Terms and Conditions of Business

These Terms and Conditions (“Terms”) govern the provision of IT services by SmartOps IT (“we”, “us”, “our”) to the client (“you”, “your”, “Client”).

1. About Us

SmartOps IT is a sole trader business operating in the United Kingdom. The business is owned and operated by Przemyslaw Pausz, trading as SmartOps IT.

Business Correspondence Address: Lytchett House 13, Freeland Park, Wareham Road, Poole, Dorset BH16 6FA, United Kingdom

Contact details:

• Email: info@smartopsit.co.uk
• Website: https://smartopsit.co.uk

2. Definitions

“Services” means IT support, cybersecurity consulting, managed services (MSP), audits, or other technical services as agreed in writing. Specific service levels (SLA), if applicable, will be defined in the relevant Proposal or Service Schedule.

“Deliverables” means any reports, configurations, documentation, software, or hardware provided as part of the Services.

“Fees” means the charges agreed for the Services, excluding VAT where applicable.

“Confidential Information” means all technical, commercial, financial, and personal information disclosed by one party to the other, whether orally or in writing.

“Business Day” means any day other than a Saturday, Sunday, or public holiday in England and Wales.

“In writing” means in writing by email or other electronic method agreed between the parties. Where these Terms require something to be “agreed in writing”, such agreement must be recorded in an email (or other written record) expressly confirming the change.

“Support Request” means any request for assistance, change, incident response, or other work instruction submitted via our ticketing/helpdesk system (where used), email, or other agreed channel.

“Out-of-hours” means any time outside Business Days and/or outside any support window explicitly agreed in a Service Schedule.

“Client Systems” means the Client’s networks, endpoints, servers, cloud services, accounts, and data to which the Client grants us access.

3. Services Provided

3.1. We shall provide the Services with reasonable skill and care in accordance with generally accepted industry standards in the United Kingdom.

3.2. We will use reasonable endeavours to meet target timelines; however, any timelines, response times, or completion dates provided are estimates only, and time shall not be of the essence unless expressly agreed in writing. Where no specific Service Level Agreement (SLA) is agreed in writing, support will be provided on a best-efforts basis.

3.3. Any variation to the scope of the Services must be agreed in writing and may result in additional Fees.

3.4. We do not guarantee that any system, network, or service will be completely secure, uninterrupted, or free from vulnerabilities, cyber incidents, phishing attacks, credential theft, or user error. We do not warrant that security measures will prevent all attacks or breaches.

3.5. Availability. We provide Services by prior appointment and/or as otherwise agreed in writing. We do not operate fixed office opening hours. Unless agreed in a Service Schedule, response times are not guaranteed and Services are provided on a best-efforts basis. Work requested outside Business Days may be treated as out-of-hours and charged at our out-of-hours rates.

3.6. Subcontracting. We may subcontract any part of the Services where reasonably required. We remain responsible for the performance of the Services by subcontractors. Any subcontractors will be subject to confidentiality and data protection obligations no less strict than those set out in these Terms.

3.7. Deliverables Acceptance. Where we provide Deliverables, you shall review them promptly and notify us in writing within 10 Business Days of delivery if you believe the Deliverables materially fail to meet the agreed specification (where such specification exists). You must provide reasonable detail of the alleged non-conformity.

3.8. Deemed Acceptance and Remedy. If you do not notify us within the period in clause 3.7, the Deliverables shall be deemed accepted. If we receive a valid notice under clause 3.7, our sole obligation (and your sole remedy) shall be, at our option, to re-perform the relevant Services or to correct the Deliverables within a reasonable time. This does not apply where the parties have agreed different acceptance criteria in a Proposal or Service Schedule.

3.9. Remote Access & Tools. To deliver Services, we may use remote access tools, remote monitoring and management (RMM) agents, and administrative accounts. You authorise us to install and use such tools on Client Systems where necessary and to create/modify administrative credentials strictly for service delivery. You remain responsible for your internal user management and access approvals. We will use reasonable measures to secure our access, but you acknowledge that remote support inherently involves technical and security risks.

3.10. Change Control & Emergency Changes. Unless the parties agree a formal change control process, you authorise us to implement reasonable changes necessary to resolve incidents or restore services. For material changes (e.g. architecture changes, major upgrades), we will seek approval in writing where practicable. In an emergency (e.g. active compromise/ransomware), we may act immediately to contain impact, and will inform you as soon as reasonably practicable.

3.11. Exclusions. Unless expressly agreed in writing, Services do not include: legal/compliance advice, specialist data recovery, hardware repair under manufacturer warranty, third-party vendor engineering beyond reasonable liaison, or work required due to unauthorised changes made by the Client or third parties.

4. Client Obligations

You agree to:

4.1. Provide full, accurate, and timely access to systems, accounts, premises, credentials, and information reasonably required to deliver the Services.

4.2. Maintain your own backups. Unless expressly agreed in writing as part of a managed backup service, you remain fully responsible for maintaining adequate backups of all data. We do not guarantee successful restoration unless we supply and manage the backup service. We accept no liability for loss or corruption of data where backups are not under our management.

4.3. Where we provide a managed backup service, we will use reasonable care and skill to configure, monitor and maintain the backup service as described in the relevant Service Schedule. However, due to factors outside our control (including third-party platform failures, cyberattacks, or corruption of source data), restoration is not guaranteed in all circumstances. Our obligation is to use reasonable endeavours to restore data from available backup sets. If we materially fail to provide the managed backup service as described, your sole remedy shall be re-performance of the service and/or service credits as set out in the Service Schedule, subject always to clause 8 (Limitation of Liability).

4.4. Ensure that all software, licences, and subscriptions are valid, licensed, and compliant.

4.5. Cooperate with us and provide prompt instructions and approvals when reasonably requested.

4.6. Security Recommendations & Risk Acceptance. If you decline to implement recommended security measures (including but not limited to MFA, endpoint protection, backup, or firewall upgrades), you expressly acknowledge and accept the associated risks. We shall not be liable for security incidents, breaches, ransomware, phishing, credential theft, or data loss resulting from such refusal or delay.

4.7. Business Continuity & Insurance. Unless expressly agreed otherwise in writing, you remain responsible for your overall business continuity planning and disaster recovery strategy. The Client remains responsible for maintaining appropriate cyber insurance covering business interruption, data loss, and cyber incidents.

4.8. Authority & Rights. You warrant that you have all necessary rights and permissions to grant us access to Client Systems and to instruct us to process any data (including personal data) within those systems. You remain responsible for ensuring that end users and affected personnel are informed as required by law and that your internal policies permit the access you grant.

4.9. Named Contacts. You will maintain at least one authorised contact to approve changes and provide instructions. We may rely on instructions from authorised contacts and are not responsible for internal disputes over authority.

5. Fees, Payment, and Title

5.1. Fees shall be as set out in the agreed quote, proposal, or service agreement.

5.2. Invoices are payable within 14 days of the invoice date unless otherwise stated.

5.3. We reserve the right to charge statutory interest and recovery costs under the Late Payment of Commercial Debts (Interest) Act 1998.

5.4. We are not currently registered for VAT. Therefore VAT is not applicable.

5.5. Retention of Title. Title to any hardware, software, or goods supplied remains with SmartOps IT until payment in full is received. We may recover such goods in the event of non-payment.

5.6. Annual Price Review. For ongoing Managed Services contracts, Fees may be reviewed once per calendar year, typically in line with CPI plus a reasonable margin. We will provide at least 30 days’ notice.

5.7. Expenses and Third-Party Costs. Unless expressly included within the Fees, you shall reimburse us for reasonable, pre-agreed out-of-pocket expenses incurred in delivering the Services (including travel, parking, accommodation, courier/shipping, and consumables). Where we procure third-party products or services on your behalf (including licences, subscriptions, hardware, or cloud services), you shall pay the applicable third-party charges as set out in the quote/proposal or as otherwise agreed in writing. We may require payment in advance for third-party costs.

5.8. Suspension for Non-Payment. If any invoice is overdue, we may suspend Services (including access to managed tools under our control) on written notice until payment is received in full. We are not liable for any loss arising from such suspension. Reinstatement work may be chargeable.

5.9. Cancellation / Rescheduling. If you cancel or reschedule a booked appointment less than 2 Business Days before the agreed time, we may charge a reasonable cancellation fee (including committed time and non-refundable third-party costs). For fixed-price projects, milestone dates may be adjusted where delays are caused by the Client.

5.10. Ticketing / Support System. Where we provide a ticketing/helpdesk system, you agree to submit Support Requests via that system unless otherwise agreed. We may treat requests made outside agreed channels as non-urgent until triaged.

6. Intellectual Property

6.1. Upon full payment, you are granted a non-exclusive, perpetual, non-transferable licence to use Deliverables for internal business purposes.

6.2. We retain ownership of all pre-existing intellectual property, tools, scripts, and methodologies.

6.3. Third-Party & Open Source. Deliverables may include or rely on third-party or open-source components subject to their own licences/terms. You agree to comply with such licences/terms, and we are not responsible for third-party licence changes outside our control.

7. Third-Party Products and Services

7.1. Where third-party products, software, or services are supplied or recommended, any warranties or service levels are provided solely by the third-party provider.

7.2. We are not liable for failures, outages, delays, or incidents caused by third parties including ISPs, Microsoft 365, cloud services, or software vendors.

7.3. Client Contracts with Third Parties. Unless we expressly agree otherwise in writing, you remain responsible for your contracts with third-party providers and for payment of their charges.

8. Limitation of Liability

8.1. Nothing limits liability for death or personal injury caused by negligence, fraud, or fraudulent misrepresentation.

8.2. Subject to clause 8.1, we shall not be liable for:

• loss of profits, revenue, or anticipated savings;
• loss or corruption of data;
• loss of goodwill or reputation;
• indirect or consequential damage.

8.3. Our total aggregate liability shall be limited to the total Fees paid in the 12 months preceding the event. All claims arising from the same event shall constitute one claim.

8.4. The parties agree these limitations are reasonable and form an essential basis of the bargain.

9. Confidentiality and Data Protection

9.1. Both parties shall treat Confidential Information as confidential and implement appropriate safeguards to protect it.

9.2. Confidentiality Exceptions. Confidentiality obligations do not apply to information that (a) becomes public other than through breach, (b) was lawfully known to the recipient before disclosure, (c) is independently developed without use of the disclosing party’s information, or (d) must be disclosed by law or a competent authority (provided the recipient, where lawful, gives prior notice).

9.3. Roles. Unless expressly agreed otherwise in writing, the Client remains the Data Controller and is responsible for determining the lawful basis, purpose, and scope of any processing of personal data in connection with the Services. SmartOps IT will act as a Data Processor only to the extent that, and for so long as, we process personal data on the Client’s documented instructions in the course of providing the Services.

9.4. Data Processing Agreement (DPA). Where the performance of the Services requires SmartOps IT to process personal data on behalf of the Client, the parties must enter into a separate Data Processing Agreement (DPA) compliant with UK GDPR before any such processing begins. If a DPA is required and is not in place, we may delay commencement of the relevant Services (or suspend the affected part of the Services) without liability until the DPA is executed.

9.5. Fallback Data Processing Terms. If the parties have not signed a separate DPA, and SmartOps IT processes personal data on behalf of the Client, the Schedule 1 (Data Processing Terms) below shall apply as a binding data processing agreement to the extent required by law.

9.6. Data Liability. We shall not be liable for any data breach, security incident, ransomware attack, or loss of data unless such incident is directly and solely caused by our proven negligence. Any liability relating to data protection remains subject to the limitation of liability in clause 8.

9.7. Breach Notification. Where SmartOps IT becomes aware of a personal data breach relating to Services under our management, we will notify the Client without undue delay and provide reasonable assistance, subject to agreed Fees where appropriate.

9.8. Privacy Policy. Personal data is processed in accordance with our Privacy Policy: https://smartopsit.co.uk/privacy-policy

10. Term and Termination

10.1. Where a Minimum Term is specified, Services cannot be terminated before expiry.

10.2. Upon expiry, Services continue monthly unless terminated with 30 days’ notice.

10.3. We may suspend or terminate for non-payment or material breach.

10.4. Termination for Insolvency. Either party may terminate immediately on written notice if the other party becomes insolvent, enters administration/liquidation, or ceases trading.

10.5. Transition Assistance. Upon termination, we will provide reasonable assistance with service transition to a new provider upon request. Such work will be chargeable at our standard professional services rates.

10.6. Data Retention Post-Termination. Following termination, SmartOps IT may retain limited configuration records and service logs for legal, security, and audit purposes. Any other Client data under our control will be securely deleted within a reasonable timeframe unless otherwise required by law.

11. Force Majeure

We are not liable for delays or failures caused by events beyond our control, including but not limited to pandemics, strikes, utility failures, internet outages, cyber-attacks on suppliers, or cloud service provider outages.

12. General

12.1. We act as an independent contractor.

12.2. Non-Solicitation. During the term of this agreement and for 6 months thereafter, neither party shall solicit or entice away (or attempt to solicit or entice away) any employee or contractor of the other party who was materially involved in, or materially engaged with, the Services during the 12 months prior to the solicitation (“Restricted Person”). This clause shall not prevent the engagement of a person who responds to a general recruitment advertisement not targeted at the other party’s staff.

12.3. Notices. Notices may be sent by email and deemed received the next Business Day, provided no bounce notification is received.

12.4. Entire Agreement. These Terms form the entire agreement and override any client purchasing terms unless agreed in writing.

12.5. Insurance. We maintain appropriate Professional Indemnity and Public Liability insurance coverage.

12.6. Assignment. You may not assign or transfer this agreement without our prior written consent. We may assign this agreement as part of a transfer of business (e.g. sale of assets) on written notice.

12.7. Severability. If any provision is found invalid or unenforceable, the remaining provisions will remain in full force and effect.

12.8. Waiver. A failure or delay to enforce a right is not a waiver of that right.

12.9. Third Party Rights. Unless expressly stated, no person other than the parties has any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement.

12.10. Dispute Escalation. The parties will attempt in good faith to resolve disputes through senior management escalation before issuing court proceedings (except for urgent injunctive relief or debt recovery).

13. Governing Law

These Terms are governed by the laws of England and Wales. The courts of England and Wales have exclusive jurisdiction.

Schedule 1 – Data Processing Terms (UK GDPR Article 28)

1. Subject-matter & duration. Processing is limited to what is necessary to provide the Services during the term of the agreement and any transition period.

2. Nature & purpose. IT support, monitoring, maintenance, incident response, cybersecurity services, and related service administration.

3. Types of personal data. May include business contact data, user identifiers, device IDs, IP addresses, authentication logs, ticket content, and any personal data stored in Client Systems that the Client makes accessible.

4. Categories of data subjects. Client personnel, end users, customers/suppliers (as contained within Client Systems), and other individuals whose data may be stored in Client Systems.

5. Processor obligations. SmartOps IT shall:

• process personal data only on the Client’s documented instructions;
• ensure persons authorised to process data are bound by confidentiality;
• implement appropriate technical and organisational security measures;
• not engage sub-processors without ensuring equivalent obligations (and where required, providing prior notice);
• assist the Client (as reasonably required) with data subject requests and regulatory obligations, subject to Fees where appropriate;
• notify the Client without undue delay after becoming aware of a personal data breach relating to the processing;
• at the Client’s choice, delete or return personal data at the end of the Services (unless retention is required by law);
• make available information necessary to demonstrate compliance and allow for reasonable audits, subject to confidentiality and security constraints.

6. International transfers. Where processing involves restricted transfers, the parties shall ensure appropriate safeguards are in place as required by UK GDPR (e.g. UK IDTA or UK Addendum, where applicable).