INVOICEREF TERMS OF SERVICE Please read this information carefully and print a copy and/or retain this information electronically for future reference. Summary of terms and conditions. By using, downloading, installing or accessing any element of the “Product” (as defined below) from 3H Foundry Limited (trading as InvoiceREF) (the “Provider”), the Customer confirms that it has read, understood and agrees to be bound by these Terms of Use (“Terms”), together with all policies, warranties, conditions of use and disclaimers provided herein. These Terms form a legal contract between the Provider and the Customer. Where an individual accepts these Terms on behalf of a company, partnership, sole trader, charity, association or other organisation, that individual confirms that they have authority to bind that organisation as the Customer. By electronically accepting these Terms, establishing an InvoiceREF account, commencing a Free Trial, subscribing to the Services or using the Product after the Effective Date of these Terms, the Customer consents and agrees to comply with and be bound by these Terms. The Customer may authorise individuals to access and use the Product on its behalf (“Users”). The Customer shall be responsible and liable for all acts, omissions, access, use, instructions, transactions and breaches of these Terms by its Users as if they were acts, omissions, access, use, instructions, transactions and breaches of the Customer. PART 1 – DEFINITIONS AND INTERPRETATION 1. Definitions In these Terms, unless the context otherwise requires: Account means a registered InvoiceREF user account created to access and use the Services. AI Services means any artificial intelligence, machine learning, generative AI, automated decision support, conversational assistant, content generation, categorisation, forecasting or recommendation functionality made available through the Services, including Taylor and any successor functionality. Applicable Law means all laws, regulations, statutory instruments, regulatory requirements, guidance and codes of practice applicable to the provision or use of the Services from time to time. Business User means a person, sole trader, partnership, limited liability partnership, company, charity, association or other organisation using the Services wholly or mainly for purposes relating to a trade, business, profession or vocation. Confidential Information means information disclosed by one party to the other which is confidential by nature or which ought reasonably to be regarded as confidential. Customer means the person, sole trader, partnership, limited liability partnership, company, charity, association or other organisation that accepts these Terms, creates an Account, subscribes to the Services or otherwise contracts with the Provider for use of the Services. Customer Data means all information, content, invoices, records, customer information, business information, documents, transaction data and other materials uploaded, entered, submitted, generated or stored by a User through the Services. Data Protection Legislation means all applicable legislation relating to privacy and data protection including the UK GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations. Fees means all subscription fees, charges and other sums payable by the Customer in connection with the Services. Free Trial Period means any promotional period during which access to the Services is provided without charge. HMRC means His Majesty's Revenue and Customs. Intellectual Property Rights means patents, trademarks, service marks, trade names, domain names, copyrights, database rights, design rights, know-how, trade secrets and all similar rights whether registered or unregistered. Provider means 3H Foundry Limited, a company incorporated in England and Wales, trading as InvoiceREF. Open Banking Services means any account information, payment initiation, confirmation of funds or similar functionality enabled through an FCA authorised third-party provider. Services means the InvoiceREF mobile application, website, software platform, APIs, AI Services, reporting tools, integrations and all associated services made available by the Provider from time to time. Subscription Term means the recurring period for which Fees are payable. Taylor means the InvoiceREF AI-powered onboarding and assistance service and any successor service. Third-Party Services means products, software, APIs, systems or services provided by persons other than the Provider. User means an individual authorised by the Customer to access or use the Services on behalf of, or for the benefit of, the Customer. References to you and your shall, where the context requires, mean the Customer and/or any User acting on the Customer’s behalf. PART 2 – GENERAL TERMS AND CONDITIONS The Provider may amend these Terms from time to time in accordance with clause 174. Material amendments shall be notified to the Customer by email, in-app notice, website notice or other reasonable means. Unless a shorter period is required by Applicable Law, security requirements, regulatory obligations or urgent operational necessity, material amendments shall take effect not less than fourteen (14) days after notice is given. Continued use of the Services after the effective date of amended Terms shall constitute acceptance of those amendments. If the Customer does not accept a material amendment, the Customer may terminate the Services before the amendment takes effect. The Services are a software application and associated online services that assist Customers and Users with creating, managing and sending invoices and related business communications. Subject to compliance with these Terms and payment of applicable Fees, the Provider grants the Customer a limited, non-exclusive, non-transferable and non-sublicensable right to permit its Users to access and use the Services for the Customer’s internal business purposes only. The Customer shall ensure that Users do not copy, modify, distribute, reverse engineer, misuse, interfere with, benchmark, circumvent security controls in, or access the Services except as expressly permitted by these Terms. Each User must be at least eighteen (18) years old. The Customer shall ensure that all registration, account, business, contact and authority information provided to the Provider is accurate, complete and kept up to date. Where a User registers or uses an Account on behalf of the Customer, the Customer confirms that such User is authorised to do so. The Customer acknowledges that invoices created using the Services are generated from information supplied or approved by the Customer or its Users and are intended for lawful business transactions only. The Customer remains solely responsible for ensuring that each invoice accurately reflects a genuine supply of goods or services and complies with Applicable Law. Where VAT or other tax functionality is used, the Customer remains solely responsible for determining whether VAT applies, selecting the correct VAT rate, verifying VAT registration details, reviewing any calculations and ensuring that invoices, records, returns and payments comply with applicable tax law. Any calculation or suggestion generated by the Services is assistive only and must be independently reviewed before reliance. The Customer shall ensure that all invoices, business records, payment instructions, tax information, Customer Data and communications created, uploaded, transmitted or stored through the Services are accurate, complete, lawful, not misleading and suitable for their intended purpose. The Customer warrants that it owns or has lawful authority to use all Customer Data and to provide it to the Provider for processing through the Services. To the extent Customer Data includes personal data, the Customer shall ensure that such personal data has been obtained and is processed lawfully in accordance with Data Protection Legislation. The Provider may use anonymised and aggregated information derived from use of the Services for service improvement, analytics, security, product development, AI improvement and other lawful business purposes, provided that such information does not identify the Customer, Users or any individual customer of the Customer. The Customer shall ensure that Users keep login credentials secure and confidential and take reasonable steps to prevent unauthorised access to the Services. The Customer shall promptly notify the Provider of any actual or suspected unauthorised access, credential compromise, security incident or fraud. The Customer shall be responsible for activity undertaken through its Account, except to the extent caused by the Provider’s breach of these Terms, negligence or failure to maintain reasonable security controls. The Customer acknowledges that the Provider’s security procedures are intended to provide a commercially reasonable method of verifying access, instructions and activity relating to the Services, but no electronic system can eliminate all security risk. The Customer shall not, and shall ensure that Users do not, use the Services for any unlawful, fraudulent, misleading, prohibited or improper purpose. The Provider may suspend, restrict or terminate access where it reasonably suspects breach of these Terms, unlawful activity, fraudulent invoicing, security risk or misuse of the Services, and may cooperate with law enforcement, regulators and other competent authorities where required or permitted by law. Liability and Indemnity The Customer shall indemnify and keep indemnified the Provider, its officers, employees, contractors, licensors and service providers against all losses, liabilities, claims, damages, fines, penalties, reasonable legal costs and professional expenses arising out of or in connection with: (a) breach of these Terms by the Customer or any User; (b) unlawful, fraudulent or negligent use of the Services by the Customer or any User; (c) inaccurate, unlawful or infringing Customer Data; (d) VAT, tax, accounting or regulatory non-compliance by the Customer or any User; or (e) claims by third parties arising from invoices, communications or content issued by or on behalf of the Customer. This indemnity shall not apply to the extent that the relevant loss is caused by the Provider’s breach of these Terms, fraud, wilful misconduct or negligence. This clause shall survive termination. Use of Services The Services are provided on an “as is” and “as available” basis, subject to any express obligations stated in these Terms. The Provider does not provide legal, tax, accounting, financial, regulatory or other professional advice. The Customer is responsible for obtaining appropriate professional advice where required and for independently reviewing all information, calculations, invoice content, AI outputs, reports and other outputs generated through the Services before relying on them or sharing them with third parties. Nothing in these Terms excludes or limits liability that cannot lawfully be excluded or limited under the laws of England and Wales. Use of Personal Data The Provider shall process personal data in accordance with Data Protection Legislation, these Terms and the Privacy Policy. Where the Provider processes personal data on behalf of the Customer, the Customer shall generally act as controller and the Provider shall generally act as processor, except where Applicable Law requires otherwise or where the Provider processes personal data for its own lawful purposes. The Provider may access, use, retain or disclose personal data where required by law, to provide and secure the Services, to investigate suspected misuse, to protect Users or third parties, or as otherwise permitted by these Terms and the Privacy Policy. Governing Law and Jurisdiction These Terms and any dispute or claim arising out of or in connection with them, including any non-contractual dispute or claim, shall be governed by and construed in accordance with the laws of England and Wales. The courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with these Terms. If any provision of these Terms is held by a court or competent authority to be invalid, unlawful or unenforceable, that provision shall be deemed severed and the remaining provisions shall continue in full force and effect. The Provider may suspend, withdraw or discontinue all or part of the Services where reasonably necessary for legal, regulatory, security, operational or commercial reasons, subject to any notice requirements expressly stated in these Terms. 2. Interpretation 2.1 References to legislation include amendments, replacements and re-enactments of such legislation. 2.2 Words importing the singular include the plural and vice versa. 2.3 References to a person include individuals, companies, partnerships, public authorities and other legal entities. 2.4 Headings are for convenience only and shall not affect interpretation. 2.5 References to "including" or "includes" shall be interpreted without limitation. PART 2 – ABOUT INVOICEREF AND SCOPE OF SERVICES 3. About InvoiceREF 3.1 InvoiceREF is a software-as-a-service platform designed to assist Business Users with: (a) invoice creation and management; (b) invoice delivery and communication; (c) payment tracking and reporting; (d) customer record management; (e) AI-assisted business support; (f) integration with third-party services; (g) future Open Banking functionality; (h) future tax administration functionality; and (i) other related services introduced from time to time. 3.2 The Provider is a software provider only. 3.3 The Provider is not: (a) an accountancy practice; (b) a legal services provider; (c) a tax adviser; (d) a regulated financial adviser; (e) a bank; (f) an electronic money institution; (g) a payment institution; or (h) an FCA authorised third-party Open Banking provider, unless expressly stated otherwise. 3.4 The Services are intended to assist users in managing business administration and invoicing processes and are not intended to replace professional advice. 4. Service Development 4.1 The Provider may add, remove, amend, improve or discontinue features at any time. 4.2 New features introduced after commencement of these Terms shall automatically form part of the Services unless expressly stated otherwise. 4.3 The Provider may introduce additional terms applicable to specific services, products or integrations. 4.4 In the event of conflict between these Terms and any service-specific terms, the service-specific terms shall prevail in relation to that service. PART 3 – BUSINESS USER ELIGIBILITY AND ACCOUNT REGISTRATION 5. Business Use Only 5.1 The Services are intended solely for Business Users. 5.2 By accepting these Terms, you warrant and represent that you are using the Services wholly or mainly for purposes relating to your trade, business, profession or vocation. 5.3 The Customer acknowledges that the Provider has entered into these Terms in reliance upon the representations contained within this clause. 6. Eligibility 6.1 To use the Services you must: (a) be at least eighteen (18) years of age; (b) have legal capacity to enter into binding contracts; (c) provide accurate registration information; (d) maintain accurate information at all times; and (e) comply with all applicable laws. 7. Authority 7.1 Where an individual accepts these Terms, creates an Account or uses the Services on behalf of a company, partnership, charity, association or other organisation, that individual warrants that they have authority to bind that organisation as the Customer. 7.2 The Customer shall be responsible and liable for all use of the Services undertaken through its Account, including all acts and omissions of its Users. 8. Account Security 8.1 Users must maintain the confidentiality of login credentials. 8.2 Users must take all reasonable steps to prevent unauthorised access. 8.3 Users must notify the Provider immediately upon becoming aware of: (a) unauthorised access; (b) credential compromise; (c) security breaches; or (d) suspected fraud. 8.4 The Provider may suspend access where it reasonably considers there is a security risk. PART 4 – FREE TRIAL, SUBSCRIPTION SERVICES AND PAYMENT TERMS 9. Free Trial 9.1 The Provider may offer a Free Trial Period. 9.2 Unless otherwise stated, the Free Trial Period shall be two calendar months commencing on the date an Account is activated. 9.3 The Provider may amend, withdraw or terminate any Free Trial offer at its discretion. 9.4 Upon expiry of the Free Trial Period, continued access to the Services shall require payment of the applicable Fees. 10. Subscription Services 10.1 Access to the Services is provided on a subscription basis. 10.2 Subscription plans, features and Fees shall be published on the InvoiceREF website or application. 10.3 The Customer shall remain responsible for payment of all applicable Fees. 11. Billing and Payment 11.1 Subscription Fees shall be payable in advance by the Customer. 11.2 The Customer authorises the Provider and its payment service providers to collect recurring payments. 11.3 Subscription renewals shall occur automatically unless cancelled before the renewal date. 11.4 Failure to make payment may result in suspension or termination of access to the Services. 11.5 The Provider reserves the right to amend Fees upon providing not less than thirty (30) days' notice. 12. Taxes 12.1 All Fees are exclusive of VAT unless expressly stated otherwise. 12.2 The Customer shall be responsible for payment of all applicable taxes associated with the Services. 13. Refunds 13.1 Except where required by law, Fees are non-refundable. 13.2 The Provider shall have no obligation to provide refunds for partial Subscription Terms, unused services or account inactivity. PART 5 – USER OBLIGATIONS, INVOICE CREATION, VAT RESPONSIBILITIES, TAX RESPONSIBILITIES AND MAKING TAX DIGITAL 14. User Responsibilities 14.1 The User shall ensure that all information entered into, uploaded to, generated by, transmitted through or stored within the Services is: (a) accurate; (b) complete; (c) current; (d) lawful; (e) not misleading; and (f) suitable for the purpose for which it is intended. 14.2 The User acknowledges that InvoiceREF is dependent upon information supplied by the User and that the quality, accuracy and usefulness of the Services may be affected by the accuracy of such information. 14.3 The Customer shall be responsible for all actions undertaken through its Account, including actions of its Users. 14.4 The Customer shall ensure that all Users authorised to access the Services on its behalf comply with these Terms, and the Customer shall be liable for any breach of these Terms by its Users. 14.5 Users shall promptly update information where it becomes inaccurate or incomplete. ________________________________________ 15. Invoice Creation and Management 15.1 InvoiceREF provides tools to assist Users in creating, storing, transmitting and managing invoices. 15.2 The User acknowledges and agrees that all invoices generated using the Services remain the sole responsibility of the User. 15.3 The User warrants that any invoice created, issued, transmitted or stored using the Services: (a) relates to genuine goods supplied and/or services performed; (b) accurately reflects the underlying transaction; (c) complies with Applicable Law; (d) is not false, misleading or deceptive; (e) does not facilitate fraud or unlawful conduct; and (f) has been reviewed by the User prior to issue. 15.4 The Provider shall not be responsible for verifying: (a) the existence of any transaction; (b) the accuracy of invoice details; (c) the validity of invoice amounts; (d) customer details; (e) payment details; (f) invoice numbering; or (g) compliance with legal or tax requirements. 15.5 Users remain solely responsible for ensuring that invoices satisfy all legal requirements applicable within the jurisdiction in which they are issued. 16. Payment Information 16.1 The User is solely responsible for the accuracy of: (a) bank account details; (b) payment references; (c) payment instructions; (d) customer payment information; and (e) any payment-related content contained within invoices. 16.2 The Provider shall have no liability arising from: (a) payments sent to incorrect accounts; (b) incorrect payment instructions; (c) delayed payments; (d) failed payments; or (e) disputes relating to payment collection. 17. Business Information 17.1 The User shall ensure that all business information entered into the Services is accurate. 17.2 The User is responsible for ensuring that: (a) business names; (b) trading names; (c) registered office addresses; (d) company registration numbers; (e) tax registration details; and (f) VAT registration details remain accurate and up to date. 17.3 The Provider may rely upon information supplied by the Customer or its Users without independent verification. 18. VAT Responsibilities 18.1 The Services may provide functionality that enables VAT to be included within invoices. 18.2 The Customer acknowledges and agrees that the Provider does not determine the correct VAT treatment applicable to any transaction. 18.3 The User remains solely responsible for: (a) determining whether VAT applies; (b) determining the correct VAT rate; (c) determining whether exemptions apply; (d) determining whether reduced rates apply; (e) determining place of supply rules; (f) determining international VAT treatment; (g) determining reverse charge treatment; (h) determining VAT recovery entitlement; and (i) ensuring compliance with applicable tax legislation. 18.4 Any VAT calculations performed by the Services are generated solely from information supplied by the User. 18.5 The User acknowledges that automated calculations may be affected by incorrect user inputs and should be independently reviewed before invoices are issued. 18.6 The Provider accepts no liability for: (a) VAT underpayments; (b) VAT overpayments; (c) VAT penalties; (d) VAT interest charges; (e) assessments raised by tax authorities; or (f) any other tax consequences arising from the User's use of the Services. 19. Tax Responsibilities 19.1 The Provider is not a tax adviser. 19.2 Nothing within the Services constitutes tax advice. 19.3 Users remain solely responsible for: (a) tax compliance; (b) tax calculations; (c) tax reporting; (d) tax registrations; (e) tax payments; (f) tax filings; and (g) obtaining professional advice where appropriate. 19.4 The User acknowledges that tax laws vary between jurisdictions and may change over time. 19.5 The Provider does not guarantee that any information contained within the Services reflects current tax law. 20. Accounting and Bookkeeping Responsibilities 20.1 The Services are not accounting software unless expressly stated otherwise. 20.2 Users remain responsible for maintaining adequate accounting records. 20.3 The Services do not replace the need for: (a) professional accounting advice; (b) bookkeeping services; (c) audit services; or (d) financial reporting obligations. 20.4 The User shall independently verify all information exported from the Services before relying upon it. 21. Making Tax Digital ("MTD") 21.1 The Services may from time to time include features intended to assist Users with obligations arising under the United Kingdom's Making Tax Digital regime. 21.2 Such functionality may include: (a) record keeping tools; (b) data exports; (c) reporting functionality; (d) integration capabilities; (e) submission support tools; and (f) other administrative assistance. 21.3 The User acknowledges and agrees that responsibility for compliance with MTD obligations remains solely with the User. 21.4 The Provider does not warrant or guarantee that use of the Services alone will satisfy any legal, tax or regulatory requirement. 21.5 The User remains responsible for: (a) maintaining required records; (b) ensuring accuracy of submissions; (c) filing returns on time; (d) meeting statutory deadlines; (e) maintaining appropriate evidence; and (f) compliance with HMRC requirements. 21.6 The Provider shall not be liable for: (a) late filing penalties; (b) incorrect submissions; (c) compliance failures; (d) tax assessments; (e) enforcement action; or (f) financial losses arising from non-compliance. 22. Professional Advice 22.1 The Services are intended to assist business administration and record management. 22.2 The Services do not constitute: (a) legal advice; (b) accounting advice; (c) tax advice; (d) regulatory advice; (e) financial advice; or (f) professional advice of any kind. 22.3 Users should obtain advice from appropriately qualified professionals where required. 22.4 Reliance upon information generated by the Services shall be at the User's sole risk. 23. User Acknowledgement 23.1 The User expressly acknowledges and agrees that: (a) InvoiceREF is a software platform only; (b) the Provider does not create legal obligations on behalf of Users; (c) the Provider does not verify the accuracy of User information; (d) the Provider does not guarantee legal compliance; (e) the Provider does not guarantee tax compliance; (f) the Provider does not guarantee business outcomes; and (g) ultimate responsibility for all invoices, records, filings and business decisions remains with the User. 23.2 The User accepts all responsibility for reviewing information generated through the Services prior to relying upon it or communicating it to any third party. PART 6 – AI SERVICES, TAYLOR, AUTOMATED OUTPUTS, AI DISCLAIMERS, AI GOVERNANCE AND AI LIABILITY 24. AI Services 24.1 The Services may include AI-powered functionality. 24.2 AI Services may include: (a) Taylor onboarding assistance; (b) business classification and categorisation; (c) invoice drafting assistance; (d) invoice description generation; (e) customer communication drafting; (f) VAT-related guidance; (g) business administration assistance; (h) reporting assistance; (i) transaction categorisation; (j) cashflow insights; (k) educational content; (l) support functionality; and (m) other AI-powered features introduced from time to time. 24.3 AI Services may be provided using: (a) technology developed by the Provider; (b) third-party artificial intelligence providers; (c) machine learning systems; (d) large language models; (e) generative AI systems; or (f) combinations thereof. 24.4 The Provider reserves the right to introduce, modify, restrict, suspend or withdraw AI Services at any time. 25. Nature of AI Outputs 25.1 The User acknowledges that AI Services generate outputs through automated processes. 25.2 AI-generated outputs are predictive and probabilistic in nature and may not always be accurate. 25.3 AI-generated outputs may: (a) contain errors; (b) contain omissions; (c) contain inaccuracies; (d) contain outdated information; (e) misinterpret User inputs; (f) generate inappropriate conclusions; or (g) fail to identify relevant facts or circumstances. 25.4 AI outputs are provided solely for information and assistance purposes. 25.5 AI outputs should not be regarded as definitive, authoritative or guaranteed. 26. Taylor AI Assistant 26.1 Taylor is an AI-powered assistant designed to support Users in onboarding and use of the Services. 26.2 Taylor may assist Users by: (a) gathering information; (b) explaining platform features; (c) suggesting invoice structures; (d) categorising businesses; (e) suggesting settings; (f) providing educational guidance; and (g) assisting with administrative tasks. 26.3 Taylor does not: (a) make decisions on behalf of Users; (b) replace professional advice; (c) verify factual accuracy; (d) approve legal compliance; or (e) assume responsibility for User decisions. 26.4 Users remain solely responsible for reviewing and approving all information collected, suggested or generated by Taylor. 27. No Professional Advice 27.1 AI Services do not constitute: (a) legal advice; (b) accounting advice; (c) tax advice; (d) financial advice; (e) investment advice; (f) regulatory advice; (g) compliance advice; or (h) professional advice of any kind. 27.2 AI-generated information is intended solely as general assistance. 27.3 Users should seek advice from appropriately qualified professionals where required. 27.4 No reliance should be placed upon AI outputs as a substitute for professional advice. ________________________________________ 28. VAT and Tax Guidance Generated by AI 28.1 AI Services may provide information relating to: (a) VAT; (b) taxation; (c) HMRC requirements; (d) Making Tax Digital; (e) bookkeeping; (f) accounting processes; or (g) business administration. 28.2 Such information is provided solely for general informational purposes. 28.3 The Provider does not warrant that any AI-generated tax-related information: (a) is accurate; (b) is complete; (c) reflects current legislation; (d) reflects current HMRC practice; (e) applies to a User's circumstances; or (f) is suitable for reliance. 28.4 Responsibility for all tax decisions remains solely with the User. 29. AI Generated Invoice Content 29.1 AI Services may generate or suggest: (a) invoice descriptions; (b) invoice narratives; (c) customer communications; (d) reminders; (e) payment requests; or (f) other business content. 29.2 Users remain solely responsible for ensuring that all content generated by AI is: (a) accurate; (b) lawful; (c) appropriate; (d) non-defamatory; (e) suitable for issue to third parties; and (f) compliant with Applicable Law. 29.3 The Provider shall have no responsibility for content issued by Users following AI assistance. 30. Human Review Requirement 30.1 Users must review all AI-generated outputs before: (a) sending invoices; (b) communicating with customers; (c) making business decisions; (d) making tax decisions; (e) making compliance decisions; or (f) relying upon such outputs. 30.2 Users acknowledge that AI outputs are intended to assist human decision-making rather than replace it. 30.3 The User assumes responsibility for all decisions made using AI-generated outputs. 31. AI Learning and Improvement 31.1 The Provider may use anonymised and aggregated information to: (a) improve AI performance; (b) improve system functionality; (c) improve user experience; (d) develop new products; (e) enhance service quality; and (f) conduct statistical analysis. 31.2 The Provider shall not use identifiable Customer Data to train general-purpose AI models without: (a) an appropriate legal basis; and (b) any consent required by Applicable Law. 31.3 Nothing in this Agreement grants third-party AI providers ownership of Customer Data. 32. AI Provider Dependencies 32.1 AI Services may depend upon Third-Party Services. 32.2 The Provider shall not be liable for interruptions, degradation or unavailability resulting from failures of third-party AI providers. 32.3 AI functionality may change where third-party providers: (a) alter functionality; (b) alter pricing; (c) alter service levels; (d) discontinue services; or (e) impose restrictions. 33. AI Availability 33.1 The Provider does not guarantee that AI Services will be continuously available. 33.2 AI Services may be suspended or restricted: (a) for maintenance; (b) for security purposes; (c) for regulatory reasons; (d) due to provider limitations; (e) due to system upgrades; or (f) where reasonably necessary. 33.3 AI functionality may be subject to usage limits, quotas or fair usage restrictions. ________________________________________ 34. Prohibited Use of AI Services 34.1 Users must not use AI Services: (a) to facilitate unlawful conduct; (b) to facilitate fraud; (c) to facilitate tax evasion; (d) to generate misleading invoices; (e) to impersonate individuals or organisations; (f) to generate harmful content; (g) to infringe intellectual property rights; (i) to circumvent security controls; or (j) in a manner that may damage the reputation of the Provider or the InvoiceREF brand. 34.2 The Provider may suspend AI access immediately where prohibited use is suspected. 35. AI Governance 35.1 The Provider operates AI Services in accordance with its internal AI Governance and Responsible AI Framework. 35.2 The Provider seeks to ensure that AI Services are operated in accordance with principles of: (a) transparency; (b) accountability; (c) fairness; (d) privacy; (e) security; and (f) responsible innovation. 35.3 The Provider reserves the right to modify AI Services to comply with legal, regulatory or ethical requirements. 36. Intellectual Property in AI Services 36.1 All Intellectual Property Rights relating to: (a) Taylor; (b) AI models; (c) AI systems; (d) prompts; (e) workflows; (f) training methodologies; and (g) supporting technology shall remain the property of the Provider or its licensors. 36.2 Nothing in this Agreement transfers ownership of AI-related Intellectual Property Rights to the User. 37. AI Liability Exclusions 37.1 Without prejudice to any other limitation of liability contained within this Agreement, the Provider shall not be liable for: (a) inaccurate AI outputs; (b) incomplete AI outputs; (c) hallucinated AI outputs; (d) AI categorisation errors; (e) AI forecasting errors; (f) AI-generated tax errors; (g) AI-generated VAT errors; (h) AI-generated compliance errors; (i) AI-generated business recommendations; or (j) decisions made by Users based upon AI-generated information. 37.2 Users acknowledge that AI outputs are inherently uncertain and may not reflect real-world circumstances. 37.3 Reliance upon AI-generated outputs shall be entirely at the User's own risk. 38. User Acknowledgement Regarding AI 38.1 By using AI Services, the User expressly acknowledges and agrees that: (a) AI systems can make mistakes; (b) AI outputs may be inaccurate; (c) AI outputs require human review; (d) AI outputs are not professional advice; (e) AI outputs may not reflect current law or regulation; (f) AI outputs should not be relied upon without verification; and (g) ultimate responsibility for all decisions remains with the User. 38.2 The User accepts all risks associated with reliance upon AI-generated outputs to the fullest extent permitted by law. PART 7 – OPEN BANKING SERVICES, THIRD-PARTY PROVIDERS, PAYMENT INITIATION SERVICES, ACCOUNT INFORMATION SERVICES, BANKING INTEGRATIONS AND REGULATORY DISCLOSURES 39. Open Banking Services 39.1 The Services may from time to time include functionality that enables Users to access Open Banking Services. 39.2 Open Banking Services may include: (a) Account Information Services ("AIS"); (b) Payment Initiation Services ("PIS"); (c) confirmation of funds services; (d) transaction categorisation; (e) account connectivity; (f) payment request functionality; (g) invoice payment services; (h) cashflow insights; (i) financial reporting; and (j) other Open Banking enabled functionality. 39.3 Open Banking Services may be introduced, modified, suspended or withdrawn at any time. 39.4 Open Banking functionality shall only be available where supported by participating financial institutions and authorised third-party providers. 40. Third-Party Provider Model 40.1 The Provider is not currently authorised by the Financial Conduct Authority ("FCA") to provide regulated Open Banking services. 40.2 Where Open Banking functionality is made available, such functionality may be provided through one or more FCA-authorised third-party providers. 40.3 Users acknowledge that regulated Open Banking services may be provided by third parties and not by the Provider. 40.4 The User may be required to accept additional terms and conditions imposed by third-party providers. 40.5 Separate privacy policies, consent arrangements and regulatory disclosures may apply. 41. User Consent 41.1 The User acknowledges that Open Banking Services require explicit consent. 41.2 By enabling Open Banking functionality, the User authorises the relevant authorised provider to: (a) access account information; (b) retrieve transaction information; (c) retrieve account balances; (d) initiate payments; (e) process account information; and (f) undertake activities expressly authorised by the User. 41.3 The User may withdraw consent in accordance with the procedures provided by the relevant authorised provider. 41.4 Withdrawal of consent may result in the loss of associated functionality. 42. Account Information Services 42.1 Where AIS functionality is available, the Provider may receive information from authorised providers including: (a) transaction history; (b) account balances; (c) account identifiers; (d) payment references; (e) merchant information; and (f) other information made available through Open Banking interfaces. 42.2 The Provider does not guarantee: (a) completeness; (b) accuracy; (c) availability; or (d) timeliness of information received from third-party providers. 42.3 Information supplied through Open Banking channels should be independently verified before reliance is placed upon it. 43. Payment Initiation Services 43.1 The Services may enable Users to request payments through regulated third-party providers. 43.2 Payment Initiation Services may allow Users to: (a) request payment of invoices; (b) initiate account-to-account payments; (c) facilitate settlement of invoices; (d) receive payment confirmations; and (e) access related functionality. 43.3 The Provider is not responsible for: (a) payment execution decisions; (b) payment authorisation decisions; (c) bank approval decisions; (d) payment failures; (e) payment delays; or (f) payment rejections. 43.4 Responsibility for execution of regulated payment services shall remain with the authorised provider and participating financial institution. 44. Banking Connectivity 44.1 The Provider does not guarantee that all banks, building societies or payment accounts will support Open Banking connectivity. 44.2 Connectivity may be unavailable due to: (a) bank outages; (b) bank maintenance; (c) Open Banking infrastructure failures; (d) regulatory restrictions; (e) technical limitations; or (f) circumstances beyond the Provider's reasonable control. 44.3 The Provider shall not be liable for interruptions arising from banking system dependencies. 45. Transaction Categorisation and Financial Insights 45.1 Open Banking functionality may include transaction categorisation and financial insight tools. 45.2 Such functionality may utilise: (a) automated rules; (b) artificial intelligence; (c) machine learning; or (d) combinations thereof. 45.3 Users acknowledge that categorisation and insight tools may contain inaccuracies. 45.4 Users remain responsible for reviewing and validating any categorisation or analysis generated through the Services. 45.5 The Provider shall not be liable for financial decisions made on the basis of categorised transaction data. 46. No Financial Advice 46.1 Information generated through Open Banking functionality does not constitute: (a) financial advice; (b) investment advice; (c) lending advice; (d) accounting advice; (e) tax advice; or (f) regulated financial services advice. 46.2 Users should seek professional advice before making financial decisions. 47. Third-Party Provider Liability 47.1 The Provider shall not be responsible for: (a) actions or omissions of authorised providers; (b) actions or omissions of banks; (c) regulatory failures of third parties; (d) service outages affecting third parties; (e) inaccurate information supplied by third parties; (f) third-party security incidents; or (g) third-party contractual breaches. 47.2 The User acknowledges that separate contractual relationships may exist between the User and authorised Open Banking providers. 48. Open Banking Data 48.1 Information received through Open Banking Services shall be treated as Customer Data for the purposes of these Terms. 48.2 The Provider may process Open Banking information: (a) to provide Services; (b) to generate reports; (c) to categorise transactions; (d) to provide insights; (e) to improve service functionality; and (f) for other lawful purposes connected with the Services. 48.3 The Provider shall process such information in accordance with applicable Data Protection Legislation and the Privacy Policy. 49. Regulatory Changes 49.1 Open Banking frameworks, standards and regulations may change from time to time. 49.2 The Provider may modify Open Banking functionality to: (a) comply with Applicable Law; (b) comply with regulatory guidance; (c) comply with industry standards; (d) comply with provider requirements; or (e) respond to operational requirements. 49.3 The Provider shall not be liable where regulatory changes require modification, restriction or withdrawal of Open Banking functionality. 50. Suspension of Open Banking Services 50.1 The Provider may suspend Open Banking functionality where reasonably necessary: (a) to protect security; (b) to prevent fraud; (c) to comply with regulatory requirements; (d) to investigate misuse; (e) to protect Users; (f) to protect third-party providers; or (g) to protect the integrity of the Services. 50.2 Suspension may occur without prior notice where immediate action is reasonably required. 51. Open Banking Availability Disclaimer 51.1 Open Banking functionality is provided on an "as available" basis. 51.2 The Provider makes no representation or warranty that Open Banking Services will: (a) be continuously available; (b) operate without interruption; (c) be error free; (d) be supported by all financial institutions; or (e) remain available indefinitely. 51.3 Open Banking functionality may be withdrawn at any time without liability where reasonably necessary. 52. User Acknowledgement Regarding Open Banking 52.1 By enabling Open Banking functionality, the User acknowledges and agrees that: (a) Open Banking Services depend upon third-party providers; (b) Open Banking Services depend upon participating financial institutions; (c) access may be interrupted or withdrawn; (d) information supplied may not always be complete or current; (e) separate regulatory terms may apply; and (f) the Provider does not assume responsibility for regulated payment services provided by authorised third parties. 52.2 The User accepts the inherent operational risks associated with Open Banking connectivity and third-party provider dependencies. 53. Future Financial Service Functionality 53.1 The Provider may introduce additional financial technology services in the future including: (a) embedded payment solutions; (b) payment collection services; (c) reconciliation services; (d) financial administration services; (e) accounting integrations; (f) cashflow functionality; and (g) related business services. 53.2 The Provider reserves the right to implement additional service-specific terms governing such functionality. 53.3 Continued use of any future financial service functionality shall constitute acceptance of any applicable additional terms. PART 8 – THIRD-PARTY INTEGRATIONS, ACCOUNTING SOFTWARE CONNECTIONS, DATA EXPORTS, APIs AND INTEGRATION LIABILITY 54. Third-Party Integrations 54.1 The Provider may provide integrations with Third-Party Services from time to time. 54.2 Such integrations may include, without limitation: (a) accounting software platforms; (b) bookkeeping systems; (c) tax software providers; (d) Open Banking providers; (e) payment service providers; (f) customer relationship management systems; (g) cloud storage providers; (h) document management systems; (i) reporting platforms; and (j) other business software services. 54.3 Integrations may be provided directly by the Provider, through a Third-Party Service, or through a combination of both. 54.4 The Provider reserves the right to: (a) introduce integrations; (b) modify integrations; (c) suspend integrations; (d) restrict integrations; or (e) withdraw integrations at any time. 55. Accounting Software Integrations 55.1 The Provider may provide integrations with accounting and bookkeeping software including, but not limited to: (a) Xero; (b) FreeAgent; (c) QuickBooks; (d) Sage; (e) Clear Books; (f) KashFlow; and (g) other accounting software providers. 55.2 The availability of any integration shall not constitute a representation that the integration is suitable for the User's specific requirements. 55.3 Users remain solely responsible for determining whether any integration is appropriate for their business. ________________________________________ 56. Data Export Functionality 56.1 The Services may include functionality allowing Users to export information from the Services. 56.2 Export formats may include: (a) CSV; (b) PDF; (c) XML; (d) JSON; (e) spreadsheet formats; (f) accounting software formats; and (g) other formats introduced from time to time. 56.3 The Provider may amend available export formats at its discretion. 56.4 The Provider does not guarantee that exported information will be compatible with all Third-Party Services. 57. User Responsibility for Data Validation 57.1 Users must independently review and validate all exported information before: (a) importing such information into third-party systems; (b) relying upon exported information; (c) submitting information to HMRC; (d) sharing information with accountants; (e) using exported information for statutory purposes; or (f) making business decisions. 57.2 Users remain solely responsible for verifying: (a) accuracy; (b) completeness; (c) consistency; (d) tax treatment; (e) VAT treatment; (f) transaction allocation; (g) account coding; and (h) reconciliation outcomes. 57.3 The Provider shall have no responsibility for errors that arise following export of data from the Services. 58. Import and Synchronisation Risks 58.1 Data imported into third-party systems may be affected by: (a) configuration differences; (b) software limitations; (c) account mapping rules; (d) user settings; (e) third-party processing logic; (f) software updates; and (g) technical incompatibilities. 58.2 The Provider does not guarantee that information exported from the Services will be imported correctly into third-party systems. 58.3 Users remain responsible for checking the outcome of all imports and synchronisation activities. 59. API Services 59.1 The Provider may provide application programming interfaces ("APIs") to facilitate integration with third-party systems. 59.2 The Provider may impose: (a) usage limits; (b) access controls; (c) authentication requirements; (d) security requirements; (e) rate limits; and (f) technical restrictions. 59.3 The Provider reserves the right to modify API functionality at any time. 59.4 The Provider does not guarantee continued availability of any API. 60. Third-Party Terms 60.1 Use of Third-Party Services may be subject to separate contractual terms. 60.2 Users are responsible for complying with the terms applicable to any Third-Party Service used in conjunction with the Services. 60.3 The Provider shall not be responsible for breaches of third-party contractual obligations by Users. 61. Third-Party Service Availability 61.1 The Provider shall not be responsible for: (a) service outages; (b) technical failures; (c) security incidents; (d) pricing changes; (e) functionality changes; (f) withdrawal of services; or (g) business failure affecting Third-Party Services. 61.2 Users acknowledge that Third-Party Services operate independently of the Provider and the Services. 61.3 The Provider makes no representation that any integration will remain available for any minimum period. 62. Data Mapping and Reconciliation 62.1 The Services may include mapping functionality to assist transfer of information between systems. 62.2 Mapping functionality may utilise: (a) predefined rules; (b) user-defined rules; (c) artificial intelligence; (d) automation tools; or (e) combinations thereof. 62.3 Users remain solely responsible for reviewing: (a) account mappings; (b) category mappings; (c) VAT mappings; (d) transaction classifications; (e) ledger allocations; and (f) reconciliation outcomes. 62.4 The Provider shall not be liable for accounting, bookkeeping or tax consequences arising from mapping errors. 63. Accountant Access 63.1 The Services may permit Users to provide access to accountants, bookkeepers or advisers. 63.2 Users remain responsible for: (a) granting access; (b) managing permissions; (c) monitoring access rights; and (d) removing access where no longer required. 63.3 The Provider shall not be liable for actions taken by third parties granted access by the User. 64. Integration Security 64.1 Users acknowledge that connecting third-party systems may involve the transfer of data between independent systems. 64.2 The Provider shall take reasonable steps to protect information transmitted through authorised integrations. 64.3 The Provider shall not be responsible for security failures occurring within third-party environments. 64.4 Users should independently assess the suitability and security of Third-Party Services. 65. Intellectual Property in Integrations 65.1 All Intellectual Property Rights relating to Third-Party Services shall remain vested in their respective owners. 65.2 Nothing in these Terms grants any right to use third-party intellectual property except as required for the intended operation of authorised integrations. 66. Integration Liability Disclaimer 66.1 Without prejudice to any other limitation of liability contained within these Terms, the Provider shall not be liable for: (a) failed imports; (b) failed exports; (c) synchronisation failures; (d) data mapping errors; (e) reconciliation differences; (f) duplicate records; (g) missing records; (h) third-party processing errors; (i) accounting errors arising within third-party systems; or (j) losses arising from reliance upon third-party integrations. 66.2 Users remain responsible for maintaining appropriate backups and verification procedures. 67. Future Integration Services 67.1 The Provider may introduce additional integrations and ecosystem partnerships from time to time. 67.2 Such integrations may include: (a) government services; (b) tax platforms; (c) financial institutions; (d) payment providers; (e) e-commerce providers; (f) business software platforms; and (g) other commercial partners. 67.3 The Provider may introduce service-specific terms governing future integrations. 67.4 Continued use of such integrations shall constitute acceptance of any applicable service-specific terms. 68. User Acknowledgement Regarding Integrations 68.1 By using any integration functionality, the User acknowledges and agrees that: (a) integrations depend upon third-party systems; (b) compatibility cannot be guaranteed; (c) information should be independently verified; (d) accounting outputs require review; (e) tax outputs require review; (f) imported and exported data may require reconciliation; and (g) ultimate responsibility for business records remains with the User. 68.2 The User accepts all operational risks associated with the use of Third-Party Services to the fullest extent permitted by law. PART 9 – CUSTOMER DATA, DATA OWNERSHIP, DATA PROTECTION, PRIVACY, DATA RETENTION, CONFIDENTIALITY AND INFORMATION GOVERNANCE 69. Ownership of Customer Data 69.1 The Customer shall retain ownership of all Customer Data. 69.2 Nothing in these Terms transfers ownership of Customer Data to the Provider. 69.3 Subject to these Terms, the Provider acknowledges that all rights, title and interest in Customer Data remain vested in the Customer or its licensors. 69.4 The Customer is solely responsible for the legality, accuracy, quality, integrity and reliability of Customer Data. 70. Licence to Use Customer Data 70.1 The Customer grants the Provider a worldwide, non-exclusive, royalty-free licence to: (a) host Customer Data; (b) process Customer Data; (c) store Customer Data; (d) transmit Customer Data; (e) display Customer Data; (f) analyse Customer Data; (g) back up Customer Data; and (h) otherwise use Customer Data to the extent reasonably necessary to provide, secure, maintain, improve and support the Services. 70.2 The licence granted under this clause shall continue for the duration of the Customer’s use of the Services and for any period during which the Provider is entitled to retain Customer Data under these Terms. 70.3 Except as expressly permitted by these Terms, the Provider shall not acquire any proprietary rights in Customer Data. 71. Customer Warranties Regarding Customer Data 71.1 The Customer warrants that: (a) it owns or has lawful authority to use Customer Data; (b) Customer Data has been obtained lawfully; (c) Customer Data may lawfully be processed by the Provider; (d) Customer Data does not infringe the rights of any third party; (e) Customer Data does not contain unlawful material; and (f) Customer Data complies with Applicable Law. 71.2 The Customer shall indemnify the Provider against claims arising from breach of this clause. 72. Data Protection Compliance 72.1 Each party shall comply with applicable Data Protection Legislation. 72.2 Where the Provider processes personal data on behalf of the Customer, the Provider shall act as a data processor except where Applicable Law requires otherwise. 72.3 The Customer acknowledges that it shall generally act as the data controller in relation to personal data entered into the Services. 72.4 The Provider shall process personal data only: (a) in accordance with documented instructions; (b) as required to provide the Services; (c) as required by Applicable Law; or (d) as otherwise permitted under these Terms. 73. Privacy Policy 73.1 Use of the Services shall be subject to the Privacy Policy. 73.2 The Privacy Policy forms part of the contractual relationship between the parties. 73.3 The Provider may amend the Privacy Policy from time to time to reflect: (a) legal developments; (b) regulatory developments; (c) service changes; (d) operational requirements; or (e) security requirements. 73.4 Material amendments shall be communicated through appropriate channels. ________________________________________ 74. Data Security 74.1 The Provider shall implement and maintain reasonable technical and organisational measures designed to protect Customer Data. 74.2 Such measures may include: (a) access controls; (b) authentication controls; (c) encryption technologies; (d) monitoring systems; (e) backup procedures; (f) security testing; and (g) incident response procedures. 74.3 The Provider does not warrant that any system can be completely secure. 75. Security Responsibilities of Users 75.1 Users shall take reasonable steps to protect Customer Data within their control. 75.2 Users shall: (a) maintain secure passwords; (b) secure authorised devices; (c) restrict access appropriately; (d) monitor authorised users; (e) promptly remove unnecessary access; and (f) report suspected security incidents. 75.3 The Provider shall not be liable for security incidents arising primarily from User failures to maintain appropriate security controls. 76. Data Breach Management 76.1 The Provider shall maintain procedures designed to identify and manage security incidents. 76.2 Where required by Applicable Law, the Provider shall notify affected Customers or Users of personal data breaches. 76.3 Customers and Users shall cooperate with the Provider in relation to investigations of security incidents where reasonably requested. 76.4 Nothing in these Terms shall require disclosure of information where disclosure would compromise security investigations or legal obligations. 77. Data Retention 77.1 The Provider may retain Customer Data during the active provision of Services. 77.2 Following closure, termination or suspension of an Account, the Provider may retain Customer Data for: (a) legal compliance; (b) regulatory compliance; (c) fraud prevention; (d) dispute resolution; (e) audit requirements; (f) security purposes; (g) business continuity; and (h) enforcement of contractual rights. 77.3 Unless a longer retention period is required by Applicable Law, the Provider may retain Customer Data for a period of up to five (5) years following account closure. 77.4 The Provider may retain anonymised information indefinitely. 78. Backup and Recovery 78.1 The Provider may maintain backup copies of Customer Data. 78.2 Backup systems are intended to support operational resilience and disaster recovery. 78.3 The Provider does not guarantee restoration of any specific item of Customer Data. 78.4 Users remain responsible for maintaining their own records where required by law or business necessity. 79. Data Deletion Requests 79.1 Customers or Users may request deletion of Customer Data in accordance with applicable Data Protection Legislation. 79.2 The Provider may refuse or restrict deletion where retention is required: (a) by law; (b) by regulatory obligations; (c) for fraud prevention; (d) for dispute resolution; (e) for security purposes; or (f) to establish, exercise or defend legal claims. 79.3 Deleted information may remain within backup environments for a reasonable period before final removal. 80. Anonymised and Aggregated Data 80.1 The Provider may create anonymised, aggregated or statistical information derived from Customer Data. 80.2 Such information shall not identify individual Users or customers. 80.3 The Provider may use anonymised and aggregated information for: (a) product development; (b) analytics; (c) benchmarking; (d) service improvement; (e) research; (f) security monitoring; (g) AI improvement; and (h) business intelligence. 80.4 All rights in anonymised and aggregated information shall belong to the Provider. 81. AI Data Governance 81.1 Customer Data shall not be used to train general-purpose AI models in an identifiable form without: (a) an appropriate legal basis; and (b) any consent required by Applicable Law. 81.2 The Provider may use anonymised and aggregated information to improve AI Services. 81.3 The Provider shall seek to minimise the volume of personal data processed by AI systems where reasonably practicable. 81.4 AI processing shall be undertaken in accordance with the Provider’s AI Governance and Responsible AI Framework. 82. Open Banking Data Governance 82.1 Information received through Open Banking Services shall be treated as Customer Data. 82.2 Open Banking information shall be processed solely: (a) to provide requested functionality; (b) to generate requested reports; (c) to support integrations; (d) to support categorisation and insights; and (e) for other lawful purposes connected with the Services. 82.3 The Provider shall implement safeguards appropriate to the sensitivity of Open Banking information. 83. Confidential Information 83.1 Each party may receive Confidential Information from the other. 83.2 Each party shall: (a) keep Confidential Information confidential; (b) use Confidential Information only for purposes connected with these Terms; (c) protect Confidential Information with reasonable care; and (d) restrict access to those with a legitimate need to know. 83.3 Confidential Information shall not include information which: (a) is publicly available through no fault of the receiving party; (b) was lawfully known before disclosure; (c) is lawfully obtained from a third party; or (d) is independently developed without reference to the disclosed information. 84. Permitted Disclosures 84.1 A party may disclose Confidential Information where required: (a) by law; (b) by court order; (c) by regulatory requirement; (d) by governmental authority; or (e) to professional advisers subject to confidentiality obligations. 84.2 Where legally permitted, the disclosing party shall be notified before such disclosure. 85. Information Governance 85.1 The Provider shall maintain policies and procedures relating to: (a) information security; (b) privacy; (c) data retention; (d) AI governance; (e) incident management; and (f) operational resilience. 85.2 The Provider may modify such policies from time to time to reflect legal, regulatory and operational developments. ________________________________________ 86. User Acknowledgement Regarding Data 86.1 The User acknowledges and agrees that: (a) InvoiceREF acts as a software platform; (b) electronic systems cannot guarantee absolute security; (c) retention obligations may prevent immediate deletion of data; (d) anonymised information may continue to be used after account closure; (e) legal obligations may require retention or disclosure of information; and (f) responsibility for lawful collection of Customer Data remains with the User. 86.2 The User confirms that it has considered its own obligations under Data Protection Legislation before using the Services. PART 10 – INTELLECTUAL PROPERTY RIGHTS, SOFTWARE LICENCE, BRAND PROTECTION, FEEDBACK, USER CONTENT RIGHTS AND PROPRIETARY TECHNOLOGY 87. Ownership of Intellectual Property Rights 87.1 All Intellectual Property Rights in and relating to the Services shall remain vested in the Provider or its licensors. 87.2 Such Intellectual Property Rights include, without limitation: (a) software; (b) source code; (c) object code; (d) databases; (e) workflows; (f) user interfaces; (g) application designs; (h) APIs; (i) documentation; (j) business processes; (k) AI Services; (l) machine learning systems; (m) prompts; (n) training methodologies; (o) reports; (p) website content; (q) branding; (r) trademarks; (s) logos; and (t) all enhancements, developments, modifications and derivative works thereof. 87.3 Nothing in these Terms transfers ownership of any Intellectual Property Rights belonging to the Provider. 87.4 Users acquire only the limited rights expressly granted under these Terms. 88. Licence to Use the Services 88.1 Subject to compliance with these Terms and payment of applicable Fees, the Provider grants the Customer a limited, revocable, non-exclusive, non-transferable and non-sublicensable licence to permit Users to access and use the Services. 88.2 The licence granted under this clause is solely for the Customer's internal business purposes. 88.3 The licence shall automatically terminate upon termination of these Terms. 88.4 The User shall not acquire any ownership rights through use of the Services. 89. Restrictions on Use 89.1 Except to the extent expressly permitted by Applicable Law, the User shall not: (a) copy the Services; (b) reproduce the Services; (c) modify the Services; (d) create derivative works from the Services; (e) distribute the Services; (f) sublicense the Services; (g) sell the Services; (h) lease the Services; (i) rent the Services; (j) assign the Services; (k) reverse engineer the Services; (l) decompile the Services; (m) disassemble the Services; (n) attempt to discover source code; (o) circumvent technical protections; (p) access the Services to build a competing product; (q) conduct unauthorised benchmarking; (r) remove proprietary notices; or (s) otherwise exploit the Services beyond the scope permitted by these Terms. 89.2 The User shall not permit any third party to undertake any of the activities prohibited under this clause. 90. InvoiceREF Brand and Trade Marks 90.1 The names "InvoiceREF", "Taylor" and any associated brands, logos, designs, graphics, service marks and trade marks shall remain the property of the Provider or its licensors. 90.2 Users shall not: (a) copy such branding; (b) register confusingly similar names; (c) challenge ownership rights; (d) misuse branding; or (e) represent themselves as affiliated with InvoiceREF without authorisation. 90.3 Nothing in these Terms grants any right to use InvoiceREF trade marks except as expressly authorised. 91. User Content 91.1 The Customer shall retain ownership of User-generated content contained within Customer Data. 91.2 Subject to clause 70, the Customer grants the Provider the rights necessary to host, process and display such content in order to provide the Services. 91.3 The User warrants that User Content: (a) does not infringe third-party rights; (b) does not contain unlawful material; (c) is not defamatory; (d) is not misleading; and (e) complies with Applicable Law. 91.4 The Provider may remove content where it reasonably believes such content breaches these Terms or Applicable Law. 92. Feedback and Suggestions 92.1 Users may from time to time provide: (a) suggestions; (b) recommendations; (c) ideas; (d) comments; (e) feature requests; or (f) other feedback relating to the Services. 92.2 The Customer grants the Provider a perpetual, irrevocable, worldwide, royalty-free licence to use, modify, develop and incorporate such feedback into the Services. 92.3 The Provider shall have no obligation to compensate Users for feedback provided. 92.4 Users waive any claim to ownership of developments arising from such feedback. 93. Custom Developments 93.1 Where the Provider develops enhancements, improvements, new features or new functionality arising from: (a) customer requests; (b) customer feedback; (c) customer usage patterns; or (d) customer requirements, all resulting Intellectual Property Rights shall remain vested in the Provider unless otherwise agreed in writing. 93.2 No User shall acquire ownership rights in platform-wide developments merely because they requested or influenced such developments. 94. Artificial Intelligence Intellectual Property 94.1 All Intellectual Property Rights relating to: (a) Taylor; (b) AI Services; (c) prompts; (d) prompt engineering; (e) AI workflows; (f) AI governance frameworks; (g) machine learning processes; (h) AI integration architecture; and (i) AI training methodologies shall remain vested in the Provider or its licensors. 94.2 Nothing within these Terms transfers ownership of AI-related Intellectual Property Rights to Users. 94.3 Users shall not attempt to: (a) replicate; (b) copy; (c) extract; (d) train competing systems from; or (e) otherwise exploit InvoiceREF AI technology without written permission. 95. Usage Data and Service Intelligence 95.1 The Provider may generate operational information relating to usage of the Services. 95.2 Such information may include: (a) system performance metrics; (b) service analytics; (c) usage statistics; (d) behavioural trends; (e) anonymised benchmarking information; and (f) operational intelligence. 95.3 All rights in such information shall belong to the Provider. 95.4 Such information shall not identify individual Users unless required for service administration purposes. ________________________________________ 96. Reservation of Rights 96.1 All rights not expressly granted to the User are reserved by the Provider. 96.2 No licence shall arise by implication, estoppel or otherwise. 96.3 The User acknowledges that access to the Services does not confer ownership of the Services. 97. Third-Party Intellectual Property 97.1 Certain components of the Services may incorporate technology owned by third parties. 97.2 Ownership of such Intellectual Property Rights shall remain vested in the relevant third-party owner. 97.3 Users shall comply with any applicable third-party licensing requirements. 97.4 The Provider shall not be responsible for breaches of third-party licensing obligations by Users. 98. Protection of Proprietary Technology 98.1 Users acknowledge that the Services contain valuable proprietary technology and confidential know-how. 98.2 Users shall not: (a) attempt to access protected source code; (b) extract proprietary processes; (c) replicate system architecture; (d) copy workflows; (e) use automated tools to harvest proprietary information; or (f) undertake activities designed to compete unfairly with InvoiceREF. 98.3 Any unauthorised use of proprietary technology shall constitute a material breach of these Terms. 99. Enforcement Rights 99.1 The Provider may take any action it considers reasonably necessary to protect its Intellectual Property Rights. 99.2 Such action may include: (a) suspension of access; (b) termination of Accounts; (c) legal proceedings; (d) injunctive relief; (e) claims for damages; and (f) recovery of costs. 99.3 Users acknowledge that unauthorised use of Intellectual Property Rights may cause irreparable harm to the Provider. 100. User Acknowledgement Regarding Intellectual Property 100.1 The User acknowledges and agrees that: (a) the Services contain valuable proprietary technology; (b) access does not confer ownership; (c) Intellectual Property Rights remain vested in the Provider; (d) feedback may be incorporated into future developments; (e) AI functionality contains proprietary methodologies; and (f) unauthorised use may result in legal action. 100.2 The User agrees to respect and protect the Intellectual Property Rights of the Provider and its licensors throughout the duration of these Terms and thereafter. PART 11 – ACCEPTABLE USE, PROHIBITED ACTIVITIES, FRAUD PREVENTION, ANTI-MONEY LAUNDERING, SANCTIONS COMPLIANCE AND PLATFORM INTEGRITY 101. Acceptable Use 101.1 The Services shall be used only for lawful business purposes. 101.2 Users shall ensure that all use of the Services: (a) complies with Applicable Law; (b) complies with these Terms; (c) respects the rights of third parties; (d) protects the integrity of the Services; and (e) does not expose the Provider, the InvoiceREF brand or other Users to unreasonable legal, regulatory, security or reputational risk. 101.3 Users remain solely responsible for all activities undertaken through their Accounts. 102. Prohibited Activities 102.1 Users shall not use the Services: (a) for unlawful purposes; (b) for fraudulent purposes; (c) to facilitate criminal activity; (d) to facilitate money laundering; (e) to facilitate tax evasion; (f) to facilitate sanctions evasion; (g) to facilitate terrorist financing; (h) to create false records; (i) to generate misleading invoices; (j) to impersonate individuals or organisations; (k) to deceive customers or counterparties; (l) to misrepresent transactions; (m) to submit false information; (n) to interfere with the Services; or (o) in any manner prohibited by Applicable Law. 102.2 Any breach of this clause shall constitute a material breach of these Terms. 103. Fraudulent Invoices 103.1 Users shall not create, issue or store invoices which: (a) relate to fictitious transactions; (b) contain knowingly false information; (c) misrepresent goods supplied; (d) misrepresent services performed; (e) contain fabricated payment obligations; (f) are intended to deceive third parties; or (g) are otherwise unlawful. 103.2 The Provider reserves the right to suspend Accounts where fraudulent invoicing activity is suspected. 103.3 The Provider may cooperate with law enforcement agencies, regulatory authorities and other competent bodies where fraud is suspected. 104. Anti-Money Laundering 104.1 Users shall not use the Services to facilitate money laundering or related criminal conduct. 104.2 Users shall ensure that use of the Services complies with all applicable anti-money laundering legislation and requirements. 104.3 The Provider may monitor activity patterns for indicators of potentially suspicious activity. 104.4 The Provider may suspend, restrict or terminate access where suspicious activity is identified. 104.5 The Provider shall have no obligation to disclose the basis of any anti-money laundering investigation where doing so may be unlawful or inappropriate. 105. Sanctions Compliance 105.1 Users warrant that they are not: (a) subject to applicable sanctions restrictions; (b) owned or controlled by sanctioned persons; (c) acting on behalf of sanctioned persons; or (d) using the Services in breach of sanctions laws. 105.2 Users shall not use the Services to facilitate transactions prohibited by applicable sanctions legislation. 105.3 The Provider may suspend or terminate access where sanctions concerns arise. 105.4 The Provider may undertake screening and verification activities where reasonably necessary. 106. Tax Evasion and Criminal Facilitation 106.1 Users shall not use the Services to: (a) facilitate tax evasion; (b) conceal taxable income; (c) falsify accounting records; (d) misrepresent taxable transactions; or (e) support unlawful tax arrangements. 106.2 The Provider maintains a zero-tolerance approach to criminal facilitation of tax evasion. 106.3 The Provider may report suspected unlawful conduct to relevant authorities where permitted or required by law. 107. False or Misleading Information 107.1 Users shall not knowingly provide false, inaccurate or misleading information to the Provider. 107.2 Users shall promptly correct information that becomes inaccurate. 107.3 The Provider may rely upon information provided by Users without independent verification. 107.4 Users shall remain responsible for consequences arising from inaccurate information supplied by them. 108. Harmful Content and Conduct 108.1 Users shall not upload, transmit, distribute or store content that: (a) is unlawful; (b) is defamatory; (c) is threatening; (d) is abusive; (e) is discriminatory; (f) is obscene; (g) infringes intellectual property rights; (h) contains malware; or (i) otherwise creates legal or regulatory risk. 108.2 The Provider may remove content that it reasonably believes breaches this clause. 109. Security and Technical Abuse 109.1 Users shall not: (a) introduce malicious code; (b) distribute viruses; (c) interfere with system security; (d) test vulnerabilities without authorisation; (e) circumvent access controls; (f) undertake denial-of-service activities; (g) attempt unauthorised access; or (h) otherwise compromise the security of the Services. 109.2 Any such activity shall constitute a material breach of these Terms. 110. Automated Access Restrictions 110.1 Users shall not use automated tools, bots, scripts or scraping technologies to access the Services except where expressly authorised. 110.2 The Provider may restrict, suspend or block access where automated activity adversely affects platform performance or security. 110.3 The Provider reserves the right to implement technical controls to prevent unauthorised automated access. 111. Fair Usage 111.1 Users shall use the Services in a fair and reasonable manner. 111.2 The Provider may introduce fair usage limits relating to: (a) invoice volumes; (b) storage; (c) AI usage; (d) API usage; (e) integrations; or (f) other service components. 111.3 Where fair usage limits are exceeded, the Provider may: (a) restrict access; (b) require migration to an alternative subscription plan; (c) impose usage charges; or (d) suspend access until usage returns to acceptable levels. 112. Monitoring and Investigations 112.1 The Provider may monitor use of the Services for purposes including: (a) security; (b) fraud prevention; (c) service integrity; (d) regulatory compliance; (e) operational management; and (f) investigation of suspected breaches. 112.2 Monitoring shall be conducted in accordance with Applicable Law and the Privacy Policy. 112.3 Users acknowledge that monitoring may occur without specific notice where reasonably necessary. 113. Cooperation with Authorities 113.1 The Provider may cooperate with: (a) law enforcement agencies; (b) regulatory authorities; (c) courts; (d) government bodies; and (e) other competent authorities where required or permitted by law. 113.2 The Provider may disclose information where reasonably necessary to: (a) comply with legal obligations; (b) protect users; (c) prevent fraud; (d) investigate unlawful conduct; or (e) protect the integrity of the Services. 114. Platform Integrity 114.1 Users shall not engage in conduct that may: (a) damage the reputation of the Provider or the InvoiceREF brand; (b) undermine trust in the Services; (c) interfere with service operation; (d) expose the Provider to regulatory risk; or (e) harm other Users. 114.2 The Provider may take action where it reasonably considers platform integrity is at risk. 115. Right to Restrict or Refuse Service 115.1 The Provider reserves the right to: (a) refuse registration; (b) suspend Accounts; (c) restrict functionality; (d) remove content; (e) terminate Accounts; or (f) decline access to specific features where it reasonably believes such action is necessary to protect: (i) Users; (ii) the Services; (iii) legal compliance; (iv) regulatory compliance; (v) security; or (vi) business interests. 115.2 The Provider shall not be liable for losses arising from lawful exercise of its rights under this clause. 116. User Acknowledgement Regarding Acceptable Use 116.1 The User acknowledges and agrees that: (a) the Provider operates the Services within legal and regulatory frameworks; (b) misuse of the Services may result in immediate suspension; (c) unlawful activity may be reported to authorities; (d) monitoring may occur for legitimate purposes; (e) fraud prevention controls may be applied; and (f) the Provider may take protective action without prior notice where reasonably necessary. 116.2 The User accepts that the Provider must maintain the integrity, security and lawful operation of the Services and may take action accordingly. PART 12 – SERVICE AVAILABILITY, OPERATIONAL RESILIENCE, SECURITY, SUPPORT SERVICES, SUSPENSION, BUSINESS CONTINUITY AND DISASTER RECOVERY 117. Service Availability 117.1 The Provider shall use reasonable endeavours to make the Services available to Users. 117.2 The User acknowledges that the Services are provided via internet-based infrastructure and that uninterrupted availability cannot be guaranteed. 117.3 The Provider does not warrant that the Services shall: (a) be continuously available; (b) be error free; (c) be free from interruptions; (d) be free from defects; (e) be available at all times; or (f) operate without dependency upon Third-Party Services. 117.4 The Services are provided on an "as available" and "as is" basis. 118. Planned Maintenance 118.1 The Provider may undertake planned maintenance activities from time to time. 118.2 Planned maintenance may include: (a) software updates; (b) infrastructure upgrades; (c) security enhancements; (d) database maintenance; (e) performance improvements; and (f) service optimisation activities. 118.3 Where reasonably practicable, the Provider shall seek to schedule planned maintenance so as to minimise disruption. 118.4 The User acknowledges that temporary interruptions may occur during planned maintenance periods. ________________________________________ 119. Emergency Maintenance 119.1 The Provider may undertake emergency maintenance without prior notice where reasonably necessary to: (a) address security vulnerabilities; (b) prevent fraud; (c) address system instability; (d) protect Customer Data; (e) maintain service integrity; or (f) comply with legal or regulatory obligations. 119.2 The Provider shall not be liable for service interruptions resulting from emergency maintenance activities. 120. Operational Resilience 120.1 The Provider shall maintain operational processes designed to support the resilience of the Services. 120.2 Such processes may include: (a) monitoring systems; (b) backup procedures; (c) disaster recovery arrangements; (d) incident management procedures; (e) change management processes; (f) cybersecurity controls; and (g) supplier oversight activities. 120.3 The Provider reserves the right to modify its operational arrangements as technology, risks and business requirements evolve. 121. Third-Party Dependencies 121.1 The Services depend upon Third-Party Services and infrastructure. 121.2 Such dependencies may include: (a) cloud hosting providers; (b) telecommunications providers; (c) internet service providers; (d) Open Banking providers; (e) payment providers; (f) AI providers; (g) integration partners; and (h) software suppliers. 121.3 The Provider shall not be liable for failures arising from Third-Party Services outside its reasonable control. 122. Security Controls 122.1 The Provider shall maintain reasonable technical and organisational measures designed to protect the Services. 122.2 Such measures may include: (a) access management controls; (b) encryption controls; (c) monitoring tools; (d) security testing; (e) vulnerability management; (f) authentication controls; (g) logging and audit controls; and (h) incident response procedures. 122.3 The User acknowledges that no security system can eliminate all risks. 123. Cybersecurity Events 123.1 The Provider may take action to protect the Services where cybersecurity threats arise. 123.2 Such action may include: (a) suspending functionality; (b) restricting access; (c) disabling integrations; (d) requiring password resets; (e) introducing additional authentication controls; or (f) undertaking emergency maintenance. 123.3 The Provider shall not be liable for disruption arising from reasonable actions taken to protect the Services. 124. User Security Obligations 124.1 Users shall: (a) maintain secure credentials; (b) protect authorised devices; (c) prevent unauthorised access; (d) maintain appropriate security controls within their organisation; (e) report suspected security incidents promptly; and (f) cooperate with reasonable security investigations. 124.2 Users shall be responsible for activity undertaken using their Accounts unless arising solely from the Provider’s negligence, breach of these Terms or failure to maintain reasonable security controls. 125. Technical Support 125.1 The Provider may provide support services in connection with the Services. 125.2 Support may be provided through: (a) email; (b) online help facilities; (c) documentation; (d) FAQs; (e) AI-assisted support; and (f) other channels determined by the Provider. 125.3 The Provider does not guarantee: (a) specific response times; (b) specific resolution times; (c) continuous support availability; or (d) availability of support outside published support arrangements. 126. Service Improvements 126.1 The Provider may introduce improvements to the Services at any time. 126.2 Improvements may include: (a) new functionality; (b) interface changes; (c) performance enhancements; (d) security improvements; (e) AI enhancements; and (f) infrastructure improvements. 126.3 Users acknowledge that such changes may alter the appearance or operation of the Services. 127. Service Suspension 127.1 The Provider may suspend all or part of the Services where reasonably necessary: (a) to maintain security; (b) to prevent fraud; (c) to protect Customer Data; (d) to investigate misuse; (e) to comply with legal obligations; (f) to comply with regulatory obligations; (g) to undertake maintenance; or (h) to protect the integrity of the Services. 127.2 Suspension may occur without prior notice where immediate action is reasonably necessary. 127.3 The Provider shall not be liable for losses arising from lawful suspension of the Services. 128. Incident Management 128.1 The Provider shall maintain procedures for managing operational incidents. 128.2 Operational incidents may include: (a) service outages; (b) cyber incidents; (c) infrastructure failures; (d) data incidents; (e) integration failures; and (f) supplier disruptions. 128.3 The Provider may prioritise incident response activities according to severity and operational impact. 129. Business Continuity 129.1 The Provider shall maintain arrangements intended to support continuation of critical operations during disruptive events. 129.2 Such arrangements may include: (a) backup systems; (b) alternative infrastructure arrangements; (c) recovery procedures; (d) supplier contingency arrangements; and (e) operational resilience planning. 129.3 Business continuity arrangements are intended to mitigate disruption but do not guarantee uninterrupted service availability. 130. Disaster Recovery 130.1 The Provider may maintain disaster recovery procedures designed to restore Services following major disruptions. 130.2 Recovery activities may prioritise restoration of critical functionality before non-critical functionality. 130.3 The Provider does not guarantee restoration within any specific timeframe unless otherwise agreed in writing. 131. Force Majeure Events 131.1 Service availability may be affected by events beyond the Provider's reasonable control. 131.2 Such events may include: (a) natural disasters; (b) severe weather events; (c) fire; (d) flood; (e) terrorism; (f) cyber attacks; (g) utility failures; (h) internet failures; (i) industrial disputes; (j) governmental actions; and (k) failures affecting critical suppliers. 131.3 The Provider shall not be liable for failure or delay caused by Force Majeure Events. 132. Service Availability Disclaimer 132.1 The User acknowledges and agrees that: (a) uninterrupted availability cannot be guaranteed; (b) technology failures may occur; (c) internet-based services involve inherent risks; (d) Third-Party Service failures may affect the Services; (e) maintenance activities may be necessary; and (f) operational incidents may occasionally occur. 132.2 The User agrees to maintain appropriate business continuity arrangements and backups where necessary for its own business operations. 133. No Service Level Agreement 133.1 Unless expressly agreed in writing, no service level agreement ("SLA") shall apply to the Services. 133.2 Nothing in these Terms shall be interpreted as creating any obligation to achieve: (a) specific uptime levels; (b) specific response times; (c) specific recovery times; or (d) specific performance metrics. 133.3 The Provider may introduce subscription-specific service commitments in the future through separate contractual arrangements. ________________________________________ 134. User Acknowledgement Regarding Availability and Resilience 134.1 The User acknowledges and agrees that: (a) the Services rely upon technology infrastructure; (b) interruptions may occur from time to time; (c) security controls cannot eliminate all risks; (d) operational incidents are inherent in online services; (e) business continuity arrangements reduce but do not eliminate disruption; and (f) the Provider has no obligation to provide uninterrupted service availability. 134.2 The User accepts the operational risks associated with use of cloud-based software services to the fullest extent permitted by law. PART 13 – SUSPENSION, TERMINATION, ACCOUNT CLOSURE, POST-TERMINATION RIGHTS, DATA ACCESS AND CONSEQUENCES OF TERMINATION 135. Suspension Rights 135.1 The Provider may suspend all or part of the Services, an Account, or specific functionality where it reasonably considers suspension necessary. 135.2 Circumstances in which suspension may occur include: (a) breach of these Terms; (b) suspected fraud; (c) suspected unlawful activity; (d) suspected money laundering activity; (e) sanctions concerns; (f) security incidents; (g) attempted unauthorised access; (h) misuse of AI Services; (i) misuse of Open Banking Services; (j) failure to pay Fees; (k) regulatory concerns; (l) legal obligations; (m) protection of Customer Data; (n) protection of other Users; or (o) protection of the Services. 135.3 The Provider may suspend access without prior notice where immediate action is reasonably necessary. 135.4 The Provider shall not be liable for losses arising from lawful suspension of access. 136. Temporary Restrictions 136.1 As an alternative to full suspension, the Provider may impose temporary restrictions. 136.2 Restrictions may include: (a) limiting AI functionality; (b) limiting Open Banking functionality; (c) restricting exports; (d) restricting integrations; (e) limiting invoice volumes; (f) restricting API access; or (g) requiring additional verification. 136.3 The Provider may remove such restrictions once concerns have been resolved. 137. User Termination Rights 137.1 The Customer may terminate its Subscription at any time through the methods made available by the Provider. 137.2 Termination shall not entitle the Customer to a refund except where required by Applicable Law. 137.3 Cancellation of a Subscription shall take effect at the end of the current Subscription Term unless otherwise specified. 137.4 The Customer remains responsible for all Fees accrued prior to termination. 138. Provider Termination Rights 138.1 The Provider may terminate these Terms immediately upon written notice where: (a) the User commits a material breach; (b) the User commits repeated breaches; (c) fraudulent activity is identified; (d) unlawful activity is identified; (e) payment obligations remain outstanding; (f) sanctions concerns arise; (g) continued provision of Services would expose the Provider to legal or regulatory risk; or (h) continued provision of Services becomes impracticable. 138.2 The Provider may also terminate the Services generally upon reasonable notice. 139. Non-Payment 139.1 Where Fees remain unpaid, the Provider may: (a) suspend access; (b) restrict functionality; (c) prevent creation of new invoices; (d) prevent exports; (e) terminate the Subscription; and (f) pursue recovery of outstanding amounts. 139.2 The Provider may charge reasonable recovery costs where permitted by law. 139.3 Outstanding payment obligations shall survive termination. 140. Effect of Termination 140.1 Upon termination or expiry: (a) the User's licence to use the Services shall cease; (b) access rights may be withdrawn; (c) subscription benefits shall end; (d) integrations may cease operating; and (e) AI functionality may cease operating. 140.2 Termination shall not affect accrued rights or liabilities existing prior to termination. 141. Access Following Termination 141.1 The Provider may, at its discretion, permit limited post-termination access for a defined period. 141.2 Such access may be provided solely for: (a) retrieval of Customer Data; (b) export of records; (c) account administration; or (d) compliance purposes. 141.3 The Provider shall have no obligation to provide ongoing access following termination. 142. Data Export Following Termination 142.1 Subject to payment of all Fees and compliance with these Terms, Users may request export of Customer Data following termination. 142.2 The Provider may determine: (a) available export formats; (b) export methods; (c) technical requirements; and (d) timeframes for provision. 142.3 The Provider may refuse export requests where: (a) legal restrictions apply; (b) regulatory restrictions apply; (c) fraud concerns exist; (d) sanctions concerns exist; or (e) disclosure would be unlawful. 143. Deletion of Data Following Termination 143.1 Customer Data may be deleted following termination. 143.2 The Provider shall not be obliged to retain Customer Data indefinitely. 143.3 The Provider may retain Customer Data where necessary for: (a) legal compliance; (b) regulatory compliance; (c) dispute resolution; (d) fraud prevention; (e) audit requirements; (f) enforcement of rights; or (g) security purposes. 143.4 Retention shall be subject to Part 9 of these Terms. 144. Abandoned Accounts 144.1 The Provider may treat Accounts as inactive where they have not been accessed for a prolonged period. 144.2 The Provider may contact Users before taking action regarding inactive Accounts. 144.3 The Provider may archive, restrict or close inactive Accounts where reasonably necessary. 145. Survival of Clauses 145.1 The following provisions shall survive termination or expiry: (a) Intellectual Property Rights provisions; (b) confidentiality obligations; (c) limitation of liability provisions; (d) indemnity provisions; (e) data retention provisions; (f) dispute resolution provisions; (g) governing law provisions; and (h) any provisions intended by their nature to survive termination. 145.2 Survival shall continue for as long as reasonably necessary to give effect to the relevant provision. 146. Reinstatement 146.1 The Provider may, at its discretion, permit reinstatement of suspended or terminated Accounts. 146.2 Reinstatement may be subject to: (a) payment of outstanding Fees; (b) verification procedures; (c) remediation of breaches; (d) acceptance of updated Terms; and (e) any other reasonable requirements. 146.3 The Provider shall have no obligation to reinstate any Account. 147. Regulatory and Legal Holds 147.1 The Provider may preserve Accounts and Customer Data beyond normal retention periods where required: (a) by court order; (b) by law enforcement agencies; (c) by regulatory authorities; (d) by legal proceedings; or (e) to establish, exercise or defend legal rights. 147.2 Users acknowledge that such preservation may delay deletion requests. 148. Business Closure and Service Discontinuation 148.1 The Provider reserves the right to discontinue the Services. 148.2 Where reasonably practicable, the Provider shall provide notice of discontinuation. 148.3 The Provider may make Customer Data available for export for a reasonable period following notice of discontinuation. 148.4 Nothing in these Terms obliges the Provider to continue operating the Services indefinitely. 149. No Compensation for Termination 149.1 Except where required by Applicable Law, the Provider shall not be liable to compensate Users for: (a) termination of access; (b) suspension of access; (c) withdrawal of functionality; (d) discontinuation of integrations; (e) discontinuation of AI Services; or (f) discontinuation of Open Banking Services. 149.2 Users acknowledge that the Services may evolve over time and functionality may be withdrawn. 150. User Acknowledgement Regarding Termination 150.1 The User acknowledges and agrees that: (a) the Provider must retain discretion to protect the Services; (b) suspension may occur without notice where necessary; (c) termination may occur for serious breaches; (d) access to the Services is conditional upon compliance with these Terms; (e) Customer Data may not remain available indefinitely following termination; and (f) certain legal obligations may require continued retention of information. 150.2 The User agrees that the rights granted to the Provider under this Part are reasonable and necessary for operation of the Services and protection of Users, partners, regulators and the wider platform ecosystem. PART 14 – WARRANTIES, DISCLAIMERS, LIMITATION OF LIABILITY AND INDEMNITIES 151. Service Warranty 151.1 The Provider warrants that it has the legal right and authority to provide the Services. 151.2 Subject to the terms of this Agreement, the Provider shall use reasonable skill and care in providing the Services. 151.3 Except as expressly stated in this Agreement, no representations, warranties, guarantees or conditions are given in relation to the Services. 152. Exclusion of Implied Terms 152.1 To the fullest extent permitted by Applicable Law, all warranties, conditions, representations and other terms implied by statute, common law or otherwise are excluded. 152.2 Without limitation, the Provider excludes any implied warranties relating to: (a) merchantability; (b) satisfactory quality; (c) fitness for a particular purpose; (d) non-infringement; (e) accuracy; (f) completeness; (g) compatibility; and (h) uninterrupted availability. 152.3 The User acknowledges that it has not relied upon any representation not expressly contained within this Agreement. 153. Services Provided "As Available" 153.1 The Services are provided on an "as available" and "as is" basis. 153.2 The Provider does not warrant that: (a) the Services will meet all User requirements; (b) the Services will be uninterrupted; (c) the Services will be error free; (d) defects will always be corrected; (e) outputs generated by the Services will be accurate; or (f) the Services will be suitable for any particular business purpose. 154. Business Outcomes Disclaimer 154.1 The Provider does not warrant or guarantee: (a) business success; (b) increased revenue; (c) invoice payment outcomes; (d) debt recovery outcomes; (e) improved cashflow; (f) customer payment behaviour; (g) profitability; or (h) commercial performance. 154.2 The User acknowledges that business outcomes are influenced by factors beyond the control of the Provider. 155. Tax and VAT Disclaimer 155.1 The Provider is not a tax adviser. 155.2 The Provider does not provide tax advice. 155.3 The Provider does not guarantee: (a) tax compliance; (b) VAT compliance; (c) correctness of VAT treatment; (d) correctness of tax calculations; (e) compliance with HMRC requirements; (f) compliance with Making Tax Digital requirements; or (g) suitability of any tax-related information. 155.4 Responsibility for all tax decisions remains solely with the User. 156. AI Disclaimer 156.1 AI Services are provided solely as assistance tools. 156.2 AI outputs may: (a) be inaccurate; (b) be incomplete; (c) be misleading; (d) contain outdated information; (e) contain hallucinations; (f) contain errors of judgement; or (g) be unsuitable for the User's circumstances. 156.3 AI outputs do not constitute: (a) legal advice; (b) tax advice; (c) accounting advice; (d) financial advice; (e) regulatory advice; or (f) professional advice of any kind. 156.4 Users must independently verify all AI-generated outputs. 156.5 Reliance upon AI outputs shall be entirely at the User's own risk. 157. Open Banking Disclaimer 157.1 Open Banking functionality depends upon third-party providers and participating financial institutions. 157.2 The Provider does not warrant: (a) availability of Open Banking functionality; (b) completeness of banking information; (c) accuracy of banking information; (d) uninterrupted connectivity; (e) bank participation; or (f) payment initiation outcomes. 157.3 Users acknowledge that regulated services may be delivered by third parties and not by the Provider. ________________________________________ 158. Integration Disclaimer 158.1 The Provider does not warrant that integrations with Third-Party Services will: (a) remain available; (b) remain compatible; (c) operate continuously; (d) import information correctly; or (e) export information correctly. 158.2 Users must independently verify all imported and exported information. 159. Security Disclaimer 159.1 Whilst the Provider maintains reasonable security measures, no electronic system can be completely secure. 159.2 The Provider does not guarantee protection against: (a) cyber attacks; (b) unauthorised access; (c) malware; (d) service disruptions; (e) infrastructure failures; or (f) internet-related risks. 159.3 Users acknowledge the inherent risks associated with internet-based services. 160. User Responsibility 160.1 Users remain solely responsible for: (a) invoice accuracy; (b) customer information; (c) payment information; (d) VAT treatment; (e) tax compliance; (f) business decisions; (g) professional advice requirements; (h) regulatory compliance; and (i) decisions made using information generated through the Services. 160.2 The Provider shall not assume responsibility for matters that remain within the User's control. LIMITATION OF LIABILITY 161. Liability That Cannot Be Excluded 161.1 Nothing in this Agreement shall exclude or limit liability for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; (c) breach of obligations implied by law which cannot lawfully be excluded; or (d) any liability which cannot lawfully be excluded or limited under the laws of England and Wales. 162. Excluded Losses 162.1 Subject to clause 161, the Provider shall not be liable for: (a) loss of profit; (b) loss of revenue; (c) loss of business; (d) loss of anticipated savings; (e) loss of goodwill; (f) loss of reputation; (g) loss of opportunity; (h) loss of contracts; (i) loss of customers; (j) loss of data; (k) loss of use; (l) business interruption; (m) wasted management time; (n) indirect loss; (o) consequential loss; or (p) special loss, whether arising in contract, tort (including negligence), breach of statutory duty or otherwise. 163. Specific Exclusions 163.1 Without limitation to clause 162, the Provider shall not be liable for losses arising from: (a) AI-generated outputs; (b) VAT errors; (c) tax errors; (d) accounting errors; (e) Open Banking failures; (f) bank failures; (g) payment provider failures; (h) Third-Party Service failures; (i) integration failures; (j) import or export errors; (k) internet outages; (l) cyber incidents beyond reasonable control; (m) User errors; (n) inaccurate Customer Data; or (o) misuse of the Services. 164. Liability Cap 164.1 Subject to clause 161, the total aggregate liability of the Provider arising under or in connection with the Services shall not exceed the greater of: (a) one hundred pounds sterling (£100); or (b) the total Fees paid by the Customer during the twelve (12) months immediately preceding the event giving rise to the claim. 164.2 This limitation shall apply regardless of: (a) the number of claims; (b) the legal basis of any claim; or (c) the form of action. 165. Time Limitation for Claims 165.1 No claim arising from or connected with the Services may be brought more than twelve (12) months after the date on which the User became aware, or ought reasonably to have become aware, of the circumstances giving rise to the claim. 165.2 This clause shall apply to the fullest extent permitted by law. INDEMNITIES 166. Customer Indemnity 166.1 The Customer shall indemnify, defend and hold harmless the Provider, its officers, directors, employees, contractors, licensors and partners from and against all losses, liabilities, claims, damages, costs and expenses arising from: (a) breach of these Terms; (b) unlawful use of the Services; (c) fraudulent activity; (d) tax non-compliance by the Customer or any User; (e) VAT non-compliance by the Customer or any User; (f) infringement of third-party rights by the Customer or any User; (g) Customer Data supplied by the User; (h) User Content; (i) misuse of AI Services; (j) misuse of Open Banking Services; or (k) negligent acts or omissions of the User. 166.2 Recoverable costs shall include reasonable legal and professional costs. 167. Third-Party Claims 167.1 Where a third-party claim arises from the Customer’s or any User’s use of the Services, the Provider may: (a) defend the claim; (b) settle the claim; (c) require cooperation from the Customer and relevant Users; and (d) recover costs from the Customer to the extent permitted under this Agreement. 167.2 The Customer and relevant Users shall provide reasonable assistance in relation to such claims. 168. Regulatory Investigations 168.1 The Customer shall indemnify the Provider against losses arising from regulatory investigations caused by: (a) misconduct by the Customer or any User; (b) inaccurate information supplied by the Customer or any User; (c) unlawful activity; (d) fraudulent invoicing; or (e) breach of Applicable Law by the Customer or any User. 169. Mitigation 169.1 Each party shall take reasonable steps to mitigate losses arising from any claim. 169.2 Failure to mitigate may reduce recoverable losses to the extent permitted by law. 170. User Acknowledgement Regarding Liability 170.1 The Customer acknowledges and agrees that: (a) the Fees charged for the Services reflect the allocation of risk contained within this Agreement; (b) the Provider could not provide the Services on the same commercial basis without these limitations; (c) the limitations contained within this Part are fair and reasonable; and (d) the Customer has had the opportunity to obtain independent legal advice before accepting these Terms. 170.2 The limitations, exclusions and indemnities contained within this Part shall survive termination of this Agreement. PART 15 – GENERAL LEGAL PROVISIONS, NOTICES, ASSIGNMENT, FORCE MAJEURE, CHANGES TO TERMS, GOVERNING LAW AND JURISDICTION 171. Relationship of the Parties 171.1 Nothing in these Terms shall create or be deemed to create: (a) a partnership; (b) a joint venture; (c) an agency relationship; (d) an employment relationship; or (e) a fiduciary relationship between the parties. 171.2 The Customer shall not hold itself out as having authority to bind the Provider. 172. Independent Contractor Status 172.1 The Provider provides the Services as an independent contractor. 172.2 Nothing in these Terms shall restrict the Provider from providing services to other customers, including businesses that may operate in the same market sectors as the Customer. 173. Entire Agreement 173.1 These Terms, together with: (a) the Privacy Policy; (b) any applicable subscription terms; (c) any applicable Open Banking terms; (d) any applicable AI Usage Policy; (e) any applicable service-specific terms; and (f) any documents expressly incorporated by reference, constitute the entire agreement between the parties. 173.2 These Terms supersede all prior agreements, discussions, negotiations, representations and understandings relating to the Services. 173.3 The User acknowledges that it has not relied upon any statement, representation or promise not expressly contained within this Agreement. 174. Variation of Terms 174.1 The Provider may amend these Terms from time to time. 174.2 Amendments may be made to reflect: (a) legal developments; (b) regulatory developments; (c) operational requirements; (d) security requirements; (e) technological developments; (f) product enhancements; (g) AI developments; (h) Open Banking developments; or (i) business requirements. 174.3 Material changes shall be communicated through: (a) email; (b) the InvoiceREF website; (c) the InvoiceREF application; or (d) other reasonable communication channels. 174.4 Unless a shorter period is required by Applicable Law, regulatory obligations, security requirements or urgent operational necessity, material changes shall take effect not less than fourteen (14) days after notice is given. 174.5 Continued use of the Services following the effective date of amended Terms shall constitute acceptance of the amended Terms. 174.6 If the Customer does not accept a material amendment, the Customer may terminate the Services before the amendment takes effect. 175. Service-Specific Terms 175.1 The Provider may introduce additional terms governing: (a) AI Services; (b) Open Banking Services; (c) accounting integrations; (d) API services; (e) premium features; (f) enterprise services; and (g) future functionality. 175.2 Such terms shall apply only to the relevant services. 175.3 In the event of inconsistency, service-specific terms shall prevail in relation to the relevant service. 176. Assignment by the Provider 176.1 The Provider may assign, transfer, novate, subcontract or otherwise deal with its rights and obligations under these Terms. 176.2 Such assignment may occur in connection with: (a) corporate restructuring; (b) investment activity; (c) acquisition; (d) merger; (e) business sale; or (f) operational outsourcing. 176.3 The Customer hereby consents to any assignment permitted under this clause. 177. Assignment by the User 177.1 The Customer may not assign, transfer, novate, subcontract or otherwise dispose of its rights or obligations under these Terms without the prior written consent of the Provider. 177.2 Any attempted assignment in breach of this clause shall be void. 178. Subcontracting 178.1 The Provider may use subcontractors, suppliers, partners and service providers in connection with provision of the Services. 178.2 Such providers may include: (a) cloud providers; (b) AI providers; (c) Open Banking providers; (d) payment providers; (e) software suppliers; (f) support providers; and (g) professional advisers. 178.3 The Provider shall remain responsible for management of such providers to the extent required by Applicable Law. 179. Notices 179.1 Notices to the Provider shall be sent to the contact details published on the InvoiceREF website unless otherwise notified. 179.2 Notices to Users may be sent via: (a) email; (b) application notifications; (c) website notices; or (d) other contact information provided by the User. 179.3 Notices shall be deemed received: (a) where sent by email, on the date of transmission unless returned undelivered; (b) where posted on the application or website, on the date published; and (c) where delivered by post, two Business Days after posting within the United Kingdom. 180. Waiver 180.1 Failure or delay by either party in exercising any right shall not constitute a waiver of that right. 180.2 A waiver shall only be effective if made in writing. 180.3 A waiver of one breach shall not constitute a waiver of any subsequent breach. 181. Severability 181.1 If any provision of these Terms is found by a court or competent authority to be invalid, unlawful or unenforceable, that provision shall be deemed severed. 181.2 The remaining provisions shall continue in full force and effect. 181.3 Where possible, any invalid provision shall be interpreted so as to preserve its intended commercial effect. 182. Third Party Rights 182.1 Except as expressly stated otherwise, no person who is not a party to these Terms shall have any right to enforce any provision under the Contracts (Rights of Third Parties) Act 1999. 182.2 This clause does not affect any right or remedy available independently of that Act. 183. Force Majeure 183.1 The Provider shall not be liable for failure or delay in performance caused by circumstances beyond its reasonable control. 183.2 Such circumstances may include: (a) natural disasters; (b) severe weather; (c) flood; (d) fire; (e) terrorism; (f) cyber attacks; (g) utility failures; (h) internet outages; (i) industrial disputes; (j) governmental actions; (k) public health emergencies; (l) supplier failures; and (m) failures of critical infrastructure. 183.3 The Provider may suspend performance during the continuation of a Force Majeure Event. 183.4 The Provider may terminate affected Services where a Force Majeure Event continues for a prolonged period. 184. Regulatory Changes 184.1 The Provider may take actions reasonably necessary to comply with: (a) Applicable Law; (b) regulatory guidance; (c) FCA requirements; (d) HMRC requirements; (e) data protection requirements; (f) Open Banking standards; and (g) industry standards. 184.2 Such actions may include: (a) modifying Services; (b) restricting functionality; (c) introducing additional controls; (d) suspending Services; or (e) updating these Terms. 184.3 The Provider shall not be liable for changes required to comply with legal or regulatory obligations. 185. Publicity 185.1 Unless otherwise agreed in writing, neither party shall issue public statements suggesting endorsement by the other party. 185.2 The Provider may identify the Customer as a customer only with the Customer’s prior consent. 185.3 Customer testimonials, case studies and endorsements shall require express permission. 186. Electronic Communications 186.1 The User agrees that communications may be provided electronically. 186.2 Electronic communications may satisfy legal requirements for written communications where permitted by Applicable Law. 186.3 Users are responsible for maintaining current contact information. 187. Record Keeping 187.1 The Provider may maintain records relating to: (a) acceptance of these Terms; (b) user activity; (c) subscription history; (d) support interactions; (e) security events; and (f) compliance activities. 187.2 Such records may be relied upon as evidence of events and activities relating to the Services. 188. Language 188.1 These Terms are drafted in the English language. 188.2 Any translations are provided for convenience only. 188.3 In the event of inconsistency, the English language version shall prevail. 189. Governing Law 189.1 These Terms and any dispute or claim arising out of or in connection with them shall be governed by and construed in accordance with the laws of England and Wales. 189.2 Any non-contractual obligations arising out of or connected with these Terms shall also be governed by the laws of England and Wales. 190. Jurisdiction 190.1 The courts of England and Wales shall have exclusive jurisdiction to hear and determine any dispute, claim or proceeding arising out of or in connection with these Terms. 190.2 Each party irrevocably submits to the exclusive jurisdiction of the courts of England and Wales. 191. Contact Information 191.1 The Services are operated by: 3H Foundry Limited (trading as InvoiceREF) Company Number: 16724773 Registered Office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ Website: www.invoiceref.com Email: founders@invoiceref.com 191.2 Customers and Users may contact the Provider using the contact details published from time to time. 192. User Acknowledgement 192.1 By creating an Account, commencing a Free Trial, subscribing to the Services or otherwise using the Services, the Customer confirms that: (a) it has read these Terms; (b) it understands these Terms; (c) it agrees to be bound by these Terms; (d) it has authority to enter into these Terms and, where applicable, to authorise Users to access the Services; (e) it is using the Services for business purposes; and (f) it accepts the allocation of responsibilities and risks contained within these Terms. 192.2 The Customer further acknowledges that it has had the opportunity to obtain independent legal, tax, accounting and professional advice before accepting these Terms.