Table of Contents
Welcome to XaaS! We can’t wait to XaaSify you, but before we can, we need you to accept our terms and conditions (don’t worry we’re not going to steal your goldfish’s soul or anything like that). We have done our best to not use jargon (other than XaaSy terms obviously as they’re fun) and have tried to make it clear you can expect from us and likewise us from you.
If for some reason you are not comfortable agreeing to them, I’m afraid you won’t be able to use our services, however we’d love to still hear from you so we can have the chance to fix what doesn’t work for you.
If you want to clarify anything, shoot the proverbial breeze or suggest something fun (or serious too if you have to), you can reach out to us by visiting our Contact page; emailing us on email@example.com; or by clicking feedback link in our platform.
Being a XaaS Customer
The section below outlines the key concepts of being a XaaS customer, whether you pay for our services or not.
- You and XaaS: When we say you or your, we mean you and any company you are authorised to represent. When we say XaaS Ltd, we, our or us, we are talking about XaaS Ltd, a company incorporated in England and Wales with registered number 13400578 whose registered office is at 71 – 75 Shelton Street, Covent Garden, London, WC2H 9JQ.
- Our services: Our services consist of any websites and products that we offer and all services we provide, as well as any other apps or services we may offer (for example training).
- Creating a Company: The first person in your company that creates a XaaS account specifies the company they work for; this creates your company on our system. They become the company owner on our XaaS services.
- Company Owner Role: Company owners are initially responsible for adding Invited Users, be those users administrators, standard users or read only. If you are a paying customer, the company owner is the person who is responsible for ensuring our services are paid for. As a company owner, you take responsibility for fully controlling how your account is managed and who can access it. It’s quite a big deal! For example:
- You can transfer being a company owner to someone else;
- You ultimately control access for all your users. It’s worth noting that a company owner cannot be deleted. You have responsibility for who’s invited to use our services, what kind of access the invited user has and deciding who in your company should be administrators. You can change or stop any user’s access at any time;
- You’re responsible for resolving any disputes with any invited users over accessing their account or what they can have access to; and
- You’re responsible for all your invited users’ activity
- User Roles and Access: If you are a company owner or an administrator, we expect you to understand the permissions you’re granting to invited users. If you do not understand this, either ask your company owner or have your company owner look in our FAQs or reach out to us to understand them better.
Just in case you aren’t sure, an administrator is someone with your company who has been given more privileged access so they can invite other users, change certain configurations and see data that a standard or read only user cannot see.
- Your Responsibilities: You need to update any information on our system that changes (including a current email address), or if the information is related to billing, you will need to let us know by dropping us a line either by visiting our Contact page or emailing us on firstname.lastname@example.org. Particularly because we are basing your cyberXcore on your data, you’re responsible for providing true, accurate and complete information and for verifying the accuracy of any information that you use from our services for your insurance or compliance obligations. To secure yourself, you are responsible for protecting your username and password from getting stolen or misused. Our service has minimum password standards but you must ensure that passwords are very strong and not easily guessable. The stronger the password the better! For more on security generally, check out our Security section.
- What we own: We own everything we’ve put into our services unless otherwise stated and excluding content clearly identified as owned by others. This includes rights in the design, compilation, and look and feel of our services. It also includes rights to all intellectual property such as but not limited to text, graphics, images, trademarks, audio, video, underlying code and software and other forms of information capable of being stored in a computer that appears on or forms part of our You agree not to copy, distribute, modify or make derivative works of any of our content or use any of our intellectual property rights in any way not expressly permitted by us.
- Promotional activities: From time to time we may create case studies and other promotional material. If appropriate, we will reach out to you to ask for your support, however, if you are not comfortable, we will make sure we don’t mention you by name. We may also include logos of companies using our services in our promotional material, for example, featuring on our website. By agreeing to these terms, you are allowing us to use yours, however we understand that some people might not be comfortable with that. If this is you, that is ok, you just need to tell us by contacting us by either visiting our Contact page or emailing us on email@example.com.
Our fees and your payment
If you are an Advance or Oversight customer, you will be paying for our services. We outline our terms for fees and payments below.
- XaaS Pricing Plans: We price our services at an annual rate, based on a 3 year renewal. We will invoice you for payment of our services annually, with one month’s notice in advance at renewal. After 3 years, we may update or amend our pricing plan. The terms of the pricing plan form part of these terms. As with any other changes to our terms, changes to the pricing plan won’t apply retrospectively and, if we make changes, we’ll make every effort to let you know..
- Taxes for your use of our services: We may collect geographical location information to determine your location, which may be used for tax purposes.
- Importance of timely payments: In order to continue accessing our services, you need to make timely payments. Fees are due within 14 days of the date of our invoice or otherwise in accordance with any credit terms agreed between us.
- Payment issues: If for any reason you cannot pay us, please contact to see if we can come to an agreement. If you don’t communicate with us or pay within the period set out above, we may have to suspend your access to our services and cancel any future services which have been ordered by, or otherwise arranged with, you.
Data use and privacy
It just isn’t possible to provide services to you without us holding your data. To be clear, we define data as “Collectively all information that you submit to XaaS Ltd via our Services. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws”.
- Use of data: When you enter or upload your data into our services, we don’t own that data but you grant us a licence to use, copy, transmit, store, analyse, and back up all data you submit to us through our services, including personal data of yourself and others, to: enable you to use our services; allow us to improve, develop and protect our services; create new services; communicate with you about your contract; and send you information we think may be of interest to you based on your marketing preferences.
- Use of personal data you enter about others: Our data processing terms may also apply to the personal data of others (such as personal data your customers, suppliers and employees) that you enter into XaaS depending on where those contacts are based.
- Anonymised statistical data: We will be publishing maturity information in the public domain. When we do this, we will only publish anonymised maturity broken down by company demographics such as number of employees, industry and company type. We will never publish the name of any company or user linked to that maturity or any other uniquely identifiable features.
We reserve the right to create other anonymised statistical data from your data and usage of our services, including through aggregation. Once anonymised, we may use it for our own purposes, such as to provide and improve our services, to develop new services or product offerings, to identify business trends, and for other uses we communicate to you.
- Data breach notifications: We believe in planning for the worst and so will carry out some monitoring on account and systems usage. Should we detect something suspicious, e.g. unauthorised access your XaaS account, we’ll let you know and give you information about what has happened. Depending on the specifics and the location of your affected data, you may be required to help us assess whether the unauthorised access must be reported to the contact and/or a relevant authority. Because you’ll have the best understanding and knowledge of your data, we think you’ll be our best resource to help us get clarity.
- Data processors and data controllers: We will be publishing maturity information in the public domain. When we do this, we will only publish anonymised maturity broken down by company demographics such as number of employees, industry and company type. We will never publish the name of any company or user linked to that maturity or any other uniquely identifiable features.
We reserve the right to create other anonymised statistical data from your data and usage of our services, including through aggregation. Once anonymised, we may use it for our own purposes, such as to provide and improve our services, to develop new services or product offerings, to identify business trends, and for other uses we communicate to you.
We take reasonable precautions to protect your confidential information and it’s only fair for us to expect that you’ll do the same for ours.
- Keeping it confidential: While using our services, you may share confidential information with us, and you could become aware of confidential information about us. Let’s agree to take reasonable steps to protect one another’s confidential information from being accessed by unauthorised individuals. However, if we need to, your or we may share each other’s confidential information with legal or regulatory authorities.
Security is important so we take it seriously and you should too! To help protect our services and your data, we offer added security features such as multi-factor authentication.
- Security safeguards: We’ve spent our time and money putting in place technical, physical and administrative safeguards (code, technologies and process) to help keep your data safe and secure, but we cannot guarantee absolute security (if we could we’d make A LOT of money…). If we have reason to believe that someone has accessed (or may be able to access) your account without authorisation we may contact you and may also restrict access to certain parts of our services until you verify that access was by an authorised user.
- Account security features: Security features such as multi-factor authentication may be introduced to make your account more secure. Depending on what services you are using and where you are in the world, we may require you to adopt some of these features (we know they sometimes seem like more work, but they are for everyone’s good so please bear with us). Sometimes we may make the use of security features optional. If this happens you’re responsible (meaning we’re not liable) for anything that happens if you’re not using those features. We strongly encourage you to use all optional security features (after all, every little helps and the more security the better).
- Playing your part to secure your data: Your login details are yours and so you have an important role in keeping your them safe, not letting any other person use them, and by making sure you access our services from systems that have strong security. If you realise (or suspect) there’s been any unauthorised use of your account or any breach of security to your password or email address linked to your account, you need to let us know immediately. We also need you to agree not to use free-form fields in any of XaaS’s systems or services to store personal data, user names or passwords, credit card details, or bank account details (unless it’s a field explicitly asking for personal data – like a first name or a last name).
Apps and third-party products
It’s in our plans to add an app or access to third-party products to xaasify you even more. With this in mind:
- Third-party products: At some point, we may link our services to other companies (third-party products). As the third-party supplying the product is independent of us, please be aware they may also charge you fees in addition to what you pay us.
- Third-party terms and descriptions: Third-party products are subject to terms and conditions and privacy notices set by their providers. Things like pricing, refund policies, and how they will use your data tend to be included, so be sure to read, understand and agree to them before you connect to their services. Whilst we make every reasonable effort to make sure any descriptions of third-party products that we publish, and any associated links, are accurate, they have been provided to us by the providers and may be out of date. We don’t endorse or assume any responsibility for third-party products.
- Use of your data to connect you to third party products: Should you choose to connect your XaaS account to any third-party products or services, we will use your personal data for that connection. Where we receive data via that connection, we will use that data in line with our privacy notice and these terms and protect it as we’ve already described.
- Third party payments to XaaS: We want to be transparent, so need to tell you some third-party providers may pay XaaS a fee that may be related to: referrals from XaaS; revenue made by the provider; or data that the providers access about you through our services with your consent. One example would be signing up to C2 Cyber, the vendor risk management platform, following a referral from XaaS.
Maintenance, downtime and data loss
Sometimes we have to allow downtime on our services, so we can update them, even though we try to keep this to a minimum. Despite our best efforts, occasionally have access issues or may experience data loss, so keeping a copy of your cyber-steps evidence is important.
- Availability: We strive to maintain the availability of our services. We provide support during our business day (as defined in the Interpretation clause – 72 below) from 09:00 to 17:30. Everyone needs a little downtime and that may include our services, when we need to perform maintenance. We always try to minimise any such downtime, but where planned maintenance is being undertaken, we’ll attempt to notify you in advance but can’t guarantee it.
- Access issues: We all know how it is some mornings when you wake up and your internet doesn’t work.. so, sometimes, you might not be able to access our services and your data. This could happen for any number of reasons, at any time.
- Data loss: Data loss is an unavoidable risk when using any technology. We strongly suggest you maintain copies of your maturity report and of any evidence you enter on our services.
- No compensation: Whatever the cause of any downtime, access issues or data loss, we cannot offer compensation.
- Problems and support: If you have a problem, we would be happy to hear from you. You can reach out to us by visiting our Contact page; emailing us on firstname.lastname@example.org; or by clicking feedback link in our platform.
- Modifications: We release new updates, modifications and enhancements to our services on a regular basis, and in some cases we may discontinue features. In this event and where practical, we will let you know (for example, by email or within our services when you log in).
Do's and don'ts
This is one of our most important sections as it explains how you can (and can’t) use our services. For the most part it’s common sense, but we’d like you to read it just to be sure…
- Feedback: We want your feedback. If it’s helpful, we may use it without restriction.
- Help using our services: We provide a lot of support and guidance to make using our services as easy as possible. In return, you agree to only use our services for lawful business purposes and in line with the guidance we provide.
- Discussions on XaaS Community: We encourage you to participate in discussions within our XaaS Community, but urge you to only share private information if you’re happy for others to know it. It also goes without saying, you shouldn’t post anything you don’t have the right to share.
- Limitations: Some of our services may be subject to limits such as the amount of collateral or Cyber-Steps you can access.
- No-charge or beta services: Occasionally we may offer a service at no charge – for example a beta service, new feature, or a time-limited trial account. Because of the nature of these services, you use them, give us feedback, but they are at your own risk (we’re not expecting them to begin controlling your cat or anything sinister like that, but they may be a bit buggy)
- Our rules: No one likes a huge set of rules, but boundaries are there to keep us all safe. Whilst we can’t give you an exhaustive list here, we do want to highlight a few more examples of things you mustn’t ever do:
- Intentionally undermine the security or integrity of our computing systems or networks (that’s just mean and nobody likes a bully);
- Use our services in any way that might impair functionality or interfere with other people’s use (sharing is caring, so play nicely);
- Access any system without permission (whether ours or anyone else’s, it’s just not cricket);
- Intentionally introduce or upload anything to our services that includes viruses or other malicious code (socially distancing isn’t just for the pandemic);
- Share anything that may be offensive, violates any law, or infringes on the rights of others (you can’t please everyone all of the time, but try…);
- Modify, copy, adapt, reproduce, disassemble, decompile, reverse engineer or extract the source code of any part of our services (our secret blend of herbs and spices is ours. If you have a really good reason, try your luck and ask us, you never know we might share it with you);
- Resell, lease or provide our services in any way not expressly permitted through our services (we don’t bite…if you want to work with us, just ask);
- Resell, repackage, or sublicense any content, leads or data accessed through our services (we’re all for sharing, but if it’s not yours it’s not right);
- Commit fraud or other illegal acts via our services (breaking the law just isn’t cool); or
- Act in a manner that is disrespectful or abusive to a XaaS employee, partner, or other XaaS customer. We will not tolerate any abuse or bullying. That includes interaction with our support teams (we all know it’s frustrating when things don’t work, but that isn’t an excuse to be a jerk…count to 10, breath and woosah..).
Quotations and amendments
Sometimes the services offered to you may change, when they do, we will always be happy to talk to you about it.
- Our right to withdraw quotations: We can withdraw, cancel or amend a quotation if it has not been accepted by you, or if the Services have not started, within a period of 30 days from the date of the quotation, (unless the quotation has been withdrawn).
- Requests for changes to our services: If you want to amend any details of the services you require from us, let us know as soon as possible either visiting our Contact page or emailing us on email@example.com. We will try our best to make any required changes and will include any additional costs in our fees when we invoice you.
- Our changes to our services: If, due to circumstances beyond our control, including those set out in the Circumstances beyond a party’s control clause point xx below, we have to make any change in the Services or how they are provided, we will notify you immediately. We will use reasonable endeavours to keep any such changes to a minimum.
Terminations for fee paying customers
If you are a paying customer, you can easily terminate your contract with one month’s written notice. We may terminate your contract as well at annual renewal. If you violate these terms, we may terminate your contract immediately.
- Contract period: When you first contract with XaaS, you will be signing up for 3 years, billed on an annual basis, unless otherwise agreed with you. If you continue to use our Services, we will continue your contract on an annual basis, billed on an annual basis. When we bill you at annual renewal, we will give you one months’ notice. If you have paid, these terms automatically continue at each renewal for the duration as the previous one, unless they are superseded by a newer version, which we will ask you to agree to. You may choose to terminate your XaaS contract by giving one month’s written notice. Since we operate on an annual billing period, we are unable to offer any pro-rated refund if you cancel part way through the year. To provide notice, you can reach out to us by visiting our Contact page; emailing us on firstname.lastname@example.org; or by clicking feedback link in our platform.
- Termination by XaaS: XaaS may choose to terminate your contract at annual renewal with one month’s written notice in advance. XaaS may also terminate or suspend your contract or access to all or any data immediately if:
- you breach any of these terms and do not remedy the breach within 14 days after receiving notice of the breach,
- you breach any of these terms and the breach cannot be remedied,
- you fail to pay you annual fees, or
- you or your business become insolvent, your business goes into liquidation or has a receiver or manager appointed over any of its assets, you become insolvent or make any arrangement with your creditors, or become subject to any similar insolvency event in any jurisdiction.
- No refunds: No refund is due to you if you terminate at annual renewal or XaaS terminates it in accordance with these terms.
- Retention of your data: Once a contract is terminated by you or us, the users associated with your account are archived and the data submitted or created by you is no longer available to you. We retain it for a period of time consistent with our data retention policy, during which, as a user, you can contract with us again and once again access your data by paying the annual fees.
We retain data in case you need it as part of your record retention obligations, but you can get in touch with us to have your data removed completely if you wish. To request a copy of your data, you can reach out to us by visiting our Contact page; emailing us on email@example.com; or by clicking feedback link in our platform.
Terminations for non-fee paying customers
If you are a non-fee paying customer, you can easily request for your account to be deactivated with one month’s notice. We may deactivate your access as well with the same notice. If you violate these terms, we may deactivate your account immediately.
- Deactivation by XaaS: XaaS may choose to deactivate your account with one month’s written notice in advance. XaaS may also deactivate or suspend your contract or access to all or any data immediately if:
- you breach any of these terms and do not remedy the breach within 14 days after receiving notice of the breach; or
- you breach any of these terms and the breach cannot be remedied.
- Retention of your data: Once an account is deactivated by you or us, the users associated with your account are archived and the data submitted or created by you is no longer available to you. We retain it for a period of time consistent with our data retention policy, during which, as a user, you can request for us to reactivate your account again. We retain data in case you need it as part of your record retention obligations, but you can get in touch with us to have your data removed completely if you wish. To request a copy of your data, you can reach out to us by visiting our Contact page; emailing us on firstname.lastname@example.org; or by clicking feedback link in our platform.
Liability and indemnity
This section is important as it outlines liability terms between you (and any of your invited users) and us, so we urge you to read it closely and in full.
- You indemnify us: You indemnify us against all losses, costs (including legal costs), expenses, demands or liability that we incur arising out of, or in connection with, a third-party claim against us relating to your use of our services or any third-party product (except as far as we’re at fault).
- Disclaimer of warranties: Our services and all third-party products are made available to you on an “as is” basis. Subject to the exclusions set out in our Exclusions clause – 62 below, we disclaim all warranties, express or implied, including any implied warranties of non-infringement, merchantability and fitness for a particular purpose
- Limitation of liability: Other than liability that we can’t exclude or limit by law, our liability to you in connection with our services or these terms, in contract, tort (including negligence) or otherwise, is limited as follows:
- We have no liability arising from your use of our services for any loss of revenue or profit, loss of goodwill, loss of customers, loss of capital, loss of anticipated savings, legal or compliance issues, damage to reputation, loss in connection with any other contract, or indirect, consequential, incidental, punitive, exemplary or special loss, damage or expense;
- For loss or corruption of your data, our liability will be limited to taking reasonable steps to try and recover that data from our available backups;
- We have no liability for any losses arising directly or indirectly from your choice of Services and how they will meet your requirements or your use of the Services or any goods supplied in connection with the Services;
- If you are a fee-paying customer, our total liability to you in any circumstances is limited to one year’s fees under this contract, for the period immediately preceding the date on which the claim giving rise to the liability arose.
This section outlines how disputes may be resolved.
- Dispute resolution:We’re confident most of your concerns can be resolved quickly, but we need you to talk to us about what’s troubling you. You can reach out to us by visiting our Contact page; emailing us on email@example.com; or by clicking feedback link in our platform. Once you have shared your concerns, we’ll work to resolve everything. If we’re unable to come to a mutually satisfactory resolution (or if in the unlikely circumstance we haven’t been able to informally resolve a dispute we have with you), you and we agree to resolve those disputes through binding arbitration or small claims court instead of in courts of general jurisdiction. Both you and we agree that any dispute must be brought in the parties’ individual capacity and not as a plaintiff or class member in any purported class or representative proceeding.
Here we set out some additional terms. Take a read as they cover important issues.
- No professional advice: Just to be clear, XaaS isn’t a professional services. Whilst we will provide you with information to help you improve your cyber security, this should not be seen as a substitute for professional advice where you need it and we aren’t liable for your use of the information we provide you in that way.
- Events outside our control: We do our best to control what we can control. We aren’t liable to you for any failure or delay in performance of any of our obligations under these terms arising out of any event or circumstance beyond our reasonable control.
- Notices: Any notice you send to XaaS must be sent to firstname.lastname@example.org. Any notices we send to you will be sent to the email address you’ve provided us through your subscription.
- Exclusion: Under some geographical locations and in some circumstances, you or we e may have non-excludable warranties, guarantees or other rights provided by law (non-excludable guarantees). These still apply – our terms do not exclude, restrict or modify them. Except for these non-excludable guarantees and other rights you have that we cannot exclude, we’re bound only by the express promises made in these terms. Our liability for breach of these non-excludable guarantee is limited, at our option, to either replacing or paying the cost of replacing the relevant service (unless the non-excludable guarantee says otherwise).
- Export limitations: You must not use our services in violation of any export or trade embargo laws that apply to you.
- Excluded terms: The terms of the United Nations Convention on Contracts for the Sale of Goods and the Uniform Computer Information Transactions Act (UCITA) do not apply to these terms.
- Blocking your access, terminating your contract, or refusing to process a payment: As our services are global, different laws may apply in different countries that restrict our relationship with you. To protect both you and us, we may suspend your access, look at terminating your contract, or refuse to process a payment from you if we reasonably believe a potential breach of a law or regulation – associated with you, your company, your contract, or a payment. We might do this, if for example a payment is from a sanctioned person or country. We would also need to act where we reasonably believe there is a legal or regulatory risk or a risk of loss being suffered by us or any of our customers or partners. By agreeing to these terms, you are promising that you’re not located in a sanctioned country and are not on a sanctioned persons list. We may also block users from a country if we can’t receive payments from that country. We advise you to check what payment methods are available in your country for making payments. We may take any of these actions without notice.
- Relationship between the parties; assignment: Whilst we embrace working together, nothing in these terms is to be construed as entering into a partnership, joint venture, employment or agency relationship with you, or between you and any other invited user or XaaS customer. You’re solely responsible for resolving disputes between you and any other XaaS customer or invited user. We may assign these terms – or any of our rights or obligations in these terms – to another XaaS entity as we deem appropriate. XaaS entities are any companies controlled by or under common control with XaaS Limited, a company incorporated in England and Wales with registered number 13400578.
- Our contract is with you: We made our contract with you and you alone. If you need to assign, transfer, charge, subcontract any or all of your rights under these terms to any other party, you must obtain consent in writing from us first. In the event that ownership of XaaS Ltd or it’s trading platform was transferred to another party, we may transfer our rights under these terms where we reasonably believe your rights will not be affected. Where possible and appropriate, we will notify you of these types of disclosure using the email address of the company owner provided to us on our system and the email details of the nominated contact included in your contract.
- posting a visible notice through our services;
- sending an email to the email address of the company owner provided to us on our system; and
- sending an email to the nominated contact included in your contract.
If a change isn’t material, we may not notify you. If you find a modified term unacceptable, your only recourse is to stop using our services.
- Enforcement of terms: If there’s any part of these terms that either one of us is unable to enforce, we’ll ignore that part but everything else will remain enforceable.
- No waiver: Just because we don’t undertake any of our rights immediately or at all, that does not mean we are waiving those rights in the future.
- Interpretation: You should be aware of the following interpretations:
- Words like ‘include’ and ‘including’ are not words of limitation and where anything is within our discretion we mean our sole discretion.
- Words imparting their singular form include the plural form and vice-versa.
- A “business day” means any day other than a Saturday, Sunday or bank holiday in England and Wales.
- The headings in these Terms and Conditions are for convenience only and do not affect their interpretation.
- Law and jurisdiction: This Agreement shall be governed by and interpreted according to the law of England and Wales and all disputes arising under the Agreement (including non-contractual disputes or claims) shall be subject to the exclusive jurisdiction of the English and Welsh courts.
Prize draw terms and conditions
We run a monthly prize draw for companies who have completed our Evolve rapid questionnaire. There are some terms attached to the competition.
- Timetable:We run the prize draw from applications submitted form the start of the calendar month to the end of the calendar month. Winners are announced within 5 working days and should you win, we will undertake to have your prize to you by the end of the next calendar month.
- How we pick winners: Winners are picked at random from a list, regardless of whether you become a customer or not. We do require you to be over 18 and to be acting on behalf of a registered company of some form. We do not restrict entrants by location, so you can be anywhere in the world. Only one entry will be taken into account per company and the use of automated entry software or any other electronic means of repeated entry is strictly prohibited (so play fair!). We may ask you to and reserve the right to request proof of your identity, age and address.
- People who cannot take part: Sadly, we cannot allow any members of direct family for any XaaS employees or shareholders to enter the prize draw. So that excludes parents, spouses, siblings or partners of siblings and children.
- The prizes we offer: The prizes we offer are not to be re-sold, they are non-negotiable, non-transferable, non-exchangeable and non-refundable. We cannot offer a cash alternative under any circumstances. We reserve the right to replace prizes with an alternative prize of equal or higher value if circumstances beyond our control make it necessary to do so (like another large ship gets stuck in the Suez canal!). We cannot provide a warranty in relation to our prize and we have no liability, to the fullest extent permitted by law, in relation to our prizes in terms of their fitness for purpose or otherwise.
- Getting your prize to you: We will cover the cost of carriage for getting prizes to the winners, but can only send to one address and we cannot pay for any other expenses related to the prize.
- Unforeseen circumstances: Nothing in this life can ever be certain, so we reserve the right to hold void, cancel, suspend, or amend our prize draw, including these terms, if it should be necessary to do so. We shall provide as much notice as is reasonably practicable if we have to make changes, but our decision is final and binding and we cannot enter into correspondence in this regard.
- Publicity: We will publish or make available information that indicates that we have selected a monthly winner, this includes such public forums as social media. We will include acknowledgement of the winner and if applicable, their social media profile name will also be notified in the same public forum. We also reserve our right to publish the winner’s surname, county of residence and the logo and name of the company they represent on XaaS’s services and social media channels, subject to the winner objecting to such publication to safeguard their right to privacy. We may still be required to disclose this information to the Advertising Standards Authority. We also may ask the winner to participate at their discretion in publicity related to the prize draw or competition which may include the publication of their name, the name of the company they represent along with the company’s logo and photograph, image or text in any media.
- Using your data: Unless you have indicated below or separately that you wish to be contacted by us, personal data supplied during the course of our promotion will only be used by us and any third party suppliers in connection with our promotion (i.e. only as required to run the promotion and for fulfilment/delivery/arrangement of the prize or, if relevant, accreditation of any photographs). All such information shall be treated in accordance with the our privacy notice.