and deletion — On termination the Provider will return or delete the personal data as described in clause 19.2 and delete existing copies unless retention is required by law.

Security measures — Encryption of data in transit and at rest. Role-based access controls and least-privilege access. Multi-factor authentication for administrative access. Regular back-ups and tested restoration procedures. Logging, monitoring and vulnerability management.

The Customer and its Authorised Users must not:

• use the Services for any unlawful, fraudulent or harmful purpose
• upload or transmit any material that is unlawful, infringing, defamatory, obscene, or that contains a Virus
• send unsolicited bulk communications (spam) or communications that breach the Privacy and Electronic Communications Regulations 2003
• attempt to gain unauthorised access to the Platform or interfere with its operation or security
• share login credentials or exceed the number of Seats purchased
• use the Services to develop a competing product or to benchmark without consent
• use AI features to create unlawful, deceptive or harmful content

Breach of this policy may lead to suspension or termination under clauses 17 and 18.

Availability — The Provider will use commercially reasonable efforts to achieve 99.5% availability of the Services each calendar month, excluding scheduled and emergency maintenance and matters outside its reasonable control.

Support hours — Monday to Friday, 9am–5pm UK time, excluding public holidays.

P1 — Critical (Services unavailable for most users): target response within 4 business hours.

P2 — Major (Significant feature impaired): target response within 1 business day.

P3 — Minor (Minor issue or question): target response within 3 business days.

Response targets are not guarantees of resolution time.